Podcasts about cyber risk

Patrick Foy, senior director, strategic planning, TransUnion's insurance business, discusses how evolving customer expectations and digital demands are reshaping commercial insurance heading into 2026.

In this episode of Darnley's Cyber Café, we dive into the real story behind CrowdStrike's recent insider scandal, and what it teaches us about the hidden dangers brewing inside modern companies. We break down how a “bad apple” employee allegedly leaked internal information to a notorious hacking collective, why insider threats are so hard to detect, and how businesses can spot warning signs before damage is done.If you've ever wondered how hackers exploit trust, how companies uncover hidden risks, or how one employee can change everything, pull up a chair. This episode might make you look at your workplace… and your latte… a little differently.Tune in to find out what's really simmering beneath the surface.Click here to send future episode recommendationSupport the showSubscribe now to Darnley's Cyber Cafe and stay informed on the latest developments in the ever-evolving digital landscape.

Cybersicherheit ist längst keine reine IT-Frage mehr – sie ist Chefsache! In dieser spannenden Folge spreche ich mit Prof. Thomas R. Köhler, einem der führenden Experten für Digitalisierung, Cyber Risk und Zukunftstechnologien. Der Unternehmer, Professor und Autor des Buches „Chefsache Cybersicherheit“ erklärt, warum digitale Sicherheit zur zentralen Führungsaufgabe geworden ist und wie Verantwortung auf Managementebene konkret gelebt werden kann. Besonders eindrucksvoll: Thomas Köhler gewährt Einblicke in die Methoden moderner Hacker und zeigt, wie künstliche Intelligenz Cyberangriffe auf ein neues Level hebt. Ein Gespräch über Risiko, Führungskultur und digitale Verantwortung – voller praktischer Impulse für alle, die ihre Organisation sicher und zukunftsfähig aufstellen wollen.

From politically motivated attacks to basic configuration errors, purpose-driven orgs are now on the front lines of cyber risk. In this episode, Steve Sharer and Garrett Miller walk through five areas where B Corps are more vulnerable than they realize — and the practical steps that strengthen each one. They explain why these gaps matter and how to close them with straightforward practices that don't overwhelm small teams.View the show notes: https://go.lifteconomy.com/blog/5-cyber-risks-for-b-corps-and-how-you-can-fix-them-w/-steve-sharer-garrett-millerUnlock your free B Corp Values Assessment—plus tips and insights to help your business grow. https://go.lifteconomy.com/b-corp-newsletter

Am 17. Januar 2025 ist der „Digital Operational Resilience Act“, kurz DORA, in Kraft getreten. Seitdem stehen Finanzinstitute und IT-Dienstleister vor der Herausforderung, ihre digitale Widerstandsfähigkeit nicht nur auszubauen, sondern auch nachweisbar zu machen. • Was sind derzeit noch die größten Baustellen in der Umsetzung der Anforderungen aus DORA? • Welche Themenfelder stehen bei der ersten Prüfung durch Jahresabschlussprüfer, aber auch Regulatoren aktuell besonders im Fokus? • Und welche Lehren lassen sich für die Institute insgesamt ziehen? Auf diese Fragen geben Jan Krone, Berater im zeb, und Dr. Saskia Hohe eine Antwort. Saskia ist Partnerin bei zeb und hat bereits zahlreiche Prüfungen begleitet, sowohl von Prüfer- als auch von Mandantenseite. Das heißt, sie bringt spannende Einblicke aus der Praxis und erste Erfahrungen direkt von der „Prüfungsfront“ mit.

In this episode, James Maude sits down with Chris Neuwirth, VP of Cyber Risk at Networks Group, whose path into cybersecurity might be the most unconventional you'll ever hear—from delivering babies as a teenage EMT to penetration testing critical infrastructure today. Chris's journey includes serving as an LAPD officer at Venice Beach, responding to 9/11 at the Pentagon, managing IT during Hurricane Sandy, and running operations as assistant commissioner at New Jersey's Department of Health during COVID-19. Along the way, he's been hacking everything he could get his hands on—from war driving through Manhattan in the early 2000s to conducting sophisticated penetration tests at hospitals and airports today. Chris discusses the importance of organizations being prepared and shares the uncomfortable truth: sometimes the easiest way past your defenses is just showing up and plugging in.

CYBERISKIQ from the CARE-Report: Quantifying Small Business Cyber Risk with Ralph Pasquariello and Craig Sekowski (North Fulton Business Radio, Episode 914) On this episode of North Fulton Business Radio, host John Ray welcomes cyber risk specialists Ralph Pasquariello and Craig Sekowski of the CARE-Report. Ralph and Craig explain why small and mid-sized businesses are far […]

CYBERISKIQ from the CARE-Report: Quantifying Small Business Cyber Risk with Ralph Pasquariello and Craig Sekowski (North Fulton Business Radio, Episode 914) On this episode of North Fulton Business Radio, host John Ray welcomes cyber risk specialists Ralph Pasquariello and Craig Sekowski of the CARE-Report. Ralph and Craig explain why small and mid-sized businesses are far […]

Aon's Brent Rieth discusses the ripple effects of the Cyber Information Security Act (CISA) not being renewed, warning that insurers now face a major data gap in assessing … Read More » The post EP. 109: The Future of Cyber Risk Without CISA: How Insurers and Businesses Can Adapt appeared first on Insurance Journal TV.

Aon's Brent Rieth discusses the ripple effects of the Cyber Information Security Act (CISA) not being renewed, warning that insurers now face a major data gap in assessing … Read More » The post EP. 109: The Future of Cyber Risk Without CISA: How Insurers and Businesses Can Adapt appeared first on Insurance Journal TV.

Aon's Brent Rieth discusses the ripple effects of the Cyber Information Security Act (CISA) not being renewed, warning that insurers now face a major data gap in assessing … Read More » The post EP. 109: The Future of Cyber Risk Without CISA: How Insurers and Businesses Can Adapt appeared first on Insurance Journal TV.

Welcome to the CanadianSME Small Business Podcast, hosted by Maheen Bari. In this episode, we explore how Artificial Intelligence is transforming cybersecurity for small businesses, providing proactive defense and peace of mind in an era of growing digital threats.Joining us is Brian Stoner, SVP of Growth at Judy Security, an industry veteran with over 20 years of experience in global cybersecurity. Brian shares how Judy's AI-powered virtual cybersecurity assistant is redefining protection for SMEs—offering intelligent monitoring, rapid threat response, and affordable enterprise-grade security.Key Highlights:1. The New Threat Landscape: How shadow IT and unapproved AI tools create unseen vulnerabilities for SMEs.2. AI-Powered Protection: How Judy's 24/7 Threat Management and affordable tools secure businesses without full-time IT teams.3. Data Sovereignty: Why knowing where your data lives is vital for compliance, trust, and growth.4. Virtual Cyber Assistant: How Judy uses AI training to strengthen human awareness and real-time protection.5. Future of Cybersecurity: How MSP partnerships will shape the next chapter of small business defense in Canada.Special Thanks to Our Partners:RBC: https://www.rbcroyalbank.com/dms/business/accounts/beyond-banking/index.htmlUPS: https://solutions.ups.com/ca-beunstoppable.html?WT.mc_id=BUSMEWAGoogle: https://www.google.ca/A1 Global College: https://a1globalcollege.ca/ADP Canada: https://www.adp.ca/en.aspxFor more expert insights, visit www.canadiansme.ca and subscribe to the CanadianSME Small Business Magazine. Stay innovative, stay informed, and thrive in the digital age!Disclaimer: The information shared in this podcast is for general informational purposes only and should not be considered as direct financial or business advice. Always consult with a qualified professional for advice specific to your situation.

WHAT happens if you don't buy cyber risk insurance? Well, Jaguar Land Rover certainly found out earlier this year. The luxury carmaker was hit by a devastating cyber attack in late August, causing it to shut down its production lines for more than four weeks and costing it £50m a week. It only got things back to normal in early October. It was initially forced to withhold payments from suppliers. That is no small matter, given that the automotive parts supply chain, which famously runs on the just-in-time model, supports 200,000 jobs in the UK. It even had to turn to its bankers to secure a £2bn funding facility, which won't have come cheap. On top of all that, the government saw no choice but to step in with a £1.5bn credit guarantee, simply to avoid the potential economic fallout. Other recent victims of cyber crime include Heathrow Airport and high street retailers Marks & Spencer and the Co-op. Many big players in the maritime industries have also been on the receiving end, from boxship giants Maersk, MSC and CMA CGM to ports giant DP World and top broker Clarksons. A recent report from IBM, which examined data breaches experienced by about 600 organisations worldwide, put the average cost of an incident at $4.4m (or £3.3m). What is clear is that cyber risk is a growing threat, as hackers becoming increasingly more sophisticated. This special joint Insurance Day/Lloyd's List podcast will look at how insurance can at least mitigate the worst impacts for companies in both the maritime and wider business sectors. Joining Insurance Day reporter Queenie Shaikh are: Robert Dorey, chief executive, Astaara William Altman, director, CyberCube Stephen Wares, head of international underwriting, Coalition Subscribe to Lloyd's List: https://www.lloydslistintelligence.com/products/lloyds-list Learn more about Lloyd's List Intelligence: https://www.lloydslistintelligence.com/

Welcome to the CanadianSME Small Business Podcast, hosted by Kripa Anand. In this special CyberShield Canada series, we explore the critical world of cybersecurity and how it's reshaping business resilience in an increasingly connected world.Joining us is Rick Kaun, Global Director of Cybersecurity Services at Rockwell Automation. With over 20 years of experience designing OT security programs for industries like oil and gas, mining, power, and manufacturing, Rick is dedicated to delivering scalable, cost-effective, and resilient cybersecurity solutions that empower organizations to thrive securely in the digital age.Key Highlights:1. Cyber Risk in Manufacturing: How IT/OT convergence expands the attack surface and turns cybersecurity into a boardroom issue.2. Scalable Security Practices: Actionable strategies for SMEs to strengthen protection without disrupting production.3. Beyond Find and Patch: Building true digital resilience through proactive incident response and security operations.4. AI and Cyber Talent: The evolving role of AI in real-time threat detection and the growing importance of cyber readiness.5. Smart Manufacturing Vision: How Rockwell is advancing the Connected Enterprise to enhance productivity and sustainability globally.Special Thanks to Our Partners:RBC: https://www.rbcroyalbank.com/dms/business/accounts/beyond-banking/index.htmlUPS: https://solutions.ups.com/ca-beunstoppable.html?WT.mc_id=BUSMEWAGoogle: https://www.google.ca/A1 Global College: https://a1globalcollege.ca/ADP Canada: https://www.adp.ca/en.aspxFor more expert insights, visit www.canadiansme.ca and subscribe to the CanadianSME Small Business Magazine. Stay innovative, stay informed, and thrive in the digital age!Disclaimer: The information shared in this podcast is for general informational purposes only and should not be considered as direct financial or business advice. Always consult with a qualified professional for advice specific to your situation.

Organizations pour millions into protecting running applications—yet attackers are targeting the delivery path itself.This episode of AppSec Contradictions reveals why CI/CD and cloud pipelines are becoming the new frontline in cybersecurity.

Deepfakes that fool the eye. Voices that sound real. Attacks that never sleep. As artificial intelligence reshapes both offence and defence, cyber risk has gone mainstream. In this episode of No Ordinary Wednesday, Jeremy Maggs speaks with Investec cybersecurity experts Nomalizo Hlazo and Tash van den Heever about the new era of digital resilience where trust, adaptability and awareness are your strongest defences. Podcast key moments 00:00 - Introduction 01:27 - AI on both sides – Attackers and defenders in the digital arms race 02:52 - 2025: The year cyber risk went mainstream 03:46 - Why digital risk is compounding 05:05 - Building resilience through third-party and supply chain visibility 07:15 - Regulation tightens – Balancing compliance and agility 08:57 - Critical infrastructure under threat 10:32 - Building digital trust in a diverse and connected market 11:48 - The future of cybersecurity: Integrity, speed, and adaptability 13:16 - Quantum computing, AI agents, and hyperconnectivity 13:58 - Cybersecurity as a life skill 14:56 - Closing remarks Read more on www.investec.com/now Hosted by seasoned broadcaster, Jeremy Maggs, the No Ordinary Wednesday podcast unpacks the latest economic, business, and political news in South Africa, with an all-star cast of investment and wealth managers, economists, and financial planners from Investec. Listen in every second Wednesday for an in-depth look at what's moving markets, shaping the economy, and changing the game for your wallet and your business. Investec Focus Radio SA

Organizations pour millions into protecting running applications—yet attackers are targeting the delivery path itself.This episode of AppSec Contradictions reveals why CI/CD and cloud pipelines are becoming the new frontline in cybersecurity.

To understand how much to spend on cybersecurity, you have to accurately assess or quantify your risks. Too many people still peg their cybersecurity spend to their IT budget; that is, they’ll look at what they’re spending on IT, and then allocate a percentage of that to cybersecurity. That may have made some sense when... Read more »

To understand how much to spend on cybersecurity, you have to accurately assess or quantify your risks. Too many people still peg their cybersecurity spend to their IT budget; that is, they’ll look at what they’re spending on IT, and then allocate a percentage of that to cybersecurity. That may have made some sense when... Read more »

For Cybersecurity Awareness Month, in a new Actuary Voices podcast episode, Committee on Cyber Risk member Bobby Jaegers discusses building a strong U.S. cybersecurity infrastructure and cyber resilience at the personal level.

Cyber Risk Unfiltered: Behind the Scenes of Mid-Market Attacks by IB Talk

Send us a textCybersecurity is a core business risk that can impact the entire organisation. Boards are challenged to understand how cyber threats impact financial performance, reputation, and regulatory obligations. Boards need to build awareness of their organisation's cyber security posture, protection measures, and incident response protocols. In this podcast, Dr Sabine Dembkowski, Founder and Managing Partner of Better Boards, is joined by Beatrice Devillon-Cohen. Beatrice has over 25 years of investment banking experience, having led traders' teams across the UK, Europe, Asia, and the US. She has now developed a portfolio of non-executive positions, having recently served on the Audit Committee of the European Investment Bank and the Finance Committee at King's College, London. “The Rule of Three is important when it comes to cybersecurity.”As Boards seek to manage and survive cyber threats, the Rule of Three comes into play. On average, in a cyber event, there are three days of chaos, three weeks of systems rebuilding, and three months of constant IT problems. “What has been changing over time is the cyber-criminal groups. They are now running their operation as a business, selling cyber attacks as a service.”The criminal ecosystem has gone professional. While there will always be bored teenagers or disgruntled employees, the more serious players run their operations like business ventures. They sell cyberattacks as a service, backed by deep resources, skilled talent, and vast networks.“You need to work on mitigation, responding to an attack, and recovering. That's your battleground.” While cyber threats can't be entirely avoided, Beatrice counsels Boards not to despair. There is plenty that can be done. It begins by understanding how threats work.A primary attack path is through links in emails. One-click installs malware that hackers can use for access. Caution and education can help prevent this.Another primary attack path is third-party providers. External suppliers are compromised and used as a bridge into your own internal system. “Never hope for the best when it comes to cybersecurity, because hope will not be a strategy.”Boards are accountable for cyber risk oversight (see the UK Cyber Governance Code of Practice). They need to make it a strategic priority. Build relationships with IT heads, show curiosity, and build trust. Get a strong dialogue going. Educate within the organisation and with third-party partners. Create a no-blame culture so that if something happens, it is escalated immediately, which can limit its impact.“It's our own duty to upskill, stay current, and think around the corner on that subject, like any other subject in the boardroom.”Cyber culture starts at the top. It is not “too complicated” to pick up basic cyber safety skills or understand risk. Plus, with AI and quantum computing on the horizon, any actions Boards can take—and lead their companies to take—will help prepare for future risks.The three top takeaways from our conversation for effective boards are:1.      Cyber risk is a business risk. Own it as such. 2.     Don't hide, as a Board member, behind “it's too technical and not for me”. Upskill, be curious, and engage with executives.3.     Prepare for it. Run exercises and test regulIf you would like to become part of the Better Boards community, learn about our distinctive approach and explore opportunities to work with us or contribute to The Better Boards podcast series, get in touch at info@better-boards.com. We love to hear from you.

Small and medium-sized enterprises in Canada may be dangerously underestimating their exposure to cyber risk, leaving many without adequate defences or insurance coverage, according to a new survey commissioned by the Insurance Bureau of Canada, or the IBC. In this episode, host Amanda Glassner is joined by Heather Engel, Managing Partner at Strategic Cyber Partners, to discuss. To learn more about today's stories, visit https://cybercrimewire.com • For more on cybersecurity, visit us at https://cybersecurityventures.com.

Link to episode page This week's Cyber Security Headlines - Week in Review is hosted by Rich Stroffolino with guests Mike Lockhart, CISO Eagleview, and Dustin Sachs, chief technologist at CyberRisk collaborative, and author of Behavioral Insights in Cybersecurity Thanks to our show sponsor, ThreatLocker Cybercriminals don't knock — they sneak in through the cracks other tools miss. That's why organizations are turning to ThreatLocker. As a zero-trust endpoint protection platform, ThreatLocker puts you back in control, blocking what doesn't belong and stopping attacks before they spread. Zero Trust security starts here — with ThreatLocker” All links and the video of this episode can be found on CISO Series.com      

Cybersecurity is evolving faster than many community banks and credit unions can keep pace with. With the retirement of the FFIEC Cybersecurity Assessment Tool (CAT) on August 31, 2025, financial institutions are left wondering how best to measure, track, and manage cyber risk without a regulator-endorsed standard. In this episode of the Banking on Data podcast, host Ed Vincent sits down with Cathy Jackson to unpack what comes next for institutions in this post-CAT world. Together, they explore how banks can leverage the Cyber Risk Institute's Profile 2.1, why the seven functional areas of cyber risk matter, and how moving beyond spreadsheets to an integrated risk suite can give leaders a holistic, regulator-ready view of their risk posture.Follow us to stay in the know!

In this episode of On Aon, Joe Peiser, CEO of Commercial Risk, and Richard Waterer, Global Risk Consulting Leader, unpack the major findings from Aon's 2025 Global Risk Management Survey — and what Risk Management leaders can do to remain resilient in the face of increasingly systemic and interconnected risks.They explore the critical role of analytics in understanding evolving threats and highlight three traits that distinguish highly resilient organizations: insight, agility and collaboration. Key Takeaways:Many of the top risks in Aon's Global Risk Management Survey are broad and interconnected, impacting multiple areas of business.Cyber Risk remains the top concern globally. The rapid adoption of AI is intensifying risk complexity. Artificial Intelligence is itself a top 10 future risk.A persistent gap exists between risk awareness and action. Organizations, need better data and analytics to build accurate risk profiles.Resilient organizations are those that can quantify exposures, optimize capital allocation and embed risk strategy into decision making. Experts in this episode:(Host) Joe Peiser, CEO, Commercial Risk at AonRichard Waterer, Global Risk Consulting Leader at Aon Key moments: (1:12) The top 10 risks in our 2025 Global Risk Management Survey had some surprising and not-so-surprising results. Cyber Risk and Increasing Competition continue to rank highly, while Geopolitical Volatility made a significant jump. (4:14) The risks cited are systemic and interconnected. Their impact is widespread and can be felt across the company. (8:37) Highly resilient companies need three things to set themselves apart — insight, agility and collaboration. Additional Resources:Findings from Aon's Global Risk Management Survey5 Ways to Position Risk Capital as a Value DriverAI and Workforce Skills: Who Should Act and Why Now?5 Top Trends for Risk Capital in 2025 Soundbites:Joe Peiser:“Business leaders can't simply manage more risk by intuition. They really need the tools and the insights from those tools to interpret today's landscape and make decisions that help them survive and thrive.” Richard Waterer:“We were surprised to see Attracting and Retaining Top Talent fall out of this year's top 10. When you consider the challenges being brought about by workforces today, for example, healthcare costs in North America, new legislation on pay transparency in EMEA, you can understand why talent is a complex and costly issue for leaders.

As artificial intelligence reshapes workplaces and business strategies, firms increasingly depend on AI providers, making AI a tool of geopolitical influence. We'll discuss the impact across industries, as digital currencies affect monetary control and cyber threats challenge operational resilience. Host: William Foster, Senior Vice President, Sovereign Risk Group, Moody's Ratings Guests: Vincent Gusdorf, Associate Managing Director, Digital Finance and AI Analytics, Moody's Ratings; Leroy Terrelonge, Vice President-Analyst, Cyber Credit Risk, Moody's Ratings  Related research:Artificial Intelligence – Global – Nations push for AI sovereignty to capture economic, geopolitical gains 30 September 2025 Sovereigns - Global – Digital currency growth, inconsistent regulation amplify countries' financial risks 25 September 2025Artificial Intelligence – Corporates – Pace of AI advances, regional disparities will steer credit trends across industries 23 September 2025 Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Organizations continue to face an increasingly complex cyber threat landscape. Amid ongoing geopolitical and geoeconomic tensions and supply chain disruptions, a robust and comprehensive cyber risk management strategy can help businesses mitigate risks and improve resiliency. In this episode of Risk in Context, Marsh McLennan's Dan Bowden speaks with Marsh's Helen Nuttall and Matt Berninger about the importance of reviewing and reinforcing cyber controls to help minimize cyber exposures and uncertainty and better protecting their people, finances, and operations from cyber threats. You can access a transcript of the episode here. Read Cybersecurity Signals, Connecting Controls and Incident Outcomes and The 2025 OT Security Financial Risk Report. For more insights and insurance and risk management solutions, follow Marsh on LinkedIn and X and visit marsh.com.

Artificial intelligence (AI) is a transformational technology, but it has limitations in challenging operational settings. Researchers in the AI Division of the Carnegie Mellon University Software Engineering Institute (SEI) work to deliver reliable and secure AI capabilities to warfighters in mission-critical environments. In our latest podcast, Matt Gaston, director of the SEI's AI Division, sits down with Matt Butkovic, technical director of the SEI CERT Division's Cyber Risk and Resilience program, to discuss the SEI's ongoing and future work in AI, including test and evaluation, the importance of gaining hands-on experience with AI systems, and why government needs to continue partnering with industry to spur innovation in national defense. 

CyberCube is delivering the world's leading cyber risk modeling and analytics. With best-in-class data access and advanced multi-disciplinary analytics, the company's cloud-based platform helps insurance organizations quantify cyber risk to facilitate placing insurance, underwriting cyber risk and managing cyber risk aggregation. CyberCube's enterprise intelligence layer provides insights on millions of companies globally and includes modeling on thousands of points of technology failure. The CyberCube platform was established in 2015 within Symantec and now operates as a standalone company exclusively focused on the insurance industry, with access to an unparalleled ecosystem of data partners. It is backed by Morgan Stanley Tactical Value, Forgepoint Capital, HSCM Bermuda, MTech Capital, individuals from Stone Point Capital and Scott G. Stephenson. For more information, please visit www.cybcube.com or email info@cybcube.com. Focusing exclusively on risk management and insurance professional development, the Risk & Insurance Education Alliance provides a practical advantage at every career stage, positioning our participants and their clients for confidence and success.

In this episode of Friday Fiduciary Five, Eric Dyson talks about a common and easily fixable cybersecurity risk in retirement plans: participants who have not set up user IDs and passwords for their accounts. This oversight is the most frequent cause of cyber breaches, not the fault of plan sponsors or record keepers. Eric shares an anecdote about an employee discovering unauthorized 401(k) loan deductions, highlighting the importance of security measures like user IDs, passwords, and two-factor authentication. He urges plan sponsors and advisors to communicate the necessity of these security steps to participants to prevent cyber breaches.Connect with Eric Dyson: Website: https://90northllc.com/Phone: 940-248-4800Email: contact@90northllc.com LinkedIn: https://www.linkedin.com/in/401kguy/ The information contained herein is general in nature and is provided solely for educational and informational purposes.It is not intended to provide a specific recommendation of any type of product or service discussed in this presentation or to provide any warranties, financial advice, or legal advice.The specific facts and circumstances of all qualified plans can vary, and the information contained in this podcast may or may not apply to your individual circumstances or to your plan or client plan's specific circumstances.

In this special episode of The Lawyers Weekly Show, produced in partnership with Cybertify, we unpack why legal practices are increasingly such attractive targets for cyber criminals, the ways they get past defences, and what firms can do to ensure that the “doors are locked”. Host Jerome Doraisamy speaks with William Welch, the principal solutions architect for the legal sector and AI security at Cybertify, about who the company is and the work he does, why the risks inherent with cyber security are so much more prominent for Australian law firms at present, why every business is a potential target, the need for “locked doors”, why law firm owners aren't fully across the dangers, and the lessons and takeaways from recent breaches in the legal space. Welch also delves into what BigLaw practices need to be doing right now, ensuring systems are talking to each other properly and having the right point people, what SMEs must be doing at present, the questions those smaller firms need to be asking, overcoming concerns about being time-poor, understanding the changing landscape, and how best Cybertify can help. To learn more about Cybertify, click here.

In our latest Mishcon Academy: Digital Sessions podcast, Joe Hancock, Partner in Cyber Risk and Complex Investigations at Mishcon de Reya, is joined by Emeric Bernard-Jones, Intelligence Manager in the same team. They discuss cybercrime and digital investigations - and covering issues from cyber-enabled fraud and blackmail to the real-world impact of online exposure and how threats are reshaping what it means to be safe online.They discussed:Why are cyber incidents — from hacks to hoaxes — becoming more frequent?How is the privacy and security landscape shifting for individuals as well as businesses?And what's the human cost for directors, staff, and high-profile individuals when things go wrong?

Come listen to John Riggi and Scott Gee, the American Hospital Association's National Advisor and Deputy National Advisor for Cybersecurity and Risk, give their thoughts on what risk professionals needs to know about cybersecurity and how risk professionals can help protect their organization before a cyber-attack occurs.

Jonathan Trull is the Chief Security Officer at Qualys. In this episode, he speaks to Cybercrime Magazine from Black Hat 2025, where the company left the conference with two Pwnie Awards, which celebrate groundbreaking achievements in cybersecurity. Listen to hear his thoughts on navigating cyber risk, including fighting today's threat actors and more. • For more on cybersecurity, visit us at https://cybersecurityventures.com

Recorded live at Black Hat 2025, this episode takes you straight to the frontlines of cybersecurity innovation. Host, Raghu Nandakumara first sits down with Bennett Moe, a cartographer turned N2K CyberWire VP, reveals how mapping skills can turn massive data into actionable cyber insights and why fundamentals still matter in an AI-driven world. Then, Jim Reavis, CEO of the Cloud Security Alliance and ISSA Hall of Famer, shares his urgent warning on cloud risks, the impact of generative AI, and why security leaders must rethink old playbooks.We discussed:How cartography principles help prioritize and visualize cybersecurity data The evolution of AI in security and where it's moving beyond buzzwords Why fundamentals like security hygiene and the right people in the right roles are still critical Systemic risks in cloud environments and why old security playbooks may no longer suffice How security leaders can become their company's most informed voices on AI The importance of actionable insights over overwhelming data for decision-makingThe role of cloud as a foundation for AI innovations like ChatGPT Distinguishing between securing AI and defending against AI-powered attacks How continuous learning, communication, and community collaboration are essential in cybersecurity The CSA's mission and legacy as a navigator for the cybersecurity community  Stay Connected with our host, Raghu on LinkedInFor more information about Illumio, check out our website at illumio.com 

How does one crypto transaction spiral into a $1.5 billion cybercrime? The Bybit heist.This wasn't just the largest crypto theft in history—it was a criminal feat of deception that exposed how even sophisticated systems can be breached when fraud, cybersecurity, and human oversight don't align. In this episode, we are excited to welcome returning guest Geoff White, investigative journalist and creator of The Lazarus Heist podcast, to join host, Alex Pillow, in examining one of the most audacious crypto thefts to-date. How did hackers executed the largest crypto theft in history while making operations seem normal from the inside?Tactics used in the heist and the broader implications of money laundering in the crypto space The impact of remote work on verifying employee legitimacy and protecting organizational value What the aftermath of money laundering looks like for victims—can stolen crypto ever be recovered? How companies can map where value resides across departments—and identify weak links before attackers do For more information, check out the resources below:  Cyber Siege: From Russia to RedcarThe Lazarus Heist podcastTo learn more about Moody's, please visit our website or get in touch—we would love to hear from you.

Cosmic Building, a construction technology company, uses AI-driven end-to-end software to run mobile robotic microfactories. At the heart of its newest microfactory in Pacific Palisades are ABB's IRB 6710 robots and RobotStudio digital twin software. Both of which are integrated into Cosmic's Workstation Cell and AI-driven Building Information Model (BIM). #ai   #california  #wildfire  #losangeles  #robot #fire

Today, we're going to go deeper into the world of cyber attacks than we have ever done before. We'll be looking at the insurance claims that they produce as well as the longer-term consequences for their victims Often as journalists covering cyber insurance we focus on the big hacks, the headline numbers, and gloss over the detail of the personal stories and the real hard yards that have to be run to recover from an attack and the potential long-term consequences for a business, its directors, its customers and all other stakeholders. As the immediate damage and business interruption triggers potential regulatory, statutory and other serious third-party consequences, these hard yards often have to be run down multiple different paths simultaneously. The in-depth interviews that follow will deepen your understanding of the more complex and long-tail nature of this peril. I'd like to put you right in the room in the shoes of the Directors of a company as an attack unfolds. We're going behind the scenes to uncover what it's really like when a business becomes the target of a digital assault, from the immediate shock to the long-term repercussions that are often ignored by boards. We're also going to go into detail on how the nature of the cyber threat and the tactics of cyber criminals are evolving. To help me in this task my guests are: Magnus Jelen, (pictured top) Director of Incident Response EMEA for Coveware, a firm that helps victims of cyber extortion recover their data; and three senior executives at Beazley: Raf Sanchez (pictured 2nd from top), Beazley's Head of Cyber Services, Cyber Risks. Melissa Collins, (pictured 2nd from bottom) Head of Third Party Cyber & Tech Claims, and Wayne Imrie, (pictured bottom) Head of London Market Wholesale Executive Risks. Magnus and Raf are right on the front line, dealing with the immediate consequences of a hack. Magnus even deals with the hackers themselves. Melissa deals with the external insurance claims that result and Wayne is a Directors and Officers (D&O) specialist who has a deep understanding of how the D&O and Cyber insurance products interact. LINKS:  As promised, here is the link to Beazley's latest Risk and Resilience Survey Spotlight on Tech Transformation & Cyber Risk 2025: https://www.beazley.com/en-001/news-and-events/spotlight-on-tech-transformation-cyber-risk-2025/

Podcast: Industrial Cybersecurity InsiderEpisode: Plant-Level Cyber Risk: Who's Actually Responsible?Pub date: 2025-07-22Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this episode, Dino Busalachi and Craig Duckworth tackle one of the most overlooked threats in cybersecurity: the number of industrial vendors and system integrators in manufacturing environments. The conversation addresses the relationship and communication gap between IT and the teams responsible for designing and supporting industrial control systems. They emphasize the need for improved governance, enhanced vendor accountability, and clear ownership of cyber risk. Whether you're a CISO, CIO, or VP of Engineering, this episode offers actionable insight into bridging the IT/OT divide, securing plant floors, and building a cybersecurity strategy that works at the edge of your business.Chapters:00:00:00 - Kicking Off: Why Transparency in Cyber Matters00:00:43 - Who's Talking? Meet Craig & Dino00:01:05 - The Big Question: What's IT's Role in Industrial Security?00:01:35 - When Too Many Vendors = Chaos00:02:37 - How to Actually Secure OT Environments00:03:46 - Choosing the Right Partners (and Asking the Right Questions)00:12:37 - Why Cyber Teams Need Plant Floor Time00:14:24 - Getting Smarter: Use External Experts & Vendor Summits00:18:22 - IT Meets OT: Closing the Culture Gap00:30:03 - What Now? Practical Next Steps for CISOsLinks And Resources:Want to Sponsor an episode or be a Guest? Reach out here.Industrial Cybersecurity Insider on LinkedInCybersecurity & Digital Safety on LinkedInBW Design Group CybersecurityDino Busalachi on LinkedInCraig Duckworth on LinkedInThanks so much for joining us this week. Want to subscribe to Industrial Cybersecurity Insider? Have some feedback you'd like to share? Connect with us on Spotify, Apple Podcasts, and YouTube to leave us a review!The podcast and artwork embedded on this page are from Industrial Cybersecurity Insider, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

This week, we are pleased to be joined by ⁠George Glass⁠, Associate Managing Director of ⁠Kroll⁠'s Cyber Risk business, as he is discussing their research on Scattered Spider and their targeting of insurance companies. While Scattered Spider has recently turned its attention to the airline industry, George focuses on the broader trend of the group's industry-by-industry approach and what that means for defenders across sectors. George and Dave discuss the group's history, their self-identification as a cartel, and their increasingly aggressive tactics, including the use of fear-based social engineering, physical threats, and the recruitment of insiders at telecom providers. They also examine how organizations—especially those with vulnerabilities similar to past targets—can proactively defend against this threat and prepare an effective response if their industry becomes the next focus. Complete our annual ⁠⁠audience survey⁠⁠ before August 31. Learn more about your ad choices. Visit megaphone.fm/adchoices

This week, we are pleased to be joined by George Glass, Associate Managing Director of Kroll's Cyber Risk business, as he is discussing their research on Scattered Spider and their targeting of insurance companies. While Scattered Spider has recently turned its attention to the airline industry, George focuses on the broader trend of the group's industry-by-industry approach and what that means for defenders across sectors. George and Dave discuss the group's history, their self-identification as a cartel, and their increasingly aggressive tactics, including the use of fear-based social engineering, physical threats, and the recruitment of insiders at telecom providers. They also examine how organizations—especially those with vulnerabilities similar to past targets—can proactively defend against this threat and prepare an effective response if their industry becomes the next focus. Complete our annual ⁠audience survey⁠ before August 31. Learn more about your ad choices. Visit megaphone.fm/adchoices

Quantifying cyber risk is now a necessity for businesses navigating the evolving threat landscape. In this episode of the Risk Management Show, we discussed why quantifying cyber risk is the new imperative for businesses. Our guest, Asdrúbal Pichardo, CEO of Squalify—a cyber risk quantification platform backed by Munich Reinsurance—shares how their top-down approach to cyber risk quantification is transforming the way companies prioritize cybersecurity investments and communicate with boards. We explored real-world examples, common pitfalls in cybersecurity investment, and how benchmarking cyber posture can elevate your strategy. If you're a Chief Risk Officer, CISO, or CFO looking to align strategies and speak the same language about cyber security and risk management, this episode provides the insights you need. Plus, learn about Squalify's CRQ readiness assessment tool and how it supports organizations in making informed decisions. Please check the Squalify's CRQ Readiness Assessment https://squalify.fillout.com/t/5dGf2f8tmcus If you want to be our guest or suggest a guest, send your email to info@globalriskconsult.com with the subject line "Guest Proposal."

Software enables our way of life, but market forces have sidelined security concerns leaving systems vulnerable to attack. Fixing this problem will require the software industry to develop an initial standard for creating software that is secure by design. These are the findings of a recently released paper coauthored by Greg Touhill, director of the Software Engineering Institute (SEI) CERT Division. In this latest SEI podcast, Touhill and Matthew Butkovic, director of Cyber Risk and Resilience at CERT, discuss the paper including its recommendations for making software secure by design.  

What do tariffs, AI adoption, and digital readiness have in common? They're all reshaping the future of wholesale distribution.In this episode of Around the Horn in Wholesale Distribution, hosts Kevin Brown and Tom Burton unpack the forces shaping the industry from rising cybersecurity threats to the real reason distributors aren't seeing results from generative AI tools.This episode blends actionable economic insights with digital transformation strategy and is a must-listen for Revenue Leaders in Distribution preparing for what's next.What You'll Learn:Why small interest rate changes have massive implications for national debt and distributor marginsThe hidden danger of weak cybersecurity hygiene in mid-size distributorsWhat's actually holding companies back from successful AI implementation (hint: it's not the tools)How Smart CRM and Sales Co-Pilot platforms help future-proof sales organizationsWhy Collaborative Planning & Forecasting (CPFR) is a strategic advantage in uncertain timesEpisode Highlights:05:20 – What the Fed's hesitation on rate cuts means for distributors12:45 – How tariffs are being used as economic leverage, not just punishment22:10 – Why reshoring is gaining momentum in wholesale distribution35:08 – The untold reasons AI is stalling in sales organizations45:50 – How today's B2B buyers behave before they ever speak to sales57:30 – Aligning AI tools with workflow clarity and CRM data hygiene01:08:15 – Cybersecurity risks for mid-size distributors: real threats and blind spots01:17:40 – Future-proofing your strategy with AI, succession readiness & smarter sales planning

Banking on Fraudology is part of the Fraudology Podcast Network.In this illuminating episode of Banking on Fraudology, host Hailey Windham sits down with Bryan Watkinson, a risk management expert from Affinity Federal Credit Union. Bryan shares his wealth of experience in operational risk, fraud prevention, and the emerging field of cannabis banking. The conversation kicks off with a look at Bryan's popular "Fraud Friday" social media posts, which break down complex fraud threats in an accessible way. Bryan reveals how these posts have become a rallying cry for other departments to embrace risk education.The discussion then dives into the challenges of managing multiple risk verticals in a mid-sized credit union. Bryan offers invaluable insights on prioritizing threats, from cybersecurity concerns stemming from global conflicts to the day-to-day battles against check fraud and account takeovers. He emphasizes the importance of staying vigilant without overreacting, sharing strategies for keeping teams at a steady "level 4 or 5" of alertness. One of the episode's highlights is Bryan's candid take on cannabis banking, detailing how Affinity navigated this complex new terrain.Listeners will come away with practical advice on making risk relatable across an organization, fostering transparency, and building a strong risk culture. Bryan's approach of "showing up" to branches with donuts and real conversations exemplifies his philosophy of hands-on leadership. Whether you're a seasoned risk professional or new to the field, this episode offers a masterclass in balancing vigilance with approachability. Don't miss Bryan's parting words on the power of networking and continuous learning in the fight against fraud. Tune in to gain insights that will elevate your risk management game and protect your institution.Bryan WatkinsonAbout Hailey Windham:As a 2023 CU Rockstar Recipient, Hailey Windham, CFCS (Certified Financial Crimes Specialist) demonstrated unbounding passion for educating her community, organization and credit union membership on scams in the market and best practices to avoid them. She has implemented several programs within her previous organizations that aim at holistically learning about how to prevent and detect fraud targeted at membership and employees. Windham's initiatives to build strong relationships and partnerships throughout the credit union community and industry experts have led to countless success stories. Her applied knowledge of payments system programs combined with her experience in fraud investigations offers practical concepts that are transferable, no matter the organization's size. Connect with Hailey on LinkedIn: https://www.linkedin.com/in/hailey-windham/

Cyber threats are not static—and HITRUST knows assurance can't be either. That's why HITRUST's Michael Moore is leading efforts to ensure the HITRUST framework evolves in step with the threat environment, business needs, and the technologies teams are using to respond.In this episode, Moore outlines how the HITRUST Cyber Threat Adaptive (CTA) program transforms traditional assessment models into something far more dynamic. Instead of relying on outdated frameworks or conducting audits that only capture a point-in-time view, HITRUST is using real-time threat intelligence, breach data, and frameworks like MITRE ATT&CK and MITRE ATLAS to continuously evaluate and update its assessment requirements.The E1 and I1 assessments—designed for organizations at different points in their security maturity—serve as flexible baselines that shift with current risk. Moore explains that by leveraging CTA, HITRUST can add or update controls in response to rising attack patterns, such as the resurgence of phishing or the emergence of AI-driven exploits. These updates are informed by a broad ecosystem of signals, including insurance claims data and AI-parsed breach reports, offering both frequency and impact context.One of the key advantages Moore highlights is the ability for security teams to benefit from these updates without having to conduct their own exhaustive analysis. As Moore puts it, “You get it by proxy of using our frameworks.” In addition to streamlining how teams manage and demonstrate compliance, the evolving assessments also support conversations with business leaders and boards—giving them visibility into how well the organization is prepared for the threats that matter most right now.HITRUST is also planning to bring more of this intelligence into its assessment platform and reports, including showing how individual assessments align with the top threats at the time of certification. This not only strengthens third-party assurance but also enables more confident internal decision-making—whether that's about improving phishing defenses or updating incident response playbooks.From AI-enabled moderation of threats to proactive regulatory mapping, HITRUST is building the connective tissue between risk intelligence and real-world action.Note: This story contains promotional content. Learn more.Guest: Michael Moore, Senior Manager, Digital Innovation at HITRUST | On LinkedIn: https://www.linkedin.com/in/mhmoore04/Hosts:Sean Martin, Co-Founder at ITSPmagazine and Host of Redefining CyberSecurity Podcast | https://www.seanmartin.com/Marco Ciappelli, Co-Founder at ITSPmagazine and Host of Redefining Society Podcast & Audio Signals Podcast | https://www.marcociappelli.com/______________________Keywords: sean martin, marco ciappelli, michael moore, hitrust, cybersecurity, threat intelligence, risk management, compliance, assurance, ai security, brand story, brand marketing, marketing podcast, brand story podcast______________________ResourcesVisit the HITRUST Website to learn more: https://itspm.ag/itsphitwebLearn more and catch more stories from HITRUST on ITSPmagazine: https://www.itspmagazine.com/directory/hitrustLearn more about ITSPmagazine Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story

What if everything we've been doing in cybersecurity awareness training is not just outdated — but harmful?In this episode of Reimagining Cyber, Rob Aragao, Chief Security Strategist at OpenText, talks with Craig Taylor, co-founder and CISO at CyberHoot,  who makes a bold claim: punishment-based training is not only ineffective — it's counterproductive. Drawing from his background in psychology and years of cybersecurity leadership, Craig explains why we need to ditch outdated tactics and embrace positive reinforcement to reduce human risk.From the failure of fake phishing tests to real-world results from forward-thinking organizations, Craig reveals a smarter, more human-centered way to train. If you're tired of scare tactics and want a strategy that actually builds cyber resilience, this episode is your wake-up call.Follow or subscribe to the show on your preferred podcast platform.Share the show with others in the cybersecurity world.Get in touch via reimaginingcyber@gmail.com As featured on Million Podcasts' Best 100 Cybersecurity Podcast and Best 70 Chief Information Security Officer CISO Podcasts rankings.

Send us a text