Trava Security

Dive into the essentials of cybersecurity with host Jara Rowe in the latest season of "The Tea on Cybersecurity" from Trava. This season unpacks multifactor authentication (MFA), the shift in remote work dynamics, and the nuances between breaches and incidents, featuring insights from industry experts Jim, Craig, Mario, Marie, Michael, Christina, and Boomer. Learn how to fortify your digital security through real-world advice on risk management, cyber hygiene, and the importance of trust and transparency in safeguarding data and systems. Don't miss out on these critical cybersecurity strategies and discussions—subscribe to "The Tea on Cybersecurity" on your favorite podcast platform today.

Craig Saldanha 

Associate Director of Technology Risk and Assurance at Insight Assurance

John Boomershine

Vice President of Security and Compliance at BlackInk IT

Mario Vlieg

ISO Practice Manager at Insight Assurance

Jim Goldman

CEO of Trava Security

Recap on Season 3 - Receipts on The Tea on Cybersecurity

The Tea on Cybersecurity by Trava

Blog

Linkedin

Cybersecurity—a word we hear all the time. Show of hands for those who actually understand what it means.The Tea on Cybersecurity is here to help educate the newbs on what cybersecurity is, why it is important, and everything in between. The Tea on Cybersecurity is for everyone, but especially those small and medium-sized businesses that are starting their journey in building a cyber risk management program. Each show is about 15-30 minutes long to deliver you with the facts and less fluff.

The Tea on Cybersecurity

"Multi-factor authentication? You better get it today. Don't wait till tomorrow." – Jim Goldman We talk a lot about SaaS companies in this show, but today, we’re bringing you something a little different. Jim Goldman, CEO of Trava and one of our favorite cybersecurity experts, joins host Jara Rowe to discuss the complexities of cybersecurity across healthcare and banking, including their unique challenges and regulatory requirements. Jim discussed how healthcare organizations navigate a web of medical providers, claims processors, and pharmacies while adhering to the stringent HIPAA regulations. He also discusses how banking and finance sectors have long led the way in cybersecurity, thanks to rigorous compliance standards meant to protect both consumer data and financial integrity. He offers compelling analyses and real-world examples, like how a simple multi-factor authentication (MFA) oversight can lead to billion-dollar repercussions. In this episode, you’ll learn:<ul><li>How the&nbsp; banking and healthcare industries keep our sensitive information safe and how it all comes back to those pesky (yet essential!) regulations</li><li>The importance of regulations like HIPAA and how they help guard this vast data network and ensure your health information stays secure</li><li>Yet another reason why Multi-Factor Authentication (MFA) is a cybersecurity must-have</li></ul> Jump into the conversation:&nbsp;[00:00 - 00:46] Introduction to cybersecurity beyond SaaS and Jim Goldman[00:47 - 02:58] How cybersecurity differs in Healthcare and Banking vs. SaaS[02:58 - 05:41] The most pressing cybersecurity threats facing healthcare organizations today[05:41 - 08:25] How healthcare institutions are adapting their cybersecurity to ensure data integrity[09:17 - 13:00] ​​Key cybersecurity risks in banking and finance and how they are mitigating these risks[13:01 - 14:33] What is GDPR?&nbsp;[14:34 - 15:11] What is PCI DDS?[15:11 - 16:11] How financial institutions prioritize cybersecurity initiatives to maintain compliance[16:45 - 19:48] Jara’s receipts Connect with the Guest:<a href="https://www.linkedin.com/in/jigoldman" rel="noopener noreferrer" target="_blank">Jim Golman’s LinkedIn</a> Connect with the host:<a href="https://www.linkedin.com/in/jararowe/" rel="noopener noreferrer" target="_blank">Jara Rowe’s LinkedIn</a> Connect with Trava:Website <a href="http://www.travasecurity.com" rel="noopener noreferrer" target="_blank">www.travasecurity.com</a>Blog <a href="http://www.travasecurity.com/blog" rel="noopener noreferrer" target="_blank">www.travasecurity.com/blog</a>LinkedIn <a href="https://www.linkedin.com/company/travasecurity/?utm_source=casted&amp;utm_medium=podcast&amp;utm_campaign=podcast_share" rel="noopener noreferrer" target="_blank">@travasecurity</a>YouTube <a href="https://www.youtube.com/@travasecurity?utm_source=casted&amp;utm_medium=podcast&amp;utm_campaign=podcast_share" rel="noopener noreferrer" target="_blank">@travasecurity </a>

CEO of Trava

Beyond SaaS: What Cybersecurity Looks Like in Healthcare and Banking

"Every business today runs on technology. Every business is a technology business. Right? Even a taco cart uses a little payment thing that you swipe your card in to do that." - Michael Magyar Michael Magyar, a seasoned cybersecurity expert with a decade of experience, joins host Jara Rowe on this episode of The Tea on Cybersecurity to give us the tea on third-party risks. As a penetration tester and a virtual Chief Information Security Officer (vCISO) with Trava, Michael brings unparalleled insight into the challenges and solutions surrounding vendor security.&nbsp;Michael and Jara discuss the complex subject of third-party risks and why every business, big or small, needs to be cautious about their vendors' security practices. From identifying potential risks to evaluating security measures, Michael offers essential steps businesses should take if a vendor experiences a security incident, stressing the importance of containment, breach notification, and calling in the right experts for help. Key Takeaways: <ul><li>Third-Party risks are everywhere and to understand where these gaps could be, think about a vendor or third-party as “outsourced staff”</li><li>What to look out for when working with any vendor or third - party, namely Public Statements of Security</li><li>How to handle a situation if a vendor or third-party of yours is breached</li></ul> Timestamps:[00:00 - 01:24] Introducing Identifying Third-Party Vendor Risks with Michael Magyar, Trava[01:25 - 02:36] Expanding understanding of vendors and third parties[03:59 - 05:25] Real-world examples of third-party risks - SolarWinds in 2020 and XZ Utils in 2024[02:36 - 03:59] How to identify risks associated with vendors and third parties[05:25 - 07:53] Red flags to look out for, plus Microsoft breach&nbsp;[07:54 - 09:16] Penetration testing and third-party security[09:16 - 11:19] Other ways that businesses can help evaluate the security practices of a third-party[11:19 - 12:54] Key cybersecurity measures to look for when working with a vendor[12:54 - 13:40] Why it's essential for businesses to regularly check in on their external partners' cybersecurity efforts[13:41 - 15:42] Cybersecurity steps my company needs to take when signing on with a new vendor[16:41 - 20:02] Jara's Receipts Connect with the Guest:<a href="https://www.linkedin.com/in/michael-magyar-2a6506139/" rel="noopener noreferrer" target="_blank">Michael Magyar's LinkedIn</a> Connect with the host:<a href="https://www.linkedin.com/in/jararowe/" rel="noopener noreferrer" target="_blank">Jara Rowe’s LinkedIn</a> Connect with Trava:Website <a href="http://www.travasecurity.com" rel="noopener noreferrer" target="_blank">www.travasecurity.com</a>Blog <a href="http://www.travasecurity.com/blog" rel="noopener noreferrer" target="_blank">www.travasecurity.com/blog</a>LinkedIn <a href="https://www.linkedin.com/company/travasecurity/?utm_source=casted&amp;utm_medium=podcast&amp;utm_campaign=podcast_share" rel="noopener noreferrer" target="_blank">@travasecurity</a>YouTube <a href="https://www.youtube.com/@travasecurity?utm_source=casted&amp;utm_medium=podcast&amp;utm_campaign=podcast_share" rel="noopener noreferrer" target="_blank">@travasecurity&nbsp;</a>

Michael Magyar

Cybersecurity Professional

Identifying Third-Party Vendor Risks with Michael Magyar, Trava

“Trust is foundational to both the relationship, interpersonal relationship, B2B relationship. Then also we're having to convey that trust to our customers," - John Boomershine John Boomershine– also known as Boomer– sits down with host, Jara Rowe in this episode of The Tea on Cybersecuity to talk about trust and transparency in cybersecurity. As the Vice President of Security and Compliance at BlackInk IT, Boomer brings nearly 40 years of experience in the IT realm, and a wealth of knowledge particularly focused on cybersecurity and compliance.&nbsp; Boomer and Jara discuss why trust and transparency are absolute bedrocks in the world of cybersecurity. Boomer elaborates on the importance of effective communication, revealing how businesses can use privacy policies and FAQ sections to build consumer confidence. He takes us through the game-changing NIST and CIS frameworks and why adopting these can fortify your cybersecurity strategy. Additionally, he stresses the importance of having a solid incident response plan when things go south and emphasizes that cybersecurity is a team effort—everyone has a role to play, from implementing MFA to raising your hand when in doubt. In this episode, you’ll learn:&nbsp;<ul><li>Trust is foundational for cybersecurity in any organization and the cornerstone of a great client relationship</li><li>Why you need to have a superhero plan for cyber incidents to tackle any problem that may come up quickly and efficiently.</li><li>To boost your customer confidence and safety, you need to adopt a cybersecurity framework to act as your compass, guiding you on what’s essential to protect your business and your data.&nbsp;</li></ul> Things to listen for:[00:00- 00:55]&nbsp; Introduction to The Tea on Cybersecurity[01:53 - 03:16] Trust is foundational in cybersecurity and business[03:16 - 05:34] Effectively communicating data handling with your customers&nbsp;[05:35 - 08:41] CIS controls framework: 18 sections, 153 safeguards.[08:42 - 11:10] Data collection transparency and where companies should focus on[11:15 - 12:46] Some of the biggest challenges businesses face in maintaining transparency and trust[12:46 - 14:12] Combating cyber threats with teamwork and commitment[14:14 - 16:03] Final thoughts from Boomer[16:17 - 19:55] Jara’s Receipts Resources:<ul><li><a href="https://travasecurity.com/learn-with-trava/articles/soc2-compliance-checklist" rel="noopener noreferrer" target="_blank">How SOC2 helps you build trust with clients</a></li><li><a href="https://travasecurity.com/learn-with-trava/resources/tips-for-talking-to-customers-after-getting-hacked?utm_source=casted&amp;utm_medium=podcast&amp;utm_campaign=thetea" rel="noopener noreferrer" target="_blank">7 Tips for Talking to Your Customers After Getting Hacked</a></li></ul> Connect with the Guest:<a href="https://www.linkedin.com/in/askboomer/" rel="noopener noreferrer" target="_blank">John Boomershine’s LinkedIn</a> Connect with the host:<a href="https://www.linkedin.com/in/jararowe/" rel="noopener noreferrer" target="_blank">Jara Rowe’s LinkedIn</a> Connect with Trava:Website <a href="http://www.travasecurity.com" rel="noopener noreferrer" target="_blank">www.travasecurity.com</a>Blog <a href="http://www.travasecurity.com/blog" rel="noopener noreferrer" target="_blank">www.travasecurity.com/blog</a>LinkedIn <a href="https://www.linkedin.com/company/travasecurity/?utm_source=casted&amp;utm_medium=podcast&amp;utm_campaign=podcast_share" rel="noopener noreferrer" target="_blank">@travasecurity</a>YouTube <a href="https://www.youtube.com/@travasecurity?utm_source=casted&amp;utm_medium=podcast&amp;utm_campaign=podcast_share" rel="noopener noreferrer" target="_blank">@travasecurity&nbsp;</a>

Cyber Trust and Transparency with John Boomershine, BlackInk IT

“Education is by far the most cost-effective tool that you can deploy in your organization before any other types of information, security controls, or complex tools or any additional services. Using the hygiene analogy, you can buy the most expensive toothbrush, and you can buy the fanciest toothpaste. But if you don't teach your child that they need to brush their teeth every night, they're still going to get cavities.” - Mario Vlieg Host Jara Rowe and guests <a href="https://www.linkedin.com/in/craig-s-87b126218/" rel="noopener noreferrer" target="_blank">Craig Saldanha</a> and <a href="https://www.linkedin.com/in/mariovlieg/" rel="noopener noreferrer" target="_blank">Mario Vlieg</a> discuss good digital hygiene practices in this episode. We dive into best digital hygiene practices, common weak spots, and digital breach response plans. Learn more about technology trends like AI and machine learning that enhance cyber defenses, practical tips and resources for improving cyber hygiene habits, and future challenges and opportunities in the field. We also explore regulatory standards, frameworks, and compliance, emphasizing their contribution to robust cyber hygiene practices.&nbsp; In this episode, you’ll learn:&nbsp;<ul><li>Why employees should be educated about the latest cyber threats, recognize phishing attempts, and adopting best practices in cybersecurity.&nbsp;</li><li>What steps organizations and individuals can take to assess and recover effectively in a data breach.</li><li>Why advancements in technologies are enhancing cyber hygiene efforts even as they introduce new risks.&nbsp;</li></ul> Things to listen for:[01:20 - 02:14] Definition of cyber hygiene[03:12 - 03:59] The role of Employee training and awareness in cyber hygiene[03:59 - 04:52] How often organizations and individuals should review digital hygiene practices[05:08 - 06:00] Emerging technologies that can help with cyber hygiene efforts[06:00 - 08:23] Tips and resources for improving cyber hygiene habits[08:26 - 09:18] Challenges and opportunities in the future of cyber hygiene[09:20 - 10:04] The most cost-effective cyber security tool for early SaaS companies and founders&nbsp;[10:17 - 11:56] What steps organizations should take to assess the impact and recover from a data breach[12:00 - 13:56] How compliance standards and frameworks improve cyber hygiene practices[13:56 - 15:39] Proactive steps to improve cyber hygiene practices[15:47 - 19:15] Jara’s receipts Resources:<ul><li><a href="https://travasecurity.com/learn-with-trava/blog/cyber-hygiene-explained?utm_source=casted&amp;utm_medium=podcast&amp;utm_campaign=thetea" rel="noopener noreferrer" target="_blank">Cyber Hygiene Explained</a></li><li><a href="https://travasecurity.com/learn-with-trava/podcasts/cybersecurity-awareness-training-is-not-an-option-its-essential?utm_source=casted&amp;utm_medium=podcast&amp;utm_campaign=thetea%5C" rel="noopener noreferrer" target="_blank">Cybersecurity Awareness Training is Not an Option, It’s Essential</a></li><li><a href="https://travasecurity.com/learn-with-trava/blog/data-security-101-decoding-incidents-and-breaches?utm_source=casted&amp;utm_medium=podcast&amp;utm_campaign=thetea" rel="noopener noreferrer" target="_blank">Data Security 101: Decoding Incidents and Breaches</a></li><li><a href="https://travasecurity.com/learn-with-trava/blog/why-human-error-is-the-cause-of-most-data-breaches?utm_source=casted&amp;utm_medium=podcast&amp;utm_campaign=thetea" rel="noopener noreferrer" target="_blank">Why Human Error is the Cause of Most Data Breaches</a></li></ul> Connect with the Guest:<a href="https://www.linkedin.com/in/craig-s-87b126218/" rel="noopener noreferrer" target="_blank">Craig Saldanha’s LinkedIn</a><a href="https://www.linkedin.com/in/mariovlieg/" rel="noopener noreferrer" target="_blank">Mario Vlieg’s LinkedIn</a> Connect with the host:<a href="https://www.linkedin.com/in/jararowe/" rel="noopener noreferrer" target="_blank">Jara Rowe’s LinkedIn</a> Connect with Trava:Website<a href="http://www.travasecurity.com/?utm_source=casted&amp;utm_medium=podcast&amp;utm_campaign=podcast_share" rel="noopener noreferrer" target="_blank"> www.travasecurity.com&nbsp;</a>Blog<a href="https://travasecurity.com/learn-with-trava/blog?utm_source=casted&amp;utm_medium=podcast&amp;utm_campaign=podcast_share" rel="noopener noreferrer" target="_blank"> www.travasecurity.com/blog</a>LinkedIn<a href="https://www.linkedin.com/company/travasecurity/?utm_source=casted&amp;utm_medium=podcast&amp;utm_campaign=podcast_share" rel="noopener noreferrer" target="_blank"> @travasecurity</a>YouTube<a href="https://www.youtube.com/@travasecurity?utm_source=casted&amp;utm_medium=podcast&amp;utm_campaign=podcast_share" rel="noopener noreferrer" target="_blank"> @travasecurity</a>

Defending Your Data Through Cyber Hygiene with Industry Experts Craig Saldanha and Mario Vlieg, Insight Assurance

“Especially if this is the first time an organization is creating a plan like this, the focus should really be working on it piece by piece to not be overwhelmed. So, start outsmall. What are the designated roles and responsibilities that you have? Then, determine how the plan can best fit your needs. This can be done by assessing what types of incidents are most detrimental to your organization.” - Christina Annechino Host Jara Rowe and guest Christina Annechino delve into incident response plans and tabletop exercises in this week’s episode. We’ll identify common challenges with developing incident response plans and the ins and outs of tabletop exercises.&nbsp; Gain tips on forming an incident response plan and insight into the documentation and testing requirements and compliance standards such as NIST, SOC 2, PCI DSS, and ISO 27001. We provide a comprehensive understanding of the critical elements and processes involved in incident response planning, compliance, and tabletop exercises. In this episode, you’ll learn:&nbsp; <ul><li>What defines an incident, and what to include in an incident response plan to be prepared and compliant.&nbsp;</li><li>Why tabletop exercises are essential for identifying any gaps in the documented processes and procedures and preparing teams for emergencies.</li><li>How incident response plans and tabletop exercises are crucial in compliance readiness and maintaining security certifications.&nbsp;</li></ul> Things to listen for: [01:58 - 02:40] Definition of an incident and incident response plan[03:55 - 04:34] Tips for creating an incident response plan[04:51 - 05:25] The role of incident response plans in overall risk management[05:33 - 06:00] How incident response plan maintain security and annual certifications[06:21 - 07:05] Definition of a tabletop exercise and its role in incident response plans[07:10 - 08:18] How often to conduct tabletop exercises and their challenges and benefits[08:34 - 09:19] Addressing compliance-related aspects through tabletop exercises[09:30 - 09:59] Compliance standards and the importance of testing incident response capabilities[10:06 - 10:36] Demonstrating a functional incident response plan during compliance audits[10:47 - 10:56] Structure of documentation for incident response plans and tabletop exercises[11:07 - 11:43] Tips on creating an incident response plan and the purpose of tabletop exercises[12:1 - 15:15] Jara’s receipts Resources: <a href="https://travasecurity.com/learn-with-trava/blog/data-security-101-decoding-incidents-and-breaches" rel="noopener noreferrer" target="_blank">Data Security 101: Decoding Incidents and Breaches</a><a href="https://travasecurity.com/learn-with-trava/blog/data-breach-preparedness-developing-an-incident-response-plan?utm_source=casted&amp;utm_medium=podcast&amp;utm_campaign=thetea" rel="noopener noreferrer" target="_blank">Data Breach Preparedness: Developing an Incident Response Plan</a><a href="https://travasecurity.com/learn-with-trava/resources/tips-for-talking-to-customers-after-getting-hacked?utm_source=casted&amp;utm_medium=podcast&amp;utm_campaign=thetea" rel="noopener noreferrer" target="_blank">7 Tips for Talking to Your Customers After Getting Hacked</a> Connect with the Guest:<a href="https://www.linkedin.com/in/christina-annechino/" rel="noopener noreferrer" target="_blank">Christina Annechino’s LinkedIn</a> Connect with the host:<a href="https://www.linkedin.com/in/jararowe/" rel="noopener noreferrer" target="_blank">Jara Rowe’s LinkedIn</a> Connect with Trava:Website<a href="http://www.travasecurity.com/?utm_source=casted&amp;utm_medium=podcast&amp;utm_campaign=podcast_share" rel="noopener noreferrer" target="_blank"> www.travasecurity.com&nbsp;</a>Blog<a href="https://travasecurity.com/learn-with-trava/blog?utm_source=casted&amp;utm_medium=podcast&amp;utm_campaign=podcast_share" rel="noopener noreferrer" target="_blank"> www.travasecurity.com/blog</a>LinkedIn<a href="https://www.linkedin.com/company/travasecurity/?utm_source=casted&amp;utm_medium=podcast&amp;utm_campaign=podcast_share" rel="noopener noreferrer" target="_blank"> @travasecurity</a>YouTube<a href="https://www.youtube.com/@travasecurity?utm_source=casted&amp;utm_medium=podcast&amp;utm_campaign=podcast_share" rel="noopener noreferrer" target="_blank"> @travasecurity</a>

Christina Annechino

Cybersecurity Analyst at Trava

Mastering Incident Response Plans and Tabletop Exercises with Christina Annechino, Trava

“Keeping the inventory up to date, make sure that you have all possible points of entry covered and accounted for, similar to a building. When people try to put safeguards for a building, you're doing it, but just like on a network that you can't really physically see if you're missing an asset, that is a hole for an attacker to get into, and we do not want to give them easy access to things for sure.” - Marie Joseph This episode's conversation covers the basics of asset inventories and asset management with host Jara Rowe and guest Marie Joseph, Senior Security Solutions Engineer at Trava. We discuss the categories of assets and the challenges of establishing a comprehensive asset inventory.Hear how tracking and managing hardware and software within an organization is necessary for cybersecurity compliance. We dissect the impact of Bring Your Own Device (BYOD) policies on asset management, the concept of shadow IT, and the role of automated tools and technologies in asset management tasks. In this episode, you’ll learn:&nbsp; <ul><li>Why asset inventories are a crucial part of cybersecurity and compliance and the challenges of continuous upkeep.</li><li>How “Bring Your Own Device” (BYOD) policies help and hinder operations, including cybersecurity risk levels.</li><li>Why most compliance frameworks require companies to maintain different types of inventories to ensure that security and privacy measures are in place and monitored to meet regulatory requirements.&nbsp;</li></ul> Things to listen for: [00:00 - 00:18] Intro to The Tea on Cybersecurity[00:48 - 02:44] The definition of asset inventory and asset management[04:06 - 04:34] Maintaining an accurate software inventory for compliance with licensing agreements[04:34 - 05:51] Common challenges with establishing a complete asset inventory[07:42 - 09:27] Explanation of shadow IT, traditional asset management, and cybersecurity efforts[09:34 - 10:29] How asset management contributes to maintaining compliance.[12:04 - 13:30] Using automated tools in asset management tasks for continuous compliance[13:48 - 14:55] The importance of tracking all devices connected to a network[15:23 - 17:48] Jara’s receipts Resources:<a href="https://travasecurity.com/learn-with-trava/blog/from-bonnie-and-clyde-to-hackers-taking-the-first-step-to-protecting-your-digital-assets?utm_source=casted&amp;utm_medium=podcast&amp;utm_campaign=thetea" rel="noopener noreferrer" target="_blank">From Bonnie and Clyde to Hackers: Taking the First Step to Protecting Your Digital Assets</a><a href="https://travasecurity.com/learn-with-trava/blog/regular-software-updates-and-patching-the-importance-of-staying-on-top-of-this?utm_source=casted&amp;utm_medium=podcast&amp;utm_campaign=thetea" rel="noopener noreferrer" target="_blank">Regular Software Updates and Patching: The Importance of Staying on Top of This</a> Connect with the Guest:<a href="https://www.linkedin.com/in/marie-joseph-a81394143/" rel="noopener noreferrer" target="_blank">Marie Joseph's LinkedIn</a> Connect with the host:<a href="https://www.linkedin.com/in/jararowe/" rel="noopener noreferrer" target="_blank">Jara Rowe’s LinkedIn</a> Connect with Trava:Website <a href="http://www.travasecurity.com/?utm_source=casted&amp;utm_medium=podcast&amp;utm_campaign=podcast_share" rel="noopener noreferrer" target="_blank">www.travasecurity.com&nbsp;</a>Blog <a href="https://travasecurity.com/learn-with-trava/blog?utm_source=casted&amp;utm_medium=podcast&amp;utm_campaign=podcast_share" rel="noopener noreferrer" target="_blank">www.travasecurity.com/blog</a>LinkedIn <a href="https://www.linkedin.com/company/travasecurity/?utm_source=casted&amp;utm_medium=podcast&amp;utm_campaign=podcast_share" rel="noopener noreferrer" target="_blank">@travasecurity</a>YouTube <a href="https://www.youtube.com/@travasecurity?utm_source=casted&amp;utm_medium=podcast&amp;utm_campaign=podcast_share" rel="noopener noreferrer" target="_blank">@travasecurity</a>

Marie Joseph

Senior Security Solutions Engineer at Trava

Navigating Asset Management and Compliance with Marie Joseph, Trava

“Not only do we need to understand what risks might exist, but we need to understand what impact that might have. That goes into both the chance that they're going to happen and the chance that they're going to be successful in creating damage, and then also the likely damage that's going to happen from them.” - Michael MagyarOn this week’s episode, host Jara Rowe gets the tea on risk management with Trava’s vCISO consultant, Michael Magyar. Hear what risk management is, how it differs from crisis management, and what considerations fall under each to maintain compliance.&nbsp; This episode serves as a comprehensive guide for listeners looking to gain a better understanding of risk management, compliance, and general cybersecurity practices. Michael encourages a proactive approach to risk assessment and management to enhance organizational cybersecurity with actionable advice.&nbsp; What you’re learn:<ul><li>Why risk management is proactive and crisis management is reactive, and how to approach both from a preparation standpoint.</li><li>What components of risk management realistically fall under compliance, and why understanding this helps you mitigate potential risk.</li><li>How to start small with risk assessment to identify possible risks and how they might impact your business to build a foundation for effective risk management and cybersecurity practices.&nbsp;</li></ul> Things to listen for:[02:57 - 03:28] Explanation of risk as exposure to danger, harm, or loss[05:45 - 06:53] The importance of risk management for businesses[06:59 - 07:54] Comparison of risk management and crisis management[08:14 - 10:00] Key components of being proactive in cybersecurity[10:07 - 12:27] The role of risk management in compliance efforts[12:37 - 14:38] Challenges and tips in aligning risk management with compliance standards[15:17 - 17:47] Michael's advice for organizations and general cybersecurity[17:55 - 20:32] Jara’s receipts Resources:<a href="https://travasecurity.com/learn-with-trava/blog/how-to-choose-the-right-cyber-risk-management-solution-provider?utm_source=casted&amp;utm_medium=podcast&amp;utm_campaign=thetea" rel="noopener noreferrer" target="_blank">How to Choose the Right Cyber Risk Management Solution Provider</a><a href="https://travasecurity.com/learn-with-trava/blog/what-is-risk-management?utm_source=casted&amp;utm_medium=podcast&amp;utm_campaign=thetea" rel="noopener noreferrer" target="_blank">What is Risk Management?</a> Connect with the host:<a href="https://www.linkedin.com/in/jararowe/" rel="noopener noreferrer" target="_blank">Jara Rowe’s LinkedIn</a> Connect with Trava:Website <a href="http://www.travasecurity.com/?utm_source=casted&amp;utm_medium=podcast&amp;utm_campaign=podcast_share" rel="noopener noreferrer" target="_blank">www.travasecurity.com&nbsp;</a>Blog <a href="https://travasecurity.com/learn-with-trava/blog?utm_source=casted&amp;utm_medium=podcast&amp;utm_campaign=podcast_share" rel="noopener noreferrer" target="_blank">www.travasecurity.com/blog</a>LinkedIn <a href="https://www.linkedin.com/company/travasecurity/?utm_source=casted&amp;utm_medium=podcast&amp;utm_campaign=podcast_share" rel="noopener noreferrer" target="_blank">@travasecurity</a>YouTube <a href="https://www.youtube.com/@travasecurity?utm_source=casted&amp;utm_medium=podcast&amp;utm_campaign=podcast_share" rel="noopener noreferrer" target="_blank">@travasecurity</a>

Recent Episodes

SEASON 3

Beyond SaaS: What Cybersecurity Looks Like in Healthcare and Banking

Identifying Third-Party Vendor Risks with Michael Magyar, Trava

Cyber Trust and Transparency with John Boomershine, BlackInk IT

Defending Your Data Through Cyber Hygiene with Industry Experts Craig Saldanha and Mario Vlieg, Insight Assurance

Mastering Incident Response Plans and Tabletop Exercises with Christina Annechino, Trava

Navigating Asset Management and Compliance with Marie Joseph, Trava

Deciphering Risk Management and Compliance with Michael Magyar

About The Show

The Tea on Cybersecurity

Jara Rowe

Marketing Manager at Trava