Podbean logo
  • Discover
  • Podcast Features

    Your all-in-one podcasting solution.
    Blog to Podcast

    Turn your blog into an engaging podcast.
  • Livestream

    High-performing audio live, without limits.
    Podcast Studio

    Easy-to-use audio recorder app.
  • Podbean AI

    AI-Enhanced Audio Quality and Content Generation.
    Podcast App

    The best podcast player & podcast app.
  • Ads Marketplace

    Join Ads Marketplace to earn money
    through sponsorship on your podcast.
    PodAds

    Manage your ads with dynamic ad insertion capability.
  • Apple Podcasts Subscriptions Integration

    Effortlessly publish and manage exclusive episodes for your
    Apple Podcasts subscribers directly from Podbean.

  • Live Streaming

    Receive livestream rewards from your audience and earn
    recurring income from your Fan Club membership.

  • All Arts Business Comedy Education
  • Fiction Government Health & Fitness History Kids & Family
  • Leisure Music News Religion & Spirituality Science
  • Society & Culture Sports Technology True Crime TV & Film
  • Live
  • How to Start a Podcast
  • How to Start a Live Podcast
  • How to Monetize a podcast
  • How to Promote Your Podcast
  • How to Use Group Recording
  • Log in
  • Start your podcast for free
  • Podcasting
    • Podcast Features
    • Livestream
    • Podbean AI
    • Blog to Podcast
    • Podcast Studio
    • Podcast App
  • Monetization
    • Ads Marketplace
    • Apple Podcasts Subscriptions Integration
    • Live Streaming
    • PodAds
  • Advertisers
  • Enterprise
  • Pricing
  • Discover
    • Log in
    Sign up free
BrakeSec Education Podcast

BrakeSec Education Podcast

News:Tech News

Nicole Sundin - CPO at Axio - SEC compliance, usable security, setting up risk mgmt programs

Nicole Sundin - CPO at Axio - SEC compliance, usable security, setting up risk mgmt programs

2023-09-23
Download Right click and do "save link as"

Disclaimer: The views, information, or opinions expressed on this program are solely the views of the individuals involved and by no means represent absolute facts. Opinions expressed by the host and guests can change at any time, and do not represent views of past, present, or future employers.

 

Guest Bio: 

Nicole is the Chief Product Officer at Axio. Nicole has spent her career building awareness around the benefits of usable security and human-centered security as a way to increase company revenue and create a seamless user experience.

 

Youtube VOD Link: https://youtube.com/live/tFaAB9an47g

 

Questions and topics:

  1. Usable security: is it an oxymoron? What determines if the security is ‘usable’ or no?

  2. We sacrifice security for a better UX, what can be done to alleviate that? Or is it some sort of sliding scale in “poor UX, amazing security or awesome UX, poor security”

  3. Examples of poor UX for ‘people’: MFA, and password managers.

  4. SEC updates and ‘material events’ and how that would affect security, IR, and other company reporting functions. Also, additional documentation (Regulation S-K Item 106) https://www.linkedin.com/posts/nicole-sundin-5225a1149_sec-adopts-rules-on-cybersecurity-risk-management-activity-7090065804083290112-ISD8

  5. Are companies ready to talk about their cybersecurity? Can the SEC say “you’re not doing enough?” What is ‘enough’? Are we heading toward yet another audit needed for public companies, similar to SOX? When does an 8-K get publicly disclosed?

  6. Materiality is based on a “reasonable investor”? So, you don’t need to announce that until you’re certain, and it’s based on what you can collect?

  7. Cyber Risk Management and some good examples of how to set up a proper  cyber risk organization

 

Additional Links: https://csrc.nist.gov/CSRC/media/Projects/usable-cybersecurity/images-media/Is%20Usable%20Security%20an%20Oxymoron.pdf 

http://web.mit.edu/Saltzer/www/publications/protection/Basic.html 

https://www.sec.gov/news/press-release/2023-139 

https://www.sec.gov/news/statement/munter-statement-assessing-materiality-030922 

https://www.pwc.com/us/en/services/consulting/cybersecurity-risk-regulatory/sec-final-cybersecurity-disclosure-rules.html 

https://www.nasa.gov/centers/ames/research/technology-onepagers/hc-computing.html 

https://securityscorecard.com/blog/what-is-cyber-security-performance-management/

 

view more

More Episodes

Tanya Janca Talks secure coding, Semgrep Academy, and community building, and more!
2024-06-01
Josh Grossman - building Appsec programs, bridging security and developer gaps
2024-04-15
Managing messaging with management, becoming a CISO with Mary Gardner from Goldiknox
2024-04-09
p2-accidentalCISO, building trust in new places
2024-02-13
AccidentalCISO on BrakeSecEd, talking Leadership, SaaS development, and Appsec
2024-02-02
1st show of 2024! Our 10th Anniversary...
2024-01-09
Brakesec Call to Action 2023
2023-12-18
How to get more headcount, BLUFFs Vulnerability, and Ranty Clause debuts!
2023-12-04
25Oct - okta breached (again), Energy company hit by supply chain attack, and you can help hire the best people
2023-10-26
John Aron, letters of marque, what does a "junior" job look like with AI?
2023-09-03
Megan Roddie - co-author of "Practical Threat Detecion Engineering"
2023-08-25
meeting new people, walking on your keyboard causes issues, even google gets phone numbers wrong.
2023-07-21
Bsides Seattle and Austin, SecureBoot patch, and more
2023-05-27
lynsey wolf, conducting insider threat investigations, CASB and UEBA utlization to good use.
2023-04-30
3CX supply chain attack, Mark Russinovich and Sysinternals, CISA ransomware notifications, and emotional intelligence
2023-04-08
Dish Network is still busted, John Deere avoiding OSS requests, Is DAST dead?
2023-03-24
Nickolas Means talks about Security, Devops velocity, blameless orgs, and conferences infosec should attend
2023-03-04
SPECIAL INTERVIEW: John Aron and Jerod Brennen
2023-02-10
Layoff discussions, another TMO breach, OneNote Malware, and more!
2023-01-24
  • ←
  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • →
01234567810111213141516171819

Get this podcast on your
phone, FREE

Download Podbean app on App Store Download Podbean app on Google Play

Create your
podcast in
minutes

  • Full-featured podcast site
  • Unlimited storage and bandwidth
  • Comprehensive podcast stats
  • Distribute to Apple Podcasts, Spotify, and more
  • Make money with your podcast
Get started

It is Free

  • Podcast Services

    • Podcast Features
    • Pricing
    • Enterprise Solution
    • Private Podcast
    • The Podcast App
    • Live Stream
    • Audio Recorder
    • Remote Recording
    • Podbean AI
  •  
    • Create a Podcast
    • Video Podcast
    • Start Podcasting
    • Start Radio Talk Show
    • Education Podcast
    • Church Podcast
    • Nonprofit Podcast
    • Get Sermons Online
    • Free Audiobooks

  • MONETIZATION & MORE

    • Podcast Advertising
    • Dynamic Ads Insertion
    • Apple Podcasts Subscriptions
    • Switch to Podbean
    • YouTube to Podcast
    • Blog to Podcast
    • Submit Your Podcast
    • Podbean Plugins
    • Developers

  • KNOWLEDGE BASE

    • How to Start a Podcast
    • How to Start a Live Podcast
    • How to Monetize a Podcast
    • How to Promote Your Podcast
    • How to Use Group Recording
    • Podcast Advertising 101

  • Support

    • Support Center
    • What’s New
    • Free Webinars
    • Podcast Events
    • Podbean Academy
    • Podcasting Smarter
    • Badges
    • Resources

  • Podbean

    • About Us
    • Podbean Blog
    • Careers
    • Press and Media
    • Green Initiative
    • Affiliate Program
    • Contact Us
  • Privacy Policy
  • Cookie Policy
  • Terms of Use
  • Consent Preferences
  • Copyright © 2015-2024 Podbean.com