Search a title or topic

Over 20 million podcasts, powered by 

Player FM logo
Artwork

Content provided by Secure Talk and Justin Beals. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Secure Talk and Justin Beals or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://podcastplayer.com/legal.
Player FM - Podcast App
Go offline with the Player FM app!

Beyond the Blinky Lights: Why Security Governance Drives Technology with Bryant Tow

46:50
 
Share
 

Manage episode 478476303 series 3595674
Content provided by Secure Talk and Justin Beals. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Secure Talk and Justin Beals or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://podcastplayer.com/legal.

In this eye-opening episode of SecureTalk, host Justin Beals welcomes Bryant Tow, Chief Security Officer at LeapFrog Services, to discuss why technology alone can't solve cybersecurity challenges. Bryant reveals how the "Ring of Security" concept shows that up to half of your attack surface lies outside of technology—in governance, policies, people, and processes. The conversation explores real-world examples like the Change Healthcare breach, why security frameworks often fall short, and how building a culture of security requires connecting protection of company assets to personal security concerns.

Key Topics

  • The Change Healthcare breach: How a single oversight led to a $2.9 billion loss despite substantial technology investments
  • Why frameworks like CIS are great starting points but insufficient on their own
  • How the "Ring of Security" approach addresses the complete attack surface
  • Building a security culture that resonates with employees on a personal level
  • Why a business impact analysis is critical but often missing from frameworks
  • The importance of understanding your data before implementing AI solutions

Notable Quotes

"When you do the root cause analysis on headline breaches, nearly all of them started somewhere outside the technology." - Bryant Tow

"Even if you do your technology perfectly, you're leaving half of your attack surface open." - Bryant Tow

"Strategy drives governance. Governance drives operation." - Bryant Tow


About the Guest

Bryant Tow serves as Chief Security Officer at LeapFrog Services, where he assists clients with comprehensive security programs including strategy, governance, and operations. Previously, he owned Cyber Risk Solutions and served on the Department of Homeland Security Sector Coordinating Council. His "Ring of Security" concept emphasizes that cybersecurity is an organizational problem that uses technology as just one tool in the solution.


Resources Mentioned

  • The "Ring of Security" concept
  • CIS Framework limitations
  • Business Impact Analysis
  • AI Readiness Assessment
  • Department of Homeland Security Sector Coordinating Council

SecureTalk is hosted by Justin Beals, focusing on cybersecurity strategy, governance, and best practices for organizations of all sizes.

  continue reading

220 episodes

Artwork
iconShare
 
Manage episode 478476303 series 3595674
Content provided by Secure Talk and Justin Beals. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Secure Talk and Justin Beals or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://podcastplayer.com/legal.

In this eye-opening episode of SecureTalk, host Justin Beals welcomes Bryant Tow, Chief Security Officer at LeapFrog Services, to discuss why technology alone can't solve cybersecurity challenges. Bryant reveals how the "Ring of Security" concept shows that up to half of your attack surface lies outside of technology—in governance, policies, people, and processes. The conversation explores real-world examples like the Change Healthcare breach, why security frameworks often fall short, and how building a culture of security requires connecting protection of company assets to personal security concerns.

Key Topics

  • The Change Healthcare breach: How a single oversight led to a $2.9 billion loss despite substantial technology investments
  • Why frameworks like CIS are great starting points but insufficient on their own
  • How the "Ring of Security" approach addresses the complete attack surface
  • Building a security culture that resonates with employees on a personal level
  • Why a business impact analysis is critical but often missing from frameworks
  • The importance of understanding your data before implementing AI solutions

Notable Quotes

"When you do the root cause analysis on headline breaches, nearly all of them started somewhere outside the technology." - Bryant Tow

"Even if you do your technology perfectly, you're leaving half of your attack surface open." - Bryant Tow

"Strategy drives governance. Governance drives operation." - Bryant Tow


About the Guest

Bryant Tow serves as Chief Security Officer at LeapFrog Services, where he assists clients with comprehensive security programs including strategy, governance, and operations. Previously, he owned Cyber Risk Solutions and served on the Department of Homeland Security Sector Coordinating Council. His "Ring of Security" concept emphasizes that cybersecurity is an organizational problem that uses technology as just one tool in the solution.


Resources Mentioned

  • The "Ring of Security" concept
  • CIS Framework limitations
  • Business Impact Analysis
  • AI Readiness Assessment
  • Department of Homeland Security Sector Coordinating Council

SecureTalk is hosted by Justin Beals, focusing on cybersecurity strategy, governance, and best practices for organizations of all sizes.

  continue reading

220 episodes

All episodes

×
 
Loading …

Welcome to Player FM!

Player FM is scanning the web for high-quality podcasts for you to enjoy right now. It's the best podcast app and works on Android, iPhone, and the web. Signup to sync subscriptions across devices.

 

Listen to this show while you explore
Play