POPULARITY
Identifying and removing barriers to cyber resilienceReducing complexity - consolidating and eliminating legacy systemsBuilding a cyber-resilient organisation - moving from a reactive to a proactive model This episode is hosted by Thom Langford:https://www.linkedin.com/in/jonathanbcraven/Heather Lowrie, Independent Advisor, Earthgard Ltdhttps://www.linkedin.com/in/heather-lowrie/Sasha Henry, Cyber Strategy & Resilience Advisor, Confidentialhttps://www.linkedin.com/in/alexandra-pavelovna-henry-32b98465/James Tucker, Head of CISO, International, Zscalerhttps://www.linkedin.com/in/jamesjtucker/
I podcasten TEKNOLOGIOPTIMISTENE møter du beslutningstakerne for de store IT-investeringene i bransjen, personene som leder de mest fremoverlente IT-selskapene, personene som løser de viktigste samfunnsoppdragene og menneskene i investeringsselskapene som muliggjør rask vekst hos IT-selskapene. Menneskeskapte klimaendringer er vår tids største trussel, og det grønne skiftet er avhengig av teknologioptimister.Målet vårt med podcastserien er å gi beslutningstakerne innenfor IT i energibransjen kunnskap for bedre beslutninger.Medvirkende:Head of Cyber Strategy & Due Diligence, KPMGProgramleder: Chul Christian Aamodt, Teknologioptimist, Europower Hosted on Acast. See acast.com/privacy for more information.
In this episode, they discuss:Building consumer trust in generative AI is essential for its success in health care.Deloitte plays a significant role in the health care sector, serving various stakeholders.A majority of consumers believe generative AI can reduce wait times and costs.Skepticism towards generative AI has increased among consumers over the past year.Distrust in AI tools is linked to concerns about bias and privacy.Health care data is a high-value target for cyber adversaries.Generative AI can enhance the patient-physician relationship if used correctly.Transparency and ethics are crucial in the deployment of generative AI.Healthcare organizations must educate both patients and clinicians about AI.Deloitte assists organizations in navigating the complexities of AI implementation. Learn more about Deloittes research here : Building and maintaining health care consumers' trust in generative AIhttps://www2.deloitte.com/us/en/insights/industry/health-care/consumer-trust-in-health-care-generative-ai.html A little about Jen:Jen Sullivan, Principal, Deloitte & Touche LLP, is a seasoned and innovative cyber strategy leader with 28 years of experience in technology and cybersecurity, with 24 years of deep focus in life sciences and health care. Her technical infrastructure background has expanded throughout her tenure to a range of security areas including cyber strategy, threat detection and response, data protection and privacy, regulatory compliance, and technical resiliency. Jen serves some of the industry's largest and most complex clients and leads Deloitte's Cyber Strategy and Transformation practice. Beyond client service, she has held pivotal leadership roles in talent and business transformation and has a deep passion around health equity. Jen serves on Deloitte's Cyber executive leadership team, is a leader in Women in Cyber and is the Advisory Life Sciences & Health Care Generative AI leader.
In this episode, Cam Whittfield is joined by Carolyn Pugsley, an advisor to boards and a leader in corporate governance advice. Together we continue our discussion with David Thodey. Today, we shift focus to some of the more challenging themes. We talk about the Cyber Strategy and payment of extortion demands. We also ask for David's guidance for directors when dealing with the cyber challenge and ask him whether we are winning the cyber battle. We start this podcast by asking for his observations on the responsibility that educational institutions play in helping with cyber education uplift. Again, David's thoughts are both considered, insightful and practical. Thanks again for listening. This is Cross Examining David Thodey, part 2. Here we go…
A look at the top priorities for CFOs and finance leaders in the coming year — among them, security and privacy of data, financial and strategic planning and analysis, leadership, and enhanced data analytics — reveals a tale of transformation for CFOs whose responsibilities continue to widen.Protiviti recently conducted its latest Global Finance Trends Survey and has detailed the results in our report, TRANSFORM: Assessing CFO and finance leader perspectives and priorities for the coming year.In this podcast, we talk with Protiviti managing directors Chris Wright and Nick Puetz about some of the key findings and trends revealed in the results.Chris is the global leader of Protiviti's Business Performance Improvement solution.Nick leads Protiviti's Cyber Strategy and transformation practice.For more information on Protiviti's latest global finance survey, visit www.protiviti.com/us-en/survey/global-finance-trends-survey.
Guest: Jason Healey, Senior Research Scholar, Cyber Conflict Studies, SIPA at Columbia University [@Columbia]On LinkedIn | https://www.linkedin.com/in/jasonhealey/At BlackHat: https://www.blackhat.com/us-24/briefings/schedule/speakers.html#jason-healey-31682____________________________Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesOpening Remarks:Sean Martin and Marco Ciappelli set the stage with their signature banter, creating an inviting atmosphere for a deep dive into cybersecurity. Marco introduces a philosophical question about measuring success and improvement in the field, leading seamlessly into their conversation with Jason Healey.Meet the Expert:Sean introduces Jason Healey, a senior research scholar at Columbia University and a former military cybersecurity leader with extensive experience, including roles at the Pentagon and the White House. Jason shares his excitement for Black Hat 2024 and the anniversary celebrations of ITSPmagazine, expressing anticipation for the discussions ahead.The Role of Defense in Cybersecurity:Jason previews his journey from military service to academia, posing the critical question, “Is defense winning?” He provides a historical perspective, noting that cybersecurity challenges have been present for decades. Despite significant investments and efforts, attackers often seem to maintain an edge. This preview sets the stage for a deeper exploration of how to measure success in defense, which he plans to address in detail at the conference.Shifting the Balance:Jason highlights the need for a comprehensive framework to evaluate the effectiveness of defense mechanisms. He introduces the concept of metrics like “mean time to detect,” suggesting that these can help gauge progress over time. Jason plans to discuss the importance of understanding system-wide dynamics at Black Hat, emphasizing that cybersecurity is about continual improvement rather than quick fixes.Economic Costs and Broader Impacts:Sean shifts the discussion to the economic aspects of cybersecurity, a topic Jason is set to explore further at the event. Jason notes that while financial implications are substantial, other indicators, such as the frequency of states declaring emergencies due to cyber incidents, provide a broader view of the impact. He underscores the need to address disparities in cybersecurity protection, pointing out that not everyone has access to the same level of defense capabilities.Community and Collaboration:Marco and Jason discuss the importance of community involvement in improving cybersecurity. Jason stresses the value of shared metrics and continuous data analysis, calling for collective efforts to build a robust defense against evolving threats. This theme of collaboration will be a key focus in his upcoming session.Looking Forward:As they wrap up, Sean and Marco express their anticipation for Jason's session at Black Hat 2024. They encourage the audience to join in, engage with the topics discussed, and contribute to the ongoing conversation on cybersecurity.Conclusion:Sean concludes by thanking Jason for his insights and highlighting the importance of the upcoming Black Hat sessions. He invites listeners to follow ITSPmagazine's coverage for more expert discussions and insights into the field of cybersecurity.For more insightful sessions and expert talks on cybersecurity, make sure to follow ITSPmagazine's Black Hat coverage. Stay safe and stay informed!Be sure to follow our Coverage Journey and subscribe to our podcasts!____________________________This Episode's SponsorsLevelBlue: https://itspm.ag/levelblue266f6cCoro: https://itspm.ag/coronet-30deSquareX: https://itspm.ag/sqrx-l91____________________________Follow our Black Hat USA 2024 coverage: https://www.itspmagazine.com/black-hat-usa-2024-hacker-summer-camp-2024-event-coverage-in-las-vegasOn YouTube:
Guest: Jason Healey, Senior Research Scholar, Cyber Conflict Studies, SIPA at Columbia University [@Columbia]On LinkedIn | https://www.linkedin.com/in/jasonhealey/At BlackHat: https://www.blackhat.com/us-24/briefings/schedule/speakers.html#jason-healey-31682____________________________Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesOpening Remarks:Sean Martin and Marco Ciappelli set the stage with their signature banter, creating an inviting atmosphere for a deep dive into cybersecurity. Marco introduces a philosophical question about measuring success and improvement in the field, leading seamlessly into their conversation with Jason Healey.Meet the Expert:Sean introduces Jason Healey, a senior research scholar at Columbia University and a former military cybersecurity leader with extensive experience, including roles at the Pentagon and the White House. Jason shares his excitement for Black Hat 2024 and the anniversary celebrations of ITSPmagazine, expressing anticipation for the discussions ahead.The Role of Defense in Cybersecurity:Jason previews his journey from military service to academia, posing the critical question, “Is defense winning?” He provides a historical perspective, noting that cybersecurity challenges have been present for decades. Despite significant investments and efforts, attackers often seem to maintain an edge. This preview sets the stage for a deeper exploration of how to measure success in defense, which he plans to address in detail at the conference.Shifting the Balance:Jason highlights the need for a comprehensive framework to evaluate the effectiveness of defense mechanisms. He introduces the concept of metrics like “mean time to detect,” suggesting that these can help gauge progress over time. Jason plans to discuss the importance of understanding system-wide dynamics at Black Hat, emphasizing that cybersecurity is about continual improvement rather than quick fixes.Economic Costs and Broader Impacts:Sean shifts the discussion to the economic aspects of cybersecurity, a topic Jason is set to explore further at the event. Jason notes that while financial implications are substantial, other indicators, such as the frequency of states declaring emergencies due to cyber incidents, provide a broader view of the impact. He underscores the need to address disparities in cybersecurity protection, pointing out that not everyone has access to the same level of defense capabilities.Community and Collaboration:Marco and Jason discuss the importance of community involvement in improving cybersecurity. Jason stresses the value of shared metrics and continuous data analysis, calling for collective efforts to build a robust defense against evolving threats. This theme of collaboration will be a key focus in his upcoming session.Looking Forward:As they wrap up, Sean and Marco express their anticipation for Jason's session at Black Hat 2024. They encourage the audience to join in, engage with the topics discussed, and contribute to the ongoing conversation on cybersecurity.Conclusion:Sean concludes by thanking Jason for his insights and highlighting the importance of the upcoming Black Hat sessions. He invites listeners to follow ITSPmagazine's coverage for more expert discussions and insights into the field of cybersecurity.For more insightful sessions and expert talks on cybersecurity, make sure to follow ITSPmagazine's Black Hat coverage. Stay safe and stay informed!Be sure to follow our Coverage Journey and subscribe to our podcasts!____________________________This Episode's SponsorsLevelBlue: https://itspm.ag/levelblue266f6cCoro: https://itspm.ag/coronet-30deSquareX: https://itspm.ag/sqrx-l91____________________________Follow our Black Hat USA 2024 coverage: https://www.itspmagazine.com/black-hat-usa-2024-hacker-summer-camp-2024-event-coverage-in-las-vegasOn YouTube:
After the Supreme Court limited the power of federal agencies to craft regulations, it's likely up to Congress to keep US cybersecurity policy intact. Learn more about your ad choices. Visit podcastchoices.com/adchoices
Recently, British journalist Juliette Foster interviewed Steve for a feature in The European, and today we're listening to that conversation. Steve and Juliette explore a range of topics, including how to get buy-in to your security strategy at all levels of the organization, how much security should cost, navigating the regulatory landscape, and which industries and enterprises Steve believes could be templates for security. Key Takeaways: 1. Good cyber strategy aligns with business strategy, is quantifiable, and involves all employees. 2. Durbin suggests involving security in project planning to avoid retrofitting security measures. 3. Durbin suggests that security teams need to spend more time explaining security implications to business leaders in a way they can understand. 4. Durbin suggests that leaders must create a personal investment in security by providing feedback and justifying costs in a way that resonates with each individual's role and responsibilities. 5. Durbin highlights the evolving regulatory landscape, with a shift from standardization to protectionism and complexity for organizations. 6. Durbin highlights the evolving threat landscape, including malware, ransomware, and phishing attacks. Tune in to hear more about: 1. Aligning cybersecurity strategy with business goals and outcomes (1:36) 2. Cybersecurity strategies, testing, and budgeting (10:42) 3. Regulation complexity and its impact on businesses (18:00) 4. Cybersecurity investment, risk management, and emerging threats (22:44) 5. Evolving cyber threats and the importance of resilience (26:58) Standout Quotes: 1. “What is important for organizations is not to become over fixated on the threats — that's necessary, obviously, to have a good defense — but also to figure out this whole notion of resilience. How quickly could we get our systems back up and running? How quickly could we get our organization functioning again? How are we going to recover our data? Where are we storing it? Those sorts of things.” - Steve Durbin 2. “... the crux of good cyber strategy is having an alignment with a business strategy happening in alignment with what it is that the organization is looking to do on a daily basis, which in the majority of cases is: increase revenue, increase shareholder value, deliver back to employees, customers, and to further the ideals of the organization.” - Steve Durbin 3. “So the role of the security leader in any budget cycle is to try to align whatever spend she or he wishes to have with the future direction of travel of that organization. And if you can start to do that, then the whole conversation becomes very much easier. But I'm not a huge fan of setting fairly random percentages, because I think it sends entirely the wrong message. You run the risk of overspend or underspend. And what you actually want to be doing is spending appropriately to deliver the right level of protection for your critical assets, for your company, for your employees, for your shareholders, so that you can continue to provide a thriving environment.” - Steve Durbin Mentioned in this episode: ISF Analyst Insight Podcast Read the transcript of this episode Subscribe to the ISF Podcast wherever you listen to podcasts Connect with us on LinkedIn and Twitter From the Information Security Forum, the leading authority on cyber, information security, and risk management.
In this episode, we finish our cross examination of Andy Penn, previously CEO of Telstra and more recently the Chair of the Government's Expert Advisory Board . The conversation just gets better... Andy makes some insightful comments about the similarities between our physical world and our digital world, and how this should guide our measure of success. We also take a closer look at the Cyber Strategy, the value in placing responsibility on those best placed to take responsibility, what does "good" look like, the value in managing data holdings, threat sharing / locking, the benefit of transparency and reporting (rather than banning extortion). Andy also makes some incredibly relevant (and sobering) observations on the impact that compute power and quantum computing will have on our security settings (“…a Y2K event when don't know the date…”). Finally, I ask Andy “what makes a great lawyer”? Luckily, we come out of that question relatively unscathed. This is Episode 6 of our podcast series. Cross examining Andy Penn. Here we go… +++ Cyber Risk Survey 2024 now live! Following the success of our inaugural Cyber Risk Survey in 2023, we are once again surveying in-house lawyers to better understand their cyber-related experiences and concerns. This year, our survey is going global! If you are an in-house lawyer in Australia, Asia, the UK, Europe, the Middle East or the US, we would love your insights! Complete our survey here: hsfuk.eu.qualtrics.com/jfe/form/SV_8fdxhAEb0VCmAUS
The Cybercrime Wire, hosted by Scott Schober, provides boardroom and C-suite executives, CIOs, CSOs, CISOs, IT executives and cybersecurity professionals with a breaking news story we're following. If there's a cyberattack, hack, or data breach you should know about, then we're on it. Listen to the podcast daily and hear it every hour on WCYB. The Cybercrime Wire is brought to you Cybercrime Magazine, Page ONE for Cybersecurity at https://cybercrimemagazine.com. • For more breaking news, visit https://cybercrimewire.com
The White House's National Cybersecurity Strategy tasks government agencies, industry and other organizations with guarding against cyber crime across the online environment. For the FBI, the strategy amplified and clarified the Bureau's role across law enforcement efforts. FBI Cyber Deputy Assistant Director Cynthia Kaiser discussed at the RSA Conference in San Francisco how the strategy's agile approach to cybersecurity and how it strengthens defenses. She also discusses how the good guys stay ahead of the bad guys and how partnerships help law enforcement find malicious cyber actors.
Military operations in the physical domains all depend on the cyber domain. To ensure the success of traditional naval capabilities, the Navy and Marine Corps must project power in and through cyberspace while defending their systems and assets from adversary cyber capabilities. The side that most effectively sequences and synchronizes cyber effects will have a decisive advantage. Department of the Navy (DON) Deputy Principal Cyber Advisor Joshua Reiter and CNA's Ariel Michelman-Ribeiro join the show to discuss the DON Cyber Strategy. Guest Biographies Ariel Michelman-Ribeiro is a Principal Research Scientist in the Cyber, IT Systems, and Networks Program and has been with CNA for 13 years. In addition to directing projects, she is also CNA's Cyber Research Coordinator. Joshua Reiter is the Deputy Principal Cyber Advisor (PCA) for the Department of the Navy, In this role, he is responsible for supporting the PCA in advising the Secretary of the Navy, Chief of Naval Operations, and Commandant of the Marine Corps, and implementing the Department of Defense Cyber Strategy within the Department of the Navy. Further Reading Department of the Navy Cyber Strategy
US cybersecurity strategy update on the way US Treasury issues first spyware sanctions UK denies responsibility for ALPHV takedown Thanks to today's episode sponsor, Conveyor Conveyor is the only GPT-powered customer trust portal that automates the entire customer security review process — from sharing your security posture and documents in a single portal to automating security questionnaire responses with 90% accuracy so you can fly through any customer security review in minutes. It might sound like every other compliance software claim out there, but there's a reason our customers have dubbed Conveyor their ‘favorite security tool of the year'. Test our market-leading AI in a free proof of concept at www.conveyor.com
Federal agencies coalesced around a new national vision for cybersecurity over the past year, but continued to grapple with emerging cyber threats. I asked experts in the cyber field, many of them former feds, the following question: What was the biggest development for federal cybersecurity in 2023? The most popular answer far and away was the Biden administration's release of a new national cyber strategy. But regulatory activities, the emergence of artificial intelligence, and some game-changing cyber attacks were also among the most significant developments of the past year. Learn more about your ad choices. Visit megaphone.fm/adchoices
We tend to take the institutions that serve our industry for granted. It almost seems that the hundreds of industry trade and standards bodies have always been there. So that's why this episode is so interesting. Today's guest is working on setting up the world's first cyber loss classificatory body that from 1.1.2024 will serve the UK insurance and reinsurance industry and the wider UK society that it is supporting. We don't do this very often so my chat with James Burns, Head of Cyber Strategy at UK-headquartered cyber and specialist MGA CFC is a unique chance to be in on the ground floor as an industry leader seeks to solve an emerging problem in the risk landscape. The cyber world and its insurers need be able to classify the severity of the systemic loss events that it is facing if they going to be able to continue to grow and fufill the needs of customers and society as a whole. But just how do you go about creating a pan-industry pan-societal body with a mission to work in the best interests of all? James's answers to this question are fascinating. His expertise and gravitas, mixed with optimism and idealism are a highly effective and infectious combination. So if you are feeling jaded and thinking that what insurance does is sometimes a little uninspiring I can highly recommend a listen. This is an Episode to remind you that our industry is absolutely essential for solving some of the biggest problems of our age. LINKS: The Cyber Monitoring Centre doesn't have a website yet But James is happy to be contacted by anyone looking to get involved. Here is a link to a very well-circulated article he posted to LinkedIn. You can connect to him via his profile: https://www.linkedin.com/pulse/solving-systemic-risk-cyber-markets-number-one-priority-james-burns%3FtrackingId=poupsOrSSTOlgB8stV6E4g%253D%253D/?trackingId=poupsOrSSTOlgB8stV6E4g%3D%3Dhttps://www.linkedin.com/pulse/solving-systemic-risk-cyber-markets-number-one-priority-james-burns%3FtrackingId=FADb4wFXTYaPoFKgLIEjHw%253D%253D/?trackingId=FADb4wFXTYaPoFKgLIEjHw%3D%3D We thank our naming sponsor AdvantageGo: https://www.advantagego.com/ We also thank our audio advertiser, Aventum Group Please contact them on: voi@aventumgroup.com
The White House and the Biden administration have issued several cybersecurity modernization initiatives in recent years, from supply chain security to implementing zero trust architecture across the federal government. Federal CISO Chris DeRusha recently delivered the opening keynote address at CyberTalks detailing the latest developments in the White House's push to improve the government's and the nation's cybersecurity — noting that the administration is working on version 2.0 of its National Cybersecurity Strategy implementation plan.
All links and images for this episode can be found on CISO Series. Check out this post for the discussion that is the basis of our conversation on this week's episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Geoff Belknap (@geoffbelknap), CISO, LinkedIn. Joining us is our sponsored guest, Himaja Motheram, Censys. In this episode: How can one create a security program around unknown problems? Don't we know a lot of the things we lack visibility into that can cause security issues? But what about the things you don't even know about in the first place? Will that thing we don't even know to look at, ever cause a security issue? Thanks to our podcast sponsor, Censys Censys is the leading Internet Intelligence Platform for Threat Hunting and Exposure Management. We provide the most comprehensive, accurate, and up-to-date map of the internet, which scans 45x more services than the nearest competitor across the world's largest certificate database (>10B). Learn more at www.censys.com.
The Environmental Protection Agency is honing in on multiple pillars from the National Cybersecurity Strategy to secure critical infrastructure at its water and waste-water operations. The agency deems water security to be national security and is an area that needs critical attention. Efforts are underway to increase cyber awareness in the water sector and ensure systems remain resilient. EPA cybersecurity leaders Douglas Vick and David Travers break down what the threat is to the nation's water systems and how two programs are helping mitigate risks and ensure water services operate without disruption. Additionally, the officials highlight some of the new tools that are helping the agency boost overall cyber resiliency across its workforce.
ISS Corporate Solutions is thrilled to kick off an exciting second season of ESG Unlocked with a conversation top-of-mind for companies as we honor Cybersecurity Awareness Month this October. In this episode, host Pamela Mutumwa welcomes Doug Clare, Head of Cyber Strategy at ISS Corporate Solutions, and Timothy Chan, Senior Manager of Global Procurement Systems and Governance at FICO, to discuss how companies are newly prioritizing TPRM in a rapidly evolving digital corporate landscape. Doug and Tim share insights on how regulatory changes in the U.S. are impacting companies, how the COVID-19 pandemic exposed weaknesses in TPRM practices, and how companies can effectively evaluate their cyber risks – 3rd party and beyond. Host: Pamela Mutumwa Guests: Doug Clare, Timothy Chan
Guests: Matthew Rosenquist, CISO at Eclipz.ioOn LinkedIn | https://www.linkedin.com/in/matthewrosenquist/On Twitter | https://twitter.com/Matt_RosenquistOn Medium | https://matthew-rosenquist.medium.com/Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martin____________________________Host: Marco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli_____________________________This Episode's SponsorsBlackCloak
The Defense Department recently released an unclassified summary of its 2023 cybersecurity strategy. The previously classified document was submitted to Congress in May. The document outlines updates to the department's plan to “operationalize the priorities” in cyberspace. GovCIO Media & Research Managing Editor Ross Gianfortune and Staff Writer/Researcher Anastasia Obis discuss what is inside the plan and what it means for the future of DOD's cyber posture.
This week we talk about how I extract manual-quality wisdom from any text/transcript, what I learn from biographies, 25 lessons in 17 years of infosec, and tons of new tools and projects.
An access broker's phishing facilitates ransomware. 3AM is fallback malware. Cross-site-scripting vulnerabilities are reported in Apache services. US agencies warn organizations to be alert for deepfakes. The US Department of Defense publishes its 2023 Cyber Strategy. Ann Johnson from the Afternoon Cyber Tea podcast speaks with with Jenny Radcliffe about the rise in social engineering. Deepen Desai from Zscaler shares a technical analysis of Bandit Stealer. And a quick reminder: yesterday was Patch Tuesday. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/175 Selected reading. Malware distributor Storm-0324 facilitates ransomware access (Microsoft Security) 3AM: New Ransomware Family Used As Fallback in Failed LockBit Attack (Symantec) Azure HDInsight Riddled With XSS Vulnerabilities via Apache Services (Orca Security) Contextualizing Deepfake Threats to Organizations (US Department of Defense) Bipartisan push to ban deceptive AI-generated ads in US elections (Reuters) DOD Releases 2023 Cyber Strategy Summary (U.S. Department of Defense) New Pentagon cyber strategy: Building new capabilities, expanding allied info-sharing (Breaking Defense) New DOD cyber strategy notes limits of digital deterrence (DefenseScoop) New Pentagon cyber strategy: Building new capabilities, expanding allied info-sharing (Breaking Defense) CISA Releases Three Industrial Control Systems Advisories (Cybersecurity and Infrastructure Security Agency CISA) September 2023 Security Updates (Microsoft Security Response Center) Microsoft Releases September 2023 Updates (Cybersecurity and Infrastructure Security Agency CISA) Zero Day Summer: Microsoft Warns of Fresh New Software Exploits (SecurityWeek) Microsoft Patch Tuesday: Two zero-days addressed in September update (Computing) Adobe Releases Security Updates for Multiple Products (Cybersecurity and Infrastructure Security Agency CISA) Microsoft, Adobe fix zero-days exploited by attackers (CVE-2023-26369, CVE-2023-36761, CVE-2023-36802) (Help Net Security) Adobe fixed actively exploited zero-day in Acrobat and Reader (Security Affairs) Adobe warns of critical Acrobat and Reader zero-day exploited in attacks (BleepingComputer) Apple Releases Security Updates for iOS and macOS (Cybersecurity and Infrastructure Security Agency CISA) SAP Security Patch Day for September 2023 (Onapsis) Google Rushes to Patch Critical Chrome Vulnerability Exploited in the Wild - Update Now (The Hacker News) Critical Google Chrome Zero-Day Bug Exploited in the Wild (Dark Reading) Zero-day affecting Chrome, Firefox and Thunderbird patched (Computer) Learn more about your ad choices. Visit megaphone.fm/adchoices
What's the difference between working in fraud and working in cybersecurity? Nancy Schuehler, Director of Cyber Strategy and Program Execution at Verizon, has worked in both and breaks it down for our listeners.She and Gene also dig into the pros and cons of working for a large enterprise, and of staying with one company for many years. Nancy Schuehler on LinkedIn: https://www.linkedin.com/in/nancy-schuehler-87311610/Verizon cyber recruiting: https://verizon.com/cybersecurity
Three things to know today00:00 New Strategy Takes 'Whole of Society' Approach to Cybersecurity Education and Workforce Development03:39 Managed Services Blend Consulting and Tech Solutions for Business Success05:27 SaaS Alerts Launches 'Fortify' to Streamline Microsoft Security for MSPsAdvertiser: https://twingate.com/podcast/Do you want the show on your podcast app or the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/subscribe/Support the show on Patreon: https://patreon.com/mspradio/Want our stuff? Cool Merch? Wear “Why Do We Care?” - Visit https://mspradio.myspreadshop.comFollow us on:Facebook: https://www.facebook.com/mspradionews/Twitter: https://twitter.com/mspradionews/Instagram: https://www.instagram.com/mspradio/LinkedIn: https://www.linkedin.com/company/28908079/
Podcast: ICS Cyber Talks PodcastEpisode: Cyber Women-1: Tsofit Shachar VP Cyber strategy & BD @Cybecs - Women CISO challenges & create valuePub date: 2023-08-01Nachshon Pincu and Mally Bar host Tsofit Shachar, VP of Cyber Strategy and BizDev at Cybecs Security Solutions, former Global CISO at Elbit Systems, EL AL Airlines, Mekorot, and many other organizations, top Expert for critical infrastructure cyber security. In a conversation about the challenges of women in cyber, life-work balance, OT What are the cyber challenges and create value for internal customers. As one promoting women in Israeli cyberspace, is there a difference between women and men? Why "Women who enter the cyber field make conscious choices about work-life balance." What is the cyber status in 2023? What are CISO challenges in large organizations? Is there a difference between Israel and abroad in the status of the CISO, the organizational culture, and the female aspect? The "new" cyber world versus the old one? Trends in the cyber world in the coming years? OT, What are the cyber challenges, and how do you create value for internal customers? The conceptual shift from traditional cyber to cyber in a business sense? And more... נחשון פינקו ומלי בר מארחים את צופית שחר, סמנכ"לית אסטרטגיית סייבר ופיתוח עסקי בחברת סייבקס פתרונות אבטחה לשעבר סיסו גלובלית בחברת אלביט מערכות, אל על, מקורות וארגונים רבים נוספים. מומחית מובילה לאבטחת סייבר בתשתיות קריטיות. בשיחה על האתגרים של נשים בסייבר, איזון חיים-עבודה, אתגרי ההגנה על מערכות תפעוליות ואיך יוצרים ערך ללקוחות פנימיים כאחת המקדמת נשים במרחב הסייבר הישראלי, האם יש הבדל בין נשים לגברים? מדוע "נשים שנכנסות לתחום הסייבר עושות בחירות מודעות לגבי איזון בין עבודה לחיים". מה מצב הסייבר ב-2023? מהם אתגרי הסיסו בארגונים גדולים האם יש הבדל בין ישראל לחו"ל במעמד הסיסו ובתרבות הארגונית בפן הנשי עולם הסייבר ה"חדש" מול הישן טרנדים בשנים הקרובות בעולמות הסייבר מערכות תפעוליות, מהם אתגרי הסייבר וכיצד יוצרים ערך ללקוחות פנימיים המעבר מסייבר מסורתי לסייבר בראי העסקיThe podcast and artwork embedded on this page are from Nachshon Pincu, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.
The Biden administration is giving agencies marching orders to make its cyber policy goals a reality. The White House on Thursday released an implementation plan for its National Cybersecurity Strategy. The plan outlines 65 high-impact initiatives agencies must meet to stay ahead of emerging threats, and sets a timeline to complete those goals. The plan puts 18 agencies in charge of leading at least one initiative, although much of its goals will require interagency coordination. Acting National Cyber Director Kemba Walden said Thursday that the implementation plan is a “living document” that will be updated annually to reflect the federal government's evolving response to emerging threats. Learn more about your ad choices. Visit megaphone.fm/adchoices
The Cognitive Crucible is a forum that presents different perspectives and emerging thought leadership related to the information environment. The opinions expressed by guests are their own, and do not necessarily reflect the views of or endorsement by the Information Professionals Association. During this episode, Dr. Andy Whiskeyman and Dr. Mike Berger return to the podcast to discuss the importance of adequately resourcing operations in the information environment (OIE) activities. Financial disparities beget capability disparities and ultimately information effects disparities. To solve the problem, Mike Berger recommends leaders start with a mindset shift. Andy Whiskeyman believes that leaders need to modify expectations related to information effects; Andy also believes there's an organizational component to solving the problem. Resources: Cognitive Crucible Podcast Episodes Mentioned #139 Austin Branch and Andy Whiskeyman on Phoenix Challenge London #137 Vic Garcia and Mike Berger on Information Operations and Intelligence #151 Daniel Runde on Chinese Soft Power #150 Jill Goldenziel on China and the Philippines Axis of Disinformation: Propaganda from Iran, Russia, and China on COVID-19 by Andy Whiskeyman and Mike Berger Analogies at War: Korea, Munich, Dien Bien Phu, and the Vietnam Decisions of 1965 by Yuen Foong Khong Link to full show notes and resources https://information-professionals.org/episode/cognitive-crucible-episode-153 Guest Bio: Dr. Andrew Whiskeyman, COL USA(ret.), CHEP is an associate professor at the National Defense University's College of Information and Cyberspace where he teaches and researches on the topics of leadership, disruptive technology, information warfare, deception, and strategic foresight. He is a professor of practice with the University of Maryland (UMD)'s Applied Research Laboratory for Intelligence and Security (ARLIS), where is helps coordinate the Phoenix Challenge Series of international Information conferences. He has lectured internationally on the use of information as an element of power. He is also the CEO and co-founder of JASSA Professional Services, providing expert advice on organizational leadership, strategic foresight, and disruptive innovation. Prior to his retirement from Active Duty, he served as the Chief of the Information Operations Division (J39) within the U.S. Central Command (CENTCOM) Operations Directorate J3 located at Macdill AFB, Florida. His penultimate assignment was as the Chief of Cyber Strategy for the CENTCOM Joint Cyber Center (JCC). COL Whiskeyman served as an active-duty Army officer for over 28 years. His first assignment was to Misawa AB, Japan as an enlisted military intelligence Soldier. He then went to Officer Candidate School (OCS) and commissioned into the basic branch of Air Defense Artillery. In 2007, he transitioned to the Information Operations functional area (FA30). He has deployed five times: Kosovo (KFOR 3B - 2001/02), Afghanistan (3 times - 2004, 2006/07, and 2012/13), and Iraq (2008/09). He also has numerous shorter trips into the Middle East theater of operations including return trips to Iraq and Afghanistan. He is a graduate (and plank owner) of the Marine Corps Expeditionary Warfare School (EWS - 2004), Air Command and Staff College (ACSC - 2011 in residence), and the School of Advanced Air and Space Studies (SAASS XXI - 2012). He is the first Soldier with the Advanced Strategic Planning and Policy Program (ASP3) to earn his PhD (Military Strategy, Air University 2015). In the community, he has been active in Parish ministry for over 15 years, he is a past Grand Knight with the Knights of Columbus, and has started and led multiple Exodus fraternities (in person and virtual) for the past 5 years. He is a co-founder of the Tampa Bay Catholic Business Forum. He has been married for over 28 years and has four children, three dogs, and a turtle. Dr. Mike Berger is Chief of Research for the Information Warfare organizational unit (OU) in Peraton's Cyber Mission Sector. In this capacity, he serves as the lead for analysis and assessments for the Operational Planning, Implementation, and Assessment Services (OPIAS) contract—the largest information warfare support contract in the US Government (USG). Dr. Berger oversees primary source research, personnel, and operational assessments supporting information operations (IO) / irregular warfare (IW) activities across OPIAS's supported Geographic Combatant Commands (GCCs) and USG agencies. Through the course of his work, Dr. Berger has established and successfully managed the most expansive foreign audience opinion research portfolio in the Department of Defense, including over 700,000 survey interviews, 600 focus groups, and 2,000 elite interviews in a variety of sensitive locations across the globe. A central focus of his research includes illuminating the current challenges faced by America and its partners in the information environment. Dr. Berger holds a PhD in International Relations from the University of St. Andrews (Scotland, United Kingdom). He enjoys establishing new research projects, leveraging new technologies to enhance data analysis, and developing operational assessment teams in support of forward deployed warfighters. About: The Information Professionals Association (IPA) is a non-profit organization dedicated to exploring the role of information activities, such as influence and cognitive security, within the national security sector and helping to bridge the divide between operations and research. Its goal is to increase interdisciplinary collaboration between scholars and practitioners and policymakers with an interest in this domain. For more information, please contact us at communications@information-professionals.org. Or, connect directly with The Cognitive Crucible podcast host, John Bicknell, on LinkedIn. Disclosure: As an Amazon Associate, 1) IPA earns from qualifying purchases, 2) IPA gets commissions for purchases made through links in this post.
Grab a cup of coffee and join Mick Baccio and Audra Streetman for another episode of Coffee Talk with SURGe. You can watch the livestream here. The team from Splunk will discuss the latest security news, including: - Volt Typhoon targets US critical infrastructure with living-off-the-land techniques - COSMICENERGY: New OT Malware Possibly Related To Russian Emergency Response Exercises - Real-world experience' informs new Pentagon cyber strategy - Lender OneMain fined $4.25 million for cybersecurity lapses - A.I. Poses ‘Risk of Extinction,' Industry Leaders Warn
From Sourced Network Productions in New York City, “It's 5:05” on Wednesday, May 31st, 2023. This is your host, Mark Miller, sitting in for Pokie Huang.Stories in today's episode come from Edwin Kwan in Sydney, Australia, Katy Craig in San Diego, California, Marcel Brown in St. Louis, Missouri and me, this week calling in from Ann Arbor Michigan.Get the transcript and links to all resources in this episode at 505updates.com.22 Words that should Scare the Crap out of you
In this episode of ESG Unlocked, host Pamela Mutumwa welcomes Doug Clare, Head of Cyber Strategy at ISS Corporate Solutions, and Ori Eisen, a seasoned cybersecurity expert and Founder of Trusona, a company taking a new approach to digital identity. In this conversation, Ori and Doug explore the cyber-related challenges companies currently contend with, including shared accountability within an organization among its leadership and board members, how to effectively analyze and implement a third-party risk management strategy, the impact of upcoming SEC recommendations designed to address corporate cybersecurity risks, and how to handle the shortage of cyber risk professionals today. Host: Pamela MutumwaGuests: Doug Clare and Ori Eisen
This week, our guest Ilona Cohen from HackerOne sits down with Ben to discuss Biden's Cyber Strategy and National Budget allocations for cybersecurity. Ben has the story of a proposed Montana state law to ban the popular social media app TikTok. Dave's got the story of the FTC taking action against an Amazon merchant who is deceiving supplement consumers. While this show covers legal topics, and Ben is a lawyer, the views expressed do not constitute legal advice. For official legal advice on any of the topics we cover, please contact your attorney. Links to stories: Montana Legislature Approves Outright Ban of TikTok FTC fines supplement maker $600,000 for 'review hijacking' Amazon listings Got a question you'd like us to answer on our show? You can send your audio file to caveat@thecyberwire.com. Hope to hear from you.
Danielle Jablanski from Nozomi Networks to joins Dave to discuss one year of Shields Up as it relates to the National Cyber Strategy and one year of the Ukraine conflict. Ben brings us the story of Immigration and Customs Enforcement using its authority to gather data from schools and medical clinics. Dave's got the story of ChatGPT's lies and the Biden administration's possible regulatory reaction. While this show covers legal topics, and Ben is a lawyer, the views expressed do not constitute legal advice. For official legal advice on any of the topics we cover, please contact your attorney. Links to stories: ICE Is Grabbing Data From Schools and Abortion Clinics ChatGPT invented a sexual harassment scandal and named a real law prof as the accused Got a question you'd like us to answer on our show? You can send your audio file to caveat@thecyberwire.com. Hope to hear from you.
In this episode of "CISO Tradecraft," G Mark Hardy discusses how to build an effective cyber strategy that executives will appreciate. He breaks down the four questions (Who, What, Why, and How) that need to be answered to create a successful strategy and emphasizes the importance of understanding how the company makes money and what critical business processes and IT systems support the mission. Later in the episode, Branden Newman shares his career path to becoming a CISO and his approach to building an effective cyber strategy. Newman stresses the importance of communication skills and the ability to influence people as the most critical skills for a CISO. He also shares his advice on how to effectively influence executives as a CISO. Full Transcripts - https://docs.google.com/document/d/1nFxpOxVl6spkK-Y8GLU5q2f6R_4VD-a2 Chapters 00:00 Introduction 01:06 The Four Questions (Who, What, Why, and How) 08:11 Building an accepted cyber strategy 09:19 Importance of communication skills for a CISO 10:19 Understanding financial statements 12:47 Following the money 14:09 Reputation and cybersecurity 15:24 Getting executive buy-in into cybersecurity 15:57 Building Trust with Executives 16:45 Security Enables New Elements of Business 17:13 Why Cybersecurity Gets Ignored 20:07 Framing Cybersecurity as a Competitive Advantage 21:19 Mistakes CISOs Make When Communicating with Executives 22:54 Telling Stories to Communicate with Executives 24:09 Using Business Cases and Examples 27:28 The Importance of Listening to the Executives 29:31 Making Informed Risk-Based Decisions 30:54 Building Trust and Champions 32:55 Building a Network of Trust 35:13 Being Pragmatic
In this week's episode of the Business of Infosec Podcast, our host Michelle Ribeiro is joined by Faizal Janif, Executive Advisory Board Member for the Australian Information Security Association, and Advisory Board Member from Corinium APAC CISO Advisory Board. Together they walk through Faizal's journey into cyber and his vast experience planning and executing cyber strategy. In the discussion this week: The risks and implications of the tick box exercises for CISOs and the organisation How well do executives understand the effectiveness of their cyber tools – are they implementing it effectively? How to get out of the “should be alright” attitude and invest in adopting a proactive – as opposed to reactive – approach Getting an in-depth understanding of your business and your people and adopting an appropriate level of cyber investment for your organisation How will the next-gen workforce want to operate and how companies and cybersecurity will have to adapt to the employee of the future
In this episode of InTechnology, Camille and Tom get into the future of cybersecurity with Moty Kanias, Vice President of Cyber Strategy and Alliances at NanoLock. They talk about vulnerabilities in legacy software and hardware, cyber attacks as both cybercrime and cyber war, and how zero trust policies can deter insider threats. The views and opinions expressed are those of the guests and author and do not necessarily reflect the official policy or position of Intel Corporation.
The Question of the Week- How worried should I be about my “personal/“home life” data/pictures/internet searches when I enroll in my employer's “Bring Your Own Device” mobile phone policy? The Big Stories: Biden Administration National Cyber Strategy National Cyber Security Across Multiple Agencies Big Tech Must Be Secure SEC Proposes new Cyber Rules LastPass Employee Did Not Update PC & Lead to Massive Hack
On this week's Cyber Report, sponsored by Fortress Information Security, JC Vega, a retired US Army colonel who confounded the Army Cyber Institute, discusses the Biden administration's National Cyber Strategy, investing for success, how to improve public l-private partnerships, accelerating government change through smarter incentives, harnessing technology to simplify security and ease personnel demands, and creating national cyber-mindedness with Defense & Aerospace Report Editor Vago Muradian.
Link to Blog Post This week's Cyber Security Headlines - Week in Review, February 27-March 3, is hosted by Rich Stroffolino with our guest, Nick Vigier, CISO, Talend Thanks to our show sponsor, Conveyor Just because your security questionnaire is from the stone age, doesn't mean you have to answer it with cave-era tools. At Conveyor, we implemented GPT-3 into our first-of-its-kind questionnaire eliminator so teams of all sizes can blast through questionnaires faster than you can say “prehistoric”. Go beyond re-writing mediocre matches, to getting your questionnaire auto-filled with the exact answers customers need. Join the top SaaS companies in the GPT-3 powered future by using Conveyor. Learn more at conveyor.com. All links and the video of this episode can be found on CISO Series.com
A new report finds China overtaking the U.S. in key technology research. And Salesforce shares surge in late trading as the software maker forecasts rising profitability. Luke Vargas hosts. Learn more about your ad choices. Visit megaphone.fm/adchoices
The Biden Administration is rolling out its long-awaited national cybersecurity strategy. CyberScoop Senior Editor Elias Groll joins the podcast to discuss his three biggest takeaways from the new White House initiative. At last week's Zero Trust Summit, Donald Coulter, senior science advisor for cybersecurity and zero trust in the office of the undersecretary in the Department of Homeland Security's Science and Technology Directorate, and Terry Halvorsen, vice president of client development for U.S. Federal Market at IBM and former Chief Information Officer at the Department of Defense, discuss zero trust adoption across government. The Department of Justice is moving along on its Information Technology Strategic Plan. The plan for fiscal years 2022 through 2024 lays out five goals. One of those goals is elevating cybersecurity and implementing zero trust principles. Also Zero Trust Summit, Department of Justice CIO Melinda Rogers explains the cyber landscape her agency is following. The Daily Scoop Podcast is available every Tuesday and Thursday afternoon. If you want to hear more of the latest from Washington, subscribe to The Daily Scoop Podcast on Apple Podcasts, Google Podcasts, Spotify and Stitcher. And if you like what you hear, please let us know in the comments.
Three things to know today New National Cyber Strategy Released, Declares Ransomware a Threat to National Security and Looks to Shift Liability RSPA Retail IT Channel KPI Study 2023 Reveals Record-High Transition to as-a-Service AND US Economy: Inflation Stays High, Recession Needed for Target, Tech Wages Drop This is the Business of Tech. Advertiser: Do you want the show on your podcast app or the written versions of the stories? Subscribe to the Business of Tech: https://www.businessof.tech/subscribe/ Support the show on Patreon: https://patreon.com/mspradio/ Want our stuff? Cool Merch? Wear “Why Do We Care?” - Visit https://mspradio.myspreadshop.com Follow us on: Facebook: https://www.facebook.com/mspradionews/ Twitter: https://twitter.com/mspradionews/ Instagram: https://www.instagram.com/mspradio/ LinkedIn: https://www.linkedin.com/company/28908079/
On this week's Cyber Report, sponsored by Fortress Information Security, Mark Montgomery, a retired US Navy rear admiral who is now the senior director of the Center on Cyber and Technology Innovation at the Foundation for the Defense of Democracies and the executive director of the Cyber Solarium 2.0 project, discusses the Biden administration's upcoming National Cyber Strategy, how to better secure the cloud, cyber elements of the Biden administration's March 8 budget request, cyber lessons from Russia and whether deterrence and defending forward are working, CISA Director Jen Easterly's warning that China would mount cyber attacks against the United States in the wake of a Taiwan crisis, and our producer Chris Servello, a founder of Provision Advisors public relations firm (and Defense and Aerospace team member) joins to discuss takeaways from the inaugural prime-time hearing of the House Select Committee on China with Defense & Aerospace Report Editor Vago Muradian.
Nikki: I saw you recently did a Cyber Jeopardy Panel at the American Bar Association about cybersecurity and cyber law - can you talk a little bit about the intersection of cybersecurity and law?Chris: Continuing on that thread a little more, and you and I have chatted about this, what are some of the dichotomies or challenges of Cybersecurity in a democratic society versus say an authoritative regime or nation?Chris: I know you have a background with the DoJ and U.S. Attorney's office, are there some challenges with say cyber investigations in the U.S. due to some of our protections for individual freedom, privacy and so on? Nikki: It seems like we're seeing more and more organizations seeing the need for both mature cybersecurity programs and cyber law programs - but I haven't seen a ton of these groups working closely together. How can we build both programs in combination?Chris: It seems like every day we are seeing headlines about catastrophic cyber incidents. Are there any historical parallels to what we are dealing with today? Do you think we'll ever get out of it? Nikki: What do you think major attacks like ransomware in healthcare and even in local and state governments and school are doing to shape cyber legislation?Nikki: If you could give one message to the American people about how we will address this challenge, what would it be?Chris: I would be remiss if I let you off the show without trying to dig into the forthcoming National Cyber Strategy with you. With the extent of what you're able to share, there's been a lot of buzz and rumors about an increased call for regulation, do you have any thoughts on that front?Chris: Many have said that Cybersecurity is a market failure and that it will require government intervention and regulatory measures to change things and have cybersecurity be taken more seriously by businesses and organizations. How do we balance that need for truly addressing cybersecurity risk without at the same time stifling innovation and our free market society? Nikki: Do you see more legislation potentially coming in the future around security governance and compliance?Nikki: I'm very fascinated by cybersecurity and law terminology - do you think there's some room for us to find a common thread between both disciplines to help people like me understand law terminology and language better?
Subscribe to the IWI monthly newsletter by going to www.irregularwarfare.org! This episode explores the concepts of zero trust and persistence theory within the cyber domain and features a conversation with two guests: Mr. David McKeown serves as the acting DoD principal deputy chief information officer and Dr. Richard J. Harknett is professor and director of the School of Public and International Affairs and chair of the Center for Cyber Strategy and Policy at the University of Cincinnati. In the discussion, they first define these two concepts—zero trust and persistance theory—before highlighting how they complement each other in practice. They continue by explaining the importance of seizing and maintaining the initiative in the cyber domain and how it would be more helpful to shift to a mindset of persistent campaigns and away from the idea of isolated cyberattacks. They conclude with thoughts on the implications for future cyber strategies. Intro music: "Unsilenced" by Ketsa Outro music: "Launch" by Ketsa CC BY-NC-ND 4.0
As we break to observe the Juneteenth holiday, our team thought you might like to try a sample of a CyberWire Pro podcast called Interview Selects. These podcasts are a series of extended interviews, exclusives, and a curated selection of our most engaging and informative interviews over the years, featuring cyber security professionals, journalists, authors and industry insiders. In this extended interview, Dave Bittner speaks with FBI Cyber Section Chief David Ring at RSAC discussing FBI cyber strategy/role in the cyber ecosystem and private sector engagement. Like what you hear? Consider subscribing to CyberWire Pro for $99/year. Learn more.
In this CyberWire-X episode, host Dave Bittner chats with the judges of the Insider Risk Excellence Awards. The inaugural awards program, announced during last September's Insider Risk Summit, recognizes the best of the best in Insider Risk Management. They honor the work of individuals and organizations as they address Insider Risk in the most collaborative work environment we've ever seen. Judges Joe Payne, President and CEO, Code42 and Chairman, Insider Risk Summit and Wendy Overton, Director of Cyber Strategy and Insider Risk Leader, Optiv, talk about the growing Insider Risk problem, reveal the winners of each award category and pull back the curtain on how each of these Insider Risk trailblazers are making an impact.