Ask A CISO

Follow Ask A CISO
Share on
Copy link to clipboard

The Ask A CISO podcast is brought to you by Horangi Cyber Security, Asia's leader in cloud security. Every week, we chat with prominent CISOs and industry veterans from all over the world to get their insights into the most pressing cybersecurity issues t

Horangi Cyber Security


    • Aug 10, 2023 LATEST EPISODE
    • every other week NEW EPISODES
    • 33m AVG DURATION
    • 76 EPISODES


    Search for episodes from Ask A CISO with a specific topic:

    Latest episodes from Ask A CISO

    Cyber Threats & Evolution

    Play Episode Listen Later Aug 10, 2023 44:06


    Join host Jeremy Snyder, Founder & CEO of Firetail, in conversation with cybersecurity expert Christine Bejerasco, CISO, WithSecure. Delve into Christine's 20-year journey defending against cyber threats, exploring the evolution of cloud security, instilling a security-first culture, navigating SaaS data security, balancing built-in vs. bolt-on security, and anticipating future threats. Gain insights into technology selection, stakeholder buy-in, dispelling cloud security myths, staying ahead, and forging a successful career in this dynamic field. More information about the Ask A CISO podcast: About Horangi Cyber Security: https://www.horangi.com

    How AI is Disrupting and Transforming Cybersecurity Landscape

    Play Episode Listen Later Aug 3, 2023 34:16


    Artificial intelligence (AI) is changing the game for cybersecurity by analyzing massive quantities of risk data to speed up response times and augment under-resourced security operations. However, as all technology before AI, aside from advantages, they always come with a downside as well. AI tools often require access to large amounts of data in order to analyze and detect patterns; thus, data that it processes can be sensitive or personally identifiable, and there is a risk that it could be exposed or stolen through a cyber attack. AI-powered security systems also require skilled professionals who can develop, implement, and manage the technology. However, there is currently a shortage of professionals with the necessary skills and experience to work with AI in cybersecurity. In this episode we have Adi - Associate Principal Cybersecurity Consultant joining with Mr. Yusuf Purna - a veteran cyber leader to further discuss pros and cons about the AI role in cybersecurity.

    Cybersecurity : Tantangan dan Peluang Karir Masa Depan

    Play Episode Listen Later Jun 21, 2023 28:31


    Semakin masif adanya insiden cyber attack yang terjadi di Indonesia menjadikan kebutuhan akan talenta digital yang menguasai skill di bidang cyber security menjadi semakin mendesak bagi sektor publik maupun bisnis. Saat ini sudah banyak perusahaan di Indonesia membuka lowongan kerja di bidang ini dan tentunya permintaan talenta cybersecurity ke depannya akan semakin bertambah.  Bagaimana kesiapan Indonesia menciptakan sumber daya manusia dan talenta cybersecurity yang memenuhi kriteria dan siap bekerja di masa depan, dan bagaimana seluruh pihak dapat bersinergi untuk mendukung program tersebut.  Di episode Ask a CISO kali ini Manggala Eka Adideswar - Associate Principal Cybersecurity, Horangi Cyber Security bersama dengan Muhammad Rofi - Chairman of the Board Infradigital Foundation membahas topik CYBERSECURITY : TANTANGAN DAN PELUANG KARIR MASA DEPAN. 

    Career in Cybersecurity

    Play Episode Listen Later Jun 14, 2023 28:26


    In this episode of the Ask A CISO Podcast, hosted by Paul Hadjy, Co-founder & CEO of Horangi, we have the pleasure of welcoming Vikas Yadav, a highly experienced Information Security professional and the current CISO at an Indian e-commerce company. With a background in military service, Vikas shares his fascinating journey of transitioning from a military career to cybersecurity. Join us as we delve into misconceptions about the field, the evolving role of a CISO, key skills for aspiring professionals, daily responsibilities, critical cybersecurity threats, the importance of mentorship, and advice for those starting a career in cybersecurity. Don't miss this insightful episode! -- About Horangi Cybersecurity -- More information about the Ask A CISO podcast: https://www.horangi.com/resources/ask-a-ciso-podcast About Horangi Cyber Security: https://www.horangi.com

    Strategi Keamanan Siber Nasional untuk Melindungi Ekosistem Digital

    Play Episode Listen Later Jun 7, 2023 27:01


    Keamanan siber di tengah maraknya era digitalisasi saat ini menjadi perhatian utama para pemimpin organisasi dan perusahaan di seluruh dunia. Hal tersebut seiring dengan semakin meningkatnya kejadian insiden keamanan siber yang tidak sedikit mengakibatkan kerugian dengan nilai yang signifikan setiap tahunnya.  Di sepanjang tahun 2022,  sejumlah kasus serangan siber di Indonesia meningkat dan target serangan siber pun semakin meluas, bukan hanya berdampak pada  Perusahaan besar dan Pemerintah saja, namun juga sudah merambah kepada pengusaha/bisnis kecil. Dampak ekonomi dan kerugian secara finansial akibat serangan siber ini menjadi kekhawatiran tersendiri, sehingga memerlukan kerjasama dari segenap pihak guna melakukan pencegahan terhadap potensi serangan siber di masa mendatang.  Di episode Ask a CISO kali ini Darryl Chuan - Country Manager Horangi Cyber Security Indonesia bersama dengan Bapak Ariandi Putra - Juru Bicara Badan Siber dan Sandi Negara Republik Indonesia membahas peran BSSN dalam melindungi ekosistem digital melalui Strategi Keamanan Siber Nasional. 

    Cybersecurity in Enterprise

    Play Episode Listen Later Jun 2, 2023 40:11


    On this week's Ask A CISO Podcast, we are joined by Steve Orrin, Federal CTO of Intel, with host Jeremy Snyder, founder and CEO at Firetail and advisory board member at Horangi, to talk about cybersecurity in enterprise. Steve offers 30 years of success in a series of high-level roles at top tier companies and talks about the biggest cybersecurity challenges faced by organizations, particularly in the enterprise and federal government sectors: ransomware, data breaches, and supply chain threats. Tune in below to listen to the episode! - About Horangi Cybersecurity -- More information about the Ask A CISO podcast: https://www.horangi.com/resources/ask-a-ciso-podcast About Horangi Cyber Security: https://www.horangi.com - About the Guests -- Steve Orrin: https://www.linkedin.com/in/sorrin/

    Horangi Anniversary Special

    Play Episode Listen Later May 25, 2023 40:34


    In this week's Ask A CISO podcast, we are celebrating Horangi's anniversary! Host and Horangi CEO Paul Hajdy along with Niko, VP of Internal Security, Ivan, VP of Engineering, Lance, Senior Manager of Customer Success, and Bo Si, Director of Solutions Architecture, reflect on their journey at the company and share their insights on the future for cybersecurity. With over 30 years of combined experience between them at Horangi, the guests emphasize the increasing complexity and pace of technological advancements, the need to filter out noise and focus on critical issues, the growing demand for cybersecurity experts, and a shift towards user-friendly solutions to enable broader adoption. Tune in to listen to the conversation! -- About Horangi Cybersecurity -- More information about the Ask A CISO podcast: https://www.horangi.com/resources/ask-a-ciso-podcast About Horangi Cyber Security: https://www.horangi.com

    Understanding Password Vulnerabilities to Stay Safer Online

    Play Episode Listen Later May 19, 2023 41:35


    On this week's Ask A CISO Podcast, we are joined by Patrick Hynds, CEO and Founder of DTS and Pulsar Security, and Duane Laflotte, Chief Technology Officer of Pulsar Security over a conversation about everything passwords! Patrick and Duane have 50+ years of combined experience in cybersecurity and technology and have provided security services to Disney, the US Military, the Bank of America, the NHL, and more. With host Raphaël Peyret, Vice President, Product, Horangi, they talk about the different types of cyberattacks, how to protect yourself, and uncommon methods of breaking into networks, including the use of deceptive USB cables. Tune in to listen in to Patrick & Duane shed light on the vulnerabilities associated with common password practices and emphasizes the importance of creating unique and complex passwords to protect against cyberattacks.

    Decoupling Authorization From Your Applications

    Play Episode Listen Later Apr 27, 2023 42:21


    On this week's Ask A CISO Podcast, we are joined by Alex Olivier, Product Lead at Cerbos, who talks with host Raphaël Peyret, Vice President, Product, Horangi, about authorization vs authentication, how authorization fits into business logic, and how there are a lot of ways of approaching it for your cloud security. - About Horangi Cybersecurity -- More information about the Ask A CISO podcast: https://www.horangi.com/resources/ask-a-ciso-podcast About Horangi Cyber Security: https://www.horangi.com - About the Guests -- Alex Olivier: https://www.linkedin.com/in/alexolivier/

    Cloud Control Matrix

    Play Episode Listen Later Apr 18, 2023 31:37


    This week on Ask A CISO Podcast, Dr. Lee Hi Yang, Executive Vice President at Cloud Security Alliance Government Affairs joins host Jonar Marzan, Cyber Strategy Consultant at Horangi, to talk about the cloud control matrix (CCM), Cloud Security Alliance and what it does, and how they seek to educate users to use the cloud securely. - About Horangi Cybersecurity -- More information about the Ask A CISO podcast: https://www.horangi.com/resources/ask-a-ciso-podcast About Horangi Cyber Security: https://www.horangi.com - About the Guests -- Dr. Lee's LinkedIn: https://sg.linkedin.com/in/hing-yan-lee-b8a42b Website: https://cloudsecurityalliance.org/

    matrix ccm cloud security alliance cloud control
    Threat Modeling

    Play Episode Listen Later Apr 13, 2023 39:06


    Join us on this week's Ask A CISO podcast where we sit with Adam Shostack, a leading threat modeling expert, consultant, entrepreneur, technologist, author, and game designer with host Jeremy Snyder, Founder and CEO of FireTail.io and Horangi Advisory Board member. They discuss dealing with threats in a comprehensive way, the core of threat modeling, and why everyone can and should threat model - and Adam's latest book 'Threats: What Every Engineer Should Learn From Star Wars' that was published earlier in January. - About Horangi Cybersecurity -- More information about the Ask A CISO podcast: https://www.horangi.com/resources/ask-a-ciso-podcast About Horangi Cyber Security: https://www.horangi.com - About the Guests -- Adam's LinkedIn: https://www.linkedin.com/in/shostack/ Adam's Website: https://shostack.org/

    Quantifying Defence

    Play Episode Listen Later Apr 6, 2023 51:10


    Join us on this episode of the Ask A CISO podcast as we discuss how to quantify defence with Anant Shrivastava, an information security professional with over 15 yrs of corporate experience and expertise in Network, Mobile, Application, and Linux Security. Along with host Mark Fuentes, he discusses looking at the big picture, why DevSecOps as a term should not exist, and the value of investing in cybersecurity. - About Horangi Cybersecurity -- More information about the Ask A CISO podcast: https://www.horangi.com/resources/ask-a-ciso-podcast About Horangi Cyber Security: https://www.horangi.com - About the Guests -- Anant's LinkedIn: https://www.linkedin.com/in/anantshri/ Anant's Website: https://anantshri.info/

    Cybersecurity Outlook 2023 dan Peran Komunitas dalam Membangun Ketahanan Siber Nasional

    Play Episode Listen Later Mar 23, 2023 33:05


    Insiden kebocoran data masih menduduki kasus serangan siber tertinggi nomor  satu di Indonesia di awal tahun 2023, diikuti oleh ransomware dan kasus data breach di sejumlah sektor .  Pandemik beberapa tahun silam telah memaksa sejumlah perusahaan untuk melakukan transformasi digital dan perubahan pola bekerja bagi karyawannya, sehingga digital transformasi dipercepat dengan banyaknya teknologi baru yang diadopsi namun mereka melupakan masalah keamanan siber yang akan mengancam.  Edukasi terhadap kesadaran keamanan informasi atau security awareness penting untuk dilakukan, sehingga memerlukan support dari semua pihak untuk saling berkolaborasi salah satunya melalui peran komunitas yang dapat menjangkau banyak para praktisi keamanan siber dari sejumlah sektor dan tersebar di beberapa kota di indonesia. Di episode Ask a CISO kali ini Sumarlin -Lead Cybersecurity Consultant di Horangi Cyber Security Indonesia bersama dengan Bapak Digit Oktavianto membahas tren keamanan siber di tahun 2023 dan peran komunitas dalam membangun ketahanan siber nasional.

    Exploring the Challenges of Application Security

    Play Episode Listen Later Mar 15, 2023 51:27


    In this episode, we talk about application security with guest Tanya Janca. Hear our discussion on the tension between authentication and authorization, the prevalence of API security flaws, the upcoming open comment period for the new version of the OWASP Top Ten, and the inadequacy of API security measures. We also discussed the importance of designing an effective security program for different industry companies, the differences between CSPM and CASB, the use of tools, and the importance of keeping up with updates. Read the associated short blog on Application Security: https://www.horangi.com/blog/exploring-the-challenges-of-application-security - About Horangi Cybersecurity -- More information about the Ask A CISO podcast: https://www.horangi.com/resources/ask-a-ciso-podcast About Horangi Cyber Security: https://www.horangi.com - About the Guest -- Tanya's LinkedIn: https://www.linkedin.com/in/tanya-janca/ SheHacksPurple: https://shehackspurple.ca/ - Get Tanya's book here -- https://a.co/d/cY33RL0

    The Benefits of Threat Modeling

    Play Episode Listen Later Mar 8, 2023 40:24


    We are really excited about this episode because it's the first time this season that we are taking a deep dive into Threat Modeling with our esteemed guests, Izar Tarandach and Matthew J. Coles. If you're curious about threat modeling, join host Jeremy Snyder and our esteemed guests to learn of its benefits as they discuss their motivations for writing the book Threat Modeling: A Practical Guide for Development Teams and explain why it is essential to involve developers and other team members in the process. We also cover “shift left” security and discuss the value of incorporating threat modeling techniques to provide documentation, inform decision-makers, and help manage risk. Read the associated short blog on what Threat Modeling is: https://www.horangi.com/blog/the-benefits-of-threat-modeling - About Horangi Cybersecurity -- More information about the Ask A CISO podcast: https://www.horangi.com/resources/ask-a-ciso-podcast About Horangi Cyber Security: https://www.horangi.com - About the Guests -- Izar's LinkedIn: https://www.linkedin.com/in/izartarandach/ Matt Coles' LinkedIn: https://www.linkedin.com/in/matthew-coles-4330652/

    AI and ML in Cybersecurity

    Play Episode Listen Later Mar 1, 2023 49:51


    Join us on this episode of the Ask A CISO podcast as we discuss AI and ML in cybersecurity with Diana Kelley, CISO and co-founder of Cyberize. With International Women's Day in a week, we also look at the challenges of recruiting women and diversity in the tech sphere. Plus, there's a giveaway! So make sure you stay tuned to the entire episode and take part on LinkedIn to stand a chance of winning an autographed copy of the book "Practical Cybersecurity Architecture!" Host Jeremy Snyder and Diana started by discussing the organization WiCyS, short for Women in CyberSecurity, which promotes the recruitment, retention, and advancement of women in cybersecurity. We also discussed using Artificial Intelligence and Machine Learning in cybersecurity, how they can help analysts, managers, and those in charge of tracking and hunting down attacks, and further explored the implications of this technology, such as its application in healthcare, national security, and financial services, and how data provenance can be used to protect organizations. Read the associated short blog on what threats AI and ML present to cybersecurity here: https://www.horangi.com/blog/ai-ml-in-cybersecurity - About Horangi Cybersecurity -- More information about the Ask A CISO podcast: https://www.horangi.com/resources/ask-a-ciso-podcast About Horangi Cyber Security: https://www.horangi.com - About the Guest -- Diana's LinkedIn: https://www.linkedin.com/in/dianakelleysecuritycurve/

    AI and the Future of Mobile Security

    Play Episode Listen Later Feb 22, 2023 31:04


    On this podcast's fourth episode, we learn about mobile security from Amit Modi, the Chief Technology Officer (CTO) and CISO of Movius Interactive Corporation, a leading global provider of cloud-based secure mobile communications software. The company helps enterprises deliver better engagement for their clients., and connect with their customers in more convenient, cost-effective, and compliant ways. Host Jeremy Snyder and Amit also chat about cloud security, how you can secure your mobile devices, the primary attack vector against secured mobile communication, and what you should know about mobile communications. Read the associated short blog on what mobile security is and some opportunities and threats AI brings to mobile security here: https://www.horangi.com/blog/ai-and-the-future-of-mobile-security Read the transcript here: https://www.youtube.com/redirect?event=video_description&redir_token=QUFFLUhqbTRnS01xOHAyQUJtMmxxbWRKR3p4Z1hSUVZaQXxBQ3Jtc0tsQ3dFdGFNU1l4dXRUWF9RWkFTSGZqSWl4Y0lheE54ZEZuZnI2c2FsTEQ3WjFCS3phVWJJVE96eDVxUXB6MmdDQWpWeEFDU2hkS240bXNOTS1rQjRxRHJaenljdEMyaVB5QWNJVGE2bXIyVGZmblBMbw&q=https%3A%2F%2Finfo.horangi.com%2Fhubfs%2FAsk%2520A%2520CISO%2520Transcripts%2FAsk%2520A%2520CISO%2520SE03EP04%2520Transcript%2520-%2520AI%2520and%2520the%2520Future%2520of%2520Mobile%2520Security.pdf&v=ybeSkzRS4Vg - About Horangi Cybersecurity -- More information about the Ask A CISO podcast: https://www.horangi.com/resources/ask-a-ciso-podcast About Horangi Cyber Security: https://www.horangi.com - About the Guest -- Amit's LinkedIn: https://www.linkedin.com/in/amit-modi-5b1644/

    Mengenal Sanksi Bagi Penyalahgunaan Data Pribadi

    Play Episode Listen Later Feb 15, 2023 42:51


    Muhammad Rezafajri, S.H. (atau biasa disapa Reza atau Edja) adalah seorang advokat yang fokus pada Hukum Perusahaan dengan spesialisasi transaksi merger dan akuisisi perusahaan nasional dan multinasional. Reza juga berpengalaman menangani implementasi investasi asing di Indonesia seperti pengurusan pendirian perusahaan, waralaba asing, produksi, keagenan dan distributor obat-obatan dan alat kesehatan. Reza merupakan lulusan Fakultas Hukum Universitas Indonesia, sempat bekerja pada salah satu kantor hukum ternama di Indonesia dan dipercaya menduduki posisi Senior Associate sampai akhir tahun 2021, sebelum akhirnya sekarang membuka praktik hukumnya sendiri dan sekaligus menjabat sebagai Group General Counsel di Hukum Online. Setelah menunggu sejak 2019, akhirnya Perlindungan Data Pribadi disahkan menjadi Undang - Undang (UU PDP) pada 20 September 2022 dan ditandatangani Presiden pada 17 Oktober 2022. Pengesahan ini bertepatan dengan kian maraknya kasus kebocoran data pribadi Warga Negara Indonesia. Seperti dimuat dalam pertimbangannya, UU ini berfungsi untuk mewujuan hak warga negara terkait perlindungan data pribadi agar tidak disalahgunakan. Sejalan dengan berlakunya UU PDP ini, akan muncul tantangan yang baru, salah satunya bagi pelaku bisnis yang banyak menangani data pribadi WNI untuk kebutuhan pelayanan publik seperti contoh dalam bidang perbankan atau finansial. Di episode Ask a CISO kali ini Darryl Chuan - Country Manager Horangi Cyber Security Indonesia bersama dengan Muhammad Rezafajri - Group General Counsel di Hukum Online membahas secara rinci mengenai pelaksanaan UU PDP di Indonesia.

    Understanding DSPM & CSPM for Optimal Data Security

    Play Episode Listen Later Feb 8, 2023 25:58


    On this episode, we had the opportunity to speak to Tyler Young, the CISO at BigID, a leading modern data security vendor that helps organizations with their data security, privacy, compliance, and governance. Find out what key lessons Tyler learned as a newly-appointed CISO, how you can protect your data, and what he, as a CISO, thinks is the best way to implement and communicate security needs to various departments and people in an organization. You'll also learn more about Data Security Posture Management or DSPM and how and why Identity Management is closely tied to Data Security. Read the associated blog: Understanding DSPM & CSPM for Optimal Data Security here: https://www.horangi.com/blog/understanding-dspm--cspm-for-optimal-data-security - About Horangi Cybersecurity -- More information about the Ask A CISO podcast: https://www.horangi.com/resources/ask-a-ciso-podcast About Horangi Cyber Security: https://www.horangi.com - About the Guest -- Tyler's LinkedIn: https://www.linkedin.com/in/tyler-young-07841085/

    Cybersecurity Risks and Business Context

    Play Episode Listen Later Feb 1, 2023 32:22


    Happy New Year! We are back with Season 3 of the Ask A CISO podcast, following a brief two-month hiatus! So, a new year + new season = new things, like new opening and closing themes, new guests, and a new blog related to a topic discussed in (almost) every episode! On our first episode for the new season, we had the pleasure of sitting down with the Co-Founder and Chief Customer Officer of Secberus, Fausto Lendeborg to talk about how he got into cybersecurity, data privacy, DDoS attacks, managing alert fatigue and understanding what IaC, SaC, and PaC are. Read the associated blog: A Simple Guide to IaC, PaC, SaC, MttD, and MttR here: https://www.horangi.com/blog/cybersecurity-risks-and-business-context - About Horangi Cybersecurity -- More information about the Ask A CISO podcast: https://www.horangi.com/resources/ask-a-ciso-podcast About Horangi Cyber Security: https://www.horangi.com - About the Guest -- Fausto's LinkedIn: https://www.linkedin.com/in/faustolendeborg/

    Looking back with the Hosts (The Last Episode)

    Play Episode Listen Later Dec 6, 2022 23:06


    It's our 44th episode and also the LAST for Season 2. Thank you for your amazing support of the Ask A CISO podcast since Season 2 started in February 2022. We've thoroughly enjoyed the opportunity to talk to cybersecurity experts from all over the world over these 9 months, and hope you enjoyed their insights too. In this last episode, we speak to our CEO, Paul Hadjy, Natasha, and Adi from our Indonesia office, Raphael Peyret, Vice-President of Product, and our US host, Jeremy Snyder, about their experience hosting the podcast. Once again, thank you for supporting the Ask A CISO podcast. We wish you a Merry Christmas and a Happy 2023 and look forward to your continued support when the new season starts in Feb 2023.

    API Security

    Play Episode Listen Later Nov 23, 2022 35:50


    Veteran cybersecurity professional and our U.S.-based host Jeremy Snyder sits in the guest seat this week to talk about his new startup, FireTail.io, a company that offers simple yet effective API security. In this episode, we explore a topic that we have not featured before in the previous 40+ episodes -- API Security and its relation to cloud security. The Ask A CISO podcast is a production of Horangi Cyber Security, Asia's leading cloud security provider. The show is hosted weekly by cofounder and CEO, Paul Hadjy. -- Show Notes and Transcript -- https://www.horangi.com/blog/api-security -- About Horangi Cybersecurity -- More information about the Ask A CISO podcast: https://www.horangi.com/resources/ask-a-ciso-podcast About Horangi Cyber Security: https://www.horangi.com - About the Guest -- Jeremy's LinkedIn: https://www.linkedin.com/in/jeremysnyder/ -- Attributions -- Ending Music: “I Dunno” by Grapes http://ccmixter.org/files/grapes/16626 Creative Commons — Attribution 3.0 Unported— CC BY 3.0 Free Download / Stream: https://bit.ly/i-dunno-grapes Music promoted by Audio Library https://youtu.be/sNAE8-mB5lQWe

    Linux and the Enterprise

    Play Episode Listen Later Nov 16, 2022 30:00


    Fabrice Marie, a successful French serial technology entrepreneur who was previously CISO at giants like Lazada and Air Asia joins us this week to talk about cybersecurity and how the Linux-based OS from his new startup helps organizations. The Ask A CISO podcast is a production of Horangi Cyber Security, Asia's leading cloud security provider. The show is hosted weekly by cofounder and CEO, Paul Hadjy. -- Show Notes and Transcript -- https://www.horangi.com/blog/linux-and-the-enterprise -- About Horangi Cybersecurity -- More information about the Ask A CISO podcast: https://www.horangi.com/resources/ask-a-ciso-podcast About Horangi Cyber Security: https://www.horangi.com - About the Guest -- Fabrice's LinkedIn: https://www.linkedin.com/in/fabricema... -- Attributions -- Ending Music: “I Dunno” by Grapes http://ccmixter.org/files/grapes/16626 Creative Commons — Attribution 3.0 Unported— CC BY 3.0 Free Download / Stream: https://bit.ly/i-dunno-grapes Music promoted by Audio Library https://youtu.be/sNAE8-mB5lQWe

    The Cyber Defense Matrix

    Play Episode Listen Later Nov 9, 2022 40:07


    Sounil Yu, author of The Cyber Defense Matrix, joins host Jeremy Snyder this week to talk about his bestselling book, and what we could all learn from it. We also held our first-ever giveaway, a copy of Sounil's book. If you participated in it, tune in to find out what Sounil's answer to your question was and if you've won! The Ask A CISO podcast is a production of Horangi Cyber Security, Asia's leading cloud security provider. The show is hosted weekly by cofounder and CEO, Paul Hadjy. -- Show Notes and Transcript -- https://www.horangi.com/blog/the-cyber-defense-matrix -- About Horangi Cybersecurity -- More information about the Ask A CISO podcast: https://www.horangi.com/resources/ask-a-ciso-podcast About Horangi Cyber Security: https://www.horangi.com --- About the Guest -- Sounil's LinkedIn: https://www.linkedin.com/in/sounil/ -- Attributions -- Ending Music: “I Dunno” by Grapes http://ccmixter.org/files/grapes/16626 Creative Commons — Attribution 3.0 Unported— CC BY 3.0 Free Download / Stream: https://bit.ly/i-dunno-grapes Music promoted by Audio Library https://youtu.be/sNAE8-mB5lQWe

    Hypponen's Law: If it's Smart, It's Vulnerable

    Play Episode Listen Later Nov 2, 2022 38:32


    Mikko Hypponen, bestselling author of If It's Smart, It's Vulnerable, joins us this week to talk about the Hypponen Law, the future of the internet, the worrying trend that he foresees in the future with respect to cybercriminal gangs, and how he thinks we can best combat the new developments when they come to fruition. He also laments the loss of privacy in the internet age and gives us a few tips to secure our environments and regain some of our privacy. Learn about:

    The Importance of Good Cyber Hygiene

    Play Episode Listen Later Oct 26, 2022 28:26


    So you've made the transition to the cloud, but you're wondering how it is that your cloud costs are so high. Is it supposed to be that way when the cloud promises competitive advantages and cost savings? It's all down to cloud sprawl and practicing good cyber hygiene, according to Nick Lumsden, our guest this week. Join host Jeremy Snyder as he speaks with Nick Lumsden, co-founder, and CTO at Tenacity Cloud to understand how cyber hygiene is key to reducing cloud sprawl, cloud costs, and perhaps even more importantly, reducing your attack surfaces. Learn about:

    Project Zero Trust

    Play Episode Listen Later Oct 19, 2022 25:49


    The old mantra that humans are the weakest link in cybersecurity should be discarded, according to George Finney. Listen in as we talk to him about why he thinks so, and why he chose to draw from sciences like psychology, neuroscience, history, and economics for his first book Well Aware. We also had George define Zero Trust and talk about his new book Project Zero Trust, which he co-authored with John Kindervag, the “father” of Zero Trust. Learn about:

    Mengenal Insider Threat - Deteksi, Monitor dan Pencegahannya

    Play Episode Listen Later Oct 11, 2022 40:46


    Maraknya berbagai bentuk serangan siber mulai dari kebocoran data, serangan malware, pencurian identitas, social engineering dan kasus serangan siber lainnya menjadi perhatian seluruh pihak khususnya penggiat bisnis dan Organisasi. Namun bagaimana apabila serangan tersebut nyatanya berasal dari orang-orang di dalam organisasi yang memiliki akses terhadap sejumlah informasi, data dan sistem keamanan perusahaan, yang berasal dari karyawan, mantan karyawan, atau rekan bisnis. Di episode Ask a CISO kali ini Natasha Amadea bersama dengan Yohanes Syailendra - Cyber Security Lead sebuah Bank Digital terkemuka di Indonesia membahas mengenai Insider Threat dengan topik pembahasan:

    Modern Security Awareness Programs and People-Centric Cybersecurity

    Play Episode Listen Later Oct 5, 2022 36:47


    Cybersecurity awareness training can be long and boring. With shorter attention spans and work at the back of your mind, sitting through a training session may seem like a waste of time. How should cybersecurity awareness training be conducted in this landscape? We speak to Theo Nasser, Founder, and CEO of RIght-Hand Cybersecurity, to learn about modern cybersecurity awareness training and people-centric cybersecurity. Learn about:

    Threat Hunting and Incident Response

    Play Episode Listen Later Sep 28, 2022 37:46


    We speak to Harlan Carvey, Senior Incident Responder in R&D at Huntress, to understand what threat hunting is, and even learn how surprisingly easy it is to tell if an account has been compromised! Harlan and host Jeremy also explore the claim that there's a lack of cybersecurity talents and whether organizations should have an organic incident response, outsource the function to managed service providers, or adopt an approach that combines both choices. Learn about:

    CrowdSec, Meshed Security that Leverages Numbers for Strength

    Play Episode Listen Later Sep 21, 2022 42:02


    It seems like the adversaries have all the advantages stacked in their favor. They can attack any time, and only need to get lucky once to breach our cloud investments. On the other hand, we have to ensure that our cloud infrastructure is always secure. So what can we do about this complicated problem? We speak with Philippe Humeau of CrowdSec to understand how we can leverage our numbers as a countermeasure. Along the way, we also discuss social engineering, and how we can safeguard against phishing attacks. Tune in to this episode to also hear:

    ISACs, Information Sharing, and Building Cyber Resilience

    Play Episode Listen Later Sep 14, 2022 35:38


    Our ancestors shared information on threats with their communities to ensure survival. The same is necessary for today's digital landscape. Businesses need to share information pertinent to their verticals to remain resilient against threats, but how can we do that in a diverse business environment while encouraging sharing? We speak to John Lee, Managing Director at Global Resilience Federation Asia Pacific to learn the important roles ISACs play and how they help organizations like yours build cyber resilience. Tune in to this episode to also hear:

    Ready, Game, Train, GO!

    Play Episode Listen Later Sep 6, 2022 40:23


    Think back to when you first studied cybersecurity. Was it not only dry but also hard to learn? Now, if only you had a game like World of Haiku to help make learning fun and help you make sense of what you've learned and choose the right path to take for your cybersecurity career, things might have been so much easier! We sit down with Eric Basu, CEO at Haiku, Inc., the brains behind the game World of Haiku to help us learn about the genesis and inspiration behind the game, how it has been received so far, how it has helped people who are looking to break into cybersecurity jobs, and future plans for the game. Watch the trailer of World of Haiku here: https://youtu.be/yUZaIeSq1fU You can buy the game on Steam: https://store.steampowered.com/app/1856090/World_of_Haiku/ Tune in to this episode to also hear:

    Open Source and the Enterprise

    Play Episode Listen Later Aug 30, 2022 43:00


    How familiar are you with Open Source software and projects? Are they viable? Are they even safe to use? Host Mark Fuentes helps us get the answers to these questions in this episode of the Ask A CISO podcast, and also learn why some proprietary software companies choose to go the Open Source route from Harish Pillay, Head of Community Architecture and Leadership at Red Hat Asia Pacific. Tune in to this episode of the Ask A CISO podcast to hear:

    The Local Startup Ecosystem, Going Digital, and Microsoft for Startups

    Play Episode Listen Later Aug 24, 2022 43:23


    Are startups still viable today? Where are they in the digital ecosystem and what does Microsoft have to do with startups? We speak to Michael Smith Jr., the newly-appointed APAC GM of Microsoft Startups, to get his insights and opinions on the startup ecosystem in Singapore, and how Microsoft is positioned to facilitate the growth of startups. Tune in to this episode of Ask A CISO to hear:

    Mempersiapkan Talenta Keamanan Siber Masa Depan Indonesia

    Play Episode Listen Later Aug 16, 2022 33:49


    Permintaan akan tenaga ahli di bidang keamanan siber terus mengalami peningkatan, bahkan diprediksi menjadi salah satu profesi yang akan banyak dicari. Karir di bidang keamanan siber sendiri cukup beragam dan dapat ditemukan pada berbagai sektor industri. Akan tetapi untuk bisa terjun ke bidang profesional yang satu ini, diperlukan beberapa kemampuan atau skills yang wajib dimiliki oleh setiap ahli keamanan siber. Di episode Ask a CISO kali ini kami menghadirkan Bapak Yudistira Asnar, ST., PhD - Ketua Jurusan Studi Sistem dan Teknologi Informasi di Institut Teknologi Bandung, bagaimana pandangan seorang Akademis mengenai pentingnya mempersiapkan talenta keamanan Siber yang kompeten termasuk pentingnya menanamkan edukasi keamanan siber sejak dini guna menciptakan Sumber Daya Manusia (SDM) yang siap untuk terjun di bidang industri. The Ask A CISO podcast is a production of Horangi Cyber Security, Asia's leading cloud security provider. The show is hosted weekly by co-founder and CEO, Paul Hadjy. -- About Horangi Cybersecurity -- More information about the Ask A CISO podcast: https://www.horangi.com/resources/ask-a-ciso-podcast About Horangi Cyber Security: https://www.horangi.com --- About the Guest -- Yudistira Dwi Wardhana Asnar, ST., PhD merupakan seorang dosen di Institut Teknologi Bandung (ITB) dan saat ini menjabat sebagai Ketua Program/Jurusan Studi Sistem dan Teknologi Informasi di Sekolah Teknik Elektro dan Informatika ITB. Beliau menyelesaikan program studi S1 Teknik Informatika, ITB serta memiliki gelar Doctoral / PhD di Università Degli Studi di Trento, Italy Di bidang akademis sendiri, expertise beliau juga mencakup : Rekayasa Perangkat Lunak, Keamanan Sistem Perangkat Lunak, Keamanan Siber, Blockchain, Security Audit dengan mengantongi sertifikasi antara lain Certified Project Manager dan ISO27001 atau ISMS Lead Auditor -- Attributions -- Ending Music: I Dunno by Grapes http://ccmixter.org/files/grapes/16626 Creative Commons — Attribution 3.0 Unported— CC BY 3.0 Free Download / Stream: https://bit.ly/i-dunno-grapes Music promoted by Audio Library https://youtu.be/sNAE8-mB5lQWe

    Cyber Mayday and the Day After

    Play Episode Listen Later Aug 10, 2022 30:21


    Dan Lohrmann, award-winning CISO, keynote speaker, mentor, columnist, and bestselling co-author of the book Cyber Mayday and the Day After joins us this week to talk about cybersecurity roles in the public and private sectors, checklists for dealing with disruptions to your business, what organizations can learn from breaches, and much more including a lesson from a blackout on how tabletop exercises should be conducted. Tune in to this episode of Ask A CISO to hear:

    CII, Supply Chain Risks, and Zero Trust

    Play Episode Listen Later Aug 3, 2022 41:48


    This is an episode you should not miss. It's not often that you get to sit down with a renowned CISO one-to-one for 45 minutes and just take in all the knowledge and wisdom he has to impart. This week, we had a chance to sit down with Steven Sim, one of Singapore's most renowned and decorated CISOs to get his advice and insights on a variety of contemporary cybersecurity topics like Critical Information Infrastructure, Zero Trust, etc. Tune in to this episode of Ask A CISO to hear:

    Zero Trust and Cyber Warfare

    Play Episode Listen Later Jul 27, 2022 26:53


    Dr. Chase Cunningham, a well-renowned expert on Zero Trust, sits down with us this week to talk about zero trust, VPNs, SASE, WAFs, and how the IS and security team can still be the department of "no" and still accommodate the demands of DevOps and contribute to an organization's growth. Tune in to this episode of Ask A CISO to hear:

    Cryptocurrencies, DeFi Hacks & the Future of the Crypto Market

    Play Episode Listen Later Jul 20, 2022 26:34


    We may be experiencing a "crypto winter" now, but the technology is definitely here to stay. Pasi Koistinen, CISO of Coinhako, a Singapore-based crypto exchange, joins us this week to talk about crypto, DeFi hacks and how you as an investor can protect your crypto investments. Tune in to this episode of Ask A CISO to hear:

    Insights from InfoSecurity Europe 2022

    Play Episode Listen Later Jul 13, 2022 30:57


    Physical tradeshows are back, and our guest and host were both at the recently-concluded InfoSecurity Europe 2022. Hear their insights on tradeshows and learn their main takeaways from conversations with industry peers in panels on a variety of cybersecurity topics like public-private partnerships, and incident reporting and response. Tune in to this episode of Ask A CISO to hear:

    ceo grapes audio library infosecurity europe
    Web3, The Metaverse, and Cyber Risk Management

    Play Episode Listen Later Jul 6, 2022 22:47


    What are the unique challenges that Web3, the Metaverse, and in particular, crypto and NFTs present with regards to trust? Michael Lew, CEO of Rajah and Tann Technologies and Chairman of the Cyber Risk sub-committee of the Singapore Fintech Association, sits down with host Paul Hadjy to discuss this and how companies should approach cyber risk management. Tune in to this episode of Ask A CISO to hear:

    People, Process, and Technology

    Play Episode Listen Later Jun 28, 2022 26:59


    How do you balance people, process, and technology, the three pillars of information security, to achieve a balanced security program? What can you do to bolster each pillar? Johannes Wiklund, the Head of Information Security at Jotforms, shares his experience on this, why he thinks a systematic approach to troubleshooting is important, and his key takeaways from the recent RSA conference. Tune in to this episode of Ask A CISO to hear:

    Learning about Huawei Cloud

    Play Episode Listen Later Jun 22, 2022 40:45


    Despite being a latecomer to the space, Huawei Cloud is today the 5th largest Infrastructure-as-a-Service (IaaS) provider in the world, according to a report released by Gartner in June 2021. Hear from representatives from Huawei Singapore on their journey to compliance with the Singapore authorities, and how their unique offerings are helping their customers. Tune in to this episode of Ask A CISO to hear:

    Operational Technology - Origins, Challenges and the Future

    Play Episode Listen Later Jun 15, 2022 33:05


    Mel Migriño, Vice-President and Group CISO at Meralco, the largest power distribution conglomerate in the Philippines, joins us this week to talk about Operational Technology (OT). Tune in to this episode of Ask A CISO to hear:

    Future Tech and Cybersecurity: A Conversation with Chuck Brooks

    Play Episode Listen Later Jun 8, 2022 28:26


    Chuck Brooks is a world-renowned cybersecurity expert and an Adjunct Professor at Georgetown University where he teaches courses on risk management, homeland security, and cybersecurity. Chuck is also a two-time Presidential appointee and Forbes contributor. LinkedIn named him one of “The Top 5 Tech People to Follow on LinkedIn”. He was named by Thompson Reuters as a “Top 50 Global Influencer in Risk, Compliance,” and by IFSEC as the “#2 Global Cybersecurity Influencer” in 2018. He has served as Senior Legislative Staff (Defense, Security) to Senator Arlen Specter, U.S. Senate, and was also the former Technology Partner Advisor at the Bill and Melinda Gates Foundation. In addition, Chuck runs 15 other businesses and is co-leader of the top two Homeland Security groups on LinkedIn. Tune in to this episode of Ask A CISO to hear:

    The Cybersecurity Landscape in Hong Kong

    Play Episode Listen Later May 31, 2022 30:14


    Singapore and Hong Kong were acknowledged as having rather similar economies at one time, with the two countries going head-to-head in many industries, especially financial services and shipping. How different or similar is the cybersecurity landscape in Hong Kong then? Are there similarities or significant differences from Singapore's? Tune in to this episode of Ask A CISO to hear:

    The Human Defense Layer

    Play Episode Listen Later May 25, 2022 37:34


    Most cybersecurity programs work against human nature instead of with our innate behaviors, resulting in breaches even though your organizations may already have spent large amounts of money on security technologies. Perry Carpenter, our guest this week, helps you understand your end-users and build an effective Human Defense Layer to bolster your cybersecurity posture. Tune in to this episode of Ask A CISO to hear:

    ceo defense grapes layer audio library perry carpenter how perry
    A CISO's Take On the Gartner Magic Quadrant

    Play Episode Listen Later May 18, 2022 23:58


    Many security leaders refer to Gartner's Magic Quadrant to decide on which security tool to purchase and deploy to secure their environments. The question then is whether it's good enough to just look at the quadrant the tool is in to guide your decision. What other factors should you consider? Tune in to this episode of Ask A CISO to hear:

    Cybersecurity Sales and Diversity in the Industry

    Play Episode Listen Later May 11, 2022 38:25


    With so many cybersecurity tools on the market today, what can help CISOs choose which ones to purchase and implement to secure their organizations? We put this question to Alexandra Jorissen, a veteran tech sales professional who spent 10 years at Google, in this episode of the Ask A CISO podcast. Tune in to this episode of Ask A CISO to hear:

    Cloud Transformation and the Cybersecurity Landscape in the Middle East

    Play Episode Listen Later May 4, 2022 33:56


    How do you convince senior management to stop seeing cybersecurity as an afterthought, but rather as a business enabler? We also get a look at cybersecurity practices in the Middle East, a region most of us have never been to or worked in. Tune in to this episode of Ask A CISO to also hear:

    Claim Ask A CISO

    In order to claim this podcast we'll send an email to with a verification link. Simply click the link and you will be able to edit tags, request a refresh, and other features to take control of your podcast page!

    Claim Cancel