Podcasts about Chief information security officer

  • 700PODCASTS
  • 1,631EPISODES
  • 35mAVG DURATION
  • 5WEEKLY NEW EPISODES
  • Aug 1, 2025LATEST

POPULARITY

20172018201920202021202220232024

Categories



Best podcasts about Chief information security officer

Show all podcasts related to chief information security officer

Latest podcast episodes about Chief information security officer

Becker’s Healthcare Podcast
Matt Morton, Executive Director and Chief Information Security Officer, University of Chicago

Becker’s Healthcare Podcast

Play Episode Listen Later Aug 1, 2025 6:26


This episode recorded live at the Becker's Hospital Review 15th Annual Meeting features Matt Morton, Executive Director and Chief Information Security Officer, University of Chicago. He shares how his team is securing AI tools like Phoenix AI to support clinical research, discusses the cybersecurity staffing and resource challenges faced by academic medical centers, and emphasizes the importance of adaptability in leading through rapid technological change.

Tech on Toast
Cyber Security in the Age of AI with Naveed Islam CISO at Dojo

Tech on Toast

Play Episode Listen Later Aug 1, 2025 33:33


Cybersecurity with Naveed Islam, CISO at DojoIn this special edition of the Tech on Toast Podcast, host Chris Fletcher sits down with Naveed Islam, Chief Information Security Officer at Dojo, to unpack the state of cybersecurity in today's AI-powered, hyper-digital world.From phishing scams and data breaches to quantum threats and ransomware-as-a-service, this episode breaks it all down in a way every operator – whether you're running a single site or leading a national brand – can understand and action.

Becker’s Healthcare Podcast
Trevor Martin, Chief Information Security Officer, UW Health

Becker’s Healthcare Podcast

Play Episode Listen Later Jul 30, 2025 11:55


This episode recorded live at the Becker's Hospital Review 15th Annual Meeting features Trevor Martin, Chief Information Security Officer, UW Health. He shares how his team is navigating AI implementation through staff literacy initiatives, advancing virtual care to improve access, and fostering a culture of flexibility and human-centered leadership.

Artificial Intelligence in Industry with Daniel Faggella
Building Storage Strategies That Scale with AI Workloads - with Bryan Willett of Lexmark

Artificial Intelligence in Industry with Daniel Faggella

Play Episode Listen Later Jul 30, 2025 17:49


Today's guest is Bryan Willett, Chief Information Security Officer at Lexmark, joining Emerj Senior Editor Matthew DeMello to explore how organizations can navigate the trade-offs between cloud and on-prem AI deployments—balancing speed to market, cost efficiency, and the protection of sensitive data. Bryan also emphasizes the importance of a strong governance triad—security, privacy, and AI teams working together—to ensure ethical, compliant, and effective AI adoption. From managing data surges in IoT and biometrics to creating hybrid storage strategies, he shares actionable insights for leaders in security, IT, and AI strategy. This episode is sponsored by Pure Storage. Learn how brands work with Emerj and other Emerj Media options at emerj.com/ad1. Want to share your AI adoption story with executive peers? Click emerj.com/expert2 for more information and to be a potential future guest on the ‘AI in Business' podcast!

The Ravit Show
Securing the AI Agent Era: A CISO's Playbook

The Ravit Show

Play Episode Listen Later Jul 28, 2025 11:14


What does it really take to secure AI as it becomes part of the fabric of how we work? I had the chance to sit down with Sunil Agrawal, Chief Information Security Officer at Glean — and the company's first-ever CISO — to dive deep into this question.Sunil's perspective is clear: securing AI isn't about slapping on controls after deployment. It's about building secure AI by design — from prompt injection defense to real-time content protection and fine-grained governance.In our conversation, we covered a lot of ground:Why traditional security frameworks fall short for AI agentsHow Glean is preventing real-world attacks like jailbreaks and prompt injectionsWhy content awareness is key to managing sensitive data exposureWhat true visibility and control over agents looks like in the enterpriseWhy trust — not just compliance — is the new security currencyAnd how their new partnership with Palo Alto Networks is raising the bar on threat detection and posture managementWith over 100 million actions now executed by Glean's AI agents each year, it's no longer a hypothetical risk landscape — it's a live one.If you're responsible for security, IT, or AI strategy at your org, I highly recommend giving this interview a watch. It'll reshape how you think about governance, risk, and the future of work.Let me know what resonated with you — and if you're thinking differently about securing your AI initiatives after this.#data #ai #agents #GleanGo #theravitshow

The Bid Picture - Cybersecurity & Intelligence Analysis

Send Bidemi a Text Message!In this episode, host Bidemi Ologunde spoke with Scott Alldridge, a nationally recognized cybersecurity leader with over 30 years of experience transforming how organizations approach digital risk and operational excellence. As CEO of IP Services, one of the industry's most trusted cybersecurity firms, Scott has guided 150+ clients across healthcare, finance, and manufacturing toward regulatory compliance and cyber resilience.Scott is the co-founder of the IT Process Institute and visionary behind the VisibleOps methodology – a revolutionary framework that has shaped global IT standards and sold over 400,000 copies worldwide. His latest work, "VisibleOps Cybersecurity," reached Amazon bestseller status and provides the definitive roadmap for integrating Zero Trust principles with business operations.Certified as Chief Information Security Officer with an MBA in Cybersecurity and Harvard certification in Technology and Privacy, Scott bridges the gap between technical complexity and executive decision-making. His proprietary Total Control System delivers measurable business outcomes for organizations seeking operational excellence.Support the show

The New CISO
How to Score a Security Role — Without Collecting Certifications

The New CISO

Play Episode Listen Later Jul 24, 2025 51:56


In this episode of The New CISO, host Steve Moore speaks with Marius Poskus, Chief Information Security Officer at Glow Financial Services and creator of the Cyber Diaries podcast. Marius shares his journey from physical security into cybersecurity leadership—and how he did it without relying on traditional certifications.Marius reflects on how self-directed learning, mentorship, and a strong personal brand helped him pivot careers and thrive in the FinTech space. He explains why the security industry needs to stop glorifying certifications, how to break in through SOC roles, and what truly makes a candidate stand out in interviews. From coaching new talent to advising startups on go-to-market strategies, Marius emphasizes that attitude and aptitude matter far more than credentials.Key Topics Covered:Why Marius walked away from a career in physical security—and how that experience shaped his cyber pathThe critical difference between certification collecting and real-world skill developmentWhy most entry-level cybersecurity roles are in SOCs—and how to leverage thatHow sharing your learning journey online builds credibility and unlocks job opportunitiesThe two A's that matter most when hiring: attitude and aptitudeCommon mistakes startups make when targeting CISOs and building security toolsThe growing risks of “AI-washing” and what real AI innovation should look likeWhy mentorship only works when mentees are willing to put in the workHow to shift from security awareness “stick” tactics to culture-based collaborationWhat it means to build a personal brand that outlasts your job titleMarius' story proves that cybersecurity success doesn't come from certificates—it comes from curiosity, consistency, and community. Whether you're just starting your career or leading a security team, this episode will inspire you to focus on what really moves the needle.Marius Poskus Podcast - Cyber Diaries Podcast

Cracking Cyber Security Podcast from TEISS
teissTalk: Refining your API security strategy to protect against AI-driven attacks

Cracking Cyber Security Podcast from TEISS

Play Episode Listen Later Jul 24, 2025 45:30


Protecting against sophisticated AI-powered attacks on APIs - identifying anomalies and threatsMeeting API compliance and data protection challenges with emerging technologiesMoving towards a mature posture for API securityThom Langford, Host, teissTalkhttps://www.linkedin.com/in/thomlangford/Tiago Rosado, Chief Information Security Officer, Asitehttps://www.linkedin.com/in/tiagorosado/Anne Coulombe, CISO, Bleuet LLChttps://www.linkedin.com/in/annecoulombe/Menachem Perlman,  Director, Global Solutions Engineering at Akamai Technologies - API Security,  Akamaihttps://www.linkedin.com/in/menachemperlman/

Artificial Intelligence in Industry with Daniel Faggella
How AI Partnerships Make Security a Strategic Advantage - with Bryan Willett of Lexmark

Artificial Intelligence in Industry with Daniel Faggella

Play Episode Listen Later Jul 23, 2025 19:20


Today's guest is Bryan Willett, Chief Information Security Officer. Bryan discusses how organizations can shift security from a reactive compliance task to a strategic advantage by leveraging AI partnerships and transparent communication. He explains how proactive security packages and AI-driven tools streamline vendor due diligence and RFP responses, reducing bottlenecks and improving cross-team collaboration. Bryan also emphasizes the importance of evaluating vendor development hygiene and maintaining developer awareness as key components to managing evolving AI-enabled cyber threats. This episode is sponsored by Aquant. Learn how brands work with Emerj and other Emerj Media options at emerj.com/ad1. Want to share your AI adoption story with executive peers? Click emerj.com/expert2 for more information and to be a potential future guest on the ‘AI in Business' podcast!

IT IST ALLES.
#109 | Ferdinand Gehringer - Wie ebnet Souveränität den Weg in eine resiliente Zukunft Deutschlands?

IT IST ALLES.

Play Episode Listen Later Jul 23, 2025 53:36


Hallo da draußen an den Empfangsgeräten und herzlich willkommen zu einer neuen IT IST ALLES. Podcast Folge. In Folge #109 begrüßen Julius und Marcel erneut Ferdinand Gehringer in ihrer Runde. Ferdinand war bereits in Folge #89 zu Gast und ist Policy Advisor bei der Konrad-Adenauer-Stiftung in Berlin. Dort berät er Bundespolitiker:innen sowie Mitglieder:innen des Bundeskabinetts – auch auf internationaler Ebene. Sein thematischer Schwerpunkt: Cyber- und IT-Sicherheit sowie hybride Bedrohungen. Gemeinsam mit Julius und Marcel spricht Ferdinand über die Schnittstellen zwischen IT, Politik und Wirtschaft – und über die aktuellen sicherheitspolitischen Herausforderungen auf Bundesebene. Im Fokus stehen unter anderem Richtlinien zur Informationssicherheit und die Frage, wie digitale Souveränität den Weg in eine resilientere Zukunft für Deutschland ebnen kann.

SecureChat Podcast
The IAM Maturity Journey: Balancing Innovation, Complexity & Compliance

SecureChat Podcast

Play Episode Listen Later Jul 21, 2025 19:49


RKON Chief Revenue Officer, Brian Jeffords, sits down with Chief Information Security Officer, Gerard Onorato, and Director of IAM & Zero Trust, Duane Clouse, to unpack how organizations are navigating the growing complexity of Identity and Access Management. Together, they explore the challenges of managing identities across hybrid environments, diverse tools, and expanding user types—while addressing mounting regulatory pressure, evolving cyber threats, and the accelerating pace of technology.

That ALL Might Be Edified: Discussions on Servant Leadership
Leading with Grace: Vulnerability, Empathy, and the Power of Permission

That ALL Might Be Edified: Discussions on Servant Leadership

Play Episode Listen Later Jul 20, 2025 44:22


In this powerful episode, we sit down with cybersecurity executive and thought leader Tammy Klotz to explore the profound impact of compassionate leadership in high-stakes environments. Tammy shares a deeply personal story of receiving crucial support from a leader during a professional and personal crisis—a moment that shaped her own leadership philosophy and redefined how she views strength in the workplace.We discuss what it means to show vulnerability in a world that often demands perfection, and why soft skills like emotional intelligence, grace, and empathy aren't optional—they're essential. Tammy opens up about how leaders can create psychological safety, establish rituals that foster connection and trust, and give explicit permission for authenticity, rest, boundaries, and even failure.This conversation is a masterclass in human-centered leadership and a reminder that some of the most powerful things leaders can offer don't come from a playbook—they come from the heart.Topics Covered:The moment a leader's support changed everythingCreating space for vulnerability in high-performing teamsWhy emotional intelligence and empathy are critical leadership skillsBuilding team rituals that support culture and connectionThe impact of leaders giving “permission” to be humanGuest Bio:Tammy Klotz is the Chief Information Security Officer at Trinseo, a Top 100 CISO, and the author of Leading with Empathy & Grace. With over 30 years in cybersecurity leadership, she is redefining what it means to lead with both strength and soul. She holds esteemed certifications including CISM, CISSP, and CRISC, and has earned notable accolades such as the 2022 Covanta Leadership Award and recognition as a Top 100 CISO by Cyber Defense Magazine in 2023. Tammy is also the author of "Leading with Empathy & Grace: Secrets to Developing High-Performing Teams", where she shares insights on leadership, resilience, and emotional intelligence.Resources: Leading with Empathy and Grace - Tammy KlotzLeading with Empathy and Grace: Secrets to Developing High- Performing TeamsRituals Roadmap - Erica KeswinRituals Roadmap: The Human Way to Transform Everyday Routines into Workplace MagicThe Anxious Generation - Jonathan Haidt The Anxious Generation: How the Great Rewiring of Childhood Is Causing an Epidemic of Mental Illness

The Professional Services Pursuit
Ep. 97 – Innovation Without Compromise: IT's Role in Securing the AI Future w/ Taison Kearney

The Professional Services Pursuit

Play Episode Listen Later Jul 17, 2025 27:23


How are today's IT leaders adapting to the breakneck pace of AI and cybersecurity evolution? In this episode of The Professional Services Pursuit, host Banoo welcomes Taison Kearney, Chief Information Security Officer and Data Protection Officer at Kantata. With over two decades of experience, Taison shares how IT teams are shifting from traditional support roles to become strategic drivers in AI governance and cybersecurity leadership.This conversation offers a front-line view into the challenges and opportunities that come with AI adoption, from managing risk and “shadow AI” to building future-ready security teams and becoming a trusted advisor to clients.Key Topics Covered:The benefits and risks of enterprise AI adoptionHow the CISO role is expanding in the era of AIBuilding a proactive, secure, and AI-savvy IT cultureEarning client trust through strategic security partnershipThe specific risks facing professional services firms, and how data centralization helps mitigate them Hosted on Acast. See acast.com/privacy for more information.

AZ Tech Roundtable 2.0
Tech Productivity to AI to Cybersecurity to Sports Cars - Best of Tech 1st half 2025 - AZ TRT S06 EP12 (274) 7-6-2025

AZ Tech Roundtable 2.0

Play Episode Listen Later Jul 17, 2025 43:15


Tech Productivity to AI to Cybersecurity to Sports Cars - Best of Tech 1st half 2025   - AZ TRT S06 EP12 (274) 7-6-2025       What We Learned This Week ChatGPT is an AI chatbot, developed by OpenAI, that can engage in human-like conversations Obvious Future is building Machine Learning (AI) programs to be used onsite for a business Oilstain Lab creates high end retro futuristic designer sports car - in EV models ACTRA - Cyber threats affect everyone from Gov't to business to private and growing Clips form podcasts focused on tech in the 1st Half of 2025 Notes:  Segment 1: Tech Productivity - AZ TRT S06 EP06 (267) 3-23-2025             What We Learned This Week ChatGPT is an AI chatbot, developed by OpenAI, that can engage in human-like conversations ChatGPT can read docs, edit docs, answer Qs, and transcribe Elevenreader – app that turns any document into audio Google Drive – office suite of tools for spreadsheets, docs, powerpoints, & more Todoist – task management program Pocket – web research tool that saves & organizes links     Guest: Denver Nowicz, President - Wealth For Lifehttp://wealthforlife.net/ Denver is an advisor with nearly 20 years experience working with clients in investments and insurance, designing retirement plans with a combo of both. He takes us through different strategies for clients to get the best allocations for their money over the long term. It is the Combo Strategy of both Offense and Defense, the synergy of the mix, not ‘All or Nothing'.   Full Show: HERE     Segment 2: Cybersecurity Response Plan w/ Frank Grimmelmann of ACTRA - AZ TRT S06 EP03 (264) 2-9-2025                 What We Learned This Week ACTRA Arizona Cyber Threat Response Alliance Cyber threats affect everyone from Gov't to business to private and growing Companies need to be responsive with speed to be effective + share information of attacks ACTRA has members from both government and private sector ACTRA helped create a state cybersecurity response model that other states can use     Guest: Frank Grimmelmann https://www.actraaz.org/actra/leadership President & CEO/Intelligence Liaison Officer   Mr. Grimmelmann also serves as Co-Chair (together with Arizona's Chief Information Security Officer) for the Arizona Cybersecurity Team (‘ACT'), created through the Governor's Executive Order signed in March 2018. He also serves as a Founding Member of the National Leadership Group for the Information Sharing & Analysis Organization Standards Organization (‘ISAO SO') at the University of Texas San Antonio (UTSA), created under the President's Executive Order 13691 in February 2015. As ACTRA's leader, Mr. Grimmelmann was invited as the first private sector representative in the Arizona Counter Terrorism Information Center (ACTIC) and served as its first private sector Executive Board representative from 2014-2019. He presently acts as ACTRA's designated private sector liaison to ACTRA's Key Agency and other non-Member Stakeholders.     Full Show: HERE   Segment 3: Futuristic EV Designer Sports Car w/ Nikita Bridan of Oilstainlab - AZ TRT S06 EP02 (263) 1-26-2025              What We Learned This Week Oilstain Lab creates high end retro futuristic designer sports car - in EV models EV Car Designers for Gearheads who hate EVs All the capabilities of a sports car, on a liteweight carbon fiber frame, + sound & an electric motor Inspired by the race cars of Italy & classic 1960s sports cars     Guest: Nikita Bridan, Co-Founder, CEO Nikita Bridan is co-founder & chief executive officer of Oilstainlab. A car design strategist with 15 years of OEM and startup experience, Nikita has worked with world-renowned brands including Lyft, Cruise, GM, Toyota, Genesis, ONE, and more on electrification, platforms, and strategy. In 2019, Nikita co-founded Oilstainlab with his twin brother, Iliya, as an automotive design consultancy service and playground, and developed it into a boundary-pushing, custom vehicle manufacturer. Nikita lives his life as fast as the cars he builds, once being pulled over at 140mph in Arizona and getting off with a warning. Nikita earned bachelor's degrees in Transportation Design from the Istitudo Europeo di Design in Italy and the ArtCenter College of Design in Pasadena, California, where he now serves as an instructor to the next generation of designers.   Leading a New Generation of Automotive with Oilstainlab Co-Founder Nikita Bridan The future of automotive design is in the hands of twin brothers, Nikita and Iliya Bridan.  The founders of Oilstainlab have turned heads worldwide with their automotive creations, most notably the Half-11, its half Porsche-half Formula 1 race car that pays homage to the golden age of motor racing.  Full Show: HERE     Segment 4   Machine Learning (AI) Onsite w/ Eddi Weinwurm of Obvious Future - AZ TRT S06 EP01 (262) 1-5-2025                 What We Learned This Week Obvious Future is building Machine Learning (AI) programs to be used onsite for a business Corporate Data is too sensitive to be in the cloud / internet Business cannot use cloud AI programs like ChatGPT, Google Cloud, etc because of IP and privacy concerns Large Language Models are not necessary, have more data than needed, can have smaller AI programs tailored for business   Guest:  Eddi Weinwurm AI is top of mind for most enterprises…but most don't know the risks especially in the cloud.   https://obviousfuture.com/#    Eddi Weinwurm is a co-founder and CEO of Obvious Future an AI company with a new approach to keeping AI local and secure.   Eddi Weinwurm has many years of experience in both the development of media management software and AI.  As a visionary he formed the company to address critical enterprises in the growing AI market.     ObviousFuture Resident AI: Faster, Safer, and Transforming Enterprise AI   Eddi Weinwurm co-founder and CEO of ObviousFuture is on a mission to make AI safer and faster for enterprises.   ObviousFuture, a trailblazer in secure and private AI solutions, will be unveiling a disruptive AI solution for the enterprise on December 18—Resident AI.    This solution empowers enterprises to harness the full potential of AI while safeguarding their data locally, marking a critical evolution in the AI landscape.   ObviousFuture's Resident AI operates entirely on-premise, solving a $500 billion market problem by addressing vulnerabilities like data privacy risks, compliance challenges, and vendor lock-ins. The company is focused on key sectors such as government, defense, surveillance, medical, and media.   Early adopters, have achieved ROI within just two months of deployment of the Resident AI platform.   Full Show: HERE     Biotech Shows: https://brt-show.libsyn.com/category/Biotech-Life+Sciences-Science   AZ Tech Council Shows:  https://brt-show.libsyn.com/size/5/?search=az+tech+council *Includes Best of AZ Tech Council show from 2/12/2023   Tech Topic: https://brt-show.libsyn.com/category/Tech-Startup-VC-Cybersecurity-Energy-Science  Best of Tech: https://brt-show.libsyn.com/size/5/?search=best+of+tech   ‘Best Of' Topic: https://brt-show.libsyn.com/category/Best+of+BRT      Thanks for Listening. Please Subscribe to the AZ TRT Podcast.     AZ Tech Roundtable 2.0 with Matt Battaglia The show where Entrepreneurs, Top Executives, Founders, and Investors come to share insights about the future of business.  AZ TRT 2.0 looks at the new trends in business, & how classic industries are evolving.  Common Topics Discussed: Startups, Founders, Funds & Venture Capital, Business, Entrepreneurship, Biotech, Blockchain / Crypto, Executive Comp, Investing, Stocks, Real Estate + Alternative Investments, and more…    AZ TRT Podcast Home Page: http://aztrtshow.com/ ‘Best Of' AZ TRT Podcast: Click Here Podcast on Google: Click Here Podcast on Spotify: Click Here                    More Info: https://www.economicknight.com/azpodcast/ KFNX Info: https://1100kfnx.com/weekend-featured-shows/     Disclaimer: The views and opinions expressed in this program are those of the Hosts, Guests and Speakers, and do not necessarily reflect the views or positions of any entities they represent (or affiliates, members, managers, employees or partners), or any Station, Podcast Platform, Website or Social Media that this show may air on. All information provided is for educational and entertainment purposes. Nothing said on this program should be considered advice or recommendations in: business, legal, real estate, crypto, tax accounting, investment, etc. Always seek the advice of a professional in all business ventures, including but not limited to: investments, tax, loans, legal, accounting, real estate, crypto, contracts, sales, marketing, other business arrangements, etc.  

Cooperatively Speaking
From Pen Testing to Protection: Ball State's Cybersecurity Journey

Cooperatively Speaking

Play Episode Listen Later Jul 16, 2025 33:41


What does it take to build a resilient cybersecurity strategy in higher education - especially with limited resources and rising threats?Tobey Coffman, Chief Information Security Officer at Ball State University, and Ron Pelletier, founder of Pondurance, share how their partnership grew from a single pen test into a fully managed, 24/7 detection and response program. Together, they break down the real-world challenges campuses face, the tipping point that led Ball State to invest in around-the-clock protection, and what makes a vendor-university relationship truly work.Whether you're just getting started or looking to deepen your institution's cybersecurity posture, this conversation delivers insight, strategy, and lessons learned from the front lines.Guests: Tobey Coffman, Executive Director of Information Security and Chief Information Security Officer, Ball State University & Ron Pelletier, Founder & Chief Customer Officer, Pondurance Host: Matt Levine, Category Marketing Manager, E&I Cooperative Services Relevant Links:E&I's Pondurance ContractCooperatively Speaking is hosted by E&I Cooperative Services, the only member-owned, non-profit procurement cooperative exclusively focused on serving the needs of education. Visit our website at www.eandi.org/podcast.Contact UsHave questions, comments, or ideas for a future episode? We'd love to hear from you! Contact Cooperatively Speaking at podcast@eandi.org. This podcast is for informational purposes only. The views expressed in this podcast may not be those of the host(s) or E&I Cooperative Services.

Business of Tech
Rethinking Cybersecurity: Why Traditional MFA Fails and the Future of Phishing-Resistant Solutions with Bob Burke

Business of Tech

Play Episode Listen Later Jul 13, 2025 21:11


Bob Burke, Chief Information Security Officer at Beyond Identity, challenges the effectiveness of traditional multi-factor authentication (MFA) in the evolving landscape of cybersecurity. He argues that legacy MFA solutions, which often rely on out-of-band authorization methods like push notifications or one-time passwords, are no longer sufficient against the rising tide of sophisticated cyber threats. With the advent of services like phishing-as-a-service, attackers can easily bypass these outdated security measures, necessitating a shift towards phishing-resistant authentication methods. Burke emphasizes the need for organizations to adopt solutions that not only enhance security but also consider device posture and trustworthiness.Burke also critiques the current state of FIDO2 and passkeys, acknowledging their potential while highlighting their limitations, particularly in terms of device posture and user experience. He suggests that small to mid-sized businesses (SMBs) should prioritize phishing-resistant solutions that integrate both browser protection and device authentication. Furthermore, he raises concerns about the pricing models of many Software as a Service (SaaS) providers, which often place essential security features behind higher-tier subscriptions, effectively discouraging customers from adopting more secure practices.The conversation shifts to the endpoint detection and response (EDR) market, where Burke notes that while EDR solutions are still necessary, they are evolving into more comprehensive offerings like extended detection and response (XDR). He points out that many of these solutions are priced for enterprise-level organizations, leaving SMBs and mid-market companies struggling to find affordable options. Burke encourages these organizations to seek out solutions that fit their budget while still providing essential security capabilities.Finally, Burke shares insights from his experience with the FedRAMP certification process, emphasizing the importance of building internal security competencies and integrating security into product design from the outset. He advocates for a clear internal compliance program, such as NIST, to guide organizations in their security efforts. As the cybersecurity landscape continues to evolve, Burke warns that the tempo and scope of attacks are increasing, driven by advancements in AI, and urges organizations to reassess their security architectures to stay ahead of emerging threats.  All our Sponsors: https://businessof.tech/sponsors/ Do you want the show on your podcast app or the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/subscribe/Looking for a link from the stories? The entire script of the show, with links to articles, are posted in each story on https://www.businessof.tech/ Support the show on Patreon: https://patreon.com/mspradio/ Want to be a guest on Business of Tech: Daily 10-Minute IT Services Insights? Send Dave Sobel a message on PodMatch, here: https://www.podmatch.com/hostdetailpreview/businessoftech Want our stuff? Cool Merch? Wear “Why Do We Care?” - Visit https://mspradio.myspreadshop.com Follow us on:LinkedIn: https://www.linkedin.com/company/28908079/YouTube: https://youtube.com/mspradio/Facebook: https://www.facebook.com/mspradionews/Instagram: https://www.instagram.com/mspradio/TikTok: https://www.tiktok.com/@businessoftechBluesky: https://bsky.app/profile/businessof.tech

The FIT4PRIVACY Podcast - For those who care about privacy
How Does the CISO Define Digital Trust and Collaborate with Privacy Functions

The FIT4PRIVACY Podcast - For those who care about privacy

Play Episode Listen Later Jul 10, 2025 6:46


In today's digital world, trust is everything. But what does digital trust really mean? And how do security leaders like CISOs help build it while working with privacy teams?In this insightful trailer episode of the FIT4PRIVACY Podcast, cybersecurity expert Aman Tara joins host Punit Bhatia to break down the evolving role of the Chief Information Security Officer. You'll learn how CISOs protect company data, follow privacy laws, and work closely with privacy teams to keep personal information safe and hear how regular meetings and teamwork between security and privacy experts help stop threats before they happen—especially with new technologies like artificial intelligence changing the game. If you want to understand how companies keep your data safe and build trust in a digital world, this episode is for you! This is an extract from the full episode of The FIT4PRIVACY Podcast. If you like this, you will enjoy the full episode. If this is your first time, the FIT4PRIVACY Podcast is a privacy podcast for those who care about privacy. In this podcast, you listen to and learn from the industry influencers who share their ideas. The episodes are released as audio every Wednesday and video every Thursday.  If you subscribe to our podcast, you will be notified about new episodes. If you have not done so, write a review and share it with someone who will benefit.  RESOURCES Websites www.fit4privacy.com, www.punitbhatia.com, https://www.linkedin.com/in/aman-tara-cisa-cdpse-cfe-b6095483/ Podcast https://www.fit4privacy.com/podcast Blog https://www.fit4privacy.com/blog YouTube http://youtube.com/fit4privacy   

Cyber 9/11 with Dr. Eric Cole
Mastering the CISO Journey with Guest Christophe Foulon

Cyber 9/11 with Dr. Eric Cole

Play Episode Listen Later Jul 10, 2025 24:51


In this episode of Life of a CISO, Dr. Eric Cole sits down with cybersecurity expert and fellow podcaster Christophe Foulon to dive deep into the evolving role of the Chief Information Security Officer. From breaking into cybersecurity to leading organizations through strategic risk decisions, Christophe shares real-world insights on how to transition from technical roles to executive leadership. They explore the challenges of balancing hands-on work with high-level strategy, how to communicate with business leaders without getting lost in technical jargon, and how to manage burnout while building organizational resilience. Christophe also tackles major topics like AI, zero trust, cyberwarfare, and BYOD policies, offering practical advice for today's and tomorrow's CISOs. If you're aiming to elevate your cybersecurity career or want to understand how top leaders think, this episode is packed with guidance, clarity, and perspective.  

Live Bold & Boss Up
Bold Moves in Healthcare Tech with Moffitt’s CISO

Live Bold & Boss Up

Play Episode Listen Later Jul 3, 2025 9:54


This week, Steph & Ash keep the Tampa Bay Tech PoweredUp series rolling with a fun and insightful chat with Doug Fee, Chief Information Security Officer at Moffitt Cancer Center. We explore the complex tech challenges facing the healthcare world, including the vital role cybersecurity plays in protecting patients and their data. Doug also breaks […] The post Bold Moves in Healthcare Tech with Moffitt’s CISO appeared first on Radio Influence.

Radio Influence
Bold Moves in Healthcare Tech with Moffitt’s CISO

Radio Influence

Play Episode Listen Later Jul 3, 2025 9:54


This week, Steph & Ash keep the Tampa Bay Tech PoweredUp series rolling with a fun and insightful chat with Doug Fee, Chief Information Security Officer at Moffitt Cancer Center. We explore the complex tech challenges facing the healthcare world, including the vital role cybersecurity plays in protecting patients and their data. Doug also breaks […] The post Bold Moves in Healthcare Tech with Moffitt's CISO appeared first on Radio Influence.

Dark Rhino Security Podcast
S17 E07 You Think MFA Is Enough? Think Again.

Dark Rhino Security Podcast

Play Episode Listen Later Jun 26, 2025 49:20


Bob Burke is the Chief Information Security Officer at Beyond Identity, where he plays a key role in building and securing the company's identity-first access management platform. He has over 20 years of experience in cybersecurity and engineering leadership and brings deep expertise in identity, cloud infrastructure, compliance, and protecting mission-critical SaaS systems.00:00 Intro10:07 What the main threat back then?13:30 Finding a Security Architect15:24 What gaps cause MFA to go down?18:00 You don't know you've been breached22:36 Should CISOs be part of IT?30:31 Phishing Resistant Attacks33:42 Beyond Identity37:42 If your identity is compromised…41:19 Hardware supply chain47:45 More about Bob------------------------------------------------------------To learn more about Dark Rhiino Security visit https://www.darkrhiinosecurity.com------------------------------------------------------------SOCIAL MEDIA:Stay connected with us on our social media pages where we'll give you snippets, alerts for new podcasts, and even behind the scenes of our studio!Instagram: @securityconfidential and @DarkrhiinosecurityFacebook: @Dark-Rhiino-Security-IncTwitter: @darkrhiinosecLinkedIn: @dark-rhiino-securityYoutube: @DarkRhiinoSecurity ​

Dark Rhino Security Podcast
S17 E07 (VIDEO) You Think MFA is Enough? Think Again.

Dark Rhino Security Podcast

Play Episode Listen Later Jun 26, 2025 49:20


Bob Burke is the Chief Information Security Officer at Beyond Identity, where he plays a key role in building and securing the company's identity-first access management platform. He has over 20 years of experience in cybersecurity and engineering leadership and brings deep expertise in identity, cloud infrastructure, compliance, and protecting mission-critical SaaS systems.00:00 Intro10:07 What the main threat back then?13:30 Finding a Security Architect15:24 What gaps cause MFA to go down?18:00 You don't know you've been breached22:36 Should CISOs be part of IT?30:31 Phishing Resistant Attacks33:42 Beyond Identity37:42 If your identity is compromised…41:19 Hardware supply chain47:45 More about Bob------------------------------------------------------------To learn more about Bob visit https://www.linkedin.com/in/bob-burke-4293712/To learn more about Dark Rhiino Security visit https://www.darkrhiinosecurity.com------------------------------------------------------------SOCIAL MEDIA:Stay connected with us on our social media pages where we'll give you snippets, alerts for new podcasts, and even behind the scenes of our studio!Instagram: @securityconfidential and @DarkrhiinosecurityFacebook: @Dark-Rhiino-Security-IncTwitter: @darkrhiinosecLinkedIn: @dark-rhiino-securityYoutube: @DarkRhiinoSecurity ​

Cracking Cyber Security Podcast from TEISS
teissTalk: Surviving a critical CVE - a high-impact playbook

Cracking Cyber Security Podcast from TEISS

Play Episode Listen Later Jun 26, 2025 47:42


Risk-based prioritising using severity scoring and patch analysisEscaping the silo trap - bridging the gap between IT and security teamsAutomate rules to handle high-severity vulnerabilities and zero-daysJonathan Craven, Host, teissTalkhttps://www.linkedin.com/in/jonathanbcraven/Tiago Rosado, Chief Information Security Officer, Asitehttps://www.linkedin.com/in/tiagorosado/Cameron Brown, Head of Cyber Threat and Risk Analytics, Ariel Rehttps://www.linkedin.com/in/analyticalcyber/York von Eichel-Streiber, Product Marketing Manager, NinjaOnehttps://www.linkedin.com/in/york-von-eichel-streiber-50552b9b

Empowered Patient Podcast
Cybersecurity and Hidden Dangers of Healthcare Interoperability with Kory Daniels Trustwave

Empowered Patient Podcast

Play Episode Listen Later Jun 24, 2025 19:22


Kory Daniels, Chief Information Security Officer at Trustwave,  highlights the unique cybersecurity challenges facing the healthcare industry, particularly in this environment of funding constraints and the increasing sophistication of cyberattacks. Healthcare data is highly valuable to cybercriminals, who can use it for ransomware attacks, identity and insurance fraud, and other nefarious purposes. AI can be part of both the attack and the solution, helping to build in more cyber resilience and awareness about vulnerabilities. Kory explains, "Healthcare is a prime target for cyberattacks for a very fundamental reason. When human lives are at risk due to a criminal objective—which is to make money—they view organizations where human lives are at risk as a greater potential and opportunity. Facilitation of ransomware payments: Ransomware is one of the largest tactics that criminals use to achieve financial gain, but it's not the only tactic they use to achieve financial gain. So, they're looking to exploit the fear and uncertainty, putting patient lives at risk and adding complexity to patient care through their nefarious actions. But also, healthcare data is very attractive for cybercriminals, and just criminal activity in general. And why that is, is that criminals are looking at healthcare data even more so—it's more valuable than driver's license data." "Look at the opportunity of what you can do with healthcare records, and what can you do with PII, Personally Identifiable Information. Threat actors are tapping into this data in several different ways to achieve the additional financial gain above and beyond targeting a healthcare organization with a ransomware attack." "But they're also committing fraud, and fraud toward healthcare insurers, and looking at submitting false claims, fraud against the prescription drug industry in terms of soliciting and looking to obtain prescription drugs through nefarious means, but utilizing data and identity data that comes from hospital and healthcare records. There are a variety of different ways that we've just scratched the surface on, which make the healthcare industry such a desirable target for those seeking to achieve financial gain in the criminal industry." #Trustwave #Cybersecurity #CyberAttacks #HealthcareSecurity #HealthcareIT #CISOInsights trustwave.com Download the transcript here

Empowered Patient Podcast
Cybersecurity and Hidden Dangers of Healthcare Interoperability with Kory Daniels Trustwave TRANSCRIPT

Empowered Patient Podcast

Play Episode Listen Later Jun 24, 2025


Kory Daniels, Chief Information Security Officer at Trustwave,  highlights the unique cybersecurity challenges facing the healthcare industry, particularly in this environment of funding constraints and the increasing sophistication of cyberattacks. Healthcare data is highly valuable to cybercriminals, who can use it for ransomware attacks, identity and insurance fraud, and other nefarious purposes. AI can be part of both the attack and the solution, helping to build in more cyber resilience and awareness about vulnerabilities. Kory explains, "Healthcare is a prime target for cyberattacks for a very fundamental reason. When human lives are at risk due to a criminal objective—which is to make money—they view organizations where human lives are at risk as a greater potential and opportunity. Facilitation of ransomware payments: Ransomware is one of the largest tactics that criminals use to achieve financial gain, but it's not the only tactic they use to achieve financial gain. So, they're looking to exploit the fear and uncertainty, putting patient lives at risk and adding complexity to patient care through their nefarious actions. But also, healthcare data is very attractive for cybercriminals, and just criminal activity in general. And why that is, is that criminals are looking at healthcare data even more so—it's more valuable than driver's license data." "Look at the opportunity of what you can do with healthcare records, and what can you do with PII, Personally Identifiable Information. Threat actors are tapping into this data in several different ways to achieve the additional financial gain above and beyond targeting a healthcare organization with a ransomware attack." "But they're also committing fraud, and fraud toward healthcare insurers, and looking at submitting false claims, fraud against the prescription drug industry in terms of soliciting and looking to obtain prescription drugs through nefarious means, but utilizing data and identity data that comes from hospital and healthcare records. There are a variety of different ways that we've just scratched the surface on, which make the healthcare industry such a desirable target for those seeking to achieve financial gain in the criminal industry." #Trustwave #Cybersecurity #CyberAttacks #HealthcareSecurity #HealthcareIT #CISOInsights trustwave.com Listen to the podcast here

Better Tech
Cybersecurity in Finance & Entertainment

Better Tech

Play Episode Listen Later Jun 18, 2025 26:27


In this episode of the BetterTech podcast, host Colin McCarthy sits down with Roberto Galdamez, Chief Information Security Officer at Kovac Financial Network. Roberto shares his remarkable journey from working with the Miami Dolphins to leading cybersecurity efforts in the financial sector. He dives into key leadership lessons for aspiring CISOs, the growing impact of AI-powered threats, and why soft skills are just as vital as technical expertise. Roberto also unpacks how the role of the CISO is rapidly evolving, shifting from technical oversight to a strategic, board-level influence. Whether you're early in your cybersecurity career or aiming for leadership, this episode is full of insight.

Afternoon Cyber Tea with Ann Johnson
The Human Firewall: People-First Cybersecurity

Afternoon Cyber Tea with Ann Johnson

Play Episode Listen Later Jun 17, 2025 33:03


Dr. Aleise McGowan, Chief Information Security Officer of BlackGirlsHack and a 20-year cybersecurity veteran, joins Ann on this week's episode of Afternoon Cyber Tea. Aleise shares how a career-defining hack early on shifted her trajectory from developer to defender, and why she believes the future of security lies in resilience, diversity, and human-centered leadership. She talks about what separates good and great leaders during the first hours of an incident response and why delayed action equals exponential damage. She also spotlights her work with BlackGirlsHack, a rapidly growing nonprofit that opens doors for underrepresented talent in cyber, and makes the case that building an inclusive security workforce isn't just the right thing to do, it's the smart thing to do.    Resources:   View Aleise McGowan on LinkedIn   View Ann Johnson on LinkedIn       Related Microsoft Podcasts:   Microsoft Threat Intelligence Podcast   The BlueHat Podcast    Uncovering Hidden Risks           Discover and follow other Microsoft podcasts at microsoft.com/podcasts      Afternoon Cyber Tea with Ann Johnson is produced by Microsoft and distributed as part of N2K media network.    

@BEERISAC: CPS/ICS Security Podcast Playlist
Episode 314 Deep Dive: Imran Husain | Cybersecurity Threats in the Manufacturing World

@BEERISAC: CPS/ICS Security Podcast Playlist

Play Episode Listen Later Jun 13, 2025 41:00


Podcast: KBKAST (LS 31 · TOP 5% what is this?)Episode: Episode 314 Deep Dive: Imran Husain | Cybersecurity Threats in the Manufacturing WorldPub date: 2025-06-11Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this episode, we sit down with Imran Husain, Chief Information Security Officer at MillerKnoll, as he discusses the evolving landscape of cybersecurity threats in the manufacturing sector. Imran explores the challenges that arise as manufacturing increasingly integrates with online technologies and IoT, highlighting the unique vulnerabilities posed by legacy systems and operational technology (OT). He shares insights on high-profile incidents like the Norsk Hydro ransomware attack, emphasizing the importance of cyber resilience, data backup, and incident recovery. Imran also offers a candid look at why critical tasks like backing up data are often neglected, the complexities of securing aging infrastructure, and the need for creative solutions such as network segmentation and IT/OT convergence. A dedicated and trusted senior Cyber security professional, Imran Husain has over 22 years of Fortune 1000 experience that covers a broad array of domains which includes risk management, cloud security, SecDevOps, AI Security and OT Cyber practices. A critical, action-oriented leader Imran brings strategic and technical expertise with a proven ability to build cyber program to be proactive in their threat detection, identifying and engaging in critical areas to the business while upholding their security posture. He specializes in Manufacturing and Supply Chain Distribution focusing on how to best use security controls and processes to maximize coverage and reduce risk in a complex multi-faceted environment. A skilled communicator and change agent with bias to action who cultivates an environment of learning and creative thinking, Imran champions open communication and collaboration to empower and inspire teams to exceed in their respective cyber commitments. He is currently the Global Chief Information Security Officer (CISO) at MillerKnoll, a publicly traded American company that produces office furniture, equipment, and home furnishings.The podcast and artwork embedded on this page are from KBI.Media, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

CISO Tradecraft
#236 - Build a World Class GRC Program (with Matt Hillary)

CISO Tradecraft

Play Episode Listen Later Jun 9, 2025 46:30 Transcription Available


In this episode of CISO Tradecraft, host G Mark Hardy sits down with Matt Hillary, the Chief Information Security Officer of Drata, to discuss governance, risk, and compliance (GRC) and trust management. They explore key topics such as the evolution of GRC, trust management, compliance automation, and the advent of AI in compliance processes. Matt shares insights on building a world-class GRC program, the challenges and opportunities in modern-day compliance, and the mental health aspects of being a cybersecurity leader. This episode is a must-watch for any cybersecurity professional looking to enhance their GRC strategies and compliance operations. Big Thanks to our Sponsor Drata. You can learn more about them at https://drata.com/ Connect with Matt Hillary at https://www.linkedin.com/in/matthewhillary/ Transcripts - https://docs.google.com/document/d/1VzRQSEvgUwenDERlNn2bwlIpnz4QPQ15/  Chapters 01:39 Meet Matt Hillary: CISO of Drata 06:06 The Evolution of GRC and Trust Management 14:48 Continuous Compliance and Automation 19:26 Compliance as Code: The Future of GRC 22:18 The Importance of Getting It Right the First Time 23:15 Customer Compliance Challenges 24:21 Vendor Risk Management and Trust Building 26:26 Leveraging AI for Compliance and Risk Management 31:43 Evaluating Credibility of Third-Party Evidence 41:09 Common Mistakes in GRC Programs 43:56 Final Thoughts and Industry Call to Action

Product Talk
EP 546 - Sentara Health Chief Information Security Officer on Cybersecurity as a Strategic Business Enabler in Healthcare

Product Talk

Play Episode Listen Later Jun 6, 2025 43:15


Are cyber threats the biggest risk to healthcare delivery? In this podcast hosted by Mark Bailes, Sentara Health Chief Information Security Officer Zishan Siddiqui will be speaking on the critical intersection of cybersecurity, product innovation, and patient safety. He shares insights on transforming cybersecurity from a cost center to a strategic business enabler, exploring how regulations and a product mindset can drive meaningful change in the healthcare industry.

She Said Privacy/He Said Security
Outsmarting Threats: How AI is Changing the Cyber Game

She Said Privacy/He Said Security

Play Episode Listen Later Jun 5, 2025 21:32


Brett Ewing is the Founder and CEO of AXE.AI, a cutting-edge cybersecurity SaaS start-up, and the Chief Information Security Officer at 3DCloud. He has built a career in offensive cybersecurity, focusing on driving exponential improvement. Brett progressed from a Junior Penetration Tester to Chief Operating Officer at Strong Crypto, a provider of cybersecurity solutions. He brings over 15 years of experience in information technology, with the past six years focused on penetration testing, incident response, advanced persistent threat simulation, and business development. He holds degrees in secure systems administration and cybersecurity, and is currently completing a Masters in cybersecurity with a focus area in AI/ML security at the SANS Technology Institute. Brett also holds more than a dozen certifications in IT, coding, and security from the SANS Institute, CompTIA, AWS, and other industry vendors. In this episode… Penetration testing plays a vital role in cybersecurity, but the traditional manual process is often slow and resource-heavy. Traditional testing cycles can take weeks, creating gaps that leave organizations vulnerable to fast-moving threats. With growing interest in more efficient approaches, organizations are exploring new AI tools to automate tasks like tool configuration, project management, and data analysis. How can cybersecurity teams use AI to test environments faster without increasing risk? AXE.AI offers an AI-powered platform that supports ethical hackers and red teamers by automating key components of the penetration testing process. The platform reduces overhead by configuring tools, analyzing output, and building task lists during live engagements. This allows teams to complete high-quality tests in days instead of weeks. AXE.AI's approach supports complex environments, improves data visibility for testers, and scales efficiently across enterprise networks. The company emphasizes a human-centered approach and advocates for workforce education and training as a foundation for secure AI adoption. In today's episode of She Said Privacy/He Said Security, Jodi and Justin Daniels speak with Brett Ewing, Founder and CEO of AXE.AI, about leveraging AI for offensive cybersecurity. Brett explains how AXE.AI's platform enhances penetration testing and improves speed and coverage for large-scale networks. He also shares how AI is changing both attack and defense strategies, highlighting the risks posed by large language models (LLMs) and deepfakes, and explains why investing in continuous workforce training remains the most important cyber defense for companies today.

All Quiet on the Second Front
Connected for Impact: Trust, Build, Deliver (Live at Offset '25)

All Quiet on the Second Front

Play Episode Listen Later Jun 3, 2025 42:08


In this special episode of All Quiet on the Second Front, we're bringing you a live recording from Offset 2025. Moderated by Danielle Metz, 2F Chief Policy Officer, this panel tackles a question that's easy to say but hard to operationalize: how do we actually build trust between government and industry to deliver secure, mission-ready technology? Danielle is joined by Rob Nolen, Chief Technologist for DoD at AWS, Dan Garcia, Chief Information Security Officer at EnterpriseDB, and Eric Sanders, Chief Information Security Officer at DHS (I&A) and, together, they unpack the cultural and structural baggage that slows innovation—and explore what it'll take to shift hearts, minds, and bureaucracies toward impact.What's Happening on the Second Front: Building security into systems from the start (not bolting it on later)Measuring impact through velocity, not vanity metricsRisk tolerance vs. risk avoidance in government techThe role of policy and regulation in accelerating trustWhy a shared language between builders, buyers, and approvers is mission-critical

The EPAM Continuum Podcast Network
Silo Busting 71: IR Now with Tab Bradshaw and Sam Rehman

The EPAM Continuum Podcast Network

Play Episode Listen Later May 28, 2025 27:00


Today's incident response ain't your grandfather's IR. But the psychology surrounding it hasn't changed an iota. This is precisely what Sam Rehman, EPAM's Chief Information Security Officer and SVP, and Tab Bradshaw, Chief Operating Officer at Redpoint Cybersecurity, are talking about on this #SecurityByDesign conversation. “It really comes down to the preparation piece,” says Bradshaw. It's about being well prepared and asking: “How often do you prepare in your organization, at a technical level, at an executive level, to handle some sort of incident?” Rehman agrees and says that he has clients wondering, “OK, so when am I done?” The perception is that being IR-ready is enough, he says. “That's not the case. It's a muscle. It's emotion. It's how you work. It's how you react to it.” There are benefits to knowing the proper way to react. “A well-handled breach really builds credibility,” says Bradshaw, adding that the word “reasonable” is omnipresent in IR documentation. He says: “Reasonableness is not just about having a mitigation strategy.” It's also about, say, practicing tabletop exercises. Regularly. So that when you're asked about doing regular tabletop sessions, the answer is, as Bradshaw puts it: “Yes, we did it every quarter for the past five years. We feel like we're in a pretty good spot that if something happens, might not be perfect, but we think we have good preparation, consistent preparation, consistent practice, to your point, to respond to the incident when it does occur.” Rehman says that security people are “used to having that sudden sense of violent impulse and urgency coming to us,” but what about the business leaders and everyone else in the organization? He asks Bradshaw about IR communication: “How do you guide the team through it, especially when everybody's thinking about, ‘Oh, am I gonna be on the news?'” Of the thousands of breaches Bradshaw and his team have responded to, for “a third, maybe half” of them, there is “some internal chaos at the client—and it's not because anybody's doing a bad thing.” “It really comes down to what I call C-squared,” says Bradshaw, which is shorthand for “communication and coordination. Someone has to be the quarterback.” Bradshaw says the chaos is about “a lack of preparation and testing.” A tabletop exercise needs to be a live fire exercise: “Doing it once a year is not good.” Too many organizations treat IR as a checklist, which is a mistake. He says: “It's a living, cross-functional discipline that evolves with the threat landscape externally, obviously, and also internally as people move.” And so? Get moving. Hit play and get ready. Host: Lisa Kocian Engineer: Kyp Pilalas Producer: Ken Gordon

The CyberWire
Bypassing Bitlocker encryption.

The CyberWire

Play Episode Listen Later May 15, 2025 39:08


Google issues an emergency patch for a high-severity Chrome browser flaw. Researchers bypass BitLocker encryption in minutes. A massive Chinese-language black market has shut down. The CFPB cancels plans to curb the sale of personal information by data brokers. A cyberespionage campaign called Operation RoundPress targets vulnerable webmail servers. Google warns that Scattered Spider is now targeting U.S. retail companies. The largest steelmaker in the U.S. shut down operations following a cybersecurity incident. Our guest is Devin Ertel, Chief Information Security Officer at Menlo Security, discussing redefining enterprise security. The long and the short of layoffs. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On our Industry Voices segment and direct from RSAC 2025, our guest is Devin Ertel, Chief Information Security Officer at Menlo Security, discussing redefining enterprise security. Listen to Devin's interview here. Selected Reading Google fixes high severity Chrome flaw with public exploit (Bleeping Computer) BitLocker Encryption Bypassed in Minutes Using Bitpixie Vulnerability: PoC Released (Cyber Security News) The Internet's Biggest-Ever Black Market Just Shut Down Amid a Telegram Purge (WIRED)  German operation shuts down crypto mixer eXch, seizes millions in assets (The Record) CFPB Quietly Kills Rule to Shield Americans From Data Brokers (WIRED) EU ruling: tracking-based advertising by Google, Microsoft, Amazon, X, across Europe has no legal basis (Irish Council for Civil Liberties) Operation RoundPress targeting high-value webmail servers (We Live Security) Google says hackers that hit UK retailers now targeting American stores (Reuters) Cybersecurity incident forces largest US steelmaker to take some operations offline (The Record) Infosec Layoffs Aren't the Bargain Boards May Think (Dark Reading)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Unscripted Leadership
Episode 7: Lee Parrish, VP and Chief Information Security Officer with Newell Brands

Unscripted Leadership

Play Episode Listen Later May 14, 2025


On this month's episode of Unscripted Leadership, Comcast Business VP Heather Orrico is joined by Lee Parrish, Vice President and Chief Information Security Officer with Newell Brands. Lee is also the CEO and Chief Creative Officer for Novel Security. Lee discusses how his time serving in the Marines shaped him as a person and drives him, […] The post Episode 7: Lee Parrish, VP and Chief Information Security Officer with Newell Brands appeared first on Business RadioX ®.

Catalyst Sale Podcast
The Accidental CISO - Anonymous Accounts and Security

Catalyst Sale Podcast

Play Episode Listen Later May 7, 2025 46:04


The Accidental CISO (AC) is an anonymous voice in cybersecurity who stumbled into the Chief Information Security Officer role through a mix of timing, skill, and necessity. With a background in IT operations and service delivery, AC found unexpected purpose, community, and a platform for candid reflection on security, leadership, and personal growth. He now hosts The Mindful Business Security Show, educating SMB leaders on practical security.

Feds At The Edge by FedInsider
Ep. 199 Protecting Healthcare Identity from Modern Cyber Attack

Feds At The Edge by FedInsider

Play Episode Listen Later May 7, 2025 59:25


The 2023 FBI Internet Crime Report reveals that nearly 21% of ransomware attacks targeted the healthcare and public health sectors—making them the top victims.   This week on Feds At The Edge, we explore how agencies can defend against these growing threats.   Benjamin Koshy, Chief Information Security Officer and Director, Division of Information Security of Indian Health Service, explains the unique identity management challenge in healthcare: balancing open patient access with strict data protection.  Keith Busby, Acting CISO at CMS, outlines how to go beyond Zero Trust with real-world risk assessments and robust incident response plans - not just a three-ring binder gathering dust on a shelf.  And Alec Lizanetz, Identity Protection Specialist from CrowdStrike, emphasizes the importance of prioritizing threats and using frameworks like CISA's to respond efficiently.   Tune in on your favorite podcasting platform today to hear practical, high-impact strategies to secure critical systems and protect patient care, perfect for healthcare leaders who must protect both data and lives.      

The Great Indoors
Beyond Connectivity: How Globe is Uplifting a Nation

The Great Indoors

Play Episode Listen Later May 1, 2025 55:12


What does it take to digitally empower an entire nation – and secure it at scale? At MWC Barcelona 2025, Matthew Roberts investigates how teams across Globe Telecom are unlocking the full potential of AI. First, Matt and co-host Gil Rosen, CMO at Amdocs, are joined by Anton Reynaldo Bonifacio, Chief AI Officer and Chief Information Security Officer. Anton shares his journey into this unique dual role and offers his perspective on the future of AI leadership. He also breaks down how Globe is building its AI strategy and why your development approaches need to differ for all those on your team. Then we're joined by Darius Jose Delgado, Globe's Chief Commercial Officer. Darius leads Globe's entire commercial portfolio across mobile, broadband, and B2B, and has been instrumental in driving Globe's aggressive push toward full digital adoption and connectivity nationwide. This is a story about technology with purpose — and a commitment to nation-building that deserves to be heard.

The Talk of the Town
Talk of the Town April 29, 2025

The Talk of the Town

Play Episode Listen Later Apr 29, 2025 30:06


Fairmont City Manager Travis Blosser of their trip to Washington D.C. to meet elected leaders from the state about their Congressionally Directed Spending requests Agile 5 Technologies, Inc.- Chief Technology Officer Peter Fritch and Jacob Brozenick, Chief Information Security Officer on their work to help secure government systems 

ITSPmagazine | Technology. Cybersecurity. Society
Why CISOs Should Still Say Yes to the Role—Even Now | A RSAC Conference 2025 Conversation with Tim Brown | On Location Coverage with Sean Martin and Marco Ciappelli

ITSPmagazine | Technology. Cybersecurity. Society

Play Episode Listen Later Apr 24, 2025 22:07


In this Chats on the Road to RSAC 2025, , Sean Martin and Marco Ciappelli connect with Tim Brown, Chief Information Security Officer at SolarWinds, to unpack the critical issues facing CISOs today—and why the role remains worth pursuing.Brown is participating in multiple sessions at RSAC Conference 2025, including the CISO Bootcamp and Cyber Leaders Forum. Both are closed-door conversations designed to surface real concerns in a confidential, supportive setting. These aren't theoretical discussions—they're rooted in hard-earned experience. Brown, who has faced high-profile scrutiny and legal fallout from a past incident at SolarWinds, brings a uniquely personal perspective to these sessions.He points out that fear and hesitation are keeping many deputy CISOs from stepping up into the top role. His message to them: don't be afraid of the position. Despite the weight of responsibility, the role offers real influence, the ability to shape enterprise architecture, and the opportunity to drive meaningful business decisions. Brown emphasizes the importance of community support and collective growth, noting that the cybersecurity industry—still relatively young—is maturing and finding its footing when it comes to accountability and resilience.Beyond leadership development, mental health and stress management are key themes in the Cyber Leaders Forum. Brown acknowledges the toll the job can take, even sharing that his own health suffered despite thinking he was managing stress well. This honest reflection opens the door for deeper conversations about personal well-being in high-pressure roles.He's also appearing at the Cloud Security Alliance Summit with Chris Hoff, Chief Security Officer at LastPass, where they'll discuss incident response and field questions from the audience. On Wednesday, Brown joins a breakfast session with Tactic and Hyperwise, guiding attendees through a crisis simulation based on lessons from the Sunburst attack. His focus? Helping others avoid being unprepared in a moment of chaos.From insider threat modeling to supply chain transparency and the challenges of monitoring runtime behavior, Brown is clear-eyed about where CISOs need to focus next.This episode isn't just a preview of conference sessions—it's a call to future security leaders to lean in, not back.___________Guest: Tim Brown, CISO, Solarwinds | On LinkedIn: https://www.linkedin.com/in/tim-brown-ciso/Hosts:Sean Martin, Co-Founder at ITSPmagazine | Website: https://www.seanmartin.comMarco Ciappelli, Co-Founder at ITSPmagazine | Website: https://www.marcociappelli.com___________Episode SponsorsThreatLocker: https://itspm.ag/threatlocker-r974Akamai: https://itspm.ag/akamailbwcBlackCloak: https://itspm.ag/itspbcwebSandboxAQ: https://itspm.ag/sandboxaq-j2enArcher: https://itspm.ag/rsaarchwebDropzone AI: https://itspm.ag/dropzoneai-641ISACA: https://itspm.ag/isaca-96808ObjectFirst: https://itspm.ag/object-first-2gjlEdera: https://itspm.ag/edera-434868___________ResourcesRSAC Session: CLF Ask Me Anything Session with Tim Brown, CISO, SolarWinds: https://path.rsaconference.com/flow/rsac/us25/FullAgenda/page/catalog/session/1739404173721001x1MHRSAC Session: CISO Boot Camp Exclusive Fireside Chat with Tim Brown, CISO, SolarWinds: https://path.rsaconference.com/flow/rsac/us25/FullAgenda/page/catalog/session/1739403254724001isXhCSA Summit at RSAC 2025: Fireside Chat with Tim Brown and Chris Hoff: https://www.csasummitrsac.com/event/5b3547c2-c652-4f77-97de-5b094e746626/agenda?session=1452408b-c822-4664-87b8-38ce1276247bLearn more and catch more stories from RSA Conference 2025 coverage: https://www.itspmagazine.com/rsa-conference-usa-2025-rsac-san-francisco-usa-cybersecurity-event-infosec-conference-coverageCatch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More

Legal Speak
Live from LegalWeek with John Vincenzo & Anthony Diaz

Legal Speak

Play Episode Listen Later Apr 11, 2025 10:21


Just when you thought you couldn't get your fill of Legal Tech  ... we're back !! This year's LegalWeek conference, hosted by ALM Media and Law.com, was held in New York City from March 24th through March 27th.  More than 6,000 of the biggest names in the industry gathered at the New York Hilton Midtown for the four-day conference.  And yes ... Legal Speak was there conducting live interviews with the best and brightest. In this episode, hosts Patrick Smith and Cedra Mayfield sat down with Exterro's John Vincenzo, the Chief Marketing Officer, and Anthony Diaz, the Chief Information Security Officer.   Hosts: Cedra Mayfield & Patrick Smith Guests: John Vincenzo & Anthony Diaz Producer: Charles Garnar    

The New CISO
What Can Cutting Cake Teach a CISO?

The New CISO

Play Episode Listen Later Apr 10, 2025 45:35


In this episode of The New CISO, host Steve Moore speaks with Rich Durost, Chief Information Security Officer at Froedtert ThedaCare Health, about his journey from West Point cadet to cybersecurity leader—and what slicing cake has to do with building effective security programs.Drawing from 23 years in the military and over 15 years in cybersecurity, Rich shares how discipline, preparation, and teamwork—skills first sharpened during plebe year dessert duty—translate directly into the responsibilities of a CISO. He reflects on the shift from tactical to strategic thinking, the value of mentoring deputies, and why authentic leadership and relationship-building are vital in today's remote work environment.Rich also explores the unique challenges of healthcare cybersecurity, the importance of aligning with clinical goals, and how CISOs can move from being the "department of no" to strategic business enablers by simply asking “how” instead of “no.”Whether you're a rising security professional or a seasoned executive, you'll gain practical leadership takeaways—and maybe a new appreciation for cake.

Cybercrime Magazine Podcast
Next Level CISO. Leadership In Security. Greg Crowley, eSentire & Craig Peppard, Ivari Canada.

Cybercrime Magazine Podcast

Play Episode Listen Later Apr 10, 2025 20:51


Craig Peppard is the Vice President & Chief Information Security Officer at Ivari Canada. In this episode, he joins host Heather Engel and Greg Crowley, CISO at eSentire, to share insights on leadership in security, including the issue of gatekeeping in the industry, why practitioners need a diverse skill set beyond technical talent, and more. Next Level CISO is a Cybercrime Magazine podcast brought to you by eSentire, the Authority in Managed Detection and Response. eSentire's mission is to hunt, investigate and stop cyber threats before they become business disrupting events. To learn more about our sponsor, visit https://esentire.com

CISO Tradecraft
#227 - The 30 Year CISO Evolution

CISO Tradecraft

Play Episode Listen Later Apr 7, 2025 28:34 Transcription Available


Ever wonder how the CISO role went from obscure techie to boardroom MVP? In this episode of CISO Tradecraft, G Mark Hardy takes you on a journey through the evolution of the Chief Information Security Officer — from Steve Katz's groundbreaking appointment at Citibank in 1995 to the high-stakes, high-impact role CISOs play today. Transcripts: https://docs.google.com/document/d/1FlKBW6zlVBqLoSTQMGZIfz--ZLD_aS9t/edit   Chapters 00:00 Introduction to the Evolution of the CISO Role 00:58 The First CISO: Steve Katz's Pioneering Journey 03:58 Rise of Security Certifications 08:39 Regulatory Wake-Up Calls and Compliance 12:23 Cybersecurity in the Age of State-Sponsored Attacks 17:58 The Impact of Major Cyber Incidents 25:07 Modern Challenges and the Future of the CISO Role 27:51 Conclusion and Final Thoughts

Packet Pushers - Full Podcast Feed
PP056: Ask A CISO with Joe Evangelisto

Packet Pushers - Full Podcast Feed

Play Episode Listen Later Apr 1, 2025 38:30


On today's show, we chat with Joe Evangelisto, CISO at NetSPI. He recounts his journey to becoming a Chief Information Security Officer, one that started as an IT sysadmin, advanced to management, and led him ultimately to the CISO role. Joe talks about building security programs from the ground up and developing both personally and... Read more »

Packet Pushers - Fat Pipe
PP056: Ask A CISO with Joe Evangelisto

Packet Pushers - Fat Pipe

Play Episode Listen Later Apr 1, 2025 38:30


On today's show, we chat with Joe Evangelisto, CISO at NetSPI. He recounts his journey to becoming a Chief Information Security Officer, one that started as an IT sysadmin, advanced to management, and led him ultimately to the CISO role. Joe talks about building security programs from the ground up and developing both personally and... Read more »

Becker’s Healthcare Podcast
Steven Ramirez, Chief Information Security Officer at Renown Health

Becker’s Healthcare Podcast

Play Episode Listen Later Mar 30, 2025 21:08


Steven Ramirez, Chief Information Security Officer at Renown Health, shares insights on improving the end-user experience through continuous adjustments and support. He emphasizes the importance of clearly articulating risk to drive strategic investments and ensuring those investments deliver value. Ramirez also discusses his proactive approach to setting himself up for long-term success in the evolving healthcare landscape.

Afternoon Cyber Tea with Ann Johnson
Building Resilient Security Teams with Ryan Field

Afternoon Cyber Tea with Ann Johnson

Play Episode Listen Later Mar 25, 2025 22:36


Ryan Field, Executive Vice President & Chief Information Security Officer at Bank of Hawaii joins Ann on this week's episode of Afternoon Cyber Tea. With over two decades of experience in IT and cybersecurity, Ryan shares his approach to security leadership; and the importance of fostering collaboration and diverse perspectives. He discusses the unique challenges of cybersecurity in banking and financial services, how organizations across Hawaii are coming together to build a more resilient security workforce, and how shifting from enforcers to influencers is transforming security culture.     Resources:   View Ryan Field on LinkedIn         View Ann Johnson on LinkedIn          Related Microsoft Podcasts:      Microsoft Threat Intelligence Podcast   The BlueHat Podcast    Uncovering Hidden Risks              Discover and follow other Microsoft podcasts at microsoft.com/podcasts         Afternoon Cyber Tea with Ann Johnson is produced by Microsoft and distributed as part of N2K media network. 

MINDSET ZONE
Surfing the AI Wave: A Conversation with Diana Kelley on Security and Innovation

MINDSET ZONE

Play Episode Listen Later Mar 7, 2025 30:24


Organizations need to understand what AI can do and can't do. Start creating the best use cases within their organizations and also train people on how to use them responsibly." - Diana Kelley In this episode, host Ana Melikian delves into the pivotal role of Artificial Intelligence (AI) in today's world, particularly in the business world. Joined by guest Diana Kelley, a seasoned Chief Information Security Officer at ProtectAI, they explore the integration of AI into our daily lives and the business sphere. Ana and Diana discuss the importance of understanding AI's capabilities and limitations, likening it to a hundred-foot wave that businesses need to learn to surf rather than be overwhelmed by. They emphasize the necessity of increasing AI literacy to make informed decisions and identify the best use cases within organizations. Diana sheds light on the potential risks and vulnerabilities of AI, including data privacy concerns and the need for responsible adoption. Organizations are encouraged to enhance their security measures and train employees to use AI effectively and safely. As Ana and Diana examine AI's rapid advancement, they highlight the critical balance between embracing innovation and maintaining security. The conversation is filled with insightful analogies and expert advice, making it a must-listen for anyone interested in navigating the complexities of AI in business and security. Let's dive in! This week on the MINDSET ZONE: 00:00 Introduction to AI in Everyday Tools 01:02 Meet Diana Kelly: Cybersecurity Powerhouse 01:49 The AI 100-foot Wave 03:42 Understanding AI Risks and Vulnerabilities 11:43 AI Literacy: A Necessity for All 18:02 Data Privacy and Security Concerns 26:00 Resources for AI Literacy and Security 29:25 Conclusion and Final Thoughts About The Guest Diana Kelley is the Chief Information Security Officer (CISO) for Protect AI. She also serves on the boards of WiCyS, The Executive Women's Forum (EWF), InfoSec World, CyberFuture Foundation, TechTarget Security Editorial, and DevNet AI/ML. Diana was Cybersecurity Field CTO for Microsoft, Global Executive Security Advisor at IBM Security, GM at Symantec, VP at Burton Group (now Gartner), a Manager at KPMG, CTO and co-founder of SecurityCurve, and Chief vCISO at SaltCybersecurity. Her extensive volunteer work has included serving on the ACM Ethics & Plagiarism Committee, Cybersecurity Committee Advisor at CompTIA, CTO and Board Member at Sightline Security, Advisory Board Chair at WOPLLI Technologies, Advisory Council member Bartlett College of Science and Mathematics, Bridgewater State University, and RSAC US Program Committee. She is a sought-after keynote speaker, the host of BrightTALK's The (Security) Balancing Act, co-author of the books Practical Cybersecurity Architecture and Cryptographic Libraries for Developers, instructor for the LinkedIn Learning classes Security in AI and ML and Introduction to MLSecOps, has been a lecturer at Boston College's Masters program in cybersecurity, one of AuditBoard's Top 25 Resilient CISOs in 2024, a 2023 Global Cyber Security Hall of Fame Inductee, the EWF 2020 Executive of the Year and EWF Conference Chair 2021-Present, an SCMedia Power Player, and one of Cybersecurity Ventures 100 Fascinating Females Fighting Cybercrime. Connect with: Linkedin.com/in/dianakelleysecuritycurve ProtectAI.com Resources: NIST AI RMF: https://www.nist.gov/itl/ai-risk-management-framework OWASP AI Sec: https://genai.owasp.org/ OWASP AI Security and Privacy Guide: https://owasp.org/www-project-ai-security-and-privacy-guide/ MITRE ATLAS: https://atlas.mitre.org/ MLSecOps Community: https://mlsecops.com/ LinkedIn Learning: Introduction to MLSecOps Security Risks in AI and Machine Learning: Categorizing Attacks and Failure Modes Related Content: Expand What's Possible

Unchained
How the $1.5 Billion Bybit Hack Could Have Been Prevented - Ep. 791

Unchained

Play Episode Listen Later Feb 28, 2025 43:51


Crypto derivatives exchange Bybit just became the latest victim of North Korea's elite hacking unit, the Lazarus Group. They didn't brute-force their way in. They didn't exploit some obscure vulnerability. Instead, they tricked a trusted developer, slipped in malicious code, and took off with a fortune. How did this happen? Why was $1.5 billion sitting in a single wallet? What mistakes did Bybit and Safe make? And, more importantly, what needs to change to stop this from happening again? This week, Mudit Gupta, chief information security officer at Polygon, joins Unchained to expose the security failures, the sophisticated tactics Lazarus used, and why crypto still hasn't learned its lesson. Show highlights: 2:11 Mudit's experience with North Korea's Lazarus 3:24 How Lazarus perpetrated the $1.5 billion hack 5:55 Why Lazarus relies on social engineering over technical exploits 7:34 Why Bybit was so specifically targeted by the hackers 10:02 What Bybit should have done to prevent the exploit 13:12 Why Mudit believes there was “no reason” to hold so much ETH in one single wallet 15:57 Who should be a signer in multisigs 17:46 How to prevent using a malicious website 19:13 Why Safe should have done things differently, according to Mudit 19:55 How Bybit and Safe handled crisis communication 24:20 Mudit's must-know security tips for protecting your crypto Visit our website for breaking news, analysis, op-eds, articles to learn about crypto, and much more: unchainedcrypto.com Thank you to our sponsors! Mantle Guest Mudit Gupta, Chief Information Security Officer at Polygon Links Recent coverage of Unchained on the Bybit hack: North Korean Hackers Are Winning. Is the Crypto Industry Ready to Stop Them? The Chopping Block: Crypto's Worst Week? Bybit Hack, Libra Scandal, & The Memecoin Reckoning Bits + Bips: Markets Are Down Bad. When Will Crypto Recover? Unchained: Bybit Flows Return to ‘Normal' After Biggest-Ever Crypto Hack Bybit Hack Forensics Report  "Safe{Wallet} Statement on Targeted Attack on Bybit " Learn more about your ad choices. Visit megaphone.fm/adchoices