What happened in the Change Healthcare cyberattack? What are the impacts and how can cyber resilience be a competitive advantage? Let's find out with your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L

EP 155: Cybersecurity and data privacy in M&A transactions

25 days ago 42m 25s

The role of cybersecurity and data privacy due diligence when buying or selling a company has gone way up compared to five years ago. Why? And, what's at stake? Let's find out with our guest Brian Levine. Your hosts are Kip Boyle, CISO with Cyb

EP 154: NIST AI Risk Management Framework, part 2

Mar 26th, 2024 48m 6s

Here's part 2 of what's in the NIST Artificial Intelligence Risk Management Framework (NIST AT-RMF)? And, how do you use it? Let's find out with your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gate

EP 153: NIST AI Risk Management Framework, part 1

Mar 12th, 2024 40m 49s

What's in the NIST Artificial Intelligence Risk Management Framework (NIST AT-RMF)? And, how do you use it? Let's find out with your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.

EP 152: Boards of Directors and Cybersecurity

Feb 27th, 2024 47m 14s

The SEC says that Boards of Directors need cybersecurity expertise. But how exactly does that work? Let's find out with our guest Vanessa Pegueros, former CISO of DocuSign. Your hosts are Kip Boyle, CISO with Cyber Risk Opportunities, and Jake

EP 151: Does Ransomware Kill Sick People?

Feb 13th, 2024 41m 36s

"Is there any reliable evidence that sick people die at a higher rate when their hospital is disabled by ransomware? Let's find out with your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.“H

EP 150: Privacy Laws Driving Demand for Cybersecurity

Jan 30th, 2024 40m 31s

Twelve US states now have major privacy laws, up from only five last year. How is that driving demand for cybersecurity? Let's find out with your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.

EP 149: The Tools and Rules of Digital Trust

Jan 16th, 2024 49m 3s

How do you take a very important, yet ethereal, idea like digital trust and make it more concrete and actionable? Let's find out with your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.

EP 148: SEC Disclosure Rules on Cybersecurity

Jan 2nd, 2024 38m 59s

What are the SEC’s new rules for cybersecurity disclosures, including cyber incidents AND annually about cybersecurity risk management and governance? Let's find out with your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernst

EP 147: SEC Complaint against SolarWinds Corporation

Dec 19th, 2023 49m 2s

"What can we learn about the SEC Complaint against SolarWinds Corporation and Timothy G. Brown? Let's find out with your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.EP 96: ""Normalizing Gr

EP 146: Security Metrics

Dec 5th, 2023 48m 20s

"How can we measure success with cybersecurity? Let's find out with our guest Jared Pfost. Your hosts are Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.See Jared's ""Security Metrics Reference"" h

EP 145: Why Do Employees Keep Ignoring Workplace Cybersecurity Rules?

Nov 21st, 2023 38m 50s

Why do employees keep ignoring workplace cybersecurity rules? And, what should cyber risk managers to do about it? Let's find out with your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.

EP 144: SecureWorld

Nov 7th, 2023 40m 11s

Have you heard of a regional cybersecurity conference in the US called SecureWorld? We really like it. So we invited Brad Graver, who’s the president of SecureWorld, to tell us what makes them different from all the other conferences we could g

EP 143: The 2023 Verizon Data Breach Investigations Report (DBIR) Part 2

Oct 24th, 2023 50m 11s

Let's conclude our look at the 2023 Verizon DBIR report. Today we'll review the data by industry and some other tidbits with your hosts Kip Boyle, vCISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.

EP 142: The 2023 Verizon Data Breach Investigations Report (DBIR) Part 1

Oct 10th, 2023 47m 32s

Have you read the Verizon DBIR report for 2023? Find out what it contains in the first of two episodes on this extremely useful report with your hosts Kip Boyle, vCISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.

EP 141: What's New in NIST CSF v2

Sep 26th, 2023 39m 36s

What’s going to be in version 2 of the NIST Cybersecurity Framework? Let's find out with your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.

EP 140: Entry Level IT & Cybersecurity Certifications Are Broken

Sep 12th, 2023 36m 42s

Entry level IT and Cybersecurity certifications cost too much and produce too many "paper tigers". How do we fix that? Let's find out with your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.

EP 139: How to Use Cyber Insurance as a Cyber and Privacy Risk Management Tool

Aug 29th, 2023 39m 22s

How does an attorney think about using cyber insurance to manage cyber and privacy risks? Let's find out with our guest Jane Petoskey. Your hosts are Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.

EP 138: What's With NIST Special Publication 800-171, Revision 3 and CMMC

Aug 15th, 2023 43m 31s

How is Revision 3 of NIST Special Publication 800-171 and the Cybersecurity Maturity Model Certification (CMMC) related to each other? Let's find out with our guest Jacob Horne. Your hosts are Kip Boyle, CISO with Cyber Risk Opportunities, and

EP 137: How to Make Tabletop Exercises (TTX) Fun!

Aug 1st, 2023 33m 54s

Traditional incident response exercises are often boring and awkward. That's why we don't do them, even though we should. Want a new way to get people excited about doing one? Let's learn about a proven innovation with our guest Glen Sorensen.

EP 136: Why Cyber Resilience is a Business Advantage

Jul 18th, 2023 45m 43s

"An $8 billion company was hit by ransomware and then was sued in court by one of its best customers. What's the connection with cyber resilience? Let's find out with your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein,

EP 135: Measuring Cyber Risk

Jul 4th, 2023 49m 27s

"Is the idea of measuring cyber risk ""hooey!"" as one of the InfoSec godfathers once said? Let's find out with our guest Ryan Leirvik. Your hosts are Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.

EP 134: The Business Value of Business Continuity

Jun 20th, 2023 44m 48s

"Is there any business value in “business continuity”? If so, how can we explain it so anyone can understand? Our guest is Erika Andresen, the Founder and Owner of EaaS Consulting, LLC. Your hosts are Kip Boyle, CISO with Cyber Risk Opportuniti

EP 133: ChatGPT and Cyber Risk Management

Jun 6th, 2023 42m 54s

"Can ChatGPT help us manage Cyber Risk? Can any generative artificial intelligence be helpful? If so, how? And are there any limitations? Let's find out with your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner

EP 132: Helping Activists Operating Under a Repressive Regime

May 23rd, 2023 41m

How would you help political and human rights activists stay safe while using digital communications as they live under a repressive regime? One of us has been doing it for almost a year and he'll tell you. Your hosts are Kip Boyle, CISO with C