Podcasts about cyber risk management

Send us a textJoin Joe as he reconnects with Matthew Alderman, Chief Product Officer at CyberSaint, in this insightful episode of the podcast! With over 250 episodes under his belt, Joe dives deep with Matthew, a cybersecurity veteran, podcast host, and advisor, to explore:CyberSaint's Game-Changing Approach: How CyberSaint uses historical loss data to revolutionize cyber risk quantification, helping CISOs justify budgets with real financial metrics.Career Insights: Matthew shares his journey, from running startups to advising new ventures, and how he balances multiple roles (CPO, podcast host, advisor, and family man).Leadership & Communication: Why CISOs need to speak the language of business to earn a seat at the boardroom table.Practical Tips: Advice on avoiding burnout, building a mentorship network, and leveraging your personal brand in cybersecurity. Free Cyber Risk Analysis: Visit CyberSaint.io to benchmark your organization's cyber risk against industry peers. Connect with Matthew: Find him on LinkedIn Matthew Alderman or X @Maldermania Listen to Matthew's Podcast: Check out Business Security Weekly at securityweekly.com/BSW.Chapters00:00 Reconnecting and Reflecting on Podcasting Journey02:19 Balancing Multiple Roles and Responsibilities05:44 The Importance of Personal Well-being07:53 Career Goals and Retirement Aspirations10:31 Integrating Consulting and Podcasting11:55 The Value of Mentorship in Professional Growth15:02 Building Trust and Reputation in Networking16:39 Leveraging Podcasting for Career Opportunities18:20 Innovations in Cyber Risk Management23:07 Integrating Risk and Control Data25:30 The Importance of Risk Quantification28:33 Communicating Cyber Risk to the Board30:41 CISO's Role in Business Strategy33:03 Free Cyber Risk Analysis Offering36:20 Customizing Risk Models39:58 Real-Time Risk Monitoring42:24 Targeting Public Companies for Cyber Risk Solutions45:14 Closing Thoughts and Future DirectionsSubscribe for more cybersecurity insights, leadership tips, and industry trends! Drop your thoughts in the comments below—how do you approach cyber risk in your organization?Support the showFollow the Podcast on Social Media! Tesla Referral Code: https://ts.la/joseph675128 YouTube: https://www.youtube.com/@securityunfilteredpodcast Instagram: https://www.instagram.com/secunfpodcast/Twitter: https://twitter.com/SecUnfPodcast

➡️ Like The Podcast? Leave A Rating: https://ratethispodcast.com/successstory  In this "Lessons" episode, Theresa Payton, former White House CIO, shares how predictable human behavior creates vulnerabilities in cybersecurity and why conventional defenses often fall short. Learn why routine security measures are exploited by sophisticated social engineering and how designing innovative, personalized protocols can disrupt attackers and strengthen digital defenses. ➡️ Show Linkshttps://successstorypodcast.com  YouTube: https://youtu.be/bH8DwhGUg0cApple: https://podcasts.apple.com/us/podcast/theresa-payton-cybersecurity-expert-author-former-white/id1484783544Spotify: https://open.spotify.com/episode/5DLZKqN89CTRVXW2Hi3Pq5➡️ Watch the Podcast on YouTubehttps://www.youtube.com/c/scottdclary 

Dave Sampson is the Vice President of Cyber Risk & Strategy at Thrive. In his role, he heads Thrive's Consulting Practice, where he and his team of experts join forces with clients to deliver strategic guidance on a range of topics, including cybersecurity, IT operations, Cloud, Microsoft 365, compliance, disaster recovery planning, and more. Over the course of his extensive career, Dave has taken up various influential positions in the industry. He served as a Senior Consulting Technical Solution Manager at IBM, was Executive Vice President and Chief Technology Officer at Itrica, founded and served as CEO of Cloud Provider USA, and held the position of Chief Technology Officer at ColoSpace. Dave holds an MBA from Northeastern University and a BS in Communication and Media Studies from Emerson College. He is a former elected official in his hometown of Sandwich, MA. In this episode… As the cyber threat landscape becomes more unpredictable, organizations often struggle with implementing and managing different security tools and ensuring systems communicate effectively to keep up with threats. Organizations can no longer afford to take a reactive approach. Without a clear strategy and proper proactive security measures, organizations face operational disruptions, increased vulnerability to attacks, and challenges in responding to security incidents. So, how can companies take a smarter, more proactive approach to cyber risk management? A proactive cybersecurity strategy isn't just about having the right tools — it's about integrating these tools effectively and ensuring visibility across systems to detect risk and prepare for worst-case scenarios. Companies like Thrive are making this process more efficient with their security platform that combines industry leading security tools, real-time monitoring, and AI-driven automation into a cohesive, managed solution that helps companies optimize operations and mitigate cyber risks. Yet, beyond the technology, companies also need to establish a disaster recovery plan, maintain transparency with third-party vendors, and perform privacy and security risk assessments to further enhance security and privacy measures and incident preparedness. In this episode of She Said Privacy/He Said Security, Jodi and Justin Daniels talk with Dave Sampson, VP of Cyber Risk & Strategy at Thrive, about the critical components of cyber risk management. Dave discusses the challenges of integrating security solutions, the lessons learned from the CrowdStrike incident, and how AI is both a threat and an advantage in cybersecurity. He shares insights on cybersecurity best practices and discusses the growing need for outsourcing cybersecurity expertise, the role of third-party risk management, and the importance of disaster recovery planning. Dave also offers practical tips for strengthening both personal and enterprise security, emphasizing the need for vigilance, adaptability, and a proactive security mindset.

ZeroRisk, a leader in merchant risk and compliance management software has announced it has raised $4 million in a funding round led by Elkstone. ZeroRisk will use the funding to expand its U.S. presence where it serves a number of Tier 1 acquiring banks. Founded in 2023 to redefine compliance and cybersecurity, ZeroRisk transforms end-to-end merchant management for leading financial institutions across the globe. Its technology streamlines payment card industry compliance and delivers real-time data insights for acquiring banks, payment service providers, digital sellers, and other financial institutions to manage complex portfolios. ZeroRisk's Merchant Management platform is a unified, cloud-native solution that turns complex processes into one scalable system. The software allows users to manage all aspects of merchant risk and compliance such as the Payment Card Industry Data Security Standard and the NIST Cyber Security Framework. By leveraging vast amounts of data, the platform provides real-time analytics, dynamic risk scoring, and actionable insights. This helps organisations identify vulnerabilities and surface cyber risks before they become critical issues. The platform also integrates automated compliance workflows and a curated solutions marketplace, allowing users to proactively enhance performance, and improve decision-making. "ZeroRisk's platform sets a new standard for merchant risk management at acquiring banks, expanding beyond cybersecurity and compliance to address broader merchant risks and other critical compliance standards'" said Gary Nolan, Co-Founder and CEO of ZeroRisk. "This funding allows us to scale globally and continue delivering innovative solutions to our customers." The payment card industry is grappling with increasingly sophisticated cyber threats and mounting regulatory demands. The majority (80%) of global companies fail to meet PCI compliance standards, particularly in the SMB space, underscoring the critical need for enhanced security measures and strict adherence to evolving regulations. Zerorisk's platform is addressing these threats by providing enterprise-grade security solutions tailored for small and mid-size businesses at scale. Through advanced risk intelligence, automation and seamless compliance enablement, Zerorisk empowers SMB's to protect their businesses with the same level of security as larger enterprises. By democratising cybersecurity, ZeroRisk is bridging the gap between regulatory complexity and practical, cost-effective protection - ensuring that every merchant, regardless of size, can operate with confidence in an evolving threat landscape. ZeroRisk will use the new financing to expand its operations globally, particularly in the U.S. market. The company is hiring for 40 roles across a variety of functions, including data science, user experience, product, engineering, and sales and marketing. These new roles will enable the firm to enhance the delivery of cutting-edge solutions that empower acquiring banks, ISOs, and merchants with real-time insights and advanced compliance tools. "ZeroRisk is uniquely positioned to help acquiring banks manage the complexities of merchant portfolios in an evolving cyber risk landscape," said Niall McEvoy, Head of Venture at Elkstone. "Their scalable solutions and innovative use of AI are setting a new standard for risk management in the payment ecosystem, and we're proud to support their ambitious plans for growth." See more stories here.

Today, I am delighted to welcome Dave Furneaux, Founder & CEO of BlueIO, an innovative, mission-driven builder capitalist investment company. Dave is a co-founder and investor in a number of innovative companies, such as Blaze (acquired by Akamai), Cybersaint (a leading Cyber Risk Management company), Greenlight Biosciences (EPA approved breakthrough RNA bio-chemical platform for clean food), Lufa Farms (a leading agricultural technology company), Lumicell (an FDA approved platform for Cancer therapy) and Virsec (a breakthrough cyber protection company). He has been a driving force behind many breakthrough technology, health, and food companies as a founder, operator, investor, and active board leader. Some notable examples include Watchfire (acquired by IBM), Skystone (acquired by Cisco Systems), Application Security (acquired by SingTel) and Aironet (acquired by Cisco Systems). Earlier in his career, Dave founded and led Kodiak Venture Partners, which went on to invest in and build companies such as Appnexus (acquired by AT&T), Channel Advisor (NYSE: ECOM), Extreme (acquired by Microchip), Enfora (acquired by Sierra Wireless), IM Logic (acquired by Symantec) and WHERE (acquired by Paypal). David believes, and we at FOX agree, that families are uniquely positioned and endowed to create, build, and innovate by putting their family capital, their entrepreneurial spirit, and creativity to work to solve the big problems our world is facing. He talks about why he has this conviction, how he sees it play out today, and why and how families play this key role in innovation and building new solutions and products. The topic of our conversation with Dave is encapsulated in a relatively new term: “Builder Capitalism”. Dave defines Builder Capitalism for our audience, describes the tenets of this investment philosophy, and outlines the mindset and skills it requires. He also paints the picture of how Builder Capitalism is manifested in reality through the activities and behaviors of entrepreneurs. Dave offers many practical tips and suggestions to the different market players who are interested in Builder Capitalism, starting with what investors need to know or do if they want to participate in this movement and allocate their capital (financial and non-financial) to Builder Capitalist ventures. He also provides his advice to entrepreneurs and founders who share this belief system and see themselves and their startups as members of this Builder Capitalism economy. Finally, Dave offers his insights into the resources available to both investors and founders to become better educated about Builder Capitalism and to be better connected into the emerging ecosystem of this rising entrepreneurial movement. This is a must-hear conversation with one of the leading thought leaders, practitioners, and innovators in the Builder Capitalism movement, who is also a family principal and leader of his own multigenerational entrepreneurial family.

Guest: Jinan Budge, Vice President, Principal Analyst serving Security & Risk professionals, ForresterOn LinkedIn | https://www.linkedin.com/in/jinan-budge-2898132/Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast & Audio Signals PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesThe Australian Cyber Conference Melbourne 2024 is a dynamic hub of innovation, bringing together top cybersecurity professionals and thought leaders to tackle the industry's most pressing challenges. On this On Location Recording Sean Martin and Marco Ciappelli have a  conversation with Jinan Budge, Vice President at Forrester Research, focusing on the vital role of human-centered security in today's evolving landscape.Building a Human-Centered Cybersecurity CultureOne of the central themes of the discussion was the shift from traditional security awareness programs to human risk management. Jinan Budge emphasized the need to move beyond treating people as liabilities and instead design security practices that align with individual behaviors and motivations. This evolution toward human-centered cybersecurity is essential to addressing the unique risks posed by human behavior while fostering a culture of adaptability and trust.Collaboration Between Enterprises and VendorsThe podcast highlighted the shared responsibility between enterprises and vendors to advance security practices. Enterprises must embrace adaptive security solutions tailored to their workforce, while vendors have a pivotal role in driving innovation and educating the market. This partnership is key to creating flexible, effective solutions that meet the needs of diverse organizations, from startups to global enterprises.Understanding the Human Element in Data BreachesBudge introduced a framework she calls the “wheel of human element breaches,” which categorizes risks such as social engineering, human error, and insider threats. This comprehensive approach pushes the conversation beyond the common narrative of phishing attacks, encouraging organizations to adopt holistic strategies that address the root causes of human-driven vulnerabilities.Education and Continuous LearningMarco Ciappelli and Jinan Budge underscored the importance of integrating cybersecurity education into early learning environments. Instilling digital safety habits at a young age helps build an instinctive understanding of cybersecurity, preparing future generations for the increasingly digital workplace. This foundation ensures smoother transitions into organizational cultures where cybersecurity is second nature.ConclusionThe discussions at the Australian Cyber Conference Melbourne 2024 illuminated the industry's growing focus on human-centered strategies and collaboration between enterprises and vendors. These efforts underscore the importance of proactively addressing human risks and integrating cybersecurity education into every level of society. Events like this continue to shape the future, offering invaluable insights and inspiration for those dedicated to advancing the field.____________________________This Episode's SponsorsThreatlocker: https://itspm.ag/threatlocker-r974____________________________ResourcesLearn more and catch more stories from Australian Cyber Conference 2024 coverage: https://www.itspmagazine.com/australian-cyber-conference-melbourne-2024-cybersecurity-event-coverage-in-australiaBe sure to share and subscribe!____________________________Catch all of our event coverage: https://www.itspmagazine.com/technology-cybersecurity-society-humanity-conference-and-event-coverageTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastTo see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcastWant to tell your Brand Story Briefing as part of our event coverage?Learn More

Guest: Jinan Budge, Vice President, Principal Analyst serving Security & Risk professionals, ForresterOn LinkedIn | https://www.linkedin.com/in/jinan-budge-2898132/Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast & Audio Signals PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesThe Australian Cyber Conference Melbourne 2024 is a dynamic hub of innovation, bringing together top cybersecurity professionals and thought leaders to tackle the industry's most pressing challenges. On this On Location Recording Sean Martin and Marco Ciappelli have a  conversation with Jinan Budge, Vice President at Forrester Research, focusing on the vital role of human-centered security in today's evolving landscape.Building a Human-Centered Cybersecurity CultureOne of the central themes of the discussion was the shift from traditional security awareness programs to human risk management. Jinan Budge emphasized the need to move beyond treating people as liabilities and instead design security practices that align with individual behaviors and motivations. This evolution toward human-centered cybersecurity is essential to addressing the unique risks posed by human behavior while fostering a culture of adaptability and trust.Collaboration Between Enterprises and VendorsThe podcast highlighted the shared responsibility between enterprises and vendors to advance security practices. Enterprises must embrace adaptive security solutions tailored to their workforce, while vendors have a pivotal role in driving innovation and educating the market. This partnership is key to creating flexible, effective solutions that meet the needs of diverse organizations, from startups to global enterprises.Understanding the Human Element in Data BreachesBudge introduced a framework she calls the “wheel of human element breaches,” which categorizes risks such as social engineering, human error, and insider threats. This comprehensive approach pushes the conversation beyond the common narrative of phishing attacks, encouraging organizations to adopt holistic strategies that address the root causes of human-driven vulnerabilities.Education and Continuous LearningMarco Ciappelli and Jinan Budge underscored the importance of integrating cybersecurity education into early learning environments. Instilling digital safety habits at a young age helps build an instinctive understanding of cybersecurity, preparing future generations for the increasingly digital workplace. This foundation ensures smoother transitions into organizational cultures where cybersecurity is second nature.ConclusionThe discussions at the Australian Cyber Conference Melbourne 2024 illuminated the industry's growing focus on human-centered strategies and collaboration between enterprises and vendors. These efforts underscore the importance of proactively addressing human risks and integrating cybersecurity education into every level of society. Events like this continue to shape the future, offering invaluable insights and inspiration for those dedicated to advancing the field.____________________________This Episode's SponsorsThreatlocker: https://itspm.ag/threatlocker-r974____________________________ResourcesLearn more and catch more stories from Australian Cyber Conference 2024 coverage: https://www.itspmagazine.com/australian-cyber-conference-melbourne-2024-cybersecurity-event-coverage-in-australiaBe sure to share and subscribe!____________________________Catch all of our event coverage: https://www.itspmagazine.com/technology-cybersecurity-society-humanity-conference-and-event-coverageTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastTo see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcastWant to tell your Brand Story Briefing as part of our event coverage?Learn More

Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast & Audio Signals PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesIn this pre-event Chats on the Road episode of the On Location with Sean and Marco Podcast, hosts Sean Martin and Marco Ciappelli meet up in person and on location to discuss their excitement and expectations for the upcoming Australia Cybersecurity Conference 2024 in Melbourne. They express their enthusiasm about reuniting with the cybersecurity community and emphasize the significance of the event, which is organized by AISA and supported by notable individuals like Akash Mattel, Megan, and Abbas Kudrati.Sean and Marco share a light-hearted opening conversation about boats and travels, setting a casual tone before diving into what they look forward to at the conference. The hosts appreciate the opportunity to connect with industry leaders and attendees, emphasizing the importance of stories in operationalizing cybersecurity in business and society.Sean highlights the need to align technology with business processes while adhering to policies and laws on a global scale. On the other hand, Marco provides a broader perspective on the interaction between individuals, society, and technology, stressing the role of cybersecurity in protecting personal privacy and fostering human interaction — it turns out it's all about the intersection of technology and culture.The hosts reflect on their past experiences in the cybersecurity field, with Sean sharing an anecdote about a vintage AV hat that represents his journey at Symantec rooted in the Australia. culture. This reflection underscores the value of learning from past and present experiences to shape a better future in cybersecurity.Sean and Marco discuss the diverse sessions and interactions planned for the event, mentioning notable speakers like Joe Sullivan and Mikko Hypponen. They are particularly excited about the wide range of topics to be covered, from policy and privacy to operational strategies and the human element in cybersecurity.As they anticipate the week ahead, Sean and Marco invite listeners to engage with them during the conference. They are eager to forge new relationships and gather stories that resonate on a global scale, underscoring the event's potential for fostering meaningful connections and enhancing cybersecurity practices worldwide.Tune in to hear Sean and Marco's thoughts on what promises to be an exciting and informative week at the Australia Cybersecurity Conference 2024. Whether you're attending the event or staying tuned from afar, this episode sets the stage for the compelling conversations and insights to come.____________________________This Episode's SponsorsThreatlocker: https://itspm.ag/threatlocker-r974____________________________Learn more and catch more stories from Australian Cyber Conference 2024 coverage: https://www.itspmagazine.com/australian-cyber-conference-melbourne-2024-cybersecurity-event-coverage-in-australiaBe sure to share and subscribe!____________________________Catch all of our event coverage: https://www.itspmagazine.com/technology-cybersecurity-society-humanity-conference-and-event-coverageTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastTo see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcastWant to tell your Brand Story Briefing as part of our event coverage?Learn More

Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast & Audio Signals PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesIn this pre-event Chats on the Road episode of the On Location with Sean and Marco Podcast, hosts Sean Martin and Marco Ciappelli meet up in person and on location to discuss their excitement and expectations for the upcoming Australia Cybersecurity Conference 2024 in Melbourne. They express their enthusiasm about reuniting with the cybersecurity community and emphasize the significance of the event, which is organized by AISA and supported by notable individuals like Akash Mattel, Megan, and Abbas Kudrati.Sean and Marco share a light-hearted opening conversation about boats and travels, setting a casual tone before diving into what they look forward to at the conference. The hosts appreciate the opportunity to connect with industry leaders and attendees, emphasizing the importance of stories in operationalizing cybersecurity in business and society.Sean highlights the need to align technology with business processes while adhering to policies and laws on a global scale. On the other hand, Marco provides a broader perspective on the interaction between individuals, society, and technology, stressing the role of cybersecurity in protecting personal privacy and fostering human interaction — it turns out it's all about the intersection of technology and culture.The hosts reflect on their past experiences in the cybersecurity field, with Sean sharing an anecdote about a vintage AV hat that represents his journey at Symantec rooted in the Australia. culture. This reflection underscores the value of learning from past and present experiences to shape a better future in cybersecurity.Sean and Marco discuss the diverse sessions and interactions planned for the event, mentioning notable speakers like Joe Sullivan and Mikko Hypponen. They are particularly excited about the wide range of topics to be covered, from policy and privacy to operational strategies and the human element in cybersecurity.As they anticipate the week ahead, Sean and Marco invite listeners to engage with them during the conference. They are eager to forge new relationships and gather stories that resonate on a global scale, underscoring the event's potential for fostering meaningful connections and enhancing cybersecurity practices worldwide.Tune in to hear Sean and Marco's thoughts on what promises to be an exciting and informative week at the Australia Cybersecurity Conference 2024. Whether you're attending the event or staying tuned from afar, this episode sets the stage for the compelling conversations and insights to come.____________________________This Episode's SponsorsThreatlocker: https://itspm.ag/threatlocker-r974____________________________Learn more and catch more stories from Australian Cyber Conference 2024 coverage: https://www.itspmagazine.com/australian-cyber-conference-melbourne-2024-cybersecurity-event-coverage-in-australiaBe sure to share and subscribe!____________________________Catch all of our event coverage: https://www.itspmagazine.com/technology-cybersecurity-society-humanity-conference-and-event-coverageTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastTo see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcastWant to tell your Brand Story Briefing as part of our event coverage?Learn More

Guest: Joe Sulllivan, CEO at Ukraine Friends [@UkraineFriends_]On Linkedin | https://www.linkedin.com/in/joesu11ivan/____________________________Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast & Audio Signals PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesThe discussion begins with Sean and Marco humorously chatting about sunsets in California versus those on the other side of the world, as they prepare for their trip. With excitement in the air, they highlight the conference's stellar lineup, especially keynote speaker Joe Sullivan, joining the conversation from Sydney. Already immersed in the Australian vibe, Sullivan shares his anticipation for the event and comments on the sunny weather awaiting them.Sullivan's career is a fascinating intersection of technology, law, and leadership. From his days as a cybercrime prosecutor to leading security efforts at Facebook and Uber, he offers a unique perspective on the evolution of cybersecurity as both a profession and a global necessity.Joe Sullivan's Career JourneyReflecting on his career path, Sullivan describes his journey as a "Jenga pile" built on diverse and dynamic experiences. He recalls his transition from government service to the tech industry during the dot-com boom, driven by curiosity and a hunger for new challenges. His work at companies like eBay, PayPal, and Facebook involved pioneering projects such as building security teams from scratch and shaping policies like responsible disclosure programs.The Role of Regulation in CybersecuritySullivan and the hosts delve into the crucial topic of regulation in cybersecurity. Drawing on his experiences, Sullivan underscores the disparity in resources between regulated and unregulated sectors, pointing to financial services and healthcare as examples. He advocates for smart, balanced regulations to ensure cybersecurity initiatives are well-funded and effective, emphasizing that structure is key to protecting industries and consumers alike.Connecting with Security Professionals GloballyThrough his global speaking engagements and commitment to attending conferences in full, Sullivan has gained valuable insights into the shared challenges facing security professionals worldwide. He highlights the universal nature of these challenges and the importance of collaboration across borders. His passion for fostering connections within the cybersecurity community resonates strongly in today's interconnected world.Humanitarian Efforts Beyond CybersecurityBeyond his professional endeavors, Sullivan shares his inspiring humanitarian work, particularly his efforts to support Ukraine through laptop donations. These initiatives, born from his professional network, illustrate the profound impact the cybersecurity community can have on broader global issues. By using technology to aid children's education in conflict zones, Sullivan underscores the power of tech to bring hope and stability to those in need.ConclusionAs the Australian Cyber Conference 2024 approaches, Joe Sullivan's insights set a compelling tone for discussions about the future of cybersecurity. His message of resilience, adaptability, and global cooperation will undoubtedly inspire attendees. For those ready to engage and learn, Sean Martin and Marco Ciappelli warmly invite you to join them in Melbourne for this transformative event — and of course, follow them subscribing to their podcast if you cannot be there.____________________________This Episode's SponsorsTHREATLOCKER: https://itspm.ag/threatlocker-r974____________________________Learn more and catch more stories from Australian Cyber Conference 2024 coverage: https://www.itspmagazine.com/australian-cyber-conference-melbourne-2024-cybersecurity-event-coverage-in-australiaBe sure to share and subscribe!____________________________ResourcesLearn more about HITRUST Collaborate 2024 and register for the conference: https://itspm.ag/asia24UkraineFriends: https://ukrainefriends.org/Learn more about and hear more stories from HITRUST: https://www.itspmagazine.com/directory/hitrust____________________________Catch all of our event coverage: https://www.itspmagazine.com/technology-cybersecurity-society-humanity-conference-and-event-coverageTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastTo see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcastWant to tell your Brand Story as part of our event coverage?Learn More

Guest: Joe Sulllivan, CEO at Ukraine Friends [@UkraineFriends_]On Linkedin | https://www.linkedin.com/in/joesu11ivan/____________________________Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast & Audio Signals PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesThe discussion begins with Sean and Marco humorously chatting about sunsets in California versus those on the other side of the world, as they prepare for their trip. With excitement in the air, they highlight the conference's stellar lineup, especially keynote speaker Joe Sullivan, joining the conversation from Sydney. Already immersed in the Australian vibe, Sullivan shares his anticipation for the event and comments on the sunny weather awaiting them.Sullivan's career is a fascinating intersection of technology, law, and leadership. From his days as a cybercrime prosecutor to leading security efforts at Facebook and Uber, he offers a unique perspective on the evolution of cybersecurity as both a profession and a global necessity.Joe Sullivan's Career JourneyReflecting on his career path, Sullivan describes his journey as a "Jenga pile" built on diverse and dynamic experiences. He recalls his transition from government service to the tech industry during the dot-com boom, driven by curiosity and a hunger for new challenges. His work at companies like eBay, PayPal, and Facebook involved pioneering projects such as building security teams from scratch and shaping policies like responsible disclosure programs.The Role of Regulation in CybersecuritySullivan and the hosts delve into the crucial topic of regulation in cybersecurity. Drawing on his experiences, Sullivan underscores the disparity in resources between regulated and unregulated sectors, pointing to financial services and healthcare as examples. He advocates for smart, balanced regulations to ensure cybersecurity initiatives are well-funded and effective, emphasizing that structure is key to protecting industries and consumers alike.Connecting with Security Professionals GloballyThrough his global speaking engagements and commitment to attending conferences in full, Sullivan has gained valuable insights into the shared challenges facing security professionals worldwide. He highlights the universal nature of these challenges and the importance of collaboration across borders. His passion for fostering connections within the cybersecurity community resonates strongly in today's interconnected world.Humanitarian Efforts Beyond CybersecurityBeyond his professional endeavors, Sullivan shares his inspiring humanitarian work, particularly his efforts to support Ukraine through laptop donations. These initiatives, born from his professional network, illustrate the profound impact the cybersecurity community can have on broader global issues. By using technology to aid children's education in conflict zones, Sullivan underscores the power of tech to bring hope and stability to those in need.ConclusionAs the Australian Cyber Conference 2024 approaches, Joe Sullivan's insights set a compelling tone for discussions about the future of cybersecurity. His message of resilience, adaptability, and global cooperation will undoubtedly inspire attendees. For those ready to engage and learn, Sean Martin and Marco Ciappelli warmly invite you to join them in Melbourne for this transformative event — and of course, follow them subscribing to their podcast if you cannot be there.____________________________This Episode's SponsorsThreatlocker: https://itspm.ag/threatlocker-r974____________________________Learn more and catch more stories from Australian Cyber Conference 2024 coverage: https://www.itspmagazine.com/australian-cyber-conference-melbourne-2024-cybersecurity-event-coverage-in-australiaBe sure to share and subscribe!____________________________ResourcesUkraineFriends: https://itspm.ag/ukrainwwmj____________________________Catch all of our event coverage: https://www.itspmagazine.com/technology-cybersecurity-society-humanity-conference-and-event-coverageTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastTo see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcastWant to tell your Brand Story as part of our event coverage?Learn More

11-04-2024 Jason Rorie Learn more about the interview and get additional links here: https://thedailyblaze.com/third-party-vendor-cyber-risk-management/ Subscribe to the best of our content here: https://priceofbusiness.substack.com/ Subscribe to our YouTube channel here: https://www.youtube.com/channel/UCywgbHv7dpiBG2Qswr_ceEQ

Send us a textEstablishing a robust cybersecurity risk management program is paramount for any organization. As a CISO, the task of safeguarding critical assets and sensitive data can be daunting. However, leveraging the Cyber Defense Matrix (CDM) as a strategic framework can lay a solid foundation for your cybersecurity program and proactively mitigate risks. This article outlines the first five crucial steps I would take if tasked with setting up a cyber risk management program, emphasizing the integration of the CDM for optimal effectiveness.Dr. B.Advisory Services: https://www.execcybered.com/advisory-services>>Schedule Call

In this episode we revisiting last week's topic of cybersecurity and mental health – this time, looking at how our mental health state affects our ability to be able to make good cybersecurity decisions. To break down this important topic, we're joined once again by Catherine Knibbs, a Psychotherapist and specialist in online harms.This is Technology Now, a weekly show from Hewlett Packard Enterprise. Every week we look at a story that's been making headlines, take a look at the technology behind it, and explain why it matters to organizations and what we can learn from it. Do you have a question for the expert? Ask it here using this Google form: https://forms.gle/8vzFNnPa94awARHMA About this week's guest: https://www.childrenandtech.co.uk/ Sources and statistics cited in this episode: 90% of employees could make  data errors that open up cyber risk: https://www.tessian.com/research/the-psychology-of-human-error/ Cost of organizational cyberattacks: https://www.statista.com/statistics/1324063/cost-of-data-breaches-in-financial-industry-worldwide/New test of AI's ability to think like a human: https://www.safe.ai/blog/humanitys-last-examCatherine has a new book out in October 2024 – ‘Managing your social media and gaming habits'. Find out more: https://www.childrenandtech.co.uk/

In this episode we revisiting last week's topic of cybersecurity and mental health – this time, looking at how our mental health state affects our ability to be able to make good cybersecurity decisions. To break down this important topic, we're joined once again by Catherine Knibbs, a Psychotherapist and specialist in online harms.This is Technology Now, a weekly show from Hewlett Packard Enterprise. Every week we look at a story that's been making headlines, take a look at the technology behind it, and explain why it matters to organizations and what we can learn from it. Do you have a question for the expert? Ask it here using this Google form: https://forms.gle/8vzFNnPa94awARHMA About this week's guest: https://www.childrenandtech.co.uk/ Sources and statistics cited in this episode: 90% of employees could make  data errors that open up cyber risk: https://www.tessian.com/research/the-psychology-of-human-error/ Cost of organizational cyberattacks: https://www.statista.com/statistics/1324063/cost-of-data-breaches-in-financial-industry-worldwide/New test of AI's ability to think like a human: https://www.safe.ai/blog/humanitys-last-examCatherine has a new book out in October 2024 – ‘Managing your social media and gaming habits'. Find out more: https://www.childrenandtech.co.uk/

In this episode we revisiting last week's topic of cybersecurity and mental health – this time, looking at how our mental health state affects our ability to be able to make good cybersecurity decisions. To break down this important topic, we're joined once again by Catherine Knibbs, a Psychotherapist and specialist in online harms.This is Technology Now, a weekly show from Hewlett Packard Enterprise. Every week we look at a story that's been making headlines, take a look at the technology behind it, and explain why it matters to organizations and what we can learn from it. Do you have a question for the expert? Ask it here using this Google form: https://forms.gle/8vzFNnPa94awARHMA About this week's guest: https://www.childrenandtech.co.uk/ Sources and statistics cited in this episode: 90% of employees could make  data errors that open up cyber risk: https://www.tessian.com/research/the-psychology-of-human-error/ Cost of organizational cyberattacks: https://www.statista.com/statistics/1324063/cost-of-data-breaches-in-financial-industry-worldwide/New test of AI's ability to think like a human: https://www.safe.ai/blog/humanitys-last-examCatherine has a new book out in October 2024 – ‘Managing your social media and gaming habits'. Find out more: https://www.childrenandtech.co.uk/

How can cybersecurity practitioners easily keep up with the changes in the "big picture" of cyber risk management? Let's find out with your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.

In this episode we are looking at a topic which we could spend a whole lot longer than one episode on, so we're going to make it a two-parter - cybersecurity and mental health. We'll be looking at two aspects in particular - why our health data is particularly vulnerable and of interest to criminals, and how our mental health state affects our ability to be able to make good cybersecurity decisions. In this episode, we'll be discussing the first part of the equation with Catherine Knibbs, a Psychotherapist and specialist in online harms.This is Technology Now, a weekly show from Hewlett Packard Enterprise. Every week we look at a story that's been making headlines, take a look at the technology behind it, and explain why it matters to organizations and what we can learn from it. Do you have a question for the expert? Ask it here using this Google form: https://forms.gle/8vzFNnPa94awARHMA About this week's guest, Catherine Knibbs: https://www.childrenandtech.co.uk/ Sources and statistics cited in this episode: Mental health data more valuable than credit card data on the dark web: https://kevincurran.org/security/patient-data-10-15-times-more-valuable-than-credit-card-data/Statistics on compromised health records: https://pubmed.ncbi.nlm.nih.gov/36580326/Cybersecurity: a critical priority for digital mental health, published in the journal Frontiers in Digital Health: https://www.frontiersin.org/journals/digital-health/articles/10.3389/fdgth.2023.1242264/full#B3 Neanderthal and human social mixing: https://www.nature.com/articles/s41598-024-70206-y 

In this episode we are looking at a topic which we could spend a whole lot longer than one episode on, so we're going to make it a two-parter - cybersecurity and mental health. We'll be looking at two aspects in particular - why our health data is particularly vulnerable and of interest to criminals, and how our mental health state affects our ability to be able to make good cybersecurity decisions. In this episode, we'll be discussing the first part of the equation with Catherine Knibbs, a Psychotherapist and specialist in online harms.This is Technology Now, a weekly show from Hewlett Packard Enterprise. Every week we look at a story that's been making headlines, take a look at the technology behind it, and explain why it matters to organizations and what we can learn from it. Do you have a question for the expert? Ask it here using this Google form: https://forms.gle/8vzFNnPa94awARHMA About this week's guest, Catherine Knibbs: https://www.childrenandtech.co.uk/ Sources and statistics cited in this episode: Mental health data more valuable than credit card data on the dark web: https://kevincurran.org/security/patient-data-10-15-times-more-valuable-than-credit-card-data/Statistics on compromised health records: https://pubmed.ncbi.nlm.nih.gov/36580326/Cybersecurity: a critical priority for digital mental health, published in the journal Frontiers in Digital Health: https://www.frontiersin.org/journals/digital-health/articles/10.3389/fdgth.2023.1242264/full#B3 Neanderthal and human social mixing: https://www.nature.com/articles/s41598-024-70206-y 

In this episode we are looking at a topic which we could spend a whole lot longer than one episode on, so we're going to make it a two-parter - cybersecurity and mental health. We'll be looking at two aspects in particular - why our health data is particularly vulnerable and of interest to criminals, and how our mental health state affects our ability to be able to make good cybersecurity decisions. In this episode, we'll be discussing the first part of the equation with Catherine Knibbs, a Psychotherapist and specialist in online harms.This is Technology Now, a weekly show from Hewlett Packard Enterprise. Every week we look at a story that's been making headlines, take a look at the technology behind it, and explain why it matters to organizations and what we can learn from it. Do you have a question for the expert? Ask it here using this Google form: https://forms.gle/8vzFNnPa94awARHMA About this week's guest, Catherine Knibbs: https://www.childrenandtech.co.uk/ Sources and statistics cited in this episode: Mental health data more valuable than credit card data on the dark web: https://kevincurran.org/security/patient-data-10-15-times-more-valuable-than-credit-card-data/Statistics on compromised health records: https://pubmed.ncbi.nlm.nih.gov/36580326/Cybersecurity: a critical priority for digital mental health, published in the journal Frontiers in Digital Health: https://www.frontiersin.org/journals/digital-health/articles/10.3389/fdgth.2023.1242264/full#B3 Neanderthal and human social mixing: https://www.nature.com/articles/s41598-024-70206-y 

On this episode of the Tyler Tech Podcast, Tyler cybersecurity expert and account executive, Sam Hamilton, explores the critical role of human behavior in building an effective cybersecurity workforce. Sam shares key strategies for fostering a culture of cybersecurity awareness in organizations, emphasizing the importance of continuous education, personalized training, and storytelling to engage employees.Sam highlights how tailored cybersecurity education can address specific risks, making the training more relevant and impactful. He discusses successful tactics such as phishing simulations, which track employee responses to identify areas for improvement, and the benefits of positive reinforcement, including certificates and rewards, to motivate employees. He also stresses the importance of keeping cybersecurity training current with evolving threats like AI, ensuring that organizations not only meet compliance requirements but also stay ahead of emerging risks.Tune in to learn how public sector organizations can overcome challenges such as budget constraints and workforce shortages, and learn why a proactive, engaging approach to cybersecurity is essential for long-term success. Whether you're a leader in the public sector or just looking to enhance your organization's cybersecurity initiatives, this episode offers valuable strategies to drive meaningful improvement.We also detail our latest white paper about the five main risks of legacy systems. You can download that here: Is Your Legacy Digital Infrastructure Putting You at Risk?Learn more about the topics discussed in this episode with these resources:Blog: Current Cybersecurity Landscape: 3 Stats We Help You AvoidBlog: How Governments Can Secure Networks With Federal FundingDownload: Cybersecurity Solutions and Services SuiteBlog: K-12 Cybersecurity Funding: What Districts Need to KnowWebinar: Fighting Back Against CyberthreatsBlog: Tap Into Federal Funds to Improve CybersecurityVideo: Managed Threat Detection OverviewListen to other episodes of the podcast.Let us know what you think about the Tyler Tech Podcast in this survey!

Podcast: mnemonic security podcastEpisode: Risk Forecast: WindyPub date: 2024-09-16In this episode, Robby speaks with Jens Christian Vedersø, Head of Cyber Risk Management at Vestas, one of the world's largest wind turbine manufacturers.Jens is a former Navy and intelligence officer and recovering regulator. Before managing cyber risk in the renewable energy sector, Jens helped develop energy sector legislation and cyber preparedness at the Danish Energy Agency, and served as a subject matter expert for SCADA, OT, ICS and IoT at the Danish Center for Cyber Security.In the discussion Jens shares his unique perspective on how security acts as both an enabler and a potential barrier in the transition towards renewable energy transition, and how the industry needs to move from a reactive, compliance-driven approach towards a more proactive, risk-based model. Jens also shares insights into the threat landscape, potential motivations of state actors, and how Vestas is working to quantify cyber risk and empower customers to better understand and control their own cyber risks.The podcast and artwork embedded on this page are from mnemonic, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

In this episode, Robby speaks with Jens Christian Vedersø, Head of Cyber Risk Management at Vestas, one of the world's largest wind turbine manufacturers.Jens is a former Navy and intelligence officer and recovering regulator. Before managing cyber risk in the renewable energy sector, Jens helped develop energy sector legislation and cyber preparedness at the Danish Energy Agency, and served as a subject matter expert for SCADA, OT, ICS and IoT at the Danish Center for Cyber Security.In the discussion Jens shares his unique perspective on how security acts as both an enabler and a potential barrier in the transition towards renewable energy transition, and how the industry needs to move from a reactive, compliance-driven approach towards a more proactive, risk-based model. Jens also shares insights into the threat landscape, potential motivations of state actors, and how Vestas is working to quantify cyber risk and empower customers to better understand and control their own cyber risks.

Podcast: The OT and IoT Security Podcast (LS 23 · TOP 10% what is this?)Episode: The Security Sandbox | Modernizing Cyber Risk Management in OTPub date: 2024-08-28Over the past decade, operational technology (OT) systems have become increasingly digitized and more vulnerable to cyber threats, making effective cyber risk management more crucial than ever. This session will explore the concept of cyber risk, defined as the potential for loss or harm to digital infrastructure, and how you can proactively apply the latest tools, trends and techniques to reduce cyber risk and enhance the resilience of your OT systems.We'll cover:Different risk scoring approaches, like quantitative, qualitative, and hybrid models, which help organizations prioritize and address vulnerabilities. Emerging trends in cyber risk management, including the growing adoption of AI-driven analytics, automation, and integrated security frameworks. How technologies like artificial intelligence and advanced threat detection systems are reshaping how organizations mitigate risk in OT environments.The podcast and artwork embedded on this page are from Nozomi Networks, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Over the past decade, operational technology (OT) systems have become increasingly digitized and more vulnerable to cyber threats, making effective cyber risk management more crucial than ever. This session will explore the concept of cyber risk, defined as the potential for loss or harm to digital infrastructure, and how you can proactively apply the latest tools, trends and techniques to reduce cyber risk and enhance the resilience of your OT systems.We'll cover:Different risk scoring approaches, like quantitative, qualitative, and hybrid models, which help organizations prioritize and address vulnerabilities. Emerging trends in cyber risk management, including the growing adoption of AI-driven analytics, automation, and integrated security frameworks. How technologies like artificial intelligence and advanced threat detection systems are reshaping how organizations mitigate risk in OT environments.

Ever wonder what it's like to attend one of the Travelers Institute's in-person cybersecurity symposia?Check out this conversation from our April cyber symposium in San Antonio, Texas. Listen as Joan Woodward, President of the Travelers Institute®; Ernesto Ballesteros, Cybersecurity State Coordinator at the Cybersecurity and Infrastructure Security Agency (CISA); Rehman Khan, AVP of Cyber Risk Management at Travelers; and Jennifer Coughlin, Partner at Mullen Coughlin, share strategies to prepare for and respond to a cyber incident.Visit the Travelers Institute® cyber readiness hub to learn more and to find a cyber event near you: https://www.travelers.com/travelers-institute/cyber-security/cyber-readiness Access more resources on CISA's website: https://www.cisa.gov/ ---Visit the Travelers Institute® website: http://travelersinstitute.org/Join the Travelers Institute® email list: https://travl.rs/488XJZM Connect with Travelers Institute® President Joan Woodward on LinkedIn: https://www.linkedin.com/in/joan-kois-woodward/

Andy Moss and John Ellison of Reed Smith discuss insurance and cyber risk management practices for car dealerships in the wake of the CDK Global cyber attack.

Is ‘Security Theater' plaguing your efforts for cyber resilience? Chris Hodson author of “Cyber Risk Management” gives us a reality check on SecureTalk. Discover why risk is the cornerstone of every security program and how his book guides CISO's and security leaders through effective security posture scoping. Delve into aligning security with business goals, evolving CISO roles, compliance challenges, and the impact of AI. Understand the importance of risk acceptance in corporate decision-making, the role of AI in security, multi-factor authentication, and the real-world implications of security breaches. Explore cybersecurity risk management with expert Chris Hodson and Strike Graph CEO Justin Beals.

Benny Shlesinger, VP of Cyber Technologies at At-Bay, delves into the evolving landscape of cyber insurance. He discusses the unique challenges of quantifying cybersecurity risks for SMBs and shares his journey from a young programmer to a leader in the field. Discover how At-Bay balances innovation with practical risk management.

In this clip from Weathering the Storm: Cyber Insurance Risk in 2024, industry experts highlight a growing trend towards collaboration between insurers and their clients to proactively manage cyber … Read More » The post Enhancing Cyber Risk Management Through Insurer-Insured Collaboration appeared first on Insurance Journal TV.

Explore the intricate world of cybersecurity within the trucking and automotive industries through the lens of leading experts. Discover how 'Rolling Safely to Feed the Nation' and 'Wheels, Wires, Silicon, Sensors' unveil the challenges and strategies shaping the digital defense of our transportation systems.________This fictional story represents the results of an interactive collaboration between Human Cognition and Artificial Intelligence.Enjoy, think, share with others, and subscribe to "The Future of Cybersecurity" newsletter on LinkedIn.Sincerely, Sean Martin and TAPE3________Sean Martin is the host of the Redefining CyberSecurity Podcast, part of the ITSPmagazine Podcast Network—which he co-founded with his good friend Marco Ciappelli—where you may just find some of these topics being discussed. Visit Sean on his personal website.TAPE3 is the Artificial Intelligence for ITSPmagazine, created to function as a guide, writing assistant, researcher, and brainstorming partner to those who adventure at and beyond the Intersection Of Technology, Cybersecurity, And Society. Visit TAPE3 on ITSPmagazine.

Explore the intricate world of cybersecurity within the trucking and automotive industries through the lens of leading experts. Discover how 'Rolling Safely to Feed the Nation' and 'Wheels, Wires, Silicon, Sensors' unveil the challenges and strategies shaping the digital defense of our transportation systems.________This fictional story represents the results of an interactive collaboration between Human Cognition and Artificial Intelligence.Enjoy, think, share with others, and subscribe to "The Future of Cybersecurity" newsletter on LinkedIn.Sincerely, Sean Martin and TAPE3________Sean Martin is the host of the Redefining CyberSecurity Podcast, part of the ITSPmagazine Podcast Network—which he co-founded with his good friend Marco Ciappelli—where you may just find some of these topics being discussed. Visit Sean on his personal website.TAPE3 is the Artificial Intelligence for ITSPmagazine, created to function as a guide, writing assistant, researcher, and brainstorming partner to those who adventure at and beyond the Intersection Of Technology, Cybersecurity, And Society. Visit TAPE3 on ITSPmagazine.

 In today's episode of the Oyster Stew podcast, Oyster experts Len Derus and Tim Buckler delve into a crucial topic: Regulatory expectations and observations regarding cyber risk management. Learn more about the responsibilities of Chief Compliance Officers (CCOs) and what the regulatory focus on cybersecurity means for compliance programs.   Join us as we examine the key insights from FINRA's  annual report, new SEC rules, and the implications for wealth management firms.Oyster Consulting has the expertise, experience and licensed professionals you need, all under one roof. Follow us on LinkedIn to take advantage of our industry insights or subscribe to our monthly newsletter. Does your firm need help now? Contact us today!

In the recent installment of Brand Stories with BlackCloak, co-hosts Marco Ciappelli and Sean take a journey into the escalating issue of cyber threats facing venture capitalists, private equity professionals, and affluent individuals invested in cryptocurrency. This episode stands out for its insightful analysis into how cybercriminals are increasingly targeting high-net-worth individuals, employing sophisticated strategies to breach their privacy and security and to steal their cryptocurrency. The discussion, enriched by the expertise of Chris Pierson, CEO and founder of BlackCloak, along with in-depth research from his team, highlights the imperative for tailored cybersecurity solutions in an era where financial investments intersect with digital vulnerability.The conversation begins with an overview of the emerging trend where cybercriminals meticulously target individuals at the apex of financial and technological investments. Pierson's input paints a detailed picture of the advanced tactics these nefarious actors use, ranging from social engineering to advanced phishing and hacking methods. These tactics are not random; they are precisely aimed at exploiting the unique lifestyles and the consequent vulnerabilities of high-net-worth individuals, making the need for customized cybersecurity measures more critical than ever.A significant portion of the episode is dedicated to discussing the necessity of concierge-style cybersecurity services. Pierson emphasizes that BlackCloak's approach is far from generic; it offers bespoke protection plans that cater to the individual's specific lifestyle and risk profile. This personalized approach is crucial, as the assets and digital footprints of high-net-worth individuals are far from ordinary and require specialized protection strategies.Pierson further outlines essential mitigating controls and risk reduction tactics that are pivotal in safeguarding against cyber-attacks. The focus here is on creating a multi-layered defense system that protects personal devices, secures network connections, and minimizes vulnerabilities related to one's digital presence. This strategy is not only about defending against current threats but also about being agile enough to adapt to new risks as they emerge.A key insight from the discussion is BlackCloak's proactive stance in anticipating future cybersecurity challenges. The cyber threat landscape is dynamic, with criminals continuously innovating to find new ways to breach defenses. BlackCloak's methodology is centered on staying ahead of these threats through anticipation and preparation, ensuring their clients remain protected against both current and future vulnerabilities.This episode goes beyond traditional cybersecurity discussions, focusing on the nuanced challenges faced by individuals whose financial success makes them prime targets for cybercriminals. It underscores the importance of investing in advanced, personalized cybersecurity solutions in today's digital age. For venture capitalists, private equity professionals, and cryptocurrency investors, the message is clear: sophisticated, tailored cybersecurity and privacy protection is not an option but a necessity.The insights provided in this episode of Brand Stories with BlackCloak offer a comprehensive look into the complexities of protecting high-net-worth individuals in the digital realm. It serves as a crucial resource for anyone involved in high-stakes investment sectors, highlighting the need for vigilance, sophisticated security measures, and a proactive approach to cybersecurity in the face of evolving threats.Note: This story contains promotional content. Learn more: https://www.itspmagazine.com/their-infosec-storyGuest: Chris Pierson, Founder and CEO of BlackCloak [@BlackCloakCyber]On Linkedin | https://www.linkedin.com/in/drchristopherpierson/On Twitter | https://twitter.com/drchrispiersonResourcesLearn more about BlackCloak and their offering: https://itspm.ag/itspbcwebAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story

The Texas legislature recently enacted the Texas Data Privacy and Security Act, which goes into effect on July 1, 2024. Lawyers have an urgent need to understand this new legislation and its coming impacts on their practice and clients. Rocky Dhir talks with Shawn Tuma, a widely recognized expert in cybersecurity and data privacy law, to help Texas attorneys understand the elements of this act and best practices in security for compliance with new regulations.  Shawn Tuma is a partner at Spencer Fane LLP in Cyber Risk Management, Cyber Incident Response, and Cyber Security, Hacking and Data Breach Litigation.

The Texas legislature recently enacted the Texas Data Privacy and Security Act, which goes into effect on July 1, 2024. Lawyers have an urgent need to understand this new legislation and its coming impacts on their practice and clients. Rocky Dhir talks with Shawn Tuma, a widely recognized expert in cybersecurity and data privacy law, to help Texas attorneys understand the elements of this act and best practices in security for compliance with new regulations.  Shawn Tuma is a partner at Spencer Fane LLP in Cyber Risk Management, Cyber Incident Response, and Cyber Security, Hacking and Data Breach Litigation.

Embark on a journey into the heart of cybersecurity with Russ Sherman, the tech wizard behind VISO TRUST, and discover how their AI-driven platform is flipping the script on third-party cyber risk management. We chat about how VISO TRUST is changing the game by cutting down the lengthy due diligence process to just days, making it a breeze for companies to assess and manage the risks of sharing sensitive data. Grab your favorite brew and listen in as we break down the complexities of cybersecurity maturity, and how VISO TRUST simplifies the process with a tool that's as refreshing as our beverage choices for the episode.Sip on insights from our story about the inception of VISO TRUST, where Russ and his co-founder Paul combined their cybersecurity smarts to harness the power of technologies like Large Language Models (LLM) and Retrieval-Augmented Generation. These innovations aren't just fancy jargon; they're the backbone of VISO TRUSTs ability to predict and substantiate security controls, weaving together procurement and IT detection tools with finesse. And if you thought that was all, wait until we reveal how their partnership with Netskope is taking vendor management to new heights post-setup.Finally, we swap tech talk for tales from in-person industry events like RSA and Black Hat, spilling the beans on quirky marketing stunts and the thrill of networking. The episode closes with a nod to the lighter side of life, from hockey rivalries to our unique beer picks, proving that even in the world of tech, there's always room for a little fun. Tune in for this episode of Beers & Bytes where we blend serious tech discussions with a dash of casual banter you won't want to miss.Hosts:Fortify 24x7 - https://fortify24x7.comFluency Security - https://fluencysecurity.comBeers & Bytes Web - https://beersandbytespodcast.comBeers & Bytes Official Links - https://linktr.ee/beersandbytesGuest:VISO TRUST - https://visotrust.comDrinks from this episode:Golden Ginger Beer - https://www.rockymountainsoda.com Nordic Broom - https://www.elderpine.comSchnuggleZ Hazy DDH IPA - https://www.818brewing.comSupport the showSupport the show

Welcome to another episode of "Reimagining Cyber," where Stan and Rob explore the transformative landscape of cybersecurity regulations. In this insightful episode, they delve into the intricacies of the upcoming NIS2 directive from the EU, set to take effect in October 2024. Joining them is Bjørn Watne, Senior Vice President and Chief Security Officer at Telenor Group and an advisor to Europol, offering over 20 years of expertise in information security and cyber risk management.The discussion revolves around the key changes introduced by NIS2, emphasizing a baseline cybersecurity approach across essential entities in diverse sectors. Bjorn sheds light on the directive's requirements for systematic security risk management, crisis management, and heightened resilience. The episode also navigates through the complexities of supply chain control, collaboration, and reporting vulnerabilities.Drawing from Telenor Group's experience as a telecom operator, the hosts and guest unravel the distinct threat landscape faced by telecom companies, especially in dealing with advanced persistent threats and the significance of call detail records. Beyond traditional sectors, the conversation touches upon the implications of NIS2 on organizations, highlighting Telenor Group's compliance efforts.Exploring the penalties associated with NIS2 noncompliance, the episode draws parallels with GDPR, underscoring the importance of these regulations in fortifying a secure digital infrastructure. As organizations prepare for NIS2, Bjorn shares practical advice, urging a proactive approach with asset inventory, business impact analysis, and comprehensive risk assessments.Don't miss this episode packed with valuable insights into the NIS2 directive and actionable steps for organizations to elevate their cybersecurity readiness. Stay tuned and reimagine cybersecurity with Stan, Rob, and Bjorn on this informative podcast.Christmas is all about giving...so why not give Reimagining Cyber a rating and review? It helps the show climb up the podcast charts. This means more listeners, and more cybersecurity awareness. Follow or subscribe to the show on your preferred podcast platform.Share the show with others in the cybersecurity world.Get in touch via reimaginingcyber@gmail.com

Cyber has been an historically hermetic practice. A dark art. Full of mysteries and presided over by magicians both good and bad. This is a bit of an exaggeration, yet there is some truth to it. Many in our industry knew that the SEC was evaluating the role that cyber risk management and incident disclosure plays in the pricing mechanism for an equity. Many of the participants in GRC, IRM, and Cyber Risk anticipated this before the SEC had even proposed such rules. Boards, C-Suites, and Information security teams within publicly traded companies brought it up occasionally in the year preceding its adoption. Lawyers on K Street actively advocated in the press against enacting such rules, and there is still a hearty back and forth concerning the merits of SEC involvement in cyber risk. But more transparency is a very welcome development. For investors, it's essential. Industry veterans say that this development hearkens back to Sarbanes Oxley, which had very big implications for Governance, Risk, and Compliance. This is likely cyber risk's SOX moment, and the drop date is December 15th of this year on all 10-K filings. The SEC will not look kindly upon boilerplate disclosures, particularly if a cyber attack with significant losses occurs. So where do you start? This segment is sponsored by CyberSaint . Visit https://securityweekly.com/cybersaint to learn more about them! In the leadership and communications section, Building an Effective Information Security Strategy, What Makes a Company Great at Producing Leaders?, 80 Fun Meeting Icebreakers Your Team Will Love, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/bsw-332

Cyber has been an historically hermetic practice. A dark art. Full of mysteries and presided over by magicians both good and bad. This is a bit of an exaggeration, yet there is some truth to it. Many in our industry knew that the SEC was evaluating the role that cyber risk management and incident disclosure plays in the pricing mechanism for an equity. Many of the participants in GRC, IRM, and Cyber Risk anticipated this before the SEC had even proposed such rules. Boards, C-Suites, and Information security teams within publicly traded companies brought it up occasionally in the year preceding its adoption. Lawyers on K Street actively advocated in the press against enacting such rules, and there is still a hearty back and forth concerning the merits of SEC involvement in cyber risk. But more transparency is a very welcome development. For investors, it's essential. Industry veterans say that this development hearkens back to Sarbanes Oxley, which had very big implications for Governance, Risk, and Compliance. This is likely cyber risk's SOX moment, and the drop date is December 15th of this year on all 10-K filings. The SEC will not look kindly upon boilerplate disclosures, particularly if a cyber attack with significant losses occurs. So where do you start? This segment is sponsored by CyberSaint . Visit https://securityweekly.com/cybersaint to learn more about them! Show Notes: https://securityweekly.com/bsw-332

Cyber has been an historically hermetic practice. A dark art. Full of mysteries and presided over by magicians both good and bad. This is a bit of an exaggeration, yet there is some truth to it. Many in our industry knew that the SEC was evaluating the role that cyber risk management and incident disclosure plays in the pricing mechanism for an equity. Many of the participants in GRC, IRM, and Cyber Risk anticipated this before the SEC had even proposed such rules. Boards, C-Suites, and Information security teams within publicly traded companies brought it up occasionally in the year preceding its adoption. Lawyers on K Street actively advocated in the press against enacting such rules, and there is still a hearty back and forth concerning the merits of SEC involvement in cyber risk. But more transparency is a very welcome development. For investors, it's essential. Industry veterans say that this development hearkens back to Sarbanes Oxley, which had very big implications for Governance, Risk, and Compliance. This is likely cyber risk's SOX moment, and the drop date is December 15th of this year on all 10-K filings. The SEC will not look kindly upon boilerplate disclosures, particularly if a cyber attack with significant losses occurs. So where do you start? This segment is sponsored by CyberSaint . Visit https://securityweekly.com/cybersaint to learn more about them! In the leadership and communications section, Building an Effective Information Security Strategy, What Makes a Company Great at Producing Leaders?, 80 Fun Meeting Icebreakers Your Team Will Love, and more! Visit https://www.securityweekly.com/bsw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/bsw-332

Inspired by my co-host, Jason Albuquerque, we get our hands dirty and discuss the challenges of cyber risk management. Why is cyber risk management so elusive and what can we do to solve it? In part 2, we get our hands dirty by walking through ways to quantify cyber risks in business terms. What risks are truly worth mitigating vs. accepting or transferring? And if we do mitigate them, how do we track progress and impact? Show Notes: https://securityweekly.com/bsw-328

Inspired by my co-host, Jason Albuquerque, we get our hands dirty and discuss the challenges of cyber risk management. Why is cyber risk management so elusive and what can we do to solve it? In part 1, we discuss the challenges of cyber risk management and quantification. Do risk scores really work? What do CEOs and Boards really need to understand cyber risks? Show Notes: https://securityweekly.com/bsw-328

The recent report by Mozilla, shedding light on the privacy concerns around modern vehicles, struck a chord. Notably, every car brand reviewed, including behemoths like Ford, Volkswagen, and Toyota, flunked the privacy test. This revelation steered a fascinating conversation with Chris Pierson and Ingrid Gliottone from BlackCloak during a brand story recording for the Redefining Society podcast. Our focus veered towards the lurking privacy and security issues tied to the modern, tech-savvy vehicles we so casually entrust with our data.The modern car is no longer just a mode of transport—it's a smart gadget, a data hub on wheels. But as the wheels spin, so does the reel of our personal information, weaving into the vast web of data, ready for harvest by not just the car makers, but a string of 'they' – the infotainment system providers, app developers, network providers, and possibly cyber rogues. The conversation took a deeper dive as Chris, the CEO of BlackCloak, elucidated the firm's mission—shielding corporate executives and key personnel from personal cyber threats that could ricochet back to the corporations.The Mozilla report is an alarm bell, underscoring the high time to separate the wheat from the chaff in terms of what data is essential for functionality and what merely serves as a gold mine for advertisers or a hunting ground for cyber-attackers. This blend of privacy and security, or the lack thereof, is a cocktail we are forced to sip, as Ingrid pointed out the lack of clarity presented to buyers at the point of sale concerning the privacy policies tied to these vehicles.The promise of tech advancements in vehicles is dazzling—better shocks for off-roaders, safety features to prevent accidents during a sudden snooze, and so on. Yet, as Chris highlighted, there's a dark side. Some policies mentioned collecting data about one's sex life and genetic information— a far cry from the basic expectations of privacy.As the conversation with BlackCloak unrolled, the blend of excitement and concern was palpable. The question now is not about halting the march of technology but steering it towards a path where privacy and security are not the passengers but co-drivers.The findings from the Mozilla report and insights from BlackCloak are not just food for thought, but a call to action. It is crucial to reckon with the reality of the modern-day vehicles doubling as data hubs and to steer the conversation towards a road where transparency, consent, and security are the landmarks. I urge you to dive into BlackCloak's offerings to explore how they are redefining the security landscape, ensuring the privacy and security of your personal digital realm, including that computer on wheels parked in your driveway. Visit BlackCloak to discover what they offer in shielding the modern-day knights from the unseen arrows of the digital world.Guests:Chris Pierson, Founder and CEO of BlackCloak [@BlackCloakCyber]On Linkedin | https://www.linkedin.com/in/drchristopherpierson/On Twitter | https://twitter.com/drchrispiersonIngrid Gliottone, Chief Experience Officer of BlackCloak [@BlackCloakCyber]On LinkedIn | https://www.linkedin.com/in/ingridgliottone/ResourcesLearn more about BlackCloak and their offering: https://itspm.ag/itspbcwebAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story

Disclaimer: The views, information, or opinions expressed on this program are solely the views of the individuals involved and by no means represent absolute facts. Opinions expressed by the host and guests can change at any time, and do not represent views of past, present, or future employers.   Guest Bio:  Nicole is the Chief Product Officer at Axio. Nicole has spent her career building awareness around the benefits of usable security and human-centered security as a way to increase company revenue and create a seamless user experience.   Youtube VOD Link: https://youtube.com/live/tFaAB9an47g   Questions and topics: Usable security: is it an oxymoron? What determines if the security is ‘usable' or no? We sacrifice security for a better UX, what can be done to alleviate that? Or is it some sort of sliding scale in “poor UX, amazing security or awesome UX, poor security” Examples of poor UX for ‘people': MFA, and password managers. SEC updates and ‘material events' and how that would affect security, IR, and other company reporting functions. Also, additional documentation (Regulation S-K Item 106) https://www.linkedin.com/posts/nicole-sundin-5225a1149_sec-adopts-rules-on-cybersecurity-risk-management-activity-7090065804083290112-ISD8 Are companies ready to talk about their cybersecurity? Can the SEC say “you're not doing enough?” What is ‘enough'? Are we heading toward yet another audit needed for public companies, similar to SOX? When does an 8-K get publicly disclosed? Materiality is based on a “reasonable investor”? So, you don't need to announce that until you're certain, and it's based on what you can collect? Cyber Risk Management and some good examples of how to set up a proper  cyber risk organization   Additional Links: https://csrc.nist.gov/CSRC/media/Projects/usable-cybersecurity/images-media/Is%20Usable%20Security%20an%20Oxymoron.pdf  http://web.mit.edu/Saltzer/www/publications/protection/Basic.html  https://www.sec.gov/news/press-release/2023-139  https://www.sec.gov/news/statement/munter-statement-assessing-materiality-030922  https://www.pwc.com/us/en/services/consulting/cybersecurity-risk-regulatory/sec-final-cybersecurity-disclosure-rules.html  https://www.nasa.gov/centers/ames/research/technology-onepagers/hc-computing.html  https://securityscorecard.com/blog/what-is-cyber-security-performance-management/  

This episode features Dr. Peter Trim, a Reader in Marketing and Security Management at the University of London's Birkbeck Business School. Dr. Trim has published a dozen books, and his most recent (2023) focuses on Strategic Cyber Security Risk Management. Cybersecurity best practices began in the UK with British Standard 7799, which morphed into ISO 27001/002. Dr. Trim discusses the necessity for a collective approach in cybersecurity and the need to maintain an international perspective. His work endeavors to link cyber risk management theory with practical application through use cases and simulation exercises. We explore the need for improved private sector interaction with academia and the need to integrate cybersecurity risk management content in interdisciplinary curricula.

Guests: Josh Mason, Host of Loops and LifecyclesOn ITSPmagazine