POPULARITY
Categories
Host Chris Hackett is joined by Victoria Ekstedt, Chief Information Security Officer at Orange Digital Services; Paul de Freene, Founder of NordicDesert AB; Rajeev Kumar Jain, Cyber Engineering Team Leader at IKEA; and Konrad Jelen, VP Data Science & AI at Kolomolo. This panel of experts shares how artificial intelligence is transforming the cybersecurity landscape and reshaping business models. From AI ethics to scalable data infrastructure, this insightful discussion dives deep into the future of secure, intelligent enterprise operations.
Host Chris Hackett speaks with Tony Eklund, Information Technology Security Specialist at ICA Gruppen; Per Gustavsson, Chief Information Security Officer at Stratsys; and Marcus Södervall, Head of Trust at Stravito. This insightful conversation explores how artificial intelligence is reshaping security frameworks and trust management across industries. The guests share perspectives on navigating AI-driven risk, ensuring organizational integrity, and leading security in a rapidly evolving digital world. Tune in for expert views on aligning AI innovation with effective governance and cyber resilience.
Google issues an emergency patch for a high-severity Chrome browser flaw. Researchers bypass BitLocker encryption in minutes. A massive Chinese-language black market has shut down. The CFPB cancels plans to curb the sale of personal information by data brokers. A cyberespionage campaign called Operation RoundPress targets vulnerable webmail servers. Google warns that Scattered Spider is now targeting U.S. retail companies. The largest steelmaker in the U.S. shut down operations following a cybersecurity incident. Our guest is Devin Ertel, Chief Information Security Officer at Menlo Security, discussing redefining enterprise security. The long and the short of layoffs. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On our Industry Voices segment and direct from RSAC 2025, our guest is Devin Ertel, Chief Information Security Officer at Menlo Security, discussing redefining enterprise security. Listen to Devin's interview here. Selected Reading Google fixes high severity Chrome flaw with public exploit (Bleeping Computer) BitLocker Encryption Bypassed in Minutes Using Bitpixie Vulnerability: PoC Released (Cyber Security News) The Internet's Biggest-Ever Black Market Just Shut Down Amid a Telegram Purge (WIRED) German operation shuts down crypto mixer eXch, seizes millions in assets (The Record) CFPB Quietly Kills Rule to Shield Americans From Data Brokers (WIRED) EU ruling: tracking-based advertising by Google, Microsoft, Amazon, X, across Europe has no legal basis (Irish Council for Civil Liberties) Operation RoundPress targeting high-value webmail servers (We Live Security) Google says hackers that hit UK retailers now targeting American stores (Reuters) Cybersecurity incident forces largest US steelmaker to take some operations offline (The Record) Infosec Layoffs Aren't the Bargain Boards May Think (Dark Reading) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
On this month's episode of Unscripted Leadership, Comcast Business VP Heather Orrico is joined by Lee Parrish, Vice President and Chief Information Security Officer with Newell Brands. Lee is also the CEO and Chief Creative Officer for Novel Security. Lee discusses how his time serving in the Marines shaped him as a person and drives him, […] The post Episode 7: Lee Parrish, VP and Chief Information Security Officer with Newell Brands appeared first on Business RadioX ®.
In this episode of the ASIAL Security Insider podcast, we are discussing Converged security, specifically how to successfully develop, deliver, and manage an organisation-wide model for converged security. To help us with our discussion, we are joined by Penny Clarke. Penny is the Managing Director of Convergence Security Consulting and has 34 years of industry experience across a range of sectors, including the Defence Industry, Government, and the Private sector. Penny's roles have included a wide variety of positions, including Chief Security Officer, Chief Information Security Officer, Protective Security Manager, Cyber Security Manager, Business Continuity Manager, Emergency Management, and more. Penny's experience, training, and qualifications encompass a broad spectrum of skills, including Governance, Risk, and Assurance, Training, Security Incidents and Investigations, Information Security, Cyber Security, Physical Security, Personnel Security, and investigations, to name but a few. In our discussion, we cover:· Cultural and Operational Differences?· Lack of Unified Strategy and Leadership· Technology Integration Challenges· Regulatory and Compliance Complexities· Evolving Threat Landscape and Risk ManagementFor more podcasts like this one, visit www.asial.com.au.
The Accidental CISO (AC) is an anonymous voice in cybersecurity who stumbled into the Chief Information Security Officer role through a mix of timing, skill, and necessity. With a background in IT operations and service delivery, AC found unexpected purpose, community, and a platform for candid reflection on security, leadership, and personal growth. He now hosts The Mindful Business Security Show, educating SMB leaders on practical security.
The 2023 FBI Internet Crime Report reveals that nearly 21% of ransomware attacks targeted the healthcare and public health sectors—making them the top victims. This week on Feds At The Edge, we explore how agencies can defend against these growing threats. Benjamin Koshy, Chief Information Security Officer and Director, Division of Information Security of Indian Health Service, explains the unique identity management challenge in healthcare: balancing open patient access with strict data protection. Keith Busby, Acting CISO at CMS, outlines how to go beyond Zero Trust with real-world risk assessments and robust incident response plans - not just a three-ring binder gathering dust on a shelf. And Alec Lizanetz, Identity Protection Specialist from CrowdStrike, emphasizes the importance of prioritizing threats and using frameworks like CISA's to respond efficiently. Tune in on your favorite podcasting platform today to hear practical, high-impact strategies to secure critical systems and protect patient care, perfect for healthcare leaders who must protect both data and lives.
What does it take to digitally empower an entire nation – and secure it at scale? At MWC Barcelona 2025, Matthew Roberts investigates how teams across Globe Telecom are unlocking the full potential of AI. First, Matt and co-host Gil Rosen, CMO at Amdocs, are joined by Anton Reynaldo Bonifacio, Chief AI Officer and Chief Information Security Officer. Anton shares his journey into this unique dual role and offers his perspective on the future of AI leadership. He also breaks down how Globe is building its AI strategy and why your development approaches need to differ for all those on your team. Then we're joined by Darius Jose Delgado, Globe's Chief Commercial Officer. Darius leads Globe's entire commercial portfolio across mobile, broadband, and B2B, and has been instrumental in driving Globe's aggressive push toward full digital adoption and connectivity nationwide. This is a story about technology with purpose — and a commitment to nation-building that deserves to be heard.
Fairmont City Manager Travis Blosser of their trip to Washington D.C. to meet elected leaders from the state about their Congressionally Directed Spending requests Agile 5 Technologies, Inc.- Chief Technology Officer Peter Fritch and Jacob Brozenick, Chief Information Security Officer on their work to help secure government systems
In this Chats on the Road to RSAC 2025, , Sean Martin and Marco Ciappelli connect with Tim Brown, Chief Information Security Officer at SolarWinds, to unpack the critical issues facing CISOs today—and why the role remains worth pursuing.Brown is participating in multiple sessions at RSAC Conference 2025, including the CISO Bootcamp and Cyber Leaders Forum. Both are closed-door conversations designed to surface real concerns in a confidential, supportive setting. These aren't theoretical discussions—they're rooted in hard-earned experience. Brown, who has faced high-profile scrutiny and legal fallout from a past incident at SolarWinds, brings a uniquely personal perspective to these sessions.He points out that fear and hesitation are keeping many deputy CISOs from stepping up into the top role. His message to them: don't be afraid of the position. Despite the weight of responsibility, the role offers real influence, the ability to shape enterprise architecture, and the opportunity to drive meaningful business decisions. Brown emphasizes the importance of community support and collective growth, noting that the cybersecurity industry—still relatively young—is maturing and finding its footing when it comes to accountability and resilience.Beyond leadership development, mental health and stress management are key themes in the Cyber Leaders Forum. Brown acknowledges the toll the job can take, even sharing that his own health suffered despite thinking he was managing stress well. This honest reflection opens the door for deeper conversations about personal well-being in high-pressure roles.He's also appearing at the Cloud Security Alliance Summit with Chris Hoff, Chief Security Officer at LastPass, where they'll discuss incident response and field questions from the audience. On Wednesday, Brown joins a breakfast session with Tactic and Hyperwise, guiding attendees through a crisis simulation based on lessons from the Sunburst attack. His focus? Helping others avoid being unprepared in a moment of chaos.From insider threat modeling to supply chain transparency and the challenges of monitoring runtime behavior, Brown is clear-eyed about where CISOs need to focus next.This episode isn't just a preview of conference sessions—it's a call to future security leaders to lean in, not back.___________Guest: Tim Brown, CISO, Solarwinds | On LinkedIn: https://www.linkedin.com/in/tim-brown-ciso/Hosts:Sean Martin, Co-Founder at ITSPmagazine | Website: https://www.seanmartin.comMarco Ciappelli, Co-Founder at ITSPmagazine | Website: https://www.marcociappelli.com___________Episode SponsorsThreatLocker: https://itspm.ag/threatlocker-r974Akamai: https://itspm.ag/akamailbwcBlackCloak: https://itspm.ag/itspbcwebSandboxAQ: https://itspm.ag/sandboxaq-j2enArcher: https://itspm.ag/rsaarchwebDropzone AI: https://itspm.ag/dropzoneai-641ISACA: https://itspm.ag/isaca-96808ObjectFirst: https://itspm.ag/object-first-2gjlEdera: https://itspm.ag/edera-434868___________ResourcesRSAC Session: CLF Ask Me Anything Session with Tim Brown, CISO, SolarWinds: https://path.rsaconference.com/flow/rsac/us25/FullAgenda/page/catalog/session/1739404173721001x1MHRSAC Session: CISO Boot Camp Exclusive Fireside Chat with Tim Brown, CISO, SolarWinds: https://path.rsaconference.com/flow/rsac/us25/FullAgenda/page/catalog/session/1739403254724001isXhCSA Summit at RSAC 2025: Fireside Chat with Tim Brown and Chris Hoff: https://www.csasummitrsac.com/event/5b3547c2-c652-4f77-97de-5b094e746626/agenda?session=1452408b-c822-4664-87b8-38ce1276247bLearn more and catch more stories from RSA Conference 2025 coverage: https://www.itspmagazine.com/rsa-conference-usa-2025-rsac-san-francisco-usa-cybersecurity-event-infosec-conference-coverageCatch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More
In this interview, we discuss the current state of cybersecurity in health care with a specific focus on impersonation attacks, featuring Ryan Witt, Vice President, Industry Solutions at Proofpoint and Erik Decker, Vice President & Chief Information Security Officer at Intermountain Health.Witt shares many of the learnings from Proofpoint's healthcare customer advisory board where they learn about industry challenges and discuss solutions. He said that attackers particularly seek entry points through IT help desks, which the attackers contact while impersonating some doctor or other staff member. They can learn a lot about the person they're impersonating on the web or from less legitimate sources and answer a lot of the typical questions IT staff ask to validate a caller.Witt recommends looking through the organization chart to look for people that might be low-level and often forgotten, but who have access to sensitive information or systems and might be targetted or impersonated by attackers.Learn more about Proofpoint: https://www.proofpoint.com/usLearn more about Intermountain Health: https://intermountainhealthcare.org/Health IT Community: https://www.healthcareittoday.com/
Hallo da draußen an den Empfangsgeräten und herzlich willkommen zu einer neuen Podcast Folge. Mit dabei in dieser Podcast Folge ist Jens Wonneberger, der als CISO beim Hersteller für Filter- und Ansaugsysteme MANN+HUMMEL tätig ist. Julius, Marcel und Jens sprechen in Podcast Folge #102 über die zwölf verschiedenen CISO Archetypen und wann welche CISO Rolle wo zum Einsatz kommt.
Podcast: PrOTect It All (LS 25 · TOP 10% what is this?)Episode: Navigating Cybersecurity Challenges in State Agencies with Joshua KuntzPub date: 2025-04-14Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationEpisode 53 gets into the intricate world of IT and OT cybersecurity with host Aaron Crow and guest Joshua Kuntz, the Chief Information Security Officer for a state agency in Texas. With a comprehensive background spanning two decades and involvement with seven state agencies, Joshua shares his journey from the Marine Corps to leading security programs in the public sector. The episode covers a range of topics, including the transition from military to government cybersecurity roles, the intricacies of budget allocation, and the significance of mastering both technical and business soft skills in cybersecurity leadership. Joshua provides insights into navigating legislative changes, adapting to rapid technological advances, and the essential task of balancing cybersecurity risks with operational priorities. Listeners are treated to an engaging conversation that offers practical strategies and real-world experiences aimed at protecting critical assets in today's dynamic cyber landscape. Key Moments: 05:46 Ownership Alters Risk Perception 09:39 Technical Leaders Developed Through Soft Skills 11:52 "Value of MBA Over Technical Expertise" 14:29 Navigating Ambiguity in Future Planning 19:46 "Questioning Budget Cuts Amid Surplus" 21:05 Efficient Resource Sharing in Texas 25:31 Remote Work Cybersecurity Challenges 27:36 VPN Secure Access for Remote Work 33:21 Prioritizing Critical Executive Decisions 34:45 Understanding Cyber Risk Impact 38:16 CISO Role: Beyond "Yes Men" 41:05 "Exploring IT and OT Cybersecurity" About the guest : Joshua Kuntz is a dedicated professional who successfully transitioned from a military career as an electronics technician to a role with the Texas Department of Public Safety. Embracing the paramilitary structure of the department, Joshua leveraged his military experience to adapt to the law enforcement environment, focusing on protecting citizens. While he found comfort in the familiar rank structure and chain of command, Joshua faced challenges in adjusting to personnel management outside the military realm. Despite the loss of certain disciplinary tools common in the military, Joshua continues to evolve as a leader, emphasizing adaptability and commitment to public service. How to connect Joshua - https://www.linkedin.com/in/joshua-kuntz-cissp-35a825176/ Connect With Aaron Crow: Website: www.corvosec.com LinkedIn: https://www.linkedin.com/in/aaronccrow Learn more about PrOTect IT All: Email: info@protectitall.co Website: https://protectitall.co/ X: https://twitter.com/protectitall YouTube: https://www.youtube.com/@PrOTectITAll FaceBook: https://facebook.com/protectitallpodcast To be a guest or suggest a guest/episode, please email us at info@protectitall.co Please leave us a review on Apple/Spotify Podcasts: Apple - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124 Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.
Just when you thought you couldn't get your fill of Legal Tech ... we're back !! This year's LegalWeek conference, hosted by ALM Media and Law.com, was held in New York City from March 24th through March 27th. More than 6,000 of the biggest names in the industry gathered at the New York Hilton Midtown for the four-day conference. And yes ... Legal Speak was there conducting live interviews with the best and brightest. In this episode, hosts Patrick Smith and Cedra Mayfield sat down with Exterro's John Vincenzo, the Chief Marketing Officer, and Anthony Diaz, the Chief Information Security Officer. Hosts: Cedra Mayfield & Patrick Smith Guests: John Vincenzo & Anthony Diaz Producer: Charles Garnar
In this episode of The New CISO, host Steve Moore speaks with Rich Durost, Chief Information Security Officer at Froedtert ThedaCare Health, about his journey from West Point cadet to cybersecurity leader—and what slicing cake has to do with building effective security programs.Drawing from 23 years in the military and over 15 years in cybersecurity, Rich shares how discipline, preparation, and teamwork—skills first sharpened during plebe year dessert duty—translate directly into the responsibilities of a CISO. He reflects on the shift from tactical to strategic thinking, the value of mentoring deputies, and why authentic leadership and relationship-building are vital in today's remote work environment.Rich also explores the unique challenges of healthcare cybersecurity, the importance of aligning with clinical goals, and how CISOs can move from being the "department of no" to strategic business enablers by simply asking “how” instead of “no.”Whether you're a rising security professional or a seasoned executive, you'll gain practical leadership takeaways—and maybe a new appreciation for cake.
Craig Peppard is the Vice President & Chief Information Security Officer at Ivari Canada. In this episode, he joins host Heather Engel and Greg Crowley, CISO at eSentire, to share insights on leadership in security, including the issue of gatekeeping in the industry, why practitioners need a diverse skill set beyond technical talent, and more. Next Level CISO is a Cybercrime Magazine podcast brought to you by eSentire, the Authority in Managed Detection and Response. eSentire's mission is to hunt, investigate and stop cyber threats before they become business disrupting events. To learn more about our sponsor, visit https://esentire.com
Ever wonder how the CISO role went from obscure techie to boardroom MVP? In this episode of CISO Tradecraft, G Mark Hardy takes you on a journey through the evolution of the Chief Information Security Officer — from Steve Katz's groundbreaking appointment at Citibank in 1995 to the high-stakes, high-impact role CISOs play today. Transcripts: https://docs.google.com/document/d/1FlKBW6zlVBqLoSTQMGZIfz--ZLD_aS9t/edit Chapters 00:00 Introduction to the Evolution of the CISO Role 00:58 The First CISO: Steve Katz's Pioneering Journey 03:58 Rise of Security Certifications 08:39 Regulatory Wake-Up Calls and Compliance 12:23 Cybersecurity in the Age of State-Sponsored Attacks 17:58 The Impact of Major Cyber Incidents 25:07 Modern Challenges and the Future of the CISO Role 27:51 Conclusion and Final Thoughts
David Slazyk, Chief Information Officer & Chief Information Security Officer at Nextech, explains the real risks that small medical practices face in today's cyber world. From AI-powered attacks to phishing scams, hackers are more sophisticated than ever and no one is off-limits.But here's the thing: most small businesses don't even realize how vulnerable they are. Could your practice be at risk? What are the biggest mistakes businesses make when it comes to cybersecurity? And what simple steps can help protect sensitive patient data?Hear real-world stories, expert insights, and practical tips to help keep your business secure.About David SlazykAs Chief Information Officer and Chief Information Security Officer at Nextech, David oversees Nextech's IT/IS and cybersecurity strategy while ensuring the function, integrity, confidentiality, and availability of our information systems. He also leads efforts to protect and prepare our company from cyber threats, manage our data privacy initiatives, oversee software vendor management, and ensure compliance with relevant regulations.LinksConnect with David on LinkedIn5 Cybersecurity Must-Dos in 2025 and Beyond: Best Practices from a Healthcare CIOGuestDavid Slazyk, Chief Information Officer and Chief Information Security OfficerNextechHostRobin Ntoh, VP of AestheticsNextechPresented by Nextech, Aesthetically Speaking delves into the world of aesthetic practices, where art meets science, and innovation transforms beauty.With our team of experts we bring you unparalleled insights gained from years of collaborating with thousands of practices ranging from plastic surgery and dermatology to medical spas. Whether you're a seasoned professional or a budding entrepreneur, this podcast is tailored for you.Each episode is a deep dive into the trends, challenges, and triumphs that shape the aesthetic landscape. We'll explore the latest advancements in technology, share success stories, and provide invaluable perspectives that empower you to make informed decisions.Expect candid conversations with industry leaders, trailblazers and visionaries who are redefining the standards of excellence. From innovative treatments to business strategies, we cover it all.Our mission is to be your go-to resource for staying ahead in this ever-evolving field. So if you're passionate about aesthetics, eager to stay ahead of the curve and determined to elevate your practice, subscribe to the Aesthetically Speaking podcast.Let's embark on this transformative journey together where beauty meets business.About NextechIndustry-leading software for dermatology, medical spas, ophthalmology, orthopedics, and plastic surgery at https://www.nextech.com/ Follow Nextech on Instagram @nextechglow
In today's rapidly evolving digital landscape, the lines between Information Technology (IT), Operational Technology (OT), and the Internet of Things (IoT) have become increasingly blurred. While these domains were once distinct, they now converge into a single, interconnected technology ecosystem—one that presents both unprecedented opportunities and critical security challenges. In this keynote, Michael Clothier, Chief Information Security Officer at Northrop Grumman, brings 30 years of global cybersecurity leadership to explore how organizations can rethink their approach to securing "technology" as a whole, rather than as separate silos. Drawing on his extensive experience across the U.S., Australia, Asia, and beyond—including securing mission-critical defense and aerospace systems, leading enterprise IT transformations, and integrating cybersecurity across diverse industries—Michael will examine the evolution of security challenges from historical, international, and cross-industry perspectives. Key discussion points include: From Air-Gapped to Always Connected – A historical view of how IT, OT, and IoT security challenges have evolved and what we can learn from past approaches.The Global Cybersecurity Landscape – Insights from securing critical infrastructure across Asia, Australia, and the U.S., and the lessons we can apply to today's interconnected world.Breaking Down the Silos – Why treating IT, OT, and IoT as distinct domains is outdated and how a unified security strategy strengthens resilience.National Security Meets Enterprise Security – Perspectives from both military and private-sector leadership on protecting sensitive data, intellectual property, and critical systems. As cybersecurity professionals, we must shift our mindset from securing individual components to securing the entire technology ecosystem. Whether you are safeguarding an industrial control system, an aircraft, or a corporate network, the fundamental security principles remain the same. By applying an integrated approach, we can better protect the critical systems that power modern society. Join Michael for this thought-provoking keynote as he challenges conventional thinking, shares real-world case studies, and provides actionable strategies to redefine cybersecurity in an era where everything is just "T." About the speaker: Chief Information Security Officer at Northrop Grumman
On today's show, we chat with Joe Evangelisto, CISO at NetSPI. He recounts his journey to becoming a Chief Information Security Officer, one that started as an IT sysadmin, advanced to management, and led him ultimately to the CISO role. Joe talks about building security programs from the ground up and developing both personally and... Read more »
On today's show, we chat with Joe Evangelisto, CISO at NetSPI. He recounts his journey to becoming a Chief Information Security Officer, one that started as an IT sysadmin, advanced to management, and led him ultimately to the CISO role. Joe talks about building security programs from the ground up and developing both personally and... Read more »
In this episode of Audience 1st Podcast, Dani Woolf sits down with Jason Loomis, Chief Information Security Officer at Freshworks, to uncover the raw truth behind how CISOs evaluate security vendors, what actually moves a deal forward, and why most POVs fall flat before they even start. Jason gets brutally honest about the emotional dynamics of enterprise buying, the real reason vendors lose trust, and what it actually takes to turn a POV into a purchase. If you're in product marketing, sales, or demand generation at a cybersecurity company, this episode will change how you think about the buyer journey and give you a blueprint to win trust, increase conversions, and build long-term influence with technical buyers. What You'll Learn in This Episode: Why emotional certainty - not ROI - is the key to winning a CISO's trust The most common POV mistakes vendors make (and how to avoid them) How Jason evaluates vendors - and what gets them instantly disqualified The danger of relying on generic “What problems are you solving?” questions Why transparency beats feature-stuffing in every sales motion How to make your booth presence less awkward and more effective The impact of new SEC regulations on security budgeting and priorities Why buyers referring your product - even after saying no - is the ultimate win If you're serious about understanding what really drives buyer decisions in cybersecurity subscribe to Audience 1st Podcast. New episodes every week. Raw, unfiltered, and straight from the source - your buyers.
Steven Ramirez, Chief Information Security Officer at Renown Health, shares insights on improving the end-user experience through continuous adjustments and support. He emphasizes the importance of clearly articulating risk to drive strategic investments and ensuring those investments deliver value. Ramirez also discusses his proactive approach to setting himself up for long-term success in the evolving healthcare landscape.
Steven Ramirez, Chief Information Security Officer at Renown Health, shares insights on improving the end-user experience through continuous adjustments and support. He emphasizes the importance of clearly articulating risk to drive strategic investments and ensuring those investments deliver value. Ramirez also discusses his proactive approach to setting himself up for long-term success in the evolving healthcare landscape.
Ryan Field, Executive Vice President & Chief Information Security Officer at Bank of Hawaii joins Ann on this week's episode of Afternoon Cyber Tea. With over two decades of experience in IT and cybersecurity, Ryan shares his approach to security leadership; and the importance of fostering collaboration and diverse perspectives. He discusses the unique challenges of cybersecurity in banking and financial services, how organizations across Hawaii are coming together to build a more resilient security workforce, and how shifting from enforcers to influencers is transforming security culture. Resources: View Ryan Field on LinkedIn View Ann Johnson on LinkedIn Related Microsoft Podcasts: Microsoft Threat Intelligence Podcast The BlueHat Podcast Uncovering Hidden Risks Discover and follow other Microsoft podcasts at microsoft.com/podcasts Afternoon Cyber Tea with Ann Johnson is produced by Microsoft and distributed as part of N2K media network.
LTC Steven Murray is a retired U.S. Army Lieutenant Colonel who served as an Information Warfare Officer and Cyber Defense Battalion Commander. With extensive experience in cyber operations and intelligence, he commanded units supporting the United States Pacific Command, U.S. Army Pacific Forces, and the National Security Agency. He was deployed to Iraq during Operation Enduring Freedom, earning a Bronze Star, and has held roles such as Chief Information Security Officer for a large medical company. Currently, Murray is known for his analysis of current events, focusing on information warfare, censorship, and global politics.Cornerstone Forum ‘25https://www.showpass.com/cornerstone25/Get your voice heard: Text Shaun 587-217-8500Substack:https://open.substack.com/pub/shaunnewmanpodcastSilver Gold Bull Links:Website: https://silvergoldbull.ca/Email: SNP@silvergoldbull.comText Grahame: (587) 441-9100Bow Valley Credit UnionWebsite: www.BowValleycu.comEmail: welcome@BowValleycu.com Use the code “SNP” on all ordersProphet River Links:Website: store.prophetriver.com/Email: SNP@prophetriver.com
Today on the Social-Engineer Podcast: The Security Awareness Series, Chris is joined by Roy Luongo. Roy is the Chief Information Security Officer for the United States Secret Service. He leads a team in the defense and information assurance of all USSS information systems and solutions. Prior to his current role he was the Director, Joint Mission Operations Center for Cyber Command, providing oversight of mission critical Cyber Operations infrastructures. He has also served as Chief, NSA Red Team and Technical Director for Interactive Operations for the NSA. Roy is a retired Army soldier with 20 years' service within the Intelligence and Cyber career fields. [March 17, 2025] 00:00 - Intro 00:17 - Intro Links: - Social-Engineer.com - http://www.social-engineer.com/ - Managed Voice Phishing - https://www.social-engineer.com/services/vishing-service/ - Managed Email Phishing - https://www.social-engineer.com/services/se-phishing-service/ - Adversarial Simulations - https://www.social-engineer.com/services/social-engineering-penetration-test/ - Social-Engineer channel on SLACK - https://social-engineering-hq.slack.com/ssb - CLUTCH - http://www.pro-rock.com/ - innocentlivesfoundation.org - http://www.innocentlivesfoundation.org/ 01:55 - Roy Luongo Intro 02:44 - The Path to CISO of the Secret Service 04:58 - Cybersecurity in Early Education 07:50 - The Entry Level Catch-22 12:24 - Quantifying Risk 14:27 - The Best Way Forward 16:51 - The Effects and Future of AI 20:06 - Understanding Your Needs 22:11 - Advise to Young Roy 24:56 - The Cost of Training 29:01 - Mentors - Ed Skoudis - Brigadier General Brian D. Vile - Shawn Turskey 29:55 - Lollipop Moments - TEDxToronto - Drew Dudley "Leading with Lollipops" 31:33 - Book Recommendations - Cybersecurity Canon - Rick Howard - Kingpin - Kevin Poulsen - Turn the Ship Around! - L. David Marquet 33:49 - Wrap Up & Outro - www.social-engineer.com - www.innocentlivesfoundation.org
Micah Czigan, Chief Information Security Officer at Georgetown University joins Ann on this week's episode of Afternoon Cyber Tea. With a career spanning the U.S. Navy, Department of Defense, and private sector cybersecurity, Micah shares his journey from marine biology to cryptologic communications, ultimately finding his passion for cybersecurity. He discusses the parallels between military strategy and cybersecurity and what business leaders can learn from the unique and critical threats facing universities. Resources: View Micah Czigan on LinkedIn View Ann Johnson on LinkedIn Related Microsoft Podcasts: Microsoft Threat Intelligence Podcast The BlueHat Podcast Uncovering Hidden Risks Discover and follow other Microsoft podcasts at microsoft.com/podcasts Afternoon Cyber Tea with Ann Johnson is produced by Microsoft and distributed as part of N2K media network.
Allen Ohanian, a pioneering CISO, shares insights on the evolving role of cybersecurity leaders, the integration of AI in digital defense, and the ever-growing challenges of protecting sensitive data. Discover how AI is both a weapon and a shield in today's cyber landscape.00:24- About Allen OhanianMr. Ohanian is the Chief Information Security Officer for the Los Angeles County Department of Children and Family ServicesHe has 20 years of experience in information technology, cybersecurity and defense strategies, risk management, forensics, privacy, compliance, cloud security, and software engineering in the private and public sectors. He served as the first Chief Information Security and Privacy Officer at LA County Counsel where he established an Information Security and Privacy program and ensured compliance with legal mandates.
Organizations need to understand what AI can do and can't do. Start creating the best use cases within their organizations and also train people on how to use them responsibly." - Diana Kelley In this episode, host Ana Melikian delves into the pivotal role of Artificial Intelligence (AI) in today's world, particularly in the business world. Joined by guest Diana Kelley, a seasoned Chief Information Security Officer at ProtectAI, they explore the integration of AI into our daily lives and the business sphere. Ana and Diana discuss the importance of understanding AI's capabilities and limitations, likening it to a hundred-foot wave that businesses need to learn to surf rather than be overwhelmed by. They emphasize the necessity of increasing AI literacy to make informed decisions and identify the best use cases within organizations. Diana sheds light on the potential risks and vulnerabilities of AI, including data privacy concerns and the need for responsible adoption. Organizations are encouraged to enhance their security measures and train employees to use AI effectively and safely. As Ana and Diana examine AI's rapid advancement, they highlight the critical balance between embracing innovation and maintaining security. The conversation is filled with insightful analogies and expert advice, making it a must-listen for anyone interested in navigating the complexities of AI in business and security. Let's dive in! This week on the MINDSET ZONE: 00:00 Introduction to AI in Everyday Tools 01:02 Meet Diana Kelly: Cybersecurity Powerhouse 01:49 The AI 100-foot Wave 03:42 Understanding AI Risks and Vulnerabilities 11:43 AI Literacy: A Necessity for All 18:02 Data Privacy and Security Concerns 26:00 Resources for AI Literacy and Security 29:25 Conclusion and Final Thoughts About The Guest Diana Kelley is the Chief Information Security Officer (CISO) for Protect AI. She also serves on the boards of WiCyS, The Executive Women's Forum (EWF), InfoSec World, CyberFuture Foundation, TechTarget Security Editorial, and DevNet AI/ML. Diana was Cybersecurity Field CTO for Microsoft, Global Executive Security Advisor at IBM Security, GM at Symantec, VP at Burton Group (now Gartner), a Manager at KPMG, CTO and co-founder of SecurityCurve, and Chief vCISO at SaltCybersecurity. Her extensive volunteer work has included serving on the ACM Ethics & Plagiarism Committee, Cybersecurity Committee Advisor at CompTIA, CTO and Board Member at Sightline Security, Advisory Board Chair at WOPLLI Technologies, Advisory Council member Bartlett College of Science and Mathematics, Bridgewater State University, and RSAC US Program Committee. She is a sought-after keynote speaker, the host of BrightTALK's The (Security) Balancing Act, co-author of the books Practical Cybersecurity Architecture and Cryptographic Libraries for Developers, instructor for the LinkedIn Learning classes Security in AI and ML and Introduction to MLSecOps, has been a lecturer at Boston College's Masters program in cybersecurity, one of AuditBoard's Top 25 Resilient CISOs in 2024, a 2023 Global Cyber Security Hall of Fame Inductee, the EWF 2020 Executive of the Year and EWF Conference Chair 2021-Present, an SCMedia Power Player, and one of Cybersecurity Ventures 100 Fascinating Females Fighting Cybercrime. Connect with: Linkedin.com/in/dianakelleysecuritycurve ProtectAI.com Resources: NIST AI RMF: https://www.nist.gov/itl/ai-risk-management-framework OWASP AI Sec: https://genai.owasp.org/ OWASP AI Security and Privacy Guide: https://owasp.org/www-project-ai-security-and-privacy-guide/ MITRE ATLAS: https://atlas.mitre.org/ MLSecOps Community: https://mlsecops.com/ LinkedIn Learning: Introduction to MLSecOps Security Risks in AI and Machine Learning: Categorizing Attacks and Failure Modes Related Content: Expand What's Possible
Niel Harper is a Certified Director and ISACA Board Vice Chair. He is also the Chief Information Security Officer and Data Protection Officer at Doodle. Niel is based in Germany. He has more than 20 years of experience in IT risk management, cybersecurity, privacy, Internet governance and policy, and digital transformation. Safia Kazi is the Privacy Professional Practices Principal at ISACA. She has worked at ISACA for just over a decade, initially working on ISACA's periodicals and now serving as the Privacy Professional Practices Principal. She is based in Chicago. In 2021, she was a recipient of the AM&P Network's Emerging Leader award, which recognizes innovative association publishing professionals under the age of 35. In this episode… ISACA's State of Privacy 2025 survey reveals that privacy professionals are facing significant hurdles, including staffing shortages, budget cuts, and increasing demands for technical privacy expertise. Many organizations are shifting privacy responsibilities to legal and security teams, without additional resources or training. At the same time, AI adoption is increasing, introducing new complexities and risks. With privacy budgets under strain and teams expected to do more with less, how can businesses sustain effective privacy programs while navigating new challenges? According to ISACA's State of Privacy 2025 survey, one of the most pressing concerns for privacy teams is the growing demand for technical privacy expertise. Privacy by design also remains a challenge, with limited resources making it difficult for teams to embed privacy into product development from the outset. AI also plays a growing role in privacy operations, helping automate processes while raising concerns about data security, bias, and third-party risks. Despite these findings from ISACA's survey, businesses can make privacy sustainable by fostering a culture of privacy awareness from the top down, ensuring leadership understands the value of privacy beyond compliance. In this episode of She Said Privacy/He Said Security, Jodi and Justin Daniels speak with Niel Harper, Certified Director and Board Vice Chair at ISACA and CISO and DPO at Doodle, and Safia Kazi, Privacy Professional Practices Principal at ISACA, about the findings from ISACA's State of Privacy 2025 survey. Safia explains how privacy professionals can adapt to changes by continuously learning and staying informed on emerging risks, while Niel highlights the need for board-level privacy advocacy. They also explore how organizations are adapting to staffing shortages and budget constraints, the impact of AI on privacy operations, and how organizations can effectively navigate emerging risks.
Fortifying security defences with automated root cause analysis and prioritisationManaging security risk urgency across your application pipeline with real-time visibility and data visualisation capabilitiesDriving efficiency and prioritisation across your security ecosystem with practical remediation actionsThis episode is hosted by Thom Langford:https://www.linkedin.com/in/thomlangford/John Heaton-Armstrong, Experienced Cyber security Leader, Confidentialhttps://www.linkedin.com/in/johnheatonarmstrong/Danny Dresner, Professor of Cyber security, The University of Manchesterhttps://www.linkedin.com/in/danny-dresner-fciis-6382381/Tiago Rosado, Chief Information Security Officer, Asitehttps://www.linkedin.com/in/tiagorosado/Derek Maki, VP Product Management, Veracodehttps://www.linkedin.com/in/derekmaki/
Bob Davis joins us on a special episode to celebrate three years and 184 conversations on The Virtual CISO Moment. Bob is the Partner / Chief Information Security Officer of Franklin CISO Partners, LLC. Franklin CISO Partners provides virtual, fractional, and interim Chief Information Security Officer services to small and medium-sized clients in healthcare and financial services. Join us as we dive into information security issues healthcare and financial services and how a fractional CISO can help.
Crypto derivatives exchange Bybit just became the latest victim of North Korea's elite hacking unit, the Lazarus Group. They didn't brute-force their way in. They didn't exploit some obscure vulnerability. Instead, they tricked a trusted developer, slipped in malicious code, and took off with a fortune. How did this happen? Why was $1.5 billion sitting in a single wallet? What mistakes did Bybit and Safe make? And, more importantly, what needs to change to stop this from happening again? This week, Mudit Gupta, chief information security officer at Polygon, joins Unchained to expose the security failures, the sophisticated tactics Lazarus used, and why crypto still hasn't learned its lesson. Show highlights: 2:11 Mudit's experience with North Korea's Lazarus 3:24 How Lazarus perpetrated the $1.5 billion hack 5:55 Why Lazarus relies on social engineering over technical exploits 7:34 Why Bybit was so specifically targeted by the hackers 10:02 What Bybit should have done to prevent the exploit 13:12 Why Mudit believes there was “no reason” to hold so much ETH in one single wallet 15:57 Who should be a signer in multisigs 17:46 How to prevent using a malicious website 19:13 Why Safe should have done things differently, according to Mudit 19:55 How Bybit and Safe handled crisis communication 24:20 Mudit's must-know security tips for protecting your crypto Visit our website for breaking news, analysis, op-eds, articles to learn about crypto, and much more: unchainedcrypto.com Thank you to our sponsors! Mantle Guest Mudit Gupta, Chief Information Security Officer at Polygon Links Recent coverage of Unchained on the Bybit hack: North Korean Hackers Are Winning. Is the Crypto Industry Ready to Stop Them? The Chopping Block: Crypto's Worst Week? Bybit Hack, Libra Scandal, & The Memecoin Reckoning Bits + Bips: Markets Are Down Bad. When Will Crypto Recover? Unchained: Bybit Flows Return to ‘Normal' After Biggest-Ever Crypto Hack Bybit Hack Forensics Report "Safe{Wallet} Statement on Targeted Attack on Bybit " Learn more about your ad choices. Visit megaphone.fm/adchoices
Rinki Sethi is an experienced CISO (Chief Information Security Officer) and board member in the cybersecurity industry. In this episode, she joins Oz Alashe, founder and CEO at CybSafe, and host Scott Schober to discuss security awareness training and human risk management, including effective strategies, innovative approaches, and more. BEHAVE: A Human Risk Podcast is brought to you by CybSafe, developers of the Human Risk Management Platform. Learn more at https://cybsafe.com.
Who really owns patient data? Can digital identity reshape healthcare security, privacy, and fraud prevention? We sit down with Dan Bowden, Global CISO at Marsh, to tackle these questions. Dan brings a wealth of experience in healthcare cybersecurity, previously serving as CISO at Sentara Healthcare. We dive deep into digital identity, data sovereignty, and the evolving role of AI in protecting patient privacy. Tune in as we discuss: Potential for errors in traditional healthcare ID systems How digital IDs could fight fraud & streamline claims Impact of AI on patient data privacy & security The path to patient data ownership Find Dan's work at: www.marsh.com Subscribe and stay at the forefront of the digital healthcare revolution. Watch the full video on YouTube @TheDigitalHealthcareExperience The Digital Healthcare Experience is a hub to connect healthcare leaders and tech enthusiasts. Powered by Taylor Healthcare, this podcast is your gateway to the latest trends and breakthroughs in digital health. Learn more at taylor.com/digital-healthcare About Us: Taylor Healthcare empowers healthcare organizations to thrive in the digital world. Our technology streamlines critical workflows such as procedural & surgical informed consent with patented mobile signature capture, ransomware downtime mitigation, contactless patient check-in and more. Learn more at taylor.com/healthcare/imedhealth The Digital Healthcare Experience Podcast: Powered by Taylor Healthcare Produced by Naomi Schwimmer Hosted by Chris Civitarese Edited by Eli Banks Music by Nicholas Bach
Jordan Avnaim, Chief Information Security Officer at Entrust, shares strategies CISOs can implement to overcome modern challenges.
In the twenty sixth episode of EDRM Trusted Partner, HaystackID's monthly podcast series, the man with the stories which can never be told, John Wilson, the Chief Information Security Officer and President of Forensics at HaystackID, returned to the Illumination Zone to sit down with Kaylee and Mary to talk about how HaystackID's triage tools address proportionality and privacy requirements in civil litigation, and how they can be best used during internal investigations and white collar work. The tools, Mobile Elite Discovery and Analysis Lab (MEDAL™) and Remote Endpoint Analysis and Data Intelligence (READi™), are finalists for Legalweek's Best Emerging Technology (Non-AI). John also gave our listeners a sneak peek on some upcoming releases and how to score a coveted invitation to HaystackID's legendary whisky and cigar gathering during Legalweek 2025.
Marc Ashworth, Senior Vice President and Chief Information Security Officer at First Bank, is a respected IT executive with over 30 years of experience in cyber and physical security, IT/security architecture, management, author, a public speaker and is the host of “The Cyber Executive” podcast. He is a member of the Missouri Bankers Association Technology Committee, Webster University Cyber Advisory board, Co-Founded the State of Cyber annual security conference, and a Lifetime member of FBI Citizens Academy. He is a former board officer and treasurer for the St. Louis InfraGard Alliance. Possessing security certifications in CISSP, CISM, CRISC, Security+ and other certifications. Mr. Ashworth currently oversees First Bank's information security, financial crimes unit, physical security, and the network services departmentsLISTEN NOW to discover, "3 Cybersecurity Threats You Can't Ignore."
How the human risk surface area has broadened with GenAI and collaboration tools Prevent breaches by applying the cyber kill chain to human vulnerabilities Strategies to protect employees without compromising productivity This episode is hosted by Thom Langford:https://www.linkedin.com/in/thomlangford/Daniela Almeida Lourenco, Chief Information Security Officer, Dutch Financial Serviceshttps://www.linkedin.com/in/daniela-almeida-lourenco/Rebecca Stephenson, Specialist Lead Lecturer, Highlands College https://www.linkedin.com/in/creative-minds-in-cyber/Frederick Coulton, Director of UX, CultureAIhttps://www.linkedin.com/in/frederickcoulton
In this episode, Nick Sturgeon, Vice President and Chief Information Security Officer at Community Health Network, shares insights on his first year as a CISO, tackling challenges like social engineering attacks and implementing cutting-edge technology. He also discusses the strategic integration of AI, the importance of governance in healthcare innovation, and how he's evolving as a leader in a rapidly changing landscape.
In this episode of AI, Government, and the Future, host Marc Leh is joined by Candy Alexander, a prominent cybersecurity leader with over 35 years of experience and current Chief Information Security Officer at NeuEon. As a two-time President of the Information Systems Security Association (ISSA) International and founding President of the ISSA Education and Research Foundation, Candy brings her extensive expertise to discuss AI trustworthiness, data governance, and enterprise security challenges.
The CISO role is constantly changing. With all the shifts in cybersecurity, it's crucial to find ways to attract new talent to close the growing skills gap. CISOs now juggle complex systems managed at multiple levels and handle burnout amongst many other responsibilities. Today's guest is Jill Knesek. Jill is the Chief Information Security Officer for Blackline, a company that does financial SaaS solutions. It's based out of the Los Angeles area. She's been there almost three years now as the CISO, running the information security team. She previously served as Chief Security Officer for BT Global Services. She has more than 15 years' experience directing security programs, including service as a special agent for the FBI assigned to the Cyber Crime Squad in Los Angeles Field Office, where she was involved in several high-profile cases, including Kevin Mitnick. In this episode, we cover the CISO role evolving from low visibility to a C-level position, managing multi-cloud infrastructures and aligning with other teams and the ongoing cybersecurity skills gap and burnout. Jill also talks about incident response and crisis management and collaboration within the cybersecurity community to fill the blind spots and strengthen the defenses. Show Notes: [01:23] She's now the Chief Information Security Officer for Blackline, a company that does financial SaaS solutions. [02:00] She was also an FBI special agent for 3 and 1/2 years working cybercrime. She was super excited, because this was her lifelong dream. [03:35] She loved the FBI, but she knew she could do more for the industry on the private side. [04:21] Jill talks about how the CISO role has evolved. It's now a C-level position. [06:26] Some of the boards were very interested in what was going on with security. There has to be a balance with funding and proving your success. [07:39] Now complexity is an issue. [09:03] The cloud adds so many connecting services. [11:45] CISOs are getting more responsibility and need more qualified people in their teams. There's a gap with not enough people coming into the cybersecurity industry. [12:30] How the idea of stress and working nights and weekends can deter some graduates from the cybersecurity industry. [15:15] Boards and executive committees expect the CISO to be right in the middle of things. They want real-time updates and to know what everyone is working on right now. [17:47] The importance of keeping a calm level-headed view when something goes wrong. [21:41] We learn about the flow of straightening out curves or incidents. Learn during the small incidents and practice the process. [23:57] The importance of not scolding the team for being too quick to react. It's better to have a false alarm than to ignore a serious problem. [25:10] Jill does a one-to-one with everyone on her team each quarter. She tries to Mentor them with some of the things that she's learned. [30:29] We hear about a couple of incidents where ransomware got into the environment. [35:01] When someone else reported that something weird was going on in the network. [38:27] To help with the talent gap, we need to start introducing cybersecurity at the high school level. [42:15] It's important for CISOs to be connected with other groups and events. Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review. Links and Resources: Podcast Web Page Facebook Page whatismyipaddress.com Easy Prey on Instagram Easy Prey on Twitter Easy Prey on LinkedIn Easy Prey on YouTube Easy Prey on Pinterest Jill Knesek at Blackline Jill Knesek on LinkedIn
FIT is celebrating International Safer Internet Day by talking with our Chief Information Security Officer, Jason Collins, in our newest episode about navigating the digital world, best practices that apply to both organizations and families, and some advice about how you can stay safer on the internet.
With the increase in targeted cyber attacks, it's more important than ever for organizations to quickly identify and respond to threats. AI is helping security teams by acting as virtual analysts, handling much of the investigation work. However, human oversight is still essential for the final steps and judgment. Today's guest is Michael Lyborg. Michael is the Chief Information Security Officer at Swimlane. Prior to taking his current role, Michael was Global Vice President of Advisory Services, a highly sought-after expert by the world's largest Fortune 500 companies and global government agencies to advise on the creation and operation of industry-leading security operations. In this episode Michael shares his experience and wisdom on today's cybersecurity challenges. We talk about the balance of automation and human oversight, the risks and rewards of putting AI into security operations, and defense in depth strategies. Michael also covers how military style threat assessments can help with cybersecurity, how AI is evolving for threat prioritization and analysis, and the need for continuous testing and monitoring to prevent automation failures. If you want to know how to stay ahead in a complex cyber world, this episode is full of practical advice. Show Notes: [01:06] Michael has been with Swimlane for about 7 years mainly focusing on larger enterprises, government clients, and partners. He's helping with the automation journey and experience. He also built security programs for other companies and was a Marine. [02:07] Prior to the Marines, he did IT and network security. Michael is originally from Sweden. [04:22] Operational risk management or conducting a limited threat assessment. He's always thinking like a hacker and looking for gaps in security. [06:29] Michael tells a story about his wife's recent experience with a cybersecurity scam. [12:11] How a company decides what level of friction is appropriate to implement proper security. [13:59] Michael talks about balancing what is and isn't automated. [16:16] Michael shares the story about his early days of automation. [17:23] Continuously review and monitor your automations. [18:41] Starting with documentation is a good first step. [21:45] Michael talks about how awesome it is being able to work in security and automation and help businesses grow and achieve outcomes. He believes in automating the mundane tasks. [22:26] We learn about AI being involved in the defensive side of cybersecurity. [24:50] AI can also bridge the gap between the security team and non-technical people. [26:33] We discuss places where AI probably shouldn't be used. [27:58] Find where AI works for you and then think about incorporating it in your security services. [31:01] The importance of having controls in place when using AI whether it's for security or data analysis. [33:00] Risk can be reduced by training on specific tasks. [34:18] Michael shares the value of mixing human and artificial intelligence through Swimlane. [39:08] The importance of bridging gaps and getting rid of silos. Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review. Links and Resources: Podcast Web Page Facebook Page whatismyipaddress.com Easy Prey on Instagram Easy Prey on Twitter Easy Prey on LinkedIn Easy Prey on YouTube Easy Prey on Pinterest Michael Lyborg on Swimlane Michael Lyborg on LinkedIn
All links and images for this episode can be found on CISO Series. This week's episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), partner, YL Ventures. Joining us is Deneen DeFiore, Vice President & Chief Information Security Officer, United Airlines. In this episode: Minding the gap Copilot overreliance Opening up the field Navigating the SMB cyber insurance conundrum Thanks to our podcast sponsor, Vanta! Say goodbye to spreadsheets and screenshots Vanta automates evidence collection needed for audits with over 350 integrations—giving you continuous visibility into your compliance status. And with cross-mapped controls across over 35 frameworks, you'll streamline compliance— and never duplicate your efforts.
#191: Securing the Public Cloud: How Seattle & LA County DCFS Are Transforming CybersecurityFrom Asset Management to AI: Building Modern Security for Vulnerable CommunitiesFeaturing:Greg Smith, Chief Information Security Officer and Director of Security & Infrastructure, City of Seattle ITAllen Ohanian, Chief Information Security Officer, Los Angeles County Department of Children and Family ServicesBrent Byrnes, Account Executive SLED, WizIn this episode, you'll learn:How Seattle's risk-based approach is transforming traditional government cybersecurityLA County DCFS's strategy for securing the nation's largest welfare agency's sensitive data in the cloudWhy emerging IoT devices and cloud assets are creating new visibility challenges for government infrastructureThe role of cloud visibility and democratized security in modern government environmentsReal-world lessons from Seattle's cross-agency incident response and recovery strategiesTimestamps(00:00) Introduction and Guest Backgrounds (03:14) Seattle's Evolution to Risk-Based Security (04:52) Securing LA County DCFS's Cloud Environment (07:38) Cloud Visibility in Government (09:22) Asset Management Challenges in Modern Infrastructure (12:45) Cross-Agency Incident Response: Seattle Library Case Study (16:33) Crisis Communication Strategies (22:18) AI Implementation and Security Threats (27:42) Managing Modern Security Vendors (31:15) Future of Government Cloud Security To hear more, visit www.techtables.com
Our guest this week is Thomas Stocking, Data Security Professional and Privacy Evangelist. He is the Chief Information Security Officer for BlueWhale Research in San Francisco. Thomas has decades of experience that he shares in a easily understood manner. I do hope we have an opportunity for a part II with Thomas, for there was […]
Paul previously served as the Chief Information Security Officer for an independent Broker-Dealer with billions of dollars in assets under management and thousands of Advisors spread across the United States as well as a major defense contractor providing logistical services. Paul has been a part of several FINRA and SEC Cybersecurity sweeps and examinations and maintains a deep understanding of the regulatory requirements associated with financial institutions as well as prioritizing risk remediation activities. With a sister company operating in the tax preparation space and a large majority of Advisors having a separate tax practice Paul has a deep understanding of the IRS requirements set forth in the Strategic Threat Assessment & Response (STAR) work group to help protect taxpayers and the integrity of the tax ecosystem. Paul helps educate advisors on security requirements that are present in both businesses by drafting policies and procedures that are closely aligned to meet both business needs. Paul was also a 2016, 2015, 2014 & 2013 EC-Council Certified Chief Information Security Officer of the Year Finalist and was presented with the Excellence in Finance Leaders Award in recognition of his contributions to the Finance Industry at the 2019 FiNext Conference.Paul holds a Master of Science in Management with a concentration in Information Systems Security and a Bachelor of Science in Business Administration in Information Technology from Colorado Technical University. Paul has also served on a variety of Advisory Boards for information security-related topics and has a deep dedication to the information security community by mentoring other security professionals. Paul honorably served in the United States Air Force as a Special Agent and has an extensive physical and information security background from his time spent as an Agent.In this episode, Eric and Paul Horn discuss:The critical first step toward securityThe threat of human error Non-negotiable security measures Basic cybersecurity “hygiene”Key Takeaways:Performing a comprehensive cybersecurity risk assessment is the critical first step for organizations of all sizes to identify and address vulnerabilities.Human error, such as clicking on phishing links, remains the biggest cybersecurity threat, underscoring the importance of regular security awareness training.Multi-factor authentication is a non-negotiable security measure, not only for regulatory compliance but also for obtaining cyber insurance coverage.Small and mid-sized businesses often overlook basic cybersecurity hygiene like device encryption, patch management, and use of supported software versions, which can leave them exposed to significant risks.“If you can't do the basics, you're not going to be able to do the advanced stuff, or it's very easy to walk right in (a trap) because you're not doing the basic stuff.” - Paul HornConnect with Paul Horn:Website: https://www.h2cyber.com/ LinkedIn: https://www.linkedin.com/in/paul-horn-4107861a/ Connect with Eric Dyson: Website: https://90northllc.com/Phone: 940-248-4800Email: contact@90northllc.com LinkedIn: https://www.linkedin.com/in/401kguy/ The information and content of this podcast is general in nature and is provided solely for educational and informational purposes. It is believed to be accurate and reliable as of the posting date but may be subject to changeIt is not intended to provide a specific recommendation for any type of product or service discussed in this presentation or to provide any warranties, investment advice, financial advice, tax, plan design or legal advice (unless otherwise specifically indicated). Please consult your own independent advisor as to any investment, tax, or legal statements made.The specific facts and circumstances of all qualified plans can vary and the information contained in this podcast may or may not apply to your individual circumstances.
Data is the fastest growing enterprise attack surface, and is projected to surpass 181 Zettabytes in 2025. Couple data growth with the growing demands of Artificial Intelligence, and the attack surface expands even more. How should organizations adapt their security programs to safeguard their data? Lamont Orange, Chief Information Security Officer at Cyera, joins Business Security Weekly to help you solve your biggest data security challenges. By starting with inventory and classification, data access review can help you answer your biggest data security questions, including: what data you have, where it's stored, who, or what, can access it, and which data risks exist. In the leadership and communications segment, The Business of Cybersecurity: The CISO's Role in Alignment and Pervasive Governance, CISO Priorities for 2025: Budget Wisely, How Do I Position Myself to Influence Senior Leadership?, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-377