logo
episode-header-image
Aug 2024
30m 17s

Cyber Security vs Frameworks

Dr. Eric Cole
About this episode

In the latest episode of Life of a CISO, Dr. Eric Cole dives deep into the critical difference between compliance and true cybersecurity. He emphasizes that while frameworks and compliance standards are essential, they often focus on checking boxes rather than addressing the holistic needs of a secure environment. Without a strong foundation in cybersecurity, organizations risk having significant gaps in their defenses, leaving them vulnerable to breaches even if they are technically compliant. Dr. Cole illustrates this with real-world examples, underscoring the importance of mastering the basics before layering on complex frameworks.

Dr. Cole also explores the common pitfalls companies face when they rush into implementing frameworks without first securing their critical data and understanding their risk tolerance. He warns against the dangers of overcomplicating compliance efforts, advocating instead for a targeted approach that focuses on the most sensitive areas of the business. By controlling where critical data is stored and minimizing unnecessary exposure, organizations can achieve both compliance and security without overwhelming their resources. This episode is a must-listen for current and aspiring CISOs who want to build a secure, resilient organization from the ground up.

 

Up next
Dec 2022
How do CISOs translate business language to board members?
In this episode of Life of a CISO, Dr. Eric Cole points out the key elements CISOs need to adapt to excel as a translator in the board rooms. The focal point to consider is learning how to communicate and listen. 
32m 25s
Oct 2022
How Do CISOs Make An Impact On Executives?
In this episode of Life of a CISO, Dr. Eric Cole educates us about the principles you must follow if you’re a brand new CISO making their way into this field. You must understand the business to make a lasting impact on the executives. How can you help with the business? What dif ... Show More
31m 10s
Aug 2022
CISOs Accept The Risks
In this episode of Life of a CISO, Dr. Eric Cole asks what are you focused on? Because ultimately that’s what you’re going to become. You will never score that high-level CISO position if you focus on not being good enough for it.  Watch this episode of Life of a CISO to understa ... Show More
29m 47s
Recommended Episodes
Oct 2024
Navigating NIST CSF 2.0: Guide to Frameworks and Governance
<p>In this episode, we sat down with Lukasz Gogolkiewicz, an Australia-based Cybersecurity Leader and former pentester, to explore his journey from offensive security into cybersecurity leadership. Lukasz, also a speaker coach at BlackHat USA, brings valuable insights into what i ... Show More
36m 29s
Oct 2024
Balancing Security with Usability in Cybersecurity
In this episode of Threat Vector, host David Moulton talks with guest speaker Brian Wrozek, Forrester Principal Analyst in Security & Risk, about the complexities of aligning security strategies across global teams. Brian draws on his extensive experience in cybersecurity, operat ... Show More
41m 41s
Dec 2024
Behind the Scenes with Palo Alto Networks CIO and CISO Securing Business Success with Frictionless Cybersecurity
In this episode of Threat Vector, David Moulton speaks with Meerah Rajavel, CIO of Palo Alto Networks, and Niall Browne, CISO of the organization, about the importance of aligning IT strategy with cybersecurity.  Meerah and Niall discuss how frictionless security, AI integration ... Show More
39m 17s
Feb 2025
Rethinking Cloud Security Strategies
Cloud security is more complex than ever. Organizations move fast, but security teams often struggle to keep up. In this episode of Threat Vector, host David Moulton speaks with Amol Mathur, SVP of Products for Prisma Cloud at Palo Alto Networks, about how platformization is resh ... Show More
35m 28s
Oct 11
The Role and Evolution of Virtual CISOs with Craig Taylor
In this episode of Cybersecurity Today, Jim hosts Craig Taylor, a seasoned virtual Chief Information Security Officer (vCISO) with over 25 years of experience. They discuss the evolution and significance of the vCISO role, Taylor's career path, and the founding of his company, Cy ... Show More
51m 54s
Jun 2025
Vibe Coding vs Low-Code/No-Code: Security Risks and CI/CD Pipeline Impacts for Citizen Developers
Explore the evolution from traditional coding to vibe coding and its relationship with low-code/no-code (LCNC) platforms. This comprehensive analysis examines how AI-assisted development and visual programming tools are creating a new generation of citizen developers, transformin ... Show More
9m 42s
Oct 2024
Leadership during a Crisis
In this insightful episode of Threat Vector, host David Moulton sits down with Christopher Scott, Managing Partner at Unit 42 by Palo Alto Networks, to explore the essentials of crisis leadership and management in cybersecurity. With over two decades of experience, Chris shares h ... Show More
35m 40s
Nov 2024
War Room Best Practices
In this episode of Threat Vector, David Moulton, Director of Thought Leadership at Unit 42, is joined by cybersecurity experts Kyle Wilhoit, Director of Threat Research, and Michal Goldstein, Director of Security Architecture and Research at Palo Alto Networks. Together, they exp ... Show More
35m 17s
Listen to millions of songs and podcasts on Anghami