CISO Stephen Fridakis Talks About Governance, Risk, and Compliance

In this episode, David is joined by Stephen Fridakis, Deputy Chief Information Security Officer, Verily, an Alphabet Company focused on delivering precision health. As a deputy CISO, Stephen concentrates on governance, risk, and compliance. Topics discussed: Stephen became a CISO in 2006. He describes how he has seen this role evolve from being focused on technology to being risk-centric.  Stephen highlights some misalignments between what security operations aim to do and a company's business strategy. Accurately assessing an organization's asset inventory can be a challenge. Stephen discusses some difficulties associated with assessing risk without an accurate IT inventory. David and Stephen explore why equating compliance and security is often a mistake businesses make.  Stephen explains his views on cyber risk management and how to measure a risk management program's effectiveness. Zero Trust is a popular security model. Stephen explains what that means to him and how he implements it.  Listeners can keep up with Stephen Fridakis on LinkedIn: https://www.linkedin.com/in/stephen-fridakis-96184b/

Om Podcasten

Welcome to the Future of Threat Intelligence podcast, where we explore the transformative shift from reactive detection to proactive threat management. Join us as we engage with top cybersecurity leaders and practitioners, uncovering strategies that empower organizations to anticipate and neutralize threats before they strike. Each episode is packed with actionable insights, helping you stay ahead of the curve and prepare for the trends and technologies shaping the future.