loader from loading.io
The Security Hippie, Part 2 - Barak Engel - SCW #99 show art The Security Hippie, Part 2 - Barak Engel - SCW #99

Security and Compliance Weekly (video)

Author of "Why CISOs Fail" is joining us today to tell us about the success of his first book as well as introduce us to his forthcoming book, "Security Hippie. Barak is best known for pioneering the concept of the virtual (or fractional) CISO model nearly two decades ago. Over the twenty years since then he has applied that model and strategy to building, managing and counseling security departments across countless and diverse organizations, including MuleSoft, Amplitude Analytics, Livenation/Ticketmaster, StubHub, Barnes and Noble, bebe Stores and many others. The goal of his new book is to...

info_outline
The Security Hippie, Part 1 - Barak Engel - SCW #99 show art The Security Hippie, Part 1 - Barak Engel - SCW #99

Security and Compliance Weekly (video)

Author of "Why CISOs Fail" is joining us today to tell us about the success of his first book as well as introduce us to his forthcoming book, "Security Hippie. Barak is best known for pioneering the concept of the virtual (or fractional) CISO model nearly two decades ago. Over the twenty years since then he has applied that model and strategy to building, managing and counseling security departments across countless and diverse organizations, including MuleSoft, Amplitude Analytics, Livenation/Ticketmaster, StubHub, Barnes and Noble, bebe Stores and many others. The goal of his new book is to...

info_outline
Everything You Wanted to Know About CISOs But Were Afraid to Ask, Part 2 - Ben Carr - SCW #98 show art Everything You Wanted to Know About CISOs But Were Afraid to Ask, Part 2 - Ben Carr - SCW #98

Security and Compliance Weekly (video)

Ben Carr will lead us in a discussion about the origins of the role of CISO, roles/responsibilities, and what it's like to be a CISO. We'll touch on qualifications, organizational structure, its place in security and compliance, what it's like to be hero or scapegoat. All this and more!   Visit for all the latest episodes! Show Notes:

info_outline
Everything You Wanted to Know About CISOs But Were Afraid to Ask, Part 1 - Ben Carr - SCW #98 show art Everything You Wanted to Know About CISOs But Were Afraid to Ask, Part 1 - Ben Carr - SCW #98

Security and Compliance Weekly (video)

Ben Carr will lead us in a discussion about the origins of the role of CISO, roles/responsibilities, and what it's like to be a CISO. We'll touch on qualifications, organizational structure, its place in security and compliance, what it's like to be hero or scapegoat. All this and more!   Visit for all the latest episodes! Show Notes:

info_outline
Hacker Situational Awareness, Part 2 - John Threat - SCW #97 show art Hacker Situational Awareness, Part 2 - John Threat - SCW #97

Security and Compliance Weekly (video)

There’s something happening here – and what it is ain’t exactly clear to O.G hackers like John Threat or our own Mr. Jeff Man. We’re going to devote an episode talking about how things used to be back in the day from a hacker/penetration perspective and discuss how things are today. Are things better? Worse? Depends on your attack vector, perhaps? Join us on Discord and participate in the discussion of what’s right and what’s wrong in our industry today and what can we do about it. All from a hacker’s perspective.   Visit for all the latest episodes! Show Notes:

info_outline
Hacker Situational Awareness, Part 1 - John Threat - SCW #97 show art Hacker Situational Awareness, Part 1 - John Threat - SCW #97

Security and Compliance Weekly (video)

There’s something happening here – and what it is ain’t exactly clear to O.G hackers like John Threat or our own Mr. Jeff Man. We’re going to devote an episode talking about how things used to be back in the day from a hacker/penetration perspective and discuss how things are today. Are things better? Worse? Depends on your attack vector, perhaps? Join us on Discord and participate in the discussion of what’s right and what’s wrong in our industry today and what can we do about it. All from a hacker’s perspective.   Visit for all the latest episodes! Show Notes:

info_outline
Security & Compliance Thru the Lens of a Technology Journalist, Part 2 - Evan Schuman - SCW #96 show art Security & Compliance Thru the Lens of a Technology Journalist, Part 2 - Evan Schuman - SCW #96

Security and Compliance Weekly (video)

In the early days of PCI there was an online column called StorefrontBacktalk which focused on retail and technology issues. The column provided valuable insights from various specialists on the interpretation and application of many of the more challenging security requirements found in PCI DSS which was reflected in its tag line, “Techniques, Tools and Tirade about Retail Technology and E-Commerce. The founder of the column, Evan Schuman, is a veteran journalist who has covered a wide range of technology, privacy and legal issues over the past three decades. Evan will give us his take on...

info_outline
Security & Compliance Thru the Lens of a Technology Journalist, Part 1 - Evan Schuman - SCW #96 show art Security & Compliance Thru the Lens of a Technology Journalist, Part 1 - Evan Schuman - SCW #96

Security and Compliance Weekly (video)

In the early days of PCI there was an online column called StorefrontBacktalk which focused on retail and technology issues. The column provided valuable insights from various specialists on the interpretation and application of many of the more challenging security requirements found in PCI DSS which was reflected in its tag line, “Techniques, Tools and Tirade about Retail Technology and E-Commerce. The founder of the column, Evan Schuman, is a veteran journalist who has covered a wide range of technology, privacy and legal issues over the past three decades. Evan will give us his take on...

info_outline
CISA Guidance for MSPs and SMBs, Part 2 - Chris Loehr - SCW #95 show art CISA Guidance for MSPs and SMBs, Part 2 - Chris Loehr - SCW #95

Security and Compliance Weekly (video)

CISA recently published guidance for how managed service providers (MSPs) should approach security for their operations based on the premise that cyber threat actors are known to target MSPs to reach their customers. MSPs provide remote management of customer IT and end-user systems and generally have direct access to their customers’ networks and data. By exploiting trust relationships in MSP networks, cyber threat actors can gain access to a large number of the victim MSP customers. The CISA Insights publication provides mitigation and hardening guidance for MSPs and their small- and...

info_outline
CISA Guidance for MSPs and SMBs, Part 1 - Chris Loehr - SCW #95 show art CISA Guidance for MSPs and SMBs, Part 1 - Chris Loehr - SCW #95

Security and Compliance Weekly (video)

CISA recently published guidance for how managed service providers (MSPs) should approach security for their operations based on the premise that cyber threat actors are known to target MSPs to reach their customers. MSPs provide remote management of customer IT and end-user systems and generally have direct access to their customers’ networks and data. By exploiting trust relationships in MSP networks, cyber threat actors can gain access to a large number of the victim MSP customers. The CISA Insights publication provides mitigation and hardening guidance for MSPs and their small- and...

info_outline
 
More Episodes

We’re getting closer to the Q1 2022 release of PCI DSS 4.0, which is expected to differ from the current PCI DSS 3.2.1 version in a few key ways. This includes giving organizations more options in how they become compliant, along with customized implementation. In this podcast, Chris Pin, VP of Privacy and Compliance at PKWARE, will discuss what customized implementation means for organizations, additional changes to 4.0, and why they’re important. And, while PCI 3.2.1 won’t be retired until 2024, it’s a good idea for companies to get started now with their 4.0 compliance strategy. After all, the road to compliance could be a long one, and 2025 will be here before we know it! 

 

Visit https://www.securityweekly.com/scw for all the latest episodes!

Show Notes: https://securityweekly.com/scw91