InfoSec Weekly Podcast

Follow InfoSec Weekly Podcast
Share on
Copy link to clipboard

Catch-up on the latest information security news with our Weekly Podcast. Also, keep an eye out for our 'Author Interviews' where we speak with industry experts, covering; InfoSec, Cyber Security, IT, project management, PCI DSS and more.

IT Governance


    • Oct 23, 2023 LATEST EPISODE
    • monthly NEW EPISODES
    • 8m AVG DURATION
    • 218 EPISODES


    Search for episodes from InfoSec Weekly Podcast with a specific topic:

    Latest episodes from InfoSec Weekly Podcast

    IT Governance Podcast 20.10.23: Casio, Cisco, MOVEit (again) and the ICC

    Play Episode Listen Later Oct 23, 2023 7:01


    This week, we discuss a data breach affecting Casio users in 149 countries, two zero-day vulnerabilities in Cisco's IOS XE web user interface, a slew of legal action against Progress Software following the MOVEit Transfer breach, and an update on last month's cyber attack on the International Criminal Court.

    IT Governance Podcast 6.10.23: TikTok, Sony and MOVEit and DarkBeam

    Play Episode Listen Later Oct 6, 2023 6:23


    This week, we discuss another GDPR fine for TikTok relating to its processing of child users' personal information, more data breaches caused by MOVEit Transfer, including Sony Interactive Entertainment, and the exposure of a mammoth 3.8 billion data records.

    IT Governance Podcast 22.09.23: MGM Resorts, Microsoft Azure, International Criminal Court

    Play Episode Listen Later Sep 22, 2023 7:31


    This week, we discuss a cyber attack on MGM Resorts that has allegedly cost the company millions of dollars in revenue even before it began its remediation efforts, the leak of 38 terabytes of Microsoft data and a cyber attack on the International Criminal Court in The Hague.

    IT Governance Podcast 08.09.23: Electoral Commission (again), Meta, Pôle emploi

    Play Episode Listen Later Sep 7, 2023 6:05


    This week, we discuss security issues at the Electoral Commission, Meta's appeal against daily GDPR fines, and a breach affecting 10 million users of the French unemployment agency Pôle emploi.

    IT Governance Podcast 25.8.23: Tesla, Duolingo, Lapsus$ trial

    Play Episode Listen Later Aug 24, 2023 5:24


    This week, we discuss “insider wrongdoing” at Tesla, a data breach affecting 2.6 million Duolingo users and the conclusion of a two-month court case against members of the Lapsus$ gang.

    IT Governance Podcast 11.8.23: Electoral Commission, PSNI, Capita

    Play Episode Listen Later Aug 10, 2023 7:12


    This week, we discuss data breaches affecting the Electoral Commission and the Police Service of Northern Ireland, and the financial repercussions of Capita's March ransomware incident.

    IT Governance Podcast 14.7.23: EU-US DPF, UK-US data bridge, MOVEit patches and other security fixes

    Play Episode Listen Later Jul 13, 2023 7:40


    This week, we discuss the new EU adequacy decision for the US, based on the Data Privacy Framework (plus Max Schrems's inevitable reaction), and a proposed UK-US ‘data bridge'; fixes for three more vulnerabilities in Progress Software's MOVEit Transfer app; plus this month's Patch Tuesday and other security updates.

    IT Governance Podcast 30.6.23: ChatGPT, LetMeSpy and MS Teams, plus Alan Calder on cyber security

    Play Episode Listen Later Jun 29, 2023 20:38


    This week, we discuss 100,000 compromised ChatGPT credentials, a data breach affecting the LetMeSpy stalkerware app, and a potential security vulnerability in Microsoft Teams that could be exploited to spread malware. Plus, Alan Calder discusses the current cybersecurity and regulatory landscape, and how they affect organisations.

    IT Governance Podcast 16.6.23: MOVEit, LinkedIn, Spotify and Google Bard

    Play Episode Listen Later Jun 15, 2023 7:14


    This week, we discuss a data breach affecting users of Progress Software's MOVEit file transfer app, GDPR fines for LinkedIn and Spotify, and the delay of Google Bard's EU launch because of privacy concerns.

    IT Governance Podcast 2.6.23: Capita, NHS, Meta, GDPR, DPDI Bill and Alan Calder on cyber regtech

    Play Episode Listen Later Jun 1, 2023 17:32


    This week, we discuss more organisations affected by Capita's security issues, the security implications of 20 NHS trusts' use of Meta Pixel, Meta's €1.2 billion GDPR fine and its potential effects for other organisations, and the progress of the DPDI (No. 2) Bill. Plus, Alan Calder discusses cyber regtech and how organisations can use it to manage their regulatory compliance.

    IT Governance Podcast 19.5.23: Capita, USS, Colchester City Council and Alan Calder's analysis.

    Play Episode Listen Later May 18, 2023 16:31


    This week, we look at the wider repercussions of the Capita ransomware attack, and how numerous clients have been affected, including the Universities Superannuation Scheme and other pension providers. Plus, accusations of another Capita breach and Alan Calder on what all organisations can learn from the attack and Capita's response.

    IT Governance Podcast 5.5.23: ChatGPT, LockBit, T-Mobile, Alan Calder on cyber security for boards

    Play Episode Listen Later May 4, 2023 19:17


    This week, we discuss ChatGPT's restoration in Italy despite wider security concerns, an apology from the LockBit ransomware group and another breach for T-Mobile, and Alan Calder discusses what boards need to do to build their organisations' cyber defences.

    IT Governance Podcast 21.4.23: Capita, Chrome, LockBit for Macs and Alan Calder on cyber security

    Play Episode Listen Later Apr 20, 2023 18:11


    This week, we discuss the apparent sale of exfiltrated Capita data by the Black Basta ransomware group, a zero-day Google Chrome vulnerability and the development of a new LockBit ransomware variant targeting macOS, and Alan Calder analyses the new US National Cybersecurity Strategy and explains what all organisations should learn from it.

    IT Governance Podcast 2023-7: Capita, ChatGPT and TikTok (yet again)

    Play Episode Listen Later Apr 5, 2023 8:54


    This week, we discuss a cyber attack on the outsourcing giant Capita, Italy's ban on OpenAI's ChatGPT chatbot and further bad news for TikTok: a £12.7 million fine from the ICO for breaching UK data protection law.

    IT Governance Podcast 2023-6: Ferrari, Dole, TikTok (again), Android

    Play Episode Listen Later Mar 23, 2023 6:51


    This week, we discuss ransomware attacks on Ferrari and the Dole Food Company, another TikTok ban – this time by the BBC – and vulnerabilities that allow some Android phones to be hacked with only the victim's phone number.

    IT Governance Podcast 2023-5: WH Smith, the Data Protection and Digital Information Bill, TikTok

    Play Episode Listen Later Mar 9, 2023 6:59


    This week, we discuss a data breach affecting WH Smith, the latest proposals to reform data protection law in the UK, TikTok's response to being banned by the European Commission and European Parliament, and the proposed US RESTRICT Act, and a woman who has been sentenced for defrauding Luton Borough Council in a cyber attack.

    IT Governance Podcast 2023-4: EU-US Data Privacy Framework, Twitter 2FA, GoDaddy, HardBit 2.0

    Play Episode Listen Later Feb 23, 2023 9:11


    This week, we discuss the European Parliament Committee on Civil Liberties's opinion of the EU-US Data Privacy Framework, Twitter's decision to disable free text-based 2FA, a series of attacks on GoDaddy's infrastructure and the HardBit 2.0 ransomware group's negotiation tactics.

    IT Governance Podcast 2023-3: Bank security flaws ranked, ION ransom paid, MP hacked

    Play Episode Listen Later Feb 9, 2023 32:31


    This week, we discuss a Which? investigation into basic security flaws on banks' websites and apps, a ransomware attack on the financial firm ION Cleared Derivatives, and a phishing attack that compromised the emails of Stewart McDonald MP.

    IT Governance Podcast 2023-2: Mailchimp, fast food, T-Mobile, ice rinks, iOS update and ISO 27001

    Play Episode Listen Later Jan 26, 2023 30:47


    This week, we discuss the fallout from the latest Mailchimp breach, a ransomware attack on KFC, Pizza Hut and Taco Bell's parent company, another T-Mobile data breach, an incident affecting Planet Ice, and an update for older Apple devices. We also talk to the ISO 27001 expert Steve Watkins about his new pocket guide to the Standard.

    IT Governance Podcast 2023-1: more ransomware attacks on the education sector, and DPC and Meta sued

    Play Episode Listen Later Jan 12, 2023 33:26


    This week, we discuss a series of ransomware attacks on 30 schools and colleges in the UK, legal action against both Meta and the Irish Data Protection Commission following last year's massive Facebook GDPR fine, and the third stage of a cyber-defence-in-depth strategy: management.

    IT Governance Podcast Episode 14: Rackspace, Citrix and EU-US adequacy decision

    Play Episode Listen Later Dec 15, 2022 29:42


    This week, we discuss a ransomware attack on Rackspace, a Citrix zero-day vulnerability, the forthcoming EU adequacy decision in respect of the EU-U.S Data Privacy Framework, and the second stage of a cyber-defence-in-depth strategy: protection.

    IT Governance Podcast Episode 13: $100 million ransomware, Westmount City, Suffolk Police, AI

    Play Episode Listen Later Nov 24, 2022 35:15


    This week, we discuss the Hive ransomware as a service, the latest developments following the Medibank breach, a Canadian city shut down by ransomware, Suffolk Police's leak of sensitive data and the ethical implications of AI.

    IT Governance Podcast Episode 12: Interserve, Medibank, UPS and Patch Tuesday

    Play Episode Listen Later Nov 10, 2022 6:40


    This week, we discuss a £4.4 million GDPR fine for the construction company Interserve, a data breach affecting 9.7 million customers of Medibank, an unusual GDPR fine for UPS, and Microsoft's latest software updates.

    IT Governance Podcast Episode 11: EU-US Data Privacy Framework, ransomware & cyber detection

    Play Episode Listen Later Oct 27, 2022 24:26


    This week, we discuss the new mechanism for transferring EU residents' personal data to the US, the first GDPR Data Protection Seal, a new ransomware attack targeting Ukraine and its allies, and the first layer in a defence-in-depth approach to cyber security: detection.

    IT Governance Podcast Episode 10: Data protection reform, Easylife fine, Uber conviction and work

    Play Episode Listen Later Oct 13, 2022 28:28


    This week, we discuss yet more planned changes to UK data protection law, a £1.35 million GDPR fine for “predatory marketing”, the conviction of Uber's former chief security officer, and a new book about how to establish an enjoyable career.

    IT Governance Podcast Episode 9: TikTok, American Airlines and Morgan Stanley Smith Barney

    Play Episode Listen Later Sep 29, 2022 5:35


    This week, we discuss a potential fine of £27 million for TikTok, a data breach caused by a phishing attack on American Airlines and a $35 million penalty for Morgan Stanley Smith Barney LLC after ”extensive” security failures.

    tiktok governance american airlines morgan stanley smith barney
    IT Governance Podcast Episode 8: Twitter, Instagram, InterContinental and Cloud security

    Play Episode Listen Later Sep 15, 2022 6:38


    This week, we discuss allegations of data security failures at Twitter, a €405 million fine for Instagram, a cyber attack on InterContinental Hotels Group, and why Cloud security is so important.

    IT Governance Podcast Episode 7: Apple zero-day, NHS ransomware update and 0ktapus phishing campaign

    Play Episode Listen Later Sep 1, 2022 4:56


    This week, we discuss two zero-day vulnerabilities affecting Apple devices, the further effects of a ransomware attack on an NHS digital services provider and a large-scale phishing campaign affecting users of secure services such as Okta, Authy and Signal.

    IT Governance Podcast Episode 6: NHS ransomware, Ukraine, Digital Protection and Information Bill

    Play Episode Listen Later Aug 18, 2022 6:05


    This week, we discuss a ransomware attack on an NHS digital services provider and a huge increase in cyber attacks as a result of the war in Ukraine, and provide an overview of the main reforms to UK data protection law proposed by the Digital Protection and Information Bill.

    IT Governance Podcast Episode 5: Facebook, Twitter, VW, Digital Protection and Information Bill

    Play Episode Listen Later Aug 4, 2022 27:20


    This week, we discuss a malware campaign targeting Facebook Business users, a breach apparently affecting 5.4 million Twitter users, a €1.1 million GDPR fine for Volkswagen, the new Digital Protection and Information Bill, and why it's so important to maintain your cyber security through a recession.

    IT Governance Podcast Episode 4: Ransomware advice, MFA phishing and The Art of Cyber Security

    Play Episode Listen Later Jul 21, 2022 23:56


    This week, we discuss NCSC and ICO advice to the legal profession, a new phishing campaign that bypasses multifactor authentication, and the huge increase in the number of ransomware and phishing attacks this year. Plus, we talk to Gary Hibberd about his new book, The Art of Cyber Security.

    IT Governance Podcast Episode 3: NCSC guidance, Amagasaki breach, Maastricht Uni and the metaverse

    Play Episode Listen Later Jul 7, 2022 11:44


    This week, we discuss new NCSC guidance on avoiding cyber security “staff burnout”, a data breach affecting a Japanese city's entire population, good news for the ransomware-hit Maastricht University, and the privacy implications of the metaverse.

    IT Governance Podcast Episode 2: Yodel, ransomware, the Data Reform Bill and cyber defence in depth

    Play Episode Listen Later Jun 23, 2022 9:54


    This week, we discuss a cyber attack that's disrupted Yodel's deliveries, new tactics from a ransomware gang, the government's plans for reforming UK data privacy law, and the importance of a defence-in-depth approach to cyber security.

    Episode 1: Twitter, Beeple, QuickBooks, Pegasus Airlines and Hybrid Working Security

    Play Episode Listen Later Jun 9, 2022 12:36


    This week, we look at a $150 million fine for Twitter, phishing attacks affecting the Twitter followers of the digital artist Beeple and users of the accounting platform QuickBooks, and a massive data breach affecting Pegasus Airlines – plus we talk about security issues facing organisations with a remote or hybrid workforce.

    Brexit And Schrems II | Practical Implications For UK - EU Data Transfers 1

    Play Episode Listen Later Mar 16, 2021 89:43


    The Schrems II ruling and Brexit mean that UK organisations are required to reconsider the legal basis for the transfer of personal data to and from Europe. The webinar recording covers: The Schrems II decision regarding transfers of data; The implications for UK and EU data controllers regarding data transfers; The types of data transfers organisations should consider; Data flows and the legal basis for UK–EU data transfers; Practical steps organisations can take now; and What the future holds following Schrems II and Brexit.

    Data Flow Audit And Data Mapping For GDPR Compliance

    Play Episode Listen Later Mar 16, 2021 53:48


    We take a look at Data Flow Audit And Data Mapping For GDPR Compliance in this webinar recoding

    Introduction To Data Mapping

    Play Episode Listen Later Mar 16, 2021 63:44


    We take a look at Data Flow Mapping in this webinar recording

    Data Protection By Design And By Default Under The GDPR

    Play Episode Listen Later Mar 16, 2021 76:17


    The EU General Data Protection Regulation (GDPR) highlights how the principles of ‘privacy by design’ and ‘privacy by default’ are fundamental to ensuring that organisations protect the rights of data subjects. We take a look at Data Protection By Design And By Default Under The GDPR in this webinar recording

    The First Steps Towards GDPR Compliance

    Play Episode Listen Later Mar 16, 2021 64:24


    Alan Calder, Founder and CEO of IT Governance discusses the first steps towards GDPR compliance in this webinar recording.

    Weekly podcast: Goodbye!

    Play Episode Listen Later Mar 14, 2019 6:30


    In our last ever podcast, we discuss Citrix’s data breach, the GDPR and cookie walls, data breach notification, and Patch Tuesday.

    7th March Weekly podcast: Reports galore! DCMS, Microsoft and Cisco

    Play Episode Listen Later Mar 7, 2019 6:12


    This week, we delve into the government's FTSE 350 Cyber Governance Health Check report, Microsoft's Security Intelligence Report Volume 24, and Cisco's latest Data Privacy Benchmark Study

    28 February Weekly podcast: ICANN, DNS and DNSSEC; credential stuffing, and passwords managers

    Play Episode Listen Later Feb 28, 2019 6:54


    This week, we discuss ICANN's warning about DNS attacks, the extent of credential stuffing attacks on the retail sector, password managers' responses to recent research into security flaws, and the European Data Protection Supervisor's annual report for 2018.

    21 February Weekly podcast: Password managers, unpatched vulnerabilities, formjacking and Wendy's

    Play Episode Listen Later Feb 21, 2019 5:41


    This week, we discuss a security flaw affecting 1Password, Dashlane, KeePass and LastPass; the prevalence of historic vulnerabilities in corporate IT systems; the increase in formjacking attacks; and Wendy's $50 million data breach settlement.

    14 February Weekly podcast: Mumsnet, OkCupid and Apple

    Play Episode Listen Later Feb 14, 2019 5:48


    This week, we discuss a data breach at Mumsnet, no data breach at OkCupid, and a lawsuit against Apple for implementing security measures.

    7 February Weekly podcast: Metro Bank, Student Loans Company, GDPR breaches and seals

    Play Episode Listen Later Feb 7, 2019 7:13


    This week, we discuss the compromise of Metro Bank's two-factor authentication system, nearly one million cyber attacks on the Student Loans Company, nearly 60,000 GDPR breaches and a surprising discovery for some marine biologists

    31 January Weekly Podcast: Facebook VPN, FaceTime bug, and Internet Explorer 10

    Play Episode Listen Later Jan 31, 2019 5:51


    31 January Weekly Podcast: Facebook VPN, FaceTime bug, and Internet Explorer 10 by IT Governance

    facetime internet explorer it governance facetime bug
    24 January Weekly podcast: Google GDPR fine, EU-US Privacy Shield and US DNS hijacking attacks

    Play Episode Listen Later Jan 24, 2019 5:37


    This week, we discuss Google's €50 million GDPR fine, GDPR complaints against eight streaming services, Facebook’s Supreme Court appeal and its potential effects on the EU-US Privacy Shield, and an Emergency Directive from the US Department of Homeland Security.

    17 January Weekly podcast: US government websites, Liberia DDoS attacker and no-deal Brexit

    Play Episode Listen Later Jan 17, 2019 7:21


    This week, we discuss how the US government shutdown is affecting federal websites' security, the sentencing of a man who knocked Liberia's Internet offline with a botnet, and what a no-deal Brexit means for data protection

    11 January Weekly podcast: German data breach, poor passwords, Marriott, NHS Digital & Patch Tuesday

    Play Episode Listen Later Jan 10, 2019 7:20


    This week, we discuss a high-profile German data breach, the top worst passwords of 2018, the resignation of NHS Digital’s CISO, and Microsoft’s latest patches.

    14 December Weekly Podcast: 2018 end-of-year roundup

    Play Episode Listen Later Dec 13, 2018 16:42


    This week, in our last podcast of the year, we revisit some of the biggest information security stories from the past 12 months

    30th November Weekly podcast: Uber, Google, and City of York Council vs RapidSpike

    Play Episode Listen Later Nov 29, 2018 7:19


    This week, we discuss the latest fines for Uber in connection with its 2016 data breach, GDPR complaints against Google, and the other side of the City of York Council 'hack' story.

    Claim InfoSec Weekly Podcast

    In order to claim this podcast we'll send an email to with a verification link. Simply click the link and you will be able to edit tags, request a refresh, and other features to take control of your podcast page!

    Claim Cancel