POPULARITY
Jim Richberg, Head of Cyber Policy and Global Field CISO at Fortinet rejoins the show for a timely discussion on the fast-evolving landscape of artificial intelligence and we unpack AI's unprecedented energy demands, its implications on national infrastructure, and the critical cybersecurity considerations government agencies must navigate in this new era. Jim also shares his "Three Rules for Government Technology Transformation," and we explore why education and clear procurement strategies are vital to responsible AI rollout in public sector programs.
In a new episode of This Much I Know, Carlos's guest is Dr Melanie Garson, an associate professor at UCL and expert in cyber policy and geopolitics. Together they discuss critical issues in the current geopolitical and defence systems, including the evisceration of the US civil service, reactive politics, and the role of technology companies as geopolitical actors. Dr Garson emphasizes the importance of interdisciplinary approaches, stress-tested technology rollouts, and the holistic view of future defence strategies. She highlights the information domain as another critical area, where misinformation and disinformation can proliferate and destabilize, underpinning the need for robust measures to counteract these threats. The conversation explores the strategic role of tech in geopolitics, the evolving nature of warfare, and the potential for innovation and international cooperation within the defence industry. Dr Garson also shares her views on the importance of building secure digital economies and engaging meaningfully with emerging technologies for long-term future defence capabilities. Looking to the future, Dr Garson predicts the emergence of new industry players and the potential for existing companies to re-engage with defence manufacturing. She remains optimistic that the industry will recognize the value of entrepreneurs and facilitate environments where innovation can thrive alongside traditional primes. Show Notes: Dr Melanie Garson linkedin.com/in/melaniegarson/ Carlos Espinal linkedin.com/in/carloseduardoespinal/ Dr Melanie Garson - profiles.ucl.ac.uk/25481-melanie-garson institute.global/experts/melanie-garson Seedcamp - seedcamp.com
U.S. Cyber Command has been ordered to halt all planning against Russia, marking a significant shift in the country's cyber policy. This decision, directed by Defense Secretary Pete Hedgeset, comes as the focus of U.S. cybersecurity efforts pivots away from Russia and towards threats from China and other adversaries. Reports indicate that this change has raised concerns about potential vulnerabilities, especially as Russian cybercriminal groups remain active. The Cybersecurity and Infrastructure Security Agency (CISA) has denied claims that it is reducing its focus on Russian threats, asserting its commitment to defending against all cyber threats to U.S. critical infrastructure.The podcast also discusses the challenges faced by IT service providers in retaining new talent. A recent report highlights that employees with one to three years of experience have a significantly higher churn rate compared to their more experienced counterparts. This situation underscores the need for managed service providers (MSPs) to enhance their onboarding processes, career progression paths, and workplace culture to improve employee retention. Additionally, the limited role of remote work in the industry suggests that MSPs must compete on factors beyond salary, such as workplace environment and benefits.Furthermore, the episode touches on the financial performance of Enable, a key player in the MSP software market. Despite reporting a year-over-year revenue growth of 7% and transitioning a significant portion of its revenue to annual contracts, Enable's stock price plummeted by over 25% following its earnings call. Analysts have adjusted their price targets downward, indicating a lack of confidence in the market for MSP-focused software companies. This trend suggests that the dream of an IPO resurgence for such companies may be fading, with a shift towards private equity consolidation becoming more prevalent.Finally, the podcast emphasizes the importance of resilience, vendor risk management, and strategic alignment for MSPs in light of these market dynamics. As the landscape evolves, providers are encouraged to focus on enhancing their cybersecurity offerings and adapting to regulatory changes. The episode concludes with a reminder for MSPs to be proactive in their approach to business, as the days of passive compliance are over, and security and regulation are becoming critical factors in the IT services industry. Three things to know today 00:00 U.S. Cyber Policy Shifts—Providers May Need to Step Up as Government Focus Changes05:27 IT Service Providers Are Hiring—But Can They Keep Their New Talent?08:25 MSP IPOs? The Market Says No—N-able's Stock Drop Tells the Story Supported by: https://cometbackup.com/?utm_source=mspradio&utm_medium=podcast&utm_campaign=sponsorship https://getflexpoint.com/msp-radio/ Event: : https://www.nerdiocon.com/ All our Sponsors: https://businessof.tech/sponsors/ Do you want the show on your podcast app or the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/subscribe/Looking for a link from the stories? The entire script of the show, with links to articles, are posted in each story on https://www.businessof.tech/ Support the show on Patreon: https://patreon.com/mspradio/ Want to be a guest on Business of Tech: Daily 10-Minute IT Services Insights? Send Dave Sobel a message on PodMatch, here: https://www.podmatch.com/hostdetailpreview/businessoftech Want our stuff? Cool Merch? Wear “Why Do We Care?” - Visit https://mspradio.myspreadshop.com Follow us on:LinkedIn: https://www.linkedin.com/company/28908079/YouTube: https://youtube.com/mspradio/Facebook: https://www.facebook.com/mspradionews/Instagram: https://www.instagram.com/mspradio/TikTok: https://www.tiktok.com/@businessoftechBluesky: https://bsky.app/profile/businessof.tech
Keeping your information safe online is vital to protect you and your loved ones. Learn about how these cyber security apps can help guard against bad actors. Aura: https://www.aura.com/ BitWarden: https://bitwarden.com/ Contact the Agent Survival Guide Podcast! Email us ASGPodcast@Ritterim.com or call 1-717-562-7211 and leave a voicemail. Resources: Events & Webinars with Ritter Insurance Marketing: https://ritterim.com/events/ How Relationship Marketing Can Make the Difference in Your Agency: https://lnk.to/asg642 Medicare Supplements Fill the Gaps in Your Portfolio: https://ritterim.com/blog/medicare-supplements-fill-the-gaps-in-your-portfolio/ Learning to Delight in the Limelight ft. Linda Ugelow: https://lnk.to/asg644 The Guide to Making Money Selling Health Insurance FREE eBook: https://ritterim.com/making-money-selling-insurance/ References: “Best Password Manager for Business, Enterprise & Personal: Bitwarden.” Bitwarden, https://bitwarden.com/. Accessed 28 Jan. 2025. “Intelligent Digital Safety for the Whole Family.” Aura, https://www.aura.com/. Accessed 28 Jan. 2025. Fragoso, Jason. “Is Identity Guard Legit? What You Need to Know.” Aura, Aura, 22 Nov. 2024, https://www.aura.com/learn/is-identity-guard-legit. “Healthcare Data Breach Statistics.” HIPAA Journal, https://www.hipaajournal.com/healthcare-data-breach-statistics/. Accessed 30 Jan. 2025. “More than 1.7 Billion Individuals Had Personal Data Compromised in 2024.” HIPAA Journal, https://www.hipaajournal.com/1-7-billion-individuals-data-compromised-2024/. Accessed 30 Jan. 2025. “Why Medical Records Are 10 Times More Valuable than Credit Card Info.” Why Medical Records Are 10 Times More Valuable Than Credit Card Info, Cyber Policy, https://www.cyberpolicy.com/cybersecurity-education/why-medical-records-are-10-times-more-valuable-than-credit-card-info. Accessed 30 Jan. 2025. Follow Us on Social! Ritter on Facebook, https://www.facebook.com/RitterIM Instagram, https://www.instagram.com/ritter.insurance.marketing/ LinkedIn, https://www.linkedin.com/company/ritter-insurance-marketing TikTok, https://www.tiktok.com/@ritterim X (fka) Twitter, https://twitter.com/RitterIM and Youtube, https://www.youtube.com/user/RitterInsurance Sarah on LinkedIn, https://www.linkedin.com/in/sjrueppel/ Instagram, https://www.instagram.com/thesarahjrueppel/ and Threads, https://www.threads.net/@thesarahjrueppel Tina on LinkedIn, https://www.linkedin.com/in/tina-lamoreux-6384b7199/ Not affiliated with or endorsed by Medicare or any government agency.
Welcome to the Data Security Decoded podcast, brought to you by Rubrik Zero Labs. In each episode, we discuss cybersecurity with thought leaders and industry experts, getting their take on trends, themes, and how they see data security evolving. This is a must-listen for security and IT leaders looking to better understand trends shaping data security and how they can achieve cyber resilience. In this episode, our host, Travis Rosiek, Public Sector CTO at Rubrik, is joined by Nicole Tisdale, Founder of Advocacy Blueprints, former Director of Legislative Affairs for the National Security Council, and author of Right to Petition. Nicole shares her journey from rural Mississippi to national security leadership, offering insights into cybersecurity equity, workforce development, and public policy's critical role in addressing underserved communities' unique challenges.
Guest: Ravi Nayyar, PhD Scholar, The University Of SydneyOn LinkedIn | https://www.linkedin.com/in/stillromancingwithlife/At AISA AU Cyber Con | https://melbourne2024.cyberconference.com.au/speakers/ravi-nayyar-uyhe3Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast & Audio Signals PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesThe discussion begins with a unique and lighthearted analogy: comparing cybersecurity professionals to superheroes. Marco draws parallels to characters like “The Avengers” and “Deadpool,” describing them as defenders of our digital world. Ravi builds on this playful yet thought-provoking metaphor, likening the fight against cybercriminals to epic battles against villains, highlighting the high stakes of cybersecurity in critical systems.The Cyber Zoo: Ravi Nayyar's Research FocusRavi introduces his research, focusing on the regulation of cyber resilience within critical infrastructure, particularly the software supply chain. Using the metaphor of a “zoo,” he paints a vivid picture of the cybersecurity ecosystem, where diverse stakeholders—government bodies, infrastructure operators, and software vendors—must coexist and collaborate. His work delves into how companies can be held accountable for their cyber practices, aiming to secure national and global systems.The Role of Humans in CybersecurityAt the heart of cybersecurity, Ravi emphasizes, is the human element. His research highlights the need for incentivizing all players—critical infrastructure operators, software developers, and even end users—to embed secure practices into their operations. It's not just about rules and frameworks but about fostering a culture of responsibility and collaboration in an interconnected world.The Case for Stronger Cyber LawsRavi critiques the historically relaxed approach to regulating software security, particularly for critical systems, and advocates for stronger, standardized laws. He compares cybersecurity frameworks to those used for medical devices, which are rigorously regulated for public safety. By adopting similar models, critical software could be held to higher standards, reducing risks to national security.Global Cooperation and the Fight Against Regulatory ArbitrageThe discussion shifts to the need for international collaboration in cybersecurity. Ravi underscores the risk of regulatory arbitrage, where companies exploit weaker laws in certain regions to save costs. He proposes global coalitions and standardization bodies as potential solutions to ensure consistent and robust security practices worldwide.Incentivizing Secure PracticesDelving into the practical side of regulation, Ravi discusses ways to incentivize companies to adopt secure practices. From procurement policies favoring vendors with strong cybersecurity commitments to the potential for class action lawsuits, the conversation explores the multifaceted strategies needed to hold organizations accountable and foster a safer digital ecosystem.Closing Thoughts: Collaboration for a Safer Digital WorldSean, Marco, and Ravi wrap up the episode by emphasizing the critical need for cross-sector collaboration—between academia, industry, media, and government—to tackle the evolving challenges of cybersecurity. By raising public awareness and encouraging proactive measures, they highlight the importance of a unified effort to secure our digital infrastructure.____________________________This Episode's SponsorsThreatlocker: https://itspm.ag/threatlocker-r974____________________________ResourcesThe theory of saving the world: Intervention requests and critical infrastructure: https://melbourne2024.cyberconference.com.au/sessions/session-eI6eYNriflLearn more and catch more stories from Australian Cyber Conference 2024 coverage: https://www.itspmagazine.com/australian-cyber-conference-melbourne-2024-cybersecurity-event-coverage-in-australiaBe sure to share and subscribe!____________________________Catch all of our event coverage: https://www.itspmagazine.com/technology-cybersecurity-society-humanity-conference-and-event-coverageTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastTo see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcastWant to tell your Brand Story Briefing as part of our event coverage?Learn More
Guest: Ravi Nayyar, PhD Scholar, The University Of SydneyOn LinkedIn | https://www.linkedin.com/in/stillromancingwithlife/At AISA AU Cyber Con | https://melbourne2024.cyberconference.com.au/speakers/ravi-nayyar-uyhe3Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast & Audio Signals PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesThe discussion begins with a unique and lighthearted analogy: comparing cybersecurity professionals to superheroes. Marco draws parallels to characters like “The Avengers” and “Deadpool,” describing them as defenders of our digital world. Ravi builds on this playful yet thought-provoking metaphor, likening the fight against cybercriminals to epic battles against villains, highlighting the high stakes of cybersecurity in critical systems.The Cyber Zoo: Ravi Nayyar's Research FocusRavi introduces his research, focusing on the regulation of cyber resilience within critical infrastructure, particularly the software supply chain. Using the metaphor of a “zoo,” he paints a vivid picture of the cybersecurity ecosystem, where diverse stakeholders—government bodies, infrastructure operators, and software vendors—must coexist and collaborate. His work delves into how companies can be held accountable for their cyber practices, aiming to secure national and global systems.The Role of Humans in CybersecurityAt the heart of cybersecurity, Ravi emphasizes, is the human element. His research highlights the need for incentivizing all players—critical infrastructure operators, software developers, and even end users—to embed secure practices into their operations. It's not just about rules and frameworks but about fostering a culture of responsibility and collaboration in an interconnected world.The Case for Stronger Cyber LawsRavi critiques the historically relaxed approach to regulating software security, particularly for critical systems, and advocates for stronger, standardized laws. He compares cybersecurity frameworks to those used for medical devices, which are rigorously regulated for public safety. By adopting similar models, critical software could be held to higher standards, reducing risks to national security.Global Cooperation and the Fight Against Regulatory ArbitrageThe discussion shifts to the need for international collaboration in cybersecurity. Ravi underscores the risk of regulatory arbitrage, where companies exploit weaker laws in certain regions to save costs. He proposes global coalitions and standardization bodies as potential solutions to ensure consistent and robust security practices worldwide.Incentivizing Secure PracticesDelving into the practical side of regulation, Ravi discusses ways to incentivize companies to adopt secure practices. From procurement policies favoring vendors with strong cybersecurity commitments to the potential for class action lawsuits, the conversation explores the multifaceted strategies needed to hold organizations accountable and foster a safer digital ecosystem.Closing Thoughts: Collaboration for a Safer Digital WorldSean, Marco, and Ravi wrap up the episode by emphasizing the critical need for cross-sector collaboration—between academia, industry, media, and government—to tackle the evolving challenges of cybersecurity. By raising public awareness and encouraging proactive measures, they highlight the importance of a unified effort to secure our digital infrastructure.____________________________This Episode's SponsorsThreatlocker: https://itspm.ag/threatlocker-r974____________________________ResourcesThe theory of saving the world: Intervention requests and critical infrastructure: https://melbourne2024.cyberconference.com.au/sessions/session-eI6eYNriflLearn more and catch more stories from Australian Cyber Conference 2024 coverage: https://www.itspmagazine.com/australian-cyber-conference-melbourne-2024-cybersecurity-event-coverage-in-australiaBe sure to share and subscribe!____________________________Catch all of our event coverage: https://www.itspmagazine.com/technology-cybersecurity-society-humanity-conference-and-event-coverageTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastTo see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcastWant to tell your Brand Story Briefing as part of our event coverage?Learn More
Guest: EJ Wise, Founder & Principal, WiseLawOn LinkedIn | https://www.linkedin.com/in/wiselaw3/Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast & Audio Signals PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesAgainst the energetic backdrop of Melbourne's CyberCon, hosted by ISA, the conversation dives into the global nature of technology's influence. The trio reflects on pressing topics such as privacy, cybersecurity, and the shifting landscape of cyber law, all while situated in one of Australia's most tech-forward cities.EJ Wise's Journey and PerspectiveEJ Wise shared her remarkable career path, starting as a member of the U.S. Air Force JAG Corps and later founding her boutique law firm in Australia in 2018. Her firsthand experience sheds light on Australia's relatively recent introduction of comprehensive cyber laws and the ongoing need to bridge the gap between technological innovation and legislative action.Educating Consumers: A Shared ResponsibilityA key focus of the conversation was consumer awareness. EJ highlighted the critical need for industries to take responsibility for educating the public, much like banks have historically done with financial literacy. The discussion also touched on embedding technological literacy into early education, ensuring children grow up with a clear understanding of privacy and digital security.Technology and Ethics in TensionThe group examined the ethical challenges posed by advancing technologies, especially regarding surveillance and data privacy. From facial recognition in retail spaces to the increasing capabilities of modern devices to monitor user behavior, the conversation drew thought-provoking parallels between these innovations and the history of advertising practices.The ethical implications of such technologies go far beyond convenience, raising questions about transparency, consent, and societal norms in the digital age.Legal Frameworks and Industry ResponsibilityMarco and Sean explored the evolving role of legal frameworks in holding industry players accountable for consumer safety and privacy. EJ's insights provided a grounded perspective on how regulatory environments are adapting—or struggling to adapt—to these challenges.The discussion underscored a growing trend: companies must not only comply with existing laws but also anticipate and mitigate the societal impacts of their technologies.Encouraging Dialogue and ReflectionThroughout the episode, the importance of open dialogue and introspection emerged as a recurring theme. By examining how technology shapes society and law, the discussion encouraged listeners to reflect on their digital habits and the privacy trade-offs they make in their daily lives.ConclusionWhile the conversation didn't provide all the answers, it illuminated the complexities of the interplay between technology, law, and society. EJ, Marco, and Sean left listeners with an invitation to remain curious, question norms, and consider their role in shaping a more ethically aware digital future.This episode captures the spirit of CyberCon 2024—sparking ideas, inspiring debate, and reinforcing the need for thoughtful engagement with the challenges of our hybrid analog-digital society.____________________________This Episode's SponsorsThreatlocker: https://itspm.ag/threatlocker-r974____________________________ResourcesLearn more and catch more stories from Australian Cyber Conference 2024 coverage: https://www.itspmagazine.com/australian-cyber-conference-melbourne-2024-cybersecurity-event-coverage-in-australiaBe sure to share and subscribe!____________________________Catch all of our event coverage: https://www.itspmagazine.com/technology-cybersecurity-society-humanity-conference-and-event-coverageTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastTo see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcastWant to tell your Brand Story Briefing as part of our event coverage?Learn More
Guest: EJ Wise, Founder & Principal, WiseLawOn LinkedIn | https://www.linkedin.com/in/wiselaw3/Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast & Audio Signals PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesAgainst the energetic backdrop of Melbourne's CyberCon, hosted by ISA, the conversation dives into the global nature of technology's influence. The trio reflects on pressing topics such as privacy, cybersecurity, and the shifting landscape of cyber law, all while situated in one of Australia's most tech-forward cities.EJ Wise's Journey and PerspectiveEJ Wise shared her remarkable career path, starting as a member of the U.S. Air Force JAG Corps and later founding her boutique law firm in Australia in 2018. Her firsthand experience sheds light on Australia's relatively recent introduction of comprehensive cyber laws and the ongoing need to bridge the gap between technological innovation and legislative action.Educating Consumers: A Shared ResponsibilityA key focus of the conversation was consumer awareness. EJ highlighted the critical need for industries to take responsibility for educating the public, much like banks have historically done with financial literacy. The discussion also touched on embedding technological literacy into early education, ensuring children grow up with a clear understanding of privacy and digital security.Technology and Ethics in TensionThe group examined the ethical challenges posed by advancing technologies, especially regarding surveillance and data privacy. From facial recognition in retail spaces to the increasing capabilities of modern devices to monitor user behavior, the conversation drew thought-provoking parallels between these innovations and the history of advertising practices.The ethical implications of such technologies go far beyond convenience, raising questions about transparency, consent, and societal norms in the digital age.Legal Frameworks and Industry ResponsibilityMarco and Sean explored the evolving role of legal frameworks in holding industry players accountable for consumer safety and privacy. EJ's insights provided a grounded perspective on how regulatory environments are adapting—or struggling to adapt—to these challenges.The discussion underscored a growing trend: companies must not only comply with existing laws but also anticipate and mitigate the societal impacts of their technologies.Encouraging Dialogue and ReflectionThroughout the episode, the importance of open dialogue and introspection emerged as a recurring theme. By examining how technology shapes society and law, the discussion encouraged listeners to reflect on their digital habits and the privacy trade-offs they make in their daily lives.ConclusionWhile the conversation didn't provide all the answers, it illuminated the complexities of the interplay between technology, law, and society. EJ, Marco, and Sean left listeners with an invitation to remain curious, question norms, and consider their role in shaping a more ethically aware digital future.This episode captures the spirit of CyberCon 2024—sparking ideas, inspiring debate, and reinforcing the need for thoughtful engagement with the challenges of our hybrid analog-digital society.____________________________This Episode's SponsorsThreatlocker: https://itspm.ag/threatlocker-r974____________________________ResourcesLearn more and catch more stories from Australian Cyber Conference 2024 coverage: https://www.itspmagazine.com/australian-cyber-conference-melbourne-2024-cybersecurity-event-coverage-in-australiaBe sure to share and subscribe!____________________________Catch all of our event coverage: https://www.itspmagazine.com/technology-cybersecurity-society-humanity-conference-and-event-coverageTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastTo see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcastWant to tell your Brand Story Briefing as part of our event coverage?Learn More
Jim Richberg, Head of Cyber Policy and Global Field CISO at Fortinet & the former US National Intelligence Manager for Cybersecurity joins the show to discuss the biggest barriers or challenges to improving the election security. We also talk about the primary concerns that voting officials have going into this year's election and he provides last-minute advice that election officials can do right now leading into November.
In this episode, host Raghu Nandakumara sits down with Nicole Tisdale, Founder and Principal of Advocacy Blueprints. Nicole spent 15 years as a national security expert at The White House - National Security Council and the U.S. Congress's House Committee on Homeland Security. She joins the podcast to discuss cyber equity and security policy. --------“Should have, would have, could have - public policy is not about penalizing people for what they could have been doing or should have been doing. It's about making it better in the present and then making it better in the future.”--------Time Stamps (02:01) Nicole's background (08:31) Responses to breaches and reporting (11:19) Victims of cyber hacks (17:39) Defining cyber equity (24:19) High impact cyber attacks (37:42) Linking Zero Trust to Cyber Equity: Secure-by-design --------SponsorAssume breach, minimize impact, increase resilience ROI, and save millions in downtime costs — with Illumio, the Zero Trust Segmentation company. Learn more at illumio.com.--------LinksConnect with Nicole on LinkedInThe Hidden Injustice of Cyberattacks by Nicole Tisdale Illumio World Tour
In this episode, Shannon and Chris discuss the recent article about CrowdStrike's cybersecurity insurance losses and the warning from Warren Buffett. They explore the challenges of cybersecurity insurance, including the difficulty of obtaining coverage and the potential for disputes over potential losses. They also highlight the need for organizations to have strong cybersecurity measures in place and the importance of investment in patching solutions. The conversation touches on the impact of Warren Buffett's statements on the perception of cybersecurity insurance and the potential for misinterpretation. Overall, the discussion emphasizes the evolving landscape of cybersecurity insurance and the need for careful consideration and risk analysis. Please LISTEN
Dr. Lev Topor is currently an ISGAP Visiting Scholar at the Woolf Institute where he focuses on Critical Antisemitism Studies, Discrimination and Human Rights. Lev Topor is also a Senior Research Fellow at the Center for Cyber Law and Policy (CCLP) in the University of Haifa and a former Visiting Research Fellow at Yad Vashem in Jerusalem. He's the author of 'Phishing for Nazis: Conspiracies, Anonymous Communications and White Supremacy Networks on the Dark Web', an evidence-based, undercover study of neo- Nazi communities on anonymous online platforms published by Routledge (2023). Lev is also the co-author (with Jonathan Fox) of 'Why Do People Discriminate Jews?', an innovative and ground-breaking book published by Oxford University Press (2021) that combines traditional theories on antisemitism with empirical evidence from 76 countries to explain the reasons that drive discrimination against Jews. Join us. What allowed the Oct. 7 atrocities to unfold? Why are Jews best defined by their troubles? What could be the solution to antisemitism, anti-zionism, and anti-Jewish sentiment worldwide? what is actually within our control? Is there a science that can explain the laws that govern our development as a society, as a species? What can 2000 years of recorded Jewish history and big data tell us about ourselves? Why is it that despite our technological advancement we're still facing the same issues that have been plaguing our society for millennia? Is it possible that science, Jewish wisdom, and human history are not at odds with each other but are actually different points of view of the same thing? Different points of you? Thejewfunction is the only podcast brave enough to look for the root cause of antisemitism and a real solution to it according to the laws of nature. LISTEN TO THE MYSTERY BOOK PODCAST SERIES: https://anchor.fm/thejewfunctionpodcast SETH'S BOOK: https://www.antidotetoantisemitism.com/ FREE AUDIOBOOK (With Audible trial) OF THE JEWISH CHOICE - UNITY OR ANTISEMITISM: https://amzn.to/3u40evC LIKE/SHARE/SUBSCRIBE Follow us on Twitter/Facebook/Instagram @thejewfunction NEW: SUPPORT US ON PATREON patreon.com/thejewfunction
With TikTok in the hands of 170 million Americans, cybersecurity expert Amy Zegart says it's time to talk about consequences. Foreign access to all that data on so many Americans is a national security threat, she asserts. For those as concerned as she, Zegart has good news and bad. The government has gotten better at fighting cyberthreats, but artificial intelligence is making things very complicated, very fast. The US needs to adapt quickly to keep pace, Zegart tells host Russ Altman on this episode of Stanford Engineering's The Future of Everything podcast.Episode Reference Links:Amy Zegart's Stanford ProfileHoover Institution Profile: WebsiteEp.20 How Vulnerable Are We to Cyber Attacks? (Amy's previous episode on The Future of Everything)Connect With Us:Episode Transcripts >>> The Future of Everything WebsiteConnect with Russ >>> Threads or Twitter/XConnect with School of Engineering >>> Twitter/XChapters:(00:00:00) Introduction Host Russ Altman introduces guest Amy Zegart, a cybersecurity expert from Stanford University.(00:02:37) Government and Cybersecurity SpeedsHow AI has changed the pace at which both government and cyber attackers operate, and the evolving dynamics of cybersecurity efforts.(00:04:12) Corporate CybersecurityThe unexpected role of the SEC in regulating corporate cybersecurity efforts and how the cyber attack surface has expanded beyond traditional big industries(00:07:30) Global Cyber Threats and PreparednessInsights into the strategic use of cyber operations by other countries, and the multifaceted nature of international cyber relations.(00:09:13) Cyber Dynamics in the Russia-Ukraine ConflictThe cyber aspects of the Russia-Ukraine conflict and its implications for global cybersecurity strategies.(00:11:35) Misinformation and Disinformation DynamicsThe difference between misinformation and disinformation, their impacts on society and the challenges in combating them.(00:15:04) TikTok and National SecurityRisks associated with TikTok as a platform controlled by Chinese interests, discussing data privacy and potential for foreign influence.(00:20:11) Corporate Power in AI and National SecurityThe role of corporations in national security through their control over AI, and the challenges this poses for regulation and innovation.(00:22:47) Learning from Cybersecurity to Manage AI RisksLessons from cybersecurity that could help manage emerging AI risks, highlighting the need for developing independent AI research capacities.(00:26:44) European Regulation and Global AI SafetyThe European approach to AI regulation and data protection, advocating for international AI safety norms and collaborative efforts.(00:29:21) AI's Role in Enhancing IntelligenceHow AI can transform intelligence services, and advancements that could lead to significant efficiency gains in national security.(00:31:23) Conclusion Connect With Us:Episode Transcripts >>> The Future of Everything WebsiteConnect with Russ >>> Threads or Twitter/XConnect with School of Engineering >>> Twitter/X
Guest: Camille Stewart Gloster, Former Deputy National Cyber Director for Technology & Ecosystem, Award-winning Strategist & AttorneyWebsite: https://camillestewart.comLinkedIn: https://www.linkedin.com/in/camillestewartesqX (Twitter): https://www.twitter.com/camilleesqInstagram: https://www.instagram.com/camilleesq/Host: Dr. Rebecca WynnOn ITSPmagazine
The Pentagon is hitting back at Chinese cyber attacks. Power grids, oil pipelines, and water facilities—find out more on how they tie into Beijing's war preparations for a potential conflict with the United States. In the wake of Washington's “reconsider travel” advisory on China, Beijing is drawing attention to its own notice warning Chinese students and citizens of the potential for higher scrutiny when entering the United States. More on why. A declining global industry is being driven by excessive exports from China. A look at how cheap Chinese solar panels are straining renewable energy markets across the globe. And American tech giants are pushing their Taiwanese partners to relocate to Mexico instead of mainland China. Details on a new report. ⭕️ Watch in-depth videos based on Truth & Tradition at Epoch TV
Pentagon Establishes New Cyber Policy OfficeU.S., China Issue Travel Advisories for Each OtherFT: Cheap Chinese Renewable Flooding Global Market‘Product Dumping': Lee on Chinese Trade PracticeTech Giants Rejecting China, Turning to MexicoLatest on China, Global UpdatesBiden, China's Xi Speak by PhoneXiaomi Launches First-Ever EV Cheaper Than TeslaU.S. Military Command in Japan to Be Revamped: ReportRadio Host: Shen Yun Is Timeless
(4/1/24) - In today's Federal Newscast: The Defense Department has established the Office of the Assistant Secretary of Defense for Cyber Policy. There is a new section to the FAR and it may be the most important change in decades. And an OMB working group has added Middle Eastern or North African to federal requirements for collecting race and ethnicity data. Learn more about your ad choices. Visit podcastchoices.com/adchoicesSee Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.
(4/1/24) - In today's Federal Newscast: The Defense Department has established the Office of the Assistant Secretary of Defense for Cyber Policy. There is a new section to the FAR and it may be the most important change in decades. And an OMB working group has added Middle Eastern or North African to federal requirements for collecting race and ethnicity data. Learn more about your ad choices. Visit megaphone.fm/adchoices
Space Competition: Can The US Deter Its Adversaries From Launching Cyberattacks on Space Systems? This month, two years ago, Russia's unprovoked invasion of Ukraine started with a cyber attack that changed everything and yet nothing for the U.S. commercial space sector. This is the fourth and final in a series of episodes examining cyber attacks and space systems. Laura Winter speaks with Samuel Visner, Space Information Sharing and Analysis Center (Space-ISAC) Board Chair and Fellow at The Aerospace Corporation; Namrata Goswami, an independent scholar on space policy and great power politics and co-author of the book “Scramble for the Skies”; and Sean Costigan, the lead for NATO's cybersecurity curriculum, and Director of Cyber Policy at Red Sift.
Tech-related business insurance is evolving fast and Anthony Dolce, our guest on this episode of Chattinn Cyber, is a thought leader at the forefront. As head of Professional Liability & Cyber Underwriting at The Hartford, he brings 25 years of industry expertise to the myriad issues shaping policy development and recommended coverages for businesses – whether tech giants or third-party users of technology. Anthony explains the differences between Cyber and Tech Errors & Omissions (E&O) policies – as well as who needs which and in what combination. He also highlights for Host March Schein, National Co-Chair of the Cyber Center for Excellence, the confluence of factors that make tech companies such attractive targets for threat actors. You'll learn about the most common – and damaging – cyber liabilities out there; things like network attacks, ransom ware assaults, data breaches, business interruption, data restoration costs and third-party vulnerabilities. And don't miss our guest's comprehensive list of best practices to control risk for companies of all kinds, whatever their core business. “Nothing's a silver bullet, but you can help mitigate potential exposure,” says Anthony, whose Connecticut-based career began in claims before migrating to underwriting. Find out what differentiates The Hartford's Tech E&O and Cyber insurance solutions and how their team of experts guarantee insureds the best possible outcomes when privacy breaches, data hacks or other negative events occur. (Hint: specialized expertise and preparedness are key!) Key Takeaways: Why taking a leap and moving to the business side at The Hartford was one of those pivotal choices that changed the course of Anthony's career – and all too the good! From claims to underwriting: How Anthony made the jump and why it has shifted his focus. About the collaborative, social elements that define much of the underwriter's process and goals. What's a Cyber Policy? If you're doing business of any kind on the internet, then you probably need some form of coverage. What's a Tech E&O Policy? If you providing a tech service of some kind, then you probably need some form of coverage. At the intersection: A look at insurance policies that simultaneously cover exposures in the realms of both Cyber and Tech C&E exposure. About the evolution of Tech E&O + Cyber and coverages required in an internet economy full of data transmittal, management and risk exposures. Why large technology companies are such high-value targets for threat actors eager to double-dip by accessing downstream secondary client information. How The Hartford differentiates itself as an established carrier with a wide array of solutions for any business eventuality: Stand-alone Tech E&O coverage. Tech E&O coverage + cyber coverage. A wide variety of mix-and-match options. Specialized tech expertise to ensure optimal insurance outcomes. About potential cyber liabilities unique to technology firms: Network cyber-attacks. Ransom ware attacks. Data breaches (and related extortion). Business interruption. Data restoration costs. Professional/product exposure due to third-party contractual, regulatory or subrogation issues. Supply chain and systemic risk: A closer look at the variety of vulnerabilities passed down to companies impacted by global industry events. Recommended best practices to note: Perform regular software composition analyses. Deploy tools to track vulnerabilities. Undertake regular code reviews, including both static and dynamic scans. Implement regular in-house or third-party security and resiliency testing. Develop a solid IRP (Incident Response Plan). Ensure that your cyber insurance carrier is an integral part of your IRP. Stage incident response table-top exercises to align all stakeholders. Establish a roll-back plan to close vulnerabilities and limit negative events.
No one is immune from cybersecurity attacks, it seems. Just days ago, several senior Microsoft executives fell victim to a "password spray attack" coming from Russia. Did the company downplay how serious this was? And did it fail to use some basic best practices? For analysis, Federal Drive Host Tom Temin spoke with an exert at Stanford University, cyber analyst and former White House Senior Director for Cyber Policy, AJ Grotto. Learn more about your ad choices. Visit podcastchoices.com/adchoicesSee Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.
No one is immune from cybersecurity attacks, it seems. Just days ago, several senior Microsoft executives fell victim to a "password spray attack" coming from Russia. Did the company downplay how serious this was? And did it fail to use some basic best practices? For analysis, Federal Drive Host Tom Temin spoke with an exert at Stanford University, cyber analyst and former White House Senior Director for Cyber Policy, AJ Grotto. Learn more about your ad choices. Visit megaphone.fm/adchoices
Cyber operations are becoming increasingly ubiquitous as a means for nation state and non-nation state actors to engage in intelligence collection, subversion, and strategic competition more broadly. As our world becomes more thoroughly networked and as more data travels throughout cyberspace, the potential power of cyber operations and the urgency of cyber security grow exponentially. Cyberspace has increasingly become a heated, persistent domain of competition between nation state and non-nation state actors alike, and both the US government and private sector are working feverishly to increase their capacity to understand it and operate within it.Luke Litle sits down with Prof. Andrew Boyd, who recently retired as the director of the CIA's Center for Cyber Intelligence (CCI) and is now serving as an adjunct professor in the Alperovitch Institute at JHU SAIS. They discuss his transition from the human intelligence field to cyber intelligence, the ways US competitors and adversaries are using cyber tools to advance their national interest, current US efforts to develop and define its own cyber policy, the fusion of public and private sector cyber security efforts, and opportunities to serve in the cyber realm within the US government and private sector.
Marietje Schaake is International Policy Director at Stanford University Cyber Policy Center, International Policy Fellow at Stanford's Institute for Human-Centered Artificial Intelligence, and also serves on the UN's A.I. Advisory Body. We take a deep dive into how the digital revolution can still fulfill its promise of a democratic revolution. In other words: make A.I. work for democracy. Over the past 20 years, power became more and more concentrated in the hands of big tech companies, while both Democratic and Republican administrations have chosen to trust market forces, rather than intervening to put on some guardrails. Unsurprisingly, public interest issues are under-addressed. Voluntary commitments by tech companies are often not powerful or enforceable enough to change behavior. But in the last year, more governments and multilateral institutions are recognizing that there are risks with the use of AI. For example, the EU AI Act was just passed to mitigate the risks from the use of AI applications. Follow Marietje on Twitter: https://twitter.com/MarietjeSchaake Follow Mila on Twitter: https://twitter.com/milaatmos Follow Future Hindsight on Instagram: https://www.instagram.com/futurehindsightpod/ Love Future Hindsight? Take our Listener Survey! http://survey.podtrac.com/start-survey.aspx?pubid=6tI0Zi1e78vq&ver=standard Take the Democracy Group's Listener Survey! https://www.democracygroup.org/survey Want to support the show and get it early? https://patreon.com/futurehindsight Check out the Future Hindsight website! www.futurehindsight.com Read the transcript here: https://www.futurehindsight.com/episodes/make-ai-work-for-democracy-marietje-schaake Credits: Host: Mila Atmos Guests: Marietje Schaake Executive Producer: Mila Atmos Producer: Zack Travis
In this episode, Host Chris Cochran chats it up with former White House Senior Director for Cyber Policy, AJ Grotto. AJ shares his viewpoints about the current state of AI policies, the potential risks and benefits of AI technology, and the challenges in crafting effective policies in the field of cybersecurity. Impactful Moments 00:00 - Welcome 00:45 - Introducing guest, AJ Grotto 01:14 - Are Cyber and AI Separate? 03:37 - US Cyber Policy 08:06 - The Reality of AI Risk 11:20 - From Law to Cyber Policy 14:47 - Join our Mastermind! 15:36 - Policy Implementations 18:55 - Cyber Warfare and AI 22:13 - Advice for Getting into Cyber Policy Links: Connect with AJ: https://www.linkedin.com/in/andrew-grotto-2534b510a/ More about AJ and his current work: https://fsi.stanford.edu/people/andrew-j-grotto Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleys... Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/ Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord
The Cognitive Crucible is a forum that presents different perspectives and emerging thought leadership related to the information environment. The opinions expressed by guests are their own, and do not necessarily reflect the views of or endorsement by the Information Professionals Association. During this episode, John Davis recaps Four Operational Rules of the Road, which are intended to prevent miscalculation and unintended escalation. John synthesized these Rules based upon many years experience in military uniform and after many conversations with global leaders and academics. Briefly, they are: transparency, SOPs for oversight, sharing threat intelligence, and banning third party actors. We also revisit some of the topics from John's first Cognitive Crucible appearance. Research Question: John Davis asserts that there's been a lot of recent reporting about China's onslaught of disinformation oriented toward Taiwan and in the run up to the January elections. Reporting indicates that there may be important lessons in how Taiwan has handled this onslaught, including public education efforts with support from international media literacy partnerships as well as more active countermeasures by mature communities of fact-checkers, government investments and law enforcement investigations. He believes it would be a great research project to examine the techniques and capabilities employed by Taiwan and analyze the effectiveness, or lack thereof, to assist the U.S. in preparation for the 2024 presidential elections as well as our overall national effort to combat the information warfare efforts aimed at the country by Russia, China, Iran, North Korea and all of their surrogates. Resources: Cognitive Crucible Podcast Episodes Mentioned #24 John Davis on Modern Warfare, Teamwork, and Commercial Cognitive Security #166 John Agnello on Information Advantage Army Doctrinal Publication 3-13 INFORMATION, Nov 2023 Cybersecurity First Principles: A Reboot of Strategy and Tactics by Rick Howard Link to full show notes and resources Guest Bio: Retired U.S. Army Major General John Davis is the Vice President, Public Sector for Palo Alto Networks, where he is responsible for expanding cybersecurity initiatives and global policy for the international public sector and assisting governments around the world to prevent successful cyber breaches. Prior to joining Palo Alto Networks, John served as the Senior Military Advisor for Cyber to the Under Secretary of Defense for Policy and also served as the Acting Deputy Assistant Secretary of Defense for Cyber Policy. Prior to this assignment, he served in multiple leadership positions in special operations, cyber, and information operations. John earned a Master of Strategic Studies from the U.S. Army War College, Master of Military Art and Science from U.S. Army Command and General Staff College, and Bachelor of Science from U.S. Military Academy at West Point. About: The Information Professionals Association (IPA) is a non-profit organization dedicated to exploring the role of information activities, such as influence and cognitive security, within the national security sector and helping to bridge the divide between operations and research. Its goal is to increase interdisciplinary collaboration between scholars and practitioners and policymakers with an interest in this domain. For more information, please contact us at communications@information-professionals.org. Or, connect directly with The Cognitive Crucible podcast host, John Bicknell, on LinkedIn. Disclosure: As an Amazon Associate, 1) IPA earns from qualifying purchases, 2) IPA gets commissions for purchases made through links in this post.
Guest AJ Grotto is the William J. Perry International Security Fellow and founding director of the Program on Geopolitics, Technology and Governance at the Stanford Policy Center and Stanford University. Grotto has served in the National Cybersecurity Council under two successive presidents and brings decades of knowledge in international relations, policy and risk both to his students and to clients in his private sector consulting work. Grotto tells us about the current state of international cyber risk and response, gives his tips for students just getting started in international policy and why a suspicious-looking email took him away from the law profession and into the security space. 0:00 - National security cyber issues4:04 - How AJ Grotto got into cybersecurity7:10 - Grotto's work in the National Security Council10:25 - Skills used in the National Security Council14:35 - Working at Sagewood 17:00 - Global trends in cybersecurity19:00 - Economies down; cyber crime up? 20:17 - Cyber risk work at Stanford23:10 - Cybersecurity students at Stanford29:46 - How to take Grotto's class at Stanford31:25 - Federal Zero Trust directives34:49 - What to research for national security work38:09 - Important global cybersecurity topics40:06 - Learn more about Grotto, Stanford international policy41:07 - Outro – Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcastAbout InfosecInfosec's mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ's security awareness training. Learn more at infosecinstitute.com.
Welcome to RIMScast. Your host is Justin Smulison, Business Content Manager at RIMS, the Risk and Insurance Management Society. In this episode, Justin interviews Pamela Hans of Anderson Kill on the many aspects of Cybersecurity, including who is responsible for it. (If you have a networked device, it's you!) The discussion covers the effects of the new SEC ruling requiring many companies to report a cybersecurity event within four days of discovering that a material event has occurred, and what that means to you and your organization. Justin and Pamela also review her presentation at the RIMS Canada Conference 2023 and how a potential problem became a fun opportunity. Lots to cover in today's episode. Let's get to it. Key Takeaways: [:01] About RIMScast. [:14] Register for the RIMS ERM Conference 2023, which will be held in Denver, Colorado on November 2nd–3rd. RIMS will also host an ERM-based tour of Ball Arena in Denver on November 1st. Limited seating is available. Visit RIMS.org/ERM to register and listen to this episode to hear the code for 10% off your registration! [:41] About today's episode on cybersecurity and presentation skills with Pamela Hans of Anderson Kill. [1:01] All about exciting, upcoming RIMS events! Would you like funding to hire a risk management intern in 2024? If so, take a moment to apply for a Spencer Internship Grant. The application form will close on October 15th. The link is in this episode's notes. [1:28] If you will be attending RISKWORLD 2024 in San Diego, California, take a moment to sign up as a volunteer judge in the Spencer-RIMS Risk Management Challenge 2024. This is our annual international student competition. Full details can be found on the Spencer website at Spencered.org. Get involved; participate. We want to see you there! [1:52] Head to the RIMS.org/Advocacy page to register for The RIMS Legislative Summit, which is returning to Washington, D.C. on October 25th and 26th. [2:04] The RIMS ERM Conference 2023 will be held November 2nd and 3rd in Denver, Colorado. On November 1st, RIMS is hosting an ERM-based tour of Ball Arena, where the Denver Nuggets and Denver Avalanche play. There is limited seating. Register at RIMS.org/ERM2023. At checkout, type code 2023RIMSCAST for 10% off registration! [2:52] The ERM Conference 2023 will be different than years past. We've got some great changes. Book your travel plans now! RIMS will host a Post-conference Workshop for the RIMS CRMP from 9:00 to 4:00 MT on November 4th and 5th. Save $100 when you register for the conference and workshop in one transaction. Links are in the notes. [3:24] It is October; it's cybersecurity awareness month in the U.S. and several other areas of the world and that's why I'm so excited to introduce our guest, Pamela Hans, managing shareholder of the Philadelphia office of the law firm Anderson Kill. She focuses on insurance coverage, which includes cyber. [3:45] We're going to talk about cyber trends. I met Pamela at the RIMS Canada Conference in Ottawa last month where she was delivering a session on “Getting the Deal Done.” We're also going to hear her tips on how to handle the curveballs that might be thrown at you ahead of a live presentation and how to turn them into opportunities. [4:16] Justin met Pamela Hans of Anderson Kill on the last day of the RIMS Canada Conference 2023 when she was hosting a session. Pamela knows cybersecurity and October is National Cybersecurity Awareness Month in the U.S. [5:57] The trend of the phone calls Pamela gets is all about ransomware. A threat actor freezes up the system, completely takes control, and demands a ransom in return for a description key. But the trend in cybersecurity is data breaches to steal personal data. Recently Topgolf, Freecycle, Forever21, Duolingo, and Discord.io suffered breaches. [6:41] Those are just a few examples of cybersecurity incidents where personal sensitive data has been grabbed by the threat actor, with threats to use the data to do more damage to the individuals whose data was taken. [7:03] Pamela has also seen distributed denial of service attacks. The army of bots seems to be increasing in number while the cost is decreasing to rent a bot to execute a distributed denial of service attack. [7:50] When there is an exfiltration of personal data, that data can be used by the threat actor to do more damage to the individuals by impersonating the user and fraud. [8:29] Pamela addresses the SEC rules on the disclosure of cybersecurity events and the annual obligation imposed on publicly traded and registered companies to disclose their cybersecurity governance. That has an impact on the company and its stock price. The public may then decide which companies to trust by their cybersecurity protocols. [9:30] Justin refers to the RIMScast episode with Hilary Tuttle on the SEC cybersecurity reporting rules. They discussed the four-day reporting rule. Four days after the company finds out they were attacked in a material fashion they have to report the breach. [10:09] Pamela notes that a material breach is one that investors would want to know about before investing in the company, as the breach may affect the value of the stock and the company. This is an important SEC rule on cybersecurity governance. [11:41] Risk professionals should be asking questions about this rule now. Prepare to make these required reports. Run tabletop exercises with your response team. Ascertain now what “material,” in the cyber context, looks like to your company. Getting ready now is important, for when you experience a cybersecurity event. [13:23] Pamela speaks about the need for cybersecurity awareness. Any individual can be the gateway to a cybersecurity event. Everyone who has a device needs to be aware of cybersecurity risks to help prevent infiltration by cybercriminals of our phones, laptops, and businesses. [14:54] Cybersecurity is as simple as multi-factor authentication. Don't give away your passwords. Be thinking about cybersecurity, Don't click on the puppy dog. [15:58] Justin presents a special message from Bob Roitblat in case you missed his RIMScast episode. [16:16] Bob Roitblat is excited to be the keynote speaker for the RIMS ERM Conference 2023, in Denver, on November 2nd and 3rd. His keynote is “Elevate, Revolutionize, Maximize: Harnessing Innovation's Promise.” Bob reveals what to expect and asks you to bring your “A game,” be ready to ask questions and interact to get value. [17:34] Go to RIMS.org/ERM2023 to register. If you enter the code 2023RIMSCAST at checkout, you will get 10% off your registration! It's value with a discount! Bob looks forward to helping you elevate and evolve your risk management processes and your career! Be there in Denver, November 2nd and 3rd! Links are in the show notes. [18:36] Pamela reviews her career path, with degrees in civil engineering and then law school. She knew she wanted to solve technical problems for companies. Cybersecurity is a natural fit for her background. Cybersecurity is everywhere. [21:07] Pamela foresees two things from these new reporting rules. One will be SEC subpoenas to companies for information about their cybersecurity reporting and governance. Another will be shareholder scrutiny and lawsuits around failure to disclose or poor evaluation of materiality. The rule is self-enforcing through shareholder suits. [22:35] Pamela predicts we'll see more D&O coverage activity because of this rule. Risk professionals need to be looking at that when renewing or placing new D&O coverage, asking their brokers about the impact of the new SEC requirement around disclosure and materiality. Risk managers will need to explain this if there is a subpoena or claim. [23:52] Risk managers also need to be thinking of looking across the entire insurance program, to see which insurance policies may respond in the event of an SEC subpoena or a claim related to disclosure. Now is the time to prepare for what may be coming. [24:40] Pamela says risk professionals need to ask their insurance broker what is new in their policy since last year. Are there new endorsements or policy language? New policy language or endorsements for 2024 will be enormously important. Risk managers should also run tabletop exercises with the insurance pre-approved response team. [26:53] Risk professionals should look at your policies now to see what policies will respond if you have an SEC claim and what the policy limits are. Your policies need to be on paper, not on your computer network, and not named “Cyber Policy 1,” or “Cyber Policy 2,” where threat actors can find and read them on the network. [27:54] RIMS plug time! Sponsor an episode of RIMScast! Contact us at pd@rims.org. Justin is pleased, humbled, and excited to announce that RIMS and RIMScast have won the 2023 Excellence in MarCom Award on October 24, 2023, from the New York Society of Association Executives (NYSAE)! [28:41] On Friday, November 10th, from 10 to 11, NYSAE is presenting a virtual program called ”Podcasting — A Revenue Stream for Your Association.” Justin is honored to be one of the panelists. A link is in this episode's notes. [28:57] Upcoming Virtual Workshops: Visit RIMS.org/virtualworkshops to see the full calendar. Our friend Elise Farnham returns on October 24th and 25th to lead the two-day course Fundamentals of Risk Management. [29:20] Our friend Chris Hansen was recently on RIMScast. He will be leading Managing Worker Compensation, Employer's Liability, and Employment Practices in the US on November 7th and 8th. Be sure to register for that course! Information about these sessions and others is on the RIMS Virtual Workshops page. Check it out and register! [29:49] On October 12th, AXA XL returns to present Stand Tall: How to Boost your Cyber Posture Against Creative Cyber Criminals. [30:06] On October 26th, our friends from Zurich return to present a session on PFAS, Forever Chemicals, and PFAS Litigation. On October 31st, Resolver returns to present Building Your Business Case for GRC Software in 2024. Metrics That Matter has Enhanced Decision-Making Across Your Cybersecurity Program on November 7. [30:36] There is a lot of great educational content for you in the next month. Visit RIMS.org/Webinars to learn more about these webinars and to register! Links are in the show notes. Webinar registration is complimentary for RIMS members. [31:08] About Pamela Hans presenting the last session on the last day of the RIMS Canada Conference 2023. The session was “Do You Want to Get the Deal Done? Obstacles and Opportunities in Contract Negotiation.” She had a packed house for the session. She discussed deal-breakers and opportunities. [33:58] You have tools as a risk professional to deal with risk transfer provisions you might not want. The session talked about how to make insurance work for you in this context and how to indemnify a counterparty that is 10,000 times larger than you. How can your insurance respond to make these provisions opportunities, not deal-breakers? [35:03] People left the session with ideas about what to ask their insurance broker and the business side, to know what they should be ready for. [36:09] Pamela was scheduled to present with two co-presenters but neither of them could attend. For Pamela, it was an opportunity to have fun with the people who were in the room. Presentations are better when they are conversations with the people in the room. It was terrific! [38:34] Justin suggests if you are going to present and your co-presenters back out, look at it as an opportunity. If you need additional materials get them from the organization you represent, but be confident you can do 20 minutes by yourself. Open it up to Q&A and that will take care of a lot of dialog. Pamela went past 60 minutes. [39:18] Justin fell asleep twice in the 17-minute flight back to the U.S. He was disappointed the flight attendant didn't wake him! [40:54] Special thanks to Pamela Hans of Anderson Kill for joining us on RIMScast for National Cybersecurity Awareness Month coverage. The session handout from her RIMS Canada Conference session, “Do You Want to Get the Deal Done?” is available via the RIMS Canada Conference 2023 Attendees Service Center. See link in show notes. [41:16] Go to the App Store on your phone and download the RIMS App. This is a special members-only benefit. Everybody loves the RIMS app! [41:36] You can sponsor a RIMScast episode for this, our weekly show, or a dedicated episode. Links to sponsored episodes are in our show notes. RIMScast has a global audience of risk professionals, legal professionals, students, business leaders, C-Suite executives, and more. Let's collaborate! Contact pd@rims.org for more information. [42:17] Become a RIMS member and get access to the tools, thought leadership, and network you need to succeed. Visit RIMS.org/membership or email membershipdept@RIMS.org for more information. The RIMS app is available only for RIMS members! You can find it in the App Store. [42:41] Risk Knowledge is the RIMS searchable content library that provides relevant information for today's risk professionals. Materials include RIMS executive reports, survey findings, contributed articles, industry research, benchmarking data, and more. [42:56] For the best reporting on the profession of risk management, read Risk Management Magazine at RMMagazine.com and in print, and check out the blog at RiskManagementMonitor.com. Justin Smulison is Business Content Manager at RIMS. You can email Justin at Content@RIMS.org. [43:17] Justin thanks you for your continued support and engagement on social media channels! We appreciate all your kind words. Listen every week! Stay safe! Mentioned in this Episode: RIMS ERM Conference 2023 | Nov 2–3 in Denver, CO! Enter 2023RIMSCAST at checkout for 10% off registration! NEW FOR MEMBERS! RIMS Mobile App RIMS Legislative Summit — Oct 25 & 26, Washington, D.C. RIMS-Certified Risk Management Professional (RIMS-CRMP) Dan Kugler Risk Manager on Campus Grant Spencer Educational Foundation — Hire A Risk Intern 2024 | Deadline Oct. 15, 2023 Spencer-RIMS Risk Management Challenge 2024 — Be a Case Study or Join Judging Panel! “Do You Want To Get The Deal Done?” — Session handouts still available via the RIMS Canada Conference Attendee Service Center RIMScast to receive the 2023 Excellence in MarCom Award from the New York Society of Association Executives (NYSAE)! “NYSAE Webinar: Podcasting — A Revenue Stream for Your Association” RIMS Webinars: Stand Tall: How to Boost your Cyber Posture Against Creative Cyber Criminals | Sponsored by AXA XL | Oct. 12, 2023 PFAS Forever Chemicals — Regulations, Litigation, New Technologies | Sponsored by Zurich | Oct. 26, 2023 Building Your Business Case for GRC Software in 2024 | Sponsored by Resolver | Oct. 31, 2023 Enhance Decision-Making Across Your Cybersecurity Program | Sponsored by Metrics That Matter | Nov. 7, 2023 RIMS.org/Webinars Upcoming Virtual Workshops: Claims Management | Oct 10–11 Fundamentals of Risk Management | Oct 24–25 Managing Worker Compensation, Employer's Liability and Employment Practices in the US | Nov 7 See the full calendar of RIMS Virtual WorkshopsAll RIMS-CRMP Prep Workshops Related RIMScast Episodes: “Harnessing Innovation's Promise with ERM Conference Keynote Bob Roitblat” ‘Cybersecurity Reporting Updates with Hilary Tuttle of Risk Management Magazine” “Cybersecurity and Insurance Outlook 2023 with Josephine Wolff” “Genuine Generative AI Talk with Tom Wilde of Indico Data” “Getting to Know Jackware with Dan Healy of Anderson Kill” Sponsored RIMScast Episodes: “Subrogation and the Competitive Advantage” | Sponsored by Fleet Response (New!) “Cyberrisk Outlook 2023” | Sponsored by Alliant (New!) “Chemical Industry: How To Succeed Amid Emerging Risks and a Challenging Market” | Sponsored by TÜV SÜD “Insuring the Future of the Environment” | Sponsored by AXA XL “Insights into the Gig Economy and its Contractors” | Sponsored by Zurich “The Importance of Disaster Planning Relationships” | Sponsored by ServiceMaster “Technology, Media and Telecom Solutions in 2023” | Sponsored by Allianz “Analytics in Action” | Sponsored by Alliant “Captive Market Outlook and Industry Insights” | Sponsored by AXA XL “Using M&A Insurance: The How and Why” | Sponsored by Prudent Insurance Brokers Ltd. “Zurich's Construction Sustainability Outlook for 2023” “Aon's 2022 Atlantic Hurricane Season Overview” “ESG Through the Risk Lens” | Sponsored by Riskonnect “A Look at the Cyber Insurance Market” | Sponsored by AXA XL “How to Reduce Lithium-Ion Battery Fire Risks” | Sponsored by TÜV SÜD “Managing Global Geopolitical Risk in 2022 and Beyond” | Sponsored by AXA XL RIMS Publications, Content, and Links: RIMS Membership — Whether you are a new member or need to transition, be a part of the global risk management community! RIMS Virtual Workshops On-Demand Webinars Risk Management Magazine Risk Management Monitor RIMS-Certified Risk Management Professional (RIMS-CRMP) RIMS-CRMP Stories — New interview featuring Roland Teo! Spencer Educational Foundation RIMS DEI Council RIMS Events, Education, and Services: RIMS Risk Maturity Model® RIMS Events App Apple | Google Play RIMS Buyers Guide Sponsor RIMScast: Contact sales@rims.org or pd@rims.org for more information. Want to Learn More? Keep up with the podcast on RIMS.org and listen on Apple Podcasts. Have a question or suggestion? Email: Content@rims.org. Join the Conversation! Follow @RIMSorg on Facebook, Twitter, and LinkedIn About our guest, Pamela Hans LinkedIn Pamela HansSenior Shareholder, Cyber practice Pennsylvania office of Anderson Kill Tweetables (Edited For Social Media Use): Consumers are giving their personal information to a company they want to do business with and then that company is attacked and the individual's information can be used by the threat actor to do more damage to the individual by way of fraud. — Pamela Hans A material breach is one that investors would want to have information about that might influence their decision to buy or not to buy a stock, because it may impact the value of the stock and the value of the company going forward.— Pamela Hans Risk professionals should look at your policies now to understand what policies will respond if you have an SEC claim because of the reporting requirement and what the policy limits are. What are the requirements of notice? — Pamela Hans
This week Class 4 Fellow and Fellow Highlights series host Meri Baghdasaryan sits down with Grant Versfeld. Grant is Co-Vice President for the Foundry's current E-Board and is a Threat Intelligence Engineer at a major tech company. He recently graduated from Tufts University with a degree in Computer Science, where he specialized in cybersecurity and technology policy. As a student, he served as a Teaching Assistant for Dr. Susan Landau at the Fletcher School and interned with the Center for Democracy and Technology. In his spare time, Grant volunteers with an organization that provides security and privacy services to survivors of intimate partner violence. Meri and Grant chat about threat intelligence, Grant's work with CDT and at the Foundry. Then, they reflect on the importance of interdisciplinary approach and collaboration in tech policy and beyond. Resources mentioned in the episode: Cybercon 2022 CETA (Clinic to End Tech Abuse) CDT's Techsplanations Check out the Foundry on Instagram, Twitter, or LinkedIn and subscribe to our newsletter! If you'd like to support the show, donate to the Foundry here or reach out to us at foundrypodcasts@ilpfoundry.us. Thanks for listening, and stay tuned for our next episode! DISCLAIMER: Meri and Grant engage with the Foundry voluntarily and in their personal capacities. The views and opinions expressed on air do not reflect on the organizations Meri and/or Grant are affiliated with.
A cyberattack on a European banking institution, the handiwork of a pro-Russian “hacktivist” collective, may be a preview of the next chapter in the war in Ukraine. Herb Lin, the Hoover Institution's Hank J. Holland Fellow in Cyber Policy and Security, discusses possible motives behind the attack, various nations' cyber-strategies – China in search of […]
A cyberattack on a European banking institution, the handiwork of a pro-Russian “hacktivist” collective, may be a preview of the next chapter in the war in Ukraine. Herb Lin, the Hoover Institution's Hank J. Holland Fellow in Cyber Policy and Security, discusses possible motives behind the attack, various nations' cyber-strategies – China in search of data, North Korea in need of cash – and the push and pull between the US government and the nation's commercial and tech sectors over taking responsibility for future attacks.
Be sure to visit the Irregular Warfare Initiative website to see all of the new articles, podcast episodes, and other content the IWI team is producing! Is it possible to deter adversaries in the cyber domain—and if so, how? What should the US Department of Defense be learning from the role of cyber in the war in Ukraine? How do activities in the cyber domain overlay on—and influence—irregular warfare? In this episode, hosts Matt Moellering and Adam Darnley-Stuart are joined by two expert guests. Ms. Mieke Eoyang is the deputy assistant secretary of defense for cyber policy and Dr. Erica Lonergan is an assistant professor at the Army Cyber Institute at West Point and coauthor of the book Escalation Dynamics in Cyberspace. Together, they examine some of the deeply challenging questions presented by the increasing prominence of cyberspace as a warfighting domain. Intro music: "Unsilenced" by Ketsa Outro music: "Launch" by Ketsa CC BY-NC-ND 4.0
Emerging technology develops at a pace that is hard to master, much less legislate. The government should ensure that the opportunities technology provides maximize the potential for societal improvements while ensuring both economic and national security. Two of the most effective efforts to tackle the emerging technology challenges in the past half-decade were the National Security Commission on Artificial Intelligence (NSCAI) and the Cyberspace Solarium Commission (CSC).As the former chairs of these two congressionally mandated commissions, Rep. Mike Gallagher (CSC) and Dr. Eric Schmidt (NSCAI) discuss the roles of Congress, the Executive Branch, academia, and private sector leaders in shaping emerging technology policy, including how commissions can influence policies moving forward.The panel is moderated by the former NSCAI Executive Director and current President and CEO of the Special Competitive Studies Project Ylli Bajraktari, and the former CSC Executive Director and current Senior Director of FDD's Center on Cyber and Technology Innovation and CSC 2.0 Executive Director RADM (Ret.) Mark Montgomery.The event is hosted by the Foundation for Defense of Democracies, the Special Competitive Studies Project, and CSC 2.0.Read more and watch the conversation here:https://www.fdd.org/events/2023/06/07/thinking-forward-after-the-nscai-and-csc/
After ‘The Godfather' of artificial intelligence sounds the alarm about his own dangerous creation, Christiane asks senior A.I. researcher Connor Leahy, and also the head of Cyber Policy at Stanford University Marietje Schaake, if they think A.I. is a major threat to humanity, or a world saving breakthrough.Also on today's show: Cellist Yo-Yo Ma joins to talk about his ode to mother nature in his new project, and Walter Isaacson asks Buzzfeed News co-founder Ben Smith where the billion-dollar race to go viral went wrong.To learn more about how CNN protects listener privacy, visit cnn.com/privacy
Chris - I have to start with the intersection of law and cybersecurity. We're seeing major strides in regulations, both federal and state (like NYFDS), to regulate and enforce cybersecurity policies and program-based guidance. What are some of the emerging trends we're seeing in cyber law? Chris - As you know, we recently saw the new National Cyber Strategy, which makes a push for shifting the burden/responsibility for cybersecurity on the vendor or those best positioned to address it. Why do you think it has taken us so long to get to this point? I know you've drawn parallels to other industries such as automobilesChris - On the topic of parallels to other markets and industries, such as automobiles, pharmaceuticals and manufacturing, there are some unique aspects of software, in the sense it isn't tangible or kinetic, and can be very opaque, What impact do you think those characteristics have on trying to regulate it like we have done with other industries?Chris - The National Cyber Strategy also introduces the concept of Software Liability. This part of the strategy got the most aggressive response from industry and the community. Why do you think this makes everyone perk up so much?Chris - Many started to raise questions such as who will define "secure", who and how will it be validated or verified, and where is the line of responsibility between the software supplier and consumer. Any thoughts on these topics and questions?Chris - On the topic of regulation, many consider cybersecurity to be an example of a market failure. Can you explain what that is, and why some feel that way? How do you think think we balance regulation without stifling innovation in the tech industry?Nikki - How do you think the public sector and private sector are seeing cybersecurity laws differently? Do you feel like the private sector is lagging behind in cybersecurity regulations? Chris - I have worked on programs such as FedRAMP before, for Federal Cloud Services and I am familiar with NIST 800-171/CMMC as well for the DIB. Many argue, and I think there is merit to the claim that these sort of frameworks lead to smaller pools of suppliers and potentially a less diverse pool of market participants. Any thoughts on these impacts and if it is worth the trade off?Chris - Many compliance and regulatory schemes either take one of two approaches. The first being a self-attested model where entities self-attest their compliance, such as NIST 800-171 for the DIB was, and the second is a 3PAO model, where a 3rd party verifies compliance, such as in FedRAMP. Each of these models has drawbacks, such as less than truthful or accurate self-assessments, or the 3PAO requirement becoming cumbersome, costly and a bottleneck. What do you think about these two approaches and where do you see us heading with regards to say the National Cyber Strategy, liability and so on?
Cybersecurity in the private sector has long been a matter of collaboration. Companies and sectors worked with government to establish risk management approaches to what companies would ultimately decide to do. Our next guest believes that statements coming from the administration signal a move to cyber regulations, mandates and oversight. Attorney Megan Brown, a partner at Wiley Rein, talked about it with Tom Temin. Learn more about your ad choices. Visit megaphone.fm/adchoices
Cybersecurity in the private sector has long been a matter of collaboration. Companies and sectors worked with government to establish risk management approaches to what companies would ultimately decide to do. Our next guest believes that statements coming from the administration signal a move to cyber regulations, mandates and oversight. Attorney Megan Brown, a partner at Wiley Rein, talked about it with Tom Temin. Learn more about your ad choices. Visit podcastchoices.com/adchoicesSee Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.
Big Tech, honey, are you doing okay? Whether we like it or not, large technology platforms and the for-profit institutions that make them are here to stay in our society and economy. Governments are starting to craft often-overlapping regulations to try and fix the problems that come up, but instead of looking at issues one by one, let's look at these organizations as a whole - fundamentally “grow fast and break things” companies who somehow ended up in shouldering a lot of our national security, growing the international economy, and protecting values that underpin our Western society. How well does big tech help or hinder our security, privacy, and social fabric, and how will that change as the economy slows down? Show notes:Twitter:Content moderation & security: Mudge whistleblower complainthttps://techcrunch.com/2022/09/13/twitter-whistleblower-mudge-congress/Deplatforming vs. Echo chambershttps://www.vanderbilt.edu/jetlaw/2021/01/31/the-de-platforming-debate-balancing-concerns-over-online-extremism-with-free-speech/https://www.youtube.com/watch?v=6V_sEqfIL9Qhttps://www.axios.com/2021/12/06/conservative-social-media-crypto-publishing-internetStaffing at Twitterhttps://www.reuters.com/technology/after-elon-musks-ultimatum-twitter-employees-start-exiting-2022-11-18/Radioshack tries to sell off user datahttps://www.washingtonpost.com/news/the-switch/wp/2015/03/26/bankrupt-radioshack-wants-to-sell-off-user-data-but-the-bigger-risk-is-if-a-facebook-or-google-goes-bust/Uber:Uber CISO court case: https://www.csoonline.com/article/3676078/what-the-uber-verdict-means-to-cisos-youre-probably-not-going-to-jail.html Facebook / Meta:Advisory board / election issueshttps://www.cnn.com/2021/10/05/world/meanwhile-in-america-oct-6-intlBody issues re: instagram https://www.npr.org/2021/10/05/1043194385/whistleblowers-testimony-facebook-instagramOverlapping foreign government action + industrial policyState overlapping privacy lawshttps://www.ncsl.org/research/telecommunications-and-information-technology/state-laws-related-to-internet-privacy.aspx China data privacy laws / increased balkanization of internethttps://www.ey.com/en_kw/forensic-integrity-services/how-chinas-data-privacy-and-security-rules-could-impact-your-business Google's Operation Aurora: https://www.youtube.com/watch?v=przDcQe6n5oCybersecurity in a technology recession (cyber security as compliance)Google being told to cut costs by VChttps://www.businessinsider.com/google-layoffs-cost-cutting-analyst-2022-11 Benefits of security / private attribution, compliance for government contractshttps://www.securityweek.com/google-wins-lawsuit-against-glupteba-botnet-operatorsFTXhttps://www.forbes.com/sites/ninabambysheva/2022/11/21/ftx-hacker-moved-nearly-200-million-of-ether-to-different-wallets/https://www.cnn.com/2022/11/18/investing/ftx-bahamas-seizure
An interesting talk with former Senior Director for Cyber Policy & Deputy Assistant to President Trump Joshua Steinman about the DC bureaucracy, John Boyd, and China. You can find Josh at steinman.substack.com and as @JoshuaSteinman on Twitter.
Missed our exciting CYBER CON event with the WiCyS Privacy, Law, and Policy Affiliate?The Tech Policy Grind has you covered. Foundry Fellows Reema Moussa, Allyson McReynolds, Grant Versfeld & Lama Mohammed discuss highlights from the Foundry's first ever virtual cybersecurity convention, starring Amie D'souza, Josephine Wolff, Kassi Burns, Eva Galperin and Siena Anstis. They chat about the event's key theme; cybersecurity risk mitigation in law and policy, as well as particular practices around of cyber insurance, cyber hygiene for lawyers, and spyware. Coming soon from the Foundry: keep an eye out for the next round of applications to become a Foundry Fellow! If you'd like to sponsor an episode or propose a guest for the show, get in touch with us: foundrypodcasts@ilpfoundry.us If you'd like to support the show, consider donating to the Foundry; you can do so here. Resources Mentioned: Scraping Suit Hinges On When LinkedIn Discovered Violations [Law360]
In this episode, Foundry Fellow, Dyllan Brown-Bramble sits down with Gabrielle Hibbert, a Fellow at the Decentralized Future Council and Hillary Brill an Adjunct Professor and Senior Fellow Institute for Technology Law & Policy at Georgetown Law to discuss the work of the Decentralized Future Council, the future of Web3 law and policy, and why early-career professionals should get up to speed on it.
Reema and former Foundry Fellow Patrick Kyhos chat about his career in cyber public service and the evolution of the Foundry.
Uber suffers a data breach. Social media executives testify before Congress. A Large DDoS attack is thwarted in Eastern Europe. The FBI warns of increased cyberattacks against healthcare payment processors. Policy makers consider new OT security incentives. Malek Ben Salem from Accenture on future-proof cloud security. Our guest Diana Kelley from Cybrize discusses the need for innovation and entrepreneurship in cybersecurity. And if you've been hoping for a LockerGoga decryptor, you're in luck. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/179 Selected reading. Uber hacked, internal systems breached and vulnerability reports stolen (BleepingComputer) Uber suffers computer system breach, alerts authorities (Washington Post) Uber Investigating Data Breach After Hacker Claims Extensive Compromise (SecurityWeek) Uber Investigating Breach of Its Computer Systems (New York Times) Uber investigating "total compromise" of its internal systems (Computing) There's No Honor Among Thieves: Carding Forum Staff Defraud Users in an ESCROW Scam (Digital Shadows) Social media hearings highlight lack of trust, transparency in sector (The Record by Recorded Future) Breaking the Boycott (Cybersixgill) Record-Breaking DDoS Attack in Europe (Akamai) Cyber Criminals Targeting Healthcare Payment Processors, Costing Victims Millions in Losses (FBI) Siemens Mobility CoreShield OWG Software (CISA) Siemens Simcenter Femap and Parasolid (CISA) Siemens RUGGEDCOM ROS (CISA) Siemens Mendix SAML Module (CISA) Siemens SINEC INS (CISA) Siemens RUGGEDCOM ROS (Update A) (CISA) Simcenter Femap and Parasolid (CISA) Siemens Industrial Products Intel CPUs (Update A) (CISA) Siemens OpenSSL Affected Industrial Products (CISA) Siemens OpenSSL Vulnerability in Industrial Products (Update E) (CISA) Siemens SCALANCE (CISA) CISA Adds Six Known Exploited Vulnerabilities to Catalog (CISA) Building on our Baseline: Securing Industrial Control Systems Against Cyberattacks (House Committee on Homeland Security) Bitdefender Releases Universal LockerGoga Decryptor in Cooperation with Law Enforcement (Bitdefender Labs)
Can small-medium-sized businesses benefit from cyber insurance even if they don't buy a policy? How? Let's find out with my guest Jason Rebholz, CISO at Corvus Insurance. Your host is Kip Boyle, vCISO with Cyber Risk Opportunities.
The Tech Policy Grind hits the road once more: this time, to head to Hacker Summer Camp! In this episode, Reema and ILPF Class 4 Director of Operations, Grant Versfeld head to some of the world's largest cybersecurity conferences: RSA Conference and DEFCON.
Did you know there has been a fundamental restructuring of cybercrime cartels thanks to a booming dark web economy of scale? Powerful cybercriminal groups now operate like multinational corporations and are relied upon by traditional crime syndicates to carry out illegal activities such as extortion and money laundering. As a result, cybercrime cartels are more organized than ever before and often enjoy greater protection and resources from the nation-states that view them as national assets. A recent report from VMware found that 63% of financial institutions experienced an increase in destructive attacks, a 17% increase from last year. Destructive attacks are launched punitively to destroy, disrupt, or degrade victim systems by taking actions such as encrypting files, deleting data, destroying hard drives, terminating connections, or executing malicious code. Tom Kellermann, Head of Cybersecurity Strategy, joins me on Tech Talks Daily to discuss the findings in the report and share his insights. About Tom Kellermann Tom Kellermann is the Head of Cybersecurity Strategy for VMware Inc. Previously, Tom held the position of Chief Cybersecurity Officer for Carbon Black Inc. Before joining Carbon Black, Tom was the CEO and founder of Strategic Cyber Ventures. In 2020, he was appointed to the Cyber Investigations Advisory Board for the United States Secret Service. Additionally, on January 19, 2017, Tom was appointed the Wilson Center's Global Fellow for Cyber Policy. Tom previously held the positions of Chief Cybersecurity Officer for Trend Micro; Vice President of Security for Core Security and Deputy CISO for the World Bank Treasury. In 2008 Tom was appointed a commissioner on the Commission on Cyber Security for the 44th President of the United States. In 2003 he co-authored the Book “Electronic Safety and Soundness: Securing Finance in a New Age.”
Hosted by the William and Flora Hewlett Foundation Cyber Initiative and Aspen Digital, Verify 2022 brings together journalists and cyber and tech policy experts to discuss critical issues in cybersecurity. On this live recording of the Lawfare Podcast, Benjamin Wittes sat down at Verify 2022 to talk about cybersecurity and Ukraine with a truly remarkable panel: Kori Schake of the American Enterprise Institute, Megan Stifel of the Institute for Security and Technology, and Mieke Eoyang, currently the Deputy Assistant Secretary of Defense for Cyber Policy.Support this show http://supporter.acast.com/lawfare. See acast.com/privacy for privacy and opt-out information.
This week, The Periphery talks to Daphne Keller, law professor and Director of the Program on Platform Regulation at Stanford's Cyber Policy Center. We discuss why content moderation is so hard to get right from a platform perspective and just how little we *really* know about how these platforms work. Finally, we feel compelled to administer a content warning: this episode is ill-suited for those that still believe in Santa Clause. Leave us an honest review, subscribe, and send us any ideas or feedback that you'd like to share at theperipherypodcast@gmail.com. And be sure to become a Conversationalist on our Patreon if you are eager to support our efforts to diversify tech. Our GDPR privacy policy was updated on August 8, 2022. Visit acast.com/privacy for more information.
In Episode 241 of Hidden Forces, Demetri Kofinas speaks with Chris Painter, a globally recognized leader and expert on cyber security who has been at the vanguard of U.S. and international cyber issues for over thirty years—first as a prosecutor of some of the most high-profile cybercrime cases in the country and then as a senior official at the Department of Justice, FBI, the National Security Council, and the State Department. He's responsible for having established the Office of the Coordinator for Cyber Issues and served as Senior Director for Cyber Policy in the National Security Council. With the Biden administration reiterating prior warnings that the Russian Government is exploring options for conducting cyberattacks against the United States in response to sanctions levied against the Russian economy, we wanted to help bring all of you up to speed on exactly what those warnings are, what steps are being taken to minimize the damage they may cause, and what the range of possible responses by the U.S. government will be depending on the nature and targets of those attacks. This conversation is meant to give you the information that you need in order to best prepare yourselves and your businesses for what might be coming next, so that you remain ahead of the curve as events evolve and as the collateral damage of the war in Ukraine potentially widens. You can access the full episode, transcript, and intelligence report to this week's conversation by going directly to the episode page at HiddenForces.io and clicking on "premium extras." All subscribers gain access to our premium feed, which can be easily added to your favorite podcast application. If you enjoyed listening to today's episode of Hidden Forces you can help support the show by doing the following: Subscribe on Apple Podcasts | YouTube | Spotify | Stitcher | SoundCloud | CastBox | RSS Feed Write us a review on Apple Podcasts & Spotify Subscribe to our mailing list at https://hiddenforces.io/newsletter/ Producer & Host: Demetri Kofinas Editor & Engineer: Stylianos Nicolaou Subscribe & Support the Podcast at https://hiddenforces.io Join the conversation on Facebook, Instagram, and Twitter at @hiddenforcespod Follow Demetri on Twitter at @Kofinas Episode Recorded on 03/24/2022