The Cyber Risk Management Podcast helps executives redefine cybersecurity from primarily a technology problem into a management opportunity. This podcast helps you learn how to manage cybersecurity in the same intelligent and thoughtful way you manage other areas of your business, including sales, order fulfillment, and accounts receivable. The Cyber Risk Management Podcast helps executives to become more proficient cyber risk managers. You will learn how to efficiently and effectively reduce your cybersecurity risks and how to continuously improve your cybersecurity management processes. The show is brought to you by Cyber Risk Opportunities. Your hosts are Kip Boyle, Founder and CEO of Cyber Risk Opportunities and Jake Bernstein, an attorney and Certified Information Systems Security Professional (CISSP) who practices extensively in cybersecurity and privacy as both counselor and litigator.
EP 168: Staying Ahead of Cyber Risk Management Trends
How can cybersecurity practitioners easily keep up with the changes in the "big picture" of cyber risk management? Let's find out with your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.
10/8/2024 • 13 minutes, 40 seconds
EP 167: Security Champions Program
"Want to expand your cybersecurity tream? Do it with a ""Security Champions"" program. Let's find out how with our guest Bonnie Viteri. Your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.
""How to Really Make Sure that Cybersecurity is Everyone’s Job"" (pt 1 & 2)
<https://cr-map.com/podcast/88/>
<https://cr-map.com/podcast/89/>
Bonnie Viteri’s LinkedIn profile:
https://www.linkedin.com/in/bonnie-b-242a0b11b/
"
9/24/2024 • 42 minutes, 25 seconds
EP 166: The 2024 Verizon Data Breach Investigations Report (DBIR) Part 2
Let's conclude our look at the 2024 Verizon DBIR report. Today we'll review the data by industry and some other tidbits with your hosts Kip Boyle, vCISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.
9/10/2024 • 58 minutes, 29 seconds
EP 165: The 2024 Verizon Data Breach Investigations Report (DBIR) Part 1
"Have you read the Verizon DBIR report for 2024? Find out what it contains in the first of two episodes on this extremely useful report with your hosts Kip Boyle, vCISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.
""Can you trust the Verizon Data Breach Investigations Report (DBIR) to help you run your Cyber Risk Program?"" -- https://www.cr-map.com/91"
8/27/2024 • 54 minutes, 16 seconds
EP 164: Why are we so bad at vulnerability management?
"Vulnerability management is really difficult, especially at scale. And after 20+ years that's still true. Our guest Alex Wood, who's the CISO of Uplight, will help us understand why and consider practical suggestions for getting better. Your hosts are Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.
Alex Wood's LinkedIn Profile -- https://www.linkedin.com/in/alexbwood/
Colorado = Security -- https://www.colorado-security.com/
"
8/12/2024 • 36 minutes
EP 163: Self-Care
"Self-care is a crucial yet seldom discussed topic. Why is that? How should we be taking care of ourselves and why? Let's find out with our guest Chris Roberts, who most recently was the CISO of Boom Supersonic. Your hosts are Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.
Chris Roberts' LinkedIn Profile -- https://www.linkedin.com/in/sidragon1/"
7/30/2024 • 39 minutes, 44 seconds
EP 162: Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA), part 2
Let's continue unpacking the "Cyber Incident Reporting for Critical Infrastructure Act". What else do you need to know? Let's find out with your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.
7/16/2024 • 47 minutes, 59 seconds
EP 161: Cyber Incident Reporting for Critical Infrastructure Act (CIRCIA)
CIRCIA stands for the "Cyber Incident Reporting for Critical Infrastructure Act". But what does it really mean? Let's find out with your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.
7/2/2024 • 48 minutes, 16 seconds
EP 160: How to Find Your Top 5 Cyber Risks
"You can find your top 5 cyber risks using a “top down” approach with the NIST Cybersecurity Framework. Along the way, you can shift your organization towards better practice of reasonable cybersecurity. Know how? Let's find out with your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.
You can see our ""zero through ten"" scale scorecard here -- https://b.link/scorekey
You can watch our interview prep video here -- https://b.link/interview"
6/18/2024 • 46 minutes, 22 seconds
EP 159: FTC 2023 Privacy and Data Security Update
What kinds of unfair trade practices does the FTC look for when it comes to privacy and data security? Let's find out with your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.
6/4/2024 • 50 minutes, 5 seconds
EP 158: Business Continuity as a Revenue Generator?
"Is overnight viral success is a kind of disruption that the business continuity (BC) discipline can help preapre you for? Let's find out with our guest Erika Andresen, the Founder and Owner of EaaS Consulting, LLC. Your hosts are Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.
Erika's Book, ""How to Not Kill Your Business"" -- https://www.amazon.com/gp/product/199018538X
Website -- https://www.eaasc.com/
LinkedIn Profile -- https://www.linkedin.com/in/erika-andresen/"
5/21/2024 • 47 minutes, 7 seconds
EP 157: How To Assess Cyber Risk (REPLAY)
"What's the definitive method for assessing cyber risk? Does it exist? How do you do it? Let's find out with your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.
If you want to know more, Kip has a course on LinkedIn Learning you can check out:
""IT and Cybersecurity Risk Management Essential Training"" -- https://www.linkedin.com/learning/it-and-cybersecurity-risk-management- essential-training/
Kip also has a Udemy course that describes our semi-quantitative approach:
""Implementing NIST Cybersecurity Framework"" -- https://www.udemy.com/course/nist-cybersecurity-framework/
"
5/7/2024 • 49 minutes, 30 seconds
EP 156: Change Healthcare
What happened in the Change Healthcare cyberattack? What are the impacts and how can cyber resilience be a competitive advantage? Let's find out with your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.
4/23/2024 • 42 minutes, 41 seconds
EP 155: Cybersecurity and data privacy in M&A transactions
The role of cybersecurity and data privacy due diligence when buying or selling a company has gone way up compared to five years ago. Why? And, what's at stake? Let's find out with our guest Brian Levine. Your hosts are Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.
4/9/2024 • 42 minutes, 25 seconds
EP 154: NIST AI Risk Management Framework, part 2
Here's part 2 of what's in the NIST Artificial Intelligence Risk Management Framework (NIST AT-RMF)? And, how do you use it? Let's find out with your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.
3/26/2024 • 48 minutes, 6 seconds
EP 153: NIST AI Risk Management Framework, part 1
What's in the NIST Artificial Intelligence Risk Management Framework (NIST AT-RMF)? And, how do you use it? Let's find out with your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.
3/12/2024 • 40 minutes, 49 seconds
EP 152: Boards of Directors and Cybersecurity
The SEC says that Boards of Directors need cybersecurity expertise. But how exactly does that work? Let's find out with our guest Vanessa Pegueros, former CISO of DocuSign. Your hosts are Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.
2/27/2024 • 47 minutes, 14 seconds
EP 151: Does Ransomware Kill Sick People?
"Is there any reliable evidence that sick people die at a higher rate when their hospital is disabled by ransomware? Let's find out with your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.
“Hacked to Pieces? The Effects of Ransomware Attacks on Hospitals and Patients”
University of Minnesota - Twin Cities - School of Public Health
https://papers.ssrn.com/sol3/papers.cfm?abstract_id=4579292
""Killware"" -- https://www.cr-map.com/97"
2/13/2024 • 41 minutes, 36 seconds
EP 150: Privacy Laws Driving Demand for Cybersecurity
Twelve US states now have major privacy laws, up from only five last year. How is that driving demand for cybersecurity? Let's find out with your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.
1/30/2024 • 40 minutes, 31 seconds
EP 149: The Tools and Rules of Digital Trust
How do you take a very important, yet ethereal, idea like digital trust and make it more concrete and actionable? Let's find out with your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.
1/16/2024 • 49 minutes, 3 seconds
EP 148: SEC Disclosure Rules on Cybersecurity
What are the SEC’s new rules for cybersecurity disclosures, including cyber incidents AND annually about cybersecurity risk management and governance? Let's find out with your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.
1/2/2024 • 38 minutes, 59 seconds
EP 147: SEC Complaint against SolarWinds Corporation
"What can we learn about the SEC Complaint against SolarWinds Corporation and Timothy G. Brown? Let's find out with your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.
EP 96: ""Normalizing Greater Accountability For Cybersecurity Fraud""
<https://cr-map.com/podcast/96/>
EP 109: ""FTC’s Strange Action Against Cafe Press""
<https://cr-map.com/podcast/109/>"
12/19/2023 • 49 minutes, 2 seconds
EP 146: Security Metrics
"How can we measure success with cybersecurity? Let's find out with our guest Jared Pfost. Your hosts are Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.
See Jared's ""Security Metrics Reference"" here -- https://www.cr-map.com/metrics"
12/5/2023 • 48 minutes, 20 seconds
EP 145: Why Do Employees Keep Ignoring Workplace Cybersecurity Rules?
Why do employees keep ignoring workplace cybersecurity rules? And, what should cyber risk managers to do about it? Let's find out with your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.
11/21/2023 • 38 minutes, 50 seconds
EP 144: SecureWorld
Have you heard of a regional cybersecurity conference in the US called SecureWorld? We really like it. So we invited Brad Graver, who’s the president of SecureWorld, to tell us what makes them different from all the other conferences we could go to. Your hosts are Kip Boyle, vCISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.
11/7/2023 • 40 minutes, 11 seconds
EP 143: The 2023 Verizon Data Breach Investigations Report (DBIR) Part 2
Let's conclude our look at the 2023 Verizon DBIR report. Today we'll review the data by industry and some other tidbits with your hosts Kip Boyle, vCISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.
10/24/2023 • 50 minutes, 11 seconds
EP 142: The 2023 Verizon Data Breach Investigations Report (DBIR) Part 1
Have you read the Verizon DBIR report for 2023? Find out what it contains in the first of two episodes on this extremely useful report with your hosts Kip Boyle, vCISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.
10/10/2023 • 47 minutes, 32 seconds
EP 141: What's New in NIST CSF v2
What’s going to be in version 2 of the NIST Cybersecurity Framework? Let's find out with your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.
9/26/2023 • 39 minutes, 36 seconds
EP 140: Entry Level IT & Cybersecurity Certifications Are Broken
Entry level IT and Cybersecurity certifications cost too much and produce too many "paper tigers". How do we fix that? Let's find out with your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.
9/12/2023 • 36 minutes, 42 seconds
EP 139: How to Use Cyber Insurance as a Cyber and Privacy Risk Management Tool
How does an attorney think about using cyber insurance to manage cyber and privacy risks? Let's find out with our guest Jane Petoskey. Your hosts are Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.
8/29/2023 • 39 minutes, 22 seconds
EP 138: What's With NIST Special Publication 800-171, Revision 3 and CMMC
How is Revision 3 of NIST Special Publication 800-171 and the Cybersecurity Maturity Model Certification (CMMC) related to each other? Let's find out with our guest Jacob Horne. Your hosts are Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.
8/15/2023 • 43 minutes, 31 seconds
EP 137: How to Make Tabletop Exercises (TTX) Fun!
Traditional incident response exercises are often boring and awkward. That's why we don't do them, even though we should. Want a new way to get people excited about doing one? Let's learn about a proven innovation with our guest Glen Sorensen. Your hosts are Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.
8/1/2023 • 33 minutes, 54 seconds
EP 136: Why Cyber Resilience is a Business Advantage
"An $8 billion company was hit by ransomware and then was sued in court by one of its best customers. What's the connection with cyber resilience? Let's find out with your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.
""Case Study for Cyber as a Material Business Risk"" -- https://www.cr-map.com/124"
7/18/2023 • 45 minutes, 43 seconds
EP 135: Measuring Cyber Risk
"Is the idea of measuring cyber risk ""hooey!"" as one of the InfoSec godfathers once said? Let's find out with our guest Ryan Leirvik. Your hosts are Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.
Ryan's book ""Understand, Manage, and Measure Cyber Risk: Practical Solutions for Creating a Sustainable Cyber Program"" -- https://www.amazon.com/Understand-Manage-Measure-Cyber-Risk/dp/1484278208/
Website -- https://www.neuvik.com/
LinkedIn Profile -- https://www.linkedin.com/in/leirvik/"
7/4/2023 • 49 minutes, 27 seconds
EP 134: The Business Value of Business Continuity
"Is there any business value in “business continuity”? If so, how can we explain it so anyone can understand? Our guest is Erika Andresen, the Founder and Owner of EaaS Consulting, LLC. Your hosts are Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.
Erika's Book, ""How to Not Kill Your Business"" -- https://www.amazon.com/gp/product/199018538X
Website -- https://www.eaasc.com/
LinkedIn Profile -- https://www.linkedin.com/in/erika-andresen/"
6/20/2023 • 44 minutes, 48 seconds
EP 133: ChatGPT and Cyber Risk Management
"Can ChatGPT help us manage Cyber Risk? Can any generative artificial intelligence be helpful? If so, how? And are there any limitations? Let's find out with your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.
Suggested ""ChatGPT Prompt Engineering"" course by Sean Melis:
https://www.udemy.com/course/chatgpt-101-supercharge-your-work-life-500-prompts-inc/"
6/6/2023 • 42 minutes, 54 seconds
EP 132: Helping Activists Operating Under a Repressive Regime
How would you help political and human rights activists stay safe while using digital communications as they live under a repressive regime? One of us has been doing it for almost a year and he'll tell you. Your hosts are Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.
5/23/2023 • 41 minutes
EP 131: How Identity Really Works on the Internet Today
"What does identity on the Internet mean? What does the failure of identity cost us? Do we need to make any changes to the way we do digital identity? Let's find out with our guest our guest, Jeff Reich, Executive Director of the Identity Defined Security Alliance (IDSA). Your hosts are Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.
https://www.idsalliance.org/
https://www.linkedin.com/in/jreich/"
5/9/2023 • 45 minutes, 14 seconds
EP 130: How To Assess Cyber Risk
"What's the definitive method for assessing cyber risk? Does it exist? How do you do it? Let's find out with your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.
If you want to know more, Kip has a course on LinkedIn Learning you can check out:
""IT and Cybersecurity Risk Management Essential Training"" -- https://www.linkedin.com/learning/it-and-cybersecurity-risk-management- essential-training/
Kip also has a Udemy course that describes our semi-quantitative approach:
""Implementing NIST Cybersecurity Framework"" -- https://www.udemy.com/course/nist-cybersecurity-framework/
"
4/25/2023 • 49 minutes, 19 seconds
EP 129: Some Other Things I've Made for You
"Beyond this podcast, I've made a lot of resources (most are free) to help you. In fact, you can now download a six page list of them all. Let me quickly skim through that list with you in this episode. I'm your host, Kip Boyle, CISO with Cyber Risk Opportunities.
You can download ""the list"" here -- https://www.cr-map.com/thelist "
4/11/2023 • 29 minutes, 42 seconds
EP 128: Secrets of Cyber Risk Management at Non-Profits
Are non-profits at risk for cyber exploitation? If so, why? And what should they do about it? Let's find out with our guest, Lew Bader, the Finance Director at "Counseling In Schools". Your hosts are Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.
3/28/2023 • 33 minutes, 52 seconds
EP 127: Proactively Protect Your Reputation (#1 digital asset)
"How do you proactively protect your #1 digital asset, which is your reputation? Let's find out with our guest, Sameer Somal, the CEO of Blue Ocean Global Technology. Your hosts are Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.
Mentioned during this episode:
""The effects of cyberattacks on corporate reputation and consumer confidence with Casey Boggs"" -- https://www.cr-map.com/48
""Normalizing Greater Accountability For Cybersecurity Fraud"" -- https://www.cr-map.com/96
3/14/2023 • 40 minutes, 54 seconds
EP 126: Due diligence as a Risk Management Approach
"Can you “demonstrate due diligence to a defensible standard of care” as your risk management approach? This would replace ""red/yellow/green"" approaches or advanced statistics. Let's find out with our guest, Karen Worstell, who is a “Senior Cybersecurity Strategist” and a “CxO Security Advisor” with VMware. Your hosts are Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.
If you want to learn more about DOCRA (The Duty of Care Risk Analysis Standard) check out our previous episode -- https://cr-map.com/59
""Risk-Based Security is the Emperor's New Clothes""
https://taosecurity.blogspot.com/2006/06/risk-based-security-is-emperors-new.html
2/28/2023 • 45 minutes, 41 seconds
EP 125: Applied Security Design Principles
There are many security design principles we can use to build and evaluate products and services. Can we use them to understand the LastPass incidents from late 2022? Let's find out with your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.
2/14/2023 • 50 minutes, 45 seconds
EP 124: Case Study for Cyber as a Material Business Risk
"A $100 million Texas company called “United Structures of America” got struck by ransomware in 2019. You'll be surprised at what happened next. Your hosts are Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.
“Cyber Extortion of Patients”--https://cr-map.com/podcast/51/
“Quick Look at the ‘Essential Eight’ mitigations”--https://cr-map.com/podcast/63/
""How to Really Make Sure that Cybersecurity is Everyone’s Job"" (pt 1 & 2)
https://cr-map.com/podcast/88/
https://cr-map.com/podcast/89/
1/31/2023 • 46 minutes, 20 seconds
EP 123: How to Really Reduce the Risk of People Falling for Phishing
What can we learn from a recently released research report called “Phishing in Organizations: Findings from a Large-Scale and Long-Term Study”? Let’s find out with our guest, Jason Rebholz, the CISO of Corvus Insurance. Your hosts are Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.
Jason Rebholz prior guest appearance–https://cr-map.com/podcast/114/
“Some Workgroups Deserve More Protection Against Malware”–https://cr-map.com/podcast/108/
“How to Really Make Sure that Cybersecurity is Everyone’s Job” (pt 1 & 2)
https://cr-map.com/podcast/88/
https://cr-map.com/podcast/89/
1/17/2023 • 41 minutes, 18 seconds
EP 122: Best Episode of 2022
What's our "best episode" of 2022? This one had the highest number of downloads. Let's find out which one it was with your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.
1/3/2023 • 42 minutes, 35 seconds
EP 121: The Myth Busters Episode
What are the biggest, yet wrong, ideas that float around all the time and often cause senior decision makers to make poor decisions? Let's find out with your hosts Kip Boyle, vCISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.
“Compliance Versus Practicing Cybersecurity” https://www.cr-map.com/12
“Busted: The Truth about Cloud Security” https://www.cr-map.com/77
“Your IT Person is Not Your Cybersecurity Person” https://www.cr-map.com/105
12/20/2022 • 43 minutes, 40 seconds
EP 120: The 2022 Verizon Data Breach Investigations Report (DBIR) Part 2
Let's conclude our look at the 2022 Verizon DBIR report. Today we'll review the data by industry and some other tidbits with your hosts Kip Boyle, vCISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.
12/6/2022 • 37 minutes, 30 seconds
EP 119: The 2022 Verizon Data Breach Investigations Report (DBIR) Part 1
Have you read the Verizon DBIR report for 2022? Find out what it contains in the first of two episodes on this extremely useful report with your hosts Kip Boyle, vCISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.
11/22/2022 • 50 minutes, 40 seconds
EP 118: Chief Operating Officer is also CISO
What if your Chief Operating Officer was also your Chief Information Security Officer? What would that be like? And, who would do it? Let's find out with our guest, Peter Hitschler the COO of Tri Tech Manufacturing. Your hosts Kip Boyle, vCISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.
11/8/2022 • 36 minutes, 33 seconds
EP 117: Cyber Risk Management During Company Acquisition
How can Deal Teams and M&A Teams understand and manage cyber risk so they can make better business decisions during the company acquisition process? Let's find out with our guest, Shay Colson, the Managing Partner at Coastal Cyber Risk Advisors, LLC. Your hosts Kip Boyle, vCISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.
10/25/2022 • 44 minutes, 10 seconds
EP 116: Update of State Data Security Laws
Did you know there’s an avalanche of state and federal privacy laws and regulations that are either being actively debated or have been passed and will soon take effect starting in January 2023? Let’s find out which ones matter most with your hosts Kip Boyle, vCISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.
10/11/2022 • 41 minutes, 14 seconds
EP 115: Insurance Companies as Cybersecurity Leaders
Can the insurance industry find a way to reduce the rate of major cyber incidents like it did by promoting airbags to reduce highway death rates or sprinklers for buildings reducing fires deaths? Let's find out with our guest Andy Anderson, CEO of DataStream Cyber Insurance. Your hosts Kip Boyle, vCISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.
Andy's podcast "The Cyber Crime Lab" -- <https://www.thecybercrimelab.com/>
9/27/2022 • 43 minutes, 18 seconds
EP 114: Cyber Insurance Drives Security Beyond Your Cyber Policy
Can small-medium-sized businesses benefit from cyber insurance even if they don't buy a policy? How? Let's find out with my guest Jason Rebholz, CISO at Corvus Insurance. Your host is Kip Boyle, vCISO with Cyber Risk Opportunities.
9/13/2022 • 37 minutes, 34 seconds
EP 113: Self-Insuring for Cyber Risks
Cybersecurity is intertwining with D&O litigation and more companies are self-insuring for cyber risks. Why? Our guest is Rachel Jenkins, the Managing Director for Customer Success at Founder Shield. Your hosts Kip Boyle, vCISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.
8/30/2022 • 38 minutes, 13 seconds
EP112: How to Work With CFOs on Cyber Risk Management
You’re going to need the CFO’s support to be successful managing cybersecurity. Why? If for no other reason than the CFO controls the purse strings! So how do you do it? Let's find out with your host Kip Boyle, vCISO with Cyber Risk Opportunities.
8/16/2022 • 30 minutes, 26 seconds
EP 111: Ethical Phisheries
How do you run a successful anti-phishing program that will actually reduce your risk without sacrificing employee goodwill? Our guest, Ean Meyer, knows how. Ean is Associate Director of Security Testing and Assurance at Marriott Vacations Worldwide. Your hosts Kip Boyle, vCISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.
"How to Really Make Sure that Cybersecurity is Everyone’s Job" (pt 1 & 2)
<https://cr-map.com/podcast/88/>
<https://cr-map.com/podcast/89/>
8/2/2022 • 41 minutes, 8 seconds
EP 110: Thriving in this Crazy Cyber Insurance Market
Cyber insurance, once so easy to get, is now scarce and expensive. Why did this happen? How long will it last? What can you do until sanity returns? Find out with our guest Jennifer Cohen, the Cyber & Governance Director at HUB International. Your hosts are Kip Boyle, vCISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.
7/19/2022 • 45 minutes, 31 seconds
EP 109: FTC’s Strange Action Against Cafe Press
The Federal Trade Commission unusually took action against the current AND former owners of CafePress over the February 2019 customer data breach. Why and what does it mean? Also, an update on the False Claims Act from Episode 96. Let's find out with your hosts Kip Boyle, vCISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.
EP 96: "Normalizing Greater Accountability For Cybersecurity Fraud"
<https://cr-map.com/podcast/96/>
7/5/2022 • 35 minutes, 28 seconds
EP 108: Some Workgroups Deserve More Protection Against Malware
Due to the way some workgroups must work, they deserve more protection against malware. But how can you do that in a minimum viable way? Let's find out with your hosts Kip Boyle, vCISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.
EP 63: Quick look at the “Essential Eight” mitigations
<https://cr-map.com/podcast/63/>
"Implementing the NIST Cybersecurity Framework"
<https://www.udemy.com/course/nist-cybersecurity-framework/>
6/21/2022 • 37 minutes, 41 seconds
EP 107: Response Side of Vendor Due Diligence
What are the challenges of smaller vendors responding to due diligence requests from their large customers? And what can they do about them? Let's find out with our guest Caroline McCaffery of ClearOPS. Your hosts are Kip Boyle, vCISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.
<https://www.clearops.io/>
6/7/2022 • 43 minutes, 11 seconds
EP 106: Anatomy of a Hack: Pandora Papers
What are the Pandora Papers? Where did they come from? What's the impact of the Pandora Papers on the legal industry? What are the practical cybersecurity lessons for everyone? Let's find out with your hosts Kip Boyle, vCISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.
5/24/2022 • 52 minutes, 8 seconds
EP 105: Your IT Person is Not Your Cybersecurity Person
IT and cybersecurity actually have very little overlap. The people performing them have similar skills but they have very different goals and very different ways of thinking. Let's find out how different with your hosts Kip Boyle, vCISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.
5/10/2022 • 42 minutes, 43 seconds
EP 104: Easy Target due to Corporate Identity Crisis
Can an identity crisis make organizations an easy target for cyber-criminals? Let's find out with your hosts Kip Boyle, vCISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.
4/26/2022 • 36 minutes, 35 seconds
EP 103: SEC's Proposed Rules for Cyber Risk Management
What's in the Security Exchange Commission’s proposal for new cybersecurity risk management rules for investment advisers and investment companies? Let's find out with your hosts Kip Boyle, vCISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.
You can find the SEC's Fact Sheet and proposed Rules here -- https://www.sec.gov/news/press-release/2022-20
4/12/2022 • 40 minutes, 35 seconds
EP 102: Cybersecurity Hiring Manager Handbook
Do you want to attract and retain top tier talent for your InfoSec team? To work “on your program” instead of working “in your program”? Learn how with your hosts Kip Boyle, vCISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.
Get the Handbook for free here -- https://b.link/hiring-handbook
Register for training here -- https://www.antisyphontraining.com/hiring-handbook-how-to-build-an-infosec-team-that-gets-stuff-done-w-kip-boyle/
3/29/2022 • 35 minutes, 18 seconds
EP 101: FTC's Major Updates to GLBA Safeguards Rule
Is your business “significantly engaged” in providing financial products or services of any kind? Then you need to know about the updates to the Safeguards Rule. Let's see what they are with your hosts Kip Boyle, vCISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.
Join us for our next CLE at noon Pacific time on Wednesday, March 30th where we'll explore the impact of the Pandora Papers on the legal industry and the practical, cybersecurity lessons for attorneys and their clients.
https://www.eventbrite.com/e/anatomy-of-a-hack-pandora-papers-tickets-255528421387
3/15/2022 • 35 minutes, 27 seconds
EP 100: Celebrating our One Hundredth Episode!
When we first started this podcast, we weren't thinking about 50 episodes, let alone 100. How did we make it this far? What's next? Let's find out with your hosts Kip Boyle, vCISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.
Join us for our next CLE at noon Pacific time on Wednesday, March 30th where we'll explore the impact of the Pandora Papers on the legal industry and the practical, cybersecurity lessons for attorneys and their clients.
https://www.eventbrite.com/e/anatomy-of-a-hack-pandora-papers-tickets-255528421387
3/3/2022 • 51 minutes, 59 seconds
EP 99: Metamorphic Malware Called Tardigrade
Here’s the latest in the evolution of dynamic cyber risks: A metamorphic malware called Tardigrade. What does it mean? How do you deal with it? Let’s find out with your hosts Kip Boyle, vCISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.
Join us for our next CLE at noon Pacific time on Wednesday, March 30th where we’ll explore the impact of the Pandora Papers on the legal industry and the practical, cybersecurity lessons for attorneys and their clients.
https://www.eventbrite.com/e/anatomy-of-a-hack-pandora-papers-tickets-255528421387
2/20/2022 • 31 minutes, 28 seconds
EP 98: Minimum Viable Risk Assessment and Data Backups
Today's episode is a replay of the free online continuing legal education session that Jake and I delivered back on December 15, 2021. You'll learn how to conduct meaningful cyber risk assessments and create ransomware-proof data backups.
Join us for our next CLE at noon Pacific time on Wednesday, March 30th where we'll explore the impact of the Pandora Papers on the legal industry and the practical, cybersecurity lessons for attorneys and their clients.
https://www.eventbrite.com/e/anatomy-of-a-hack-pandora-papers-tickets-255528421387
2/1/2022 • 1 hour, 2 minutes, 5 seconds
EP 97: Killware
What's happening at the convergence of cyber-attacks and the loss of human life? Let's find out with your hosts Kip Boyle, vCISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.
1/18/2022 • 50 minutes, 55 seconds
EP 96: Normalizing Greater Accountability For Cybersecurity Fraud
What is the False Claims Act and how will the Department of Justice start using it to help keep the nation safe from cyber criminals and adversaries? Let's find out with your hosts Kip Boyle, vCISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.
1/4/2022 • 39 minutes, 35 seconds
EP 95: What To Do about the Massive Insider Threat?
There is a massive insider threat in all our organizations according to the Verizon Data Breach Investigations Report (DBIR). Why is that and what should we do about it? Our guest, John Grim, one of the long-time authors of the report, will tell us. Your hosts are Kip Boyle, vCISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.
12/21/2021 • 39 minutes, 49 seconds
EP 94: Inside the Poly Network Hack
What can the Poly Network hack tell us about the state of cyber risk in the world of blockchain and smart contracts? Let's find out with your hosts Kip Boyle, vCISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.
You’ll find more details about the hack here:
https://research.kudelskisecurity.com/2021/08/12/the-poly-network-hack-explained/
and here: https://slowmist.medium.com/the-root-cause-of-poly-network-being-hacked-ec2ee1b0c68f/
Sign up for our free ethics CLE on December 15, 2021: https://www.eventbrite.com/e/1-hour-cutting-edge-cle-on-december-15th-at-12-pm-pacific-tickets-187700476177
Want to better understand crypto currency? Check this out: https://youtu.be/rYQgy8QDEBI
12/7/2021 • 32 minutes, 57 seconds
EP 93: Executive Order on Ransomware and Cybersecurity
Is there anything helpful in the US President's “Improving the Nation’s Cybersecurity” Executive Order and the follow-on Ransomware Memo from the White House? Let's find out with your hosts Kip Boyle, vCISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.
Sign up for our free ethics CLE on December 15, 2021: https://www.eventbrite.com/e/1-hour-cutting-edge-cle-on-december-15th-at-12-pm-pacific-tickets-187700476177
11/23/2021 • 39 minutes, 21 seconds
EP 92: Going Behind the Darknet Diaries…
If you’re not listening to the Darknet Diaries, you’re missing out on some relatable stories that will help you better tell your own cyber risk story to your senior decision makers. Find out how with the host of Darknet Diaries, Jack Rhysider, along with Kip Boyle, vCISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.
Sign up for our free ethics CLE on December 15, 2021 at noon Pacific Time: https://www.eventbrite.com/e/1-hour-cutting-edge-cle-on-december-15th-at-12-pm-pacific-tickets-187700476177
11/9/2021 • 40 minutes, 6 seconds
EP 91: Can you trust the Verizon Data Breach Investigations Report (DBIR) to help you run your Cyber Risk Program?
Is the Verizon Data Breach Investigations Report (DBIR) trustworthy enough for cyber risk managers to use it to choose new or improved mitigations? Our guest Suzanne Widup, one of the long-time authors of the report, will tell us how the report is made and why you can trust it. Your hosts are Kip Boyle, vCISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.
10/26/2021 • 33 minutes, 56 seconds
EP 90: How to Buy Cyber Insurance in this Turbulent Market
Cyber insurance coverages are going down and prices are going up. Not everyone who wants to buy a policy will be able to get one. Why? Our guest Chris Brumfield, cyber insurance expert from brokerage Alliant, will explain. And if you're an attorney, Jake Bernstein, Partner with K&L Gates explains why this matters to your firm and your clients (and you'll get an ethics CLE if you listen to the end). This episode was originally broadcast as “The Ethics of Cybersecurity: How to Buy Cyber Insurance for Your Law Practice”.
10/12/2021 • 1 hour, 39 seconds
EP 89: How to Really Make Sure that Cybersecurity is Everyone’s Job (Part 2)
What if you could intensionally build a cybersecurity subculture inside your orgnaization? You can! Learn how to pull the right levers with your hosts Kip Boyle, vCISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.
10/1/2021 • 45 minutes, 57 seconds
EP 88: How to Really Make Sure that Cybersecurity is Everyone’s Job (Part 1)
What if you could intensionally build a cybersecurity subculture inside your orgnaization? You can! Learn how to pull the right levers with your hosts Kip Boyle, vCISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.
9/14/2021 • 45 minutes, 34 seconds
EP 87: Cybersecurity for Small Companies
What are the best options for small and medium-sized businesses when it comes to cybersecurity? Let's look at the common barriers what and options they have with your hosts Kip Boyle, vCISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates. Check out the CR-MAP that Kip mentions here: https://www.cr-map.com/
8/31/2021 • 42 minutes, 25 seconds
EP 86: The 2021 edition of the Verizon Data Breach Investigations Report (DBIR) Part 2
Let's conclude our look at the 2021 Verizon DBIR report. Today we'll review the data by industry and the revised attack patterns with your hosts Kip Boyle, vCISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.
8/17/2021 • 38 minutes, 47 seconds
EP 85: The 2021 edition of the Verizon Data Breach Investigations Report (DBIR) Part 1
Have you read the Verizon DBIR report for 2021? Find out what it contains in the first of two episodes on this extremely useful report with your hosts Kip Boyle, vCISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.
8/3/2021 • 46 minutes, 47 seconds
EP 84: Minimum Viable Planning for a Cyber Business Disruption
Do you have a minimum viable plan for a major business disruption in the age of ransomware and other intense cyber risks? Learn how to make one with our guest Dan Weedin. We're your hosts Kip Boyle, vCISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.
7/20/2021 • 36 minutes, 59 seconds
EP 83: FBI on the Cyber Offensive
The FBI is publicly releasing details about their active defense of the U.S. Is this a good thing? Find out your with hosts Kip Boyle, vCISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.
7/6/2021 • 36 minutes, 16 seconds
EP 82: Recommendations from the Ransomware Task Force
Ransomware is a big problem that's getting bigger. Learn about a new set of recommendations released by the Institute for Security + Technology’s Ransomware Task Force for dealing with the growing threat of ransomware with your hosts Kip Boyle, vCISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.
AND: Will all attorneys please join us online for a free, one-hour CLE on June 23, 2021 at 12 pm Pacific where Kip and Jake will teach you how to answer client questions about ransomware?
Sign up here: b.link/cle
6/22/2021 • 41 minutes, 16 seconds
EP 81: Something for everyone in latest NYDFS Consent Order
What can you learn from the latest NYDFS Consent Order? A lot. Learn with your hosts Kip Boyle, vCISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.
AND: Will all attorneys please join us online for a free, one-hour CLE on June 23, 2021 at 12 pm Pacific where Kip and Jake will teach you how to answer client questions about ransomware?
Sign up here: b.link/cle
6/8/2021 • 38 minutes, 49 seconds
EP 80: Cybersecurity Insurance makes progress in the right direction
Cyber insurance companies are starting to figure out what practices actually reduce the risk of a major cyber incident. Walk through an insurance application with your hosts Kip Boyle, vCISO with Cyber Risk Opportunities, and Jake Bernstein, JD and Cybersecurity Practice Lead.
AND: Will all attorneys please join us online for a free, one-hour CLE on June 23, 2021 at 12 pm Pacific where Kip and Jake will teach you how to answer client questions about ransomware?
Sign up here: b.link/cle
5/25/2021 • 37 minutes, 26 seconds
EP 79: What should the US government do about rampant cyber crime?
Our guest is Michael Garcia, who co-authored a report for the US government, entitled “A Roadmap to Strengthen US Cyber Enforcement: Where Do We Go From Here?” Find out his top 3 recommendations with your hosts Kip Boyle, vCISO with Cyber Risk Opportunities, and Jake Bernstein, JD and Cybersecurity Practice Lead.
AND: Will all attorneys please join us online for a free, one-hour CLE on June 23, 2021 at 12 pm Pacific where Kip and Jake will teach you how to answer client questions about ransomware?
Sign up here: b.link/cle
5/11/2021 • 35 minutes, 2 seconds
EP 78: Importance of Internal Audit Teams
Do you know how Internal Audit Teams can assist a CISO?! Take a look from an Internal Audit teams perspective and learn more on important of an role they play in your Cyber Risk Management, with hosts Kip Boyle, vCISO with Cyber Risk Opportunities, and Jake Bernstein, JD and Cybersecurity Practice Lead at Focal Law Group.
4/27/2021 • 45 minutes, 28 seconds
EP 77: Busted: The Truth about Cloud Security
What do you know about Cloud Security Marketing?! In today's episode, we do some mythbusting, specifically targeting common cloud security marketing messages, with the help of our guest, Paul Rich. To see more about Paul Rich check out his LinkedIn Profile: https://www.linkedin.com/in/parich/
4/13/2021 • 1 hour, 2 minutes, 47 seconds
EP 76: Implications of denial of class certification in data breach cases
What does it mean for cybersecurity professionals trying to create defensibly reasonable cybersecurity programs if a data breach lawsuit is filed against their employer and it fails to gain class certification? Your hosts are Kip Boyle, vCISO with Cyber Risk Opportunities, and Jake Bernstein, JD and Cybersecurity Practice Lead at Focal Law Group.
3/30/2021 • 38 minutes, 3 seconds
EP 75: How to Pass your CISSP Exam
How do you prepare for the CISSP exam and what should you expect? Listen to Jake and Kip tell you how to prep for the exam using a 3-point plan. Your hosts are Kip Boyle, vCISO with Cyber Risk Opportunities, and Jake Bernstein, JD and Cybersecurity Practice Lead at Focal Law Group.
3/16/2021 • 38 minutes, 39 seconds
EP 74: Lessons Learned from Ransomware Attack
By reviewing a recent ransomware response case let's see what we can learn so our listeners can prevent their own ransomware disasters. Your hosts are Kip Boyle, vCISO with Cyber Risk Opportunities, and Jake Bernstein, JD and Cybersecurity Practice Lead at Focal Law Group.
3/2/2021 • 40 minutes, 5 seconds
EP 73: Negotiating the Data Security Addendum
How do you prepare for the negotiation process when you’re staring at your customer’s new data security addendum? Learn how with your hosts Kip Boyle, vCISO with Cyber Risk Opportunities, and Jake Bernstein, JD and Cybersecurity Practice Lead at Focal Law Group.
2/16/2021 • 44 minutes, 10 seconds
EP 72: The Failure of the Cybersecurity Market
We're collectively spending $100 billion each year to manage cyber risks and still the damages are going up. It's due to a big disfunction in the marketplace. But there's a cure! Learn more with Kip Boyle, vCISO with Cyber Risk Opportunities, and Jake Bernstein, JD and Cybersecurity Practice Lead at Focal Law Group.
2/2/2021 • 41 minutes, 51 seconds
EP 71: Learning from Latest in Cyber Insurance Claims
A new cyber insurance claims study of smaller businesses shows the top types of cyber-attacks, as well as their causes, for the first half of 2020. Your hosts are Kip Boyle, vCISO with Cyber Risk Opportunities, and Jake Bernstein, JD and Cybersecurity Practice Lead at Focal Law Group.
1/19/2021 • 39 minutes, 24 seconds
EP 70: A Trial Attorney Tells You How to Get the Most from your Cyber Insurance
We take a look at cyber insurance coverage (and exposure) from a litigator’s perspective with the help of our guest, Josh Franklin. Learn with Kip Boyle, vCISO with Cyber Risk Opportunities, and Jake Bernstein, JD and Cybersecurity Practice Lead at Focal Law Group.
1/5/2021 • 34 minutes, 48 seconds
EP 69: More Reasons to Not Pay Ransomware Demands
We have some insightful updates on ransomware trends, along with an OFAC reminder from the US government, to give you yet more reasons not to pay cyber-attackers who encrypt your data. Learn with Kip Boyle, vCISO with Cyber Risk Opportunities, and Jake Bernstein, JD and Cybersecurity Practice Lead at Focal Law Group.
12/18/2020 • 38 minutes
EP 68: Role of General Counsel in Cyber Risk Management
Kip Boyle, CEO of Cyber Risk Opportunities, turns the tables and puts Jake Bernstein, JD and Cybersecurity Practice Lead at Focal Law Group, in the guest chair to ask him about the role of general counsel in cyber risk management.
12/8/2020 • 35 minutes, 36 seconds
EP 67: New Rules for Attorney-Client Privilege over Data Breach Reports
Kip Boyle, CEO of Cyber Risk Opportunities, and Jake Bernstein, JD and Cybersecurity Practice Lead at Focal Law Group, discuss the “lessons learned” from the Capital One Consumer Data Security Breach litigation ruling relating to the attorney-client privilege for data breach reports.
11/24/2020 • 36 minutes, 41 seconds
EP 66: Challenges for Cybersecurity Pros of Sudden “Work From Home” requirements due to COVID-19
Kip Boyle, CEO of Cyber Risk Opportunities, and Jake Bernstein, JD and Cybersecurity Practice Lead at Focal Law Group, talk with our guest, Dan Blum, about the challenges posed by the COVID-19 shutdown specifically for the cybersecurity professional. Dan will also share information about his new book, "Rational Cybersecurity for Business".
11/10/2020 • 36 minutes, 46 seconds
EP 65: Cyber Exploitation Through Supply Chains
Kip Boyle, CEO of Cyber Risk Opportunities, and Jake Bernstein, JD and Cybersecurity Practice Lead at Focal Law Group, explore cyber exploitation through supply chains with our guest, Steven Carnovale, Assistant Professor of Supply Chain Management at the Rochester Institute of Technology.
10/27/2020 • 32 minutes, 5 seconds
EP 64: Current trends in Internet Freedom
Kip Boyle, CEO of Cyber Risk Opportunities, and Jake Bernstein, JD and Cybersecurity Practice Lead at Focal Law Group, review trends in Internet Freedom with our guest, Harold Li, Vice President of ExpressVPN.
10/13/2020 • 35 minutes, 19 seconds
EP 63: Quick look at the “Essential Eight” mitigations
Kip Boyle, CEO of Cyber Risk Opportunities, and Jake Bernstein, JD and Cybersecurity Practice Lead at Focal Law Group, do a quick review of the Essential Eight mitigations published by the Australian Signals Directorate.
9/29/2020 • 38 minutes, 40 seconds
EP 62: Going deeper into the 2020 edition of the DBIR
Kip Boyle, CEO of Cyber Risk Opportunities, and Jake Bernstein, JD and Cybersecurity Practice Lead at Focal Law Group, go deeper into the 2020 edition of the Verizon Data Breach Investigations Report (DBIR).
9/15/2020 • 42 minutes, 26 seconds
EP 61: The 2020 edition of the Verizon Data Breach Investigations Report (DBIR)
Kip Boyle, CEO of Cyber Risk Opportunities, and Jake Bernstein, JD and CyberSecurity Practice Lead at Focal Law Group, do a quick analysis of the 2020 edition of the Verizon Data Breach Investigations Report.
9/1/2020 • 36 minutes, 13 seconds
EP 60: LabCorp shareholder sues senior decision makers over cybersecurity failures
Kip Boyle, CEO of Cyber Risk Opportunities, and Jake Bernstein, JD and CyberSecurity Practice Lead at Focal Law Group, explain how 3rd-party cybersecurity failures have resulted in a shareholder derivative lawsuit that names senior decision makers as defendants.
8/18/2020 • 34 minutes, 1 second
EP 59: Can DoCRA (Duty of Care Risk Analysis) tell you if your cybersecurity controls are reasonable?
Kip Boyle, CEO of Cyber Risk Opportunities, and Jake Bernstein, JD and CyberSecurity Practice Lead at Focal Law Group, discusses DoCRA – Duty of Care Risk Analysis. It’s an approach that helps organizations figure out whether their cybersecurity controls are reasonable. And we'll do that with the help of our guest, Chris Cronin.
8/4/2020 • 52 minutes, 2 seconds
EP 58: Why some companies are so intense about managing supply chain cyber risk
Kip Boyle, CEO of Cyber Risk Opportunities, and Jake Bernstein, JD and CyberSecurity Practice Lead at Focal Law Group, discuss why some companies are so intense about managing cyber risk in their supply chains.
7/21/2020 • 32 minutes, 10 seconds
EP 57: The new “At a Minimum” FTC standard
Kip Boyle, CEO of Cyber Risk Opportunities, and Jake Bernstein, JD and CyberSecurity Practice Lead at Focal Law Group, discuss the FTC’s new “at a minimum” language in its cybersecurity decisions and what that means for cyber risk managers.
7/7/2020 • 40 minutes, 23 seconds
EP 56: How to quickly and profitably close deals with your cybersecurity intensive customers
Kip Boyle, CEO of Cyber Risk Opportunities, and Jake Bernstein, JD and CyberSecurity Practice Lead at Focal Law Group, discuss the three steps business leaders should follow to overcome pre-sales cybersecurity due diligence sales hurdles with prospective customers.
6/22/2020 • 31 minutes, 59 seconds
EP 55: How to graduate skilled cybersecurity analysts in only six months
Kip Boyle, CEO of Cyber Risk Opportunities, and Jake Bernstein, JD and CyberSecurity Practice Lead at Focal Law Group, discuss how the Prelude Institute is helping to make up the shortfall in qualified cybersecurity professionals with our guest, Ted Ipsen.
6/9/2020 • 22 minutes, 47 seconds
EP 54: The legal and economic aftermath of cybersecurity breaches
Kip Boyle, CEO of Cyber Risk Opportunities, and Jake Bernstein, JD and CyberSecurity Practice Lead at Focal Law Group, discuss how liability and blame is a serious obstacle to keeping the internet secure with our guest, professor and published author, Josephine Wolff.
5/26/2020 • 31 minutes, 57 seconds
EP 53: Post data breach requirements for law firms
Kip Boyle, CEO of Cyber Risk Opportunities, and Jake Bernstein, JD and CyberSecurity Practice Lead at Focal Law Group, discuss ABA Formal Opinion 483, which sets out requirements for law firms who suffer breaches of client data.
5/12/2020 • 31 minutes, 43 seconds
EP 52: SysAdmins and the multi-million dollar privacy violations they will cause
Kip Boyle, CEO of Cyber Risk Opportunities, and Jake Bernstein, JD and CyberSecurity Practice Lead at Focal Law Group, reveal how people with privileged accounts are managing bigger risks to their organization than ever before. In the world of CCPA, GDPR, and SHIELD, not carefully setting permissions on those data lakes will lead to massive penalties for some organizations.
4/28/2020 • 22 minutes, 59 seconds
EP 51: Cyber Extortion of Patients
Kip Boyle, CEO of Cyber Risk Opportunities, and Jake Bernstein, JD and CyberSecurity Practice Lead at Focal Law Group, discuss how cyber criminals are sending ransom demands to the people in the records they steal.
4/14/2020 • 21 minutes, 40 seconds
EP 50: Results of annual listener survey
Kip Boyle, CEO of Cyber Risk Opportunities, and Jake Bernstein, JD and CyberSecurity Practice Lead at Focal Law Group, discuss the results of the annual listener survey.
3/31/2020 • 11 minutes, 34 seconds
EP 49: Utility computing for cybersecurity is “reasonable”
Kip Boyle, CEO of Cyber Risk Opportunities, and Jake Bernstein, JD and CyberSecurity Practice Lead at Focal Law Group, discuss how organizations using Office 365 and G Suite should be using the many "hidden" but very affordable cybersecurity functions. Their availability is changing the definition of "reasonable cybersecurity".
3/17/2020 • 19 minutes, 38 seconds
EP 48: The effects of cyberattacks on corporate reputation and consumer confidence
Kip Boyle, CEO of Cyber Risk Opportunities, and Jake Bernstein, JD and CyberSecurity Practice Lead at Focal Law Group, discuss the effects of cyberattacks on corporate reputation and consumer confidence with the help of our friend and public relations expert, Casey Boggs.
3/3/2020 • 32 minutes, 21 seconds
EP 47: California’s IoT Security Law: Why It Matters
Kip Boyle, CEO of Cyber Risk Opportunities, and Jake Bernstein, JD and CyberSecurity Practice Lead at Focal Law Group, discuss California's new "Internet of Things" security law and its intersection with reasonable cybersecurity.
2/18/2020 • 22 minutes, 33 seconds
EP 46: Experiences with Law Enforcement on Cyber Crime Cases
Kip Boyle, CEO of Cyber Risk Opportunities, and Jake Bernstein, JD and CyberSecurity Practice Lead at Focal Law Group, share what is was like for each of them to work with FBI and Secret Service on two recent cyber crime cases.
2/4/2020 • 36 minutes, 30 seconds
EP 45: CCPA regulations and the New York SHIELD Act
Kip Boyle, CEO of Cyber Risk Opportunities, and Jake Bernstein, JD and CyberSecurity Practice Lead at Focal Law Group, give an update on CCPA and the New York SHIELD Act.
1/21/2020 • 35 minutes, 27 seconds
EP 44: Cybersecurity for entrepreneurs (and their employees)
Kip Boyle, CEO of Cyber Risk Opportunities, and Jake Bernstein, JD and CyberSecurity Practice Lead at Focal Law Group, discuss why entrepreneurs need special guidance on cybersecurity.
1/7/2020 • 23 minutes, 5 seconds
EP 43: Why does the FTC settle on cybersecurity cases?
Kip Boyle, CEO of Cyber Risk Opportunities, and Jake Bernstein, JD and CyberSecurity Practice Lead at Focal Law Group, discuss why the FTC tends to setting their cybersecurity cases instead of going to trial.
12/24/2019 • 29 minutes, 13 seconds
EP 42: Exploiting IT Service Providers and their Customers
Kip Boyle, CEO of Cyber Risk Opportunities, and Jake Bernstein, JD and CyberSecurity Practice Lead at Newman DuWors LLP, discuss how cyber-attackers are abusing the trusted relationship between IT service providers and their customers.
12/10/2019 • 33 minutes, 4 seconds
EP 41: Security Outsourcing: Vendor Selection and Management
Kip Boyle, CEO of Cyber Risk Opportunities, and Jake Bernstein, JD and CyberSecurity Practice Lead at Focal Law Group, discuss Security Outsourcing: Vendor Selection and Management.
11/26/2019 • 34 minutes, 11 seconds
EP 40: Ransomware Defenses for cities
Kip Boyle, CEO of Cyber Risk Opportunities, and Jake Bernstein, JD and CyberSecurity Practice Lead at Newman DuWors LLP, discuss a recent Dark Reading article by Sara Peters: "It Saved Our Community: 16 Realistic Ransomware Defenses for Cities"
11/12/2019 • 26 minutes, 16 seconds
EP 39: The Major Cyber Risk of Private Equity Firms
Kip Boyle, CEO of Cyber Risk Opportunities, and Jake Bernstein, JD and CyberSecurity Practice Lead at Focal Law Group, review the rise and fall of Colorado Timberline, a one-time porfolio company of Frontenac and Charter Oak Equity.
10/29/2019 • 31 minutes, 46 seconds
EP 38: The new data breach notification law in Washington
Kip Boyle, CEO of Cyber Risk Opportunities, and Jake Bernstein, JD and CyberSecurity Practice Lead at Focal PLLP, discuss the revised Washington State data breach notification law and why it matters to all our listeners.
10/15/2019 • 30 minutes, 12 seconds
EP 37: Cyber risk and public relations
Kip Boyle, CEO of Cyber Risk Opportunities, talk with guest Casey Boggs about how to manage cyber risk with good public relations.
10/1/2019 • 31 minutes, 25 seconds
EP 36: The emerging “Reasonableness Test” for cybersecurity
Kip Boyle, CEO of Cyber Risk Opportunities, and Jake Bernstein, JD and CyberSecurity Practice Lead at Newman DuWors LLP, discuss "The Sedona Conference Draft Commentary on Reasonable Security Test"
9/17/2019 • 36 minutes, 49 seconds
EP 35: Wholesaler perspective in cyber insurance
Kip Boyle, CEO of Cyber Risk Opportunities, and Jake Bernstein, JD and CyberSecurity Practice Lead at Newman DuWors LLP, talk with guest Peter Marchel about the current state of the wholesale cyber insurance market.
9/3/2019 • 34 minutes, 14 seconds
EP 34: Why The ASUS Supply Chain Cyberattack Is a Big Deal
Kip Boyle, CEO of Cyber Risk Opportunities, talks with Jake Bernstein, JD and CyberSecurity Practice Lead at Newman DuWors LLP, about what cyber risk managers can learn from the ASUS supply chain cyberattack.
8/20/2019 • 25 minutes, 7 seconds
EP 33: How the blame game that follows big data breaches affects defenders
Kip Boyle, CEO of Cyber Risk Opportunities, talks with Jake Bernstein, JD and CyberSecurity Practice Lead at Newman DuWors LLP, about what cyber risk managers can still learn from the 2012 data breach at the South Carolina Department of Revenue.
8/6/2019 • 34 minutes, 28 seconds
EP 32: Independent broker’s perspective on cyber insurance
Kip Boyle, CEO of Cyber Risk Opportunities, and Jake Bernstein, JD and CyberSecurity Practice Lead at Newman DuWors LLP, talk with guest Chris Brumfield about the current state of the cyber insurance market.
7/23/2019 • 32 minutes, 3 seconds
EP 31: Protecting your accounts payable function from cyberattack
Kip Boyle, CEO of Cyber Risk Opportunities, and Jake Bernstein, JD and CyberSecurity Practice Lead at Newman DuWors LLP, talk with guest Debra Richarson about how finance professionals should protect their company from common financial cyber fraud.
7/9/2019 • 34 minutes, 49 seconds
EP 30: Company Sues Employee For Being Phished
Kip Boyle, CEO of Cyber Risk Opportunities, talks with Jake Bernstein, JD and CyberSecurity Practice Lead at Newman DuWors LLP, about a company that sued its employee for being phished out of $260,000.
6/25/2019 • 31 minutes, 39 seconds
EP 29: What the Private Sector Can Learn about Incident Response from the Military
Kip Boyle, CEO of Cyber Risk Opportunities, and Jake Bernstein, JD and CyberSecurity Practice Lead at Newman DuWors LLP, talk with guest Melissa Van Buhler about what the military can teach the private sector about incident response.
6/11/2019 • 32 minutes, 30 seconds
EP 28: The Rise of WebApps and Their Impact on Cybersecurity
Kip Boyle, CEO of Cyber Risk Opportunities, talks with Jake Bernstein, JD and CyberSecurity Practice Lead at Newman DuWors LLP, about how some people believe that by using webapps, they are more secure than when using traditional software.
5/28/2019 • 31 minutes, 12 seconds
EP 27: What’s at the intersection of AI and cybersecurity?
Kip Boyle, CEO of Cyber Risk Opportunities, talks with Jake Bernstein, JD and CyberSecurity Practice Lead at Newman DuWors LLP, about three things that cyber risk managers will find at the intersection of artificial intelligence and cybersecurity.
5/14/2019 • 29 minutes, 19 seconds
EP 26: Computer Fraud and Abuse Act (Revisited)
Kip Boyle, CEO of Cyber Risk Opportunities, talks with Jake Bernstein, JD and CyberSecurity Practice Lead at Newman DuWors LLP, about how the 35-year-old Computer Fraud and Abuse Act (CFAA) is a useful tool for today's cyber risk managers.
4/30/2019 • 28 minutes, 15 seconds
EP 24: How fake advertising fuels other cybercrimes
Kip Boyle, CEO of Cyber Risk Opportunities, talks with Jake Bernstein, JD and CyberSecurity Practice Lead at Newman DuWors LLP, about how new techniques for automating ad fraud will probably lead to other types of cybercrime.
4/16/2019 • 32 minutes, 10 seconds
EP 23: What the last 30 years of cyber risks tells us about what’s ahead
Kip Boyle, CEO of Cyber Risk Opportunities, talks with Jake Bernstein, JD and CyberSecurity Practice Lead at Newman DuWors LLP, about what the next 30 years of cyber risks will look like.
4/2/2019 • 37 minutes, 23 seconds
EP 22: Cyber risks of autonomous vehicles
Kip Boyle, CEO of Cyber Risk Opportunities, talks with Jake Bernstein, JD and CyberSecurity Practice Lead at Newman DuWors LLP, about the cyber risks of autonomous vehicles.
3/19/2019 • 38 minutes, 39 seconds
EP 19: Business Judgment Rule
Kip Boyle, CEO of Cyber Risk Opportunities, talks with Jake Bernstein, JD and CyberSecurity Practice Lead at Newman DuWors LLP, discuss how cyber risk management is actually a fiduciary duty of corporate directors and officers.
3/5/2019 • 30 minutes, 19 seconds
EP 18: Six “must read” non-technical books for cyber risk managers
Kip Boyle, CEO of Cyber Risk Opportunities, talks with Jake Bernstein, JD and CyberSecurity Practice Lead at Newman DuWors LLP, discuss six "must read" non-technical books for cyber risk managers.
2/20/2019 • 36 minutes, 9 seconds
EP 17: The golden age for cyber-criminals
Kip Boyle, CEO of Cyber Risk Opportunities, talks with Jake Bernstein, JD and CyberSecurity Practice Lead at Newman DuWors LLP, about why this is a golden age for cyber criminals.
2/5/2019 • 33 minutes, 38 seconds
EP 16: Threat Intelligence
Kip Boyle, CEO of Cyber Risk Opportunities, talks with Jake Bernstein, JD and CyberSecurity Practice Lead at Newman DuWors LLP, about how executives should think about threat intelligence: What it is, where to get it, how to use it, and how to get started. They also discuss how artificial intelligence and machine learning can help make threat intelligence more useful.
1/23/2019 • 29 minutes, 40 seconds
EP 25: BONUS: New book: “Fire Doesn’t Innovate” on sale now
Kip Boyle, CEO of Cyber Risk Opportunities, talks with Jake Bernstein, JD and CyberSecurity Practice Lead at Newman DuWors LLP, about his new book, Fire Doesn’t Innovate, on sale January 15, 2019. It includes a free, online Cyber Risk Workbook that automates Part 2 of the book: The creation of your Cyber Risk Management Game Plan.
1/14/2019 • 32 minutes, 10 seconds
EP 14: Contractual Firewalls
Kip Boyle, CEO of Cyber Risk Opportunities, talks with Jake Bernstein, JD and CyberSecurity Practice Lead at Newman DuWors LLP, about how executives can create strong contractual firewalls between themselves and their vendors and customers to guard against excessive financial loss due to cybersecurity failures.
1/8/2019 • 33 minutes, 30 seconds
EP 13: Small Companies Struggle with Big Company Cybersecurity Questionnaires
Kip Boyle, CEO of Cyber Risk Opportunities, talks with Jake Bernstein, JD and CyberSecurity Practice Lead at Newman DuWors LLP, about how smaller companies struggle to respond to cybersecurity questionnaires from bigger customers.
12/26/2018 • 27 minutes, 17 seconds
EP 12: Compliance Versus Practicing Cybersecurity
Kip Boyle, CEO of Cyber Risk Opportunities, talks with Jake Bernstein, JD and CyberSecurity Practice Lead at Newman DuWors LLP, on the difference between focusing on compliance with cybersecurity laws and regulations versus practicing cybersecurity.
12/11/2018 • 25 minutes, 56 seconds
EP 21: What germs can teach us about dealing with cyber-attacks
Kip Boyle, CEO of Cyber Risk Opportunities, talks with Jake Bernstein, JD and CyberSecurity Practice Lead at Newman DuWors LLP, today we talked about how germs can teach us a lot about how to deal with cyber-attacks.
11/27/2018 • 31 minutes, 42 seconds
EP 11: Cyber Risk and Law Firms
Kip Boyle talks with Jake Bernstein on the need for law firms to have reasonable cyber security. They also discuss how law firms can provide Attorney Client Privilege (ACP) to their clients who conduct Cyber Risk Assessments.
11/13/2018 • 22 minutes, 44 seconds
EP 20: New book: “Fire Doesn’t Innovate”
Kip Boyle, CEO of Cyber Risk Opportunities, and Jake Bernstein, JD and CyberSecurity Practice Lead at Newman DuWors LLP, provide a preview of a new book to help executives thrive as cyber risk managers.
10/30/2018 • 25 minutes, 13 seconds
EP 10: Methods and Legality of “Active Defense”
Kip Boyle and Jake Bernstein describe "active defense" as an emerging technique for dealing with cyber-attackers and the legality of the various methods.
10/16/2018 • 31 minutes, 58 seconds
EP 9: Non-Technical Ways to Manage Cyber Risk
Kip Boyle and Jake Bernstein explain how you need to use people, process, and management (in addition to technology) in order to have reasonable cybersecurity.
10/2/2018 • 29 minutes, 19 seconds
EP 8: How to deal with Ransomware
Kip Boyle and Jake Bernstein discuss whether organizations should pay a ransom to regain control over their data and systems.
9/18/2018 • 24 minutes, 28 seconds
EP 6: Cyber Risk Management and Attorney Client Privilege
Kip Boyle, CEO of Cyber Risk Opportunities, and Jake Bernstein, JD and CyberSecurity Practice Lead at Newman DuWors LLP, describe how Attorney Client Privilege (ACP) and Attorney Work Product (AWP) doctrine can increase the quality of your cyber risk management practices.
9/4/2018 • 28 minutes, 50 seconds
EP 15: California Consumer Privacy Act (CCPA)
Kip Boyle, CEO of Cyber Risk Opportunities, talks with Jake Bernstein, JD and CyberSecurity Practice Lead at Newman DuWors LLP, about talk about the new California Consumer Privacy Act or CCPA and how executives should be thinking about this new cyber risk.
8/21/2018 • 34 minutes, 9 seconds
EP 7: What is GDPR?
Kip Boyle, CEO of Cyber Risk Opportunities, and Jake Bernstein, JD and CyberSecurity Practice Lead at Newman DuWors LLP, summarize the European Union's General Data Protection Regulation or, GDPR.
8/8/2018 • 30 minutes, 51 seconds
EP 5: How the FTC Defines “Reasonable Cybersecurity”
Kip Boyle, CEO of Cyber Risk Opportunities, talks with Jake Bernstein, JD and CyberSecurity Practice Lead at Newman DuWors LLP, about how the FTC has been working since 2010 to define "Reasonable Cybersecurity" standard.
7/24/2018 • 37 minutes, 41 seconds
EP 4: The “Reasonable Cybersecurity” Standard
Kip Boyle, CEO of Cyber Risk Opportunities, talks with Jake Bernstein, JD and CyberSecurity Practice Lead at Newman DuWors LLP, about the emerging "Reasonable Cybersecurity" standard: Where it's coming from and what how it should affect the decisions made by cyber risk managers.
7/10/2018 • 30 minutes, 35 seconds
EP 3: Why Your Company Needs Cyber Risk Management
Kip Boyle, CEO of Cyber Risk Opportunities, talks with Jake Bernstein, JD and CyberSecurity Practice Lead at Newman DuWors LLP, about why every company needs good cyber risk management.
6/15/2018 • 27 minutes, 19 seconds
EP 2: Your Newest Competitor Creates Most of Your Cyber Risk
Kip Boyle, CEO of Cyber Risk Opportunities, talks with Jake Bernstein, JD and CyberSecurity Practice Lead at Newman DuWors LLP, about who is really driving the over $6 trillion in damage expected in 2021 due to cyber failures.
6/15/2018 • 36 minutes, 59 seconds
EP 1: Introducing Cyber Risk Management Podcast
Kip Boyle, CEO of Cyber Risk Opportunities, talks with Jake Bernstein, JD and CyberSecurity Practice Lead at Newman DuWors LLP, about who we are, what we do, and why we do it.