Podcasts about Chief information security officer

Kory Daniels, Chief Information Security Officer at Trustwave,  highlights the unique cybersecurity challenges facing the healthcare industry, particularly in this environment of funding constraints and the increasing sophistication of cyberattacks. Healthcare data is highly valuable to cybercriminals, who can use it for ransomware attacks, identity and insurance fraud, and other nefarious purposes. AI can be part of both the attack and the solution, helping to build in more cyber resilience and awareness about vulnerabilities. Kory explains, "Healthcare is a prime target for cyberattacks for a very fundamental reason. When human lives are at risk due to a criminal objective—which is to make money—they view organizations where human lives are at risk as a greater potential and opportunity. Facilitation of ransomware payments: Ransomware is one of the largest tactics that criminals use to achieve financial gain, but it's not the only tactic they use to achieve financial gain. So, they're looking to exploit the fear and uncertainty, putting patient lives at risk and adding complexity to patient care through their nefarious actions. But also, healthcare data is very attractive for cybercriminals, and just criminal activity in general. And why that is, is that criminals are looking at healthcare data even more so—it's more valuable than driver's license data." "Look at the opportunity of what you can do with healthcare records, and what can you do with PII, Personally Identifiable Information. Threat actors are tapping into this data in several different ways to achieve the additional financial gain above and beyond targeting a healthcare organization with a ransomware attack." "But they're also committing fraud, and fraud toward healthcare insurers, and looking at submitting false claims, fraud against the prescription drug industry in terms of soliciting and looking to obtain prescription drugs through nefarious means, but utilizing data and identity data that comes from hospital and healthcare records. There are a variety of different ways that we've just scratched the surface on, which make the healthcare industry such a desirable target for those seeking to achieve financial gain in the criminal industry." #Trustwave #Cybersecurity #CyberAttacks #HealthcareSecurity #HealthcareIT #CISOInsights trustwave.com Download the transcript here

Kory Daniels, Chief Information Security Officer at Trustwave,  highlights the unique cybersecurity challenges facing the healthcare industry, particularly in this environment of funding constraints and the increasing sophistication of cyberattacks. Healthcare data is highly valuable to cybercriminals, who can use it for ransomware attacks, identity and insurance fraud, and other nefarious purposes. AI can be part of both the attack and the solution, helping to build in more cyber resilience and awareness about vulnerabilities. Kory explains, "Healthcare is a prime target for cyberattacks for a very fundamental reason. When human lives are at risk due to a criminal objective—which is to make money—they view organizations where human lives are at risk as a greater potential and opportunity. Facilitation of ransomware payments: Ransomware is one of the largest tactics that criminals use to achieve financial gain, but it's not the only tactic they use to achieve financial gain. So, they're looking to exploit the fear and uncertainty, putting patient lives at risk and adding complexity to patient care through their nefarious actions. But also, healthcare data is very attractive for cybercriminals, and just criminal activity in general. And why that is, is that criminals are looking at healthcare data even more so—it's more valuable than driver's license data." "Look at the opportunity of what you can do with healthcare records, and what can you do with PII, Personally Identifiable Information. Threat actors are tapping into this data in several different ways to achieve the additional financial gain above and beyond targeting a healthcare organization with a ransomware attack." "But they're also committing fraud, and fraud toward healthcare insurers, and looking at submitting false claims, fraud against the prescription drug industry in terms of soliciting and looking to obtain prescription drugs through nefarious means, but utilizing data and identity data that comes from hospital and healthcare records. There are a variety of different ways that we've just scratched the surface on, which make the healthcare industry such a desirable target for those seeking to achieve financial gain in the criminal industry." #Trustwave #Cybersecurity #CyberAttacks #HealthcareSecurity #HealthcareIT #CISOInsights trustwave.com Listen to the podcast here

Dr. Aleise McGowan, Chief Information Security Officer of BlackGirlsHack and a 20-year cybersecurity veteran, joins Ann on this week's episode of Afternoon Cyber Tea. Aleise shares how a career-defining hack early on shifted her trajectory from developer to defender, and why she believes the future of security lies in resilience, diversity, and human-centered leadership. She talks about what separates good and great leaders during the first hours of an incident response and why delayed action equals exponential damage. She also spotlights her work with BlackGirlsHack, a rapidly growing nonprofit that opens doors for underrepresented talent in cyber, and makes the case that building an inclusive security workforce isn't just the right thing to do, it's the smart thing to do.    Resources:   View Aleise McGowan on LinkedIn   View Ann Johnson on LinkedIn       Related Microsoft Podcasts:   Microsoft Threat Intelligence Podcast   The BlueHat Podcast    Uncovering Hidden Risks           Discover and follow other Microsoft podcasts at microsoft.com/podcasts      Afternoon Cyber Tea with Ann Johnson is produced by Microsoft and distributed as part of N2K media network.    

Podcast: KBKAST (LS 31 · TOP 5% what is this?)Episode: Episode 314 Deep Dive: Imran Husain | Cybersecurity Threats in the Manufacturing WorldPub date: 2025-06-11Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this episode, we sit down with Imran Husain, Chief Information Security Officer at MillerKnoll, as he discusses the evolving landscape of cybersecurity threats in the manufacturing sector. Imran explores the challenges that arise as manufacturing increasingly integrates with online technologies and IoT, highlighting the unique vulnerabilities posed by legacy systems and operational technology (OT). He shares insights on high-profile incidents like the Norsk Hydro ransomware attack, emphasizing the importance of cyber resilience, data backup, and incident recovery. Imran also offers a candid look at why critical tasks like backing up data are often neglected, the complexities of securing aging infrastructure, and the need for creative solutions such as network segmentation and IT/OT convergence. A dedicated and trusted senior Cyber security professional, Imran Husain has over 22 years of Fortune 1000 experience that covers a broad array of domains which includes risk management, cloud security, SecDevOps, AI Security and OT Cyber practices. A critical, action-oriented leader Imran brings strategic and technical expertise with a proven ability to build cyber program to be proactive in their threat detection, identifying and engaging in critical areas to the business while upholding their security posture. He specializes in Manufacturing and Supply Chain Distribution focusing on how to best use security controls and processes to maximize coverage and reduce risk in a complex multi-faceted environment. A skilled communicator and change agent with bias to action who cultivates an environment of learning and creative thinking, Imran champions open communication and collaboration to empower and inspire teams to exceed in their respective cyber commitments. He is currently the Global Chief Information Security Officer (CISO) at MillerKnoll, a publicly traded American company that produces office furniture, equipment, and home furnishings.The podcast and artwork embedded on this page are from KBI.Media, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

In this episode of CISO Tradecraft, host G Mark Hardy sits down with Matt Hillary, the Chief Information Security Officer of Drata, to discuss governance, risk, and compliance (GRC) and trust management. They explore key topics such as the evolution of GRC, trust management, compliance automation, and the advent of AI in compliance processes. Matt shares insights on building a world-class GRC program, the challenges and opportunities in modern-day compliance, and the mental health aspects of being a cybersecurity leader. This episode is a must-watch for any cybersecurity professional looking to enhance their GRC strategies and compliance operations. Big Thanks to our Sponsor Drata. You can learn more about them at https://drata.com/ Connect with Matt Hillary at https://www.linkedin.com/in/matthewhillary/ Transcripts - https://docs.google.com/document/d/1VzRQSEvgUwenDERlNn2bwlIpnz4QPQ15/  Chapters 01:39 Meet Matt Hillary: CISO of Drata 06:06 The Evolution of GRC and Trust Management 14:48 Continuous Compliance and Automation 19:26 Compliance as Code: The Future of GRC 22:18 The Importance of Getting It Right the First Time 23:15 Customer Compliance Challenges 24:21 Vendor Risk Management and Trust Building 26:26 Leveraging AI for Compliance and Risk Management 31:43 Evaluating Credibility of Third-Party Evidence 41:09 Common Mistakes in GRC Programs 43:56 Final Thoughts and Industry Call to Action

Are cyber threats the biggest risk to healthcare delivery? In this podcast hosted by Mark Bailes, Sentara Health Chief Information Security Officer Zishan Siddiqui will be speaking on the critical intersection of cybersecurity, product innovation, and patient safety. He shares insights on transforming cybersecurity from a cost center to a strategic business enabler, exploring how regulations and a product mindset can drive meaningful change in the healthcare industry.

Join James Dyson as he discusses NIS2 requirements and their implementation with Elias Alanko, Chief Information Security Officer at 3stepIT, Robert Valkama, Senior Manager of OT Cyber Security at Fortum, Sachin Loothra, Lead Solution Architect at Telia, and Mikael Albrecht, CISO at Second Nature Security Oy (2NS). The conversation covers key strategies for ensuring cybersecurity compliance, understanding the NIS2 directive, and how businesses can navigate its requirements effectively.

Brett Ewing is the Founder and CEO of AXE.AI, a cutting-edge cybersecurity SaaS start-up, and the Chief Information Security Officer at 3DCloud. He has built a career in offensive cybersecurity, focusing on driving exponential improvement. Brett progressed from a Junior Penetration Tester to Chief Operating Officer at Strong Crypto, a provider of cybersecurity solutions. He brings over 15 years of experience in information technology, with the past six years focused on penetration testing, incident response, advanced persistent threat simulation, and business development. He holds degrees in secure systems administration and cybersecurity, and is currently completing a Masters in cybersecurity with a focus area in AI/ML security at the SANS Technology Institute. Brett also holds more than a dozen certifications in IT, coding, and security from the SANS Institute, CompTIA, AWS, and other industry vendors. In this episode… Penetration testing plays a vital role in cybersecurity, but the traditional manual process is often slow and resource-heavy. Traditional testing cycles can take weeks, creating gaps that leave organizations vulnerable to fast-moving threats. With growing interest in more efficient approaches, organizations are exploring new AI tools to automate tasks like tool configuration, project management, and data analysis. How can cybersecurity teams use AI to test environments faster without increasing risk? AXE.AI offers an AI-powered platform that supports ethical hackers and red teamers by automating key components of the penetration testing process. The platform reduces overhead by configuring tools, analyzing output, and building task lists during live engagements. This allows teams to complete high-quality tests in days instead of weeks. AXE.AI's approach supports complex environments, improves data visibility for testers, and scales efficiently across enterprise networks. The company emphasizes a human-centered approach and advocates for workforce education and training as a foundation for secure AI adoption. In today's episode of She Said Privacy/He Said Security, Jodi and Justin Daniels speak with Brett Ewing, Founder and CEO of AXE.AI, about leveraging AI for offensive cybersecurity. Brett explains how AXE.AI's platform enhances penetration testing and improves speed and coverage for large-scale networks. He also shares how AI is changing both attack and defense strategies, highlighting the risks posed by large language models (LLMs) and deepfakes, and explains why investing in continuous workforce training remains the most important cyber defense for companies today.

In this special episode of All Quiet on the Second Front, we're bringing you a live recording from Offset 2025. Moderated by Danielle Metz, 2F Chief Policy Officer, this panel tackles a question that's easy to say but hard to operationalize: how do we actually build trust between government and industry to deliver secure, mission-ready technology? Danielle is joined by Rob Nolen, Chief Technologist for DoD at AWS, Dan Garcia, Chief Information Security Officer at EnterpriseDB, and Eric Sanders, Chief Information Security Officer at DHS (I&A) and, together, they unpack the cultural and structural baggage that slows innovation—and explore what it'll take to shift hearts, minds, and bureaucracies toward impact.What's Happening on the Second Front: Building security into systems from the start (not bolting it on later)Measuring impact through velocity, not vanity metricsRisk tolerance vs. risk avoidance in government techThe role of policy and regulation in accelerating trustWhy a shared language between builders, buyers, and approvers is mission-critical

Today's incident response ain't your grandfather's IR. But the psychology surrounding it hasn't changed an iota. This is precisely what Sam Rehman, EPAM's Chief Information Security Officer and SVP, and Tab Bradshaw, Chief Operating Officer at Redpoint Cybersecurity, are talking about on this #SecurityByDesign conversation. “It really comes down to the preparation piece,” says Bradshaw. It's about being well prepared and asking: “How often do you prepare in your organization, at a technical level, at an executive level, to handle some sort of incident?” Rehman agrees and says that he has clients wondering, “OK, so when am I done?” The perception is that being IR-ready is enough, he says. “That's not the case. It's a muscle. It's emotion. It's how you work. It's how you react to it.” There are benefits to knowing the proper way to react. “A well-handled breach really builds credibility,” says Bradshaw, adding that the word “reasonable” is omnipresent in IR documentation. He says: “Reasonableness is not just about having a mitigation strategy.” It's also about, say, practicing tabletop exercises. Regularly. So that when you're asked about doing regular tabletop sessions, the answer is, as Bradshaw puts it: “Yes, we did it every quarter for the past five years. We feel like we're in a pretty good spot that if something happens, might not be perfect, but we think we have good preparation, consistent preparation, consistent practice, to your point, to respond to the incident when it does occur.” Rehman says that security people are “used to having that sudden sense of violent impulse and urgency coming to us,” but what about the business leaders and everyone else in the organization? He asks Bradshaw about IR communication: “How do you guide the team through it, especially when everybody's thinking about, ‘Oh, am I gonna be on the news?'” Of the thousands of breaches Bradshaw and his team have responded to, for “a third, maybe half” of them, there is “some internal chaos at the client—and it's not because anybody's doing a bad thing.” “It really comes down to what I call C-squared,” says Bradshaw, which is shorthand for “communication and coordination. Someone has to be the quarterback.” Bradshaw says the chaos is about “a lack of preparation and testing.” A tabletop exercise needs to be a live fire exercise: “Doing it once a year is not good.” Too many organizations treat IR as a checklist, which is a mistake. He says: “It's a living, cross-functional discipline that evolves with the threat landscape externally, obviously, and also internally as people move.” And so? Get moving. Hit play and get ready. Host: Lisa Kocian Engineer: Kyp Pilalas Producer: Ken Gordon

Warum ist Cybersicherheit ausgerechnet in der Versicherungsbranche so anspruchsvoll? In dieser Folge des Human Firewall Podcasts spricht Dr. Niklas Hellemann mit Jochen Friedemann, Chief Information Security Officer der Talanx AG. Talanx gehört zu den größten Versicherungsgruppen Europas – mit Standorten in über 175 Ländern und hochsensiblen Daten von Millionen Kundinnen und Kunden. Jochen berichtet, wie er Sicherheitsstandards in einem so komplexen Umfeld etabliert, warum Sicherheitskultur mehr ist als Technik, und wie man in Krisen handlungsfähig bleibt. Außerdem geht es um aktuelle Bedrohungen wie Ransomware und KI-basierte Angriffe, um Herausforderungen durch persönliche Geräte im Arbeitsalltag – und um die Frage, wie man trotz Fachkräftemangel und Budgetdruck resilient bleibt. Was braucht es, damit Sicherheitskultur weltweit funktioniert? Und wie gelingt ein offener Umgang mit Vorfällen – ohne Schuldzuweisungen? Das und mehr in dieser Folge des Human Firewall Podcasts!

Host Chris Hackett is joined by Naiara Pereira Cunha, VP Global Delivery and Head of Legal Affairs at Besedo, Christopher Bosch, Chief Information Security Officer at Evolved Aerospace, and Daniel Brattemark, Head of Security and Compliance at Qlosr. The discussion explores how innovation thrives—or struggles—within regulatory boundaries. From cybersecurity and legal frameworks to product delivery, this episode dives deep into how tech leaders balance creative freedom with compliance, offering insights for organizations navigating modern digital transformation and regulatory landscapes.

Host Chris Hackett is joined by Victoria Ekstedt, Chief Information Security Officer at Orange Digital Services; Paul de Freene, Founder of NordicDesert AB; Rajeev Kumar Jain, Cyber Engineering Team Leader at IKEA; and Konrad Jelen, VP Data Science & AI at Kolomolo. This panel of experts shares how artificial intelligence is transforming the cybersecurity landscape and reshaping business models. From AI ethics to scalable data infrastructure, this insightful discussion dives deep into the future of secure, intelligent enterprise operations.

Host Chris Hackett speaks with Tony Eklund, Information Technology Security Specialist at ICA Gruppen; Per Gustavsson, Chief Information Security Officer at Stratsys; and Marcus Södervall, Head of Trust at Stravito. This insightful conversation explores how artificial intelligence is reshaping security frameworks and trust management across industries. The guests share perspectives on navigating AI-driven risk, ensuring organizational integrity, and leading security in a rapidly evolving digital world. Tune in for expert views on aligning AI innovation with effective governance and cyber resilience.

Google issues an emergency patch for a high-severity Chrome browser flaw. Researchers bypass BitLocker encryption in minutes. A massive Chinese-language black market has shut down. The CFPB cancels plans to curb the sale of personal information by data brokers. A cyberespionage campaign called Operation RoundPress targets vulnerable webmail servers. Google warns that Scattered Spider is now targeting U.S. retail companies. The largest steelmaker in the U.S. shut down operations following a cybersecurity incident. Our guest is Devin Ertel, Chief Information Security Officer at Menlo Security, discussing redefining enterprise security. The long and the short of layoffs. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On our Industry Voices segment and direct from RSAC 2025, our guest is Devin Ertel, Chief Information Security Officer at Menlo Security, discussing redefining enterprise security. Listen to Devin's interview here. Selected Reading Google fixes high severity Chrome flaw with public exploit (Bleeping Computer) BitLocker Encryption Bypassed in Minutes Using Bitpixie Vulnerability: PoC Released (Cyber Security News) The Internet's Biggest-Ever Black Market Just Shut Down Amid a Telegram Purge (WIRED)  German operation shuts down crypto mixer eXch, seizes millions in assets (The Record) CFPB Quietly Kills Rule to Shield Americans From Data Brokers (WIRED) EU ruling: tracking-based advertising by Google, Microsoft, Amazon, X, across Europe has no legal basis (Irish Council for Civil Liberties) Operation RoundPress targeting high-value webmail servers (We Live Security) Google says hackers that hit UK retailers now targeting American stores (Reuters) Cybersecurity incident forces largest US steelmaker to take some operations offline (The Record) Infosec Layoffs Aren't the Bargain Boards May Think (Dark Reading)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

On this month's episode of Unscripted Leadership, Comcast Business VP Heather Orrico is joined by Lee Parrish, Vice President and Chief Information Security Officer with Newell Brands. Lee is also the CEO and Chief Creative Officer for Novel Security. Lee discusses how his time serving in the Marines shaped him as a person and drives him, […] The post Episode 7: Lee Parrish, VP and Chief Information Security Officer with Newell Brands appeared first on Business RadioX ®.

The Accidental CISO (AC) is an anonymous voice in cybersecurity who stumbled into the Chief Information Security Officer role through a mix of timing, skill, and necessity. With a background in IT operations and service delivery, AC found unexpected purpose, community, and a platform for candid reflection on security, leadership, and personal growth. He now hosts The Mindful Business Security Show, educating SMB leaders on practical security.

The 2023 FBI Internet Crime Report reveals that nearly 21% of ransomware attacks targeted the healthcare and public health sectors—making them the top victims.   This week on Feds At The Edge, we explore how agencies can defend against these growing threats.   Benjamin Koshy, Chief Information Security Officer and Director, Division of Information Security of Indian Health Service, explains the unique identity management challenge in healthcare: balancing open patient access with strict data protection.  Keith Busby, Acting CISO at CMS, outlines how to go beyond Zero Trust with real-world risk assessments and robust incident response plans - not just a three-ring binder gathering dust on a shelf.  And Alec Lizanetz, Identity Protection Specialist from CrowdStrike, emphasizes the importance of prioritizing threats and using frameworks like CISA's to respond efficiently.   Tune in on your favorite podcasting platform today to hear practical, high-impact strategies to secure critical systems and protect patient care, perfect for healthcare leaders who must protect both data and lives.      

What does it take to digitally empower an entire nation – and secure it at scale? At MWC Barcelona 2025, Matthew Roberts investigates how teams across Globe Telecom are unlocking the full potential of AI. First, Matt and co-host Gil Rosen, CMO at Amdocs, are joined by Anton Reynaldo Bonifacio, Chief AI Officer and Chief Information Security Officer. Anton shares his journey into this unique dual role and offers his perspective on the future of AI leadership. He also breaks down how Globe is building its AI strategy and why your development approaches need to differ for all those on your team. Then we're joined by Darius Jose Delgado, Globe's Chief Commercial Officer. Darius leads Globe's entire commercial portfolio across mobile, broadband, and B2B, and has been instrumental in driving Globe's aggressive push toward full digital adoption and connectivity nationwide. This is a story about technology with purpose — and a commitment to nation-building that deserves to be heard.

Fairmont City Manager Travis Blosser of their trip to Washington D.C. to meet elected leaders from the state about their Congressionally Directed Spending requests Agile 5 Technologies, Inc.- Chief Technology Officer Peter Fritch and Jacob Brozenick, Chief Information Security Officer on their work to help secure government systems 

In this Chats on the Road to RSAC 2025, , Sean Martin and Marco Ciappelli connect with Tim Brown, Chief Information Security Officer at SolarWinds, to unpack the critical issues facing CISOs today—and why the role remains worth pursuing.Brown is participating in multiple sessions at RSAC Conference 2025, including the CISO Bootcamp and Cyber Leaders Forum. Both are closed-door conversations designed to surface real concerns in a confidential, supportive setting. These aren't theoretical discussions—they're rooted in hard-earned experience. Brown, who has faced high-profile scrutiny and legal fallout from a past incident at SolarWinds, brings a uniquely personal perspective to these sessions.He points out that fear and hesitation are keeping many deputy CISOs from stepping up into the top role. His message to them: don't be afraid of the position. Despite the weight of responsibility, the role offers real influence, the ability to shape enterprise architecture, and the opportunity to drive meaningful business decisions. Brown emphasizes the importance of community support and collective growth, noting that the cybersecurity industry—still relatively young—is maturing and finding its footing when it comes to accountability and resilience.Beyond leadership development, mental health and stress management are key themes in the Cyber Leaders Forum. Brown acknowledges the toll the job can take, even sharing that his own health suffered despite thinking he was managing stress well. This honest reflection opens the door for deeper conversations about personal well-being in high-pressure roles.He's also appearing at the Cloud Security Alliance Summit with Chris Hoff, Chief Security Officer at LastPass, where they'll discuss incident response and field questions from the audience. On Wednesday, Brown joins a breakfast session with Tactic and Hyperwise, guiding attendees through a crisis simulation based on lessons from the Sunburst attack. His focus? Helping others avoid being unprepared in a moment of chaos.From insider threat modeling to supply chain transparency and the challenges of monitoring runtime behavior, Brown is clear-eyed about where CISOs need to focus next.This episode isn't just a preview of conference sessions—it's a call to future security leaders to lean in, not back.___________Guest: Tim Brown, CISO, Solarwinds | On LinkedIn: https://www.linkedin.com/in/tim-brown-ciso/Hosts:Sean Martin, Co-Founder at ITSPmagazine | Website: https://www.seanmartin.comMarco Ciappelli, Co-Founder at ITSPmagazine | Website: https://www.marcociappelli.com___________Episode SponsorsThreatLocker: https://itspm.ag/threatlocker-r974Akamai: https://itspm.ag/akamailbwcBlackCloak: https://itspm.ag/itspbcwebSandboxAQ: https://itspm.ag/sandboxaq-j2enArcher: https://itspm.ag/rsaarchwebDropzone AI: https://itspm.ag/dropzoneai-641ISACA: https://itspm.ag/isaca-96808ObjectFirst: https://itspm.ag/object-first-2gjlEdera: https://itspm.ag/edera-434868___________ResourcesRSAC Session: CLF Ask Me Anything Session with Tim Brown, CISO, SolarWinds: https://path.rsaconference.com/flow/rsac/us25/FullAgenda/page/catalog/session/1739404173721001x1MHRSAC Session: CISO Boot Camp Exclusive Fireside Chat with Tim Brown, CISO, SolarWinds: https://path.rsaconference.com/flow/rsac/us25/FullAgenda/page/catalog/session/1739403254724001isXhCSA Summit at RSAC 2025: Fireside Chat with Tim Brown and Chris Hoff: https://www.csasummitrsac.com/event/5b3547c2-c652-4f77-97de-5b094e746626/agenda?session=1452408b-c822-4664-87b8-38ce1276247bLearn more and catch more stories from RSA Conference 2025 coverage: https://www.itspmagazine.com/rsa-conference-usa-2025-rsac-san-francisco-usa-cybersecurity-event-infosec-conference-coverageCatch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More

In this interview, we discuss the current state of cybersecurity in health care with a specific focus on impersonation attacks, featuring Ryan Witt, Vice President, Industry Solutions at Proofpoint and Erik Decker, Vice President & Chief Information Security Officer at Intermountain Health.Witt shares many of the learnings from Proofpoint's healthcare customer advisory board where they learn about industry challenges and discuss solutions. He said that attackers particularly seek entry points through IT help desks, which the attackers contact while impersonating some doctor or other staff member. They can learn a lot about the person they're impersonating on the web or from less legitimate sources and answer a lot of the typical questions IT staff ask to validate a caller.Witt recommends looking through the organization chart to look for people that might be low-level and often forgotten, but who have access to sensitive information or systems and might be targetted or impersonated by attackers.Learn more about Proofpoint: https://www.proofpoint.com/usLearn more about Intermountain Health: https://intermountainhealthcare.org/Health IT Community: https://www.healthcareittoday.com/

Podcast: PrOTect It All (LS 25 · TOP 10% what is this?)Episode: Navigating Cybersecurity Challenges in State Agencies with Joshua KuntzPub date: 2025-04-14Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationEpisode 53 gets into the intricate world of IT and OT cybersecurity with host Aaron Crow and guest Joshua Kuntz, the Chief Information Security Officer for a state agency in Texas. With a comprehensive background spanning two decades and involvement with seven state agencies, Joshua shares his journey from the Marine Corps to leading security programs in the public sector.    The episode covers a range of topics, including the transition from military to government cybersecurity roles, the intricacies of budget allocation, and the significance of mastering both technical and business soft skills in cybersecurity leadership.    Joshua provides insights into navigating legislative changes, adapting to rapid technological advances, and the essential task of balancing cybersecurity risks with operational priorities.    Listeners are treated to an engaging conversation that offers practical strategies and real-world experiences aimed at protecting critical assets in today's dynamic cyber landscape. Key Moments:  05:46 Ownership Alters Risk Perception 09:39 Technical Leaders Developed Through Soft Skills 11:52 "Value of MBA Over Technical Expertise" 14:29 Navigating Ambiguity in Future Planning 19:46 "Questioning Budget Cuts Amid Surplus" 21:05 Efficient Resource Sharing in Texas 25:31 Remote Work Cybersecurity Challenges 27:36 VPN Secure Access for Remote Work 33:21 Prioritizing Critical Executive Decisions 34:45 Understanding Cyber Risk Impact 38:16 CISO Role: Beyond "Yes Men" 41:05 "Exploring IT and OT Cybersecurity" About the guest :  Joshua Kuntz is a dedicated professional who successfully transitioned from a military career as an electronics technician to a role with the Texas Department of Public Safety. Embracing the paramilitary structure of the department, Joshua leveraged his military experience to adapt to the law enforcement environment, focusing on protecting citizens.  While he found comfort in the familiar rank structure and chain of command, Joshua faced challenges in adjusting to personnel management outside the military realm. Despite the loss of certain disciplinary tools common in the military, Joshua continues to evolve as a leader, emphasizing adaptability and commitment to public service. How to connect Joshua  - https://www.linkedin.com/in/joshua-kuntz-cissp-35a825176/ Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow   Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:  https://facebook.com/protectitallpodcast    To be a guest or suggest a guest/episode, please email us at info@protectitall.co   Please leave us a review on Apple/Spotify Podcasts: Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124 Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Just when you thought you couldn't get your fill of Legal Tech  ... we're back !! This year's LegalWeek conference, hosted by ALM Media and Law.com, was held in New York City from March 24th through March 27th.  More than 6,000 of the biggest names in the industry gathered at the New York Hilton Midtown for the four-day conference.  And yes ... Legal Speak was there conducting live interviews with the best and brightest. In this episode, hosts Patrick Smith and Cedra Mayfield sat down with Exterro's John Vincenzo, the Chief Marketing Officer, and Anthony Diaz, the Chief Information Security Officer.   Hosts: Cedra Mayfield & Patrick Smith Guests: John Vincenzo & Anthony Diaz Producer: Charles Garnar    

In this episode of The New CISO, host Steve Moore speaks with Rich Durost, Chief Information Security Officer at Froedtert ThedaCare Health, about his journey from West Point cadet to cybersecurity leader—and what slicing cake has to do with building effective security programs.Drawing from 23 years in the military and over 15 years in cybersecurity, Rich shares how discipline, preparation, and teamwork—skills first sharpened during plebe year dessert duty—translate directly into the responsibilities of a CISO. He reflects on the shift from tactical to strategic thinking, the value of mentoring deputies, and why authentic leadership and relationship-building are vital in today's remote work environment.Rich also explores the unique challenges of healthcare cybersecurity, the importance of aligning with clinical goals, and how CISOs can move from being the "department of no" to strategic business enablers by simply asking “how” instead of “no.”Whether you're a rising security professional or a seasoned executive, you'll gain practical leadership takeaways—and maybe a new appreciation for cake.

Craig Peppard is the Vice President & Chief Information Security Officer at Ivari Canada. In this episode, he joins host Heather Engel and Greg Crowley, CISO at eSentire, to share insights on leadership in security, including the issue of gatekeeping in the industry, why practitioners need a diverse skill set beyond technical talent, and more. Next Level CISO is a Cybercrime Magazine podcast brought to you by eSentire, the Authority in Managed Detection and Response. eSentire's mission is to hunt, investigate and stop cyber threats before they become business disrupting events. To learn more about our sponsor, visit https://esentire.com

Ever wonder how the CISO role went from obscure techie to boardroom MVP? In this episode of CISO Tradecraft, G Mark Hardy takes you on a journey through the evolution of the Chief Information Security Officer — from Steve Katz's groundbreaking appointment at Citibank in 1995 to the high-stakes, high-impact role CISOs play today. Transcripts: https://docs.google.com/document/d/1FlKBW6zlVBqLoSTQMGZIfz--ZLD_aS9t/edit   Chapters 00:00 Introduction to the Evolution of the CISO Role 00:58 The First CISO: Steve Katz's Pioneering Journey 03:58 Rise of Security Certifications 08:39 Regulatory Wake-Up Calls and Compliance 12:23 Cybersecurity in the Age of State-Sponsored Attacks 17:58 The Impact of Major Cyber Incidents 25:07 Modern Challenges and the Future of the CISO Role 27:51 Conclusion and Final Thoughts

David Slazyk, Chief Information Officer & Chief Information Security Officer at Nextech, explains the real risks that small medical practices face in today's cyber world. From AI-powered attacks to phishing scams, hackers are more sophisticated than ever and no one is off-limits.But here's the thing: most small businesses don't even realize how vulnerable they are. Could your practice be at risk? What are the biggest mistakes businesses make when it comes to cybersecurity? And what simple steps can help protect sensitive patient data?Hear real-world stories, expert insights, and practical tips to help keep your business secure.About David SlazykAs Chief Information Officer and Chief Information Security Officer at Nextech, David oversees Nextech's IT/IS and cybersecurity strategy while ensuring the  function, integrity, confidentiality, and availability of our information systems. He also leads efforts to protect and prepare our company from cyber threats, manage our data privacy initiatives, oversee software vendor management, and ensure compliance with relevant regulations.LinksConnect with David on LinkedIn5 Cybersecurity Must-Dos in 2025 and Beyond: Best Practices from a Healthcare CIOGuestDavid Slazyk, Chief Information Officer and Chief Information Security OfficerNextechHostRobin Ntoh, VP of AestheticsNextechPresented by Nextech, Aesthetically Speaking delves into the world of aesthetic practices, where art meets science, and innovation transforms beauty.With our team of experts we bring you unparalleled insights gained from years of collaborating with thousands of practices ranging from plastic surgery and dermatology to medical spas. Whether you're a seasoned professional or a budding entrepreneur, this podcast is tailored for you.Each episode is a deep dive into the trends, challenges, and triumphs that shape the aesthetic landscape. We'll explore the latest advancements in technology, share success stories, and provide invaluable perspectives that empower you to make informed decisions.Expect candid conversations with industry leaders, trailblazers and visionaries who are redefining the standards of excellence. From innovative treatments to business strategies, we cover it all.Our mission is to be your go-to resource for staying ahead in this ever-evolving field. So if you're passionate about aesthetics, eager to stay ahead of the curve and determined to elevate your practice, subscribe to the Aesthetically Speaking podcast.Let's embark on this transformative journey together where beauty meets business.About NextechIndustry-leading software for dermatology, medical spas, ophthalmology, orthopedics, and plastic surgery at https://www.nextech.com/ Follow Nextech on Instagram @nextechglow

In today's rapidly evolving digital landscape, the lines between Information Technology (IT), Operational Technology (OT), and the Internet of Things (IoT) have become increasingly blurred. While these domains were once distinct, they now converge into a single, interconnected technology ecosystem—one that presents both unprecedented opportunities and critical security challenges. In this keynote, Michael Clothier, Chief Information Security Officer at Northrop Grumman, brings 30 years of global cybersecurity leadership to explore how organizations can rethink their approach to securing "technology" as a whole, rather than as separate silos. Drawing on his extensive experience across the U.S., Australia, Asia, and beyond—including securing mission-critical defense and aerospace systems, leading enterprise IT transformations, and integrating cybersecurity across diverse industries—Michael will examine the evolution of security challenges from historical, international, and cross-industry perspectives. Key discussion points include: From Air-Gapped to Always Connected – A historical view of how IT, OT, and IoT security challenges have evolved and what we can learn from past approaches.The Global Cybersecurity Landscape – Insights from securing critical infrastructure across Asia, Australia, and the U.S., and the lessons we can apply to today's interconnected world.Breaking Down the Silos – Why treating IT, OT, and IoT as distinct domains is outdated and how a unified security strategy strengthens resilience.National Security Meets Enterprise Security – Perspectives from both military and private-sector leadership on protecting sensitive data, intellectual property, and critical systems. As cybersecurity professionals, we must shift our mindset from securing individual components to securing the entire technology ecosystem. Whether you are safeguarding an industrial control system, an aircraft, or a corporate network, the fundamental security principles remain the same. By applying an integrated approach, we can better protect the critical systems that power modern society. Join Michael for this thought-provoking keynote as he challenges conventional thinking, shares real-world case studies, and provides actionable strategies to redefine cybersecurity in an era where everything is just "T." About the speaker: Chief Information Security Officer at Northrop Grumman

On today's show, we chat with Joe Evangelisto, CISO at NetSPI. He recounts his journey to becoming a Chief Information Security Officer, one that started as an IT sysadmin, advanced to management, and led him ultimately to the CISO role. Joe talks about building security programs from the ground up and developing both personally and... Read more »

On today's show, we chat with Joe Evangelisto, CISO at NetSPI. He recounts his journey to becoming a Chief Information Security Officer, one that started as an IT sysadmin, advanced to management, and led him ultimately to the CISO role. Joe talks about building security programs from the ground up and developing both personally and... Read more »

In this episode of Audience 1st Podcast, Dani Woolf sits down with Jason Loomis, Chief Information Security Officer at Freshworks, to uncover the raw truth behind how CISOs evaluate security vendors, what actually moves a deal forward, and why most POVs fall flat before they even start. Jason gets brutally honest about the emotional dynamics of enterprise buying, the real reason vendors lose trust, and what it actually takes to turn a POV into a purchase. If you're in product marketing, sales, or demand generation at a cybersecurity company, this episode will change how you think about the buyer journey and give you a blueprint to win trust, increase conversions, and build long-term influence with technical buyers. What You'll Learn in This Episode: Why emotional certainty - not ROI - is the key to winning a CISO's trust The most common POV mistakes vendors make (and how to avoid them) How Jason evaluates vendors - and what gets them instantly disqualified The danger of relying on generic “What problems are you solving?” questions Why transparency beats feature-stuffing in every sales motion How to make your booth presence less awkward and more effective The impact of new SEC regulations on security budgeting and priorities Why buyers referring your product - even after saying no - is the ultimate win If you're serious about understanding what really drives buyer decisions in cybersecurity subscribe to Audience 1st Podcast. New episodes every week. Raw, unfiltered, and straight from the source - your buyers.

Steven Ramirez, Chief Information Security Officer at Renown Health, shares insights on improving the end-user experience through continuous adjustments and support. He emphasizes the importance of clearly articulating risk to drive strategic investments and ensuring those investments deliver value. Ramirez also discusses his proactive approach to setting himself up for long-term success in the evolving healthcare landscape.

Ryan Field, Executive Vice President & Chief Information Security Officer at Bank of Hawaii joins Ann on this week's episode of Afternoon Cyber Tea. With over two decades of experience in IT and cybersecurity, Ryan shares his approach to security leadership; and the importance of fostering collaboration and diverse perspectives. He discusses the unique challenges of cybersecurity in banking and financial services, how organizations across Hawaii are coming together to build a more resilient security workforce, and how shifting from enforcers to influencers is transforming security culture.     Resources:   View Ryan Field on LinkedIn         View Ann Johnson on LinkedIn          Related Microsoft Podcasts:      Microsoft Threat Intelligence Podcast   The BlueHat Podcast    Uncovering Hidden Risks              Discover and follow other Microsoft podcasts at microsoft.com/podcasts         Afternoon Cyber Tea with Ann Johnson is produced by Microsoft and distributed as part of N2K media network. 

LTC Steven Murray is a retired U.S. Army Lieutenant Colonel who served as an Information Warfare Officer and Cyber Defense Battalion Commander. With extensive experience in cyber operations and intelligence, he commanded units supporting the United States Pacific Command, U.S. Army Pacific Forces, and the National Security Agency. He was deployed to Iraq during Operation Enduring Freedom, earning a Bronze Star, and has held roles such as Chief Information Security Officer for a large medical company. Currently, Murray is known for his analysis of current events, focusing on information warfare, censorship, and global politics.Cornerstone Forum ‘25https://www.showpass.com/cornerstone25/Get your voice heard: Text Shaun 587-217-8500Substack:https://open.substack.com/pub/shaunnewmanpodcastSilver Gold Bull Links:Website: https://silvergoldbull.ca/Email: SNP@silvergoldbull.comText Grahame: (587) 441-9100Bow Valley Credit UnionWebsite: www.BowValleycu.comEmail: welcome@BowValleycu.com Use the code “SNP” on all ordersProphet River Links:Website: store.prophetriver.com/Email: SNP@prophetriver.com

Today on the Social-Engineer Podcast: The Security Awareness Series, Chris is joined by Roy Luongo. Roy is the Chief Information Security Officer for the United States Secret Service. He leads a team in the defense and information assurance of all USSS information systems and solutions. Prior to his current role he was the Director, Joint Mission Operations Center for Cyber Command, providing oversight of mission critical Cyber Operations infrastructures. He has also served as Chief, NSA Red Team and Technical Director for Interactive Operations for the NSA. Roy is a retired Army soldier with 20 years' service within the Intelligence and Cyber career fields. [March 17, 2025]   00:00 - Intro 00:17 - Intro Links: -          Social-Engineer.com - http://www.social-engineer.com/ -          Managed Voice Phishing - https://www.social-engineer.com/services/vishing-service/ -          Managed Email Phishing - https://www.social-engineer.com/services/se-phishing-service/ -          Adversarial Simulations - https://www.social-engineer.com/services/social-engineering-penetration-test/ -          Social-Engineer channel on SLACK - https://social-engineering-hq.slack.com/ssb -          CLUTCH - http://www.pro-rock.com/ -          innocentlivesfoundation.org - http://www.innocentlivesfoundation.org/                                                01:55 - Roy Luongo Intro 02:44 - The Path to CISO of the Secret Service 04:58 - Cybersecurity in Early Education 07:50 - The Entry Level Catch-22 12:24 - Quantifying Risk 14:27 - The Best Way Forward 16:51 - The Effects and Future of AI 20:06 - Understanding Your Needs 22:11 - Advise to Young Roy 24:56 - The Cost of Training 29:01 - Mentors -          Ed Skoudis -          Brigadier General Brian D. Vile -          Shawn Turskey 29:55 - Lollipop Moments -          TEDxToronto - Drew Dudley "Leading with Lollipops" 31:33 - Book Recommendations -          Cybersecurity Canon - Rick Howard -          Kingpin - Kevin Poulsen -          Turn the Ship Around! - L. David Marquet 33:49 - Wrap Up & Outro -          www.social-engineer.com -          www.innocentlivesfoundation.org

Micah Czigan, Chief Information Security Officer at Georgetown University joins Ann on this week's episode of Afternoon Cyber Tea. With a career spanning the U.S. Navy, Department of Defense, and private sector cybersecurity, Micah shares his journey from marine biology to cryptologic communications, ultimately finding his passion for cybersecurity. He discusses the parallels between military strategy and cybersecurity and what business leaders can learn from the unique and critical threats facing universities.     Resources:   View Micah Czigan on LinkedIn         View Ann Johnson on LinkedIn          Related Microsoft Podcasts:      Microsoft Threat Intelligence Podcast   The BlueHat Podcast    Uncovering Hidden Risks              Discover and follow other Microsoft podcasts at microsoft.com/podcasts         Afternoon Cyber Tea with Ann Johnson is produced by Microsoft and distributed as part of N2K media network.

Allen Ohanian, a pioneering CISO, shares insights on the evolving role of cybersecurity leaders, the integration of AI in digital defense, and the ever-growing challenges of protecting sensitive data. Discover how AI is both a weapon and a shield in today's cyber landscape.00:24- About Allen OhanianMr. Ohanian is the Chief Information Security Officer for the Los Angeles County Department of Children and Family ServicesHe has 20 years of experience in information technology, cybersecurity and defense strategies, risk management, forensics, privacy, compliance, cloud security, and software engineering in the private and public sectors. He served as the first Chief Information Security and Privacy Officer at LA County Counsel where he established an Information Security and Privacy program and ensured compliance with legal mandates.

Organizations need to understand what AI can do and can't do. Start creating the best use cases within their organizations and also train people on how to use them responsibly." - Diana Kelley In this episode, host Ana Melikian delves into the pivotal role of Artificial Intelligence (AI) in today's world, particularly in the business world. Joined by guest Diana Kelley, a seasoned Chief Information Security Officer at ProtectAI, they explore the integration of AI into our daily lives and the business sphere. Ana and Diana discuss the importance of understanding AI's capabilities and limitations, likening it to a hundred-foot wave that businesses need to learn to surf rather than be overwhelmed by. They emphasize the necessity of increasing AI literacy to make informed decisions and identify the best use cases within organizations. Diana sheds light on the potential risks and vulnerabilities of AI, including data privacy concerns and the need for responsible adoption. Organizations are encouraged to enhance their security measures and train employees to use AI effectively and safely. As Ana and Diana examine AI's rapid advancement, they highlight the critical balance between embracing innovation and maintaining security. The conversation is filled with insightful analogies and expert advice, making it a must-listen for anyone interested in navigating the complexities of AI in business and security. Let's dive in! This week on the MINDSET ZONE: 00:00 Introduction to AI in Everyday Tools 01:02 Meet Diana Kelly: Cybersecurity Powerhouse 01:49 The AI 100-foot Wave 03:42 Understanding AI Risks and Vulnerabilities 11:43 AI Literacy: A Necessity for All 18:02 Data Privacy and Security Concerns 26:00 Resources for AI Literacy and Security 29:25 Conclusion and Final Thoughts About The Guest Diana Kelley is the Chief Information Security Officer (CISO) for Protect AI. She also serves on the boards of WiCyS, The Executive Women's Forum (EWF), InfoSec World, CyberFuture Foundation, TechTarget Security Editorial, and DevNet AI/ML. Diana was Cybersecurity Field CTO for Microsoft, Global Executive Security Advisor at IBM Security, GM at Symantec, VP at Burton Group (now Gartner), a Manager at KPMG, CTO and co-founder of SecurityCurve, and Chief vCISO at SaltCybersecurity. Her extensive volunteer work has included serving on the ACM Ethics & Plagiarism Committee, Cybersecurity Committee Advisor at CompTIA, CTO and Board Member at Sightline Security, Advisory Board Chair at WOPLLI Technologies, Advisory Council member Bartlett College of Science and Mathematics, Bridgewater State University, and RSAC US Program Committee. She is a sought-after keynote speaker, the host of BrightTALK's The (Security) Balancing Act, co-author of the books Practical Cybersecurity Architecture and Cryptographic Libraries for Developers, instructor for the LinkedIn Learning classes Security in AI and ML and Introduction to MLSecOps, has been a lecturer at Boston College's Masters program in cybersecurity, one of AuditBoard's Top 25 Resilient CISOs in 2024, a 2023 Global Cyber Security Hall of Fame Inductee, the EWF 2020 Executive of the Year and EWF Conference Chair 2021-Present, an SCMedia Power Player, and one of Cybersecurity Ventures 100 Fascinating Females Fighting Cybercrime. Connect with: Linkedin.com/in/dianakelleysecuritycurve ProtectAI.com Resources: NIST AI RMF: https://www.nist.gov/itl/ai-risk-management-framework OWASP AI Sec: https://genai.owasp.org/ OWASP AI Security and Privacy Guide: https://owasp.org/www-project-ai-security-and-privacy-guide/ MITRE ATLAS: https://atlas.mitre.org/ MLSecOps Community: https://mlsecops.com/ LinkedIn Learning: Introduction to MLSecOps Security Risks in AI and Machine Learning: Categorizing Attacks and Failure Modes Related Content: Expand What's Possible

Niel Harper is a Certified Director and ISACA Board Vice Chair. He is also the Chief Information Security Officer and Data Protection Officer at Doodle. Niel is based in Germany. He has more than 20 years of experience in IT risk management, cybersecurity, privacy, Internet governance and policy, and digital transformation. Safia Kazi is the Privacy Professional Practices Principal at ISACA. She has worked at ISACA for just over a decade, initially working on ISACA's periodicals and now serving as the Privacy Professional Practices Principal. She is based in Chicago. In 2021, she was a recipient of the AM&P Network's Emerging Leader award, which recognizes innovative association publishing professionals under the age of 35. In this episode… ISACA's State of Privacy 2025 survey reveals that privacy professionals are facing significant hurdles, including staffing shortages, budget cuts, and increasing demands for technical privacy expertise. Many organizations are shifting privacy responsibilities to legal and security teams, without additional resources or training. At the same time, AI adoption is increasing, introducing new complexities and risks. With privacy budgets under strain and teams expected to do more with less, how can businesses sustain effective privacy programs while navigating new challenges? According to ISACA's State of Privacy 2025 survey, one of the most pressing concerns for privacy teams is the growing demand for technical privacy expertise. Privacy by design also remains a challenge, with limited resources making it difficult for teams to embed privacy into product development from the outset. AI also plays a growing role in privacy operations, helping automate processes while raising concerns about data security, bias, and third-party risks. Despite these findings from ISACA's survey, businesses can make privacy sustainable by fostering a culture of privacy awareness from the top down, ensuring leadership understands the value of privacy beyond compliance. In this episode of She Said Privacy/He Said Security, Jodi and Justin Daniels speak with Niel Harper, Certified Director and Board Vice Chair at ISACA and CISO and DPO at Doodle, and Safia Kazi, Privacy Professional Practices Principal at ISACA, about the findings from ISACA's State of Privacy 2025 survey. Safia explains how privacy professionals can adapt to changes by continuously learning and staying informed on emerging risks, while Niel highlights the need for board-level privacy advocacy. They also explore how organizations are adapting to staffing shortages and budget constraints, the impact of AI on privacy operations, and how organizations can effectively navigate emerging risks.

Fortifying security defences with automated root cause analysis and prioritisationManaging security risk urgency across your application pipeline with real-time visibility and data visualisation capabilitiesDriving efficiency and prioritisation across your security ecosystem with practical remediation actionsThis episode is hosted by Thom Langford:https://www.linkedin.com/in/thomlangford/John Heaton-Armstrong, Experienced Cyber security Leader, Confidentialhttps://www.linkedin.com/in/johnheatonarmstrong/Danny Dresner, Professor of Cyber security, The University of Manchesterhttps://www.linkedin.com/in/danny-dresner-fciis-6382381/Tiago Rosado, Chief Information Security Officer, Asitehttps://www.linkedin.com/in/tiagorosado/Derek Maki, VP Product Management, Veracodehttps://www.linkedin.com/in/derekmaki/

Crypto derivatives exchange Bybit just became the latest victim of North Korea's elite hacking unit, the Lazarus Group. They didn't brute-force their way in. They didn't exploit some obscure vulnerability. Instead, they tricked a trusted developer, slipped in malicious code, and took off with a fortune. How did this happen? Why was $1.5 billion sitting in a single wallet? What mistakes did Bybit and Safe make? And, more importantly, what needs to change to stop this from happening again? This week, Mudit Gupta, chief information security officer at Polygon, joins Unchained to expose the security failures, the sophisticated tactics Lazarus used, and why crypto still hasn't learned its lesson. Show highlights: 2:11 Mudit's experience with North Korea's Lazarus 3:24 How Lazarus perpetrated the $1.5 billion hack 5:55 Why Lazarus relies on social engineering over technical exploits 7:34 Why Bybit was so specifically targeted by the hackers 10:02 What Bybit should have done to prevent the exploit 13:12 Why Mudit believes there was “no reason” to hold so much ETH in one single wallet 15:57 Who should be a signer in multisigs 17:46 How to prevent using a malicious website 19:13 Why Safe should have done things differently, according to Mudit 19:55 How Bybit and Safe handled crisis communication 24:20 Mudit's must-know security tips for protecting your crypto Visit our website for breaking news, analysis, op-eds, articles to learn about crypto, and much more: unchainedcrypto.com Thank you to our sponsors! Mantle Guest Mudit Gupta, Chief Information Security Officer at Polygon Links Recent coverage of Unchained on the Bybit hack: North Korean Hackers Are Winning. Is the Crypto Industry Ready to Stop Them? The Chopping Block: Crypto's Worst Week? Bybit Hack, Libra Scandal, & The Memecoin Reckoning Bits + Bips: Markets Are Down Bad. When Will Crypto Recover? Unchained: Bybit Flows Return to ‘Normal' After Biggest-Ever Crypto Hack Bybit Hack Forensics Report  "Safe{Wallet} Statement on Targeted Attack on Bybit " Learn more about your ad choices. Visit megaphone.fm/adchoices

Rinki Sethi is an experienced CISO (Chief Information Security Officer) and board member in the cybersecurity industry. In this episode, she joins Oz Alashe, founder and CEO at CybSafe, and host Scott Schober to discuss security awareness training and human risk management, including effective strategies, innovative approaches, and more. BEHAVE: A Human Risk Podcast is brought to you by CybSafe, developers of the Human Risk Management Platform. Learn more at https://cybsafe.com.

Who really owns patient data? Can digital identity reshape healthcare security, privacy, and fraud prevention? We sit down with Dan Bowden, Global CISO at Marsh, to tackle these questions. Dan brings a wealth of experience in healthcare cybersecurity, previously serving as CISO at Sentara Healthcare. We dive deep into digital identity, data sovereignty, and the evolving role of AI in protecting patient privacy. Tune in as we discuss: Potential for errors in traditional healthcare ID systems How digital IDs could fight fraud & streamline claims Impact of AI on patient data privacy & security The path to patient data ownership Find Dan's work at: www.marsh.com Subscribe and stay at the forefront of the digital healthcare revolution. Watch the full video on YouTube @TheDigitalHealthcareExperience The Digital Healthcare Experience is a hub to connect healthcare leaders and tech enthusiasts. Powered by Taylor Healthcare, this podcast is your gateway to the latest trends and breakthroughs in digital health. Learn more at taylor.com/digital-healthcare About Us: Taylor Healthcare empowers healthcare organizations to thrive in the digital world. Our technology streamlines critical workflows such as procedural & surgical informed consent with patented mobile signature capture, ransomware downtime mitigation, contactless patient check-in and more. Learn more at taylor.com/healthcare/imedhealth   The Digital Healthcare Experience Podcast: Powered by Taylor Healthcare Produced by Naomi Schwimmer  Hosted by Chris Civitarese Edited by Eli Banks Music by Nicholas Bach  

Jordan Avnaim, Chief Information Security Officer at Entrust, shares strategies CISOs can implement to overcome modern challenges. 

In the twenty sixth episode of EDRM Trusted Partner, HaystackID's monthly podcast series, the man with the stories which can never be told, John Wilson, the Chief Information Security Officer and President of Forensics at HaystackID, returned to the Illumination Zone to sit down with Kaylee and Mary to talk about how HaystackID's triage tools address proportionality and privacy requirements in civil litigation, and how they can be best used during internal investigations and white collar work. The tools, Mobile Elite Discovery and Analysis Lab (MEDAL™) and Remote Endpoint Analysis and Data Intelligence (READi™), are finalists for Legalweek's Best Emerging Technology (Non-AI). John also gave our listeners a sneak peek on some upcoming releases and how to score a coveted invitation to HaystackID's legendary whisky and cigar gathering during Legalweek 2025.

Marc Ashworth, Senior Vice President and Chief Information Security Officer at First Bank, is a respected IT executive with over 30 years of experience in cyber and physical security, IT/security architecture, management, author, a public speaker and is the host of “The Cyber Executive” podcast. He is a member of the Missouri Bankers Association Technology Committee, Webster University Cyber Advisory board, Co-Founded the State of Cyber annual security conference, and a Lifetime member of FBI Citizens Academy. He is a former board officer and treasurer for the St. Louis InfraGard Alliance. Possessing security certifications in CISSP, CISM, CRISC, Security+ and other certifications. Mr. Ashworth currently oversees First Bank's information security, financial crimes unit, physical security, and the network services departmentsLISTEN NOW to discover, "3 Cybersecurity Threats You Can't Ignore."

In this episode, Nick Sturgeon, Vice President and Chief Information Security Officer at Community Health Network, shares insights on his first year as a CISO, tackling challenges like social engineering attacks and implementing cutting-edge technology. He also discusses the strategic integration of AI, the importance of governance in healthcare innovation, and how he's evolving as a leader in a rapidly changing landscape.

In this episode of AI, Government, and the Future, host Marc Leh is joined by Candy Alexander, a prominent cybersecurity leader with over 35 years of experience and current Chief Information Security Officer at NeuEon. As a two-time President of the Information Systems Security Association (ISSA) International and founding President of the ISSA Education and Research Foundation, Candy brings her extensive expertise to discuss AI trustworthiness, data governance, and enterprise security challenges.

All links and images for this episode can be found on CISO Series. This week's episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), partner, YL Ventures. Joining us is Deneen DeFiore, Vice President & Chief Information Security Officer, United Airlines. In this episode: Minding the gap Copilot overreliance Opening up the field Navigating the SMB cyber insurance conundrum Thanks to our podcast sponsor, Vanta! Say goodbye to spreadsheets and screenshots  Vanta automates evidence collection needed for audits with over  350 integrations—giving you continuous visibility into your compliance status. And with cross-mapped controls across over 35 frameworks, you'll streamline compliance— and never duplicate your efforts.