Capability-Centric GRC & Cyber Security Podcast

In this episode of the Cyber and Risk Leaders podcast, we're joined by James Green, who does a deep dive into his resiliency Think Tank, how to run better tabletop exercises and all things how to build resiliency in organizations.Follow us on Linkedin:• Matthew Davies - https://www.linkedin.com/in/matthew-daviespm• James Green - https://www.linkedin.com/in/thejamesgreen• SureCloud - https://www.linkedin.com/company/surecloud/#cybersecurity #resilience #grc

In this episode of the Cyber and Risk Leaders podcast, SureCloud's Matthew Davies welcomes special guest AJ Nash of ZeroFox about the role of intelligence in cybersecurity. We delve into the challenges of misinformation in the digital age, including the spread of disinformation and erosion of trust in institutions.Join us as we explore the impact of dis/mis/malinformation, the manipulation of social media and what to consider when it comes to news sources.Follow us on Linkedin:·       Matthew Davies - https://www.linkedin.com/in/matthew-daviespm·       AJ Nash - https://www.linkedin.com/in/nashaj·       SureCloud - https://www.linkedin.com/company/surecloud/

In this episode, Matt Davies sits down with Tom Cornelius from the SCF and Compliance Forge to dive into the world of risk assessments. Together, they explore the latest developments in risk assessment practices, how recent SEC changes have influenced risk management strategies, and introduce an innovative approach to transform the way you work.In this episode, hear more about the following:Why risk assessment methods are often broken, with teams asking irrelevant questions and lacking executive management involvement.How the SEC has introduced changes that require publicly traded companies to have board oversight of cybersecurity threats and manage material risks.How the new approach to risk assessment aligns with the Secure Controls Framework (SCF) and focuses on aligning risk assessments with executive management, using control maturity, and providing situational awareness to business leaders.How to address key challenges by providing meaningful risk assessment results, speaking the language of the business, and ensuring the right people make risk decisions.Matthew Davies Linkedin: https://www.linkedin.com/in/matthew-daviesgrcTom Cornelius Linkedin: https://www.linkedin.com/in/tcorneliusSureCloud Linkedin: https://www.linkedin.com/company/surecloud

In the latest SureCloud Cyber & Risk Leaders Podcast, Jodie Lash, a cybersecurity professional, discusses her career journey, the importance of continuous control monitoring (CCM), and the challenges and priorities in the industry. She emphasizes the need for effective security programs, automation in controls assurance, and the role of cybersecurity awareness. Jodie also shares insights on implementing CCM technology, the skills required for information security professionals, and her wish for more time to focus on solving security problems.#governance #risk #compliance #grc #cybersecurity #podcastContact Matthew Davies

In this podcast episode, Brent Deterding, the CISO at Afni, joins Matthew Davies, the VP of Product at SureCloud. They discuss Brent's approach to organizational risk. Brent outlines his four steps for significantly reducing risks within businesses in a manner that is simple, easy, and inexpensive.Contact Brent Deterding

As technology rapidly evolves, so does the landscape of compliance.  In the latest SureCloud podcast episode, Michelle Garcia, Director of Information Security and Compliance at Carnival Cruise Line, and Matthew Davies of SureCloud discuss on the transformative journey of compliance and the emerging tools reshaping its future.  In today's fast-paced tech landscape, why is automation not just an advantage but a must for compliance?  And how can businesses best use its power? 

In this podcast episode, Stuart Powell, Chief Information Security Officer (CISO) at the Government of Jersey, joins Matthew Davies, VP of Product at SureCloud, to discuss Identity and Access Management (IAM) and how you can improve this in your organization. They also talk about the topic of the moment, Artificial Intelligence (AI), and how it can impact your organization's risk and compliance management.Contact Stuart Powell

In this podcast episode, Brent Deterding, the CISO at Afni, joins Matthew Davies, the VP of Product at SureCloud. They discuss Brent's approach to organizational risk. Brent outlines his four steps for significantly reducing risks within businesses in a manner that is simple, easy, and inexpensive.Contact Brent Deterding

Every month, our experts Nick, Hugh, and Arron will highlight the current and emerging cyber threats you need to know about right now, giving you great insights to help protect your organization. July's Cyber Threat Briefing covers: 

In this podcast episode, Alexander Zhitenev, CISO at IFCO Systems, joins Matthew Davies, VP of Product at SureCloud, to discuss business continuity and disaster recovery. Alexander emphasizes the significance of implementing suitable safeguards within a business to guarantee its ability to sustain operations in the face of any potential disruptions or disasters.Contact Alexander Zhitenev

Every month, our experts Nick, Hugh and Arron will highlight the current and emerging cyber threats you need to know about right now, giving you great insights to help protect your organization. June's Cyber Threat Briefing covers:

In this podcast edition, Karla Reffold, award-winning cyber security professional and Chief Operating Officer (COO) at Orpheus Cyber, joins Matthew Davies, VP of Product at SureCloud, to explore the surge of board advisory roles for CISOs in today's cyber landscape. They also discuss her transition from Human Resources (HR) to a COO role, her current activities as a Board Advisor of two cyber-related organizations and a Non-executive Director at Trident Search, as well as her 'Advisory Boards Guide Book'.Contact Karla Reffold

Every month, our experts Nick, Hugh and Arron will highlight the current and emerging cyber threats you need to know about right now, giving you great insights to help protect your organization. May's Cyber Threat Briefing covers:

Artificial Intelligence (AI) has been transforming various industries, and organizations are increasingly incorporating this technology into their operations. In this podcast edition, Sam Bisbee, Senior Director and Distinguished Engineer at F5, joins Matthew Davies, VP of Product at SureCloud, to discuss the dangers of ChatGPT and AI within organizations and how to mitigate those risks. 

In this podcast edition, James (Jim) Dempsey, Lecturer at UC Berkeley Law School and Senior Policy Advisor at Stanford Cyber Policy Center, joins Matthew Davies, VP of Product at SureCloud, to talk about cybersecurity law, in particular about the new approach announced by the US government, which aims to prevent technology providers from using disclaimers to protect themselves from liability. 

Every month, our experts Nick, Hugh and Arron will highlight the current and emerging cyber threats you need to know about right now, giving you great insights to help protect your organization. April's Cyber Threat Briefing covers:

In this podcast edition, Robert Wood, Chief Information Security Officer (CISO) at Centers for Medicare & Medicaid Services (CMS) and Founder of the Soft Side of Cyber, joins Matthew Davies, VP of Product at SureCloud, to have an in-depth discussion on Third Party Risk Management (TPRM) for healthcare. Additionally, Robert tells about his TPRM-related challenges and how he approaches them.Warning: This podcast episode has background noise in a few spots. 

Every month, our experts Nick, Hugh and Arron will highlight the current and emerging cyber threats you need to know about right now, giving you great insights to help protect your organization. March's Cyber Threat Briefing covers:

Every month, our experts Nick, Hugh and Arron will highlight the current and emerging cyber threats you need to know about right now, giving you great insights to help protect your organization. February's Cyber Threat Briefing covers:

In this podcast edition, Tyler Britton, Cyber Risk Manager at Dropbox, joins Matthew Davies, VP of Product at SureCloud, to discuss Factor Analysis of Information Risk methodology and how he has embedded it in his organization, Dropbox. He explains his role as a Quantitative Cyber Risk Manager and goes through the challenges and benefits of implementing Factor Analysis of Information Risk (FAIR) methodology in organizations.

In this CISO How To podcast episode, SureCloud's Senior Consultant, Tom Hulme, and Senior Director of Cybersecurity, Nick Hayes, discuss Vulnerability Management (VM). Watch this video to learn more about VM and what value your organization can get running a solid vulnerability management program.

In this CISO How To podcast episode, SureCloud's Principal Cybersecurity Consultant Mark Wardlow, Senior Cybersecurity Consultant Steve Velcev and Senior Director of Cybersecurity Nick Hayes discuss Red Teaming. Watch this video to learn more about Red Teaming, the differences between penetration testing and red teaming services, and the stages involved when leveraging red teaming services for your organization.

Every month, our experts Hugh and Nick will highlight the current and emerging cyber threats you need to know about right now, giving you great insights to help protect your organization. The first Cyber Threat Briefing of 2023 covers:

In this podcast edition, George Finney CISO, author, speaker, professor, and consultant, joins Matthew Davies, VP of Product at SureCloud, to discuss security awareness and the concept of zero trust, the subject of his bestseller 'Project Zero Trust: A Story about a Strategy for Aligning Security and the Business'. Besides being the author of a bestseller, George wrote several other cybersecurity books, including: 'Well Aware: Mastering the Nine Cybersecurity Habits to Protect Your Future', 'No More Magic Wands: Transformative Cybersecurity Change for Everyone' and more.

In this podcast edition, Jane Frankland, Entrepreneur, Author, Speaker, and Influencer, joins Matthew Davies, VP of Product at SureCloud, to discuss her role within the tech industry and how this impacts businesses, society, and women's lives.

In this CISO's Guide To podcast episode, SureCloud's Senior Cybersecurity Consultant, Simone Q., and Senior Director of Cybersecurity, Nick Hayes, discuss AppSec (Application Security). Listen to this podcast to learn more about AppSec, DevSecOps (Development, Security, and Operations), shift left testing, what are the differences between them, and how your organization can implement its own AppSec program.

In this edition of the podcast, Katie Arrington, former CISO at the U.S. Department of Defense (DOD) and Owner of LD Innovations, LLC Cybersecurity, joins Matthew Davies, VP of Product at SureCloud, to discuss the scope of the Cybersecurity Maturity Model Certification (CMMC) program, her creation within the DOD. Additionally, Katie spoke about Supply Chain Risk Management (SCRM) and how companies should be looking at that. Katie shares great insights on cybersecurity best practices and explains how she handles the many challenges that this busy and demanding role involves.

Every month, our experts Hugh and Nick will highlight the current and emerging cyber threats you need to know about right now, giving you great insights to help protect your organization. November's Cyber Threat Briefing covers: - NCSC launches scanning capability to identify UK vulnerabilities. - UK defends Ukraine with £6m cyber defense program. - Iran exploits Log4j and gains access to US government networks.

In this edition of the podcast, Claude Mandy, Chief Evangelist - Data Security at Symmetry Systems, Inc, joins Matthew Davies, VP of Product at SureCloud, to discuss his approach to security, privacy, and risk management and how he handles the many challenges his busy and demanding role involves. Additionally, Claude shares some great insights on data security innovation and his experiences, having previously worked as a Senior Director Analyst at Gartner and CISO. Warning: This podcast has audio issues in a few spots that have internet glitches.

Every month, our experts Hugh and Nick will highlight the current and emerging cyber threats you need to know about right now, giving you great insights to help protect your organization. October's Cyber Threat Briefing covers: - Australian cyber-attacks – is the region an easy target? - Does age impact our attitude towards security? - BlueBleed: Microsoft customer data leak - 150k companies affected

In this edition of the podcast, Holly Foxcroft, Head of Neurodiversity in Cyber Research and Consulting at Stott and May Consulting, joins Matthew Davies, VP of Product at SureCloud, to discuss the inclusion of neurodiversity in cybersecurity and her point of view as a woman in this market. She explains her approach to handling the many challenges that her busy and demanding role involves.

In this edition of the podcast, Jake Bernards, VP of Security and Compliance at Whistic, joins Matthew Davies, VP of Product at SureCloud, to discuss his approach to cybersecurity and Compliance running an information security team. He explains how he handles the many challenges that his busy and demanding role involves. Warning: This podcast has audio issues in a few spots that have internet glitches.

Join SureCloud's Nick Hayes, Arron Dowdeswell, and Hugh Raynor for our latest Cyber Threat Briefing. Among other cybersecurity hot topics, Nick, Arron, and Hugh will be discussing the latest many cyberattacks happening in only one week: the Uber breach - cloud systems hijacked, Rockstar Games - source code stolen, and Revolut hack - 50,000 users affected.

Join SureCloud's Nick Hayes and Hugh Raynor for our latest Cyber Threat Briefing. Among other cybersecurity hot topics, Nick and Hugh will be discussing the recent Cisco hack, the phishing attacks Twilio and Cloudfare suffered, and the NCSC and ICO's positions on ransomware payments.

In this edition of the podcast, Benjamin Corll, Chief Information Security Officer at Coats joins Matthew Davies, VP of Product at SureCloud to discuss his approach to cybersecurity and to running an information security team. He explains his approach to handling the many challenges that his busy and demanding role involves.

In this edition of the GRC and Cybersecurity Podcast, Ian Brown, Chief Information Security Officer at Spectris joins Matthew Davies, VP of Product at SureCloud. Ian and Mathew discuss the challenges associated with being responsible for cybersecurity management at a FTSE 250 company.

Join SureCloud's Nick Hayes and Hugh Raynor for our latest Cyber Threat Briefing. Among other cyber security hot topics, Nick and Hugh will be discussing a recently released report from Authomize which reveals the potential for passwords to be stolen from the Okta solution.

In this edition of the podcast, Mike Privette, Chief Information Security Officer at Passport Labs joins Matthew Davies, VP of Product at SureCloud, to discuss his approach to cybersecurity and to running an information security team. He explains the main challenges he faces and shares some of the strategies he uses to manage risk.

Join SureCloud's Craig Moores and Hugh Raynor for our latest Cyber Threat Briefing. Craig and Hugh will be discussing the recently recent zero-day Follina and Confluence vulnerabilities, in addition to talking about cybersecurity and vulnerability management best practice and the rise of SMSing in the corporate world.

Join Nick Rafferty, Matthew Davies and Yang Zheng from SureCloud, who will be discussing the development of GRC solutions from their origins over two decades ago. They also consider market trends, common challenges and shortfalls, and how the technology will evolve in years to come.

Join Matthew Davies of SureCloud, and Tom Cornelius, Co-Founder of the Secure Controls Framework, who will be discussing what the SCF are doing to assist organizations in their journey towards compliance and enhanced cybersecurity.

Join Matthew Davies and Yang Zheng from SureCloud, who will be discussing the forthcoming UK SOX laws and identifying the key areas that organizations should be focusing on to get ready and to ensure they remain compliant.

Join SureCloud's Craig Moores and Hugh Raynor for our latest Cyber Threat Briefing. Craig and Hugh will be discussing the recently released CISO report which highlights the top vulnerabilities which threat actors were able to exploit over the past year.

Join Nick Rafferty, Matt Davies and Yang Zheng of SureCloud, who will be discussing ways in which organizations can enhance their third-party risk management operations and practices.

Join Nick Rafferty, Matt Davies and Yang Zheng of SureCloud, for a discussion of the most common third-party risk management challenges that they see on consulting engagements.

Join Nick Hayes and Hugh Raynor of SureCloud, for our latest podcast episode in which Nick and Hugh will be discussing and providing practical solutions to cloud-based security challenges.

Join Craig Moores and Hugh Raynor of SureCloud, for our latest Cyber Threat Briefing. Craig and Hugh will be discussing a recently released report from The UK's Department for Digital, Culture, Media and Support (DCMS), which examines the prevalence of cyber breaches over the past year.

In this edition of the GRC and Cybersecurity Podcast, Greg van der Gaast, Chief Information Security Officer at ScoutBee joins Matthew Davies, Senior Director of Product Management at SureCloud. Greg and Mathew discuss both the challenges and opportunities that come with being instated as a growing company's first Chief Information Security Officer, in addition to delving into Greg's visionary approach to strategic security management.

In this edition of the GRC and Cybersecurity Podcast, Phil Lea, Chief Privacy Officer at Tenth Revolution Group, joins Matthew Davies, Senior Director of Product Management at SureCloud. Phil and Mathew discuss Phil's role as Chief Privacy Officer - the main challenges he faces and the key initiatives he is undertaking.

The NCSC has issued a report that states that an extremely high level of phishing scams are currently being circulated that claim to be fundraising to support the Ukrainian cause. So why are fraudsters choosing this particular topic? In many ways, it's the perfect subject as it contains many of the key ingredients of a successful and compelling phishing scam. The Ukrainian situation is: A matter of urgency; Highly compelling – something that is close to most people's hearts; Something that many people may be motivated to share, providing a viral element to the scam.

Chad Brustin, Lead Security Engineer at Clyde joins Nick Hayes and James Pierce, both Directors at SureCloud, to talk about the Strengthening American Cybersecurity act, which has recently been passed by the US Senate. Our expert panel will discuss the varied implications of the key features within this emerging legislation.