How do we get security right? The answer varies by many factors, including industry, what you're trying to protect, and what the C Suite and Board care about.

Khaja Ahmed, Advisor at CISO Forum, joins Business Security Weekly to discuss how to get consensus on your security program. CISOs, executives, and the Board need to be aligned on the risks and how best to address them. And it's not technical risks, it's business risks measured by legal or financial impact. Khaja will help guide new and existing CISOs on how to:

• Work across the business to build consensus
• Identify and quantify risks in financial and legal terms
• Design security from the start
• Be effective as a security leader

In the leadership and communications section, Is the C-Suite Right for You?, What Fortune 100s are getting wrong about cybersecurity hiring, Why Communication Is Exhausting in Chaotic Workplaces, and more!

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Show Notes: https://securityweekly.com/bsw-405

Are you running SAP? The clock is ticking... Standard maintenance end-of-life is set for the end of 2027. Migration to S/4HANA must be completed by then (or 2030 if you buy into SAP’s special three-year reprieve). While that may appear to be enough time, companies currently working toward an S/4HANA transition are finding the journey challenging, and that's not including the security challenges.

Chris Carter, CEO at Approyo, joins Business Security Weekly to discuss your SAP options, including:

• ERP Strategy: Stay with SAP or migrate to other solutions?
• S/4HANA Architecture: All cloud or cloud/on-premise?
• Security Challenges: Cloud vs. on-premise
• SAP Migration: Recommendations for success

In the leadership and communications section, Where cybersecurity maturity meets confidence in C-suite and board leadership, Has CISO become the least desirable role in business?, How Radical Transparency Is Revolutionizing Leadership, and more!

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Show Notes: https://securityweekly.com/bsw-404

SEC settles with SolarWinds. We react!

In the leadership and communications section, The Skills and Habits Aspiring CEOs Need to Build, Why People Really Quit — And How Great Managers Make Them Want to Stay, The Small Actions That Become Your Legacy, and more!

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Show Notes: https://securityweekly.com/bsw-403

New research estimates the value of Zero Trust. Using the Marsh McLennan Cyber Risk Intelligence Center’s proprietary cyber losses dataset from the past eight years, researchers estimated that overall cyber losses could have been potentially reduced by up to 31% had the organizations widely deployed zero-trust security. This adds up to a projected reduction of up to $465 billion in global annual total economic losses.

But Zero Trust projects have struggled due to complexity. Rob Allen, Chief Product Officer at ThreatLocker, joins Business Security Weekly to discuss the simplicity of Zero Trust Endpoint Protection and how it can drive value. Rob will discuss how the ThreatLocker® Zero Trust Endpoint Protection Platform offers a unified approach to protecting users, devices, and networks with ease of deployment and management. Zero Trust doesn't have to be complex.

This segment is sponsored by ThreatLocker. Visit https://www.securityweekly.com/threatlocker to learn more about them!

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Show Notes: https://securityweekly.com/bsw-402

In this episode, Mandy Logan, Summer Craze Fowler, Jason Albuquerque, and Jeff Pollard of Forrester discuss the challenges and strategies for CISOs in navigating volatility in the security landscape. They emphasize the importance of building relationships within the organization, particularly with the CFO, to manage budgets effectively. The conversation also covers the significance of communicating security needs in terms of compliance and customer requirements, maximizing budget through flex spending, and the role of automation and AI in enhancing security operations. Additionally, they highlight the need for effective data management to reduce costs and improve efficiency.

In pre-recorded interviews from RSAC, learn the following!

With the power of zero trust and AI, Zscaler help organizations strengthen and automate IT and security, reduce costs, and minimize complexity. Zscaler helps reduce the attack surface, block threats via full TLS inspection, and eliminate lateral threat movement.

This segment is sponsored by Zscaler. Visit https://securityweekly.com/zscalerrsac to learn more about them!

The modern workspace, increasingly reliant on cloud-based applications, browser-first access, and AI integration, faces significant security challenges that outpace the capabilities of traditional tools.

Legacy solutions, including VPNs and even early ZTNA implementations, are proving vulnerable to sophisticated attacks leading to data breaches and operational disruptions. The fundamental shift in how we work demands a new approach, one that closes the gaps left by the platform approach.

We need the ability to 'trust nothing and click on anything with zero risk.' We need to take zero trust beyond the network that we operate and control.

Future of Browser Security Webinar with Google: https://www.menlosecurity.com/resources/2025-prediction-the-future-of-browser-security-lessons-from-the-pioneers

Browser security report: https://www.menlosecurity.com/resources/state-of-browser-security-report

Global Cyber Gangs report: https://www.menlosecurity.com/resources/global-cyber-gangs-supported-and-sheltered-by-state-sponsors-and-getting-smarter-every-day-report

Everywhere Access White Paper: https://www.menlosecurity.com/resources/everywhere-access-the-zero-trust-revolution-for-hybrid-work-white-paper

This segment is sponsored by Menlo Security. Visit https://securityweekly.com/menlorsac to learn more about them!

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Show Notes: https://securityweekly.com/bsw-401

In this episode of Business Security Weekly, Mandy Logan, along with guests Peter Hedberg, Summer Craze Fowler, and Ben Carr, delve into the complexities of cyber insurance and the empowerment of Chief Information Security Officers (CISOs). The discussion covers the evolving landscape of cyber insurance, the critical role of underwriting, and the importance of collaboration between CISOs and insurers. The guests share insights on risk assessment, the significance of incident response planning, and the need for CISOs to be recognized as key players in the boardroom. The conversation emphasizes the necessity of building strong relationships with insurers and leveraging data to enhance security measures.

This month BeyondTrust released it's 12th annual edition of the Microsoft Vulnerabilities Report. The report reveals a record-breaking year for Microsoft vulnerabilities, and helps organizations understand, identify, and address the risks within their Microsoft ecosystems. Segment Resources: Insights Security Assessment Tool: https://www.beyondtrust.com/products/identity-security-insights/assessment For a copy of the Microsoft Vulnerabilities Threat Report: https://www.beyondtrust.com/resources/whitepapers/microsoft-vulnerability-report Blog re: Report: https://www.beyondtrust.com/blog/entry/microsoft-vulnerabilities-report

Stephan will discuss OpenText Core Threat Detection and Response, a new AI-powered solution designed to quickly spot and neutralize threats across an organization’s attack surface without the need to overhaul existing security stacks. He will also provide insights into the most dangerous threats facing enterprises today along with practical steps to mitigate them.

• https://www.opentext.com/products/core-threat-detection-and-response
• https://www.prnewswire.com/news-releases/opentext-launches-next-generation-opentext-cybersecurity-cloud-with-ai-powered-threat-detection-and-response-capabilities-302381481.html

This segment is sponsored by OpenText. Visit https://securityweekly.com/opentextrsac to learn more about them!

This segment is sponsored by BeyondTrust. Visit https://securityweekly.com/beyondtrustrsac to for a copy of the Microsoft Vulnerabilities Threat Report!

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Show Notes: https://securityweekly.com/bsw-400

This week, it’s time for security money. The index is up, but the previous quarterly results were brutal.

In the leadership and communications segment, Get out of the audit committee: Why CISOs need dedicated board time, Quietly Burning Out? What To Do When Your Leadership Starts Lacking, How to rethink leadership to energize disengaged employees, and more!

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Show Notes: https://securityweekly.com/bsw-399

During times of volatility, business leaders often don’t know what they are able to change or even what they should change. At precisely these times, business leaders become risk leaders and need to quickly learn how to identify what is within their control and what isn’t — to not only survive but thrive.

Alla Valente, Principal Analyst at Forrester Research, joins Business Security Weekly to discuss how to Regain Control Over Business Risk With The Three E’s Framework, a report that provides a framework for identifying what is controllable and how to be smart when dealing with volatility.

In the leadership and communications section, Cybersecurity for Mergers and Acquisitions – A CISO’s Guide, Your Employees Aren’t the Problem. Your Leadership Habits Are, When the Best Leadership Skill Is Just Being Present, and more!

Visit https://www.securityweekly.com/bsw for all the latest episodes!

Show Notes: https://securityweekly.com/bsw-398