OwlTail

Cover image of Richard Seiersen

Richard Seiersen

5 Podcast Episodes

Latest 1 May 2022 | Updated Daily

Episode artwork

Resilient Cyber Podcast - Episode 19 - Richard Seiersen - CISO / Author

Resilient Cyber

Could you provide some advice for anyone who may want to be a CISO - or even provide some guidance for how and why someone may want to be a CISO? You've written a book called "How to Measure Risk with Anything" - could you maybe provide some advice to cybersecurity professionals who have a topic in mind and want to write a book of their own?  With your vast knowledge and experience in cybersecurity leadership - can you give us an example of some of the major challenges or roadblocks you've seen in maturing a cybersecurity program?You're currently the CISO and Co-Founder at Soluble which focuses on GitOps Security Testing. For those not familiar with it, What is GitOps? Why is this sort of testing valuable? Any thoughts on Compliance-as-Code?How is it working as a CISO at a SaaS/Startup compared to some of your previous roles such as Kaiser Permanente and GE Healthcare?Do you feel that Cloud presents new challenges for CISO's? If so, how? Any major recommendations for CISO's looking to get a handle on Cloud Security? What does Cyber Resilient mean to you?

29mins

4 Jul 2021

Episode artwork

Measuring Risk w/ Richard Seiersen

The Cyber Ranch Podcast

Today we talk with Richard Seiersen, co-author of “How to Measure Anything in Cybersecurity Risk”.Richard shared that at his first CISO position, he was challenged with addressing prioritization of risk, which led to his authoring a book with Doug Hubbard.What can cyber learn from older risk disciplines? The life table used broadly to measure time-to-event data goes back 500 years.Businesses keep falling back to the classic 5x5 "likelihood and impact" matrix which is an inconsistent, non-math-based method.Without math it is really just casting spells in the board room. There are no ratios or explanation of differences, for example.CISOs are called upon to make a bet about something. We will use subject matter expert opinions, and can make them measurably better. Consistency is key.Wild guesses can still help constrain the forecast. There are existing models in cyber such as FAIR that provide a more mathematically applied approach.Statistics came about because people needed to make bets with limited data. Dirty data can be worked with.Embracing uncertainty is okay. Executives are actually very used to uncertainty.Cybersecurity as a practice is in its adolescence with a high mortality risk. We need to adopt the grammar of science.Key Takeaways0:25 Richard is introduced1:20 Richard talks about his cyber journey and his day job3:02 Book talk5:19 What can cyber learn from older style risk tactics8:04 5x5 risk matrix10:05 Improving accuracy17:00 Gathering an accurate view19:20 Monte Carlo simulations22:04 The belief25:17 Board-ready presentations26:58 What keeps Richard going in cyber security28:09 Why statistics were inventedLinks:Learn more about Richard Seiersen on LinkedIn and TwitterFollow Allan Alford on LinkedIn and TwitterLearn more about Hacker Valley Studio and The Cyber Ranch PodcastSponsored by our good friends at Axonius

30mins

19 May 2021

Similar People

Episode artwork

Richard Seiersen, President of M-Cubed - Business Security Weekly #108

Business Security Weekly (Video)

Richard Seiersen a CISO with experience ranging from small technology companies to multi-national conglomerates. He joins Matt and Paul this week to talk about Richard’s CISO experience and expertise, and the book Richard co-authored called, "How to Measure Anything in Cybersecurity Risk". Full Show Notes: https://wiki.securityweekly.com/BSWEpisode108

38mins

27 Nov 2018

Episode artwork

Richard Seiersen, President of M-Cubed - Business Security Weekly #108

Paul's Security Weekly TV

Richard Seiersen a CISO with experience ranging from small technology companies to multi-national conglomerates. He joins Matt and Paul this week to talk about Richard’s CISO experience and expertise, and the book Richard co-authored called, "How to Measure Anything in Cybersecurity Risk". Full Show Notes: https://wiki.securityweekly.com/BSWEpisode108

38mins

27 Nov 2018

Most Popular

Episode artwork

SC 102: David Cass, CISO IBM Cloud & SaaS, and Richard Seiersen, GM Cybersecurity and Privacy GE Healthcare, Discuss Security, Trust and Privacy in Healthcare

Cyber Pro Files

This episode features David Cass, IBM Cloud & SaaS CISO, and Richard Seiersen, GE Healthcare’s General Manager Cybersecurity and Privacy who discuss the different types of attack vectors in healthcare, which as you’ll hear is “As Security as it Gets.” In this podcast you’ll hear about implantable medical devices or wearables, and the Industrial Internet of Healthcare Things. They also touch on Seiersen’s upcoming book “How to Measure Anything in Cybersecurity Risk,” which explores decision science and in particular quantitative approaches to decision making.

8mins

13 Jul 2016