Podcasts about cyber resilience

Storage often sits in the background of cybersecurity conversations—but not at Infinidat. In this episode, Eric Herzog, Chief Marketing Officer of Infinidat, joins Sean Martin to challenge the notion that storage is simply infrastructure. With decades of experience at IBM and EMC before joining Infinidat, Herzog explains why storage needs to be both operationally efficient and cyber-aware.Cyber Resilience, Not Just StorageAccording to Herzog, today's enterprise buyers—especially those in the Global Fortune 2000—aren't just asking how to store data. They're asking how to protect it when things go wrong. That's why Infinidat integrates automated cyber protection directly into its storage platforms, working with tools like Splunk, Microsoft Sentinel, and IBM QRadar. The goal: remove the silos between infrastructure and cybersecurity teams and eliminate the need for manual intervention during an attack or compromise.Built-In Defense and Blazing-Fast RecoveryThe integration isn't cosmetic. Infinidat offers immutable snapshots, forensic environments, and logical air gaps as part of its storage operating system—no additional hardware or third-party tools required. When a threat is detected, the system can automatically trigger actions and even guarantee data recovery in under one minute for primary storage and under 20 minutes for backups—regardless of the dataset size. And yes, those guarantees are provided in writing.Real-World Scenarios, Real Business OutcomesHerzog shares examples from finance, healthcare, and manufacturing customers—one of which performs immutable snapshots every 15 minutes and scans data twice a week to proactively detect threats. Another customer reduced from 288 all-flash storage floor tiles to just 61 with Infinidat, freeing up 11 storage admins to address other business needs—not to cut staff, but to solve the IT skills shortage in more strategic ways.Simplified Operations, Smarter SecurityThe message is clear: storage can't be an afterthought in enterprise cybersecurity strategies. Infinidat is proving that security features need to be embedded, not bolted on—and that automation, integration, and performance can all coexist. For organizations juggling compliance requirements, sprawling infrastructure, and lean security teams, this approach delivers both peace of mind and measurable business value.Learn more about Infinidat: https://itspm.ag/infini3o5dNote: This story contains promotional content. Learn more.Guest: Eric Herzog, Chief Marketing Officer, Infinidat | https://www.linkedin.com/in/erherzog/ResourcesLearn more and catch more stories from Infinidat: https://www.itspmagazine.com/directory/infinidatLearn more and catch more stories from RSA Conference 2025 coverage: https://www.itspmagazine.com/rsac25______________________Keywords:sean martin, eric herzog, storage, cybersecurity, automation, resilience, ransomware, recovery, enterprise, soc, brand story, brand marketing, marketing podcast, brand story podcast______________________Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageWant to tell your Brand Story Briefing as part of our event coverage? Learn More 

Connect to John Gilroy on LinkedIn   https://www.linkedin.com/in/john-gilroy/ Want to listen to other episodes? www.Federaltechpodcast.com The federal government needs to share information on a wide variety of platforms and must provide methods to ensure this transmission is secure.  Of course, the hard part is the “how” part of this data transfer.  Tim Fuhl from Owl Cyber Defense gives the listener an overview of how Owl Cyber Defense can help federal agencies share information securely. To accomplish this task, he discusses two fundamental concepts: diodes and Cross Domain Solutions. Diodes.  This is a mysterious word that was liberated from electrical engineers. When designing a semiconductor,  one may need to create a one-way path to prevent a signal from returning.  The solution in electronic design is a “diode.”     Owl Cyber Defense took an electrical concept called a diode, which provided “one-way” data transfer. When they combined this one-way street with a data path, they developed a “data diode,” a device that limits data transfer to one direction, protecting the system from a reverse movement.  When it comes to securing federal systems, a “data” diode is a device that restricts data transfer one way, essentially creating a one-way street. Cross Domain Solutions.  One of the newest abbreviations in the world of security is Cross Domain Solution (CDS).  The federal technical world is comprised of levels of protection.  As a result, what is needed is a way for communication between varying security levels. During the interview, Tim Fuhl defines both terms and gives examples of where this innovation can be applied to federal systems.

Explore actionable strategies for building a robust cyber resilience posture in this insightful episode. From strengthening defenses to improving recovery agility and anticipating future cybersecurity trends, this conversation delivers practical insights to help you stay a step ahead in protecting your digital landscape.

Preparing for ransomware - where is your data and how is it protected? Building cyber resilience for your data, across on-premises and cloud Reducing the window of damage and minimising the time to recover This episode is hosted by Thom Langfordhttps://www.linkedin.com/in/thomlangford/Heather Lowrie, Independent Advisor, Earthgard Ltdhttps://www.linkedin.com/in/heather-lowrie/Raza Sadiq, Head of Enterprise Risk, MQubehttps://www.linkedin.com/in/razasadiq7/Sandra Bell, Group Head of Organisational Resilience, Novunahttps://www.linkedin.com/in/sandra-bell-13a109183/Grant Caley, UK & Ireland Solutions Director, NetApphttps://www.linkedin.com/in/grant-caley-a424681/

UK court blocks government's attempt to keep Apple encryption case secret. Port of Seattle says last year's breach affected 90,000 people. Verizon Call Filter App flaw exposes millions' call records. Hackers hit Australian pension funds. A global threat hiding in plain sight. Cybercriminals are yelling CAPTCH-ya! Meta retires U.S. fact-checking program. Our guest today is Rob Boyce from Accenture and he's discussing Advanced Persistent Teenagers (APTeens). And Google's AI Goes Under the Sea. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Rob Boyce, Global Lead for Cyber Resilience at Accenture, joins to discuss Advanced Persistent Teenagers (APTeens). Advanced Persistent Teenagers (APTeens) have rapidly become a significant enterprise risk by demonstrating capabilities once limited to organized ransomware groups, the threat from juvenile, homegrown threat-actors has risen steadily.  Selected Reading UK Effort to Keep Apple Encryption Fight Secret Blocked in Court (Bloomberg) Port of Seattle says ransomware breach impacts 90,000 people (BleepingComputer) Call Records of Millions Exposed by Verizon App Vulnerability (SecurityWeek) Cybercriminals are trying to loot Australian pension accounts in new campaign (The Record) NEPTUNE RAT Attacking Windows Users to Exfiltrate Passwords from 270+ Apps (Cyber Security News) Threat Actors Using Fake CAPTCHAs and CloudFlare Turnstile to Deliver LegionLoader (Cyber Security News)  Meta ends its fact-checking program in the US later today, replaces it with Community Notes (Techspot) Suspected Scattered Spider Hacker Pleads Guilty (SecurityWeek) This Alphabet Spin-off Brings “Fishal Recognition” to Aquaculture (IEEE Spectrum)  Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Climb Channel Solutions Ireland, the specialist technology distributor formerly known as DataSolutions, has announced a new partnership with Quest Software, a global leader in systems management, data protection, and security software. Quest is a software solutions provider which is trusted by more than 95% of Fortune 500 companies. With an office in Cork and more than a quarter of a century of pedigree in Ireland, its offering spans platform migrations, cloud deployments, Software-as-a-Service (SaaS), security, governance, data intelligence, database management, and solutions to ensure data is AI-ready. Through this partnership, Climb Channel Solutions Ireland will offer Quest's suite of security, data empowerment, and AI solutions to resellers. Quest's ever-expanding portfolio is designed to help organisations manage, format, and cleanse data, enabling the seamless adoption of AI. Climb Channel Solutions Ireland - which was recently recognised as Quest Distributor of the Year - and Quest will also focus on threat detection, backup and disaster recovery solutions and platforms. This includes Quest Security Guardian, an Active Directory (AD) security solution that significantly reduces the attack surface for enterprises and improves identity threat detection and response (ITDR). As one of only two vendors in Ireland providing Active Directory Recovery, Quest is uniquely positioned to help organisations quickly and securely restore critical identity services, reinforcing its leadership in identity resilience. Brian Davis, VP of Sales for the UK & Ireland, Climb Channel Solutions Ireland, said: "Given its 24/7 support services, technical certifications and expanding portfolio, Quest has the ability to transform, secure and drive impact for both resellers and end users. Ireland offers huge potential, and we look forward not only to solidifying our partnership but addressing challenges and powering success for enterprises." To support its partner network in Ireland, Quest will be rolling out several initiatives to help them identify and close new business opportunities. These include technical bootcamps, roundtables and an online training library. Alongside this, Quest also offers financial incentives to partners, such as rebates and referral fees. Olivia Donnell, Global Distribution, Quest Software, added: "With an office in Cork and more than 25 years of experience in Ireland, our partnership with Climb Channel Solutions Ireland will allow us to further strengthen cybersecurity for Irish enterprises. By combining well-established products with new solutions, we can make enterprises ready now for the future - ensuring resilience, reliability, and readiness across data management, Microsoft migrations, and security." See more stories here.

Ergo, Ireland's largest indigenous IT solutions provider, has announced the launch of its new Cyber Resilience and Cyber Recovery Service offering to coincide with World Backup Day. Ergo's offering is a robust end-to-end solution designed to safeguard organisations against cyber threats and ensure rapid recovery in the event of a cybersecurity incident. The growth of Ireland's digital economy has created both significant opportunities and challenges for businesses across all sectors. Approximately 41% of goods and services produced in Ireland are now transacted digitally, including both digitally ordered and digitally delivered products. As a result, cyber threats pose serious risks not only to individual businesses but also to the broader economy. Cyber threats are constantly evolving and becoming more sophisticated, and ransomware attacks globally and in Ireland, are on the rise, with global security spending expected to grow by 12.2% year-on-year in 2025. If an organisation's backup solution is not immutable, it can be entirely compromised by cyber-attack, making an organisation not only vulnerable to losing business critical data but also negatively impacting its bottom line due to unplanned downtime, reputational damage and potential regulatory penalties. Figures from Ireland's National Cyber Security Centre (NCSC) show more than 5,000 cyberattacks were reported by companies in Ireland in 2023 with an unknown quantity of unreported attacks. Regulatory pressure in the form of NIS2, DORA, CER, PART-IS, have also forced organisations across most sectors, to have cyber resilience policies and protections in place. In today's world, businesses must be more resilient and prepared for the potential risks and threats inherent with digital platforms. Ergo's new offering, available in Ireland and Northern Ireland, leverages the latest technologies and best practices to provide an end-to-end approach to cyber resilience, from backup management and rigorous testing to 24/7 monitoring and incident response. In the event of an incident, Ergo's Cyber Resilience and Cyber Recovery Service offering, ensures that businesses can recover efficiently and effectively. Commenting on the launch, Lorne Chedzey, CIO at Ergo said: "With the increasing prevalence of cyber threats, it's no longer a question of if, but when, a business will need to recover from an incident. We've seen an uptick in the number of attacks targeting organisations of all sizes, which show no signs of slowing down, and if we follow the trends, are only going to get worse. "With scores of Irish organisations reporting significant instances of cyberattacks as reported by the NCSC each year, something needs to change. "Our new Cyber Resilience and Cyber Recovery Service Offering is designed to provide peace of mind, ensuring our clients are prepared for whatever comes their way. World Backup Day is a timely reminder of the importance of both data protection and robust cyber resilience." To learn more about Ergo's Cyber Resilience and Cyber Recovery Services, visit https://ergotechnologygroup.com/security/cyber-resilience/ See more stories here.

- Response and Recovery (Part III) Markus Epner - Head of Academy at F24 AG. Markus possesses a wealth of experience in security and crisis management. In this episode, he is in conversation with - Lorenz Kuhlee, who is a highly experienced IT security professional working with PwC's Risk & Regulation Team in Germany. His specialties include large-scale data breach investigations, cyber incident response, and digital forensics. At PwC, Lorenz leads technical teams through complex cases and brings expertise in project management, specifically tailored to digital forensics and incident response (DFIR). In addition to his work at PwC, Lorenz is the co-author of Computer Forensics Hacks, a practical collection of methods, tips, and tricks from computer forensics. 01:14 Once your team is activate, what are the key phases and actions required to mitigate the situation? 02:59 If there's a ransomeware attack on a company, should they pay or not? 09:46 How do you ensure your that your containment meausres do not interefre with the company's ongoing activities? 15:00 Do criminals follow some kind of internal SOP when they attack a company? 18:00 What steps should companies take to ensure that they are well prepared against a cyber attack?

The connection between technology and psychology may not be immediately apparent but our instincts when under attack, wherever the threat may come from, are often surprisingly similar. Lorne Chedzey, Chief Information Officer at Ergo, delves into the parallels between technology and psychology. As both a technology specialist and someone who has spent many years studying the human science of psychology, I have witnessed a parallel between how humans behave when facing a psychological threat, and how many CISO's and IT leaders behave when facing the potential threat of a data breach. Information technology is a product of the human mind so perhaps this is not too surprising. However, we can gain some insights from psychology that can be useful, like how the powerful human forces of fear and acceptance can play a key role in our cyber resilience strategy, and what to look out for as common pitfalls in strategic thinking. Many years ago, during my psychology degree, I studied the stress response, writing my thesis around the effectiveness of various coping mechanisms. It's human nature to focus on trying to prevent something unpleasant and the human body has developed a "fight or flight" response to respond to threatening events, which is often the cause for many people to suffer from a chronic stress response as well as anxiety. These symptoms can be incredibly debilitating for some people, and they were born during our evolution where this response, which raises cortisol levels in the bloodstream can lead to action, to flee from the bear chasing us through the woods. In modern times, we still feel the same feelings, but our environment is very different. When we have unpleasant experiences today, we often protect ourselves from these psychologically threatening events with defence mechanisms, such as avoidance. This can sometimes be effective in warding off the initial threat, but by doing so, we are not preparing ourselves for a time when we cannot avoid this situation. When this happens, the situation can cause considerable psychological damage. This coping strategy is only affective when we can control the variables. To draw parallels to the cyber-security realm, IT leaders have built a fortress, of prevention technologies, with firewalls, identity and access management systems, which are all effective at avoiding the threat of a cyber-attack. All of this is needed to protect their organisations valuable data from falling into the wrong hands, which is why it is a wise strategy to pursue. However, this alone is of no use if you do eventually get breached, and you are in a situation where you're facing a threat where you are not in control of the variables, and there is a risk of considerable business and reputational damage, as well as a lot of stress. If someone is struggling with chronic stress because they are finding it difficult to cope with external factors, sometimes it's helpful to understand where the issue is coming from, so that they can identify the root cause and start to do something about it. Often counselling or cognitive behavioural therapy can be useful in this instance. A good therapist will delve deeply into thoughts, and feelings, and how these may result in specific behaviours. This can sometimes provide someone with an "aha" moment, where they can link an external stimulus, to a thought, and then onto a behaviour. This can be effective at changing behaviour and reducing the stress response. From a cyber security perspective, it is the instigation of observability tools to identify and analyse where there may be potential breaches. Using SIEM systems to collect and analyse event logs can detect potential threats that could be a root cause to a possible breach. Utilising vulnerability management systems to identify systems, networks and software that may have holes that need to be plugged. This exploration work is very effective at understanding where the root cause of a breach may occur, and gives an...

In dieser Folge von AWS Cloud Horizonte spricht Oskar Neumann, Senior Solutions Architect bei AWS mit Lars Kerkmann von Phoenix Contact über ein Thema, das jedes Unternehmen betrifft: Sicherheit in der Cloud. Wie baut man eine sichere AWS-Umgebung auf? Wie stellt man sicher, dass bestehende Systeme robust und widerstandsfähig bleiben? Dazu haben wir Lars Kerkmann von Phoenix Contact zu Gast. Phoenix Contact ist ein weltweit führendes Unternehmen in der Elektrotechnik und Automatisierung. Lars teilt, warum sie am Cyber Resilience Lab von AWS teilgenommen haben, welche Erkenntnisse sie gewonnen haben und wie das Lab ihnen geholfen hat, ihre Sicherheitsstrategie weiterzuentwickeln. Ebenfalls dabei ist Julian Joswig, Solutions Architect bei AWS und Projektmanager des Cyber Resilience Labs. Er erklärt die Methodik hinter dem Lab, welche fünf Dimensionen der Cybersicherheit analysiert werden und wie Unternehmen davon profitieren können. In dieser Episode erfahrt ihr: Was das Cyber Resilience Lab ist und wie es funktioniert Welche fünf Dimensionen der Cybersicherheit entscheidend sind Wie Phoenix Contact von der AWS-Initiative profitiert hat Wie euer Unternehmen an einem kostenlosen Cyber Resilience Lab teilnehmen kann Interessierte Unternehmen können sich direkt per E-Mail an cyber-resilience-labs@amazon.com wenden.

In this episode of Security Matters, we dive into the world of retail technology and cybersecurity. Imagine a bustling retail chain during its busiest shopping season, only to be disrupted by a cyberattack. Our guest, Jason James, Chief Information Officer (CIO) at Aptos Retail, shares his insights with host David Puner on how to stay ahead of these threats. Discover the strategies for building cyber resilience, the role of AI in retail, the importance of protecting consumer trust and the critical role of identity in safeguarding sensitive data. JJ's journey from tech enthusiast to CIO offers actionable insights and expert advice for cyber professionals, business leaders and anyone with a seat at or view of the cybersecurity table.

How prepared is your organization for disruption? In our latest episode, we dive deep into the critical topic of Business Continuity Planning (BCP) with cybersecurity expert and new Reveal Risk Director Todd Wilkinson. As digital dependencies grow, the way companies approach BCP must evolve. Todd highlights the shift in ownership from IT departments to business leaders, shedding light on the necessity for everyone in the organization to take accountability for continuity strategies. Drawing from his wealth of experience, Todd recounts compelling stories of real-world failures and the stark realities of service disruptions, particularly in the healthcare sector. He explains how reliance on SaaS and cloud services has transformed the landscape of planning, creating both opportunities and vulnerabilities. Listeners will gain valuable insights into best practices for establishing effective BCP protocols, including the vital distinction between BCP and disaster recovery planning. We tackle the importance of clear communication strategies during crises, the need for frequent testing, and the changing roles of different departments when it comes to continuity planning. Engaging and informative, this episode encourages organizations to rethink BCP as a crucial aspect of operational resilience rather than just a checklist for IT departments. Subscribe, share, and let us know how your organization is preparing for unexpected challenges or if you need help along the way! 

- Response and Recovery (Part II) Markus Epner - Head of Academy at F24 AG. Markus possesses a wealth of experience in security and crisis management. In this episode, he is in conversation with - Lorenz Kuhlee, who is a highly experienced IT security professional working with PwC's Risk & Regulation Team in Germany. His specialties include large-scale data breach investigations, cyber incident response, and digital forensics. At PwC, Lorenz leads technical teams through complex cases and brings expertise in project management, specifically tailored to digital forensics and incident response (DFIR). In addition to his work at PwC, Lorenz is the co-author of Computer Forensics Hacks, a practical collection of methods, tips, and tricks from computer forensics. 02:30 How should companies communicate internally during the early stage of a crisis/incident? 03:53 What happens if the whole system is compromised and there are no redundant channels for crisis communication? 07:40 What could make a situation worse? 11:34 Should they call the police or that will make the situation worse? 15:35 Communicating with the Attacker - Am I allowed to speak to the cyber criminal?

Just last week, major cryptocurrency exchange Bybit's cold wallet of etherium was compromised triggering a rush of withdrawals from users fearing potential insolvency. Here in Singapore in late 2024, Singapore’s regulator unveiled new measures meant to ring-fence Singapore customers’ assets to avoid the huge losses that can occur when cryptocurrency firms went bust - among them requiring customers assets from those of the digital asset firm's own assets. Against this backdrop of increasing complexity and opportunity in digital finance, what do start-up founders in this space need to understand about how digital custody infrastructure is evolving? Michelle Martin finds out in conversion with Arthit Sriumporn, Founder & CEO, Rakkar Digital. See omnystudio.com/listener for privacy information.

In today's episode, I welcome Ricardo Ferreira, EMEA Field CISO at Fortinet, to discuss how the UK's proposed Cybersecurity and Resilience Bill compares to the EU's NIS2 directive. Ricardo brings a wealth of experience in cybersecurity strategy and regulation, and he shares why he believes the UK's bill is missing key components that could make it truly effective. With Brexit allowing the UK to take an independent approach, Ricardo argues that there is a unique opportunity to cherry-pick the most effective elements from NIS2 while avoiding its potential pitfalls. But is the current bill providing enough clarity?  Ricardo highlights how the legislation introduces buzzwords like "digital supply chain" without actually outlining a clear path for addressing cyber threats. In contrast, NIS2 lays out a prescriptive approach that includes risk profiling, supply chain security frameworks, and post-breach recovery strategies. We also explore the growing need for board-level accountability in cybersecurity. Should executives and directors be held personally responsible for cyber resilience within their organizations? And how can governments ensure that businesses have both the guidance and incentives to proactively address security risks rather than reactively scramble to contain breaches? With cyber threats only growing more sophisticated, the role of regulation in mitigating risk has never been more important. But does the UK's current legislative approach go far enough? And what lessons can be learned from international frameworks like NIS2? Tune in for an insightful discussion on the future of cybersecurity policy, where it's headed, and what needs to change to create truly resilient digital infrastructures. As always, I'd love to hear your thoughts—how should governments balance regulation with innovation in cybersecurity?

Explore the Secrets to Cyber Resilience in Episode 169 of Business Influencers, René-Sylvain Bédard, Founder & CEO of Indominus, reveals how to turn your business into a fortress against cyber threats. With decades of expertise in AI, security, and risk management, he shares actionable insights to safeguard your organization. Hosted by Chris Salem, this is an episode you can't afford to miss! Tune in to TALRadio English now on Spotify and Apple Podcast! Host : Chris Salem Guest : René-Sylvain Bédard, Founder & CEO of Indominus You Can Reach René-Sylvain Bédard @ indominus.com #TALRadioEnglish #ExploreCyberResilience #BusinessSecurity #TechLeadership #CyberThreatProtection #DigitalFortress #AIandSecurity #ManagedSecurity #CyberDefense #SecureYourBusiness #BusinessInfluencers #touchalife #TALRadio

Zero Trust World 2025, hosted by ThreatLocker, is set to bring together IT professionals, business leaders, and cybersecurity practitioners for three days of hands-on labs, insightful discussions, and expert-led sessions. Taking place in Orlando, Florida, from February 19-21, this year's event promises an expanded agenda with cutting-edge topics, interactive workshops, and a unique approach to cybersecurity education.The Growth of Zero Trust WorldNow in its fifth year, Zero Trust World continues to grow exponentially, increasing in size by roughly 50% each year. Kieran Human, Special Projects Engineer at ThreatLocker, attributes this rapid expansion to the rising demand for cybersecurity solutions and the company's own growth. More IT leaders are recognizing the necessity of a Zero Trust approach—not just as a security measure, but as a fundamental philosophy for protecting their organizations.What to Expect: Hands-On Learning and Key DiscussionsOne of the biggest draws of Zero Trust World is its focus on hands-on experiences. Attendees can participate in hacking labs designed to teach them how cyber threats operate from an attacker's perspective. These include interactive exercises using rubber duckies—USB devices that mimic keyboards to inject malicious commands—demonstrating how easily cybercriminals can compromise systems.For those interested in practical applications of security measures, there will be sessions covering topics such as cookie theft, Metasploit, Windows and server security, and malware development. Whether an attendee is an entry-level IT professional or a seasoned security engineer, there's something to gain from these hands-on labs.High-Profile Speakers and Industry InsightsBeyond the labs, Zero Trust World 2025 will feature a lineup of influential speakers, including former Nintendo of America President and CEO Reggie Fils-Aimé, Chase Cunningham (known as Dr. Zero Trust), and ThreatLocker CEO Danny Jenkins. These sessions will provide strategic insights on Zero Trust implementation, industry challenges, and innovative cybersecurity practices.One of the key sessions to look forward to is “The Dangers of Shadow IT,” led by Ryan Bowman, VP of Solution Engineering at ThreatLocker. Shadow IT remains a major challenge for organizations striving to implement Zero Trust, as unauthorized applications and devices create vulnerabilities that security teams may not even be aware of. Stay tuned for a pre-event chat with Ryan coming your way soon.Networking, Certification, and MoreZero Trust World isn't just about education—it's also a prime networking opportunity. Attendees can connect during daily happy hours, the welcome and closing receptions, and a comic book-themed afterparty. ThreatLocker is even introducing a new cybersecurity comic book, adding a creative twist to the conference experience.A major highlight is the Cyber Hero Program, which offers attendees a chance to earn certification in Zero Trust principles. By completing the Cyber Hero exam, participants can have the cost of their event ticket fully refunded, making this an invaluable opportunity for those looking to deepen their cybersecurity expertise.A Unique Capture the Flag ChallengeFor those with advanced cybersecurity skills, the Capture the Flag challenge presents an exciting opportunity. The first person to successfully hack a specially designed, custom-painted high-end computer gets to take it home. This competition is expected to draw some of the best security minds in attendance, reinforcing the event's commitment to real-world application of cybersecurity techniques.Join the ConversationWith so much to see and do, Zero Trust World 2025 is shaping up to be an essential event for IT professionals, business leaders, and security practitioners. Sean Martin and Marco Ciappelli will be covering the event live, hosting interviews with speakers, panelists, and attendees to capture insights and takeaways.Whether you're looking to enhance your security knowledge, expand your professional network, or experience hands-on cybersecurity training, Zero Trust World 2025 offers something for everyone. If you're attending, be sure to stop by the podcast area and join the conversation on the future of Zero Trust security.Guest: Kieran Human, Special Projects Engineer, ThreatLocker [@ThreatLocker | On LinkedIn: https://www.linkedin.com/in/kieran-human-5495ab170/Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber] | On ITSPmagazine:  https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast & Audio Signals Podcast | On ITSPmagazine: https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________This Episode's SponsorsThreatLocker: https://itspm.ag/threatlocker-r974____________________________ResourcesLearn more and catch more stories from ZTW 2025 coverage: https://www.itspmagazine.com/zero-trust-world-2025-cybersecurity-and-zero-trust-event-coverage-orlando-floridaRegister for Zero Trust World 2025: https://itspm.ag/threat5mu1____________________________Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastTo see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcastWant to tell your Brand Story Briefing as part of our event coverage? Learn More

Zero Trust World 2025, hosted by ThreatLocker, is set to bring together IT professionals, business leaders, and cybersecurity practitioners for three days of hands-on labs, insightful discussions, and expert-led sessions. Taking place in Orlando, Florida, from February 19-21, this year's event promises an expanded agenda with cutting-edge topics, interactive workshops, and a unique approach to cybersecurity education.The Growth of Zero Trust WorldNow in its fifth year, Zero Trust World continues to grow exponentially, increasing in size by roughly 50% each year. Kieran Human, Special Projects Engineer at ThreatLocker, attributes this rapid expansion to the rising demand for cybersecurity solutions and the company's own growth. More IT leaders are recognizing the necessity of a Zero Trust approach—not just as a security measure, but as a fundamental philosophy for protecting their organizations.What to Expect: Hands-On Learning and Key DiscussionsOne of the biggest draws of Zero Trust World is its focus on hands-on experiences. Attendees can participate in hacking labs designed to teach them how cyber threats operate from an attacker's perspective. These include interactive exercises using rubber duckies—USB devices that mimic keyboards to inject malicious commands—demonstrating how easily cybercriminals can compromise systems.For those interested in practical applications of security measures, there will be sessions covering topics such as cookie theft, Metasploit, Windows and server security, and malware development. Whether an attendee is an entry-level IT professional or a seasoned security engineer, there's something to gain from these hands-on labs.High-Profile Speakers and Industry InsightsBeyond the labs, Zero Trust World 2025 will feature a lineup of influential speakers, including former Nintendo of America President and CEO Reggie Fils-Aimé, Chase Cunningham (known as Dr. Zero Trust), and ThreatLocker CEO Danny Jenkins. These sessions will provide strategic insights on Zero Trust implementation, industry challenges, and innovative cybersecurity practices.One of the key sessions to look forward to is “The Dangers of Shadow IT,” led by Ryan Bowman, VP of Solution Engineering at ThreatLocker. Shadow IT remains a major challenge for organizations striving to implement Zero Trust, as unauthorized applications and devices create vulnerabilities that security teams may not even be aware of. Stay tuned for a pre-event chat with Ryan coming your way soon.Networking, Certification, and MoreZero Trust World isn't just about education—it's also a prime networking opportunity. Attendees can connect during daily happy hours, the welcome and closing receptions, and a comic book-themed afterparty. ThreatLocker is even introducing a new cybersecurity comic book, adding a creative twist to the conference experience.A major highlight is the Cyber Hero Program, which offers attendees a chance to earn certification in Zero Trust principles. By completing the Cyber Hero exam, participants can have the cost of their event ticket fully refunded, making this an invaluable opportunity for those looking to deepen their cybersecurity expertise.A Unique Capture the Flag ChallengeFor those with advanced cybersecurity skills, the Capture the Flag challenge presents an exciting opportunity. The first person to successfully hack a specially designed, custom-painted high-end computer gets to take it home. This competition is expected to draw some of the best security minds in attendance, reinforcing the event's commitment to real-world application of cybersecurity techniques.Join the ConversationWith so much to see and do, Zero Trust World 2025 is shaping up to be an essential event for IT professionals, business leaders, and security practitioners. Sean Martin and Marco Ciappelli will be covering the event live, hosting interviews with speakers, panelists, and attendees to capture insights and takeaways.Whether you're looking to enhance your security knowledge, expand your professional network, or experience hands-on cybersecurity training, Zero Trust World 2025 offers something for everyone. If you're attending, be sure to stop by the podcast area and join the conversation on the future of Zero Trust security.Guest: Kieran Human, Special Projects Engineer, ThreatLocker [@ThreatLocker | On LinkedIn: https://www.linkedin.com/in/kieran-human-5495ab170/Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber] | On ITSPmagazine:  https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast & Audio Signals Podcast | On ITSPmagazine: https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________This Episode's SponsorsThreatLocker: https://itspm.ag/threatlocker-r974____________________________ResourcesLearn more and catch more stories from ZTW 2025 coverage: https://www.itspmagazine.com/zero-trust-world-2025-cybersecurity-and-zero-trust-event-coverage-orlando-floridaRegister for Zero Trust World 2025: https://itspm.ag/threat5mu1____________________________Catch all of our event coverage: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverageTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastTo see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcastWant to tell your Brand Story Briefing as part of our event coverage? Learn More

What's the REAL cost of cyberattacks? 

- Response and Recovery (Part I) Markus Epner - Head of Academy at F24 AG. Markus possesses a wealth of experience in security and crisis management. In this episode, he is in conversation with - Lorenz Kuhlee, who is a highly experienced IT security professional working with PwC's Risk & Regulation Team in Germany. His specialties include large-scale data breach investigations, cyber incident response, and digital forensics. At PwC, Lorenz leads technical teams through complex cases and brings expertise in project management, specifically tailored to digital forensics and incident response (DFIR). In addition to his work at PwC, Lorenz is the co-author of Computer Forensics Hacks, a practical collection of methods, tips, and tricks from computer forensics. 03:30 If you could describe a cyber incident in three words, what would they be? 06:30 There's only three ways in which you can compromise your computer network 12:48 In your experience, what is the most critical aspect of a company's readiness for engaging a CERT team during an incident? 16:31 I am always saying I can train every company to be like James Bond, 007 - but that also has something to do with the culture and the DNA of the company 17:19 How does a CERT team function and collaborate during an incident?

About the CISO Circuit SeriesSean Martin and Michael Piacente join forces roughly once per month (or so, depending on schedules) to discuss everything from looking for a new job, entering the field, finding the right work/life balance, examining the risks and rewards in the role, building and supporting your team, the value of the community, relevant newsworthy items, and so much more. Join us to help us understand the role of the CISO so that we can collectively find a path to Redefining CyberSecurity for business and society. If you have a topic idea or a comment on an episode, feel free to contact Sean Martin.____________________________Guests: Heather Hinton, CISO-in-Residence, Professional Association of CISOsOn LinkedIn | https://www.linkedin.com/in/heather-hinton-9731911/____________________________Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martinMichael Piacente, Managing Partner and Cofounder of Hitch PartnersOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/michael-piacente____________________________This Episode's SponsorsImperva | https://itspm.ag/imperva277117988LevelBlue | https://itspm.ag/levelblue266f6cThreatLocker | https://itspm.ag/threatlocker-r974___________________________Episode NotesIn this episode of the CISO Circuit Series, part of the Redefining Cybersecurity Podcast on ITSPmagazine, hosts Sean Martin and Michael Piacente welcomed Heather Hinton, seasoned cybersecurity leader, to discuss the evolving responsibilities and recognition of Chief Information Security Officers (CISOs). Their conversation explored the transformative work of the Professional Association of CISOs (PAC), an organization dedicated to establishing standards, accreditation, and support for cybersecurity leaders globally.This episode addressed three critical questions shaping the modern CISO role:How can CISOs build trust within their organizations?What is PAC doing to elevate cybersecurity as a recognized profession?How can CISOs prepare for increasing scrutiny and legal risks?Building Trust: A CISO's Key ResponsibilityHeather Hinton, whose career includes leadership roles like VP and CISO for IBM Cloud and PagerDuty, underscores that trust is foundational for a CISO's success. Beyond technical expertise, a CISO must demonstrate leadership, strategic thinking, and effective communication with boards, executives, and teams. Hinton highlights that cybersecurity should not be perceived as merely a technical function but as a critical enabler of business objectives.The PAC accreditation process reinforces this perspective by formalizing the skills needed to build trust. From fostering collaboration to aligning security strategies with organizational goals, PAC equips CISOs with tools to establish credibility and demonstrate value from day one.Elevating Cybersecurity as a Recognized ProfessionMichael Piacente, Managing Partner at Hitch Partners and co-host of the CISO Circuit Series, emphasizes PAC's role in professionalizing cybersecurity. By introducing a Code of Professional Conduct, structured accreditation programs, and robust career development resources, PAC is raising the bar for the profession. Hinton and Piacente explain that PAC's ultimate vision is to make membership and accreditation standard for CISO roles, akin to certifications we've come to expect and rely upon for doctors or lawyers.This vision reflects a growing recognition of cybersecurity as a discipline critical not only to organizations but to society as a whole. PAC's advocacy extends to shaping global policies, setting professional standards, and fostering an environment where CISOs are equipped to handle emerging challenges like hybrid warfare and AI-driven threats.Preparing for Legal Risks and Industry ChallengesThe conversation also delves into the increasing legal and regulatory scrutiny CISOs face. Piacente and Hinton stress the importance of having clear job descriptions, liability protections, and professional resources—areas where PAC is driving significant progress. By providing legal and mental health support, along with peer-driven mentorship, PAC empowers CISOs to navigate these challenges with confidence.Hinton notes that PAC is also a critical voice in addressing broader systemic risks, advocating for policies that protect CISOs while ensuring they are well-positioned to protect their organizations and society.Looking AheadWith goals to expand its membership to 1,000 and scale its accreditation programs by 2025, PAC is setting the foundation for a more unified and professionalized cybersecurity community. Hinton envisions PAC becoming a global authority, advising governments and organizations on cybersecurity standards and policies while fostering collaboration among professionals.For those aspiring to advance cybersecurity as a recognized profession, PAC offers a platform to shape the future of the field. Learn more about PAC and how to join at TheCISO.org.____________________________Watch this and other videos on ITSPmagazine's YouTube ChannelRedefining CyberSecurity Podcast with Sean Martin, CISSP playlist:

About the CISO Circuit SeriesSean Martin and Michael Piacente join forces roughly once per month (or so, depending on schedules) to discuss everything from looking for a new job, entering the field, finding the right work/life balance, examining the risks and rewards in the role, building and supporting your team, the value of the community, relevant newsworthy items, and so much more. Join us to help us understand the role of the CISO so that we can collectively find a path to Redefining CyberSecurity for business and society. If you have a topic idea or a comment on an episode, feel free to contact Sean Martin.____________________________Guests: Heather Hinton, CISO-in-Residence, Professional Association of CISOsOn LinkedIn | https://www.linkedin.com/in/heather-hinton-9731911/____________________________Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martinMichael Piacente, Managing Partner and Cofounder of Hitch PartnersOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/michael-piacente____________________________This Episode's SponsorsImperva | https://itspm.ag/imperva277117988LevelBlue | https://itspm.ag/levelblue266f6cThreatLocker | https://itspm.ag/threatlocker-r974___________________________Episode NotesIn this episode of the CISO Circuit Series, part of the Redefining Cybersecurity Podcast on ITSPmagazine, hosts Sean Martin and Michael Piacente welcomed Heather Hinton, seasoned cybersecurity leader, to discuss the evolving responsibilities and recognition of Chief Information Security Officers (CISOs). Their conversation explored the transformative work of the Professional Association of CISOs (PAC), an organization dedicated to establishing standards, accreditation, and support for cybersecurity leaders globally.This episode addressed three critical questions shaping the modern CISO role:How can CISOs build trust within their organizations?What is PAC doing to elevate cybersecurity as a recognized profession?How can CISOs prepare for increasing scrutiny and legal risks?Building Trust: A CISO's Key ResponsibilityHeather Hinton, whose career includes leadership roles like VP and CISO for IBM Cloud and PagerDuty, underscores that trust is foundational for a CISO's success. Beyond technical expertise, a CISO must demonstrate leadership, strategic thinking, and effective communication with boards, executives, and teams. Hinton highlights that cybersecurity should not be perceived as merely a technical function but as a critical enabler of business objectives.The PAC accreditation process reinforces this perspective by formalizing the skills needed to build trust. From fostering collaboration to aligning security strategies with organizational goals, PAC equips CISOs with tools to establish credibility and demonstrate value from day one.Elevating Cybersecurity as a Recognized ProfessionMichael Piacente, Managing Partner at Hitch Partners and co-host of the CISO Circuit Series, emphasizes PAC's role in professionalizing cybersecurity. By introducing a Code of Professional Conduct, structured accreditation programs, and robust career development resources, PAC is raising the bar for the profession. Hinton and Piacente explain that PAC's ultimate vision is to make membership and accreditation standard for CISO roles, akin to certifications we've come to expect and rely upon for doctors or lawyers.This vision reflects a growing recognition of cybersecurity as a discipline critical not only to organizations but to society as a whole. PAC's advocacy extends to shaping global policies, setting professional standards, and fostering an environment where CISOs are equipped to handle emerging challenges like hybrid warfare and AI-driven threats.Preparing for Legal Risks and Industry ChallengesThe conversation also delves into the increasing legal and regulatory scrutiny CISOs face. Piacente and Hinton stress the importance of having clear job descriptions, liability protections, and professional resources—areas where PAC is driving significant progress. By providing legal and mental health support, along with peer-driven mentorship, PAC empowers CISOs to navigate these challenges with confidence.Hinton notes that PAC is also a critical voice in addressing broader systemic risks, advocating for policies that protect CISOs while ensuring they are well-positioned to protect their organizations and society.Looking AheadWith goals to expand its membership to 1,000 and scale its accreditation programs by 2025, PAC is setting the foundation for a more unified and professionalized cybersecurity community. Hinton envisions PAC becoming a global authority, advising governments and organizations on cybersecurity standards and policies while fostering collaboration among professionals.For those aspiring to advance cybersecurity as a recognized profession, PAC offers a platform to shape the future of the field. Learn more about PAC and how to join at TheCISO.org.____________________________Watch this and other videos on ITSPmagazine's YouTube ChannelRedefining CyberSecurity Podcast with Sean Martin, CISSP playlist:

This week on Feds At the Edge, we dive into the evolution of the Cybersecurity and Infrastructure Agency's Continuous Diagnostics and Mitigation (CDM) program in addressing the growing cyber-attack surface.   Hemant Baidwan, CISO for DHS, OCIO, noted that Continuous Diagnostics and Mitigation is a comprehensive suite of tools and policies, with a key focus on understanding the attack surface and ensuring high data quality during deployment.  John Schneider, Senior Systems Engineer, Axonius Federal, discussed the challenges inherent in managing IoT and OT devices for federal agencies, stressing interoperability and automation as best practices.   Tune in on your favorite podcasting platform as we discuss the critical role of partnerships and inter-agency collaboration to enhance cybersecurity postures.     = = =  

  The U.S. healthcare system, which includes roughly 200 federal hospitals, are constantly at risk for or under cyber-attack.   This week on Feds-At-The Edge we explore ways to improve security through basic controls like software updates and patching, with the conversation quickly turning to the importance of practical strategy.   >> Developing a good data inventory: Full of IoT devices? Learn what to include for your expanded attack surface   >> Human Interaction: Learn the critical role humans play amid the new promises of AI   >> Contingency Plans: If your agency was attacked today with ransomware, would you be able to identify your critical data?     

Podcast: Bites & Bytes PodcastEpisode: Cyber Resilience Reimagined: Andrew Rose and Dr. Darin Detwiler (Part 2)Pub date: 2024-12-29Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn the final episode of 2024 and Part 2 of this series, host Kristin Demoranville continues her compelling conversation with two influential experts: Andrew Rose, an AgFuturist, and Dr. Darin Detwiler, a renowned food safety advocate and educator. Andrew shares his perspective on the challenges of balancing innovation and resilience in the food and agriculture sector.  He emphasizes the importance of analog systems and legacy knowledge in a world increasingly dependent on digital solutions. He offers a compelling view of how businesses can build continuity and prepare for unexpected disruptions. Dr. Detwiler brings a global lens to the table, discussing the vulnerabilities in our food supply and how cybersecurity must evolve to meet the challenges of an interconnected world. From regulatory gaps to the role of collective courage, his insights highlight the urgent need for action to ensure the safety and security of what sustains us all. This episode powerfully concludes our first season, offering a blend of realism, hope, and practical wisdom.  Join us as we close out the year with this meaningful conclusion to Season One. _______________________________________________ Episode Key Highlights (0:00:19) - Season 1 Finale Introduction (0:00:24) - Recap of Part 1 and What to Expect in Part 2 (0:00:38) - Automation Vulnerabilities in Food Systems (0:01:13) - Cyber Threats and Raw Milk Concerns (0:03:32) - Avian Influenza Risks in Dairy Supply Chains (0:06:01) - Analog Systems and Legacy Knowledge for Resilience (0:07:14) - The Importance of Business Continuity Planning (0:14:25) - Global Collaboration for Food System Security (0:15:17) - Accountability in Food Cybersecurity (0:19:26) - Cybersecurity's Role in Cross-Border Food Trade (0:28:20) - Consumer Awareness and Food Safety Education _______________________________________________ Cyberbiosecurity Summit February 25-26, Laurel, Maryland:  https://www.cyberbiosecuritysummit.org/ Sumitt to a proposal to speak here:  https://www.cyberbiosecuritysummit.org/sessions _______________________________________________ BSides ICS/OT Conference

Podcast: Bites & Bytes PodcastEpisode: Cyber Resilience in Food and Agriculture: Andrew Rose & Dr. Darin Detwiler (Part 1)Pub date: 2024-12-18Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this episode, Kristin Demoranville sits down with AgFuturist Andrew Rose and food safety advocate Dr. Darin Detwiler to discuss why cybersecurity is a growing concern for the food and agriculture industries. Andrew Rose, an advisor to BIO-ISAC and a leader in agricultural innovation, shares his insights into protecting farmers and food supply chains from cyber threats.  Dr. Detwiler, a renowned food safety expert, educator, and author, explains why inaction is the greatest cost to our global food systems.  Tune in for an eye-opening conversation on resilience, risks, and real solutions for protecting what feeds us all.

In this episode of Now That's IT: Stories of MSP Success, we sit down with Paul Cashmore, co-founder of Solace Global Cyber, to explore his incredible journey of transforming a traditional MSP into a leading MSSP. Paul shares how his passion for cybersecurity and a service-first mindset fueled rapid growth, while also addressing the challenges MSPs face in today's evolving IT landscape.Discover how Paul developed a risk-based approach to cybersecurity, handled high-stakes ransomware incidents, and built a culture of innovation and adaptability. Whether you're an MSP owner looking to scale, an IT leader navigating cybersecurity complexities, or a tech enthusiast curious about industry evolution, this episode is packed with actionable insights and inspiration.Key Topics Covered:Transitioning from MSP to MSSP: Lessons for IT leaders.Risk as a growth driver: Building cybersecurity services that scale.Handling ransomware recovery: Real-world examples and strategies.Recruiting and training top talent in a competitive field.Join host Chris Massey as we uncover the strategies behind Paul's success and explore what it takes to thrive in the fast-changing IT and cybersecurity space.

Guest: Ravi Nayyar, PhD Scholar, The University Of SydneyOn LinkedIn | https://www.linkedin.com/in/stillromancingwithlife/At AISA AU Cyber Con | https://melbourne2024.cyberconference.com.au/speakers/ravi-nayyar-uyhe3Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast & Audio Signals PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesThe discussion begins with a unique and lighthearted analogy: comparing cybersecurity professionals to superheroes. Marco draws parallels to characters like “The Avengers” and “Deadpool,” describing them as defenders of our digital world. Ravi builds on this playful yet thought-provoking metaphor, likening the fight against cybercriminals to epic battles against villains, highlighting the high stakes of cybersecurity in critical systems.The Cyber Zoo: Ravi Nayyar's Research FocusRavi introduces his research, focusing on the regulation of cyber resilience within critical infrastructure, particularly the software supply chain. Using the metaphor of a “zoo,” he paints a vivid picture of the cybersecurity ecosystem, where diverse stakeholders—government bodies, infrastructure operators, and software vendors—must coexist and collaborate. His work delves into how companies can be held accountable for their cyber practices, aiming to secure national and global systems.The Role of Humans in CybersecurityAt the heart of cybersecurity, Ravi emphasizes, is the human element. His research highlights the need for incentivizing all players—critical infrastructure operators, software developers, and even end users—to embed secure practices into their operations. It's not just about rules and frameworks but about fostering a culture of responsibility and collaboration in an interconnected world.The Case for Stronger Cyber LawsRavi critiques the historically relaxed approach to regulating software security, particularly for critical systems, and advocates for stronger, standardized laws. He compares cybersecurity frameworks to those used for medical devices, which are rigorously regulated for public safety. By adopting similar models, critical software could be held to higher standards, reducing risks to national security.Global Cooperation and the Fight Against Regulatory ArbitrageThe discussion shifts to the need for international collaboration in cybersecurity. Ravi underscores the risk of regulatory arbitrage, where companies exploit weaker laws in certain regions to save costs. He proposes global coalitions and standardization bodies as potential solutions to ensure consistent and robust security practices worldwide.Incentivizing Secure PracticesDelving into the practical side of regulation, Ravi discusses ways to incentivize companies to adopt secure practices. From procurement policies favoring vendors with strong cybersecurity commitments to the potential for class action lawsuits, the conversation explores the multifaceted strategies needed to hold organizations accountable and foster a safer digital ecosystem.Closing Thoughts: Collaboration for a Safer Digital WorldSean, Marco, and Ravi wrap up the episode by emphasizing the critical need for cross-sector collaboration—between academia, industry, media, and government—to tackle the evolving challenges of cybersecurity. By raising public awareness and encouraging proactive measures, they highlight the importance of a unified effort to secure our digital infrastructure.____________________________This Episode's SponsorsThreatlocker: https://itspm.ag/threatlocker-r974____________________________ResourcesThe theory of saving the world: Intervention requests and critical infrastructure: https://melbourne2024.cyberconference.com.au/sessions/session-eI6eYNriflLearn more and catch more stories from Australian Cyber Conference 2024 coverage: https://www.itspmagazine.com/australian-cyber-conference-melbourne-2024-cybersecurity-event-coverage-in-australiaBe sure to share and subscribe!____________________________Catch all of our event coverage: https://www.itspmagazine.com/technology-cybersecurity-society-humanity-conference-and-event-coverageTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastTo see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcastWant to tell your Brand Story Briefing as part of our event coverage?Learn More

In this final installment of a trio of discussions with Theresa Lanowitz about Cyber Resilience, we put it all together and attempt to figure out what the road to cyber resilience looks like, and what barriers security leaders will have to tackle along the way. We'll discuss: How to identify these barriers to cyber resilience Be secure by design Align cybersecurity investments with the business Also, be sure to check out the first two installments of this series! Episode 380: Cybersecurity Success is Business Success Episode 383: Cybersecurity Budgets: The Journey from Reactive to Proactive This segment is sponsored by LevelBlue. Visit https://securityweekly.com/levelblue to learn more about them! When focused on cybersecurity through a vulnerability management lens, it's tempting to see the problem as a race between exploit development and patching speed. This is a false narrative, however. While there are hundreds of thousands of vulnerabilities, each requiring unique exploits, the number of post-exploit actions is finite. Small, even. Although Log4j was seemingly ubiquitous and easy to exploit, we discovered the Log4Shell attack wasn't particularly useful when organizations had strong outbound filters in place. Today, we'll discuss an often overlooked advantage defenders have: mitigating controls like traffic filtering and application control that can prevent a wide range of attack techniques. This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more about them! This week, in the enterprise security news, Funding and acquisition news slows down as we get into the “I'm more focused on holiday shopping season” North Pole Security picked an appropriate time to raise some seed funding Breaking news, it's still super easy to exfiltrate data The Nearest Neighbor Attack Agentic Security is the next buzzword you're going to be tired of soon Frustrations with separating work from personal in the Apple device ecosystem We check in on the AI SOC and see how it's going Office surveillance technology gives us the creeps All that and more, on this episode of Enterprise Security Weekly. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-386

In this final installment of a trio of discussions with Theresa Lanowitz about Cyber Resilience, we put it all together and attempt to figure out what the road to cyber resilience looks like, and what barriers security leaders will have to tackle along the way. We'll discuss: How to identify these barriers to cyber resilience Be secure by design Align cybersecurity investments with the business Also, be sure to check out the first two installments of this series! Episode 380: Cybersecurity Success is Business Success Episode 383: Cybersecurity Budgets: The Journey from Reactive to Proactive This segment is sponsored by LevelBlue. Visit https://securityweekly.com/levelblue to learn more about them! When focused on cybersecurity through a vulnerability management lens, it's tempting to see the problem as a race between exploit development and patching speed. This is a false narrative, however. While there are hundreds of thousands of vulnerabilities, each requiring unique exploits, the number of post-exploit actions is finite. Small, even. Although Log4j was seemingly ubiquitous and easy to exploit, we discovered the Log4Shell attack wasn't particularly useful when organizations had strong outbound filters in place. Today, we'll discuss an often overlooked advantage defenders have: mitigating controls like traffic filtering and application control that can prevent a wide range of attack techniques. This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more about them! This week, in the enterprise security news, Funding and acquisition news slows down as we get into the “I'm more focused on holiday shopping season” North Pole Security picked an appropriate time to raise some seed funding Breaking news, it's still super easy to exfiltrate data The Nearest Neighbor Attack Agentic Security is the next buzzword you're going to be tired of soon Frustrations with separating work from personal in the Apple device ecosystem We check in on the AI SOC and see how it's going Office surveillance technology gives us the creeps All that and more, on this episode of Enterprise Security Weekly. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-386

In this final installment of a trio of discussions with Theresa Lanowitz about Cyber Resilience, we put it all together and attempt to figure out what the road to cyber resilience looks like, and what barriers security leaders will have to tackle along the way. We'll discuss: How to identify these barriers to cyber resilience Be secure by design Align cybersecurity investments with the business Also, be sure to check out the first two installments of this series! Episode 380: Cybersecurity Success is Business Success Episode 383: Cybersecurity Budgets: The Journey from Reactive to Proactive This segment is sponsored by LevelBlue. Visit https://securityweekly.com/levelblue to learn more about them! Show Notes: https://securityweekly.com/esw-386

RAG is revolutionizing data protection and Cohesity is driving it forward to pull insights from secondary data. Host Patrick Moorhead is joined by Cohesity's President & CEO, Sanjay Poonen, on this episode of the Six Five On The Road at AWS re:Invent. They discuss the intersection of cybersecurity, innovation, and the future landscape of the tech sector. Tune in for more on ⤵️ The future of data protection, AI, and the $7 BILLION Veritas acquisition Emerging trends for 2025: IPO, M&A activities, AI regulation, and investment changes The current M&A climate of within the security sector The 5 S's of data strategy: Sanjay shares his framework for building a winning data strategy: Speed, Scale, Security, Simplicity, and Smart (AI)  The critical role of cyber resilience in ensuring business continuity, informed by Cohesity's Global Cyber Resilience report findings The data goldmine: The importance of not just protecting data (defense), but also using AI to unlock its full potential (offense). Think "Snowflake meets Palo Alto"

  What happens when the backbone of modern society—our critical national infrastructure—faces an evolving cyber threat landscape? In this episode, Tony Burton, Managing Director of Cyber Security & Trust at Thales UK, joins the show to explore the growing cybersecurity risks posed to smart grids and essential utilities, backed by insights from Thales' 2024 Data Threat Report. Tony sheds light on the vulnerabilities introduced by the digitalization of critical infrastructure, explaining how the shift to smart grids and interconnected systems has opened new avenues for cybercriminals. He highlights the startling rise in ransomware attacks, insider threats, and human error as key contributors to data breaches in these high-stakes environments. With over 42% of critical infrastructure organizations reporting a cyber breach and 93% noting an increase in attacks, the stakes couldn't be higher. We'll discuss the real-world implications of these risks, from the potential for widespread blackouts and disruptions to essential services, to the theft of energy resources and compromised public safety. Tony also shares actionable strategies for safeguarding the future of energy supplies, emphasizing the importance of multi-layered defenses, proactive threat detection, and robust incident response plans. The episode also dives into the cutting-edge work at Thales' Cyber Resilience Lab in Ebbw Vale, where smart grid technology is stress-tested against a variety of cyber scenarios—all in a controlled offline environment. Tony underscores the critical role of innovation and compliance in building resilience, offering a forward-looking perspective on how the future of UK energy and national security hinges on addressing both present and emerging cyber threats. What do you think about the growing risks to critical infrastructure in a hyper-connected world? Join the conversation, and share your thoughts on how technology can help safeguard our most essential services.

This engaging Brand Story episode comes to you from AISA CyberCon 2024, in Melbourne, where Sean Martin and Marco Ciappelli explore with Jade Wilkie how ThreatLocker empowers organizations to achieve Zero Trust security and Essential Eight compliance through innovative tools and real-time adaptability. Learn how industry insights from the conference are shaping the future of cybersecurity solutions while keeping human-centric strategies at the forefront.Learn more about ThreatLocker: https://itspm.ag/threatlocker-r974Note: This story contains promotional content. Learn more.Guests: Jade Wilkie, Account Executive APAC, ThreatLocker [@ThreatLocker]On LinkedIn | https://www.linkedin.com/in/jade-wilkie-salesprofessional/ResourcesEssential Eight: https://itspm.ag/threatq55qZero Trust World: https://itspmagazine.com/zero-trust-world-2025-cybersecurity-and-zero-trust-event-coverage-orlando-floridaLearn more and catch more stories from ThreatLocker: https://www.itspmagazine.com/directory/threatlockerView all of our AISA Cyber Con 2024 coverage: https://www.itspmagazine.com/australian-cyber-conference-melbourne-2024-cybersecurity-event-coverage-in-australiaAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story

In this episode of the Virtually Speaking Podcast, Yoomi Hong and Belu de Arbelaiz from VMware Cloud Foundation Product Marketing at Broadcom join us to explore VMware Live Recovery and the latest announcements from VMware Explore. We delve into game-changing features like vSAN Local Recovery, which accelerates failback from VMware Cloud on AWS by up to 16x, and vSAN Remote Snapshot Replication, which enhances resilience with up to 200 immutable snapshots per VM. Additionally, we discuss the new On-Premises Isolated Recovery Environment (IRE), giving organizations the flexibility to safeguard critical workloads on-premises or in the cloud while ensuring data sovereignty and compliance. Listen in to learn how VMware Live Recovery and these new innovations are redefining resilience for today's IT environments.

Guest: Ambassador Brendan Dowling, Ambassador for Cyber Affairs and Critical Technology, DFATOn LinkedIn | https://www.linkedin.com/in/brendan-dowling-7812b4261/AT AU Cyber Con | https://canberra2024.cyberconference.com.au/speakers/brendan-dowlingHosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast & Audio Signals PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesThis conversation with Brendan Dowling gave us a glimpse into the strategies, challenges, and collaborations shaping Australia's digital future—and reminded us all that the cyber frontier is not just a technical battlefield but a deeply human one.The Role of a Cyber AmbassadorDowling began by discussing the unique responsibilities of a Cyber Ambassador, a role that integrates cybersecurity into foreign policy at the highest levels. He emphasized how this position, once viewed as an innovative experiment, has become a strategic necessity for national security. As cyber threats grow increasingly complex and borderless, cyber diplomacy has emerged as a critical tool for fostering stability and trust on the global stage.Strengthening Global CollaborationDuring the discussion, Dowling highlighted the collaborative nature of Australia's cybersecurity efforts. He explained how cooperation within government agencies and partnerships with international allies are key to staying ahead of emerging threats. These relationships enable critical information-sharing, strategic alignment, and unified responses to incidents, underscoring the interconnectedness of today's digital ecosystem.Navigating AI and Ethical ChallengesThe conversation turned to artificial intelligence and its growing role in society. Dowling addressed the ethical considerations of AI development and deployment, stressing the importance of balancing innovation with responsibility. He described Australia's approach to advocating for ethical design and policy frameworks that protect privacy and human rights while maximizing AI's benefits.Building Resilience in Critical InfrastructureCritical infrastructure was another focal point of the discussion. Dowling acknowledged the increasing complexity of protecting vital systems, from industrial control processes to supply chains. He emphasized resilience—not only in preventing attacks but in responding swiftly and effectively when incidents occur. This approach ensures that essential services, such as energy and manufacturing, can continue to operate even under pressure.Cultural Contexts in CybersecurityDowling also reflected on the role of cultural differences in shaping cybersecurity strategies. He shared experiences from his international work, where addressing issues like online safety and disinformation often requires sensitivity to local norms and values. Tailoring cybersecurity approaches to diverse cultural contexts, he noted, is vital for fostering trust and collaboration across regions.Conclusion:As the conversation concluded, Dowling reaffirmed the need for continued cooperation, innovation, and cultural understanding in tackling global cyber challenges. Sean Martin and Marco Ciappelli expressed their gratitude, leaving listeners with a clear message: cybersecurity is not just a technical issue—it's a global, ethical, and deeply human challenge that requires collective effort.____________________________This Episode's SponsorsThreatlocker: https://itspm.ag/threatlocker-r974____________________________ResourcesAustralia's global opportunity and responsibility: shaping a more secure region and a safer digital world (Session): https://canberra2024.cyberconference.com.au/sessions/australias-global-opportunity-and-responsibility-shaping-a-more-secure-region-and-a-safer-digital-worldLearn more and catch more stories from Australian Cyber Conference 2024 coverage: https://www.itspmagazine.com/australian-cyber-conference-melbourne-2024-cybersecurity-event-coverage-in-australiaBe sure to share and subscribe!____________________________Catch all of our event coverage: https://www.itspmagazine.com/technology-cybersecurity-society-humanity-conference-and-event-coverageTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastTo see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcastWant to tell your Brand Story Briefing as part of our event coverage?Learn More

Guest: Leanne Ngo, Associate Professor, La Trobe UniversityOn LinkedIn | https://www.linkedin.com/in/leanne-ngo-86979042/Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast & Audio Signals PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesDuring AISA Cyber Con 2024 in Melbourne, Sean Martin and Marco Ciappelli sat down with Dr. Leanne Ngo to discuss cyber resilience, community impact, and the role of culture in cybersecurity. Their conversation explored the intersection of technology, education, and human connection in the pursuit of a safer and more secure society.Dr. Ngo shared her perspective on resilience, highlighting its evolving definition. While digital tools increase opportunities for connection, she emphasized that face-to-face interaction remains vital, especially for vulnerable communities. Her work in promoting cybersecurity awareness involves building trust and understanding among diverse groups, tailoring approaches to their unique needs and cultural contexts.The discussion turned to the importance of culture in cybersecurity, with Dr. Ngo describing it as a gradual process of change driven by action and integration into everyday life. She stressed that cyber awareness—often focused on knowledge—must evolve into behavioral transformation, where secure practices become second nature both at work and in personal lives. This requires understanding the subcultures within organizations and communities and adapting strategies to resonate with their specific dynamics.Sean also brought up the concept of belief as a cornerstone for driving cultural change. Dr. Ngo agreed, emphasizing that confidence and a growth mindset are essential in fostering resilience. Drawing on her experience as a mentor and educator, she described how instilling belief in individuals' capacity to contribute to a secure society empowers them to take ownership of their role in cybersecurity.The conversation explored practical ways to bridge the gap between technical solutions and human-centered approaches. Dr. Ngo highlighted her work with the Australian government's "Stay Safe, Act Now" campaign, which focuses on localizing cybersecurity education. By adapting materials to the values and practices of various communities—such as the South Sudanese and Cambodian populations—her initiatives create relatable and impactful messaging that goes beyond surface-level translations.Education and workforce development also emerged as key themes. Dr. Ngo underscored the importance of short, targeted training programs, like micro-credentials, in addressing the growing skills gap in cybersecurity. Such programs offer accessible pathways for individuals from all backgrounds to contribute meaningfully to the industry, supporting Australia's ambition to be the most cyber-resilient country by 2030.Closing the discussion, Dr. Ngo reinforced that cybersecurity is fundamentally about people. By fostering empathy, understanding, and a collaborative spirit, society can build resilience not just through technology but through the collective effort of individuals who care deeply about protecting one another. This belief in human potential left an enduring impression, inspiring attendees to think beyond traditional approaches and embrace the human element at the core of cybersecurity.____________________________This Episode's SponsorsThreatlocker: https://itspm.ag/threatlocker-r974____________________________ResourcesLearn more and catch more stories from Australian Cyber Conference 2024 coverage: https://www.itspmagazine.com/australian-cyber-conference-melbourne-2024-cybersecurity-event-coverage-in-australiaBe sure to share and subscribe!____________________________Catch all of our event coverage: https://www.itspmagazine.com/technology-cybersecurity-society-humanity-conference-and-event-coverageTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastTo see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcastWant to tell your Brand Story Briefing as part of our event coverage?Learn More

In this episode of the Identity at the Center podcast, Jim McDonald is joined by guest David Mahdi, CIO at Transmit Security and former Gartner analyst. The discussion delves into the challenges of identity security and the necessity of transitioning from IAM to identity security to mitigate privacy, fraud, and scam risks. They explore the convergence of cybersecurity and identity, the rise of non-human identities, and the importance of cyber resilience. David shares insights from his global experiences and highlights the importance of behavior-based monitoring for both human and non-human identities. The episode wraps up with a lighter note as they discuss the perfect trail mix ingredients. 00:00 Welcome to the Identity at the Center Podcast 01:12 Guest Introduction: David Mahdi 02:35 The Evolution of Identity Security 04:13 The Importance of Identity Security 05:26 David Mahdi's Journey in Identity Security 07:20 Challenges in Identity and Access Management 10:10 The Role of Machine Learning in Identity Security 12:19 The Future of Identity Security 22:52 The Need for Convergence in Identity and Security Teams 33:01 Non-Human Identities and Their Management 41:00 Defining Roles and Responsibilities 41:46 Ignoring Non-Human Accounts 42:38 Emerging Threats and Risk Management 44:33 The Importance of Identity Security 46:46 Cyber Resilience in Modern Organizations 49:24 Cloud Services and Backup Plans 51:26 Ransomware and Data Access Governance 54:27 The Future of Identity Security 01:07:53 Trail Mix and Lighter Notes 01:14:32 Closing Remarks and Upcoming Events Connect with David: https://www.linkedin.com/in/dmahdi/ Learn more about Transmit Security: https://transmitsecurity.com/ Gartner IAM Summit - Save $375 on registration using our exclusive code IDAC375: https://www.gartner.com/en/conferences/na/identity-access-management-us Connect with us on LinkedIn: Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/ Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/ Visit the show on the web at http://idacpodcast.com Keywords: Identity Security, IAM, Cyber Resilience, Machine Identity, Non-Human Identity, Digital Transformation, Cloud Security, Zero Trust, Data Breach, Risk Management, ITDR, MFA Fatigue, Deepfakes, Gen AI, Copilot, Claude AI, Decentralized Identity, Quantum Computing, Ransomware, Data Access Governance, Transmit Security, Gartner IAM Summit, FIDO Authenticate Conference.

CISA's Director Easterly plans to step down in the coming year. DHS issues recommendations for AI in critical infrastructure.Palo Alto Networks confirms active exploitation of a critical zero-day vulnerability in its firewalls. Threat actors exploit Microsoft's 365 Admin Portal to send sextortion emails. A China-based APT targets a zero-day in Fortinet's Windows VPN. The EPA reports on vulnerabilities in drinking water systems. A critical authentication bypass vulnerability affects a popular WordPress plugin. Researchers track a rise in the ClickFix social engineering technique. An 18 year old faces up to twenty years behind bars for swatting. Our guest is  Rob Boyce, Global Lead, Cyber Resilience at Accenture, discussing SIM swapping services targeting telcos. Nuisance calls are in decline.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today, we are joined by Rob Boyce, Global Lead, Cyber Resilience at Accenture, discussing SIM swapping services targeting telcos. Selected Reading CISA Director Jen Easterly to depart on Inauguration Day (Nextgov/FCW) DHS Releases Secure AI Framework for Critical Infrastructure (Dark Reading) Palo Alto firewalls exploited after critical zero-day vulnerability (Cybernews) Microsoft 365 Admin portal abused to send sextortion emails (Bleeping Computer)  Fortinet VPN Zero-Day Exploited in Malware Attacks Remains Unpatched: Report (SecurityWeek) 300 Drinking Water Systems in US Exposed to Disruptive, Damaging Hacker Attacks (SecurityWeek) Security plugin flaw in millions of WordPress sites gives admin access (Bleeping Computer) Security Brief: ClickFix Social Engineering Technique Floods Threat Landscape (Proofpoint) Teen serial swatter-for-hire busted, pleads guilty, could face 20 years (The Register) FTC Records 50% Drop in Nuisance Calls Since 2021 (Infosecurity Magazine) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Join us as we dive into the future of cybersecurity with Tia Hopkins from eSentire! Explore how resilience in cybersecurity is redefining business continuity. Stephen and Tia discuss the power and purpose behind Continuous Threat Exposure Management (CTEM) as more than just tech, but a strategic program that keeps organizations prepared and protected. Perfect for security leaders looking to stay ahead of the rapid evolution of technology, this episode demystifies proactive threat management and resilience strategies that will make a lasting impact for businesses.

Guest: Chuck Brooks, President, Brooks ConsultingLinkedIn: https://www.linkedin.com/in/chuckbrooksTwitter: https://twitter.com/chuckdbrooksHost: Dr. Rebecca WynnOn ITSPmagazine  

Guest: Akash Mittal, CISO, Group Security, Sumitomo Forestry AustraliaOn LinkedIn | https://www.linkedin.com/in/akashgmittal/____________________________Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast & Audio Signals PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesWelcome to Melbourne for AU Cyber Con 2024From November 26th to 28th, Melbourne will transform into the epicenter of cybersecurity as it hosts AU Cyber Con 2024. Organized by the Australian Information Security Association (AISA), the conference brings a diverse lineup of global thought leaders and innovators to the stage, all focused on shaping the next wave of cybersecurity.Conference Highlights and ThemeThe theme, "The Future is Now," reflects the urgent need for organizations and individuals alike to adapt to our rapidly changing digital landscape. Over three days, the event will feature 440+ speakers and 350 sessions, offering a deep dive into the intersection of cybersecurity, society, and technology.Engage with Industry LeadersThis year's lineup includes top voices in cybersecurity and beyond, like former Facebook CSO Joe Sullivan, astronaut Jose Hernandez, and security icon Mikko Hypponen. With appearances from cultural figures such as actor Kal Penn, the event will highlight the broader societal impact of cybersecurity, demonstrating how it affects everything from the arts to government policy.Interactive Villages and Hands-On WorkshopsAU Cyber Con goes beyond the stage with interactive villages like the Careers Village, Lockpicking Village, and AI Village. Here, attendees can gain hands-on experience with everything from physical security tools to AI applications and prompt injections. For those interested in personal brand-building, industry insights, or getting into the nuts and bolts of cybersecurity, these workshops offer something for everyone.Spotlight on Sponsors and ExhibitorsWith support from over 150 exhibitors, the event provides a unique opportunity for attendees to connect with leading companies and uncover the latest in cybersecurity tech. For exhibitors, it's a valuable chance to meet professionals tackling real-world cybersecurity challenges head-on.Fostering Global CollaborationAU Cyber Con 2024 emphasizes the need for global teamwork to advance cybersecurity. Government representatives and international delegates will discuss strategic initiatives and regulatory advancements to strengthen cyber resilience. This gathering is the perfect platform to build connections, share ideas, and work toward a unified digital security future.Looking Ahead: Coverage from ITSPmagazineSean Martin and Marco Ciappelli will be covering AU Cyber Con in real time. Join us for pre-event discussions, live updates, and post-event insights—all crafted to keep you connected to the latest innovations and collaborations shaping the future of cybersecurity.____________________________This Episode's SponsorsTHREATLOCKER: https://itspm.ag/threatlocker-r974____________________________Learn more and catch more stories from Australian Cyber Conference 2024 coverage: https://www.itspmagazine.com/australian-cyber-conference-melbourne-2024-cybersecurity-event-coverage-in-australiaBe sure to share and subscribe!____________________________ResourcesLearn more about HITRUST Collaborate 2024 and register for the conference: https://itspm.ag/asia24Learn more about and hear more stories from HITRUST: https://www.itspmagazine.com/directory/hitrust____________________________Catch all of our event coverage: https://www.itspmagazine.com/technology-cybersecurity-society-humanity-conference-and-event-coverageTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastTo see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcastWant to tell your Brand Story as part of our event coverage?Learn More

Just as seasoned "preppers" maintain bug-out bags for physical emergencies, today's organizations need a comprehensive kit of digital resilience tools to weather any storm – from ransomware attacks to natural disasters. In our latest episode, join Technology Strategy Director Jason Walker and Technical Evangelist Matt Bradford to unpack the essential components of modern data survival preparedness. Our discussion weaves through Pure Storage's evolving cyber resilience solutions, from foundational replication capabilities to cutting-edge DRaaS offerings. We share and discuss practical insights on implementing critical protective measures like SafeMode snapshots and how to leverage Pure1's security assessment tools to identify vulnerabilities before they become crises. Midway thru the episode we hit an entertaining "Bug Out Bag Challenge" segment where random survival items spark creative analogies to data protection strategies. Blending technical expertise with accessible metaphors, Walker and Bradford demonstrate why data resilience isn't just an IT concern but a fundamental business survival skill. They explore how Pure Storage's integrated suite of tools – including multiple options for native replication, automated assessments, and disaster recovery and restore services – helps organizations build the ultimate data survival kit for an increasingly unpredictable digital landscape.

Getting C-Suite execs aligned on cyber resilience and cybersecurity can be a challenge. LevelBlue's recent Futures™️ report sought to uncover the barriers that prevent companies from achieving cyber resilience in the enterprise today. The report not only surveyed C-Suite execs (CIOs, CTOs, and CISOs), but non-C-Suite leaders from engineering and architecture roles as well. Segment Resources: LevelBlue Finds CISOs Challenged Most by Cybersecurity Tradeoffs, AI Implementation Pressures, and Reactive Budgets Compared to C-Suite Peers - Report Summary and Press Release Executive Accelerator: C-Suite Cyber Resilience Responsibilities Report This segment is sponsored by LevelBlue. Visit https://securityweekly.com/levelblue to learn more about them! In the leadership and communications section, Joe Sullivan: CEOs must be held accountable for security too, More tech chiefs have success measured by profitability, cost management, Is Your Career Heading in the Right Direction?, and more. Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-369

Welcome to another episode of "Predictable B2B Success," hosted by Vinay Koshy! Today, we have an enlightening conversation with Brittany Greenfield, the dynamic CEO of Wabi. Brittany sheds light on an often-overlooked area of cybersecurity: the pivotal role developers play and the challenges they face. In a world where the shortage of cybersecurity professionals is acute, Brittany's vision for empowering developers with more autonomy and integrating security directly into their workflow is not just a solution but an inspiration. We'll explore the cultural shifts required within organizations to embed security at the heart of development processes. Brittany will also discuss the pitfalls of over-reliance on tools at the expense of robust security processes and the complexities of managing compliance intelligently. As AI continues its rapid and sometimes bewildering evolution, Brittany highlights the importance of good process hygiene to integrate new technologies safely. This emphasis on process hygiene is not just a precaution but a reassurance that safety and security can be maintained despite rapid technological change. We also discuss Wabi's innovative approach to cybersecurity, designed to drastically reduce project delays and breach risks while enhancing developer productivity. Finally, tune in to hear about Brittany's insights on market dynamics, cybersecurity budget justification, and how adopting the Japanese concept of Wabi Sabi can be a game changer. Don't miss this episode with actionable strategies to fortify your cybersecurity framework and drive business growth! Some areas we explore in this episode include: Empowering Developers in Cybersecurity: Addressing the shortage of cybersecurity professionals by integrating security into developers' workflows.Cultural Shifts in Organizations: Recognizing the significance of security and the challenges of focusing on tools instead of processes within DevSecOps.Compliance Management by Exception: Planning for compliance deviations intelligently to improve efficiency and reduce audit pressures on developers.AI Adoption and Security Hygiene: The rapid evolution of AI and the importance of integrating it securely through established processes.Cybersecurity Budget Justification: Linking cybersecurity investments to business drivers like developer productivity and project delivery timelines.Wabi's Growth and Market Maturity: Leveraging market maturity and positioning as a consultative partner during DevOps transformations.Challenges in Market Differentiation: Overcoming market noise and skepticism to secure client meetings and differentiate Wabi.Pricing and Market Fit Insights: Realizing the need to link pricing to FTE impacts and adapting it to different customer profiles.Process Over Tools Philosophy: Emphasizing process improvement before implementing new technologies and managing risk by design.Wabi Platform and Benefits: Providing a shared services model for application security, reducing project delays and breach risks, and enhancing productivity through effective process integration.And much, much more...

Retailers today continue to grapple with unforeseen issues as supply chain attacks become more common and vulnerabilities from third-party sources emerge as major threats.Of the 1,050 C-suite and senior executives surveyed, 86% of respondents anticipate that dynamic computing will enhance operational performance within the next three years, especially in AI strategy development and leveraging sophisticated supply chains. However, 82% acknowledge the increased exposure to risk.In this age of dynamic computing, retail organizations encounter both significant opportunities and risks. With traditional security boundaries fading and conventional security measures proving inadequate, retail leaders must adopt a comprehensive approach to ensure overall cyber resilience.To better achieve cyber resilience in the retail industry, LevelBlue shares five specific steps that can be applied across industries, directly in response to these findings: identify the barriers to cyber resilience; be secure by design; align cyber investment with business; build a support ecosystem; and transform cybersecurity strategies.To learn more, download the complete findings of the 2024 LevelBlue Futures Report: Cyber Resilience in Retail here:https://cybersecurity.att.com/resource-center/futures-reports/2024-levelblue-futures-report-for-retailLearn more about LevelBlue: https://itspm.ag/levelblue266f6cNote: This story contains promotional content. Learn more.Guest: Theresa Lanowitz, Chief Evangelist of AT&T Cybersecurity / LevelBlue [@LevelBlueCyber]On LinkedIn | https://www.linkedin.com/in/theresalanowitz/ResourcesLearn more and catch more stories from LevelBlue: https://www.itspmagazine.com/directory/levelblueLearn more about 7 Minutes on ITSPmagazine Short Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story

Secure by design is more than just AppSec - it addresses how the whole business designs systems and processes to be effective and resilient. The latest report from LevelBlue on Cyber Resilience reveals security programs that are reactive, ill-equipped, and disconnected from IT and business leaders. Most security problems are out of security teams' hands. Addressing them requires input, buy-in, and action from business leaders and IT. Security cannot afford to be separate from the rest of the organization. In this interview, we'll discuss how we could potentially solve some of these issues with Theresa Lanowitz from LevelBlue. Segment Resources: Grab your copy of the LevelBlue Futures Report on Cyber Resilience This segment is sponsored by LevelBlue. Visit https://securityweekly.com/levelblue to learn more about them! Implementing SASE can be tricky and onerous, but it doesn't have to be. Today, we discuss Unified SASE as a Service with Renuka Nadkarni, Chief Product Officer at Aryaka. Particularly, how can Unified SASE make both networking and security more flexible and agile? IT and security professionals need to ensure secure and performant applications and data access to all users across their distributed global network without escalating cost, risk or complexity, or sacrificing user experience. This segment is sponsored by Aryaka. Visit https://securityweekly.com/aryaka to learn more about them! Finally, in the enterprise security news, HUMAN, Relyance AI, and watchTowr raise funding this week Alternative paths to becoming a CISO Vendor booths don't have to suck (for vendors or conference attendees!) Budget planning guidance for 2025 CISOs might not be that great at predicting their own future needs Use this one easy trick to bypass EDR! Analyzing the latest breaches and malware You probably shouldn't buy a Fisker Ocean, no matter how cheap they get All that and more, on this episode of Enterprise Security Weekly. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-380

October 14, 2024: In honor of Cybersecurity Awareness Month, Errol Weiss, CSO of Health-ISAC, shares insights into the challenges and importance of information sharing within the cybersecurity landscape. Why do many organizations hesitate despite the clear benefits? Errol and Drex DeFord discuss overcoming barriers like leadership resistance and legal concerns, as well as practical steps for getting started. They highlight free, industry-wide resources created by HISAC that any organization can leverage to improve its cybersecurity posture.HISAC's free resources are available to help you enhance your security programs. Check them out here: Health Sector Coordinating CouncilHealth Information Sharing and Analysis Center: Health ISACMeasure Effectiveness DocumentsKey Points:02:05 Errol's Journey04:51 The Importance of Information Sharing06:17 Overcoming Barriers to Info Sharing09:48 Document Overview and BenefitsSubscribe: This Week HealthTwitter: This Week HealthLinkedIn: Week HealthDonate: Alex's Lemonade Stand: Foundation for Childhood Cancer

October 9, 2024: Kerri Gallagher, President and COO of First Health Advisory, dives deep into leadership, culture, and the challenges of cyber resilience in healthcare. Kerri shares her insights on the critical traits she looks for in new hires, balancing technical skills with the ability to collaborate effectively. As healthcare entities face growing cyber threats, how should organizations prepare to mitigate risk? Last, Kerri discusses the importance of being proactive, from comprehensive assessments to prioritizing actions for cybersecurity resilience. Key Points:01:09 Building a Culture of Excellence06:04 Cyber Resilient Digital Health11:56 Beyond the Next Too15:28 Engaging with First Health AdvisorySubscribe: This Week HealthTwitter: This Week HealthLinkedIn: Week HealthDonate: Alex's Lemonade Stand: Foundation for Childhood Cancer

In an era where cyber threats are becoming increasingly sophisticated and devastating, organizations can no longer afford to treat cybersecurity as the sole responsibility of their security teams. This episode of the Pure Report features industry veterans Jason Walker, Tech Strategy Director of Cyber Resilience, and Jason Langer, Tech Evangelist, to explore why cyber resilience must be approached as a team sport, breaking down the traditional silos between IT operations and security teams. Drawing from their extensive experience in data protection and security, the two Jasons delve into the stark realities of cyber impacts, including the sobering statistic that one in five organizations report employee terminations following outages. They examine the NIST Cybersecurity Framework through a collaborative lens, offering insights into how different teams can work together across the five key areas: Identify, Protect, Detect, Respond, and Recover. Through real-world examples and strategic discussions, listeners will develop a deeper understanding of why alignment between IT leaders and CISOs is crucial for building true cyber resilience. As organizations grapple with evolving threats, this timely discussion during Cybersecurity Awareness Month offers actionable strategies for fostering cross-team collaboration. The episode explores the evolution of cybersecurity conversations over the past five years, provides practical advice for improving security posture through teamwork, and highlights Pure Storage's role in enabling organizations to build robust cyber resilience strategies. Whether you're an IT professional, security specialist, or business leader, this episode provides valuable insights into transforming your organization's approach to cybersecurity from a siloed responsibility to a collaborative effort. For more information on Pure Storage and Cyber Resiliency during CyberSecurity Awareness Month, go to: www.purestorage.com/cyber-resilience.