Prepare Customers for New SEC Rules on Cybersecurity Event Disclosure
AWS Security Bytes Newsletter
October 13, 2023
On July 26, 2023 the SEC adopted “Cybersecurity Risk Management, Strategy, Governance, and Incident Disclosure for Public Companies”. In the AWS Security Bytes Newsletter, Dutch Schwartz highlights key components of the new regulation and provides guidance for CISOs, CTOs, and CIOs on areas for concern and provides reference documents.
See publication
Tags: Cybersecurity, IT Leadership, Security
Cybersecurity strategy is about people
LinkedIn
February 28, 2020
I'm reflecting on the RSA Conference and this analogy came to mind:
What if you threw a birthday party and nobody came?
That’s similar to planning a great security strategy and then failing to execute well. Like your party, you have lots of excitement during the planning phase. But if you fail to execute - you end up eating your cake all alone.
See publication
Tags: Cloud, Cybersecurity, Business Strategy
What CISOs Really Want
LinkedIn
June 27, 2019
When looking to build a bridge between CISOs and security vendors, I couldn’t think of a more Zen place to start than the real-life Dude Who Abides, Jeff Bridges.
In the interview above he’s talking about he and his wife, but the feeling is spot on for CISOs and security vendors. Each side needs the other, but we often end up not understanding what the other needs… we don’t “get it”.
See publication
Tags: Cloud, Cybersecurity, Business Strategy
Here's How to Develop Trust in Cyber Security
LinkedIn
March 24, 2019
This was the succinct response given by a customer of mine when asked to share how he frames his interactions with cyber security vendors.
What struck me about this is the order of those questions: Competence is important and relevant, but it begins with trust. And? It ends with a feedback loop based on performance.
That observation is crucial if you want to provide value to your customers in cyber security. The initial decision about trust is an emotional judgment, not a rational fact-based assessment.
See publication
Tags: Cloud, Cybersecurity, Business Strategy
Cutting Costs Is Not a Strategy
LinkedIn
February 23, 2019
As has been widely reported, Berkshire Hathaway took a $3 billion non-cash loss related to its investment in Kraft Heinz. Delving into this, CNN Business notes that Kraft Heinz CEO Bernardo Hees blamed the company's operations. Hees stated, "We are overly optimistic on delivering savings that did not materialize by year-end." JPMorgan Chase analyst Kenneth Goldman suggests that the cost-cutting strategy damaged Kraft and Oscar Mayer as brands.
See publication
Tags: Cloud, Cybersecurity, Business Strategy
Three Tips for Cybersecurity Collaboration
LinkedIn
February 12, 2019
Collaboration in this context means two or more people working together to achieve an outcome that benefits them, either separately or together.
The cybersecurity community shares goals around mitigating, preventing, and responding to threat actors. But, we have inherent challenges around confidentiality, privacy, and degrees of trust. How can we best solve those?
See publication
Tags: Cloud, Cybersecurity, Business Strategy
2019: The year we finally get serious about collaboration in cybersecurity.
LinkedIn
December 26, 2018
If you were expecting something edgier, I apologize. But I truly think collaboration is emergent in several of the trends I’m seeing. And on a human level, we need it after a couple of dismal fear-soaked years.
We will experience more engagement from security execs with their employees, more discussion (rather than lectures) between security vendors and customers, and an acceleration of semi-formal groups that push us forward, together.
See publication
Tags: Cloud, Cybersecurity, Business Strategy
How To Develop a Culture of Cybersecurity
ASM Connected
May 11, 2023
In this episode of ASM Connected, Iain Tomkinson chats with Dutch Schwartz, Global Head for Security and Strategic Industries for Amazon Web Services. They discuss cloud security, the importance of security culture and how to keep pace with the future of technology. Dutch holds a Master’s of Business Administration in Global Management and was a strategy and planning officer in the US Army. He combines his formal training with his practical experience in cyber security to develop cloud security strategies for customers of Amazon Web Services.
See publication
Tags: Cybersecurity, Leadership, Security
Characteristics of successful CISO with Dutch Schwartz
YouTube
January 25, 2023
In this episode of Seat at the Table, Jerich sits down with AWS security executive Dutch Schwartz, who has worked with and advised CISOs at some of the top organizations in the world. In this conversation, we will be discussing the characteristics of the best security leaders Dutch has encountered in his career. Don't miss this opportunity to learn from a true industry expert and gain insight into what it takes to be a successful security leader. Tune in and discover the secrets of the best in the business!
See publication
Tags: Cloud, Cybersecurity, Security
Lessons Learned When Migrating from On Prem to Cloud - Dutch Schwartz
YouTube
April 08, 2021
Less than 15% of enterprise customers are primarily cloud native. With so many companies still in early stages of cloud migration, what are the key lessons learned from early adopters as well as digitally native companies? What are common mistakes and how can one avoid them?
See publication
Tags: Cloud, Cybersecurity, Business Strategy
Interview with a Vendor w/ Dutch Schwartz
Hacker Valley
March 31, 2021
In this episode, host and CISO Allan Alford interviews his friend Dutch Schwartz, Principal Security Specialist at Amazon Web Services. Dutch is a vendor, but do not press 'stop' just yet! Dutch is an empathetic outsider, an observor, and a constant learner and researcher. He brings some unique insights to our practice.
Dutch talks about his encounters with CISOs and their direc staffs, and opines on the debate as to how technical a CISO should be (versus business-oriented).
Allan and Dutch discuss healthy vs. unhealthy (Dutch prefers the term 'challenging') security cultures.
Dutch talks about all security efforst aligning with business initiatives, and Allan espouses his theory that all CISO actions should ties to business initiatives, risk reduction, and maturity improvement.
Dutch remains enthused about cybersecurity because of conversations like this very interview.
See publication
Tags: Cloud, Cybersecurity, Business Strategy
The Cloud's Influence on the Evolving Culture of Security - Dutch Schwartz
YouTube
February 22, 2021
Dutch Schwartz, Cloud Security Strategist at AWS, discusses cloud's influence on the evolving culture of security. Having worked with many Fortune 500 CISOs and CIOs, Dutch will share his thoughts on risk, aligning to the business, and how cloud can accelerate, but also change the way we approach security.
See publication
Tags: Cloud, Cybersecurity, Business Strategy
Shoud CISO's be licensed? A conversation with Dutch Schwartz
YouTube
January 20, 2021
Should CISO's be licensed? Should we require more of these leaders for how much responsibility they have? Join me and special guest, Dutch Schwartz, as we discuss this topic, and many more.
See publication
Tags: Cloud, Cybersecurity, Business Strategy
#VeteranNovember with Dutch Schwartz
YouTube
November 10, 2020
This is a special series dedicated to the men and women who volunteered and served in uniform in their home nations. This special series is highlighting these men and women who have transitioned from the military to a successful civilian career in Information Security. In Each episode we discuss their service, how they transitioned to working as civilians in Information security and their successes and failures in that process.
See publication
Tags: Cloud, Cybersecurity, Business Strategy
Dutch Schwartz Interview | cybersecurity | risk management
YouTube
August 26, 2020
Join Dutch Schwartz and I as we discuss pre COVID cyber risks, being the business enabler and risk management. We also cover what the new water cooler talk and best way to kick back on a Friday is.
See publication
Tags: Cloud, Cybersecurity, Risk Management
RESILIENT CYBER - EPISODE 2 - DUTCH SCHWARTZ - CLOUD SECURITY, CULTURE AND THE WORKFORCE
Resilient Cyber Podcast
May 07, 2021
Dutch Schwartz, Cloud Security Strategist at AWS, is the first guest interview for the Resilient Cyber Podcast hosted by Chris Hughes and Dr. Nikki Haley. Chris and Dr. Nikki interview Dutch to gain insights into leadership in cybersecurity, lessons learned when accelerating your business into the cloud, how securing the cloud differs from hybrid and on-prem, and thoughts on leading through difficult times.
See publication
Tags: Cloud, Culture, Cybersecurity
A Mental Model for Cybersecurity: Tips to Enable your Business
LinkedIn
October 03, 2021
Per the 2021 Verizon Data Breach Investigations Report, more than 85% of breaches involve a human factor yet we keep trying to solve our challenges with tools alone. Culture is the missing piece. Culture is what unlocks your strategy so you can safely enable your business as it rapidly transforms.
See publication
Tags: Cloud, Cybersecurity, Leadership
How Do Enterprise CISOs to Drive Success with Digital Transformation and Cloud?
LinkedIn
September 21, 2021
The CISO role has rapidly evolved in the past 2 years from "cost center underneath IT which we rarely think about" to chief cybersecurity risk advisor to the CEO, CFO, and board of directors. Based on extensive work with enterprise cloud CISOs, Dutch Schwartz provides a definition for the modern enterprise CISO that we can use when hiring or to tune our career focus.
See publication
Tags: Cloud, Cybersecurity, Leadership
What Can Business Leaders Learn from the U.S. Army?
LinkedIn
June 14, 2021
Dutch Schwartz leverages his learning in the U.S. Army as an operations, plans, and training officer during Operation Iraqi Freedom to provide key tips for modern business leaders. Management and leadership are often conflated in literature and popular media forums, but they are fundamentally different. The video highlights actionable steps for training and leading large teams.
See publication
Tags: Business Strategy, Cybersecurity, Leadership
How to create cybersecurity policies that matter
Import from youtube.com
September 09, 2020
See publication
Tags: Cloud, Cybersecurity, Leadership
CISOs and the hostile peace with cybersecurity vendors
Import from youtube.com
August 13, 2020
See publication
Tags: Cloud, Cybersecurity, Leadership
How to Avoid the Paradox of Action
Import from youtube.com
August 13, 2020
See publication
Tags: Cloud, Cybersecurity, Leadership
Why do humans collaborate more than chimpanzees?
Import from youtube.com
August 13, 2020
See publication
Tags: Cloud, Cybersecurity, Leadership
Leadership in Cybersecurity. Tactics without strategy won't result in sustainable change.
Import from youtube.com
August 09, 2020
See publication
Tags: Cloud, Cybersecurity, Leadership
Create cybersecurity strategies without losing the board of directors in technical jargon.
Import from youtube.com
August 09, 2020
See publication
Tags: Cloud, Cybersecurity, Leadership
How to speed adoption of cybersecurity
Import from youtube.com
August 09, 2020
See publication
Tags: Cloud, Cybersecurity, Leadership
If CISOs Don't Own Cybersecurity Risk, Who Does?
Import from youtube.com
August 09, 2020
See publication
Tags: Cloud, Cybersecurity, Leadership
For Cybersecurity teams: Why Range Is More Important Than 10,000 Hours
Import from youtube.com
August 09, 2020
See publication
Tags: Cloud, Cybersecurity, Leadership
What Cybersecurity Teams Can Learn from the Military
Import from youtube.com
August 09, 2020
See publication
Tags: Cloud, Cybersecurity, Leadership
How to develop soft skills in cybersecurity and the cloud
Import from youtube.com
August 09, 2020
See publication
Tags: Cloud, Cybersecurity, Leadership
Leverage DevSecOps to Maximize AWS Security
BrightTalk
October 06, 2021
Organizations that are embracing DevSecOps enjoy enhanced automation throughout the software delivery pipeline thereby, eliminating risks and reducing attacks and downtime. If you intend to integrate security into your DevOps framework, attend this webinar to gain more insights into,
1) Demystifying DevSecOps
2) Striking the right balance of DevSecOps Maturity
3) What is different about DevSecOps on AWS Cloud
See publication
Tags: Cybersecurity, Emerging Technology, DevOps
Black Swans, Gray Rhinos, and Pink Elephants: 3 Tips on Rethinking Cybersecurity
ISSA Cybersecurity Executive Forum
August 23, 2021
The business imperatives of digital transformation, DevOps, automation, and cloud create pressure for security teams to move faster to enable the speed of business. Doing it securely often creates tension with business units and development and product teams. Culture is one key tool that CISOs and security leaders can use to develop rapport with business peers, align teams, and reduce friction. In the session we’ll review an effective cybersecurity culture model, supported with examples of how innovative F500 companies tune their culture to enable rapid business scale. Talent acquisition tips and success metrics to share with your board will be covered so that attendees leave with simple actionable advice they can implement immediately.
As part of the ISSA Executive Series, we'll dig deep into why we enterprises make simple mistakes due to cognitive biases and examine real-world tips on how to improve security for enterprises and complex organizations - at cloud speed and scale.
See publication
Tags: Cloud, Cybersecurity, Leadership