The Business of Security

#37 – Leveraging Information Sharing To Protect Your Organization, with Bill Nelson

In this episode, guest Bill Nelson, CEO of the Global Resiliency Federation (GRF), talks about the GRF’s mission to help organizations in myriad industries share critical security threat information so they can all better defend themselves. 

Bill lays out the history of GRF – how it emerged from the work he did at FS-ISAC, where he grew membership from 170 banks to 7,000. Bill led a team that was tasked with helping other industries set up their own security information sharing programs, based on what FS-ISAC was doing, leading to the creation of ISACs and ISAOs for legal, oil & gas, retail, energy, and healthcare.  

You’ll also learn how the Uniform Commercial Code, article 4, in its description of “commercially reasonable” security, and who’s financially liable after a breach, drove banks to take security controls like anomaly detection, MFA, and DDoS prevention a lot more seriously. 

GRF’s newest security information exchange, K12SIX, aims to protect K-12 schools, which have become the newest targets for ransomware, with attacks ballooning from 10 per year just a few years ago to more than 400 in 2020, and ransoms increasing from $20k to an astonishing $40M.

Guest:
Bill Nelson, CEO of Global Resilience Federation (GRF)

Host:
Chad Boeckmann, Founder/CEO, TrustMAPP

Sponsor:
TrustMAPP (https://trustmapp.com)