#225 - The Full Irish

In this episode of CSO Tradecraft, host G. Mark Hardy introduces 'The Full Irish,' a cybersecurity framework based on the '12 Steps to Cybersecurity' guidance from Ireland's National Cybersecurity Center. The episode covers comprehensive steps from governance and risk management to incident response and resilience, making it a valuable resource for cybersecurity professionals. G Mark also discusses the implications of multinational companies operating in Ireland, including tax strategies and notable GDPR fines. The episode provides pragmatic guidance and actionable insights to enhance your cybersecurity program. References: https://www.ncsc.gov.ie/pdfs/Cybersecurity_12_steps.pdf Transcripts: https://docs.google.com/document/d/1VLeRozClLZAkZsusYsUn4Q9_1v7WCoN0 Chapters  00:00 Introduction to the Full Irish 01:32 Why Ireland? 02:40 Tax Avoidance Schemes 04:25 GDPR Penalties and Data Protection 05:54 Overview of the 12 Steps to Cybersecurity 07:19 Step 1: Governance and Organization 09:24 Step 2: Identify What Matters Most 10:31 Step 3: Understanding the Threats 12:35 Step 4: Defining Risk Appetite 14:10 Step 5: Education and Awareness 16:00 Step 6: Implement Basic Protections 18:00 Step 7: Detect and Attack 19:37 Step 8: Be Prepared to React 21:24 Step 9: Risk-Based Approach to Resilience 22:52 Step 10: Automated Protections 23:58 Step 11: Challenge and Test Regularly 25:29 Step 12: Cyber Risk Management Lifecycle 26:29 Conclusion and Final Thoughts