In this episode of the No Trust podcast, John Spiegel engages with cybersecurity expert Joshua Copeland, who shares his insights on the fundamental flaws in the cybersecurity landscape.
They discuss the leadership vacuum in the industry, the pitfalls of compliance theater, and the overwhelming vendor hype that complicates tool selection.
Joshua emphasizes the need for a proactive approach to security, aligning cybersecurity with business objectives, and the importance of effective communication with leadership.
The conversation culminates in actionable takeaways for cybersecurity leaders looking to improve their strategies and outcomes.
Key Takeaways:
• Cybersecurity has a leadership vacuum that needs addressing.
• Compliance does not equate to security; it's often just theater.
• Organizations suffer from tool sprawl and lack of strategy.
• Vendor hype can distort risk perception and lead to poor decisions.
• Security leaders must communicate in business terms to gain support.
• Proactive security measures can prevent costly breaches.
• Understanding the business is crucial for effective cybersecurity leadership.
• Cybersecurity can be a revenue-generating function if aligned with business goals.
• Leverage existing tools before chasing new ones.
• Focus on redesigning critical processes for better security outcomes.
Follow & Subscribe on all Podcast platforms.
What is the Zero Trust Forum about? It’s about empowering zero trust security professionals with strategies, architecture, and real world journeys to secure the digital future, the right way!
Follow the Zero Trust Forum on LinkedIn www.linkedin.com/company/zero-trust-forum/.
Follow Jaye Tillson on LinkedIn - www.linkedin.com/in/jaye-tillson/
Follow John Spiegel on LinkedIn - www.linkedin.com/in/john-spiegel-2011543/
All content for "No Trust" by Zero Trust Forum is the property of "No Trust" by Zero Trust Forum and is served directly from their servers
with no modification, redirects, or rehosting. The podcast is not affiliated with or endorsed by Podjoint in any way.
In this episode of the No Trust podcast, John Spiegel engages with cybersecurity expert Joshua Copeland, who shares his insights on the fundamental flaws in the cybersecurity landscape.
They discuss the leadership vacuum in the industry, the pitfalls of compliance theater, and the overwhelming vendor hype that complicates tool selection.
Joshua emphasizes the need for a proactive approach to security, aligning cybersecurity with business objectives, and the importance of effective communication with leadership.
The conversation culminates in actionable takeaways for cybersecurity leaders looking to improve their strategies and outcomes.
Key Takeaways:
• Cybersecurity has a leadership vacuum that needs addressing.
• Compliance does not equate to security; it's often just theater.
• Organizations suffer from tool sprawl and lack of strategy.
• Vendor hype can distort risk perception and lead to poor decisions.
• Security leaders must communicate in business terms to gain support.
• Proactive security measures can prevent costly breaches.
• Understanding the business is crucial for effective cybersecurity leadership.
• Cybersecurity can be a revenue-generating function if aligned with business goals.
• Leverage existing tools before chasing new ones.
• Focus on redesigning critical processes for better security outcomes.
Follow & Subscribe on all Podcast platforms.
What is the Zero Trust Forum about? It’s about empowering zero trust security professionals with strategies, architecture, and real world journeys to secure the digital future, the right way!
Follow the Zero Trust Forum on LinkedIn www.linkedin.com/company/zero-trust-forum/.
Follow Jaye Tillson on LinkedIn - www.linkedin.com/in/jaye-tillson/
Follow John Spiegel on LinkedIn - www.linkedin.com/in/john-spiegel-2011543/
Challenges in the M&A Process with Dritan Saliovski
"No Trust" by Zero Trust Forum
45 minutes 21 seconds
11 months ago
Challenges in the M&A Process with Dritan Saliovski
In this conversation, Dritan Saliovski discusses the intersection of M&A and cybersecurity with John and Jaye. They explore how companies are now considering cybersecurity during the M&A process, including due diligence, costing, integration, and reputation.
They also discuss the potential value that cybersecurity can bring to an acquiring company, as well as the impact of past breaches on the value of a company.
The conversation touches on the trend of using AI in M&A and the challenges faced in the M&A process, such as stakeholder management and convincing stakeholders of the importance of cybersecurity.
They also discuss the advantages of being an insurance broker in terms of access to real-time incident data and the focus on recovery in addition to protection. The conversation explores the importance of cyber resiliency in the context of mergers and acquisitions (M&A).
It highlights the shift from focusing on physical events to cyber events as the more prevalent and likely threat. The discussion touches on the need for companies to have a cyber resiliency program and response plan, especially in the M&A process.
The conversation also delves into the role of certifications and maturity models in assessing cyber resiliency, with the conclusion that they are not always reliable indicators.
The episode ends with a lighthearted discussion about pizza toppings.
Takeaways
• Companies are now considering cybersecurity during the M&A process, including due diligence, costing, integration, and reputation.
• Cybersecurity can bring potential value to an acquiring company, especially if the target company has better tools, technologies, or consolidation in place.
• Past breaches can affect the value of a company, and companies that have been breached may be more willing to sell.
• There is a trend of using AI in M&A, with larger companies acquiring smaller AI companies to harness their technology and intellectual property.
• Challenges in the M&A process include stakeholder management and convincing stakeholders of the importance of cybersecurity.
• Being an insurance broker provides access to real-time incident data, which can inform cybersecurity decisions and help clients mitigate risks.
• The focus in cybersecurity is shifting from solely protection to also include recovery, as companies recognize the possibility of being compromised. Cyber resiliency is becoming increasingly important in the M&A process, as cyber events are more prevalent and likely than physical events.
• Companies need to have a cyber resiliency program and response plan in place to mitigate the risks associated with cyber threats.
• Certifications and maturity models may not always be reliable indicators of cyber resiliency, as the scope and applicability of these certifications can vary.
Follow & Subscribe on all Podcast platforms.
link.chtbl.com/XIW5zsAn
What is the Zero Trust Forum about? It’s about empowering zero trust security professionals with strategies, architecture, and real world journeys to secure the digital future, the right way!
Follow the Zero Trust Forum on LinkedIn www.linkedin.com/company/zero-trust-forum/.
Follow Jaye Tillson on LinkedIn - www.linkedin.com/in/jaye-tillson/
Follow John Spiegel on LinkedIn - www.linkedin.com/in/john-spiegel-2011543/
"No Trust" by Zero Trust Forum
In this episode of the No Trust podcast, John Spiegel engages with cybersecurity expert Joshua Copeland, who shares his insights on the fundamental flaws in the cybersecurity landscape.
They discuss the leadership vacuum in the industry, the pitfalls of compliance theater, and the overwhelming vendor hype that complicates tool selection.
Joshua emphasizes the need for a proactive approach to security, aligning cybersecurity with business objectives, and the importance of effective communication with leadership.
The conversation culminates in actionable takeaways for cybersecurity leaders looking to improve their strategies and outcomes.
Key Takeaways:
• Cybersecurity has a leadership vacuum that needs addressing.
• Compliance does not equate to security; it's often just theater.
• Organizations suffer from tool sprawl and lack of strategy.
• Vendor hype can distort risk perception and lead to poor decisions.
• Security leaders must communicate in business terms to gain support.
• Proactive security measures can prevent costly breaches.
• Understanding the business is crucial for effective cybersecurity leadership.
• Cybersecurity can be a revenue-generating function if aligned with business goals.
• Leverage existing tools before chasing new ones.
• Focus on redesigning critical processes for better security outcomes.
Follow & Subscribe on all Podcast platforms.
What is the Zero Trust Forum about? It’s about empowering zero trust security professionals with strategies, architecture, and real world journeys to secure the digital future, the right way!
Follow the Zero Trust Forum on LinkedIn www.linkedin.com/company/zero-trust-forum/.
Follow Jaye Tillson on LinkedIn - www.linkedin.com/in/jaye-tillson/
Follow John Spiegel on LinkedIn - www.linkedin.com/in/john-spiegel-2011543/
