SecurityGate.io

Checking in before we close out the year strong. If you are having to navigate NIS2, listen to my latest series starting with this. #NIS2 #criticalinfrastructure SecurityGate.io

Check out the latest episode of the Business of Cyber Series featuring Teodosio Gutiérrez and Jess Nall! In this timely discussion, they delve into the current state of individual regulatory and criminal liability for Chief Information Security Officers (CISOs) and other information security professionals, along with strategies for addressing these challenges. The conversation includes insights from key legal cases and highlights the SEC's new regulations, which create potential risks for unwary CISOs. Jess and Ted offer practical guidance for CISOs and information security professionals on how to avoid ending up in the "hot seat." They discuss how to identify red flags, secure protection, and implement best practices to minimize the risk of legal and career repercussions following a major incident. Watch Now: YouTube - https://lnkd.in/gcGwgctd Spotify - https://lnkd.in/gYMnk6ph #CISO #InfoSec #Cybersecurity #CyberDefense #Podcast #RiskManagement #SecurityLeadership

Excited to share our latest episode of the Business of Cyber Series, featuring Teodosio Gutiérrez and Andrew Ginter. This discussion focuses on Andrew's latest book about engineering-grade protections for critical networks. Ted and Andrew discuss the concept of Cyber-Informed Engineering (CIE), explaining how it aligns with established cybersecurity frameworks and standards like NIST CSF and ISA/IEC 62443. They also explore the idea of engineering-grade mitigations—solutions designed to withstand the unique challenges of industrial environments. This episode is aimed at engineers, cybersecurity professionals, and stakeholders involved in critical infrastructure protection. It offers insights into how CIE can be effectively communicated, implemented, and measured for success. Check it out: https://lnkd.in/g8RgD2BR #CyberInformedEngineering #Cybersecurity #Engineering #RiskManagement #CriticalInfrastructure #CyberResilience

My thoughts on the evolving role of #governance #compliance and #maturity efforts within the OT and ICS markets alongside Bryan Singer and David Forbes This is a BIG topic in my discussions with CISOs, CIOs, and Operational Leaders: How do we start to evolve our cyber resource spend with a much longer term view? Thanks Anna Ribeiro - timely article. https://lnkd.in/gPdC9Q6P

CISOs are facing unprecedented pressure to fight ever more sophisticated threat actors while at the same time guarding against their company and government potentially turning on them if things go wrong. Join Jess Nall, a partner at the global law firm Baker McKenzie, LLP and one of the country's foremost experts in defending InfoSec professionals in federal investigations and litigation, for a timely discussion of the current state of play for individual regulatory and criminal liability for CISOs and other InfoSec personnel, and what to do about it.    Our discussion will include insights from key cases and the SEC's new regulations which create a potential minefield for unwary CISOs. Jess and Ted will talk through some practical guidance for CISOs and InfoSec professionals in avoiding ending up on the "hot seat." We'll discuss how to identify red flags, secure protection, and implement best practices to minimize the risk of legal and career repercussions in the wake of a major incident. Join us at 10:00 a.m. CST on Tuesday, October 1st!  

In the next episode of the Business of Cyber Series, Teodosio Gutiérrez is joined by Andrew Ginter, VP of Industrial Security at Waterfall Security Solutions. Andrew is also an author of three books on OT security, with over 20,000 copies in print.   This discussion will focus on Andrew’s latest book about engineering-grade protections for critical networks. Ted and Andrew will talk about the concept of Cyber-Informed Engineering (CIE), explaining how it aligns with established cybersecurity frameworks and standards like NIST CSF and ISA/IEC 62443. They will also explore the idea of engineering-grade mitigations - solutions designed to withstand the unique challenges of industrial environments.    This episode is aimed at engineers, cybersecurity professionals, and stakeholders involved in critical infrastructure protection, offering insights into how CIE can be effectively communicated, implemented, and measured for success. #CIE #Cybersecurity #OTSecurity #Engineering #CriticalInfrastructure #RiskManagement  

Is the OT Cyber Vendor space becoming crowded? Well....it depends where you look. Let me explain. As an industry, we spent a ton on investing in and buying what I like to call "heavy tech" and "heavy services" in an effort to close the gap on what many experts consider the top controls i.e. asset inventory, access control, incident response. No argument with the thought process, but what happens after a few years when many other people, process, and tech controls go "underinvested" in? Three trends I'm seeing in the industry in 2024: 1. Asset owners are rethinking their controls closure strategy as risk management, personnel training, and a more holistic approach to security becomes a higher priority. This means.... 2. Choosing or renewing "heavy tech" is becoming a tougher process in 24 than it was in 21 because... 3. A lot of "new" products are hitting the market trying to take market share from the OT vendor incumbents refreshed with small bits of capital from a new cohort of investors wanting to jump into OT #cyber #ot #otsecurity #automation #compliance #governance #nis2 #nist #nistcsf #isasecure #62443 #ciso #incidentresponse #leadership #market #cio

Don't miss our next event...Join US on Sept 17th...Cherise Esparza, Roya Gordon and our very own Quratulann (Annie) Jamshed will be sharing in a panel discussion. https://lnkd.in/gaHyjQGs

ICYMI: Check out Teodosio Gutiérrez presentation from #S4x24 https://lnkd.in/d8b6mVH6 #otcybersecurity #operationaltechnology #cybersecurity #riskmanagement #icssecurity #criticalinfrastructure

A shared perspective for women in ICS.