Discover practical governance advice for running a security program effectively in this 54-minute conference talk from Derbycon 7. Learn from security experts Justin Leapline and Rockie Brockw as they delve into essential security skills, frameworks, and goals. Explore core requirements for successful security management, including understanding your audience and executive management. Gain insights on assessing breach risks, protecting critical data, and identifying assets. Master the art of defining risk measurement categories, conducting business risk assessments, and implementing effective metrics. Dive into Enterprise Security Architecture, Threat Management Metrics, and Executive Level Metrics. Get a demo of GRC tools, PCI compliance strategies, and learn about authoritative sources, risk cataloging, and dynamic search techniques. Equip yourself with the knowledge to run your security program like a boss and prepare for future challenges in the ever-evolving cybersecurity landscape. Read more