September 15, 2021

WHY We Measure Risk w/ Sameer Sait

by Cyber Ranch

Listen Now

test
WHY We Measure Risk w/ Sameer Sait

September 15, 2021 Cyber Ranch

00:00:00

Show Notes

In this episode Allan interviews his friend Sameer Sait, former CISO at Amazon, Forcepoint and Arrow Electronics, who joins Allan for a discussion about WHY we measure risk. It is about more than just asking for money. (And who are you actually asking money from? Hint: It is not the Board). How does risk measurement change in the beginning of the CISO’s journey vs. later when the program is more mature? What is the goal of good risk metrics? What is the role of cyber insurance in all this? What about business traction and cooperation with other department’s goals and objectives? And finally, how does measuring risk affect disposition or risk? Key Takeaways: 01:20 Sammer's bio 02:30 Asking for money - it's not from the Board 05:58 Measuring risk: inside-out vs. outside-in 11:20 Approaching management with an objective, not a story 12:38 Working with your team, as a team 14:12 The effects of measuring risk 18:36Analyzing the priorities and their consequences 24:36 Good governance vs. good management 26:22 Transference, remediation, and acceptance 30:57 What surprise Sameer in cybersecurity? Links: Learn more about Sameer on LinkedIn Follow Allan Alford on LinkedIn and Twitter Learn more about Hacker Valley Studio and The Cyber Ranch Podcast Sponsored by our good friends at Uptycs
Read more

Recent Episodes

May 31, 2023
by Cyber Ranch

This week's show is exciting because Allan has been waiting for Andy's book on leadership to come out for quite some time.  The book is called “1% Leadership – Master The Small, Daily Improvements That Set Great Leaders Apart”, and it consists of 54 ...

May 24, 2023
by Cyber Ranch

This episode is a bit scary.  Adrian Sanabria, who on an earlier show busted many cybersecurity myths, is back again, this time analyzing the impact of Large Language Model Artificial Intelligence on a hypothesized skills gap on the bad guy side. Pre...

May 22, 2023
by Cyber Ranch

This is Part 1 of an incredible series of interviews Allan conducted live at RSA 2023.  Guests include: Chris Kennedy, CISO @ Citadel Gary Hayslip, CISO @ Softbank Investment Advisers Michael Calderin, CISO @ YAGEO Group Reet  Kaur, CISO @ Portland C...

May 17, 2023
by Cyber Ranch

Leadership skills, technical skills, cybersecurity skills, pluck, drive and determination are all on display as Allan interviews Merav Bahat, CEO @ Dazz and Mickey Bresman, CEO @ Semperis. Dazz has completed a Series A investment round.  Semperis a S...

May 10, 2023
by Cyber Ranch

What is security chaos engineering?  You may remember Kelly Shortridge, our very first guest, who came on the show to talk about behavioral economics and cybersecurity.  Well Kelly is back to talk about her new book, "Security Chaos Engineering: Sust...

May 3, 2023
by Cyber Ranch

Bryan Liebert is one smart cookie.  Who bakes cybersecurity cakes.  But seriously, Bryan has been a CISO, consultant, architect, and has served many other roles in cybersecurity.  His specialty is creating simple to digest (we could not help it, sorr...

April 26, 2023
by Cyber Ranch

Adrian Wright, "The Cynical CISO" of LinkedIn fame, joins Allan to discuss four areas where cybersecurity is perhaps getting it wrong: Cybersecurity viewed as a necessary evil, related to The Twilight Zone Ownership, Authority, Accountability: Invent...

April 24, 2023
by Cyber Ranch

Join us for a SPECIAL EDITON! episode of The Cyber Ranch Podcast LIVE! from CISO XC in Dallas-Fort Worth, Texas! The topic is data security: its challenges and how to overcome them. Joining Allan are Cecil Pineda of R1 ("Cecil the CISO") and Gene Moo...

April 19, 2023
by Cyber Ranch

We always think of cybersecurity startups as companies who contribute to the tech stack in an organizational environment - usually the enterprise.  We also think of personal cybersecurity in terms of protecting Grandma or our kids from the bad guys. ...

April 12, 2023
by Cyber Ranch

Emily Heath is a well-known and well-respected figure in cybersecurity.  She has been a CISO three times in a variety of industries, including software and a major airline.  She has been in law enforcement, is a partner at a VC firm, and serves on bo...