POPULARITY
Eddy Willems in gesprek met Brenno de Winter, expert informatiebeveiliging en privacy.In de nieuwste aflevering van de podcastserie 'My Precious Data' gaat Eddy Willems, Security Evangelist bij WAVCi, in gesprek met Brenno de Winter, een vooraanstaand expert op het gebied van informatiebeveiliging en privacy. Brenno is bekend om zijn diepgaande kennis en ervaring, onder andere door zijn betrokkenheid bij het kraken van de OV-chipkaart en zijn werk als Chief Security & Privacy Operations bij het Ministerie van Volksgezondheid, Welzijn en Sport in Nederland.In deze aflevering bespreken Eddy en Brenno de huidige uitdagingen en ontwikkelingen binnen de cybersecuritywereld. Ze gaan in op de balans tussen innovatie en privacy, en hoe organisaties kunnen navigeren in een tijdperk waarin digitale transformatie en beveiliging hand in hand moeten gaan. Brenno deelt zijn inzichten over de 'validatiecrisis' en het belang van kritische evaluatie van technologieën om besluitvorming ivm cybersecurity te versterken. Deze aflevering biedt luisteraars waardevolle perspectieven op hoe samenwerking en kennisdeling cruciaal zijn voor effectieve informatiebeveiliging. Het gesprek benadrukt het belang van openheid en overleg, niet alleen binnen organisaties, maar ook op internationaal niveau, om gezamenlijk de uitdagingen van cybersecurity het hoofd te bieden.
The Emergence of Innovative Partnerships: As AI becomes increasingly integral across industries, healthcare is at the forefront of adopting these technologies to improve patient outcomes and streamline services. Sean Martin emphasizes the collaboration between StackAware and Embold Health, setting the stage for a discussion on how they leverage HITRUST to enhance healthcare solutions.A Look into StackAware and Embold Health: Walter Haydock, founder and CEO of StackAware, shares the company's mission to support AI-driven enterprises in measuring and managing cybersecurity compliance and privacy risks. Meanwhile, Steve Dufour, Chief Security and Privacy Officer of Embold Health, describes their initiative to assess physician performance, guiding patients toward top-performing providers.Integrating AI Responsibly: A key theme throughout the conversation is the responsible integration of generative AI into healthcare. Steve Dufour details how Embold Health developed a virtual assistant using Azure OpenAI, ensuring users receive informed healthcare recommendations without long-term storage of sensitive data.Assessment Through Rigorous Standards: Haydock and Dufour also highlight the importance of ensuring data privacy and compliance with security standards, from conducting penetration tests to implementing HITRUST assessments. Their approach underscores the need to prioritize security throughout product development, rather than as an afterthought.Navigating Risk and Compliance: The conversation touches on risk management and compliance, with both speakers emphasizing the importance of aligning AI initiatives with business objectives and risk tolerance. A strong risk assessment framework is essential for maintaining trust and security in AI-enabled applications.Conclusion: This in-depth discussion not only outlines a responsible approach to incorporating AI into healthcare but also showcases the power of collaboration in driving innovation. Sean Martin concludes with a call to embrace secure, impactful technologies that enhance healthcare services and improve outcomes.Learn more about HITRUST: https://itspm.ag/itsphitwebNote: This story contains promotional content. Learn more.Guests: Walter Haydock, Founder and CEO, StackAwareOn LinkedIn | https://www.linkedin.com/in/walter-haydock/Steve Dufour, Chief Security & Privacy Officer, Embold HealthOn LinkedIn | https://www.linkedin.com/in/swdufour/ResourcesLearn more and catch more stories from HITRUST: https://www.itspmagazine.com/directory/hitrustView all of our HITRUST Collaborate 2024 coverage: https://www.itspmagazine.com/hitrust-collaborate-2024-information-risk-management-and-compliance-event-coverage-frisco-texasAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story
The Emergence of Innovative Partnerships: As AI becomes increasingly integral across industries, healthcare is at the forefront of adopting these technologies to improve patient outcomes and streamline services. Sean Martin emphasizes the collaboration between StackAware and Embold Health, setting the stage for a discussion on how they leverage HITRUST to enhance healthcare solutions.A Look into StackAware and Embold Health: Walter Haydock, founder and CEO of StackAware, shares the company's mission to support AI-driven enterprises in measuring and managing cybersecurity compliance and privacy risks. Meanwhile, Steve Dufour, Chief Security and Privacy Officer of Embold Health, describes their initiative to assess physician performance, guiding patients toward top-performing providers.Integrating AI Responsibly: A key theme throughout the conversation is the responsible integration of generative AI into healthcare. Steve Dufour details how Embold Health developed a virtual assistant using Azure OpenAI, ensuring users receive informed healthcare recommendations without long-term storage of sensitive data.Assessment Through Rigorous Standards: Haydock and Dufour also highlight the importance of ensuring data privacy and compliance with security standards, from conducting penetration tests to implementing HITRUST assessments. Their approach underscores the need to prioritize security throughout product development, rather than as an afterthought.Navigating Risk and Compliance: The conversation touches on risk management and compliance, with both speakers emphasizing the importance of aligning AI initiatives with business objectives and risk tolerance. A strong risk assessment framework is essential for maintaining trust and security in AI-enabled applications.Conclusion: This in-depth discussion not only outlines a responsible approach to incorporating AI into healthcare but also showcases the power of collaboration in driving innovation. Sean Martin concludes with a call to embrace secure, impactful technologies that enhance healthcare services and improve outcomes.Learn more about HITRUST: https://itspm.ag/itsphitwebNote: This story contains promotional content. Learn more.Guests: Walter Haydock, Founder and CEO, StackAwareOn LinkedIn | https://www.linkedin.com/in/walter-haydock/Steve Dufour, Chief Security & Privacy Officer, Embold HealthOn LinkedIn | https://www.linkedin.com/in/swdufour/ResourcesLearn more and catch more stories from HITRUST: https://www.itspmagazine.com/directory/hitrustView all of our HITRUST Collaborate 2024 coverage: https://www.itspmagazine.com/hitrust-collaborate-2024-information-risk-management-and-compliance-event-coverage-frisco-texasAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story
Guest: Malcolm Harkins, Chief Security and Trust officer at HiddenLayer, former CISO at Intel, and fellow at the Institute for Critical Infrastructure Technology (ICIT)On LinkedIn | https://www.linkedin.com/in/malcolmharkins/Host: Matthew RosenquistOn ITSPmagazine
[NEW EPISODE] - UNLOCKED FROM THE VAULT - Orlando Live Podcast Tour at the Loews Portofino Bay Hotel on Saturday, March 18th, 2023
The security challenges we face today are more complex, less predictable and faster evolving than at any point in recent history. When Fran Racioppi isn't hosting the Jedburgh Podcast he runs FRsix, his security company. From this year's industry trade show, Global Security Exchange, Fran sat down with International SOS, the global leader in health and security services, to dig deep on today's biggest threats. International SOS cares for over 9000 organizations in 1000 locations across 90 countries. They field over 11,000 calls for assistance each day. Sally Llewellyn is the global security Director of information and Analysis. Kelly Johnstone served as the Chief Security Officer at Coca Cola. Dr. Mark Fischer is the Regional Medical Director for the Americas. They explain why intelligence is so important in the decision making process for executives of any organization.They define Duty of Care and how it's evolved as we've transitioned from workplace to remote work. They also explain the importance of developing networks of influence, whether that be for intelligence to understand what's happening, or medical support to help people in their time of need. Finally, they break down the roles of the Chief Security officer and analysts and how the information they provide to decision makers is critical for the resiliency of an organization.The world is evolving faster than ever seems to change on a minute-by-minute basis. Our job as leaders is to understand what's happening out there, how it affects our people and our business, and then make decisions and bring in the resources that keep us successful, no matter the challenge. Protection of our people starts with us as leaders. Take the first step today. Learn more on The Jedburgh Podcast Website. Subscribe to us and follow @jedburghpodcast on all social media. Watch the full video version on YouTube. Highlights:0:00 Welcome to the International SOS Booth as GSX3:37 Kelly's lessons from NCIS, to Customs to leading Coca-Cola4:03 Sally explains why intelligence is the first step to decision-making10:22 The evolution of “Duty of Care”17:18 How preparation transitions organizations from react to response21:25 Mark shares how to respond to medical crisis in the most austere parts of the world26:52 The influence of the chief security in executive risk management32:10 The biggest threats to the world todayQuotes: “The threats we're looking at today…are just so much more difficult to predict.” (5:34) “What's going on in the world? What might happen next? To try and inform really good decision-making.” (7:41)“Mitigating risk doesn't eliminate risk. Where there's a medical case there's often security. (9:13)“If you're on a conference call in your car now, do I have a duty of care if you get in a car wreck?” (12:00)“Intelligence doesn't just serve you from a security perspective…it's a business enabler.” (28:30) “Our job there is to ensure that the environment is conducive for the business to meet business objectives.” (29:00) “You are the problem solver, so you get the call on everything.” (30:13)
Nick Espinosa, Chief Security Fanatic, CIO, Columnist, Author, Radio Host, Board Member, Forbes Tech Council & TEDx Speaker Forbes.com Securityfanatics.com Show Notes About The Guest(s): Nick Espinosa is a cybersecurity expert, author, and speaker. He is the founder of Security Fanatics, a company that specializes in cybersecurity and risk management. With over two decades of experience in the field, Nick has worked with clients ranging from small businesses to Fortune 100 companies. He is passionate about educating individuals and organizations on the importance of cybersecurity and helping them develop effective defense strategies. Summary: Nick Espinosa is a cybersecurity expert and the founder of Security Fanatics. In this episode, he discusses the biggest threats to personal and business security in 2023, emphasizing the importance of educating individuals on cybersecurity. He also talks about the role of artificial intelligence (AI) in cybersecurity and the potential risks associated with AI in the future. Nick highlights the need for customized cybersecurity solutions and risk assessment for each organization. He also shares insights on the impact of AI on disinformation campaigns and the challenges of detecting AI-generated content. Key Takeaways: The human factor is the biggest threat to cybersecurity, as many individuals lack the necessary knowledge and understanding of cybersecurity risks. AI is becoming increasingly sophisticated and can be used by hackers to exploit vulnerabilities and launch cyber attacks. Education and training on cybersecurity should start at an early age to ensure individuals are aware of the risks and can make informed decisions. The future of AI in cybersecurity is uncertain, as AI algorithms can learn from other AI models, leading to a dilution of accuracy and reliability. Security theater, such as airport security measures, can create a false sense of security and may not effectively prevent threats. Quotes: "If there's a vulnerability, it will be exploited." - Nick Espinosa "We are so distrusting. We are so disoriented. And this is essentially where we're heading." - Nick Espinosa "Security theater... It's literally the term for it." - Nick Espinosa About Nick Espinosa For over 25 years, Nick has been on a first name basis with computers. Since the age of 7 he's been building computers and programming in multiple languages. Landing his first IT job at age 15, Nick founded Windy City Networks, Inc at 19 which was acquired in 2013. In 2015 Nick created Security Fanatics, a Cybersecurity/Cyberwarfare outfit dedicated to designing custom Cyberdefense strategies for medium to enterprise corporations. An expert in cybersecurity and network infrastructure, Nick has consulted with clients ranging from the small business owners up to Fortune 100 level companies for decades. Nick has designed, built, and implemented multinational networks, encryption systems, and multi-tiered infrastructures as well as small business environments. He is passionate about emerging technology and enjoys creating, breaking, and fixing test environments. As a member of the Board of Advisors for Roosevelt University's College of Arts and Sciences as well as their Center for Cyber and Information Security, the Official Spokesperson for the COVID-19 Cyber Threat Coalition and a board member of Bits N' Bytes Cybersecurity Education, contributor to the Cyber Peace Institute, Strategic Cybersecurity Advisor for the Private Directors Association and humanID as well as the President of The Foundation for a Human Internet, Nick helped to create an NSA certified curriculum that will help the Cybersecurity/Cyberwarfare community to keep defending our government, people and corporations from Cyber threats globally. In 2017 Nick was accepted into the Forbes Technology Council, an invitation-only community for world-class CIOs, CTOs and technology executives,
Welcome to our Hack Podcast, where we have the pleasure of featuring the only Nick Espinosa joining us from across the pond. We are thrilled to have Nick here with us after Leon and Dean had the privilege of collaborating with him in Amsterdam as part of IT Nation Evolve. Imagine sitting at a dinner table, and someone leans over and asks Nick, What is it that you do?" Nick's response is always intriguing. He looks them straight in the eye and says, "I lie to you." They usually say really, and he replies 'no'. Of course, this usually catches them off guard, but it's just his way of injecting humour into the conversation. In reality, Nick is deeply involved in cyber security, with his company specialising in cyber warfare, cyber terrorism, infrastructure, and government compliance. And it's not just limited to the US government; they also handle compliance on a global scale, including GDPR. Nick's expertise extends beyond his company Security Fanatics; he is a regular contributor to Forbes, a seasoned TED talk speaker, and even hosts a syndicated radio show in the USA. Nick's job title says it all, he thrives in the fast-paced world of cyber security. He always seeks new challenges and never likes to be bored. Join us as we deep dive into the fascinating world of Nick Espinosa and gain insights into the ever-evolving realm of cyber security.
Norm Murray speaks with Tony Anscombe, Chief Security Evangelist with ESET Canada. For 30 years, his company has developed industry-leading IT security software and services to protect businesses, critical infrastructure, and consumers worldwide from increasingly sophisticated digital threats. And now they apply this wisdom to the recent auto theft epidemic. http://www.eset.com
Connect with Morgan Wright: https://www.linkedin.com/in/morganwright150/Follow the Game of Crimes Podcast - https://gameofcrimespodcast.com/ Subscribe to the Game of Crimes Membership on Patreon! https://www.patreon.com/gameofcrimes SponsorAnd before we jump into today's episode, this podcast is sponsored by @Sentinelone-inc SentinelOne redefines cybersecurity by pushing the boundaries of autonomous technology —with its singularity XDR platform— SentinelOne is the leader in endpoint protection and beyond. Simply put they stop the bad guys. To learn more about SentinelOne, check out https://www.sentinelone.com Timestamps0:00 Intro 3:12 The Ultimate Meritocracy: 08:09 K9s4COPs 19:48 Controlled, Classified, Confidential 21:25 "One lesson I've learned after investigating crimes: you follow the facts. Too many people want to change the facts to fit their theory. You don't do that. You change your theory to fit the facts." 29:14 The Fifth Domain 36:03 Background 01:38:51 Part II: Cyberspace A History: The Coming Cyberspace Cold War with Russia 01:49:46 Cyberwarfare and the Strategy of "Low-Intensity Conflict" 01:59:29 Part III: Cybersecurity Threats Coming up in 2023 02:01:19 Deep Fake, AI, ChatGPT 2:22:00 Outro Whenever you're ready, here is the one way I can help you:→ Join the TechTables+ Community Today https://www.techtables.com/membership. Listen on:
The role of the Chief Information Security Officer (CISO) is growing, and the scope of digital business intensifies. Among board directors, 64% say their organization is trying to significantly alter its economic architecture to put more emphasis on digital (revenues, margins, productivity, etc.). At the same time, 88% say they recognize cybersecurity is a risk to the business.A great CISO has the ability to assess and prioritize appropriate assets that need to be protected. Understand and prioritize the risks to those assets. Convey those risks in terms that boards can understand to allocate necessary budgets. Identify and implement appropriate controls to protect those assets.In this PodChats for FutureCISO, we are joined by Apol Salud, Chief Security and Digital Officer for Gur Lavi Corporation.1. How has the role of the CISO shifted in the current environment?2. When demonstrating business value, what is one of the most important strategies for CISOs to keep in mind?3. How do you juggle the differing expectations, interests, and demands of leaders in your organisation, as well as users, third-party business partners, regulators, and customers?4. Coming into 2023, what will be the key challenge facing the CISO?5. What makes for a successful CISO? What one quality do you think will prove most valuable to a CISO's future?6. Where do you see the CISO career moving?
In this episode, Ty Sbano, an Information Security executive with over 17 years of experience heavily focused on empowering end users securely, talks about “Empathy-Driven Process Development.” He speaks about driving change and how we are changed by empathy. Key takeaways: What is empathy-driven process development Taking yourself out of the equation when changing processes How fast do you want to drive change Understand the impact of change on people The larger the scale of the impact, the more time you might need Understanding your change curve and having your champions Avoiding thrash by making only a finite number of touches to your process Intentional process development Thinking about the process, so your successor is set up for success About today's guest: Ty Sbano is an Information Security executive with over 17 years of experience heavily focused on empowering end users securely. Ty currently serves as Vercel's Chief Information Security Officer (CISO). Previously, Ty was the Chief Security & Trust Officer at Sisense. Ty's career has been focused on developing application and product security programs for Capital One, JPMorgan Chase, LendingClub, and Target. Key areas of knowledge include developing security champions, threat modeling, secure code training, static code analysis, component analysis, dynamic analysis, penetration testing, and red teaming. Outside of being a CISO, Ty is an active angel investor in Silicon Valley CISO Investment Groups (SVCI) and advisor to Cider Security, Nightfall.ai, and Identify Security. Ty's security mentality has been concentrated on enabling engineering and product teams to move securely at the speed of the business to make it a competitive advantage. Ty graduated from Penn State University with a B.S. in Information Science & Technology and from Norwich University with a M.S. in Information Assurance. He currently holds a CISSP, CEH, CCSK, and CPT. LinkedIn: https://www.linkedin.com/in/tysbano/ Thank you so much for checking out this episode of The Tech Trek, and we would appreciate it if you would take a minute to rate and review us on your favorite podcast player. Want to learn more about us? Head over at https://www.elevano.com Have questions or want to cover specific topics with our future guests? Please message me at https://www.linkedin.com/in/amirbormand (Amir Bormand)
Security is one of our basic, most fundamental needs. To keep up on the latest trends in security Fran Racioppi traveled to the Global Security Exchange in Atlanta to sit down with retired Chief Security Officers Rich Davis of United Airlines and Steve Bernard of Sony Pictures.Rich oversaw United's response to the 9/11 attacks involving two of United airplanes. Steve led Sony through the North Korean cyber attack after the premier of The Interview starring Seth Rogan and James Franco. They cover the evolution of the industry, the threats we face in both the physical and cyber domains, how thought leaders are needed in senior security positions, and how we build a security culture in our organizations. The world is a complex place and today's companies require dedicated support for the protection of their number one asset - their people. International SOS is the industry leader in travel risk management, medical support, evacuations, mental health, crisis management and workforce resilience. On the ground in over 90 countries and 1000 locations, International SOS is there 24/7 no matter the challenge. Learn more at InternationalSOS.com and @intlsos. Steve Bernard is the Founder of Bernard Global and Rich Davis is the founder of Rich Davis Security Consulting. Read the full episode transcription here and learn more on The Jedburgh Podcast Website. Watch the full video version of Fran's conversation with Steve and Rich on YouTube. Subscribe to us and follow @jedburghpodcast on all social media. Highlights:-0:00 Welcome to the International SOS booth, GSX and ASIS International-6:29 The chief security officer as a thought leader-15:01 Rich's career at United Airlines from the kitchen to chief security officer-19:27 Steve's transition from Vietnam Veteran to Corporate Security-23:30 The evolution of the security industry-26:00 Prioritizing security at United Airlines and Sony Pictures -33:47 North Korea's hack of Sony Pictures-37:37 The impact of 9/11 on United and the hack on cyber-45:14 The next generation of security leadership and the remote workforce-53:05 The role of International SOS-59:55 Three Daily FoundationsQuotes: -”We're all about assessing risk, assessing threats and how to counter those threats, because the most important thing we do is protect people and assets.” (10:08) -”Crisis management begins long before the crisis has arrived.” (12:26)-”I worked for United Airlines for 40 years. I actually started in the kitchen.” (16:22)-”A CSO doesn't have to be the expert in all this. They have to figure out how do they add the greatest value and to set the strategy, lead the team.” (21:28)-”Everything's a priority, that was my mindset.” (29:39)-”When you connected, the meltdown on your hard drive started. ” (35:22)-”They're in 27 different call centers around the world.” (55:10)This episode is brought to you by Jersey Mike's, 18A Fitness, and Analytix Solutions
Beth Anne Bygum is the SVP and Chief Security & Compliance Officer at Acxiom. In this episode of The Modern Security Architecture, Beth Anne joins host Hillarie McClure to discuss the three must-have investments needed while managing through uncertainty. Safebreach provides a breach and attack simulation platform that identifies vulnerabilities in cybersecurity environments by mimicking the likely attack paths and techniques used by malicious actors. To learn more about our sponsor, visit https://safebreach.com
Mark Freedman, CEO / Founder of Rebel Global Security and former Chief of Section in the Counter-Terrorism Bureau at the US State Department discusses the need for Chief Security Officers to be more proactive on issues of national security including cyber, terrorism, and other issues related to financial crime.
Clean Talk - The State of Infection Control w/ Brad Whitchurch
In this week's episode of Clean Talk, William Lewis, General Counsel and Chief Security & Privacy Officer at MORE Health, joins us to reveal the solutions his company provides to improve healthcare overall.Tune in to hear about a range of topics including:• How the innovation of telemedicine is growing the market for American doctors.• How important expert medical second opinions are.• What it's like pushing new methods of caretaking through healthcare systems.• What telemedicine could mean to the reduction of hospital acquired infections.• And more!William Lewis is the General Counsel and Chief Security & Privacy Officer at MORE Health. MORE Health helps improve patient outcomes by connecting patients from around the world with physicians at leading academic medical centers. Healthcare is highly regulated in all jurisdictions and Will manages MORE Health's legal and regulatory risk. Before joining MORE Health, Will was in private litigation practice. He obtained his LL.M. in Taxation from New York University School of Law and his B.A. from Pomona College.Clean Talk Registration: https://cleantalk.onlineClean Talk Official Website: https://cleantalk.tvClean Talk Youtube: https://youtube.com/CleanTalk_TVLinkedin Group: https://linkedin.com/groups/9094477/Facebook Group: https://facebook.com/groups/986587845276744
Host Catherine Short welcomes William J McBorrough, co-Founder and Chief Security Advisor at MCGlobalTech, a D.C.-based Information Security Consulting Firm on the topic of “How to Combat Ransomware in Healthcare.” They examine how ransomware attacks have impacted thousands of organizations worldwide with the healthcare sector having been the most targeted. They discuss the state of ransomware in the healthcare sector and best practices to prepare your organization from the inevitable attacks. To stream our Station live 24/7 visit www.HealthcareNOWRadio.com or ask your Smart Device to “….Play Healthcare NOW Radio”. Find all of our network podcasts on your favorite podcast platforms and be sure to subscribe and like us. Learn more at www.healthcarenowradio.com/listen
Morgan Wright joins David Webb to discuss voting software vulnerabilities in some states.
Let's talk about digital identity with Rachel O'Connell, Founder & CEO, and Nicky Hickman, Product Innovation Manager, at TrustElevate. In episode 70, Nicky Hickman and Rachel O'Connell of TrustElevate discuss children's digital identity – why this is so important, what challenges are currently being faced and what solutions need to be put in place to help protect children within the digital landscape. [Transcript below] "There is a clear and present need for regulatory drivers to enhance children's safety online to ensure the companies are held accountable and are transparent in terms of the measures that they take to keep kids safe online. And critical and central to that is digital identity." Nicky Hickman Nicky Hickman is a freelance product & innovation manager based in the UK with international experience in APAC, Europe and Africa. With a background in telecoms she has worked with digital identity and personal data markets for ~20 years researching, designing and delivering multi-channel large scale CIAM services and strategies for clients including Vodafone, O2, GSMA, Barclays, Sky and Verizon. In the last 5 years she has been a contributor to open-source communities at the Sovrin Foundation, where she served as a Trustee and Chair of the Identity for All Council, and at Trust over IP Foundation where she is a co-chair of the Human Experience Working Group. Nicky is also an active researcher and is an industry contributor and guest lecturer at the University of Jyväskylä's Blockchain & Digital Identity Start-Up Lab in Finland. Find Nicky on LinkedIn. Dr. Rachel O'Connell Dr Rachel O'Connell is a leading expert on online child safety. Her PhD examined paedophile activity online and the implications for investigative strategies. Rachel set up the first UK Internet safety centre in 2000; she was Chief Security office for Bebo a social networking platform 2006-2010. Rachel is the founder of TrustElevate, author of a technical standard published by the British Standards Institution that describes how to verify the age band a person belongs in a privacy-preserving, secure manner. Find Rachel on LinkedIn. We'll be continuing this conversation on Twitter using #LTADI – join us @ubisecure! Podcast transcript Let's Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Oscar Santolalla: Hello and welcome to this new episode. And today, we'll talk about enabling and protecting children's digital identity. And for that, we have two guests who are working together in this very important issue. Let me introduce my first guest, it's Nicky Hickman. She is a Freelance Product and Innovation Manager based in the UK with international experience in the Asia Pacific, Europe and Africa. With a background in telecoms, she has worked with digital identity and personal data markets for 20 years researching, designing and delivering multichannel, large-scale CIAM services and strategies for clients including Vodafone, O2, the GSMA, Barclays, Sky, and Verizon. All of Nicky's recent work focuses on using digital identity to promote socio-economic inclusion, and impact against the United Nations Sustainable Development Goals with an underlying commercial business model that is sustainable for the long-term. For the last year, Nicky has focused on youth and child identity through work with a UNICEF YOMA programme, and with TrustElevate as a Product and Innovation Manager. Our second guest is Dr. Rachel O'Connell. She is a leading expert on online child safety. Her PhD examined paedophile activity online and the implications for investigative strategies. Rachel set up the first UK Internet Safety Centre in 2000. She was Chief Security Officer for Bebo, a social networking platform between 2006 and 2010. Rachel is the founder of TrustElevate. She's an author of a technical standard published by the British Standards Institution that describes...
In this episode, Alyssa talks to Malcolm Harkins, Chief Security & Trust Officer.________________________________It is a podcast, yes, but you can join us as we record each episode live on Twitter, LinkedIn, Facebook, and Youtube.Live, Every Wednesday at 1pm PDT | 4pm EDT (USA) | The Recorded Podcast version is published a few days later.Our ability to improve the security posture of our organizations depends heavily on connecting the security function with the various aspects of the business. Join our host, Alyssa Miller, as she and her guests examine key ways to build and secure the bridges between security, product development, the executive suite, and beyond.Listen in as Alyssa sits down with senior and executive security leaders from various industries to share stories of successes and failures we experience working across business teams. Explore practical strategies for building sponsorship and gaining buy-in for security initiatives.It's time to build and secure the bridge to the business.________________________________GuestMalcolm M HarkinsChief Security & Trust Officer at Epiphany Systems [@EpipSys]On LinkedIn | https://www.linkedin.com/in/malcolmharkins/On Twitter | https://twitter.com/ProtectToEnable________________________________HostAlyssa MillerOn ITSPmagazine
Identity and privacy are tied together to drive value for brands and consumers, and as data breeches continue to rise, cyber security is the foundation for the identity supply chain. Acxiom's Beth-Anne Bygum, Chief Security and Compliance Officer, joins the Real Identity podcast to discuss the booming cyber security business and what that means for real Identity. Cyber security is the enabler of a frictionless ecosystem, connecting brands and consumers to enable the ultimate relationship builder: trust.
Digital security and risks are some of the most significant concerns companies face. And they look for various ways to mitigate those risks and establish a safe environment for their core business operations, even implementing security solutions that merely put a band-aid on vulnerabilities.But what companies don't know is that the key to augmented security lies in asking the right questions. And changing the mindset that it's not security first, it's business first, it's people first, it's risk. And security is a supporting pillar in that.In this episode of Dr. Dark Web, Chris Roberts welcomes Joseph Carson, the Chief Security Scientist (CSS) and Advisory CISO at Delinea. They get into the role of threat intelligence in strengthening security, the importance of knowing where the threats come from, how to translate intelligence and risk to the board, and why people should always come first.
Protecting Data & the Supply Chain so deeply intertwined with everything from software to identity. Join Program Committee members Edna Conway and Diana Kelley as they discuss the challenges that folks are struggling with right now and some potential mitigation strategies. We'll explore what's happening with Log4j and other vulnerabilities as well as the need for a software Bill of Materials (SBOM). Speakers: Edna Conway, Vice President, Security & Risk Officer, Azure, VP, Chief Security & Risk Officer, Azure Microsoft Diana Kelley, CTO and Co-Founder, SecurityCurve Kacy Zurkus, Content Strategist, RSAC
This was recorded live on 01/11/22 Welcome to the Cyber Fire Fight podcast where we discuss “Fight Fire with Fire: Proactive #Cybersecurity Strategies for Today's Leaders,” a new book offering collective advice from industry experts to improve cyber strategies. Join #Fortinet's Renee Tarun, Deputy CISO, and Beth-Anne Bygum, Chief Security & Compliance Officer at Acxiom as they discuss their perspectives around the changing role of governance, risk, and compliance in #cybersecurity. #CyberFireFight
In this episode, Amy chats with Beth-Anne Bygum, Chief Security & Compliance Officer, and Dave Van Epps, a Senior Director of Delivery in Financial Services, to continue discussing the leader expectation of Lead with Business Savvy with a focus on the competencies of Business Acumen and Command Skills. Business Acumen is all about understanding Acxiom's business, our industry, our client's business and really understanding our financial processes and the role leaders play in all of these elements. Command Skills is all about using your business savvy to take stands when necessary because you understand the implications and risks of situations as they arise because of your expertise, all while maintaining relationships and getting to the desired outcomes, especially when things aren't going to plan. Show Links: Strategic Pause by Don Graumann In Our Weakness We Are Strong by Dave Van Epps The Tipping Point by Malcom Gladwell Outliers by Malcom Gladwell LeaderTalks@Acxiom is edited by Levi Gilbert.
Abbiamo parlato spesso di Talent Acquisition, vero: ma recruting e hiring sono dei processi molto diversi quando cerchi un Manager, come può essere un CTO o un Chief Security o un Engineering Manager. Come identificare la figura più adatta? E dove cercarla? Ne abbiamo parlato in questo CTO Lunch con Alex Pagnoni e la Community del CTO Mastermind. Buon ascolto! 🖖 HOST: Alex Pagnoni: imprenditore di servizio e di prodotto, https://www.axelerant.it/ (Fractional CTO) e Managing Partner di https://www.axelerant.it/ (Axelerant). Sono speaker, content creator, conduttore del CTO Show e del CTO Podcast, fondatore della https://www.ctomastermind.it/community/ (community CTO Mastermind) (+380 CTO italiani). 🤝 PARTNER: Vuoi conoscere e confrontarti con più di 270 CTO e Leader Tecnologici? Ti aspettiamo nella Community CTO Mastermind di Alex Pagnoni. Per entrare vai su https://www.ctomastermind.it/community/ (www.ctomastermind.it) Ci vediamo su Slack! Ringraziamo della partecipazione: Nicolò Risitano (CTO di GenomeUp), Roberto Luberti (AWS Cloud Architect di Overdata Sagl), Roberto Martino, Cesare D'Amico (Senior Engineering Manager di WorkWave), Roberto Beneduci (Founder & CEO di CoreTech), Mirko Di Serafino (Head of DevOps di Talent Garden). ⭐️⭐️⭐️⭐️⭐️ Il Podcast ti è piaciuto? Aiutaci a farlo a conoscere a altri CTO e leader tecnologici. Aggiungilo ai tuoi preferiti e lascia una recensione su Apple Podcast o su Podchaser!
On today's show our guest is Brad Arkin, Cisco's Chief Security and Trust Officer. Before joining Cisco (the very same day Cisco issued a work-from-home mandate in March 2020!), Brad was Adobe's first Chief Security Officer. He grew the security function from just a few employees, to over 600 globally. Early in Brad's career, he co-founded the Software Security Group at Cigital and led the Application Security practice for AtStake. He was a pioneer in software security, helping code writers in commercial settings adopt a “built-in security” approach throughout the development process rather than treating security as an afterthought.Since joining Cisco, he has led the company's rapid global Zero Trust architecture deployment to over 100,000 users across 120,000 devices in just five months. He is focused on evolving the Cisco Secure Development Lifecycle and security governance models to help accelerate Cisco's transition to software and services.Also on today's show, we invite Mitch Neff from the Beers with Talos podcast to join us, to see if we can settle the score from our 'Would I lie to you?' episode which ended in a heart breaking tie. As Ben tells his security career story, can Mitch win the title for his team? Or will he lose it all? Will anyone's dignity remain intact? Plus, Ben has been visiting the database vaults and has some excellent research on the top threats encountered by Cisco Secure Firewall, and the Secure IPS component and Snort rules used to control and inspect the traffic on the network.To see Ben's research in full, visit https://blogs.cisco.com/security/threat-trends-firewall
In this episode, Tessian's CEO Tim Sadler speaks to Ben Aung, Chief Risk Officer at SAGE. He shares his perspective on human layer risks like insider threats and human error, drawing on his experiences in his role at SAGE and also from his time as a deputy government Chief Security officer in the UK government. Looking for even more Human Layer Security insights? You can sign up to the Tessian newsletter and stay up to date .
One of the aspects where we can see how much the technology has progressed is the cloud system. Cloud has become more prevalent than on-premise IT infrastructure, mainly since it is more secure and more reliable than it used to be at its very first beginnings. But how is it like to be a part of cloud security systems, or, better said, a CSO?Ty Sbano is the Chief Security and Trust Officer at Sisense. His career journey has been pretty rich and interesting and has helped him determine his end goal: becoming a CSO. Being CSO can be stressful, which is why Ty suggests that one must be ready for the stress before committing to cybersecurity. Aside from coping with all the stress and challenges that come with cloud security, it is fundamental to have a strong mentor who will help you go through the entire process.In this episode of Cloud Security Reinvented, Ty Sbano and Andy Ellis have an insightful conversation about the basic concepts of cloud security, data analytics, risk management, and other essential aspects future CSOs will find incredibly handy.
TechSpective Podcast Episode 075 What is the job of a CISO? Malcolm Harkins, Chief Security and Trust Officer for Epiphany Systems, joins me to answer this question–among other things. We discuss the role of cybersecurity and the importance of contemplating risk. Malcolm stresses that organizations should not be caught completely off guard by things like [...] The post Malcolm Harkins Discusses the Biden Cybersecurity Summit and Effective Security appeared first on TechSpective.
Host Kevin Carroll sits down with ESET Chief Security Evangelist, Tony Anscombe for a virtual chat about all things ransomware. ESET has been helping companies enjoy safer technology with innovative multi-layered internet security solutions. Due to the pandemic, cyberattackers have been taking advantage of industries that have been hit the hardest, such as healthcare industries, municipalities, and educational facilities. These hackers also see the pandemic as an opportunity to take advantage of employees that are now working remotely on their personal devices. Listen now for a chat about how companies can protect against these attacks as they continue to evolve. Find Tony's show with Ranson Burkette, Speakeasy Security, here.
We're all familiar with home and auto insurance, but cyber security insurance? It's vital to have if you're a mid-size or above company looking to mitigate risk. In this episode of Cyber Security Inside, Malcolm Harkins joins Tom and Camille again to unpack it all. Now the Chief Security and Trust Officer at Epiphany Systems, Malcolm's over thirty-year career in the tech industry, gives him a unique perspective on the various facets to consider, so you definitely don't want to miss it. We cover: - What cyber insurance is and who might need it - How cyber insurance compares to other forms of insurance, such as home insurance or pet insurance - The kinds of expenses usually covered by cyber insurance - Whether or not cyber insurance providers employ requirements or stipulations - Why companies might or might not choose to report a compromise to the authorities and self-insure instead ... and more! Tune in for some next-level insight. The views and opinions expressed are those of the guests and author and do not necessarily reflect the official policy or position of Intel Corporation. Here are some key take-aways: - In essence, cyber insurance is like any other form of insurance - it offers a method to pay premiums and mitigate some of the potential financial impacts of either a business interruption, a lawsuit, or expenditures specifically related to a cyber event. - There are various clauses with different conditions that appear in these insurance policies, depending upon what you're trying to insure against, be it ransomware attacks, business interruption, etc. - Some of these clauses can also reduce coverage depending on factors like whether or not you patch the system, whether the antivirus was up to date, etc. - Typically the kinds of businesses that have cyber insurance policies are mid-size and above. - Companies with large market caps may opt for a level of self-insurance as a form of risk mitigation. - Compromises rarely get reported to law enforcement, whether it's because it's a nuisance or because a company wants to maintain control over its liability. - But the main hope is that, like with other forms of insurance, safety standards and hygiene will ultimately be raised by cyber insurance. Some interesting quotes from today's episode: “A company might want to maintain control over the investigation in order to limit their liability, and stay in control of the investigation versus having law enforcement come in with an unknown set of motivations and start doing things or seizing systems or collecting evidence that could disrupt the business.” “Being vulnerable doesn't mean you're exploitable.” “What we need to be able to start doing is start focusing on where we're exploitable, and not just where we're vulnerable; that will allow us to turn the dial on risk more efficiently, as well as more effectively.” “If I'm worried about a compromise, and data theft, a redundant system doesn't stop data theft.” “I think they [cyber insurance providers] will help push some level of hygiene and corrective action at the broad level.” “There's a lot of connective tissue. And without understanding that connective tissue and that exploit path, you're going to be focused on the wrong thing. You're going to say, I'm going to patch all these things, I'm gonna do all the things. And you're still going to have a connection and a pivot point. Because you can't eliminate risk.” “And I think people need to start thinking about digital extortion, well beyond just the typical unlocking of your system.” “There's evidence that the insurance industry has made a tremendous amount of impact on improving safety on things. So I'm hopeful that that will occur.”
In this episode of the Mega C-Suite Stories, Michael Cracroft, former CISO at Service NSW, joins Host, Shamane Tan, and shares what were some of the key success factors in securing the public sector. This session includes covering some of the elements of consideration in his team being able to deliver the Covid-safe check-in app securely in the pandemic times, all the way through to lessons learnt from data breaches and from his previous cloud journey - for companies moving into cloud, how to avoid opportunities missed. Michael Cracroft, SNSW's former CS&TO - https://www.linkedin.com/in/michaelcracroft/ Shamane Tan, Chief Growth Officer, Author & Cyber Risk Meetup Founder - https://www.linkedin.com/in/shamane/ Website: www.cyberriskmeetup.com
In today's episode of the podcast, we're joined by Sam Masiello, the Chief Security and Technology Officer of Beckage, a law firm specializing in technology data and security privacy. Before going on to employment with Colorado Cyber and Beckage, Sam worked on technology and security solutions for some of the email industry's largest brands, including MX Logic, return path, and Groupon. Along with our own host, Matthew Vernhout, vice president of Netcore cloud deliverability as they discuss the trends in data breaches and security in emails over the years.
Chief Security Advisor for Microsoft Azure, Mark McIntyre shares his experience in helping Microsoft's US government customers move confidently to the cloud while securing their legacy IT systems. Questions and Topics on this episode include: What are the driving forces behind organizations migrating for Microsoft Azure? What effect has the pandemic had on the speed of digital transformation regarding security? What do CISO teams need to think about in terms of defending an organization? What are the challenges and benefits that companies face with security as they move from a data center model to the cloud? What will be the impact of the President's executive order on cybersecurity? Are CISOs understanding the power of cloud-based machine learning and automation in security? Anitian's partnership with Microsoft Azure reflects an ongoing digital transformation as businesses look to expand their cloud services. Get the Anitian & Microsoft Azure FedRAMP Solution Brief here to learn how you can quickly and confidently protect and certify cloud workloads with the Anitian Compliance Automation Platform on Microsoft Azure.
In this episode of the RANE Insights podcast, we get tips from a leader in the field about what makes a great CSO.How is well-tuned is your organization’s security? In this podcast, RANE founder David Lawrence learns some best practices from Joseph DeSalvo, the Chief Security Officer at The Blackstone Group. He has more than 20 years of corporate security experience and a successful record leading federal law enforcement and global risk management and security initiatives. His first rule of thumb? Collaboration.Sign up today for RANE's Core Membership and get our daily Risk Book digest, weekly intelligence briefs on cyber, geopolitical, and financial crime, access to knowledge-sharing webinars, and breaking alerts on important risk developments.
Cyber Security Matters, hosted by Dominic Vogel and Christian Redshaw
In today's Cyber Security Matters episode, Dominic Vogel and Christian Redshaw are joined by global thought leader Malcolm Harkins, Chief Security & Trust Officer at Cymatic. Malcolm is responsible for enabling business growth through trusted infrastructure, systems, and business processes. Key areas of focus for Harkins include the ethics around technology risk, social responsibility, total cost of controls, and driving more industry accountability. He is also an independent board member and advisor. Join the conversation as we dive into: -Why executives need to care about their organization's cyber security -Whether or not cyber security should be legally mandated for all industries -What a holistic risk mindset looks like -Identifying, managing, reducing cyber risk vs. just reacting Malcolm is the author of the book: “Managing Risk and Information Security: Protect to Enable,” a book that provides thought leadership in the increasingly important area of enterprise information risk and security. Want to connect with Malcolm? Here are a couple of ways you can do just that: LinkedIn: @malcolmharkins Twitter: @ProtectToEnable
Ty Sbano is the Chief Security & Trust Officer at Sisense, a business intelligence & data analytics unicorn headquartered in New York. Sisense was originally founded in Tel Aviv and has global offices in SF, Scottsdale, London, Melbourne, Tokyo, & Kiev. Ty has been in the security industry for 15 year and has a wide range of experience across many industries at companies like Lending Club, Capital One, and Target. Given this is Ty's first CISO gig, we spent the majority of our conversation exploring how he view's his role and how he's contributed meaningful business value to the rapidly growing business. During the interview, we dig into: How has Ty come to realize the human element of security is the most important part of managing security risk? How has he led through recent challenging circumstances like the California wildfires and COVID pandemic? How did he set proper expectations for his role going all the back to his interview process to ensure he'd be able to measure the business value he'd contributed?
In this episode we meet the pioneering Lesley Kipling, former Geologist now Chief Security Advisor at Microsoft. This is a deep dive across all aspects of Next Generation Security considering the current cybersecurity threat landscape and growing areas of vulnerability from SME to Enterprise, and through IT & OT Convergence. We explore how to build Zero Trust defence in depth with technology from the latest developments in the Cyber Defence Operations Center, to advances that bring together the power of Cloud Computing with Machine Learning and integrated signals to detect and remedy issues real-time. We also discuss the importance of education, embedding security in culture, values and shared responsibility, and how to better build inclusion and diversity in the sector. And we would love your thoughts on the episode too - thanks for listening! Sally, Lesley and the #TTT Team Please join us on Twitter @techradiotttAnd our host Prof. Sally Eaves on Twitter @sallyeavesAnd LinkedIn www.linkedin.com/in/sally-eaves
Join Chad and Malcolm as they chat with Gus Thompson, Consulting Managing Director at TruDoss, about business resilience. In this episode, hear about:How one breach of a company he previously worked for led to them to learn and develop new principles of resiliency.How those principles and play book helped them when they were hit with another breach, and how much better and faster their response was.Learn why Gus distinguishes between cyber security (protects the data), and cyber resilience (protects the business).Discover why Gus defines resiliency as Cope and Recover, and how organization can learn to do better and faster the next time.Guest:Gus Thompson, Consulting Managing Director at TruDoss Hosts:Malcolm Harkins, Chief Security and Trust Officer, CymaticChad Boeckmann, Founder/CEO, TrustMAPPSponsor: TrustMAPP (https://trustmapp.com)
In this week’s episode of CISO’s Secret CISO and Host James Azar hosts Joe Davis the Chief Security Advisor for Health and Life Sciences at Microsoft joins the show to discuss the Security of Medical Devices and healthcare conundrums. Joe shares the latest about how the healthcare industry views cybersecurity and its challenges and what is taking place now post Covid-19. James and Joe talk about the “Microsoft Doctrine” which James calls the new transparency post-security breaches as the new example and operating model and much more…
Amitabh Singh, CSO & CDO for Swisscard, the largest issuer of credit cards in Switzerland, talks successful hatch battening and what is on the horizon for tech & society In this Secure In Mind episode, I enjoyed a conversation with Amitabh Singh, whose dual responsibilities at Switzerland's largest credit card issuer are as Chief Security and Chief Digital Officer for the company. Swisscard issues cards to over a million folk in Switzerland out of a population of 8 million, and ensuring they have access to their funds to keep necessary payments ticking over, especially when the use of cash diminishes due to physical necessities, is a joint responsibility of Swisscard's and other financial institutions. The initial portion of the conversation focused on what Amitabh and his team at Swisscard did to prepare themselves in the face of the crisis. As it turns out, they were already very well poised to migrate staff and operations remotely, something that would be encouraging to hear if you were one of their customers! I'll leave the rest of the discussion, including the predictions for future technological innovations and societal trends (including VR shopping!) to your ears, rather than your eyes. Listen – enjoy – share! NOTE: Sound recording is slightly iffy for some minutes in the middle thanks to either my sputtering microphone but it's more than listenable. Apologies – hazards of remote recordings! The Secure in Mind project Our mission is to greatly increase and encourage community discussion about technological and ethical issues that have done, are and will impact society on a global scale. There is a longstanding and distinct disconnect between the way information is packaged and presented to the public and the effectiveness of this presentation in terms of generating informed, considered debate. If we can take complex, important topics and present them, as best we can, in a manner that can interests people from outside the speciality, then we have surpassed our expectations. Nick Kelly Bio Nick is someone who, in many senses, is just like you; a human being trying to make sense of this existence of ours as we hurtle around a ball of gas in a sea of infinite eternity. More relevant though are his vacillations in the world amongst diverse countries and environments Collaborating, negotiating, elaborating and celebrating with fascinating people from all walks of life including politics, technology, activism, military and intelligence the world over. He brings this unique breadth of perspective to the table and has a dogged interest in pursuing the human story behind the title or policy, appreciating the fact that underneath all of our bravado, political correctness and dichotomous states of creation and destruction, we are, after all, merely mortals trying to make the best of it.
SecureConnection Podcast: IT Security/Security Experts for MSP’s
Brian talks risk appetite with James Bowers II, CEO and Chief Security and Information Officer with Input Output. James takes the 10,000 ft. view and breaks down risk, both quantitatively and qualitatively and then gives some good insights on determining where you are at and what really is needed for you to become compliant. In many cases we may already be well on our way.
In this episode, guest Ben johnson, co-founder and CTO of Obsidian Security, discusses how he got into cybersecurity (after seeing the movie "Enemy of the State"), got into US intelligence, got tired of the polygraphs, and ultimately ended up co-founding Carbon Black. It's a fascinating journey!Today, Ben is focused on continuous security monitoring of SaaS environments, and figuring out how a security team can protect their organization's SaaS accounts that they don't even have access to!Guest:Ben Johnson, Co-Founder and CTO, Obsidian Security Hosts:Malcolm Harkins, Chief Security and Trust Officer, CymaticChad Boeckmann, Founder/CEO, TrustMAPPSponsor: TrustMAPP (https://trustmapp.com)
As part of our CheckMates Fest, Check Point's Chief Security Advisor Dan Wiley gave us an overview of what Incidence Response saw in 2020 in terms of threats. To see what Dan Wiley looked like during his presentation, head over to the show page on CheckMates.
1:00 - Harkins explains his role 7:30 - “Motivating others to want to struggle for shared aspirations” 10:00 - Why cybersecurity teams should be “first-movers” 13:30 - “If you lead with compliance, you might not get security/privacy”19:00 - The security industry accepts too much failure 21:00 - Reducing risk, reducing cost, reducing friction25:00 - Challenge what’s working and what’s not 27:30 - Fear-mongering in computing 33:00 - Advice to risk managers (and a shameless plug) LINKSMalcolm Harkins on LinkedInMalcom's Books:Managing Risk and Information Security: Protect to EnableThe Ransomware Assault on the Healthcare Sector CREDITSProduced by Kai HellbergMusic by Isaac Chambers – ‘Change’
In this episode, guest Drew Spaniel walks us through the new law passed in late 2020, The IoT Cybersecurity Improvement Act of 2020 (HR 1668), and how if will affect not just US federal government procurement, but IoT device manufacturers, and consumers as well.The Act calls for IoT devices to be secured by manufacturers based on NIST guidance and cybersecurity best practices. From the Congessional Budget Office: "Under H.R. 1668, NIST also would publish standards for federal agencies, contractors, and vendors to systematically report and resolve security vulnerabilities for IoT devices. Each agency’s chief information officer would be required to ensure compliance. OMB would establish federal standards for that coordinated reporting process that are consistent with NIST’s standards and guidelines."Guest:Drew Spaniel, Lead Researcher, ICIT (Institute for Critical Infrastructure Technology)Hosts:Malcolm Harkins, Chief Security and Trust Officer, CymaticChad Boeckmann, Founder/CEO, TrustMAPPSponsor: TrustMAPP (https://trustmapp.com)
In this episode, guest John Prokap discusses the cyber security needs of small and mid-sized businesses, and if and when they need to hire a CISO. His discussion with hosts Malcolm and Chad covers:Why SMBs absolutely need a security programHow and when to hire a vCISO, and when it's time to hire a full-time CISOHow industry associations can help their SMB membersThe headwinds of change that a CISO will encounter, including "Technical Ego"Why SMBs need to think about "Extinction Events" in their security planningRecoil in horror as John, Malcolm, and Chad share stories from their pasts, including: users with one-character passwords, RSA auth tokens zip-tied to forklifts, and how one company had more domain admins that IT staff.Guest:John Prokap, former CISO at HarperCollinsHosts:Malcolm Harkins, Chief Security and Trust Officer, CymaticChad Boeckmann, Founder/CEO, TrustMAPPSponsor: TrustMAPP (https://trustmapp.com)
In this episode, we feature our guest Miguel El Lakkis. Miguel recently transitioned from News Corp to Cantor Fitzgerald and in this process he describes the method commonly used by CISO's to properly transition a security program to a successor. We discuss the various aspects of a security program that may change over time and how to address constants to avoid duplication of efforts. The CISO responsibilities should be managed like a relay race not a marathon to make for a smoother transition now and into the future. Malcolm offers up another approach where the focus is on talent management and always identifying a successor for each role within the security program. I guarantee you will learn something new in this episode!Guests:Miguel El Lakkis, CISO, Cantor FitzgeraldHosts:Malcolm Harkins, Chief Security and Trust Officer, CymaticChad Boeckmann, Founder/CEO, TrustMAPPSponsor: TrustMAPP (https://trustmapp.com)
Jeff DiMuro, Chief Security and Compliance Architect for Salesforce, is back with us again – this time, our topic is data privacy and how our privacy practices have to evolve in the “Age of Contact Tracing.” Listen and learn how to take back the controls to assure data is managed securely and policies comply […]
In this episode we discuss the process of recruiting, identifying culture fit and managing trust with a remote workforce and how these components impact the security profile of a company. The discussion begins with identifying an appropriate recruiting process for a remote workforce and measuring the appropriate candidates to hire in a remote workforce scenario. We also dive into how this remote work environment has opened up a potentially broader skillset that previously may not have been available for open opportunities. Lucinda defines for us Trust in the Workforce: Capability, Reliability, Intent and answers the question of which of these three criteria is coachable.Malcolm discusses the security implications and and how these things have not changed a whole lot while determining where specific controls may have failed and the importance of continually managing expectations for security and applying awareness while reinforcing training. Further the discussion dovetails into how effective security performance management provides the transparency of these controls. Guests:Lucinda DuToit, VP of Human Resources, DigineerHosts:Malcolm Harkins, Chief Security and Trust Officer, CymaticChad Boeckmann, Founder/CEO, TrustMAPPSponsor: TrustMAPP (https://trustmapp.com)
In this episode we invite special guests Drew Spaniel, Lead Researcher, Institute for Critical Infrastructure Technology (https://icitech.org), James Russell, Worldwide Group Leader, Wireless Connectivity Specialists and IoT Security Team, Microchip Technology (https://www.microchip.com) and Paul Phillips, Principal Embedded Solution Engineer, Microchip Technology. We also hear from privacy expert Kirk Nahra, Partner and Co-Chair of Privacy and Cybersecurity Practice at WilmerHale. This second episode in a multi-part series is packed full of information and trends related to IoT cybersecurity regulation and emerging practices. We hear from experts on the Europe and UK regulations as well as garner perspective from Kirk Nahra who lends insight from a legal and privacy standpoint on consumer best practices for IoT cybersecurity regulation. Topics covered include:Emerging regulatory requirements for IoT cybersecurity in United KingdomRelevant guidance from NIST in the U.S.Impact of IoT cybersecurity regulatory requirements for both manufacturers and retailersHow companies can integrate IoT cybersecurity in the real worldFuture looking trends and considerationsGuests:Drew Spaniel, Lead Researcher, Institute for Critical Infrastructure TechnologyJames Russell, Worldwide Group Leader, Wireless Connectivity Specialists and IoT Security Team, Microchip TechnologyPaul Phillips, Principal Embedded Solution Engineer, Microchip TechnologySpecial Commentary by:Kirk Nahra, Partner and Co-Chair of Privacy and Cybersecurity Practice at WilmerHale. Hosts:Malcolm Harkins, Chief Security and Trust Officer, Cymatic(https://www.linkedin.com/in/malcolmharkins/)Chad Boeckmann, Founder/CEO, TrustMAPP(https://www.linkedin.com/in/chadboeckmann/)Sponsor: TrustMAPP (https://trustmapp.com)
This week Gar is joined by Joseph Carson, Thycotic's Chief Security Scientist and Advisory CISO. He's the architect behind some of the worlds largest cloud environments, has worked to digitally transform cyber security education to online delivery, and now based in Estonia he has been working in areas such as digital identity. He's won many awards and is driven by a desire to give back to the community. Joseph walks us through what cyber resilience looks like at a country level, including how Estonia has gone about building trust with their citizens. He speaks about education for cyber security, immigration policies, data resilience through data embassies, and Jospeh outlines the jaw dropping economic benefits that an advanced digital society can achieve through removing friction. Connect with Joseph on LinkedIn: https://www.linkedin.com/in/josephcarson/ Follow Joseph on Twitter: https://twitter.com/joe_carson Check out Jospehs books: https://thycotic.com/resources/wileys-dummies-cybersecurity/ https://thycotic.com/resources/wileys-privileged-access-cloud-security-for-dummies/
Todd Bell is the Chief Security & Trust Officer for Verdigris Holdings, a 100% cloud Banking as a Service (BaaS) located in Scottsdale, AZ. Todd brings more than 15+ years of information security & technology experience working at Fortune 500 global corporations to Start-up ventures. Bell is a recognized industry veteran that serves as a Subject Matter Expert (SME) for various analyst firms needing industry insights and market trends. Bell has made numerous contributions to the technology and cyber industry as CISOonline.com contributing writer and written white papers for EC Council and various organizations.Prior to Verdigris Holdings, Todd served as VP of Enterprise Architecture & CISO for Intersec Worldwide, advising corporations how to build, sustain, and operationalize cybersecurity programs at scale. Before joining Intersec Worldwide, Todd was a Customer Chief Information Security Officer for a major franchise while at Fishnet Security and worked at Verizon Business that was formerly Cybertrust.Bell holds an M.B.A. from Regis University in Denver, CO and bachelor's degree in Business Information Systems. Bell holds a variety of professional certifications consisting of Corporate Governance (SOX) from Tulane University Law School, PMP credential from Project Management Institute, Information Security (CISSP), and a certified Master Project Manager from Regis.Register for Global CISO Forum: https://globalcisoforum2020.eventbrite.com/?aff=ToddBell Register for Hacker Halted: https://hackerhalted2020.eventbrite.com
It's time for the airing of grievances and feats of strength as Darin and Kim decide Festivus needs to be celebrated early this year. They are joined by Morgan Wright, an internationally recognized expert on cybersecurity strategy, cyberterrorism, identity theft and privacy. His landmark testimony before Congress on Healthcare.gov changed how the government collected personally identifiable information. He has made hundreds of appearances on national news radio and has spoken to audiences around the world.
In this episode we invite special guests Drew Spaniel, Lead Researcher, Institute for Critical Infrastructure Technology (https://icitech.org) and James Russell, Worldwide Group Leader, Wireless Connectivity Specialists and IoT Security Team, Microchip Technology (https://www.microchip.com). In this episode we dive into the unique aspects of IoT Security and how the culture of security is so critical across engineering teams who previously designed and built systems that were not connected to internet services. With a new shift and massive influx in IoT devices, specifically concentrated in the industrial IoT market, understanding the culture of security - specifically IoT security is more important now than ever. This episode covers:Where to begin to start measuring IoT SecurityQuantifying Impact on business with regard to IoT cyber hygieneIoT Rise of DisruptionCommitment versus ComplianceBridging intracompany communication breakdownsGuests:Drew Spaniel, Lead Researcher, Institute for Critical Infrastructure TechnologyJames Russell, Worldwide Group Leader, Wireless Connectivity Specialists and IoT Security Team, Microchip TechnologyHosts:Malcolm Harkins, Chief Security and Trust Officer, Cymatic (https://www.linkedin.com/in/malcolmharkins/)Chad Boeckmann, Founder/CEO, TrustMAPP (https://www.linkedin.com/in/chadboeckmann/)Sponsor: TrustMAPP (https://trustmapp.com)
On this episode of the podcast Benny Lakunishok, Co-Founder of Zero Networks, join Malcolm Harkins and Chad Boeckmann to explore the industry's continuous adoption and adaption of prevention -> detection -> prevention technologies. The group dives into the maturity of machine learning and where the industry is overall as well as how adoption of new technologies is imperative to maintain adequate risk posture over time while serving the best interests of business.Guest: Benny Lakunishok, Zero Networks (LinkedIn)Hosts:Malcolm Harkins, Chief Security and Trust Officer, Cymatic (https://www.linkedin.com/in/malcolmharkins/)Chad Boeckmann, Founder/CEO, TrustMAPP (https://www.linkedin.com/in/chadboeckmann/)
Join us for a conversation with the Distinguished Engineer Jaya Ramanathan who is the Chief Security and Governance Architect for Red Hat Advanced Cluster Management.
In this episode, Malcolm Harkins and Chad Boeckmann speak with John Brennan, Partner at YL Ventures. This episode provides a perspective of how venture capital firms are reacting to and supporting their cybersecurity portfolio companies during an unprecedented pandemic in our modern time. In this episode we discuss trends of security teams and John discusses advice their firm is providing to other cybersecurity startups. Further in the discussion Malcolm and John discuss the context of business risk with regard to pandemic response and how this type of risk can take different forms but also shape varying perspectives. The is the first time our podcast has gained perspective directly from a venture capital firm and the episode is information packed with guidance for both the buyers and vendors in managing the business of security. Guest: John Brennan, YL Ventures (https://www.ylventures.com/people/john-brennan/)Hosts:Malcolm Harkins, Chief Security and Trust Officer, Cymatic (https://www.linkedin.com/in/malcolmharkins/)Chad Boeckmann, Founder/CEO, TrustMAPP (https://www.linkedin.com/in/chadboeckmann/)
Have a Resilient Plan “I think it’s really critical to have the fortitude and the resiliency to make it through these things. It’s not that you pray you won’t have incidents, because you will, it’s that you plan for it.” Ty Sbano, Chief Security & Trust Officer at Sisense, joins the podcast to talk about how […]
Dennis and Michael sat down-- virtually-- with Mauricio Fernandez, the Managing Director and Chief Security and Resilience Officer for Soluciones Advisory Services. Mauricio is an experienced CSO who provides insight and ideas to help us learn and prepare for the post-COVID 19 world.
Jeremiah Salzberg, Chief Security Technologist at Sirius is our feature guest this week. News from: Stranahan’s, Gaylord Rockies, Angi Homeservices, Stackhawk, TruKno, ThreatX, Zvelo, Coalfire, CyberGRX and a lot more! Support us on Patreon! Fun swag available - all proceeds will directly support the Colorado = Security infrastructure. Come join us on the new Colorado = Security Slack channel to meet old and new friends. Sign up for our mailing list on the main site to receive weekly updates - https://www.colorado-security.com/. If you have any questions or comments, or any organizations or events we should highlight, contact Alex and Robb at info@colorado-security.com This week’s news: Join the Colorado = Security Slack channel Stranahan's owner plans to build $50 million whiskey resort in Black Hawk Colorado's largest hotel to shut down temporarily, defer expansion Angi Homeservices offers Congress help to distribute financial aid to small businesses Voting Open for Colorado Inno Tech Madness Championship Denver based TruKno launches ThreatX - Fighting the Appsec FIght: Don't Sell Products. Create Partnerships. TTP: Malicious Cyber Actors Look to Exploit Covid-19 Coalfire - Coalfire ISO Awarded one of the World's First ISO 27701 Accreditation Decisions Among Certification Bodies CyberGRX - Do Onsite Third Party Risk Assessments Add Value or Risk? Job Openings: Bank of America - SOC Analyst Level 1 Colorado Department is Public Safety - Cybersecurity Intelligence Analyst CHI Health - Security Analyst II DLP Cisco - Enterprise Account Exec - Duo Security Aetna - 3rd Party Risk Analyst CenturyLink - Sr Mgr - Information Security Trimble - Cyber Security Risk Analyst Twilio - Enterprise Security Engineer American Ag Credit - Identity Access Management Engineer Frontier Airlines - IT Security Engineer II Upcoming Events: This Week and Next: Who knows!?!? Other Notable Upcoming Events RMISC - 6/9-11 View our events page for a full list of upcoming events * Thanks to CJ Adams for our intro and exit! If you need any voiceover work, you can contact him here at carrrladams@gmail.com. Check out his other voice work here. * Intro and exit song: "The Language of Blame" by The Agrarians is licensed under CC BY 2.0
Criminal Justice Evolution Podcast - Hosted by Patrick Fitzgibbons
Hello everyone and welcome back to the show. Special thanks to all the people that are keeping the country going. I am talking about truck drivers, medical professionals, grocery store workers and many more. Of course, a big shout out to the brave men and women who protect this great country everyday – police officers, firefighters, paramedics. Keep up the great work and remember you are honored, cherished and you are loved. If you love coffee, you are going to love the products from Four Sigmatic. Everything from coffee to cocoa you are going to love it all. My favorite is the Lions Mane Mushroom Coffee. It doesn’t taste like coffee and its better for you. Check out their link at www.cjevolution.com and get 15% off your purchases using the promo code CJEVO. We are so honored to be partnered with Detectachem. This amazing and innovative company is protecting the people who protect us every day by offering mobile threat detection that fits in the palm of your hand. Detecting illicit drugs and explosives this is must have equipment for your agency. Check out the link to Detectachem at www.cjevolution.com On to the show with Morgan Wright. Morgan is an internationally recognized expert on cybersecurity strategy, cyberterrorism, identity theft and privacy. His landmark testimony before Congress on Healthcare.gov changed how the government collected personally identifiable information. He has made hundreds of appearances on national news, radio, print and web, and has spoken to audiences around the world. Previously Morgan was a Senior Advisor in the US State Department Antiterrorism Assistance Program and Senior Law Enforcement Advisor for the 2012 Republican National Convention. In addition to 18 years in state and local law enforcement, Morgan has developed solutions in defense, justice and intelligence for the largest technology companies in the world. Currently, Morgan is the Chief Security Advisor for SentinelOne. He is also an opinion contributor for The Hill. In this show, Patrick and Morgan talk about COVID-19 and talk about accountability. Specifically, if the United States government is going to hold China accountable. Morgan also gives his expertise on keeping yourself safe from scams in this time of crisis. We also discuss the popular app KIK and how child predators are using this app to groom and take advantage of our children. Such a great and informative interview. You can find Morgan here: https://www.linkedin.com/in/morganwright150/ https://www.morganwright.us/ https://twitter.com/morganwright_us Stay tuned for more great guests on The CJEvolution Podcast www.cjevolution.com
We interview Tony Anscombe, Chief Security Evangelist at ESET, based in San Francisco. Tony explains what’s on the dark web – how easy is it to purchase ransomware as a service, set up a payment method and buy some data to send out a campaign. Tony took a fresh laptop, wiped his mind of his inherent knowledge and undertook to access the Dark Web as a novice. Taking just 40 minutes, Tony was able to engage a Ransomware as a Service, create a Bitcoin account and access campaign data which would have enabled either an internal attack or a nefarious phishing campaign. The lesson learned is due to the ease this activity can be done, Enterprise need to ensure a layered (defence in depth) security approach. For more reading, access the following: ESET blog www.welivesecurity.com Whitepapers: ESET Deep Behavioral Inspection and Kr00k – CVE-2019-15126 (Wi-Fi vulnerability) ESET® has been developing IT security software and services for businesses and consumers worldwide, with solutions ranging from endpoint and mobile security, to encryption and two-factor authentication. Backed by R&D centers worldwide, ESET became the first IT security company to earn 100 Virus Bulletin VB100 awards, identifying every single “in-the-wild” malware without interruption since 2003. For more information visit www.eset.com Recorded 19 March 2020 (AEST) courtesy of ESET. ESET Online Safety Tips during COVID-19 https://www.welivesecurity.com/2020/03/16/covid19-forced-workplace-exodus/ https://www.welivesecurity.com/2020/03/13/beware-scams-exploiting-coronavirus-fears/ https://www.welivesecurity.com/2020/03/19/work-home-improve-security-mfa/ PREVIOUS ESET EPISODE Episode 152 - The Toll of TOLA - Australia's Amendment for Assistance and Access RELATED DARK WEB EPISODES: Episode 187 - INTERPOL CYBER CRIME OPERATIONS & IGCI SINGAPORE - Interview with Craig Jones, INTERPOL Director for Cybercrime Episode 179 - Cybercrime Darkweb Markets, International Police Operations & Crypto-currencies #CSA2019
Privacy and Security usually go hand in hand. Is your personal or professional privacy compromised when you use a video door bell? Listen to Nick Espinosa of Security Fanatics talk with Barb Paluszkiewicz about the trust relationship that you enter into when you subscribe to a service. How is your information safeguarded? How do you know if you are being data mined?
In this podcast, Malcolm Harkins, Chief Security and Trust Officer at Cymatic, Simone Petrella, CEO and Founder of CyberVista, Chris Pierson, CEO and Founder of BlackCloak, and Hank Thomas, CEO of Strategic Cyber Ventures join our host Ashwin Krishnan to unpack RSAC 2020. They all agreed that RSA has become a vendor’s conference and none of […]
The SecureWorld Sessions is a cybersecurity podcast that gives you access to people and ideas that impact your career and help you secure your organization. In this episode: How do you develop cybersecurity advocates across the organization? Featured interviews with: Deneen DeFiore, VP & CISO, United Airlines; Zaki Abbas, VP & CISO, Brookfield Asset Management; Milinda Rambel Stone, VP & CISO, Provation Medical; Brent Lassi, CISO, Bluecore; Mike Muha, Chief Security and Privacy Officer, Workforce Software. Also, Trend Micro shares about Dynamic Challenges to Threat Detection and Endpoint Security—and how to overcome them. RESOURCE LINKS: • SecureWorld 2020 conference schedule: https://www.secureworldexpo.com/events • Trend Micro “Dynamic Challenges to Endpoint Security” paper: https://www.trendmicro.com/vinfo/us/security/news/security-technology/dynamic-challenges-to-threat-detection-and-endpoint-security-and-how-to-overcome-them
Privacy: Just Make It Easy In this episode, host Ashwin Krishnan sits down with longtime friend of the podcast Malcolm Harkins, Chief Security and Trust Officer at Cymatic, and Chris Pierson, CEO of BlackCloak. They discuss the intertwined relationship between security and privacy and how the two need to be balanced. Malcolm explains, “when those […]
Overloaded Security Leader? In this episode Michael Lines joins Chad Boeckmann and Malcolm Harkins in a discussion about tactically prioritizing security efforts and what it means to get real traction. This episode explores supplier risk versus third-party risk and how this relates to overall business objectives and outcomes. Further discussion evolves into the problematic challenge of a new CISO where results must be achieved now and how to set-up a "trading" system internally to curtail budget and achieve progress without unnecessary investments in more tools that can at times cause more complications than benefit. In summary this episode explores how to overcome the overloaded mindset as a security leader. Listen now!Guest: Michael Lines, CISO (https://heuristicsecurity.com/about-heuristic-security/)Hosts: Malcolm Harkins, Chief Security and Trust Officer, CymaticChad Boeckmann, CEO TrustMAPP (d.b.a Secure Digital Solutions)Sponsored by TrustMAPP (https://trustmapp.com)
Cybersecurity Technology: Yesterday, Today, and Tomorrow Malcolm Harkins, Chief Security and Trust Officer of Cymatic, and Peter Liebert, Commander of Cyber Operations at the California State Guard, join the podcast to discuss the past, present, and future of cybersecurity technology and offer their predictions for 2020. They talk about the products and practices from the […]
In this episode co-hosts Malcolm Harkins, Security and Trust Officer at Cymatic and Chad Boeckmann, CEO at TrustMAPP, speak with Jason Lish, Privacy, and Data Officer at Advisor Group about mentoring the next security leader and creating a back up for existing cyber security leadership. The discussion evolves into skill types, as well as organization maturity and fitting the right leader profile with the appropriate security program stage a company may be currently managing. Both Jason and Malcolm leave our listeners with wisdom and guidance to consider on the topic of "Build or Buy" the next security leader.Jason Lish: https://www.linkedin.com/in/jasonlish/Malcom Harkins: https://www.linkedin.com/in/malcolmharkinsChad Boeckmann: https://www.linkedin.com/in/chadboeckmann/Brought to you by our Sponsor: TrustMAPP
Alex Manea joined our team as Chief Security and Privacy Officer last year to lead our trust thesis and its adoption. In this episode, Jon Prial and Alex have a wide-ranging chat covering risk, privacy, different types of security attacks and how to protect your business. They also discuss how a business should be preparing for a new world at the intersection of fairness, value and trust. You'll hear about: How everything flows down from leadership's philosophy on security and privacy Why perceptions of privacy, security, fairness and transparency are changing The value exchange we make with brands for our data Who is Alex Manea? Alex Manea is our Chief Security and Privacy Officer and a member of the Georgian Impact Team. Alex uses his detailed knowledge of security and privacy concepts to help portfolio companies identify opportunities to build and monetize technologies that protect assets and build trust. Alex is also responsible for Georgian's internal policies and infrastructure. Prior to joining Georgian Partners, Alex spent 12 years working at BlackBerry, most recently as Chief Security Officer. As a founding member of BlackBerry Security, he has worked to protect mobile, desktop and IoT devices, networks and infrastructure for over a decade, helping to transform BlackBerry from a mobile hardware vendor to the world's leading provider of enterprise software and security solutions. Alex regularly writes on security and has been published in dozens of international publications in multiple languages.
El pasado miércoles, 6 de noviembre, en “El Que Avisa No Es Traidor”, Silvia Leal entrevistará a David Cierco, Director General de Red.es dentro de su sección #ElTsunamiNoExiste. Además, tendremos en el estudio a Andrés D. Naranjo, Chief Security Envoy en ElevenPaths. Y estarán con nosotros nuestros colaboradores: Marta Gil #fisioterapia e Ignacio Echenagusía #música. Programa presentado y dirigido por Luis Vega y con la producción de Conchi Burgos. De lunes a jueves en directo de 10.30 a 12.30 y en #redifusion de 19.30 a 21.30.
El pasado miércoles, 6 de noviembre, en “El Que Avisa No Es Traidor”, Silvia Leal entrevistará a David Cierco, Director General de Red.es dentro de su sección #ElTsunamiNoExiste. Además, tendremos en el estudio a Andrés D. Naranjo, Chief Security Envoy en ElevenPaths. Y estarán con nosotros nuestros colaboradores: Marta Gil #fisioterapia e Ignacio Echenagusía #música. Programa presentado y dirigido por Luis Vega y con la producción de Conchi Burgos. De lunes a jueves en directo de 10.30 a 12.30 y en #redifusion de 19.30 a 21.30.
Most people in technology agree that cyberthreats will be one of the biggest dangers we face in the coming years. In our increasingly-connected world, we’re more vulnerable than ever before and the threat of one bad actor taking out an entire power grid or critical network system is real. Retired Army Major General John Davis knows this better than most. While leading a task force responsible for directing the operations and defense of the DOD networks, the U.S. was hit with a cyberattack that infected a number of critical networks. John had to lead the charge against the malicious code, and he believes the event was a key factor in the creation of U.S. Cyber Command, which John served as a director of. Today, John is the Chief Security officer for the Federal Sector of Palo Alto Networks, and he spends his time telling the story of that attack to illustrate the need for enhanced cybersecurity everywhere. On this episode of IT Visionaries, John discusses how he dealt with the attack, the ways cybersecurity has changed, and why the way forward is with a prevention mindset. Key Takeaways: The security landscape today Building transparency and clarity John’s first-hand experience stopping cyber attacks against America Advice on how to improve your security Salesforce and MIT recently teamed up to create a whitepaper exploring what happens when AI meets CRM. Read: AI Meets CRM: An MIT Tech Review Whitepaper This podcast is sponsored by Salesforce. Did you know Salesforce isn't just for Sales? Using Salesforce as an Employee Experience Platform helps make every employee across your organization more productive thanks to a common, mobile-first platform for getting work done faster. Find out more at salesforce.com/EmployeeExperience Palo Alto Networks Federal Ignite 2019, a security conference for the future, brings together leading cybersecurity professionals and government officials for panels and keynotes on Next-Generation security priorities along with hands-on training, best practices and new innovations on Thursday, October 10, and Friday, October 11, in Washington, D.C. Register at ignitefed.paloaltonetworks.com.
The Human Element: Cybersecurity’s Weakest or Strongest Link? Malcolm talks about the people perimeter, simplifying to manage risk, and trust as a function of competence and character. 03:58 Humans are a weak link and a strong link. Don’t blame the end user. 05:11 It is possible to change end-user behavior. […]
Data Inventory is the first step to implement proper Data Governance for Salesforce. In part two of our podcast series with guest experts Jeff DiMuro, Chief Security & Compliance Architect at Salesforce and Marla Hay, Director of Product, Privacy & Data Governance we will explain step-by-step, how to conduct data inventory using best practices, standards […]
On today’s show, host Chris Gorog speaks with the Former Chief Security and Privacy Officer at Intel, Malcolm Harkins. Malcolm tells us how he got into cyber-security and put in 24 years into Intel and another 4 into a start-up company called Silence Corporation. With his background in the industry, Malcolm breaks down the difference between a CIO and CISO, explaining how most CISO’s report to CIO’s inside a company. He also speaks on how he believes Information Risk is permeating every aspect of an organization and creating social risks and ethical and moral dilemmas on how you use technology in a business/corporation. Malcolm breaks down how he thinks both the roles of CIO’s and CISO’s will grow and develop as people become more aware of the benefits of cyber-security in their businesses. Listen as Malcolm explains the importance of trust in the security industry and how most companies will base finding it on two things: confidence and character. Visit our sponsors: Cyber Resilience Institute Internet Broadcasting Network BlockFrame Inc. SecureSet Academy Murray Security Services
DirtySecurity Podcast: Malcolm Harkins: A New Age of BYOD If we delivered a birthday cake to BYOD, how many candles would be on the cake? On this episode of DirtySecurity, we want to talk about personal devices... They are like opinions and…. Something else… everyone has one. Phones, tablets, fitbits and you could say even say Airpods? The challenges of BYOD historically, from a risk perspective, include security & privacy… On the flip side has BYOD provided any benefits to an Enterprise or Organization? About Malcolm Harkins Malcolm Harkins is responsible for Cylance’s information risk, security, public policy, and customer outreach to help improve understanding of cyber risks. Previously, he was VP and Chief Security and Privacy Officer (CSPO) at Intel. About Edward Preston Edward Preston (@eptrader)has an eclectic professional background that stretches from the trading floors of Wall Street to data centers worldwide. Edward started his career in the finance industry, spending over 15 years in commodities and foreign exchange. With a natural talent for motivating, coaching, and mentoring loyal, goal-oriented sales teams, Edward has a track record for building effective sales teams who have solid communication lines with executive management. s Every week on the DirtySecurity Podcast, Edward Preston chats with Cylance’s best and brightest about what is happening in the world of Cybersecurity and the work Cylance is doing to make things better. Each episode shines a spotlight on the people of Cylance and the work they do with our technology and consulting services to clean up the often dirty world of the data center. To hear more, visit: ThreatVector InSecurity Podcasts: https://threatvector.cylance.com/en_us/category/podcasts.html iTunes/Apple Podcasts link: https://itunes.apple.com/us/podcast/insecurity/id1260714697?mt=2 GooglePlay Music link: https://play.google.com/music/listen#/ps/Ipudd6ommmgdsboen7rjd2lvste Make sure you Subscribe, Rate and Review!
This week, our guest is Erik Decker, Chief Security and Privacy Officer at the University of Chicago Medicine. We discuss the WannaCry incident that shut down the NHS in the UK and more importantly focus on the key learnings that came from that experience which happened just over a year ago. We also talk about the importance of and his framework for prevention and protection. Erik mentions the Health Industry Cybersecurity Practices (HICP). That information can be found on the Public Health Emergency website here: https://www.phe.gov/405d
On this week’s show, we spoke with Alex Manea, Chief Security and Privacy Officer @ Georgian Partners. Alex uses his detailed knowledge of security and privacy concepts to help portfolio companies identify opportunities to build and monetize technologies that protect assets and build trust. Alex is also responsible for Georgian’s internal policies and infrastructure. Prior to joining Georgian Partners, Alex spent 12 years working at BlackBerry, most recently as Chief Security Officer. As a founding member of BlackBerry Security, he has worked to protect mobile, desktop and IoT devices, networks and infrastructure for over a decade, helping to transform BlackBerry from a mobile hardware vendor to the world's leading provider of enterprise software and security solutions. Alex regularly writes on security and has been published in dozens of international publications in multiple languages. Alex was recently named one of Canada’s smartest people by the Canadian Broadcasting Corporation. He has traveled to 22 countries and can speak or understand 7 different languages. He loves learning about cultures around the world, visiting local landmarks and trying new types of food. On the show, we spoke about: How he got started in engineering The evolution of his role at Blackberry that led him to becoming Chief Security Officer How he became an investor at Georgian Partners His thoughts on security vs. privacy The new technologies he’s excited about notably blockchain and quantum computing The rise of IOT and the danger it poses Alex is a world class expert in his field and I was thrilled to have him on the show. I hope that you enjoy the conversation! Let us know what you think. What types of guests would like to see on the show? What topics interest you the most? Send me your thoughts at nectar@thepnr.com Subscribe | iTunes | Google Play |Spotify | YouTube | Stitcher | Breaker
Cylance Chief Security and Trust Officer Malcolm Harkins reflects on his core leadership philosophies and the processes he implements to cultivate a professional culture of excellence. Malcolm's background in economics and finance offers a unique perspective on the cybersecurity landscape. He walks us through his transition from working as the Chief Security & Privacy Officer at the multinational corporation, Intel, to joining the cutting-edge cybersecurity start-up, Cylance.
Erik Gordon, Michigan University Professor at the Ross School of Business on Elon Musk and the SEC. We also have Joe Mysak, Editor for Bloomberg Brief: Municipal Market discussing the economy. Also joining the program is Malcolm Harkins, Chief Security & Trust Officer at Cylance discussing Cyber-security and China hacks. We also have Beth MacLean, Portfolio Manager at PIMCO, on the bank loan market and her outlook on the economy.
What if I told you that there are companies out there who deliberately spoof data breaches in order to blackmail their “customers” into paying for their “breach remediation services”? What if I told you that, after failing to be a good little victim to such a scam, LabMD began hearing from the Federal Trade Commission about its security and technology practices? Would you believe me if I said that, in a battle that is now in its 17thyear, our guest has attempted the impossible and stood up to the crooks and the FTC? Rather than settle a case that he knew was wrong, our guest refused to live in the world he was given. He has battled to change that world and keep his company’s name and his own name from being steamrolled by the bureaucracy of a government agency that may not really know what they are doing when it comes to data privacy and security. Joining Matt Stephenson on the InSecurity podcast are Mike Daugherty and Malcolm Harkins. Mike is the CEO of LabMD who refused to be the victim of a shady “Breach Mediation” company, which led to a decade long battle with the Federal Trade Commission. Malcolm is the Chief Security & Trust Officer at Cylance. He is not one to sit idly by and let the cybersecurity industry focus on profits over people. Imagine what might happen when you get these two in a room together… About Mike Daugherty Mike Daugherty is embroiled in the biggest regulatory cybersecurity legal battle in the country today. The CEO of LabMD, a cancer testing laboratory, author, speaker, consultant and policy advocate, he has spent most of the last decade defending his company against charges that it had deficient cybersecurity practices. The early years of his entering and fighting Washington, DC, are recorded in his book, The Devil Inside the Beltway. In so doing, he has become the only litigant to challenge the basic authority that underlies more than 200 enforcement actions relating to cybersecurity and online privacy that the FTC has brought over the past 15 years. Every one of the 200+ litigants before him – including some of the largest companies in the world – have settled with the FTC, creating an unquestioned and untested belief that the FTC has broad authority to regulate in these areas. Following oral arguments in June, 2017, before a panel of the 11th Circuit Court of Appeals, on June 6, 2018, he actually prevailed. In so doing, he toppled key pillars of the FTC’s cybersecurity and online privacy edifice, successfully exposing and challenging The Administrative State. The cybersecurity regulatory framework for all of industry has been flipped on its head. About Malcolm Harkins As the Chief Security and Trust Officer at Cylance, Malcolm Harkins (@ProtectToEnable) is responsible for all aspects of information risk and security, security and privacy policy, and for peer outreach activities to drive improvement across the world in the understanding of cyber risks and best practices to manage and mitigate those risks. Previously, he was Vice President and Chief Security and Privacy Officer at Intel Corp. In that role, Malcolm was responsible for managing the risk, controls, privacy, security and other related compliance activities for all of Intel's information assets, products and services About Matt Stephenson Insecurity Podcast host Matt Stephenson(@packmatt73) leads the Security Technology team at Cylance, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecurity podcastand host of CylanceTV Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Stephenson to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come before. Every week on the InSecurity Podcast, Matt interviews leading authorities in the security industry to gain an expert perspective on topics including risk management, security control friction, compliance issues, and building a culture of security. Each episode provides relevant insights for security practitioners and business leaders working to improve their organization’s security posture and bottom line. To hear more, visit: ThreatVector InSecurity Podcasts: https://threatvector.cylance.com/en_us/category/podcasts.html iTunes/Apple Podcasts link: https://itunes.apple.com/us/podcast/insecurity/id1260714697?mt=2 GooglePlay Music link: https://play.google.com/music/listen#/ps/Ipudd6ommmgdsboen7rjd2lvste
Malcolm Harkins is the Chief Security and Trust Officer at Cylance. Talks with Vince at RSAC 2018 security conference in San Francisco.
Veteran security journalist Paul Roberts talks about the creation of Security Ledger, his work covering cybersecurity, the democratization of media, and hiccups with IoT legislation.
While October is Cybersecurity Awareness Month around the world, education and action should continue all year long. Michael Kaiser, Executive Director of the National Cyber Security Alliance joins Cisco SVP and Chief Security and Trust Officer, John N. Stewart to discuss today’s threats and how to prepare for our digital future. They discuss how governments, businesses of all sizes, education institutions, and individuals can protect themselves today, and what to anticipate and how to plan for a more safe and secure tomorrow. For more information and to continue the conversation, check out these links: • Cisco Cybersecurity Month: www.cisco.com/go/cybersecuritymonth • Cisco Trust Center: http://www.cisco.com/go/trust.cisco.com • European Cyber Security Month: https://cybersecuritymonth.eu/ • National Cyber Security Awareness Month: www.dhs.gov/national-cyber-security-awareness-month • StaySafeOnline: https://staysafeonline.org
This month's podcast features Dave Martin, Technology and Innovation Leader, IT Risk and Cybersecurity at GE, and John Stewart, Senior VP and Chief Security and Trust Officer, Corporate Security Programs Organizations, Cisco, in conversation about the roads they took to where they are today, leading cybersecurity programs for some of the world's biggest companies.
IT Best Practices: Episode 61 – In this podcast we engage in a wide-ranging discussion on business velocity, security, and privacy with Intel’s Malcolm Harkins. Harkins has a unique view from his position as the Chief Security and Privacy Officer at Intel. He shares his thoughts on securing the enterprise, ensuring privacy protections, and keeping […]
Synopsis In this edition of the podcast, I sit down with Jeff Moss (@TheDarkTangent) to talk about all of the interesting evolutions currently going on in the Internet age. As one of the people who has watched the cyber punk culture evolve from the dark culture of hacking for curiosity, through the "dot com boom" and now into mainstream business, and he has some interesting commentary on how we've evolved as a culture and a group. We also talk through some interesting hacker vs. government regulation topics, and IPv6 of course! Listen in, and hear all the really exciting things Jeff has to say. Guest Jeff Moss (@TheDarkTangent) - In addition to being the founder of the Black Hat and Defcon hacker conferences, Jeff is now a part of the Department of Homeland Security Advisory Council since 2009. Currently Jeff is the Chief Security officer at ICANN, the Internet names and assigned numbers authority.