POPULARITY
A ransomware crew can run through your whole company between dinner and dessert. Sean Martin sat down with Cynthia Kaiser — twenty years at the FBI, now leading the Halcyon Ransomware Research Center — on the speed of the threat, the human cost the industry keeps abstracting away, and why a slice of ransomware deserves a harder name than “crime.”
ThreatLocker's APAC director of operations, Emile Barakat, joins Cyber Daily's David Hollingworth to discuss what makes the Essential Eight so essential, the federal government's budget spend on cyber security, and the Australian outlook on cyber crime and why it happens here. This week on the Cyber Uncut podcast, Cyber Daily deputy editor David Hollingworth speaks with Emile Barakat, the head of cyber security firm ThreatLocker's operations in the Asia-Pacific region. ThreatLocker – and its boss, Danny Jenkins – is a big fan of Australia's Essential Eight cyber security standard, but what really makes that tick, and why is it so important? The pair discuss just why it's one of the gold standards of cyber protection and why other countries should take note. Then it's time to consider this year's budget and the role of government in securing businesses, economies, and consumers in a world of growing cyber threats. Finally, Hollingworth and Barakat get to grips with the local threat landscape and the human challenges of cyber security. "Typically, an organisation will run security awareness training every quarter. Some will do it less frequently, unfortunately," Barakat says. "Even with that training, you'll see compromises and, at times, the same employees make the same mistakes." Enjoy, The Cyber Uncut team
PODCAST EPISODE | Redefining CyberSecurity With Sean Martin — On Location at InfoSecurity Europe 2026 On Location With Sean Martin And Marco Ciappelli The UK's threats change by the day. Its laws change over years. Sean Martin sat down with James Morris — former Member of Parliament, now Director of the CSBR — to ask how a government writes cyber policy fast enough to matter, and why “resilience” has quietly stopped being a technical word.
ThreatLocker's APAC director of operations, Emile Barakat, joins Cyber Daily's David Hollingworth to discuss what makes the Essential Eight so essential, the federal government's budget spend on cyber security, and the Australian outlook on cyber crime and why it happens here. This week on the Cyber Uncut podcast, Cyber Daily deputy editor David Hollingworth speaks with Emile Barakat, the head of cyber security firm ThreatLocker's operations in the Asia-Pacific region. ThreatLocker – and its boss, Danny Jenkins – is a big fan of Australia's Essential Eight cyber security standard, but what really makes that tick, and why is it so important? The pair discuss just why it's one of the gold standards of cyber protection and why other countries should take note. Then it's time to consider this year's budget and the role of government in securing businesses, economies, and consumers in a world of growing cyber threats. Finally, Hollingworth and Barakat get to grips with the local threat landscape and the human challenges of cyber security. "Typically, an organisation will run security awareness training every quarter. Some will do it less frequently, unfortunately," Barakat says. "Even with that training, you'll see compromises and, at times, the same employees make the same mistakes." Enjoy, The Cyber Uncut team
The Air Force's Cyber Resiliency Office for Control Systems (CROCS) is translating high-level Pentagon cyber directives into operational steps to secure control systems across the department. Technical Director Daryl Haegley said the office was created to close a long‑standing policy gap to secure operational technology (OT). The Department of the Air Force has spent more than a year assembling stakeholders from mission assurance, intelligence, operations and logistics to develop a 100‑point cyber plan. The office now tracks progress on each initiative and convenes more than 100 OT experts monthly to coordinate implementation. Haegley emphasized that missions depend on their continuous availability. No base can operate without electricity, water and other critical services. CROCS plays a central role in aligning those priorities and helping assign appropriate levels of cyber risk. The office is also pushing services to train for degraded conditions. Bases are conducting energy resilience exercises that simulate cyberattacks by disconnecting from commercial power and disrupting systems like HVAC. "Operating in a contested environment — and training and rehearsing that — is what CROCS is trying to coordinate," Haegley said.
Cyber isn't just a compliance problem anymore.It's operational. It's persistent. And it's moving faster than the systems built to manage it.Katherine Sutton (Assistant Secretary of War for Cyber Policy and the Principal Cyber Advisor to the Secretary of War) joins Tyler Sweatt to talk about keeping pace across policy, technology, training, experimentation, and most importantly - the people.What's happening on the Second Front: Why cyber can't be treated as a compliance exercise anymoreThe real bottleneck to adopting new technology (and it's not the tech)How to get capability into operators' hands fasterRethinking talent, training, and career paths in the cyber forceWhy incremental change won't keep up—and what transformation actually requiresConnect with Katherine SuttonLinkedIn: Katherine SuttonConnect with TylerLinkedIn: Tyler Sweatt
Anthropic's new model found decades-old vulnerabilities in foundational open-source code that millions of automated tests and countless human experts had missed, presaging a potentially revolutionary moment in cyber. Ben Buchanan, former senior advisor for AI at the White House and author of The Hacker and the State, and Michael Sulmeyer, former Assistant Secretary of Defense for Cyber Policy, join the show to break it all down. Full disclosure: Ben advises Anthropic. We discuss… How Mythos found 27-year-old bugs in code everyone thought was secure The offense-defense balance: whether a Ukraine with Mythos and a Russia without it changes the war Project Glasswing and Anthropic's attempt to build a private-sector vulnerabilities equities process Why critical infrastructure patching is about to become a nightmare What happens when ransomware gets vibe-coded Why bio won't be far behind Learn more about your ad choices. Visit megaphone.fm/adchoices
Anthropic's new model found decades-old vulnerabilities in foundational open-source code that millions of automated tests and countless human experts had missed, presaging a potentially revolutionary moment in cyber. Ben Buchanan, former senior advisor for AI at the White House and author of The Hacker and the State, and Michael Sulmeyer, former Assistant Secretary of Defense for Cyber Policy, join the show to break it all down. Full disclosure: Ben advises Anthropic. We discuss… How Mythos found 27-year-old bugs in code everyone thought was secure The offense-defense balance: whether a Ukraine with Mythos and a Russia without it changes the war Project Glasswing and Anthropic's attempt to build a private-sector vulnerabilities equities process Why critical infrastructure patching is about to become a nightmare What happens when ransomware gets vibe-coded Why bio won't be far behind Learn more about your ad choices. Visit megaphone.fm/adchoices
Summary Today Marc is chattin' with Alex Niejelow, a respected figure in cybersecurity. The episode opens with Marc highlighting Alex's unique background growing up in Philly and his diverse career path. Alex shares how his early career as a Durham police officer and later as a lawyer shaped his mindset around public service and supporting people and businesses. He then transitioned into federal and state government roles, including significant positions in the Obama administration and Homeland Security, focusing on trade, customs, and national security issues such as counterfeit semiconductors in supply chains. They then chat about Alex's role on the National Security Council, where he worked on the intersection of trade and cybersecurity, a concept that was not widely recognized in the early 2010s but has since become central to government policy. Alex explains his involvement in developing the first-ever cyber sanctions regime, a tool designed to economically disincentivize cybercriminals and nation-states from monetizing stolen intellectual property and trade secrets. This approach was innovative in addressing the asymmetry in cyber threats, where traditional law enforcement and diplomatic tools were insufficient. The chat then shifts to the challenges Alex faced working across multiple government agencies with differing priorities, which, while complex, ultimately led to better outcomes through collaboration and creative problem-solving. Alex emphasizes the importance of reducing asymmetry in cybersecurity, noting that companies remain vulnerable at their weakest points. He highlights the evolution of the cyber insurance industry, which has become more sophisticated with risk engineers engaging deeply with clients to improve cybersecurity postures and insurance terms. Alex explains his motivation for founding Hilco Global Cyber Advisors, driven by the need to support middle-market companies that often lack adequate cybersecurity resources despite their sophistication and capital. He critiques the cybersecurity industry's tendency to self-silo and stresses the importance of aligning cybersecurity solutions with the nature of the products and services businesses provide to increase adoption and effectiveness. Finally, the chat turns to artificial intelligence (AI) as a major cybersecurity topic in 2025. Alex acknowledges both the threats and opportunities AI presents, noting that threat actors are leveraging AI to scale traditional cyberattacks like phishing. He expresses optimism about the cybersecurity community's commitment to addressing these challenges and highlights regulatory efforts, such as guidance issued to the insurance industry on AI use in underwriting, to mitigate risks including bias. The episode closes with Alex sharing a personal anecdote from his time at the White House and providing contact information for Hilco Global Cyber Advisors. Key Points Alex's career journey from police officer to cybersecurity expert in public and private sectors Development of the first-ever cyber sanctions regime to economically deter cybercrime The importance of collaboration across government agencies to address complex cyber challenges The evolution and sophistication of the cyber insurance industry in reducing asymmetry The dual impact of AI on cybersecurity: expanding threats and fostering innovative defenses. Key Quotes “The idea that cybersecurity issues and economic issues were actually interconnected was not widely accepted [in 2010]. It was still emerging. Fast forward to today. It is abundantly clear the intersectionality of those issues.” “Companies are always as weak as their weakest link.” “If you let the nature of the products and services that are being provided better inform and drive the cybersecurity solutions instead of vice versa, I think there will be a greater adoption.” “Threat actors are expanding their capacity and capabilities leveraging AI … but it is the speed and scale at which it is becoming exacerbated that I think is most concerning.” About Our Guest Alexander Niejelow is Executive Director of Global Cyber Advisors at Hilco Global, bringing deep expertise in cybersecurity, fintech, and digital policy from leadership roles in both the private sector and government. He previously served as Deputy Superintendent for Innovation Policy at the New York Department of Financial Services, leading initiatives on AI and emerging fintech. At Mastercard, he was Senior Vice President for Cybersecurity Coordination and Advocacy, overseeing global cybersecurity and technology policy efforts. Alex also held key government positions, including Director of Cybersecurity Policy at the White House National Security Council and Chief of Staff to the U.S. Intellectual Property Enforcement Coordinator. He began his career as a litigator and holds a JD from the University of Pennsylvania and a BA from Duke University. Alex actively contributes to cybersecurity policy through board roles with the Center for Cybersecurity Policy and Blue Star Families, and has led global coalitions focused on cyber risk reduction and digital protection. Follow Our Guest Website | LinkedIn About Our Host National co-chair of the Cyber Center for Excellence, Marc Schein, CIC,CLCS is also a Risk Management Consultant at Marsh McLennan Agency. He assists clients by customizing comprehensive commercial insurance programs that minimize the burden of financial loss through cost effective transfer of risk. By conducting a Total Cost of Risk (TCoR) assessment, he can determine any gaps in coverage. As part of an effective risk management insurance team, Marc collaborates with senior risk consultants, certified insurance counselors, and expert underwriters to examine the adequacy of existing client programs and develop customized solutions to transfer risk, improve coverage and minimize premiums. Follow Our Host Website | LinkedIn
Send us a textIn this powerful and deeply insightful conversation, Joey Pinz sits down with national security leader Valerie Cofield to explore the past, present, and future of cybersecurity across government, critical infrastructure, and everyday life. With 26 years at the FBI, senior leadership at CISA, and her current mission at ICIT, Valerie brings unmatched clarity to the threats shaping our world—from nation-state attacks on rural water systems to AI-enabled scams targeting vulnerable populations.Valerie reflects on why critical infrastructure is now a primary battleground, how bipartisan policy work shaped U.S. cyber readiness, and why the private sector—not government—will be on the front lines of future conflicts. She also shares her personal journey as the daughter of South Korean immigrants, the gratitude that shaped her service, and the emotional weight of protecting the country that gave her family a second chance.Beyond cyber, Joey and Valerie discuss reading habits, mental health, misinformation, and the dangers social media poses to young people. Valerie also offers a heartfelt perspective on leadership, longevity, habits, exercise, and earning success through consistency—not perfection.
“We're in a whole tangled mess…we've gotten ourselves into a tangled mess around not just securing our infrastructure, but also around competition for the pieces of our infrastructure.” AI has become a cornerstone of modern defense, economic security, commerce, and more. But without effective cybersecurity strategies, the technology that has helped drive U.S. innovation and productivity could become our Achilles heel. Kemba Walden, president of the Paladin Global Institute and former Acting National Cyber Director, and Devin Lynch, senior director of the Paladin Global Institute and former director in the Office of the National Cyber Director, join the podcast to discuss their new report, “The AI Tech Stack: A Primer for Tech and Cyber Policy,” and the importance of implementing effective security measures and infrastructure around its deployment.
In this episode of Cybersecurity Today, host David Shipley delves into alarming developments in the cybersecurity landscape. The FBI has flagged a massive malware campaign named Bad Box 2.0, which has compromised 1 million consumer devices globally, turning them into residential proxies. Additionally, a new variant of the Mirai malware is targeting DVR devices via a critical vulnerability. Meanwhile, criminals are shifting their operations from bulletproof hosts to harder-to-trace VPNs and residential proxy networks. The episode also covers urgent calls for post-quantum cryptography readiness amidst looming quantum computing threats, alongside a significant policy shift in the US. President Trump has signed an executive order dismantling former President Biden's extensive cybersecurity initiatives, including efforts focused on AI and quantum cryptography. These regulatory rollbacks emphasize minimal federal oversight and leave long-term digital defense strategies in question. 00:00 Introduction and Major Headlines 00:32 FBI Warns About Bad Box 2.0 Botnet 02:47 DVR Botnet Threats and Exploits 03:59 Shift in Cybercriminal Tactics 05:33 Quantum Computing and Encryption Concerns 07:08 Trump's Cybersecurity Policy Overhaul 11:36 Conclusion and Final Thoughts
Jim Richberg, Head of Cyber Policy and Global Field CISO at Fortinet rejoins the show for a timely discussion on the fast-evolving landscape of artificial intelligence and we unpack AI's unprecedented energy demands, its implications on national infrastructure, and the critical cybersecurity considerations government agencies must navigate in this new era. Jim also shares his "Three Rules for Government Technology Transformation," and we explore why education and clear procurement strategies are vital to responsible AI rollout in public sector programs.
In a new episode of This Much I Know, Carlos's guest is Dr Melanie Garson, an associate professor at UCL and expert in cyber policy and geopolitics. Together they discuss critical issues in the current geopolitical and defence systems, including the evisceration of the US civil service, reactive politics, and the role of technology companies as geopolitical actors. Dr Garson emphasizes the importance of interdisciplinary approaches, stress-tested technology rollouts, and the holistic view of future defence strategies. She highlights the information domain as another critical area, where misinformation and disinformation can proliferate and destabilize, underpinning the need for robust measures to counteract these threats. The conversation explores the strategic role of tech in geopolitics, the evolving nature of warfare, and the potential for innovation and international cooperation within the defence industry. Dr Garson also shares her views on the importance of building secure digital economies and engaging meaningfully with emerging technologies for long-term future defence capabilities. Looking to the future, Dr Garson predicts the emergence of new industry players and the potential for existing companies to re-engage with defence manufacturing. She remains optimistic that the industry will recognize the value of entrepreneurs and facilitate environments where innovation can thrive alongside traditional primes. Show Notes: Dr Melanie Garson linkedin.com/in/melaniegarson/ Carlos Espinal linkedin.com/in/carloseduardoespinal/ Dr Melanie Garson - profiles.ucl.ac.uk/25481-melanie-garson institute.global/experts/melanie-garson Seedcamp - seedcamp.com
U.S. Cyber Command has been ordered to halt all planning against Russia, marking a significant shift in the country's cyber policy. This decision, directed by Defense Secretary Pete Hedgeset, comes as the focus of U.S. cybersecurity efforts pivots away from Russia and towards threats from China and other adversaries. Reports indicate that this change has raised concerns about potential vulnerabilities, especially as Russian cybercriminal groups remain active. The Cybersecurity and Infrastructure Security Agency (CISA) has denied claims that it is reducing its focus on Russian threats, asserting its commitment to defending against all cyber threats to U.S. critical infrastructure.The podcast also discusses the challenges faced by IT service providers in retaining new talent. A recent report highlights that employees with one to three years of experience have a significantly higher churn rate compared to their more experienced counterparts. This situation underscores the need for managed service providers (MSPs) to enhance their onboarding processes, career progression paths, and workplace culture to improve employee retention. Additionally, the limited role of remote work in the industry suggests that MSPs must compete on factors beyond salary, such as workplace environment and benefits.Furthermore, the episode touches on the financial performance of Enable, a key player in the MSP software market. Despite reporting a year-over-year revenue growth of 7% and transitioning a significant portion of its revenue to annual contracts, Enable's stock price plummeted by over 25% following its earnings call. Analysts have adjusted their price targets downward, indicating a lack of confidence in the market for MSP-focused software companies. This trend suggests that the dream of an IPO resurgence for such companies may be fading, with a shift towards private equity consolidation becoming more prevalent.Finally, the podcast emphasizes the importance of resilience, vendor risk management, and strategic alignment for MSPs in light of these market dynamics. As the landscape evolves, providers are encouraged to focus on enhancing their cybersecurity offerings and adapting to regulatory changes. The episode concludes with a reminder for MSPs to be proactive in their approach to business, as the days of passive compliance are over, and security and regulation are becoming critical factors in the IT services industry. Three things to know today 00:00 U.S. Cyber Policy Shifts—Providers May Need to Step Up as Government Focus Changes05:27 IT Service Providers Are Hiring—But Can They Keep Their New Talent?08:25 MSP IPOs? The Market Says No—N-able's Stock Drop Tells the Story Supported by: https://cometbackup.com/?utm_source=mspradio&utm_medium=podcast&utm_campaign=sponsorship https://getflexpoint.com/msp-radio/ Event: : https://www.nerdiocon.com/ All our Sponsors: https://businessof.tech/sponsors/ Do you want the show on your podcast app or the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/subscribe/Looking for a link from the stories? The entire script of the show, with links to articles, are posted in each story on https://www.businessof.tech/ Support the show on Patreon: https://patreon.com/mspradio/ Want to be a guest on Business of Tech: Daily 10-Minute IT Services Insights? Send Dave Sobel a message on PodMatch, here: https://www.podmatch.com/hostdetailpreview/businessoftech Want our stuff? Cool Merch? Wear “Why Do We Care?” - Visit https://mspradio.myspreadshop.com Follow us on:LinkedIn: https://www.linkedin.com/company/28908079/YouTube: https://youtube.com/mspradio/Facebook: https://www.facebook.com/mspradionews/Instagram: https://www.instagram.com/mspradio/TikTok: https://www.tiktok.com/@businessoftechBluesky: https://bsky.app/profile/businessof.tech
Keeping your information safe online is vital to protect you and your loved ones. Learn about how these cyber security apps can help guard against bad actors. Aura: https://www.aura.com/ BitWarden: https://bitwarden.com/ Contact the Agent Survival Guide Podcast! Email us ASGPodcast@Ritterim.com or call 1-717-562-7211 and leave a voicemail. Resources: Events & Webinars with Ritter Insurance Marketing: https://ritterim.com/events/ How Relationship Marketing Can Make the Difference in Your Agency: https://lnk.to/asg642 Medicare Supplements Fill the Gaps in Your Portfolio: https://ritterim.com/blog/medicare-supplements-fill-the-gaps-in-your-portfolio/ Learning to Delight in the Limelight ft. Linda Ugelow: https://lnk.to/asg644 The Guide to Making Money Selling Health Insurance FREE eBook: https://ritterim.com/making-money-selling-insurance/ References: “Best Password Manager for Business, Enterprise & Personal: Bitwarden.” Bitwarden, https://bitwarden.com/. Accessed 28 Jan. 2025. “Intelligent Digital Safety for the Whole Family.” Aura, https://www.aura.com/. Accessed 28 Jan. 2025. Fragoso, Jason. “Is Identity Guard Legit? What You Need to Know.” Aura, Aura, 22 Nov. 2024, https://www.aura.com/learn/is-identity-guard-legit. “Healthcare Data Breach Statistics.” HIPAA Journal, https://www.hipaajournal.com/healthcare-data-breach-statistics/. Accessed 30 Jan. 2025. “More than 1.7 Billion Individuals Had Personal Data Compromised in 2024.” HIPAA Journal, https://www.hipaajournal.com/1-7-billion-individuals-data-compromised-2024/. Accessed 30 Jan. 2025. “Why Medical Records Are 10 Times More Valuable than Credit Card Info.” Why Medical Records Are 10 Times More Valuable Than Credit Card Info, Cyber Policy, https://www.cyberpolicy.com/cybersecurity-education/why-medical-records-are-10-times-more-valuable-than-credit-card-info. Accessed 30 Jan. 2025. Follow Us on Social! Ritter on Facebook, https://www.facebook.com/RitterIM Instagram, https://www.instagram.com/ritter.insurance.marketing/ LinkedIn, https://www.linkedin.com/company/ritter-insurance-marketing TikTok, https://www.tiktok.com/@ritterim X (fka) Twitter, https://twitter.com/RitterIM and Youtube, https://www.youtube.com/user/RitterInsurance Sarah on LinkedIn, https://www.linkedin.com/in/sjrueppel/ Instagram, https://www.instagram.com/thesarahjrueppel/ and Threads, https://www.threads.net/@thesarahjrueppel Tina on LinkedIn, https://www.linkedin.com/in/tina-lamoreux-6384b7199/ Not affiliated with or endorsed by Medicare or any government agency.
Welcome to the Data Security Decoded podcast, brought to you by Rubrik Zero Labs. In each episode, we discuss cybersecurity with thought leaders and industry experts, getting their take on trends, themes, and how they see data security evolving. This is a must-listen for security and IT leaders looking to better understand trends shaping data security and how they can achieve cyber resilience. In this episode, our host, Travis Rosiek, Public Sector CTO at Rubrik, is joined by Nicole Tisdale, Founder of Advocacy Blueprints, former Director of Legislative Affairs for the National Security Council, and author of Right to Petition. Nicole shares her journey from rural Mississippi to national security leadership, offering insights into cybersecurity equity, workforce development, and public policy's critical role in addressing underserved communities' unique challenges.
Guest: Ravi Nayyar, PhD Scholar, The University Of SydneyOn LinkedIn | https://www.linkedin.com/in/stillromancingwithlife/At AISA AU Cyber Con | https://melbourne2024.cyberconference.com.au/speakers/ravi-nayyar-uyhe3Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast & Audio Signals PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesThe discussion begins with a unique and lighthearted analogy: comparing cybersecurity professionals to superheroes. Marco draws parallels to characters like “The Avengers” and “Deadpool,” describing them as defenders of our digital world. Ravi builds on this playful yet thought-provoking metaphor, likening the fight against cybercriminals to epic battles against villains, highlighting the high stakes of cybersecurity in critical systems.The Cyber Zoo: Ravi Nayyar's Research FocusRavi introduces his research, focusing on the regulation of cyber resilience within critical infrastructure, particularly the software supply chain. Using the metaphor of a “zoo,” he paints a vivid picture of the cybersecurity ecosystem, where diverse stakeholders—government bodies, infrastructure operators, and software vendors—must coexist and collaborate. His work delves into how companies can be held accountable for their cyber practices, aiming to secure national and global systems.The Role of Humans in CybersecurityAt the heart of cybersecurity, Ravi emphasizes, is the human element. His research highlights the need for incentivizing all players—critical infrastructure operators, software developers, and even end users—to embed secure practices into their operations. It's not just about rules and frameworks but about fostering a culture of responsibility and collaboration in an interconnected world.The Case for Stronger Cyber LawsRavi critiques the historically relaxed approach to regulating software security, particularly for critical systems, and advocates for stronger, standardized laws. He compares cybersecurity frameworks to those used for medical devices, which are rigorously regulated for public safety. By adopting similar models, critical software could be held to higher standards, reducing risks to national security.Global Cooperation and the Fight Against Regulatory ArbitrageThe discussion shifts to the need for international collaboration in cybersecurity. Ravi underscores the risk of regulatory arbitrage, where companies exploit weaker laws in certain regions to save costs. He proposes global coalitions and standardization bodies as potential solutions to ensure consistent and robust security practices worldwide.Incentivizing Secure PracticesDelving into the practical side of regulation, Ravi discusses ways to incentivize companies to adopt secure practices. From procurement policies favoring vendors with strong cybersecurity commitments to the potential for class action lawsuits, the conversation explores the multifaceted strategies needed to hold organizations accountable and foster a safer digital ecosystem.Closing Thoughts: Collaboration for a Safer Digital WorldSean, Marco, and Ravi wrap up the episode by emphasizing the critical need for cross-sector collaboration—between academia, industry, media, and government—to tackle the evolving challenges of cybersecurity. By raising public awareness and encouraging proactive measures, they highlight the importance of a unified effort to secure our digital infrastructure.____________________________This Episode's SponsorsThreatlocker: https://itspm.ag/threatlocker-r974____________________________ResourcesThe theory of saving the world: Intervention requests and critical infrastructure: https://melbourne2024.cyberconference.com.au/sessions/session-eI6eYNriflLearn more and catch more stories from Australian Cyber Conference 2024 coverage: https://www.itspmagazine.com/australian-cyber-conference-melbourne-2024-cybersecurity-event-coverage-in-australiaBe sure to share and subscribe!____________________________Catch all of our event coverage: https://www.itspmagazine.com/technology-cybersecurity-society-humanity-conference-and-event-coverageTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastTo see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcastWant to tell your Brand Story Briefing as part of our event coverage?Learn More
Guest: Ravi Nayyar, PhD Scholar, The University Of SydneyOn LinkedIn | https://www.linkedin.com/in/stillromancingwithlife/At AISA AU Cyber Con | https://melbourne2024.cyberconference.com.au/speakers/ravi-nayyar-uyhe3Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast & Audio Signals PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesThe discussion begins with a unique and lighthearted analogy: comparing cybersecurity professionals to superheroes. Marco draws parallels to characters like “The Avengers” and “Deadpool,” describing them as defenders of our digital world. Ravi builds on this playful yet thought-provoking metaphor, likening the fight against cybercriminals to epic battles against villains, highlighting the high stakes of cybersecurity in critical systems.The Cyber Zoo: Ravi Nayyar's Research FocusRavi introduces his research, focusing on the regulation of cyber resilience within critical infrastructure, particularly the software supply chain. Using the metaphor of a “zoo,” he paints a vivid picture of the cybersecurity ecosystem, where diverse stakeholders—government bodies, infrastructure operators, and software vendors—must coexist and collaborate. His work delves into how companies can be held accountable for their cyber practices, aiming to secure national and global systems.The Role of Humans in CybersecurityAt the heart of cybersecurity, Ravi emphasizes, is the human element. His research highlights the need for incentivizing all players—critical infrastructure operators, software developers, and even end users—to embed secure practices into their operations. It's not just about rules and frameworks but about fostering a culture of responsibility and collaboration in an interconnected world.The Case for Stronger Cyber LawsRavi critiques the historically relaxed approach to regulating software security, particularly for critical systems, and advocates for stronger, standardized laws. He compares cybersecurity frameworks to those used for medical devices, which are rigorously regulated for public safety. By adopting similar models, critical software could be held to higher standards, reducing risks to national security.Global Cooperation and the Fight Against Regulatory ArbitrageThe discussion shifts to the need for international collaboration in cybersecurity. Ravi underscores the risk of regulatory arbitrage, where companies exploit weaker laws in certain regions to save costs. He proposes global coalitions and standardization bodies as potential solutions to ensure consistent and robust security practices worldwide.Incentivizing Secure PracticesDelving into the practical side of regulation, Ravi discusses ways to incentivize companies to adopt secure practices. From procurement policies favoring vendors with strong cybersecurity commitments to the potential for class action lawsuits, the conversation explores the multifaceted strategies needed to hold organizations accountable and foster a safer digital ecosystem.Closing Thoughts: Collaboration for a Safer Digital WorldSean, Marco, and Ravi wrap up the episode by emphasizing the critical need for cross-sector collaboration—between academia, industry, media, and government—to tackle the evolving challenges of cybersecurity. By raising public awareness and encouraging proactive measures, they highlight the importance of a unified effort to secure our digital infrastructure.____________________________This Episode's SponsorsThreatlocker: https://itspm.ag/threatlocker-r974____________________________ResourcesThe theory of saving the world: Intervention requests and critical infrastructure: https://melbourne2024.cyberconference.com.au/sessions/session-eI6eYNriflLearn more and catch more stories from Australian Cyber Conference 2024 coverage: https://www.itspmagazine.com/australian-cyber-conference-melbourne-2024-cybersecurity-event-coverage-in-australiaBe sure to share and subscribe!____________________________Catch all of our event coverage: https://www.itspmagazine.com/technology-cybersecurity-society-humanity-conference-and-event-coverageTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastTo see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcastWant to tell your Brand Story Briefing as part of our event coverage?Learn More
Guest: EJ Wise, Founder & Principal, WiseLawOn LinkedIn | https://www.linkedin.com/in/wiselaw3/Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast & Audio Signals PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesAgainst the energetic backdrop of Melbourne's CyberCon, hosted by ISA, the conversation dives into the global nature of technology's influence. The trio reflects on pressing topics such as privacy, cybersecurity, and the shifting landscape of cyber law, all while situated in one of Australia's most tech-forward cities.EJ Wise's Journey and PerspectiveEJ Wise shared her remarkable career path, starting as a member of the U.S. Air Force JAG Corps and later founding her boutique law firm in Australia in 2018. Her firsthand experience sheds light on Australia's relatively recent introduction of comprehensive cyber laws and the ongoing need to bridge the gap between technological innovation and legislative action.Educating Consumers: A Shared ResponsibilityA key focus of the conversation was consumer awareness. EJ highlighted the critical need for industries to take responsibility for educating the public, much like banks have historically done with financial literacy. The discussion also touched on embedding technological literacy into early education, ensuring children grow up with a clear understanding of privacy and digital security.Technology and Ethics in TensionThe group examined the ethical challenges posed by advancing technologies, especially regarding surveillance and data privacy. From facial recognition in retail spaces to the increasing capabilities of modern devices to monitor user behavior, the conversation drew thought-provoking parallels between these innovations and the history of advertising practices.The ethical implications of such technologies go far beyond convenience, raising questions about transparency, consent, and societal norms in the digital age.Legal Frameworks and Industry ResponsibilityMarco and Sean explored the evolving role of legal frameworks in holding industry players accountable for consumer safety and privacy. EJ's insights provided a grounded perspective on how regulatory environments are adapting—or struggling to adapt—to these challenges.The discussion underscored a growing trend: companies must not only comply with existing laws but also anticipate and mitigate the societal impacts of their technologies.Encouraging Dialogue and ReflectionThroughout the episode, the importance of open dialogue and introspection emerged as a recurring theme. By examining how technology shapes society and law, the discussion encouraged listeners to reflect on their digital habits and the privacy trade-offs they make in their daily lives.ConclusionWhile the conversation didn't provide all the answers, it illuminated the complexities of the interplay between technology, law, and society. EJ, Marco, and Sean left listeners with an invitation to remain curious, question norms, and consider their role in shaping a more ethically aware digital future.This episode captures the spirit of CyberCon 2024—sparking ideas, inspiring debate, and reinforcing the need for thoughtful engagement with the challenges of our hybrid analog-digital society.____________________________This Episode's SponsorsThreatlocker: https://itspm.ag/threatlocker-r974____________________________ResourcesLearn more and catch more stories from Australian Cyber Conference 2024 coverage: https://www.itspmagazine.com/australian-cyber-conference-melbourne-2024-cybersecurity-event-coverage-in-australiaBe sure to share and subscribe!____________________________Catch all of our event coverage: https://www.itspmagazine.com/technology-cybersecurity-society-humanity-conference-and-event-coverageTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastTo see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcastWant to tell your Brand Story Briefing as part of our event coverage?Learn More
Guest: EJ Wise, Founder & Principal, WiseLawOn LinkedIn | https://www.linkedin.com/in/wiselaw3/Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast & Audio Signals PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesAgainst the energetic backdrop of Melbourne's CyberCon, hosted by ISA, the conversation dives into the global nature of technology's influence. The trio reflects on pressing topics such as privacy, cybersecurity, and the shifting landscape of cyber law, all while situated in one of Australia's most tech-forward cities.EJ Wise's Journey and PerspectiveEJ Wise shared her remarkable career path, starting as a member of the U.S. Air Force JAG Corps and later founding her boutique law firm in Australia in 2018. Her firsthand experience sheds light on Australia's relatively recent introduction of comprehensive cyber laws and the ongoing need to bridge the gap between technological innovation and legislative action.Educating Consumers: A Shared ResponsibilityA key focus of the conversation was consumer awareness. EJ highlighted the critical need for industries to take responsibility for educating the public, much like banks have historically done with financial literacy. The discussion also touched on embedding technological literacy into early education, ensuring children grow up with a clear understanding of privacy and digital security.Technology and Ethics in TensionThe group examined the ethical challenges posed by advancing technologies, especially regarding surveillance and data privacy. From facial recognition in retail spaces to the increasing capabilities of modern devices to monitor user behavior, the conversation drew thought-provoking parallels between these innovations and the history of advertising practices.The ethical implications of such technologies go far beyond convenience, raising questions about transparency, consent, and societal norms in the digital age.Legal Frameworks and Industry ResponsibilityMarco and Sean explored the evolving role of legal frameworks in holding industry players accountable for consumer safety and privacy. EJ's insights provided a grounded perspective on how regulatory environments are adapting—or struggling to adapt—to these challenges.The discussion underscored a growing trend: companies must not only comply with existing laws but also anticipate and mitigate the societal impacts of their technologies.Encouraging Dialogue and ReflectionThroughout the episode, the importance of open dialogue and introspection emerged as a recurring theme. By examining how technology shapes society and law, the discussion encouraged listeners to reflect on their digital habits and the privacy trade-offs they make in their daily lives.ConclusionWhile the conversation didn't provide all the answers, it illuminated the complexities of the interplay between technology, law, and society. EJ, Marco, and Sean left listeners with an invitation to remain curious, question norms, and consider their role in shaping a more ethically aware digital future.This episode captures the spirit of CyberCon 2024—sparking ideas, inspiring debate, and reinforcing the need for thoughtful engagement with the challenges of our hybrid analog-digital society.____________________________This Episode's SponsorsThreatlocker: https://itspm.ag/threatlocker-r974____________________________ResourcesLearn more and catch more stories from Australian Cyber Conference 2024 coverage: https://www.itspmagazine.com/australian-cyber-conference-melbourne-2024-cybersecurity-event-coverage-in-australiaBe sure to share and subscribe!____________________________Catch all of our event coverage: https://www.itspmagazine.com/technology-cybersecurity-society-humanity-conference-and-event-coverageTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastTo see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcastWant to tell your Brand Story Briefing as part of our event coverage?Learn More
Jim Richberg, Head of Cyber Policy and Global Field CISO at Fortinet & the former US National Intelligence Manager for Cybersecurity joins the show to discuss the biggest barriers or challenges to improving the election security. We also talk about the primary concerns that voting officials have going into this year's election and he provides last-minute advice that election officials can do right now leading into November.
In this episode, host Raghu Nandakumara sits down with Nicole Tisdale, Founder and Principal of Advocacy Blueprints. Nicole spent 15 years as a national security expert at The White House - National Security Council and the U.S. Congress's House Committee on Homeland Security. She joins the podcast to discuss cyber equity and security policy. --------“Should have, would have, could have - public policy is not about penalizing people for what they could have been doing or should have been doing. It's about making it better in the present and then making it better in the future.”--------Time Stamps (02:01) Nicole's background (08:31) Responses to breaches and reporting (11:19) Victims of cyber hacks (17:39) Defining cyber equity (24:19) High impact cyber attacks (37:42) Linking Zero Trust to Cyber Equity: Secure-by-design --------SponsorAssume breach, minimize impact, increase resilience ROI, and save millions in downtime costs — with Illumio, the Zero Trust Segmentation company. Learn more at illumio.com.--------LinksConnect with Nicole on LinkedInThe Hidden Injustice of Cyberattacks by Nicole Tisdale Illumio World Tour
In this episode, Shannon and Chris discuss the recent article about CrowdStrike's cybersecurity insurance losses and the warning from Warren Buffett. They explore the challenges of cybersecurity insurance, including the difficulty of obtaining coverage and the potential for disputes over potential losses. They also highlight the need for organizations to have strong cybersecurity measures in place and the importance of investment in patching solutions. The conversation touches on the impact of Warren Buffett's statements on the perception of cybersecurity insurance and the potential for misinterpretation. Overall, the discussion emphasizes the evolving landscape of cybersecurity insurance and the need for careful consideration and risk analysis. Please LISTEN
Dr. Lev Topor is currently an ISGAP Visiting Scholar at the Woolf Institute where he focuses on Critical Antisemitism Studies, Discrimination and Human Rights. Lev Topor is also a Senior Research Fellow at the Center for Cyber Law and Policy (CCLP) in the University of Haifa and a former Visiting Research Fellow at Yad Vashem in Jerusalem. He's the author of 'Phishing for Nazis: Conspiracies, Anonymous Communications and White Supremacy Networks on the Dark Web', an evidence-based, undercover study of neo- Nazi communities on anonymous online platforms published by Routledge (2023). Lev is also the co-author (with Jonathan Fox) of 'Why Do People Discriminate Jews?', an innovative and ground-breaking book published by Oxford University Press (2021) that combines traditional theories on antisemitism with empirical evidence from 76 countries to explain the reasons that drive discrimination against Jews. Join us. What allowed the Oct. 7 atrocities to unfold? Why are Jews best defined by their troubles? What could be the solution to antisemitism, anti-zionism, and anti-Jewish sentiment worldwide? what is actually within our control? Is there a science that can explain the laws that govern our development as a society, as a species? What can 2000 years of recorded Jewish history and big data tell us about ourselves? Why is it that despite our technological advancement we're still facing the same issues that have been plaguing our society for millennia? Is it possible that science, Jewish wisdom, and human history are not at odds with each other but are actually different points of view of the same thing? Different points of you? Thejewfunction is the only podcast brave enough to look for the root cause of antisemitism and a real solution to it according to the laws of nature. LISTEN TO THE MYSTERY BOOK PODCAST SERIES: https://anchor.fm/thejewfunctionpodcast SETH'S BOOK: https://www.antidotetoantisemitism.com/ FREE AUDIOBOOK (With Audible trial) OF THE JEWISH CHOICE - UNITY OR ANTISEMITISM: https://amzn.to/3u40evC LIKE/SHARE/SUBSCRIBE Follow us on Twitter/Facebook/Instagram @thejewfunction NEW: SUPPORT US ON PATREON patreon.com/thejewfunction
With TikTok in the hands of 170 million Americans, cybersecurity expert Amy Zegart says it's time to talk about consequences. Foreign access to all that data on so many Americans is a national security threat, she asserts. For those as concerned as she, Zegart has good news and bad. The government has gotten better at fighting cyberthreats, but artificial intelligence is making things very complicated, very fast. The US needs to adapt quickly to keep pace, Zegart tells host Russ Altman on this episode of Stanford Engineering's The Future of Everything podcast.Episode Reference Links:Amy Zegart's Stanford ProfileHoover Institution Profile: WebsiteEp.20 How Vulnerable Are We to Cyber Attacks? (Amy's previous episode on The Future of Everything)Connect With Us:Episode Transcripts >>> The Future of Everything WebsiteConnect with Russ >>> Threads or Twitter/XConnect with School of Engineering >>> Twitter/XChapters:(00:00:00) Introduction Host Russ Altman introduces guest Amy Zegart, a cybersecurity expert from Stanford University.(00:02:37) Government and Cybersecurity SpeedsHow AI has changed the pace at which both government and cyber attackers operate, and the evolving dynamics of cybersecurity efforts.(00:04:12) Corporate CybersecurityThe unexpected role of the SEC in regulating corporate cybersecurity efforts and how the cyber attack surface has expanded beyond traditional big industries(00:07:30) Global Cyber Threats and PreparednessInsights into the strategic use of cyber operations by other countries, and the multifaceted nature of international cyber relations.(00:09:13) Cyber Dynamics in the Russia-Ukraine ConflictThe cyber aspects of the Russia-Ukraine conflict and its implications for global cybersecurity strategies.(00:11:35) Misinformation and Disinformation DynamicsThe difference between misinformation and disinformation, their impacts on society and the challenges in combating them.(00:15:04) TikTok and National SecurityRisks associated with TikTok as a platform controlled by Chinese interests, discussing data privacy and potential for foreign influence.(00:20:11) Corporate Power in AI and National SecurityThe role of corporations in national security through their control over AI, and the challenges this poses for regulation and innovation.(00:22:47) Learning from Cybersecurity to Manage AI RisksLessons from cybersecurity that could help manage emerging AI risks, highlighting the need for developing independent AI research capacities.(00:26:44) European Regulation and Global AI SafetyThe European approach to AI regulation and data protection, advocating for international AI safety norms and collaborative efforts.(00:29:21) AI's Role in Enhancing IntelligenceHow AI can transform intelligence services, and advancements that could lead to significant efficiency gains in national security.(00:31:23) Conclusion Connect With Us:Episode Transcripts >>> The Future of Everything WebsiteConnect with Russ >>> Threads or Twitter/XConnect with School of Engineering >>> Twitter/X
Guest: Camille Stewart Gloster, Former Deputy National Cyber Director for Technology & Ecosystem, Award-winning Strategist & AttorneyWebsite: https://camillestewart.comLinkedIn: https://www.linkedin.com/in/camillestewartesqX (Twitter): https://www.twitter.com/camilleesqInstagram: https://www.instagram.com/camilleesq/Host: Dr. Rebecca WynnOn ITSPmagazine
The Pentagon is hitting back at Chinese cyber attacks. Power grids, oil pipelines, and water facilities—find out more on how they tie into Beijing's war preparations for a potential conflict with the United States. In the wake of Washington's “reconsider travel” advisory on China, Beijing is drawing attention to its own notice warning Chinese students and citizens of the potential for higher scrutiny when entering the United States. More on why. A declining global industry is being driven by excessive exports from China. A look at how cheap Chinese solar panels are straining renewable energy markets across the globe. And American tech giants are pushing their Taiwanese partners to relocate to Mexico instead of mainland China. Details on a new report. ⭕️ Watch in-depth videos based on Truth & Tradition at Epoch TV
Pentagon Establishes New Cyber Policy OfficeU.S., China Issue Travel Advisories for Each OtherFT: Cheap Chinese Renewable Flooding Global Market‘Product Dumping': Lee on Chinese Trade PracticeTech Giants Rejecting China, Turning to MexicoLatest on China, Global UpdatesBiden, China's Xi Speak by PhoneXiaomi Launches First-Ever EV Cheaper Than TeslaU.S. Military Command in Japan to Be Revamped: ReportRadio Host: Shen Yun Is Timeless
(4/1/24) - In today's Federal Newscast: The Defense Department has established the Office of the Assistant Secretary of Defense for Cyber Policy. There is a new section to the FAR and it may be the most important change in decades. And an OMB working group has added Middle Eastern or North African to federal requirements for collecting race and ethnicity data. Learn more about your ad choices. Visit podcastchoices.com/adchoicesSee Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.
(4/1/24) - In today's Federal Newscast: The Defense Department has established the Office of the Assistant Secretary of Defense for Cyber Policy. There is a new section to the FAR and it may be the most important change in decades. And an OMB working group has added Middle Eastern or North African to federal requirements for collecting race and ethnicity data. Learn more about your ad choices. Visit megaphone.fm/adchoices
Space Competition: Can The US Deter Its Adversaries From Launching Cyberattacks on Space Systems? This month, two years ago, Russia's unprovoked invasion of Ukraine started with a cyber attack that changed everything and yet nothing for the U.S. commercial space sector. This is the fourth and final in a series of episodes examining cyber attacks and space systems. Laura Winter speaks with Samuel Visner, Space Information Sharing and Analysis Center (Space-ISAC) Board Chair and Fellow at The Aerospace Corporation; Namrata Goswami, an independent scholar on space policy and great power politics and co-author of the book “Scramble for the Skies”; and Sean Costigan, the lead for NATO's cybersecurity curriculum, and Director of Cyber Policy at Red Sift.
Tech-related business insurance is evolving fast and Anthony Dolce, our guest on this episode of Chattinn Cyber, is a thought leader at the forefront. As head of Professional Liability & Cyber Underwriting at The Hartford, he brings 25 years of industry expertise to the myriad issues shaping policy development and recommended coverages for businesses – whether tech giants or third-party users of technology. Anthony explains the differences between Cyber and Tech Errors & Omissions (E&O) policies – as well as who needs which and in what combination. He also highlights for Host March Schein, National Co-Chair of the Cyber Center for Excellence, the confluence of factors that make tech companies such attractive targets for threat actors. You'll learn about the most common – and damaging – cyber liabilities out there; things like network attacks, ransom ware assaults, data breaches, business interruption, data restoration costs and third-party vulnerabilities. And don't miss our guest's comprehensive list of best practices to control risk for companies of all kinds, whatever their core business. “Nothing's a silver bullet, but you can help mitigate potential exposure,” says Anthony, whose Connecticut-based career began in claims before migrating to underwriting. Find out what differentiates The Hartford's Tech E&O and Cyber insurance solutions and how their team of experts guarantee insureds the best possible outcomes when privacy breaches, data hacks or other negative events occur. (Hint: specialized expertise and preparedness are key!) Key Takeaways: Why taking a leap and moving to the business side at The Hartford was one of those pivotal choices that changed the course of Anthony's career – and all too the good! From claims to underwriting: How Anthony made the jump and why it has shifted his focus. About the collaborative, social elements that define much of the underwriter's process and goals. What's a Cyber Policy? If you're doing business of any kind on the internet, then you probably need some form of coverage. What's a Tech E&O Policy? If you providing a tech service of some kind, then you probably need some form of coverage. At the intersection: A look at insurance policies that simultaneously cover exposures in the realms of both Cyber and Tech C&E exposure. About the evolution of Tech E&O + Cyber and coverages required in an internet economy full of data transmittal, management and risk exposures. Why large technology companies are such high-value targets for threat actors eager to double-dip by accessing downstream secondary client information. How The Hartford differentiates itself as an established carrier with a wide array of solutions for any business eventuality: Stand-alone Tech E&O coverage. Tech E&O coverage + cyber coverage. A wide variety of mix-and-match options. Specialized tech expertise to ensure optimal insurance outcomes. About potential cyber liabilities unique to technology firms: Network cyber-attacks. Ransom ware attacks. Data breaches (and related extortion). Business interruption. Data restoration costs. Professional/product exposure due to third-party contractual, regulatory or subrogation issues. Supply chain and systemic risk: A closer look at the variety of vulnerabilities passed down to companies impacted by global industry events. Recommended best practices to note: Perform regular software composition analyses. Deploy tools to track vulnerabilities. Undertake regular code reviews, including both static and dynamic scans. Implement regular in-house or third-party security and resiliency testing. Develop a solid IRP (Incident Response Plan). Ensure that your cyber insurance carrier is an integral part of your IRP. Stage incident response table-top exercises to align all stakeholders. Establish a roll-back plan to close vulnerabilities and limit negative events.
No one is immune from cybersecurity attacks, it seems. Just days ago, several senior Microsoft executives fell victim to a "password spray attack" coming from Russia. Did the company downplay how serious this was? And did it fail to use some basic best practices? For analysis, Federal Drive Host Tom Temin spoke with an exert at Stanford University, cyber analyst and former White House Senior Director for Cyber Policy, AJ Grotto. Learn more about your ad choices. Visit podcastchoices.com/adchoicesSee Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.
No one is immune from cybersecurity attacks, it seems. Just days ago, several senior Microsoft executives fell victim to a "password spray attack" coming from Russia. Did the company downplay how serious this was? And did it fail to use some basic best practices? For analysis, Federal Drive Host Tom Temin spoke with an exert at Stanford University, cyber analyst and former White House Senior Director for Cyber Policy, AJ Grotto. Learn more about your ad choices. Visit megaphone.fm/adchoices
Cyber operations are becoming increasingly ubiquitous as a means for nation state and non-nation state actors to engage in intelligence collection, subversion, and strategic competition more broadly. As our world becomes more thoroughly networked and as more data travels throughout cyberspace, the potential power of cyber operations and the urgency of cyber security grow exponentially. Cyberspace has increasingly become a heated, persistent domain of competition between nation state and non-nation state actors alike, and both the US government and private sector are working feverishly to increase their capacity to understand it and operate within it.Luke Litle sits down with Prof. Andrew Boyd, who recently retired as the director of the CIA's Center for Cyber Intelligence (CCI) and is now serving as an adjunct professor in the Alperovitch Institute at JHU SAIS. They discuss his transition from the human intelligence field to cyber intelligence, the ways US competitors and adversaries are using cyber tools to advance their national interest, current US efforts to develop and define its own cyber policy, the fusion of public and private sector cyber security efforts, and opportunities to serve in the cyber realm within the US government and private sector.
Marietje Schaake is International Policy Director at Stanford University Cyber Policy Center, International Policy Fellow at Stanford's Institute for Human-Centered Artificial Intelligence, and also serves on the UN's A.I. Advisory Body. We take a deep dive into how the digital revolution can still fulfill its promise of a democratic revolution. In other words: make A.I. work for democracy. Over the past 20 years, power became more and more concentrated in the hands of big tech companies, while both Democratic and Republican administrations have chosen to trust market forces, rather than intervening to put on some guardrails. Unsurprisingly, public interest issues are under-addressed. Voluntary commitments by tech companies are often not powerful or enforceable enough to change behavior. But in the last year, more governments and multilateral institutions are recognizing that there are risks with the use of AI. For example, the EU AI Act was just passed to mitigate the risks from the use of AI applications. Follow Marietje on Twitter: https://twitter.com/MarietjeSchaake Follow Mila on Twitter: https://twitter.com/milaatmos Follow Future Hindsight on Instagram: https://www.instagram.com/futurehindsightpod/ Love Future Hindsight? Take our Listener Survey! http://survey.podtrac.com/start-survey.aspx?pubid=6tI0Zi1e78vq&ver=standard Take the Democracy Group's Listener Survey! https://www.democracygroup.org/survey Want to support the show and get it early? https://patreon.com/futurehindsight Check out the Future Hindsight website! www.futurehindsight.com Read the transcript here: https://www.futurehindsight.com/episodes/make-ai-work-for-democracy-marietje-schaake Credits: Host: Mila Atmos Guests: Marietje Schaake Executive Producer: Mila Atmos Producer: Zack Travis
In this episode, Host Chris Cochran chats it up with former White House Senior Director for Cyber Policy, AJ Grotto. AJ shares his viewpoints about the current state of AI policies, the potential risks and benefits of AI technology, and the challenges in crafting effective policies in the field of cybersecurity. Impactful Moments 00:00 - Welcome 00:45 - Introducing guest, AJ Grotto 01:14 - Are Cyber and AI Separate? 03:37 - US Cyber Policy 08:06 - The Reality of AI Risk 11:20 - From Law to Cyber Policy 14:47 - Join our Mastermind! 15:36 - Policy Implementations 18:55 - Cyber Warfare and AI 22:13 - Advice for Getting into Cyber Policy Links: Connect with AJ: https://www.linkedin.com/in/andrew-grotto-2534b510a/ More about AJ and his current work: https://fsi.stanford.edu/people/andrew-j-grotto Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleys... Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/ Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord
The Cognitive Crucible is a forum that presents different perspectives and emerging thought leadership related to the information environment. The opinions expressed by guests are their own, and do not necessarily reflect the views of or endorsement by the Information Professionals Association. During this episode, John Davis recaps Four Operational Rules of the Road, which are intended to prevent miscalculation and unintended escalation. John synthesized these Rules based upon many years experience in military uniform and after many conversations with global leaders and academics. Briefly, they are: transparency, SOPs for oversight, sharing threat intelligence, and banning third party actors. We also revisit some of the topics from John's first Cognitive Crucible appearance. Research Question: John Davis asserts that there's been a lot of recent reporting about China's onslaught of disinformation oriented toward Taiwan and in the run up to the January elections. Reporting indicates that there may be important lessons in how Taiwan has handled this onslaught, including public education efforts with support from international media literacy partnerships as well as more active countermeasures by mature communities of fact-checkers, government investments and law enforcement investigations. He believes it would be a great research project to examine the techniques and capabilities employed by Taiwan and analyze the effectiveness, or lack thereof, to assist the U.S. in preparation for the 2024 presidential elections as well as our overall national effort to combat the information warfare efforts aimed at the country by Russia, China, Iran, North Korea and all of their surrogates. Resources: Cognitive Crucible Podcast Episodes Mentioned #24 John Davis on Modern Warfare, Teamwork, and Commercial Cognitive Security #166 John Agnello on Information Advantage Army Doctrinal Publication 3-13 INFORMATION, Nov 2023 Cybersecurity First Principles: A Reboot of Strategy and Tactics by Rick Howard Link to full show notes and resources Guest Bio: Retired U.S. Army Major General John Davis is the Vice President, Public Sector for Palo Alto Networks, where he is responsible for expanding cybersecurity initiatives and global policy for the international public sector and assisting governments around the world to prevent successful cyber breaches. Prior to joining Palo Alto Networks, John served as the Senior Military Advisor for Cyber to the Under Secretary of Defense for Policy and also served as the Acting Deputy Assistant Secretary of Defense for Cyber Policy. Prior to this assignment, he served in multiple leadership positions in special operations, cyber, and information operations. John earned a Master of Strategic Studies from the U.S. Army War College, Master of Military Art and Science from U.S. Army Command and General Staff College, and Bachelor of Science from U.S. Military Academy at West Point. About: The Information Professionals Association (IPA) is a non-profit organization dedicated to exploring the role of information activities, such as influence and cognitive security, within the national security sector and helping to bridge the divide between operations and research. Its goal is to increase interdisciplinary collaboration between scholars and practitioners and policymakers with an interest in this domain. For more information, please contact us at communications@information-professionals.org. Or, connect directly with The Cognitive Crucible podcast host, John Bicknell, on LinkedIn. Disclosure: As an Amazon Associate, 1) IPA earns from qualifying purchases, 2) IPA gets commissions for purchases made through links in this post.
Guest AJ Grotto is the William J. Perry International Security Fellow and founding director of the Program on Geopolitics, Technology and Governance at the Stanford Policy Center and Stanford University. Grotto has served in the National Cybersecurity Council under two successive presidents and brings decades of knowledge in international relations, policy and risk both to his students and to clients in his private sector consulting work. Grotto tells us about the current state of international cyber risk and response, gives his tips for students just getting started in international policy and why a suspicious-looking email took him away from the law profession and into the security space. 0:00 - National security cyber issues4:04 - How AJ Grotto got into cybersecurity7:10 - Grotto's work in the National Security Council10:25 - Skills used in the National Security Council14:35 - Working at Sagewood 17:00 - Global trends in cybersecurity19:00 - Economies down; cyber crime up? 20:17 - Cyber risk work at Stanford23:10 - Cybersecurity students at Stanford29:46 - How to take Grotto's class at Stanford31:25 - Federal Zero Trust directives34:49 - What to research for national security work38:09 - Important global cybersecurity topics40:06 - Learn more about Grotto, Stanford international policy41:07 - Outro – Get your FREE cybersecurity training resources: https://www.infosecinstitute.com/free– View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcastAbout InfosecInfosec's mission is to put people at the center of cybersecurity. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and phishing training to stay cyber-safe at work and home. More than 70% of the Fortune 500 have relied on Infosec Skills to develop their security talent, and more than 5 million learners worldwide are more cyber-resilient from Infosec IQ's security awareness training. Learn more at infosecinstitute.com.
This week Class 4 Fellow and Fellow Highlights series host Meri Baghdasaryan sits down with Grant Versfeld. Grant is Co-Vice President for the Foundry's current E-Board and is a Threat Intelligence Engineer at a major tech company. He recently graduated from Tufts University with a degree in Computer Science, where he specialized in cybersecurity and technology policy. As a student, he served as a Teaching Assistant for Dr. Susan Landau at the Fletcher School and interned with the Center for Democracy and Technology. In his spare time, Grant volunteers with an organization that provides security and privacy services to survivors of intimate partner violence. Meri and Grant chat about threat intelligence, Grant's work with CDT and at the Foundry. Then, they reflect on the importance of interdisciplinary approach and collaboration in tech policy and beyond. Resources mentioned in the episode: Cybercon 2022 CETA (Clinic to End Tech Abuse) CDT's Techsplanations Check out the Foundry on Instagram, Twitter, or LinkedIn and subscribe to our newsletter! If you'd like to support the show, donate to the Foundry here or reach out to us at foundrypodcasts@ilpfoundry.us. Thanks for listening, and stay tuned for our next episode! DISCLAIMER: Meri and Grant engage with the Foundry voluntarily and in their personal capacities. The views and opinions expressed on air do not reflect on the organizations Meri and/or Grant are affiliated with.
A cyberattack on a European banking institution, the handiwork of a pro-Russian “hacktivist” collective, may be a preview of the next chapter in the war in Ukraine. Herb Lin, the Hoover Institution's Hank J. Holland Fellow in Cyber Policy and Security, discusses possible motives behind the attack, various nations' cyber-strategies – China in search of […]
A cyberattack on a European banking institution, the handiwork of a pro-Russian “hacktivist” collective, may be a preview of the next chapter in the war in Ukraine. Herb Lin, the Hoover Institution's Hank J. Holland Fellow in Cyber Policy and Security, discusses possible motives behind the attack, various nations' cyber-strategies – China in search of data, North Korea in need of cash – and the push and pull between the US government and the nation's commercial and tech sectors over taking responsibility for future attacks.
Be sure to visit the Irregular Warfare Initiative website to see all of the new articles, podcast episodes, and other content the IWI team is producing! Is it possible to deter adversaries in the cyber domain—and if so, how? What should the US Department of Defense be learning from the role of cyber in the war in Ukraine? How do activities in the cyber domain overlay on—and influence—irregular warfare? In this episode, hosts Matt Moellering and Adam Darnley-Stuart are joined by two expert guests. Ms. Mieke Eoyang is the deputy assistant secretary of defense for cyber policy and Dr. Erica Lonergan is an assistant professor at the Army Cyber Institute at West Point and coauthor of the book Escalation Dynamics in Cyberspace. Together, they examine some of the deeply challenging questions presented by the increasing prominence of cyberspace as a warfighting domain. Intro music: "Unsilenced" by Ketsa Outro music: "Launch" by Ketsa CC BY-NC-ND 4.0
Emerging technology develops at a pace that is hard to master, much less legislate. The government should ensure that the opportunities technology provides maximize the potential for societal improvements while ensuring both economic and national security. Two of the most effective efforts to tackle the emerging technology challenges in the past half-decade were the National Security Commission on Artificial Intelligence (NSCAI) and the Cyberspace Solarium Commission (CSC).As the former chairs of these two congressionally mandated commissions, Rep. Mike Gallagher (CSC) and Dr. Eric Schmidt (NSCAI) discuss the roles of Congress, the Executive Branch, academia, and private sector leaders in shaping emerging technology policy, including how commissions can influence policies moving forward.The panel is moderated by the former NSCAI Executive Director and current President and CEO of the Special Competitive Studies Project Ylli Bajraktari, and the former CSC Executive Director and current Senior Director of FDD's Center on Cyber and Technology Innovation and CSC 2.0 Executive Director RADM (Ret.) Mark Montgomery.The event is hosted by the Foundation for Defense of Democracies, the Special Competitive Studies Project, and CSC 2.0.Read more and watch the conversation here:https://www.fdd.org/events/2023/06/07/thinking-forward-after-the-nscai-and-csc/
After ‘The Godfather' of artificial intelligence sounds the alarm about his own dangerous creation, Christiane asks senior A.I. researcher Connor Leahy, and also the head of Cyber Policy at Stanford University Marietje Schaake, if they think A.I. is a major threat to humanity, or a world saving breakthrough.Also on today's show: Cellist Yo-Yo Ma joins to talk about his ode to mother nature in his new project, and Walter Isaacson asks Buzzfeed News co-founder Ben Smith where the billion-dollar race to go viral went wrong.To learn more about how CNN protects listener privacy, visit cnn.com/privacy
An interesting talk with former Senior Director for Cyber Policy & Deputy Assistant to President Trump Joshua Steinman about the DC bureaucracy, John Boyd, and China. You can find Josh at steinman.substack.com and as @JoshuaSteinman on Twitter.
Uber suffers a data breach. Social media executives testify before Congress. A Large DDoS attack is thwarted in Eastern Europe. The FBI warns of increased cyberattacks against healthcare payment processors. Policy makers consider new OT security incentives. Malek Ben Salem from Accenture on future-proof cloud security. Our guest Diana Kelley from Cybrize discusses the need for innovation and entrepreneurship in cybersecurity. And if you've been hoping for a LockerGoga decryptor, you're in luck. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/179 Selected reading. Uber hacked, internal systems breached and vulnerability reports stolen (BleepingComputer) Uber suffers computer system breach, alerts authorities (Washington Post) Uber Investigating Data Breach After Hacker Claims Extensive Compromise (SecurityWeek) Uber Investigating Breach of Its Computer Systems (New York Times) Uber investigating "total compromise" of its internal systems (Computing) There's No Honor Among Thieves: Carding Forum Staff Defraud Users in an ESCROW Scam (Digital Shadows) Social media hearings highlight lack of trust, transparency in sector (The Record by Recorded Future) Breaking the Boycott (Cybersixgill) Record-Breaking DDoS Attack in Europe (Akamai) Cyber Criminals Targeting Healthcare Payment Processors, Costing Victims Millions in Losses (FBI) Siemens Mobility CoreShield OWG Software (CISA) Siemens Simcenter Femap and Parasolid (CISA) Siemens RUGGEDCOM ROS (CISA) Siemens Mendix SAML Module (CISA) Siemens SINEC INS (CISA) Siemens RUGGEDCOM ROS (Update A) (CISA) Simcenter Femap and Parasolid (CISA) Siemens Industrial Products Intel CPUs (Update A) (CISA) Siemens OpenSSL Affected Industrial Products (CISA) Siemens OpenSSL Vulnerability in Industrial Products (Update E) (CISA) Siemens SCALANCE (CISA) CISA Adds Six Known Exploited Vulnerabilities to Catalog (CISA) Building on our Baseline: Securing Industrial Control Systems Against Cyberattacks (House Committee on Homeland Security) Bitdefender Releases Universal LockerGoga Decryptor in Cooperation with Law Enforcement (Bitdefender Labs)
Hosted by the William and Flora Hewlett Foundation Cyber Initiative and Aspen Digital, Verify 2022 brings together journalists and cyber and tech policy experts to discuss critical issues in cybersecurity. On this live recording of the Lawfare Podcast, Benjamin Wittes sat down at Verify 2022 to talk about cybersecurity and Ukraine with a truly remarkable panel: Kori Schake of the American Enterprise Institute, Megan Stifel of the Institute for Security and Technology, and Mieke Eoyang, currently the Deputy Assistant Secretary of Defense for Cyber Policy.Support this show http://supporter.acast.com/lawfare. See acast.com/privacy for privacy and opt-out information.
In Episode 241 of Hidden Forces, Demetri Kofinas speaks with Chris Painter, a globally recognized leader and expert on cyber security who has been at the vanguard of U.S. and international cyber issues for over thirty years—first as a prosecutor of some of the most high-profile cybercrime cases in the country and then as a senior official at the Department of Justice, FBI, the National Security Council, and the State Department. He's responsible for having established the Office of the Coordinator for Cyber Issues and served as Senior Director for Cyber Policy in the National Security Council. With the Biden administration reiterating prior warnings that the Russian Government is exploring options for conducting cyberattacks against the United States in response to sanctions levied against the Russian economy, we wanted to help bring all of you up to speed on exactly what those warnings are, what steps are being taken to minimize the damage they may cause, and what the range of possible responses by the U.S. government will be depending on the nature and targets of those attacks. This conversation is meant to give you the information that you need in order to best prepare yourselves and your businesses for what might be coming next, so that you remain ahead of the curve as events evolve and as the collateral damage of the war in Ukraine potentially widens. You can access the full episode, transcript, and intelligence report to this week's conversation by going directly to the episode page at HiddenForces.io and clicking on "premium extras." All subscribers gain access to our premium feed, which can be easily added to your favorite podcast application. If you enjoyed listening to today's episode of Hidden Forces you can help support the show by doing the following: Subscribe on Apple Podcasts | YouTube | Spotify | Stitcher | SoundCloud | CastBox | RSS Feed Write us a review on Apple Podcasts & Spotify Subscribe to our mailing list at https://hiddenforces.io/newsletter/ Producer & Host: Demetri Kofinas Editor & Engineer: Stylianos Nicolaou Subscribe & Support the Podcast at https://hiddenforces.io Join the conversation on Facebook, Instagram, and Twitter at @hiddenforcespod Follow Demetri on Twitter at @Kofinas Episode Recorded on 03/24/2022