POPULARITY
Categories
Chinese hackers use Cobalt Strike on Taiwan's semiconductor sector Salt Typhoon breaches National Guard and steals network configurations Congress considers Stuxnet to manage OT threats Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO. Find the stories behind the headlines at CISOseries.com.
All links and images can be found on CISO Series. Check out this post for the discussion that is the basis of our conversation on this week's episode, co-hosted by me, David Spark, the producer of CISO Series, and Dan Walsh, CISO, Datavant. Joining them is Sneha Parmar, former information security officer, Lufthansa Group Digital. In this episode: Shifting left, broadening out The insurance wake-up call Building trust into the system Security's identity crisis A huge thanks to our sponsor, Doppel Doppel is the first social engineering defense platform built to dismantle deception at the source. It uses AI and infrastructure correlation to detect, link, and disrupt impersonation campaigns before they spread - protecting brands, executives, and employees while turning every threat into action that strengthens defenses across a shared intelligence network. Learn more at https://www.doppel.com/platform
⬥GUEST⬥Tobias Halmans, OT Incident Responder | GIAC Certified Incident Handler | Automation Security Consultant at admeritia GmbH | On LinkedIn: https://www.linkedin.com/in/tobias-halmans/⬥HOST⬥Host: Sean Martin, Co-Founder at ITSPmagazine and Host of Redefining CyberSecurity Podcast | On LinkedIn: https://www.linkedin.com/in/imsmartin/ | Website: https://www.seanmartin.com⬥EPISODE NOTES⬥Business continuity planning is a familiar exercise for most IT and security leaders—but when you move into operational technology (OT), the rules change. In this episode of Redefining CyberSecurity, Sean Martin talks with Tobias Halmans, an incident responder at admeritia, who helps organizations prepare for and respond to incidents in OT environments. Tobias shares why disaster recovery planning in OT requires more than simply adapting IT frameworks. It demands a change in approach, mindset, and communication.OT engineers don't think in terms of “ransomware readiness.” They think in terms of safety, uptime, manual fallback options, and how long a plant can stay operational without a SCADA system. As Tobias explains, while IT teams worry about backup integrity and rapid rebooting, OT teams are focused on whether shutting down a system—even safely—is even an option. And when the recovery plan depends on third-party vendors, the assumptions made on both sides can derail the response before it begins.Tobias walks us through the nuances of defining success in OT recovery. Unlike the IT world's metrics like mean time to recover (MTTR), OT environments often hinge on production impacts and safety thresholds. Recovery Time Objectives (RTOs) still exist—but they must be anchored in real-world plant operations, often shaped by vendor limitations, legacy constraints, and tightly regulated safety requirements.Perhaps most importantly, Tobias stresses that business continuity planning for OT can't just be a cybersecurity add-on. It must be part of broader risk and operational conversations, ideally happening when systems are being designed or upgraded. But in reality, many organizations are only starting these conversations now—often driven more by compliance mandates than proactive risk strategy.Whether you're a CISO trying to bridge the gap with your OT counterparts or an engineer wondering why cyber teams keep showing up with playbooks that don't fit, this conversation offers grounded, real-world insight into what preparedness really means for critical operations.⬥SPONSORS⬥LevelBlue: https://itspm.ag/attcybersecurity-3jdk3ThreatLocker: https://itspm.ag/threatlocker-r974⬥RESOURCES⬥Inspiring Article: https://www.linkedin.com/posts/sarah-fluchs_notfallvorsorge-in-der-ot-traut-euch-activity-7308744270453092352-Q8X1⬥ADDITIONAL INFORMATION⬥✨ More Redefining CyberSecurity Podcast:
What separates a great CISO from a great one? In this powerhouse conversation, Ron invites friend and cybersecurity leader Gary Hayslip, CISO at SoftBank Investment Advisers, back on the mic to discuss what it takes to lead in today's high-stakes digital world. Gary shares battle-tested insights on accountability, the evolving expectations of the CISO role, and how AI is reshaping leadership without replacing it. Gary shares stories ranging from military mishaps to enterprise-scale transformation, and makes the case for visibility, trust, and embracing change. His perspective brings clarity to the fundamental responsibilities of a CISO and the mindset required to lead with impact. Impactful Moments 00:00 – Introduction 02:00 – Defining the modern CISO as a business leader 05:45 – Why CISOs should never delegate accountability 07:30 – The danger of staying invisible 10:45 – The $40K UPS explosion mistake 15:00 – How leaders build trust in new teams 19:10 – Visibility is not micromanagement 24:30 – Staying humble while leading big 30:00 – Building “Rocky the Raccoon” internal GPT 34:30 – Hiring for AI fluency in security teams Links: Connect with our guest, Gary Hayslip: https://www.linkedin.com/in/ghayslip/ Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/
How are today's IT leaders adapting to the breakneck pace of AI and cybersecurity evolution? In this episode of The Professional Services Pursuit, host Banoo welcomes Taison Kearney, Chief Information Security Officer and Data Protection Officer at Kantata. With over two decades of experience, Taison shares how IT teams are shifting from traditional support roles to become strategic drivers in AI governance and cybersecurity leadership.This conversation offers a front-line view into the challenges and opportunities that come with AI adoption, from managing risk and “shadow AI” to building future-ready security teams and becoming a trusted advisor to clients.Key Topics Covered:The benefits and risks of enterprise AI adoptionHow the CISO role is expanding in the era of AIBuilding a proactive, secure, and AI-savvy IT cultureEarning client trust through strategic security partnershipThe specific risks facing professional services firms, and how data centralization helps mitigate them Hosted on Acast. See acast.com/privacy for more information.
The CISO role is no longer just about protecting IT assets — it's about navigating AI risks, complex regulations, and building digital trust across the enterprise. In an era where digital trust is more important than ever, how do CISOs stay ahead of evolving threats? What impact does AI have on cybersecurity and privacy compliance? And how can organizations empower every employee to contribute to ongoing digital safety? Join cybersecurity expert and former military major Aman Tara in conversation with Punit Bhatia as they explore the evolving responsibilities of CISOs in today's digital landscape. Aman shares why CISOs must think like hackers to stay ahead, how to manage emerging AI threats, and ways to ensure compliance with global data privacy laws. If you want to understand the future of cybersecurity leadership and how to foster trust in an AI-driven era, this episode is a must-watch! KEY CONVERSION 00:01:44 What is Digital Trust for Aman Tara 00:02:44 What role does the CISO play in creating Digital Trust? 00:04:59 How to manage overlap in a CISO role with privacy function 00:06:17 Do you have regular meetings with privacy counterparts? 00:08:19 Impact of AI and emerging technologies on the role of CISO 00:09:58 How Should a CISO respond when using unsafe tools and create risk in organization? 00:12:00 What can everyone do to ensure ongoing digital trust and safety? 00:15:17 Amman's Book and Personal Journey ABOUT GUEST Aman Tara is an ex-military Major and a qualified attorney. He holds an associate diploma in Software Engineering, a bachelor's degree in Life Sciences and Economics, a degree in Law, and his MBA from Iowa, USA. He is a Certified Information System Auditor, Certified Data Privacy Solutions Engineer, Certified Fraud Examiner, Certified Amazon Web Services Cloud Practitioner and a Scrum Master. He has also done a Cybersecurity course at Massachusetts Institute of Technology (MIT). After serving in the military for a decade in various combat and staff roles, he moved to the corporate world in 2011. He has worked on IT audits, IT security and Cybersecurity assessments, Third Party Risk Management projects for various Fortune 500 companies across the USA and South Asia. Presently, he is the Executive Director for one of the world's largest banks, working in their Cybersecurity department and Board of Directors of three Non-Profit Organizations based outside of the USA. He has been featured in articles overseas and invited as speaker for various US based and international seminars. He conducts workshops for corporates on stress management, hosts a live radio show every week in Texas, USA, and has also authored a book ‘Just Did It'. ABOUT HOST Punit Bhatia is one of the leading privacy experts who works independently and has worked with professionals in over 30 countries. Punit works with business and privacy leaders to create an organization culture with high privacy awareness and compliance as a business priority. Selectively, Punit is open to mentor and coach professionals. Punit is the author of books “Be Ready for GDPR' which was rated as the best GDPR Book, “AI & Privacy – How to Find Balance”, “Intro To GDPR”, and “Be an Effective DPO”. Punit is a global speaker who has spoken at over 30 global events. Punit is the creator and host of the FIT4PRIVACY Podcast. This podcast has been featured amongst top GDPR and privacy podcasts. As a person, Punit is an avid thinker and believes in thinking, believing, and acting in line with one's value to have joy in life. He has developed the philosophy named ‘ABC for joy of life' which passionately shares. Punit is based out of Belgium, the heart of Europe. RESOURCES Websites www.fit4privacy.com,www.punitbhatia.com, https://www.linkedin.com/in/aman-tara-cisa-cdpse-cfe-b6095483/ Podcast https://www.fit4privacy.com/podcast Blog https://www.fit4privacy.com/blog YouTube http://youtube.com/fit4privacy
In this powerful episode of Life of a CISO, Dr. Eric Cole sits down with cybersecurity thought leader Chuck Brooks—one of the industry's original influencers—to uncover how the past, present, and future of cybersecurity are being shaped by leadership, emerging technology, and real-world experience. From working with President Reagan to helping stand up the Department of Homeland Security, Chuck shares stories that reveal the critical role CISOs play in national security, business resilience, and global collaboration. Together, Dr. Cole and Chuck Brooks dive into the importance of soft skills for cybersecurity executives, why cyber is no longer a cost center but a business enabler, and how today's leaders must understand risk, policy, and communication as much as technology. They also explore the evolving role of zero trust, disruptive technologies like AI and quantum, and how professionals can brand themselves to stand out in a crowded field. Whether you're a seasoned CISO or a cybersecurity manager looking to grow, this episode will expand your thinking—and inspire your next move.
Google says ‘Big Sleep' AI tool found bug hackers planned to use Google fixes actively exploited sandbox escape zero day in Chrome China's cyber sector amplifies Beijing's hacking of U.S. targets Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO.
Send us a textWith Paul away, Join K and Ralph on a riotous discussion of personal integrity and what positions we can work with and for - with regulators and industry cross pollinating individuals and resources. Can regulators remain ethical and independent, when we rely on skills and abilities for industry?Also, a week of news in Privacy and Data Protection with a round up of EU, UK, US and beyond news, cases, regulations and standards - including age verification, censorship, EU AI Act, privacy preserving advertising, freedom of speech laws and new developments across the globe! If you have comments or questions, find us on LinkedIn and Instagram @seriousprivacy, and on BlueSky under @seriousprivacy.eu, @europaulb.seriousprivacy.eu, @heartofprivacy.bsky.app and @igrobrien.seriousprivacy.eu, and email podcast@seriousprivacy.eu. Rate and Review us! From Season 6, our episodes are edited by Fey O'Brien. Our intro and exit music is Channel Intro 24 by Sascha Ende, licensed under CC BY 4.0. with the voiceover by Tim Foley.
Pentagon welcomes Chinese engineers into its environment HazyBeacon: It's not a beer, but it leaves a bitter aftertaste What the world needs now is another framework Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO.
As health systems intensify efforts to modernize infrastructure, the risks associated with technical debt, fragmented applications, and over reliance on cloud and AI tools are becoming more pronounced. For Darrell Keeling, PhD, Senior Vice President of IT and CISO at Parkview Health, navigating this minefield requires not only technical insight but also business acumen and […] Source: Technical Debt Must be Tackled, but Cloud & AI Bring their Own BCP Challenges, Says Parkview Health CISO on healthsystemcio.com - healthsystemCIO.com is the sole online-only publication dedicated to exclusively and comprehensively serving the information needs of healthcare CIOs.
In this week's episode, it's time to share insights and lessons learned from self-hosting stuff at home! We'll talk about the why and the what, and also some stuff that didn't work at all. You'll also hear about how to best service workloads from home, and what sort of equipment is needed.(00:00) - Intro and catching up.(04:04) - Show content starts.Show links- Cloudflare Tunnel- Jussi's ipecho service- Give us feedback!
In dieser Folge sprechen wir mit Annette Hamann, CIO bei Beiersdorf, über die Rolle von IT und Security im Spannungsfeld zwischen technologischem Fortschritt, neuen Risiken und organisationalem Wandel. Ein weiterer Schwerpunkt liegt auf dem Einsatz von KI in verschiedenen Geschäftsbereichen sowie auf konkreten Maßnahmen zur Förderung von Diversität in der IT.
Moin aus Osnabrück und herzlich willkommen zur 33. Folge vom Update. Diesmal hat Ulf den Backup-Experten Christian van Eickelen zu Gast. Gemeinsam sprechen die beiden – wie könnte es anders sein – über das oft unterschätzte Thema Backup. Denn leider wird genau dieses Thema in vielen Unternehmen erst dann ernst genommen, wenn es schon zu spät ist. Um dem vorzubeugen und die Cyber-Sicherheit in Unternehmen grundsätzlich zu stärken, wurde die europäische NIS2-Richtline ins Leben gerufen. Was NIS2 mit Backups zu tun hat und wie eine gute Backup Strategie aussieht, erfährst Du in dieser Folge.
A importância das ferramentas em cibersegurança: custo ou investimento? Neste episódio do RedCast, os convidados discutem sobre como hoje muitos CISOs ainda se deparam com a resistência de executivos e conselhos ao falarem sobre a aquisição de ferramentas e soluções de cibersegurança. Isso acontece porque alguns tomadores de decisão ainda enxergam ferramentas de cyber como custo e não como investimento. Como CISOs podem ajudar empresas a compreenderem a importância dos investimentos em cibersegurança? E como medir o retorno sobre esse investimento? Matheus Borges e Marcos Sena, gerente de SOC da Redbelt Security, debateram o assunto com João Gilberto Passos, CISO na Brasilseg, e Ricardo Passos, gerente de segurança cibernética no will bank.
A DOGE employee leaks private API keys to GitHub. North Korea's “Contagious Interview” campaign has a new malware loader. A New Jersey diagnostic lab suffers a ransomware attack. A top-grossing dark web marketplace goes dark in what experts believe is an exit scam. MITRE launches a cybersecurity framework to address threats in cryptocurrency and digital financial systems. Experts fear steep budget cuts and layoffs under the Trump administration may undermine cybersecurity information sharing. A Maryland IT contractor settles federal allegations of cyber fraud. Kim Jones and Ethan Cook reflect on CISO perspectives. A crypto hacker goes hero and gets a hefty reward. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today Kim Jones, host of CISO perspectives, sits down with N2K's analyst Ethan Cook to reflect on highlights from this season of CISO Perspectives. They revisit key moments, discuss recurring themes like the cybersecurity workforce gap, and get Ethan's outsider take on the conversations. It's all part of a special wrap-up to close out the season finale. If you like this conversation and want to hear more from CISO Perspectives, check it out here. Selected Reading DOGE Employee exposes AI API Keys in source code, giving access to advanced xAI models (Beyond Machines) DOGE Denizen Marko Elez Leaked API Key for xAI (Krebs on Security) North Korean Actors Expand Contagious Interview Campaign with New Malware Loader (Infosecurity Magazine) Avantic Medical Lab hit by ransomware attack, data breach (Beyond Machines) Abacus Market Shutters After Exit Scam, Say Experts (Infosecurity Magazine) MITRE Unveils AADAPT Framework to Tackle Cryptocurrency Threats (SecurityWeek) How Trump's Cyber Cuts Dismantle Federal Information Sharing (BankInfo Security) UK launches vulnerability research program for external experts (Bleeping Computer) Federal IT contractor to pay $14.75 fine over ‘cyber fraud' allegations (The Record) Crypto Hacker Who Drained $42,000,000 From GMX Goes White Hat, Returns Funds in Exchange for $5,000,000 Bounty (The Daily Hodl) Audience Survey Complete our annual audience survey before August 31. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
Join host Emily Wearmouth for the very special episode of Security Visionaries recorded live at Infosecurity Europe. She's joined by Holly Foxcroft, Ian Golding, and Rich Davis to discuss the crucial conversations CISOs need to have with their CEOs this year. The episode dives into four key areas: cost, risk, innovation, and AI, offering insights and exploring the differing perspectives between tech leaders and CEOs.
From 2023 to 2024, ransomware has seen a 67 percent jump, with an average payment of $2 million and another $2.7 million in recovery costs for most companies that are hit by an attack. Fortunately, there are multiple steps businesses can take to lower the risk of being a victim. In this episode, Adam Keown, global CISO at Eastman, joins host Heather Engel to discuss threat intelligence. • For more on cybersecurity, visit us at https://cybersecurityventures.com
And, here's part 2 of our annual Verizon Data Breach Investigations Report (DBIR) review! What's in the rest of the 2025 report? Let's find out with your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.
EU states to test age verification app (Reuters) AAR pledges to start fixing 20-year old vulnerability next year (Security Week) Grok-4 jailbroken in two days (Infosecurity Magazine) DoD awards contracts for agentic AI (Reuters) eSIM vulnerability exposes billions of IoT devices (Infosecurity Magazine) UK launches Vulnerability Research Initiative (Bleeping Computer) Interlock ransomware using FileFix for malware (Bleeping Computer) Disinformation groups spoofs European journalists (The Record) Elmo gets hacked (AP News) Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO.
In this episode of Automox's CISO IT Podcast, host Jason Kikta returns from Black Hat and DEF CON in Las Vegas to discuss one of the most talked-about IT events of the summer, and what it truly reveals about automation in IT. Contrary to popular fearmongering, Jason argues that the incident isn't a cautionary tale against automation but a clear call for more thoughtful automation.Jason breaks down why automation, when paired with rigorous testing and strategic controls, is critical to modern IT and cybersecurity success. He challenges listeners to rethink what IT efficiency really means—not job cuts, but freeing teams to tackle the backlog and do more meaningful work. He wraps with a personal challenge: find and automate one tedious task this week using tools like Automox, Okta workflows, or your own scripts.This episode originally aired September 12, 2024
CISA gives one day for Citrix Bleed 2 fix Google Gemini flaw hijacks email summaries for phishing Louis Vuitton says UK customer data stolen in cyber-attack Huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com/CISO. Find the stories behind the headlines at CISOseries.com.
Quantifying cyber risk is now a necessity for businesses navigating the evolving threat landscape. In this episode of the Risk Management Show, we discussed why quantifying cyber risk is the new imperative for businesses. Our guest, Asdrúbal Pichardo, CEO of Squalify—a cyber risk quantification platform backed by Munich Reinsurance—shares how their top-down approach to cyber risk quantification is transforming the way companies prioritize cybersecurity investments and communicate with boards. We explored real-world examples, common pitfalls in cybersecurity investment, and how benchmarking cyber posture can elevate your strategy. If you're a Chief Risk Officer, CISO, or CFO looking to align strategies and speak the same language about cyber security and risk management, this episode provides the insights you need. Plus, learn about Squalify's CRQ readiness assessment tool and how it supports organizations in making informed decisions. Please check the Squalify's CRQ Readiness Assessment https://squalify.fillout.com/t/5dGf2f8tmcus If you want to be our guest or suggest a guest, send your email to info@globalriskconsult.com with the subject line "Guest Proposal."
Send us a textThe medieval castle with its moat, high walls, and sentries provides the perfect metaphor for modern cybersecurity. Just as each defensive element served a specific purpose in protecting the castle, today's information security requires multiple layers working in concert to safeguard digital assets.Shon Gerber opens this episode with a timely discussion of the UnitedHealthcare ransomware attack, which reportedly cost $22 million and sparked controversy around the CISO's qualifications. This real-world example perfectly frames the importance of defense in depth strategies that could have prevented such a catastrophic breach.The core of defense in depth involves implementing multiple security controls that protect various aspects of information systems. Shon walks through each layer, starting with perimeter security (firewalls, IDS/IPS systems), moving to access controls and data security (encryption, DLP), and continuing through system hardening and detection mechanisms. Each layer serves two crucial purposes: stopping attackers altogether or, at minimum, slowing them down enough that they move on to easier targets.Particularly enlightening is Shon's breakdown of abstraction in security - how operating systems, networking protocols, databases, and APIs hide complexity from users while maintaining protection. This concept extends to data hiding techniques like steganography, tokenization, and encryption that conceal sensitive information from prying eyes.The episode concludes with an examination of secure defaults - the principle that systems should ship with security enabled rather than requiring manual configuration. Shon provides practical guidance on implementing secure defaults and overcoming common challenges like vendor limitations and legacy systems.Whether you're studying for the CISSP exam or looking to strengthen your organization's security posture, this episode delivers actionable insights on building robust, multi-layered defense strategies that balance protection with usability. Visit CISSP Cyber Training for additional resources, including practice questions and comprehensive study materials.Gain exclusive access to 360 FREE CISSP Practice Questions delivered directly to your inbox! Sign up at FreeCISSPQuestions.com and receive 30 expertly crafted practice questions every 15 days for the next 6 months—completely free! Don't miss this valuable opportunity to strengthen your CISSP exam preparation and boost your chances of certification success. Join now and start your journey toward CISSP mastery today!
In this must-listen episode of the KuppingerCole Analyst Chat, Matthias Reinwarth is joined by Jonathan Care to explore a groundbreaking shift in cybersecurity leadership. Discover how CISOs are transforming from traditional gatekeepers, the infamous "Dr. No", into strategic business enablers through the principles of Servant Leadership. We dive deep into: Why the CISO role is evolving beyond technology and policy The pitfalls of autocratic security leadership and rising burnout How empowering teams builds trust, reduces shadow IT, and accelerates projects Real-world examples from global organizations proving this approach works Practical first steps for CISOs to start leading through influence, not fear Key Takeaway: Security isn’t just about tech, it’s about people and culture. Servant leadership helps build stronger security and stronger businesses.
Ann-Nina is geopolitiek communicatie expert met ervaring bij grote bedrijven als Ikea en Eon en was daarnaast adviseur aan president Zelensky.Communicatie en security hebben meer met elkaar gemeen dan je misschien denkt.Deze aflevering geeft een unieke inkijk in waarom het voor bedrijven soms zo moeilijk is om communicatie tijdens een crisis goed te doen. Hoe we verzanden van "green washing" in inmiddels "soeverein washing". Zij verteld hoe je als CISO kunt zorgen dat je nauw samenwerkt met communicatie op een zo effectief mogelijke manier. En dat heeft alles te maken met snelheid, transparantie, integriteit en je verantwoordelijkheid nemen.Verder hebben we het over de (on)zin van mission statements en crisisscenario's.Een volle aflevering met waardevolle informatie voor ons allemaal dus!
Anuncian la creación del clúster de inteligencia artificial de Monterrey | Santander estrena en México retiros contactless en cajeros | Checkpoint Systems abre planta de etiquetas RFID en Ciudad de México | Nvidia, la primera en rebasar $4 billones de dólares en valor de mercado | Así lo dijo el gerente sénior de Ingeniería de ventas para AL de Sophos, Rodolfo Castro | El Ayuntamiento de Tlajomulco (Jalisco) es una de las historias innovadoras | Carlos Bravo, CISO de Spin (Femsa), nos da el IT Masters Insight
In this must-listen episode of the KuppingerCole Analyst Chat, Matthias Reinwarth is joined by Jonathan Care to explore a groundbreaking shift in cybersecurity leadership. Discover how CISOs are transforming from traditional gatekeepers, the infamous "Dr. No", into strategic business enablers through the principles of Servant Leadership. We dive deep into: Why the CISO role is evolving beyond technology and policy The pitfalls of autocratic security leadership and rising burnout How empowering teams builds trust, reduces shadow IT, and accelerates projects Real-world examples from global organizations proving this approach works Practical first steps for CISOs to start leading through influence, not fear Key Takeaway: Security isn’t just about tech, it’s about people and culture. Servant leadership helps build stronger security and stronger businesses.
Please enjoy this encore of Career Notes. Director of Google Cloud's Office of the CISO, MK Palmore, dedicated much of his life to public service and now brings his experience working for the greater good to the private sector. A graduate of the US Naval Academy, including the Naval Academy Prep School that he calls the most impactful educational experience of his life, MK commissioned into the US Marine Corps following his service academy time. He joined the FBI and that is where he came into the cybersecurity realm. MK is passionate about getting more diversity, equity and inclusion into industry. We thank MK for sharing his story with us. Learn more about your ad choices. Visit megaphone.fm/adchoices
Please enjoy this encore of Career Notes. Director of Google Cloud's Office of the CISO, MK Palmore, dedicated much of his life to public service and now brings his experience working for the greater good to the private sector. A graduate of the US Naval Academy, including the Naval Academy Prep School that he calls the most impactful educational experience of his life, MK commissioned into the US Marine Corps following his service academy time. He joined the FBI and that is where he came into the cybersecurity realm. MK is passionate about getting more diversity, equity and inclusion into industry. We thank MK for sharing his story with us. Learn more about your ad choices. Visit megaphone.fm/adchoices
DailyCyber The Truth About Cyber Security with Brandon Krieger
Inside IR and AI with Paul Caron | DailyCyber 267 ~ Watch Now ~In today's DailyCyber Podcast, I'm joined by Paul Caron, Head of Cyber Security, Americas at S-RM.Paul brings over 20 years of experience across military intelligence, counterterrorism, and cybersecurity leadership—including senior roles at PwC and as Managing Director of Incident Response at a global consulting firm. We dive deep into Incident Response realities and how AI is reshaping the security landscape.
Send us a textPlease join us for our 250th episode, celebrating 5 and a half years of privacy, data protection, cyber law education and hot topics with hosts Paul Breitbarth, Ralph O'Brien, and Dr. K Royal. If you have comments or questions, find us on LinkedIn and Instagram @seriousprivacy, and on BlueSky under @seriousprivacy.eu, @europaulb.seriousprivacy.eu, @heartofprivacy.bsky.app and @igrobrien.seriousprivacy.eu, and email podcast@seriousprivacy.eu. Rate and Review us! From Season 6, our episodes are edited by Fey O'Brien. Our intro and exit music is Channel Intro 24 by Sascha Ende, licensed under CC BY 4.0. with the voiceover by Tim Foley.
Link to episode page This week's Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Jim Bowie, vp, CISO, Tampa General Hospital Thanks to our show sponsor, Vanta Do you know the status of your compliance controls right now? Like…right now? We know that real-time visibility is critical for security, but when it comes to our GRC programs…we rely on point-in-time checks. But more than 9,000 companies have continuous visibility into their controls with Vanta. Vanta brings automation to evidence collection across over 35 frameworks, like SOC 2 and ISO 27001. They also centralize key workflows like policies, access reviews, and reporting, and helps you get security questionnaires done 5 times faster with AI. Now that's…a new way to GRC. Get started at Vanta.com/headlines All links and the video of this episode can be found on CISO Series.com
How can you approach your company's leadership to advocate for best security practices? Megan dives into a BIA (Business Impact Analysis) breakdown with triple guest features from FRSecure's Consulting Team. Mea Yang, Coral Morgan, and Kathryn Frickstad-Olson recall client trumphs and challenges they have witnessed with implementing BIAs.Whether you need a 101 course in BIA Practices, want a little guidance with a company conversation, or simply want to learn more about a BIA's purpose and value, this episode is for you!Access our free BIA Starter Kit by downloading today!FRSecure BIA Starter Kit--As always, let us know what you'd like to see next! Send your thoughts to unsecurity@frsecure.com. Follow for more!LinkedIn: FRSecure Instagram: FRSecureOfficial Facebook: FRSecure BlueSky: FRSecureAbout FRSecure: https://frsecure.com/ FRSecure is a mission-driven information security consultancy headquartered in Minneapolis, MN. Our team of experts is constantly developing solutions and training to assist clients in improving the measurable fundamentals of their information security programs. These fundamentals are lacking in our industry, and while progress is being made, we can't do it alone. Whether you're wondering where to start, or looking for a team of experts to collaborate with you, we are ready to serve.
All links and images can be found on CISO Series. Check out this post for the discussion that is the basis of our conversation on this week's episode co-hosted by me, David Spark, the producer of CISO Series, and Edward Contreras, senior evp and CISO, Frost Bank. Joining us is David Cross, CISO, Atlassian. In this episode: The experience prerequisite The bootcamp reality check The compensation conundrum The domain expertise imperative A huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com.
In today's digital world, trust is everything. But what does digital trust really mean? And how do security leaders like CISOs help build it while working with privacy teams?In this insightful trailer episode of the FIT4PRIVACY Podcast, cybersecurity expert Aman Tara joins host Punit Bhatia to break down the evolving role of the Chief Information Security Officer. You'll learn how CISOs protect company data, follow privacy laws, and work closely with privacy teams to keep personal information safe and hear how regular meetings and teamwork between security and privacy experts help stop threats before they happen—especially with new technologies like artificial intelligence changing the game. If you want to understand how companies keep your data safe and build trust in a digital world, this episode is for you! This is an extract from the full episode of The FIT4PRIVACY Podcast. If you like this, you will enjoy the full episode. If this is your first time, the FIT4PRIVACY Podcast is a privacy podcast for those who care about privacy. In this podcast, you listen to and learn from the industry influencers who share their ideas. The episodes are released as audio every Wednesday and video every Thursday. If you subscribe to our podcast, you will be notified about new episodes. If you have not done so, write a review and share it with someone who will benefit. RESOURCES Websites www.fit4privacy.com, www.punitbhatia.com, https://www.linkedin.com/in/aman-tara-cisa-cdpse-cfe-b6095483/ Podcast https://www.fit4privacy.com/podcast Blog https://www.fit4privacy.com/blog YouTube http://youtube.com/fit4privacy
In this episode of Life of a CISO, Dr. Eric Cole sits down with cybersecurity expert and fellow podcaster Christophe Foulon to dive deep into the evolving role of the Chief Information Security Officer. From breaking into cybersecurity to leading organizations through strategic risk decisions, Christophe shares real-world insights on how to transition from technical roles to executive leadership. They explore the challenges of balancing hands-on work with high-level strategy, how to communicate with business leaders without getting lost in technical jargon, and how to manage burnout while building organizational resilience. Christophe also tackles major topics like AI, zero trust, cyberwarfare, and BYOD policies, offering practical advice for today's and tomorrow's CISOs. If you're aiming to elevate your cybersecurity career or want to understand how top leaders think, this episode is packed with guidance, clarity, and perspective.
When Nathan Winters led a supply chain team earlier in his career, he noticed something that would shape his leadership style: “The credibility you get by the operating leaders when they see you out in the field… is incredibly important.” Whether visiting customers, walking a manufacturing floor, or sitting in on operating meetings, Winters found that physical presence fostered trust—and that trust gave finance a real seat at the table.Today, as CFO of Zebra Technologies, Winters continues to emphasize business partnership grounded in proximity to operations. In the four years since he stepped into the CFO seat, Zebra has weathered post-COVID surges, global supply chain disruptions, and enterprise restructuring. The company's product footprint—often “hidden in plain sight,” from grocery checkout scanners to hospital wristbands—has expanded to include robotics and machine vision, Winters tells us.He's also broadened his own remit, taking on IT and cybersecurity leadership, including oversight of both the CIO and CISO. In that time, Zebra has reduced China-based production from 80% to 30% and introduced new AI capabilities like “Zebra Companion” to automate shelf management for retailers. Internally, Zebra launched a private LLM instance—“Z-GPT”—to streamline tasks from expense report queries to sales presentations.“Your job isn't to just close the books,” Winters tells us. “If you're not analyzing… finding new ways to think about things… you're getting passed up.” At Zebra, finance is not just a control function—it's a strategic force embedded in every operational stride.
Is security an afterthought in your Flutter projects? In a world where a single breach can cost millions and destroy user trust, every developer needs a solid foundation in security.In this episode of Flying High with Flutter, Allen Wyma sits down with seasoned software developer, trainer, and acclaimed author Laurențiu Spilcă to demystify application security. While Laurențiu's background is deep in the Java/Spring world, the principles he shares are universal and essential for any developer building modern applications.We dive deep into the "why" and "how" of securing your apps, from the initial authentication flow to the communication between your backend services.Timecodes:00:00 - Meet Laurențiu Spilcă & Why Security Can't Be an Afterthought06:16 - The Role of a CISO and Preventing Disasters like the log4j Vulnerability14:09 - The Future is Passwordless30:41 - Understanding OAuth2, OpenID Connect, and Why PKCE is CRITICAL for Mobile Apps41:45 - What is TLS? Why Your App Needs More Than Just HTTPS52:03 - Mutual TLS (mTLS): Securing Communication Between Your MicroservicesGET THE BOOK!
Today, we'll talk about AVNM, or Azure Virtual Network Manager, with insights from Microsoft's Jack Tracey. What is it, and why do you need it? We talk about mesh networks, routing, IP address management, AVNM with Azure Landing Zones, and more!(00:00) - Intro and catching up.(05:08) - Show content starts.Show links- What is AVNM?- Frequently asked questions about Azure Virtual Network Manager | Microsoft Learn- Azure Virtual Network Manager in Azure landing zones - Cloud Adoption Framework | Microsoft Learn- Give us feedback!
All links and images can be found on CISO Series. This week's episode is hosted by me, David Spark, producer of CISO Series and Edward Contreras, senior evp and CISO, Frost Bank. Joining us is Anthony Candeias, CISO, Weight Watchers. In this episode: AI agents require structured supervision, not autonomy Hiring for potential over credentials in cybersecurity AppSec training effectiveness depends on organizational relevance AI oversight requires purpose-built models, not general solutions A huge thanks to our sponsor, Vanta Vanta's Trust Management Platform helps 10k+ companies—like Atlassian, Quora, and Chili Piper—start and scale their security programs and build trust with buyers. Vanta saves security teams time and improves program visibility by automating 35+ compliance frameworks, such as SOC 2 and ISO 27001, and GRC workflows, like risk management. Get started at Vanta.com/CISO
Send Bidemi a Text Message!In this episode, host Bidemi Ologunde spoke with Jerod Brennen, an Executive Advisor, Cybersecurity Career Coach, and vCISO at SideChannel. The conversation touched on a wide variety of cybersecurity concepts including the role and use of storytelling as a security tool; the 2025 cyber threat landscape; AI as a friend or enemy; data privacy gray zones, and lots more.Support the show
This week, Steph & Ash keep the Tampa Bay Tech PoweredUp series rolling with a fun and insightful chat with Doug Fee, Chief Information Security Officer at Moffitt Cancer Center. We explore the complex tech challenges facing the healthcare world, including the vital role cybersecurity plays in protecting patients and their data. Doug also breaks […] The post Bold Moves in Healthcare Tech with Moffitt’s CISO appeared first on Radio Influence.
All posts and images can be found on CISO Series. Check out this post for the discussion that is the basis of our conversation on this week's episode co-hosted by me, David Spark, the producer of CISO Series, and Geoff Belknap. Joining us is Steve Knight, former CISO, Hyundai Capital America. In this episode: Streamlining vendor evaluations Moving beyond compliance theater The scorecard skeptics Finding the right balance Thanks to our sponsor, Formal Formal secures humans, AI agent's access to MCP servers, infrastructure, and data stores by monitoring and controlling data flows in real time. Using a protocol-aware reverse proxy, Formal enforces least-privilege access to sensitive data and APIs, ensuring AI behavior stays predictable and secure. Visit joinformal.com to learn more or schedule a demo.
In this episode of The New CISO, host Steve Moore speaks with Aleksandar Radosavljevic, Global CISO at Global Fashion Group, about building trust, measuring resilience, and the evolving role of the security leader.Aleksandar shares how his unexpected pivot from electrical engineering to cybersecurity sparked a passion for protecting systems and solving problems. With over two decades of experience across pharma, manufacturing, and tech, he offers insights into how security leaders can establish trust, drive business value, and focus on what really matters.The conversation covers the art of starting strong in a new CISO role, navigating interviews with curiosity and care, and avoiding common traps like overcomplicating metrics or chasing the latest tools without mastering the basics.Key Topics Covered:Why pharma's mission-driven work made a lasting impact on AleksandarCareer advice for cybersecurity newcomers: follow learning, not just industryHow CISOs can build early trust by listening and understanding the businessRed flags and green lights during the CISO interview processWhy being challenged in an interview signals a healthy security cultureThe problem with vanity metrics—and what to track insteadAleksandar's favorite KPIs: time to detect, respond, and contain incidentsThe role of situational awareness in building cyber resilienceHow simplifying language helps CISOs align with executive teamsWhy mandate and mindset matter more than reporting linesAleksandar's story is a reminder that cybersecurity leadership is about more than tools and tactics—it's about trust, transparency, and transforming security from a blocker into a true business enabler.
In this episode of Life of a CISO, Dr. Eric Cole welcomes Michael Coates, a seasoned cybersecurity expert with over 20 years of experience. Michael shares his journey from working as a legal hacker to becoming Twitter's first Chief Information Security Officer (CISO), and later founding his own data security company. They discuss how core cybersecurity principles remain constant despite evolving technologies and threats, emphasizing the importance of mastering fundamentals while adapting to new contexts like cloud and AI. Michael offers practical advice for aspiring CISOs, highlighting the value of diverse security experience, business acumen—such as understanding finance and sales—and the ability to balance risk with business needs. He stresses the importance of building strong teams, effective communication with executives, and partnering closely with legal to manage liability. The conversation also touches on optimal reporting structures for CISOs and reframing security as a business enabler rather than a roadblock. Ultimately, Michael advocates for transparent risk communication and thoughtful preparation as keys to successful security leadership.
Send us a textOn this episode of Serious Privacy, Paul Breitbarth and Dr. K Royal connect with the Honorable Monique Priestley, Vermont Representative (website https://moniqueforvermont.com/). The topic - the Age Appropriate Design Code Act (VAADCA) just passed! If you have comments or questions, find us on LinkedIn and Instagram @seriousprivacy, and on BlueSky under @seriousprivacy.eu, @europaulb.seriousprivacy.eu, @heartofprivacy.bsky.app and @igrobrien.seriousprivacy.eu, and email podcast@seriousprivacy.eu. Rate and Review us! From Season 6, our episodes are edited by Fey O'Brien. Our intro and exit music is Channel Intro 24 by Sascha Ende, licensed under CC BY 4.0. with the voiceover by Tim Foley.
Here we are, a bit more than halfway through the year. How's your execution against your strategy going? Roiled by the economy? Disrupted by tariffs? Thrown off by staff retirements? If you built a proper technology strategy in the first place, driven by the business strategy, then no matter what is happening don't ignore it,... Read more »
All links and images can be found on CISO Series. Check out this post for the discussion that is the basis of our conversation on this week's episode co-hosted by me, David Spark, the producer of CISO Series, and Mike Johnson, CISO, Rivian. Joining us is Anne Marie Zettlemoyer, former vp of security, Activision Blizzard. In this episode SOC automation: Moving beyond alert fatigue The entry-level security talent reality Learning from security incidents without blame Evaluating security vendor viability and partnerships A huge thanks to our sponsor, ThreatLocker ThreatLocker® is a global leader in Zero Trust endpoint security, offering cybersecurity controls to protect businesses from zero-day attacks and ransomware. ThreatLocker operates with a default deny approach to reduce the attack surface and mitigate potential cyber vulnerabilities. To learn more and start your free trial, visit ThreatLocker.com.
WE NEED YOU! Our 2025 listener survey is now live, and we'd love to hear from you. Whether you've been with us from episode one or just joined the chaos, your feedback will make the show even better.