Podcasts about cybersecuritythe

In this episode, we're joined by Susan Crowe—a Navy veteran turned cybersecurity expert—who shares her unique journey from military service to the frontlines of digital defense. Susan opens up about what drew her into the world of cybersecurity, how her military experience shaped her approach to threat management, and what it's like navigating a male-dominated industry as a woman in tech.We also dive into the latest developments in the threat landscape, including the evolving tactics of cybercriminals and what organizations should be doing now to stay ahead. Susan brings a no-nonsense, mission-driven perspective that makes this a must-listen for anyone in—or curious about—the world of cybersecurity.Topics Include:How military service prepared her for a career in cybersecurityThe challenges and wins of being a woman in a male-dominated fieldThe most pressing and emerging cyber threats todayAdvice for those breaking into the industry—and those leading itIf you're interested in cybersecurity, career transformation, or real-world threat intelligence, you won't want to miss this conversation

In this episode of The New CISO, host Steve Moore speaks with Ben, Director of Group Security and Architecture at Bilfinger, about the role of self-awareness, confidence, and communication in effective cybersecurity leadership.Ben shares his unconventional path to becoming a CISO, how he applies the “done is better than perfect” philosophy, and why embracing vulnerability, curiosity, and creativity is key to building strong teams. From baking sourdough to producing his own podcast, Ben highlights how personal passions can shape professional growth.Key Topics Covered:Why done is better than perfect can be a strength—not a flaw—in cybersecurityThe surprising connection between baking sourdough and fostering security cultureHow Ben's podcast, Infosec Theater, educates non-technical audiences using humor and storytellingThe creative interview question he uses to gauge mindset: “If cybersecurity were an animal, what would it be?”Why hiring for attitude and resilience beats hiring for experience aloneHow podcasting sharpened his ability to listen, simplify, and leadBen also emphasizes the importance of recognizing your own strengths and surrounding yourself with people who balance them out. His perspective offers actionable takeaways for CISOs and security professionals seeking to grow into thoughtful, human-centered leaders.

Welcome back to The Cyber Revolution Podcast!This week on The Cyber Revolution Podcast, Adam Hewitt, CEO of Cyber Revolution, is joined by Caleb, a former student who successfully transitioned from window fabrication to cybersecurity.Caleb shares his journey from spending seven years in window fabrication to landing his dream role as a Level 1 SOC Analyst at Triskel Labs. He discusses the challenges of changing careers, the intense training process, and how his previous leadership experience has helped him adapt to his new role in a 24/7 Security Operations Center.If you're considering a career change into cybersecurity without a traditional IT background, Caleb's story provides valuable insights and encouragement for your journey.What You'll Learn:Why Caleb decided to leave the window fabrication industry after seven years to pursue a career in cybersecurityThe day-to-day responsibilities of a SOC Analyst and what the first month of training looks likeHow shift work operates in a 24/7 Security Operations Center (morning, afternoon, and night shifts)Why Caleb chose Cyber Revolution's program over traditional university pathwaysHow transferable skills from previous careers can be valuable in cybersecurity rolesThe importance of industry certifications as "tickets to the interview" that demonstrate commitmentThe value of self-paced learning for career changers who are working full-timeHow to overcome exam anxiety when pursuing cybersecurity certificationsCaleb's experience demonstrates that with determination and the right training, you can successfully transition into cybersecurity without a traditional IT background or university degree.Chapters:00:00 - Welcome to the Cyber Revolution Podcast02:15 - From Window Fabrication to Cybersecurity05:03 - Finding Motivation for Career Change07:20 - Landing a SOC Analyst Position10:05 - Daily Life in Security Operations12:48 - Navigating Shift Work in Cybersecurity15:26 - Career Goals and Technical Pathways17:11 - Why Choose Self-Paced Cyber Training19:18 - Overcoming Exam Nervousness20:35 - Final Thoughts and Future OutlookConnect with Adam:Website: ⁠⁠⁠⁠https://cyberrevolution.com.au⁠⁠⁠⁠Follow us on Facebook: https://www.facebook.com/cyberrevolutionaus⁠⁠⁠⁠Subscribe to our YouTube channel: ⁠⁠⁠⁠https://www.youtube.com/@cyberrevolutionaus⁠⁠⁠⁠Follow us on Instagram: ⁠⁠⁠⁠https://www.instagram.com/cybrevolution_aus/

Welcome back to The Cyber Revolution Podcast!This week on The Cyber Revolution Podcast, Adam Hewitt, CEO of Cyber Revolution, is joined by Akhil George, a former warehouse worker who successfully transitioned into cybersecurity.Akhil shares his inspiring journey from working in a warehouse to landing his first role as an Information Security Consultant, focusing on Governance, Risk, and Compliance (GRC). With a small IT background from his time in India, Akhil explains how he recognized security vulnerabilities in his warehouse workplace and developed a passion for contributing to the cybersecurity industry.If you're considering a career change into cybersecurity, Akhil's story provides valuable insights and encouragement for those looking to make the leap into this rapidly growing field.What you'll learn:Akhil's motivation for transitioning from warehouse work to cybersecurityThe reality of working in GRC (Governance, Risk & Compliance) as a non-technical cybersecurity roleHow hands-on lab experience through Cyber Revolution translated to real-world skillsThe emotional journey of career transition (60% nervous, 40% excited!)The importance of continuous learning in cybersecurity and how employers support new professionalsThe job satisfaction difference between warehouse work and solving complex cybersecurity challengesWhy Australia desperately needs more cybersecurity professionals and the opportunity this presentsNetworking is crucial - Connect with industry professionals through LinkedIn, events, and training programsGet hands-on experience - Practice through virtual labs and keep upgrading your skillsFocus on your interests - You don't need to be an expert in everything; find what you enjoy and specializePut in the effort - The path is straightforward if you're willing to do the work and stay consistentEmbrace the learning journey - The industry rewards those who continuously upskill and adaptChapters:00:00 - Introduction to Cyber Revolution Podcast02:30 - From Warehouse to Cybersecurity05:12 - The Importance of Cybersecurity Today07:45 - What Attracted Akhil to Cybersecurity10:22 - Landing a GRC Security Consultant Role13:40 - The Joy of Career Transition16:05 - Warehouse Work vs. Cybersecurity Challenges18:48 - The Cybersecurity Skills Shortage21:27 - Workplace Support for New Professionals24:16 - The Rewarding Nature of Cybersecurity25:30 - Highlights from Cyber Revolution Training28:10 - Overcoming Career Change Nervousness29:35 - Top Tips for Breaking into CybersecurityConnect with Adam:Website: ⁠⁠https://cyberrevolution.com.au⁠⁠⁠⁠Follow us on Facebook: ⁠⁠⁠⁠https://www.facebook.com/cyberrevolutionaus⁠⁠⁠⁠Subscribe to our YouTube channel: ⁠⁠⁠⁠https://www.youtube.com/@cyberrevolutionaus⁠⁠⁠⁠Follow us on Instagram: ⁠⁠⁠⁠https://www.instagram.com/cybrevolution_aus/

In this episode, we sit down with Varun Badhwar, Founder and CEO of Endor Labs, to discuss the state of AI for AppSec and move beyond the buzzwords. We discussed the rapid adoption of AI-driven development, its implications for AppSec, and how AppSec can leverage AI to address longstanding challenges and mitigate organizational risks at scale.Varun and I dove into a lot of great topics, such as:The rise of GenAI and LLMs and their broad implications on CybersecurityThe dominant use case of AI-driven development with Copilots and LLM written code, leading to a Developer productivity boost. AppSec has struggled to keep up historically, with vulnerability backlogs getting out of control. What will the future look like now?Studies show that AI-driven development and Copilots don't inherently produce secure code, and frontier models are primarily trained on open source software, which has vulnerabilities and other risks. What are the implications of this for AppSec?How can AppSec and Cyber leverage AI and agentic workflows to address systemic security challenges? Developers and attackers are both early adopters of this technology.Navigating vulnerability prioritization, dealing with insecure design decisions and addressing factors such as transitive dependencies.The importance of integrating with developer workflows, reducing cognitive disruption and avoiding imposing a “Developer Tax” with legacy processes and tooling from security.

In this episode of Resilient Cyber, we sit down with Steve Martano, Partner in the cyber Security Practice at Artico Search, to discuss the recent IANS & Artico Search Publications on the 2025 State of the CISO, security budgets, and broader security career dynamics.Steve and I touched on some great topics, including:The 2025 State of the CISO report and key findingsBoard reporting cadences for CISO's and the importance of Boardroom involvement in CybersecurityThe three archetypes of CISO's: Tactical, Functional and StrategicHow security leaders can advance their career to becoming strategic CISO's as well as key considerations for organziation's looking to attract and retain their security talentThe growing scope of responsibility for CISO roles from not just Infosec but to broader IT, business risk, and digital strategy and implications for CISO'sSecurity budget trends, spending, macroeconomic factors and allocationsHere are a list of some of the great resources from IANS and Artico below on various areas of interest for CISO's and Security leaders alike!https://www.iansresearch.com/resources/ians-security-budget-benchmark-reporthttps://www.iansresearch.com/resources/ians-ciso-compensation-benchmark-reporthttps://www.iansresearch.com/resources/ians-state-of-the-ciso-reporthttps://www.iansresearch.com/resources/ians-leadership-organization-benchmark-report

Are you feeling stuck in your career and wondering if it's too late to make a change? In this inspiring episode, Privacy Pros Academy mentee Hiten Dani shares his journey from facing a major health crisis and career setback to building a thriving career in privacy. Learn how he overcame self-doubt, rebuilt his confidence, and gained multiple job offers.Hiten reveals:Why he chose to pivot into privacy after 20+ years in cybersecurityThe mindset shifts and practical strategies that made his transformation possibleThe power of mentorship and hands-on training to accelerate success in privacyHow he regained his identity and became a trusted expertIf you've ever thought a career pivot was beyond reach, this episode will show you how to turn challenges into opportunities. Join host Jamal Ahmed, global privacy expert and founder of the Privacy Pros Academy, for actionable insights to help you start or advance your career in privacy.

Guest: Joseph Carson, Chief Security Scientist (CSS) & Advisory CISO, DelineaOn LinkedIn | https://www.linkedin.com/in/josephcarson/Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast & Audio Signals PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesAt AISA Cyber Con 2024, amidst the bustling energy of Melbourne, the conversation between Sean Martin, Marco Ciappelli, and Joseph Carson provided a unique perspective on cybersecurity challenges and insights. The setting wasn't just a backdrop—it was a canvas where shared experiences and professional journeys painted a vivid picture of evolving cyber threats and collaborative defense strategies.The Dynamics of EngagementThe dialogue kicked off with a casual and candid exchange, where the speakers reflected on the nuances of attending conferences—long walks between sessions, weather swings, and the unexpected yet pleasant surprise of encountering familiar faces. Marco and Sean seamlessly blended humor and camaraderie into their conversation, making the technical discussion both engaging and relatable.Insights on Ransomware RealitiesJoseph Carson shared a deeply technical yet accessible walkthrough of ransomware attacks. He explained his approach to recreating real-world scenarios to educate organizations on vulnerabilities and lessons learned. He highlighted that while AI garners much attention, attackers often rely on basic techniques that remain effective. His revelation that many victims still struggle with simple misconfigurations and weak credential management served as a stark reminder of cybersecurity's foundational importance.The audience's reaction underscored the relevance of these insights. Many attendees, identifying parallels with their organizational experiences, approached Carson afterward to share stories or seek advice. This interactive exchange emphasized the importance of open dialogue and proactive learning in addressing cyber threats.Ethical and Strategic Considerations in CybersecurityThe discussion also touched on the ethical dilemmas surrounding ransomware payments. Carson recounted incidents where organizations faced the difficult decision to pay ransoms to save critical operations. His narrative of assisting a cancer research organization emphasized that these decisions are fundamentally business-driven, balancing continuity against principles.Sean and Marco expanded on the implications of regulatory frameworks. They debated the effectiveness of Australia's laws permitting ransomware payments under strict disclosure conditions, exploring whether such measures could foster collaboration between government agencies and the private sector or inadvertently sustain the criminals' business model.Global Trends and Local ChallengesThe conversation delved into how sanctions and geopolitics influence cybercrime. Carson explained how ransomware operators adapt their strategies, targeting regions with fewer regulatory constraints or financial barriers. He emphasized the need for global cooperation to create a resilient cybersecurity ecosystem, advocating for shared intelligence and collaborative defense measures.Marco's observations on the societal aspect of cybersecurity resonated strongly. He noted that resilient countries could inadvertently shift the burden of ransomware to less developed regions, highlighting the ethical responsibility to extend cybersecurity efforts globally.Final Thoughts: Building a Safer Digital WorldThe discussion wrapped up with a call for cooperation and proactive measures. Whether through fostering societal awareness or tightening organizational controls, the speakers agreed that tackling cybercrime requires a unified effort. Carson emphasized that sharing knowledge—be it through podcasts, conferences, or direct collaboration—creates a ripple effect of security.This conversation at AISA Cyber Con wasn't just an exchange of ideas but a demonstration of the power of collaboration in combating the ever-evolving challenges of cybersecurity. Through humor, storytelling, and expertise, Sean, Marco, and Carson left their audience not only informed but inspired to act.____________________________This Episode's SponsorsThreatlocker: https://itspm.ag/threatlocker-r974____________________________ResourcesLearn more and catch more stories from Australian Cyber Conference 2024 coverage: https://www.itspmagazine.com/australian-cyber-conference-melbourne-2024-cybersecurity-event-coverage-in-australiaBe sure to share and subscribe!____________________________Catch all of our event coverage: https://www.itspmagazine.com/technology-cybersecurity-society-humanity-conference-and-event-coverageTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastTo see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcastWant to tell your Brand Story Briefing as part of our event coverage?Learn More

Guest: Joseph Carson, Chief Security Scientist (CSS) & Advisory CISO, DelineaOn LinkedIn | https://www.linkedin.com/in/josephcarson/Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast & Audio Signals PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesAt AISA Cyber Con 2024, amidst the bustling energy of Melbourne, the conversation between Sean Martin, Marco Ciappelli, and Joseph Carson provided a unique perspective on cybersecurity challenges and insights. The setting wasn't just a backdrop—it was a canvas where shared experiences and professional journeys painted a vivid picture of evolving cyber threats and collaborative defense strategies.The Dynamics of EngagementThe dialogue kicked off with a casual and candid exchange, where the speakers reflected on the nuances of attending conferences—long walks between sessions, weather swings, and the unexpected yet pleasant surprise of encountering familiar faces. Marco and Sean seamlessly blended humor and camaraderie into their conversation, making the technical discussion both engaging and relatable.Insights on Ransomware RealitiesJoseph Carson shared a deeply technical yet accessible walkthrough of ransomware attacks. He explained his approach to recreating real-world scenarios to educate organizations on vulnerabilities and lessons learned. He highlighted that while AI garners much attention, attackers often rely on basic techniques that remain effective. His revelation that many victims still struggle with simple misconfigurations and weak credential management served as a stark reminder of cybersecurity's foundational importance.The audience's reaction underscored the relevance of these insights. Many attendees, identifying parallels with their organizational experiences, approached Carson afterward to share stories or seek advice. This interactive exchange emphasized the importance of open dialogue and proactive learning in addressing cyber threats.Ethical and Strategic Considerations in CybersecurityThe discussion also touched on the ethical dilemmas surrounding ransomware payments. Carson recounted incidents where organizations faced the difficult decision to pay ransoms to save critical operations. His narrative of assisting a cancer research organization emphasized that these decisions are fundamentally business-driven, balancing continuity against principles.Sean and Marco expanded on the implications of regulatory frameworks. They debated the effectiveness of Australia's laws permitting ransomware payments under strict disclosure conditions, exploring whether such measures could foster collaboration between government agencies and the private sector or inadvertently sustain the criminals' business model.Global Trends and Local ChallengesThe conversation delved into how sanctions and geopolitics influence cybercrime. Carson explained how ransomware operators adapt their strategies, targeting regions with fewer regulatory constraints or financial barriers. He emphasized the need for global cooperation to create a resilient cybersecurity ecosystem, advocating for shared intelligence and collaborative defense measures.Marco's observations on the societal aspect of cybersecurity resonated strongly. He noted that resilient countries could inadvertently shift the burden of ransomware to less developed regions, highlighting the ethical responsibility to extend cybersecurity efforts globally.Final Thoughts: Building a Safer Digital WorldThe discussion wrapped up with a call for cooperation and proactive measures. Whether through fostering societal awareness or tightening organizational controls, the speakers agreed that tackling cybercrime requires a unified effort. Carson emphasized that sharing knowledge—be it through podcasts, conferences, or direct collaboration—creates a ripple effect of security.This conversation at AISA Cyber Con wasn't just an exchange of ideas but a demonstration of the power of collaboration in combating the ever-evolving challenges of cybersecurity. Through humor, storytelling, and expertise, Sean, Marco, and Carson left their audience not only informed but inspired to act.____________________________This Episode's SponsorsThreatlocker: https://itspm.ag/threatlocker-r974____________________________ResourcesLearn more and catch more stories from Australian Cyber Conference 2024 coverage: https://www.itspmagazine.com/australian-cyber-conference-melbourne-2024-cybersecurity-event-coverage-in-australiaBe sure to share and subscribe!____________________________Catch all of our event coverage: https://www.itspmagazine.com/technology-cybersecurity-society-humanity-conference-and-event-coverageTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastTo see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcastWant to tell your Brand Story Briefing as part of our event coverage?Learn More

Guest: Jess Nall, Partner, Defense Against Government Investigations, Baker McKenzie, LLP [@bakermckenzie]On LinkedIn | https://www.linkedin.com/in/jess-nall/____________________________Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesAs the countdown to Black Hat 2024 begins, ITSP Magazine's “Chats On the Road” series kicks off with a compelling pre-event discussion featuring Jess Nall, a partner at Baker McKenzie with over two decades of experience in federal investigations and defending Chief Information Security Officers (CISOs). Hosted by Sean Martin and Marco Ciappelli, the episode blends humor and serious insights to tackle the evolving challenges faced by CISOs today.The Dodgeball Analogy: Setting the StageThe conversation starts on a light-hearted note with a playful dodgeball analogy, a clever metaphor used to illustrate the growing complexities in the cybersecurity landscape. This sets the tone for a deeper exploration of the pressures and responsibilities that modern CISOs face, bridging the gap between legacy technology and contemporary cybersecurity challenges.Legacy Technology vs. Modern CybersecurityDrawing from the dodgeball metaphor, Sean and Marco highlight the burden of legacy technology and its impact on current cybersecurity practices. Jess Nall shares her perspective on how past business operations influence today's cybersecurity strategies, emphasizing the need for CISOs to adapt and innovate continually.ITSP Magazine's Milestone and Black Hat ConnectionsThis episode also marks a celebratory milestone for ITSP Magazine. Sean and Marco reflect on their journey from Los Angeles to Las Vegas, the birthplace of ITSP Magazine, and how their experiences have shaped the publication's mission and growth. As they gear up for Black Hat 2024, they express their excitement about reconnecting with the cybersecurity community and exploring new opportunities for collaboration.Introducing Jess Nall: Expertise and ExperienceJess Nall, a seasoned expert in federal investigations, brings invaluable insights to the discussion. She underscores the severe implications of government scrutiny on CISOs, drawing from high-profile cases like SEC v. SolarWinds and Tim Brown. Jess provides practical advice for CISOs to avoid regulatory pitfalls and highlights the importance of staying vigilant and proactive in their roles.The Internet's Troubled History and Its ImpactMarco steers the conversation towards the Internet's troubled history and its initial lack of security foresight. Jess reflects on how these historical challenges have shaped modern cybersecurity practices, emphasizing the difficulties of keeping up with evolving threats and expanding attack surfaces. She also discusses the controversial strategy of targeting CISOs to influence corporate cybersecurity measures, a practice she staunchly opposes.The Perfect Storm: AI and CybersecurityThe discussion turns to the increasing complexity of cybersecurity in the age of AI. Sean and Jess delve into the pressures CISOs face as they balance the incorporation of AI technologies with maintaining robust cybersecurity measures. Jess describes this scenario as a “perfect storm,” making the role of a CISO more challenging than ever.Regulation and Legislation: A Critical ExaminationMarco raises critical concerns about the reactive nature of current cybersecurity legislation and regulation. Jess discusses how federal agencies often target individuals closest to a cybersecurity breach and outlines the topics she will cover in her upcoming Black Hat presentation. She aims to educate CISOs on preventive measures and strategic responses to navigate these challenges effectively.Looking Ahead: Black Hat 2024As the episode concludes, Sean emphasizes the importance of awareness and proactive measures among CISOs. Marco encourages listeners to attend Jess Nall's presentation at Black Hat 2024 on August 7th at Mandalay Bay in Las Vegas. This critical discussion promises to equip CISOs and their teams with the knowledge and tools to navigate their increasingly scrutinized roles.Stay Tuned with ITSP MagazineSean and Marco remind their audience that this episode is just the beginning of a series of insightful conversations leading up to Black Hat 2024. They invite listeners to stay tuned for more engaging episodes that will continue to explore the dynamic world of cybersecurity.Be sure to follow our Coverage Journey and subscribe to our podcasts!____________________________Follow our Black Hat USA  2024 coverage: https://www.itspmagazine.com/black-hat-usa-2024-hacker-summer-camp-2024-event-coverage-in-las-vegasOn YouTube:

Guest: Jess Nall, Partner, Defense Against Government Investigations, Baker McKenzie, LLP [@bakermckenzie]On LinkedIn | https://www.linkedin.com/in/jess-nall/____________________________Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesAs the countdown to Black Hat 2024 begins, ITSP Magazine's “Chats On the Road” series kicks off with a compelling pre-event discussion featuring Jess Nall, a partner at Baker McKenzie with over two decades of experience in federal investigations and defending Chief Information Security Officers (CISOs). Hosted by Sean Martin and Marco Ciappelli, the episode blends humor and serious insights to tackle the evolving challenges faced by CISOs today.The Dodgeball Analogy: Setting the StageThe conversation starts on a light-hearted note with a playful dodgeball analogy, a clever metaphor used to illustrate the growing complexities in the cybersecurity landscape. This sets the tone for a deeper exploration of the pressures and responsibilities that modern CISOs face, bridging the gap between legacy technology and contemporary cybersecurity challenges.Legacy Technology vs. Modern CybersecurityDrawing from the dodgeball metaphor, Sean and Marco highlight the burden of legacy technology and its impact on current cybersecurity practices. Jess Nall shares her perspective on how past business operations influence today's cybersecurity strategies, emphasizing the need for CISOs to adapt and innovate continually.ITSP Magazine's Milestone and Black Hat ConnectionsThis episode also marks a celebratory milestone for ITSP Magazine. Sean and Marco reflect on their journey from Los Angeles to Las Vegas, the birthplace of ITSP Magazine, and how their experiences have shaped the publication's mission and growth. As they gear up for Black Hat 2024, they express their excitement about reconnecting with the cybersecurity community and exploring new opportunities for collaboration.Introducing Jess Nall: Expertise and ExperienceJess Nall, a seasoned expert in federal investigations, brings invaluable insights to the discussion. She underscores the severe implications of government scrutiny on CISOs, drawing from high-profile cases like SEC v. SolarWinds and Tim Brown. Jess provides practical advice for CISOs to avoid regulatory pitfalls and highlights the importance of staying vigilant and proactive in their roles.The Internet's Troubled History and Its ImpactMarco steers the conversation towards the Internet's troubled history and its initial lack of security foresight. Jess reflects on how these historical challenges have shaped modern cybersecurity practices, emphasizing the difficulties of keeping up with evolving threats and expanding attack surfaces. She also discusses the controversial strategy of targeting CISOs to influence corporate cybersecurity measures, a practice she staunchly opposes.The Perfect Storm: AI and CybersecurityThe discussion turns to the increasing complexity of cybersecurity in the age of AI. Sean and Jess delve into the pressures CISOs face as they balance the incorporation of AI technologies with maintaining robust cybersecurity measures. Jess describes this scenario as a “perfect storm,” making the role of a CISO more challenging than ever.Regulation and Legislation: A Critical ExaminationMarco raises critical concerns about the reactive nature of current cybersecurity legislation and regulation. Jess discusses how federal agencies often target individuals closest to a cybersecurity breach and outlines the topics she will cover in her upcoming Black Hat presentation. She aims to educate CISOs on preventive measures and strategic responses to navigate these challenges effectively.Looking Ahead: Black Hat 2024As the episode concludes, Sean emphasizes the importance of awareness and proactive measures among CISOs. Marco encourages listeners to attend Jess Nall's presentation at Black Hat 2024 on August 7th at Mandalay Bay in Las Vegas. This critical discussion promises to equip CISOs and their teams with the knowledge and tools to navigate their increasingly scrutinized roles.Stay Tuned with ITSP MagazineSean and Marco remind their audience that this episode is just the beginning of a series of insightful conversations leading up to Black Hat 2024. They invite listeners to stay tuned for more engaging episodes that will continue to explore the dynamic world of cybersecurity.Be sure to follow our Coverage Journey and subscribe to our podcasts!____________________________Follow our Black Hat USA  2024 coverage: https://www.itspmagazine.com/black-hat-usa-2024-hacker-summer-camp-2024-event-coverage-in-las-vegasOn YouTube:

Guest: Cassie Crossley, VP, Supply Chain Security, Schneider Electric [@SchneiderElec]On LinkedIn | https://www.linkedin.com/in/cassiecrossley/On Twitter | https://twitter.com/Cassie_CrossleyOn Mastodon | https://mastodon.social/@Cassie_Crossley____________________________Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesThis discussion shed light on various aspects of cybersecurity, technology, and the evolving role of IT professionals in addressing the challenges of the digital age.The conversation kicked off with Sean Martin providing a warm welcome to the audience as he introduced the topic of software supply chain security. Cassie Crossley shared insights from her extensive experience in cybersecurity at Schneider Electric, emphasizing the critical importance of safeguarding product security and supply chain integrity.Embracing Innovation and Resilience in CybersecurityThe discussion dive into the concept of resilience in cybersecurity and the need for proactive risk management strategies. Both speakers emphasized the importance of leveraging AI-driven decision-making processes to enhance efficiency and reduce false positives in security operations. They also highlighted the role of machine learning and behavior analytics in strengthening cybersecurity posture.Bridging the Gap between IT and Business ObjectivesCrossley and Martin discussed the evolving role of IT professionals in bridging the gap between technical cybersecurity measures and broader business objectives. They stressed the significance of aligning cybersecurity initiatives with the overall strategic goals of the organization and fostering communication between C-suite executives and security professionals.Navigating the Complexities of Hardware Development and CybersecurityThe conversation also touched upon the complexities of hardware development and the unique challenges faced in securing chipboards and other hardware components. Crossley highlighted the nuances of cybersecurity in defending against a myriad of potential threats and underscored the need for robust verification processes in hardware security.Empowering Businesses with GRC Controls and Cybersecurity Best PracticesAs the discussion progressed, Crossley shared practical insights from her book on software supply chain security, emphasizing the essential GRC controls and cybersecurity best practices that organizations can implement to enhance their security posture. She highlighted the need for startups and companies to prioritize cybersecurity measures despite budget constraints.Concluding Thoughts and Looking Towards the FutureIn wrapping up the conversation, both speakers expressed optimism about the future of software supply chain security and the potential for innovation in AI-driven cybersecurity technologies. They encouraged businesses to prioritize cybersecurity education, resilience planning, and proactive risk management to stay ahead of emerging threats.The engaging discussion between Cassie Crossley and Sean Martin at RSA Conference 2024 provided valuable insights into the evolving landscape of software supply chain security and the key challenges facing cybersecurity professionals. As organizations navigate the complexities of the digital age, proactive cybersecurity measures and a strategic alignment with business objectives are essential for safeguarding critical assets and maintaining a strong security posture.Be sure to follow our Coverage Journey and subscribe to our podcasts!____________________________Follow our RSA Conference USA 2024 coverage: https://www.itspmagazine.com/rsa-conference-usa-2024-rsac-san-francisco-usa-cybersecurity-event-infosec-conference-coverageOn YouTube:

Guest: Cassie Crossley, VP, Supply Chain Security, Schneider Electric [@SchneiderElec]On LinkedIn | https://www.linkedin.com/in/cassiecrossley/On Twitter | https://twitter.com/Cassie_CrossleyOn Mastodon | https://mastodon.social/@Cassie_Crossley____________________________Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesThis discussion shed light on various aspects of cybersecurity, technology, and the evolving role of IT professionals in addressing the challenges of the digital age.The conversation kicked off with Sean Martin providing a warm welcome to the audience as he introduced the topic of software supply chain security. Cassie Crossley shared insights from her extensive experience in cybersecurity at Schneider Electric, emphasizing the critical importance of safeguarding product security and supply chain integrity.Embracing Innovation and Resilience in CybersecurityThe discussion dive into the concept of resilience in cybersecurity and the need for proactive risk management strategies. Both speakers emphasized the importance of leveraging AI-driven decision-making processes to enhance efficiency and reduce false positives in security operations. They also highlighted the role of machine learning and behavior analytics in strengthening cybersecurity posture.Bridging the Gap between IT and Business ObjectivesCrossley and Martin discussed the evolving role of IT professionals in bridging the gap between technical cybersecurity measures and broader business objectives. They stressed the significance of aligning cybersecurity initiatives with the overall strategic goals of the organization and fostering communication between C-suite executives and security professionals.Navigating the Complexities of Hardware Development and CybersecurityThe conversation also touched upon the complexities of hardware development and the unique challenges faced in securing chipboards and other hardware components. Crossley highlighted the nuances of cybersecurity in defending against a myriad of potential threats and underscored the need for robust verification processes in hardware security.Empowering Businesses with GRC Controls and Cybersecurity Best PracticesAs the discussion progressed, Crossley shared practical insights from her book on software supply chain security, emphasizing the essential GRC controls and cybersecurity best practices that organizations can implement to enhance their security posture. She highlighted the need for startups and companies to prioritize cybersecurity measures despite budget constraints.Concluding Thoughts and Looking Towards the FutureIn wrapping up the conversation, both speakers expressed optimism about the future of software supply chain security and the potential for innovation in AI-driven cybersecurity technologies. They encouraged businesses to prioritize cybersecurity education, resilience planning, and proactive risk management to stay ahead of emerging threats.The engaging discussion between Cassie Crossley and Sean Martin at RSA Conference 2024 provided valuable insights into the evolving landscape of software supply chain security and the key challenges facing cybersecurity professionals. As organizations navigate the complexities of the digital age, proactive cybersecurity measures and a strategic alignment with business objectives are essential for safeguarding critical assets and maintaining a strong security posture.Be sure to follow our Coverage Journey and subscribe to our podcasts!____________________________Follow our RSA Conference USA 2024 coverage: https://www.itspmagazine.com/rsa-conference-usa-2024-rsac-san-francisco-usa-cybersecurity-event-infosec-conference-coverageOn YouTube:

Guest: Christina Stokes, Host, On Cyber & AI Podcast, Founder of Narito CybersecurityOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/christina-stokesOn LinkedIn | https://www.linkedin.com/in/xTinaStokes/____________________________Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesThe Evolution of CybersecurityThe dialogue initiated by Sean, Christina, and Marco shed light on how cybersecurity has matured over the years. From the early days of hacking as a hobby to the current focus on ethical practices, the panelists emphasized the importance of adapting to the changing technological landscape. They discussed how regulations, policies, and laws have played a crucial role in shaping the cybersecurity industry, emphasizing the need for responsible use of technology to prevent it from becoming a monster.AI and Its ImplicationsThe conversation also touched upon the growing role of Artificial Intelligence (AI) in cybersecurity. While AI has brought about advancements in threat detection and response, there are concerns about privacy and data protection. The panelists emphasized the importance of using AI ethically and responsibly to avoid potential risks associated with its misuse.Supply Chain VulnerabilitiesA significant portion of the discussion revolved around supply chain vulnerabilities and the interconnected nature of global industries. The experts highlighted the importance of understanding and securing supply chains, particularly in the context of operational technology and manufacturing processes. They stressed the need for resilience and innovation to address evolving cybersecurity threats.The Human Element in CybersecurityThroughout the conversation, the experts reiterated the significance of human connections and collaborations in the cybersecurity domain. They emphasized the need for organizations to invest in education, training, and building strong relationships within the industry to combat cyber threats effectively. The dialogue underscored the essential role of people in securing digital ecosystems and fostering a culture of cybersecurity awareness.Looking Towards the FutureAs the discussion came to a close, Sean, Christina, and Marco expressed optimism about the future of cybersecurity. They discussed upcoming trends such as Generative AI, AI Bill of Materials, and the continued focus on governance, data security, and AI ethics. The experts highlighted the importance of ongoing conversations, collaborations, and innovation in driving the industry forward.This insightful chat at RSAC 2024 offered valuable perspectives on the current challenges and opportunities in cybersecurity. The experts' nuanced discussions about AI, supply chain vulnerabilities, and human-centric cybersecurity shed light on the complex nature of the digital threat landscape. As we navigate the evolving cybersecurity landscape, collaboration, innovation, and a shared commitment to ethical practices will be key to ensuring a secure digital future.Be sure to follow our Coverage Journey and subscribe to our podcasts!____________________________Follow our RSA Conference USA 2024 coverage: https://www.itspmagazine.com/rsa-conference-usa-2024-rsac-san-francisco-usa-cybersecurity-event-infosec-conference-coverageOn YouTube:

Guest: Christina Stokes, Host, On Cyber & AI Podcast, Founder of Narito CybersecurityOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/christina-stokesOn LinkedIn | https://www.linkedin.com/in/xTinaStokes/____________________________Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesThe Evolution of CybersecurityThe dialogue initiated by Sean, Christina, and Marco shed light on how cybersecurity has matured over the years. From the early days of hacking as a hobby to the current focus on ethical practices, the panelists emphasized the importance of adapting to the changing technological landscape. They discussed how regulations, policies, and laws have played a crucial role in shaping the cybersecurity industry, emphasizing the need for responsible use of technology to prevent it from becoming a monster.AI and Its ImplicationsThe conversation also touched upon the growing role of Artificial Intelligence (AI) in cybersecurity. While AI has brought about advancements in threat detection and response, there are concerns about privacy and data protection. The panelists emphasized the importance of using AI ethically and responsibly to avoid potential risks associated with its misuse.Supply Chain VulnerabilitiesA significant portion of the discussion revolved around supply chain vulnerabilities and the interconnected nature of global industries. The experts highlighted the importance of understanding and securing supply chains, particularly in the context of operational technology and manufacturing processes. They stressed the need for resilience and innovation to address evolving cybersecurity threats.The Human Element in CybersecurityThroughout the conversation, the experts reiterated the significance of human connections and collaborations in the cybersecurity domain. They emphasized the need for organizations to invest in education, training, and building strong relationships within the industry to combat cyber threats effectively. The dialogue underscored the essential role of people in securing digital ecosystems and fostering a culture of cybersecurity awareness.Looking Towards the FutureAs the discussion came to a close, Sean, Christina, and Marco expressed optimism about the future of cybersecurity. They discussed upcoming trends such as Generative AI, AI Bill of Materials, and the continued focus on governance, data security, and AI ethics. The experts highlighted the importance of ongoing conversations, collaborations, and innovation in driving the industry forward.This insightful chat at RSAC 2024 offered valuable perspectives on the current challenges and opportunities in cybersecurity. The experts' nuanced discussions about AI, supply chain vulnerabilities, and human-centric cybersecurity shed light on the complex nature of the digital threat landscape. As we navigate the evolving cybersecurity landscape, collaboration, innovation, and a shared commitment to ethical practices will be key to ensuring a secure digital future.Be sure to follow our Coverage Journey and subscribe to our podcasts!____________________________Follow our RSA Conference USA 2024 coverage: https://www.itspmagazine.com/rsa-conference-usa-2024-rsac-san-francisco-usa-cybersecurity-event-infosec-conference-coverageOn YouTube:

Guest: ✨ Jason Nurse, Reader in Cyber Security, University of Kent, UK [@UniKent]On LinkedIn | https://www.linkedin.com/in/jasonrcnurseOn Twitter | https://twitter.com/jasonnurse____________________________Host: Marco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli_____________________________This Episode's SponsorsBlackCloak

Guests: Jessica Robinson, Executive Officer of PurePoint International [@PurIntl]On LinkedIn | https://www.linkedin.com/in/jessica-a-robinson-she-her-22740311/At RSAC | https://www.rsaconference.com/experts/jessica-robinson____________________________Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesThe RSA Conference 2024 is just around the corner, and our hosts Sean Martin and Marco Ciappelli are gearing up for an insightful and engaging on-location coverage of the event. In this second Chat On The Road to RSA Conference 2024 conversation with cybersecurity expert Jessica Robinson, we got a sneak peek into what to expect from this year's talk she will give during the event.Now You're in Role: The Fearless CISOAs a follow up to the talk last year at RSAC, attendees will learn the top three skills for success for any first time CISOs to advance and grow their cybersecurity program. This talk will be a discussion on what is most important as we start to really think about what is required for success in the CISO role as it directly relates to the success of the cybersecurity program.The stage is set for an enriching dialogue on the nuances of the CISO role, cybersecurity programs, and the evolving landscape of cyber threats. Jessica Robinson, with her wealth of experience and fearless approach to cybersecurity leadership, promises to dive deep into the art of making possibilities a reality in the realm of cybersecurity.Embracing Fear to Unlock PotentialOne of the key themes that emerged from the conversation was the idea of embracing fear to unlock untapped potential. Jessica emphasized the importance of facing challenges head-on, advocating for cybersecurity programs, and pushing boundaries to drive meaningful change within organizations. By transforming fear into a catalyst for growth and innovation, CISOs can navigate the complex cybersecurity landscape with confidence and resilience.The Art of Possibility in CybersecurityThe theme of this year's RSA Conference, "The Art of Possible," resonates deeply with Jessica's approach to cybersecurity leadership. By infusing creativity, strategic thinking, and a proactive mindset into their roles, CISOs can redefine what is achievable in the realm of cybersecurity. The session with Jessica promises to offer valuable insights on how to leverage the art of possibility to advance cybersecurity programs and drive success in an ever-evolving threat landscape.Joining the ConversationAs Sean Martin and Marco Ciappelli gear up for the RSA Conference 2024, they invite cybersecurity enthusiasts, industry experts, and professionals to join them on this enriching journey. The on-location coverage promises to capture the pulse of the conference, featuring engaging conversations, expert insights, and thought-provoking discussions on the future of cybersecurity.With Jessica Robinson's fearless approach to cybersecurity leadership and the insightful conversations lined up for the RSA Conference 2024, this year's event is set to be a landmark gathering for cybersecurity professionals. Stay tuned for more updates, interviews, and coverage as Sean Martin and Marco Ciappelli bring you the latest insights from the forefront of cybersecurity innovation.RSA Conference 2024 promises to be a platform where possibilities converge with reality, fear transforms into opportunity, and cybersecurity leaders pave the way for a secure digital future. Join us on this exciting journey as we explore the art of possibility in cybersecurity with Sean Martin, Marco Ciappelli, and a host of industry experts at RSA Conference 2024.Be sure to follow our Coverage Journey and subscribe to our podcasts!____________________________Follow our RSA Conference USA 2024 coverage: https://www.itspmagazine.com/rsa-conference-usa-2024-rsac-san-francisco-usa-cybersecurity-event-infosec-conference-coverageOn YouTube:

Guests: Jessica Robinson, Executive Officer of PurePoint International [@PurIntl]On LinkedIn | https://www.linkedin.com/in/jessica-a-robinson-she-her-22740311/At RSAC | https://www.rsaconference.com/experts/jessica-robinson____________________________Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesThe RSA Conference 2024 is just around the corner, and our hosts Sean Martin and Marco Ciappelli are gearing up for an insightful and engaging on-location coverage of the event. In this second Chat On The Road to RSA Conference 2024 conversation with cybersecurity expert Jessica Robinson, we got a sneak peek into what to expect from this year's talk she will give during the event.Now You're in Role: The Fearless CISOAs a follow up to the talk last year at RSAC, attendees will learn the top three skills for success for any first time CISOs to advance and grow their cybersecurity program. This talk will be a discussion on what is most important as we start to really think about what is required for success in the CISO role as it directly relates to the success of the cybersecurity program.The stage is set for an enriching dialogue on the nuances of the CISO role, cybersecurity programs, and the evolving landscape of cyber threats. Jessica Robinson, with her wealth of experience and fearless approach to cybersecurity leadership, promises to dive deep into the art of making possibilities a reality in the realm of cybersecurity.Embracing Fear to Unlock PotentialOne of the key themes that emerged from the conversation was the idea of embracing fear to unlock untapped potential. Jessica emphasized the importance of facing challenges head-on, advocating for cybersecurity programs, and pushing boundaries to drive meaningful change within organizations. By transforming fear into a catalyst for growth and innovation, CISOs can navigate the complex cybersecurity landscape with confidence and resilience.The Art of Possibility in CybersecurityThe theme of this year's RSA Conference, "The Art of Possible," resonates deeply with Jessica's approach to cybersecurity leadership. By infusing creativity, strategic thinking, and a proactive mindset into their roles, CISOs can redefine what is achievable in the realm of cybersecurity. The session with Jessica promises to offer valuable insights on how to leverage the art of possibility to advance cybersecurity programs and drive success in an ever-evolving threat landscape.Joining the ConversationAs Sean Martin and Marco Ciappelli gear up for the RSA Conference 2024, they invite cybersecurity enthusiasts, industry experts, and professionals to join them on this enriching journey. The on-location coverage promises to capture the pulse of the conference, featuring engaging conversations, expert insights, and thought-provoking discussions on the future of cybersecurity.With Jessica Robinson's fearless approach to cybersecurity leadership and the insightful conversations lined up for the RSA Conference 2024, this year's event is set to be a landmark gathering for cybersecurity professionals. Stay tuned for more updates, interviews, and coverage as Sean Martin and Marco Ciappelli bring you the latest insights from the forefront of cybersecurity innovation.RSA Conference 2024 promises to be a platform where possibilities converge with reality, fear transforms into opportunity, and cybersecurity leaders pave the way for a secure digital future. Join us on this exciting journey as we explore the art of possibility in cybersecurity with Sean Martin, Marco Ciappelli, and a host of industry experts at RSA Conference 2024.Be sure to follow our Coverage Journey and subscribe to our podcasts!____________________________Follow our RSA Conference USA 2024 coverage: https://www.itspmagazine.com/rsa-conference-usa-2024-rsac-san-francisco-usa-cybersecurity-event-infosec-conference-coverageOn YouTube:

How can high-net-worth individuals protect their digital lives from increasingly sophisticated cyber threats? In this episode, Chris Pierson, a renowned cybersecurity expert, discusses the dynamic and fast-evolving nature of cyber threats, especially against high-net-worth individuals and family offices. They delve into the complexities of digital executive protection, the nuances of cyber risks for corporations versus individuals, and practical steps for enhancing cybersecurity. The conversation illuminates the multi-faceted approach required to safeguard digital assets, highlighting the importance of active defense and the necessity of adapting to the ever-changing cyber landscape.[00:01 - 07:10] The Ever-Changing Cyber Threat LandscapeThe rapid evolution of cyber threats and their impact on families and corporationsThe sophistication of cybercriminals and nation-state actorsThe personal experience of cyber threats by high-profile individuals[07:11 - 14:35] Cybersecurity Dichotomy: Professional vs. PersonalThe disparity between cybersecurity measures in family offices and personal livesThe concept of being a constant target regardless of one's role or positionThe importance of a holistic approach to cybersecurity across all facets of life[14:36 - 21:33] Practical Cyber Defense StrategiesEmphasis on active defense and practical steps to improve cybersecurityThe critical role of education in combating cyber threatsRecommendations for implementing robust cybersecurity measures in daily life[21:34 - 26:32] Balancing Convenience and SecurityThe challenge of reducing friction while maintaining high-security standardsPersonal anecdotes and examples of effective cybersecurity practicesThe relationship between user experience and cybersecurity effectiveness[26:33 - 33:37] Emerging Cybersecurity Trends and Personal InsightsDiscussion on new and not widely reported cybersecurity threatsPersonal routines and practices that contribute to peace of mind in a digital worldThe significance of staying ahead of cyber threats through proactive measuresKey Notes:"Once something is stolen digitally, it's gone forever. That's why protection is so important." - Chris Pierson"The goal is to try to get the individual to move as far as they can into a better place from a cybersecurity and privacy perspective." - Chris PiersonConnect with Chris!Website:https://blackcloak.io/ LinkedIn:https://www.linkedin.com/in/drchristopherpierson/ This episode is sponsored by Mack International, a specialized executive search and human capital consulting firm serving the family office/wealth management markets. Please visit their website here for more information.Connect with me:https://www.linkedin.com/in/brian-c-adams/ (LinkedIn)LIKE, SUBSCRIBE, AND LEAVE US A REVIEW on Apple Podcasts, Spotify, Google Podcasts, or whatever platform you listen on. Thank you for tuning in and Stay Tuned for the Next Episode COMING SOON!Hosted on Acast. See acast.com/privacy for more information. Hosted on Acast. See acast.com/privacy for more information.

Podcast: Process Safety with Trish & Traci (LS 29 · TOP 10% what is this?)Episode: Tipisodes: 7 Steps To Better CybersecurityPub date: 2024-03-19In this episode, we offer 7 steps for better cybersecurity. If you are a process control engineer, an IT professional in a company with an automation division, or a business manager responsible for safety or security, you may be wondering how your organization can get moving on more robust cybersecurity practices. View the transcript for links to all the materials mentioned in this podcast. https://www.chemicalprocessing.com/process-safety-w-trish-traci/article/33038811/tipisodes-7-steps-to-better-cybersecurityThe podcast and artwork embedded on this page are from chemicalprocessingsafety, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: Process Safety with Trish & Traci (LS 28 · TOP 10% what is this?)Episode: Tipisodes: 7 Steps To Better CybersecurityPub date: 2024-03-19In this episode, we offer 7 steps for better cybersecurity. If you are a process control engineer, an IT professional in a company with an automation division, or a business manager responsible for safety or security, you may be wondering how your organization can get moving on more robust cybersecurity practices. View the transcript for links to all the materials mentioned in this podcast. https://www.chemicalprocessing.com/process-safety-w-trish-traci/article/33038811/tipisodes-7-steps-to-better-cybersecurityThe podcast and artwork embedded on this page are from chemicalprocessingsafety, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: (CS)²AI Podcast Show: Control System Cyber SecurityEpisode: 107: Keeping the Lights On: Carlos's Roadmap to Becoming an Energy Cybersecurity ProPub date: 2024-02-06We are thrilled to welcome Juan Carlos Buenano as our distinguished guest for today's episode of the CS2AI podcast! Carlos is the Chief Technology Officer for OT at Armis. He is a born technologist and an engineer by training. Beyond his professional endeavors, he embraces a life filled with adventure, enjoying many outdoor activities, including scuba diving, mountain biking, and exploring the scenic expanses of unspoiled nature. Carlos was born in Venezuela and grew up in a small town outside Caracas. After graduating as an electronic engineer in Venezuela, he traveled to Australia to learn English, fell in love with the country, the lifestyle, and the nature, and has lived there for the last 23 years.Carlos brings a unique perspective to today's show, shaped by his professional and personal experiences. Join us for an engaging discussion as he shares his wealth of experiences and insights and explains how he serves his community.Show Highlights:Carlos shares his journey to becoming an engineer in the energy industryHow his interest in control systems beganCarlos recounts his early cybersecurity experiences in industrial systems during the early 2000sThe importance of keeping operating systems up to date to prevent vulnerabilities and ensure reliabilityWhy it is essential to understand how technology works in both physical security and cybersecurityCarlos discusses the challenges of integrating cybersecurity into process control systemsCarlos offers advice for engineers who want to get into cybersecurityThe importance of mentorship and learning from others in their industryCarlos discusses the weekly open mic Ask Me Anything sessions he does at workLinks and resources:(CS)²AI Derek Harp on LinkedInCarlos Buenano on LinkedInArmisThe podcast and artwork embedded on this page are from Derek Harp, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: (CS)²AI Podcast Show: Control System Cyber SecurityEpisode: 107: Keeping the Lights On: Carlos's Roadmap to Becoming an Energy Cybersecurity ProPub date: 2024-02-06We are thrilled to welcome Juan Carlos Buenano as our distinguished guest for today's episode of the CS2AI podcast! Carlos is the Chief Technology Officer for OT at Armis. He is a born technologist and an engineer by training. Beyond his professional endeavors, he embraces a life filled with adventure, enjoying many outdoor activities, including scuba diving, mountain biking, and exploring the scenic expanses of unspoiled nature. Carlos was born in Venezuela and grew up in a small town outside Caracas. After graduating as an electronic engineer in Venezuela, he traveled to Australia to learn English, fell in love with the country, the lifestyle, and the nature, and has lived there for the last 23 years.Carlos brings a unique perspective to today's show, shaped by his professional and personal experiences. Join us for an engaging discussion as he shares his wealth of experiences and insights and explains how he serves his community.Show Highlights:Carlos shares his journey to becoming an engineer in the energy industryHow his interest in control systems beganCarlos recounts his early cybersecurity experiences in industrial systems during the early 2000sThe importance of keeping operating systems up to date to prevent vulnerabilities and ensure reliabilityWhy it is essential to understand how technology works in both physical security and cybersecurityCarlos discusses the challenges of integrating cybersecurity into process control systemsCarlos offers advice for engineers who want to get into cybersecurityThe importance of mentorship and learning from others in their industryCarlos discusses the weekly open mic Ask Me Anything sessions he does at workLinks and resources:(CS)²AI Derek Harp on LinkedInCarlos Buenano on LinkedInArmisThe podcast and artwork embedded on this page are from Derek Harp, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

We are thrilled to welcome Juan Carlos Buenano as our distinguished guest for today's episode of the CS2AI podcast! Carlos is the Chief Technology Officer for OT at Armis. He is a born technologist and an engineer by training. Beyond his professional endeavors, he embraces a life filled with adventure, enjoying many outdoor activities, including scuba diving, mountain biking, and exploring the scenic expanses of unspoiled nature. Carlos was born in Venezuela and grew up in a small town outside Caracas. After graduating as an electronic engineer in Venezuela, he traveled to Australia to learn English, fell in love with the country, the lifestyle, and the nature, and has lived there for the last 23 years.Carlos brings a unique perspective to today's show, shaped by his professional and personal experiences. Join us for an engaging discussion as he shares his wealth of experiences and insights and explains how he serves his community.Show Highlights:Carlos shares his journey to becoming an engineer in the energy industryHow his interest in control systems beganCarlos recounts his early cybersecurity experiences in industrial systems during the early 2000sThe importance of keeping operating systems up to date to prevent vulnerabilities and ensure reliabilityWhy it is essential to understand how technology works in both physical security and cybersecurityCarlos discusses the challenges of integrating cybersecurity into process control systemsCarlos offers advice for engineers who want to get into cybersecurityThe importance of mentorship and learning from others in their industryCarlos discusses the weekly open mic Ask Me Anything sessions he does at workLinks and resources:(CS)²AI Derek Harp on LinkedInCarlos Buenano on LinkedInArmis

Podcast: (CS)²AI Podcast Show: Control System Cyber SecurityEpisode: 106: Top Gun Meets the Cloud: Ken's Guide to Keeping Your Airplanes (and Data) SafePub date: 2024-02-01We are delighted to have Ken Munro joining us from the UK today! Ken is a Partner and Co-founder of Pen Test Partners. He is a seasoned technologist, the founder of multiple ventures, a pilot, a skier, and a dynamic and adventurous contributor to our community. Ken brings a wealth of experience and expertise that promises to enrich our understanding of the evolving landscape in cybersecurity. In today's discussion, we dive into his remarkable career journey and explore his perspective on OT and ICS-related cybersecurity.Join us for this informative session with Ken as he shares his valuable perspectives.Show Highlights:Ken discusses his cybersecurity industry journeyHow Ken's past Air Force experience relates to his current work in cybersecurityThe benefits of telling a story when communicating complex conceptsKen shares a story to highlight the importance of safety and security within the aviation industryKen talks about the unique systems on board planes and their vulnerabilitiesHow the isolated protocols used in older aircraft systems are more robust and stable than the modern systemsHow even simple display systems can cause airport outagesKen shares his concerns about cybersecurity risks within cloud management platforms for industrial control systemsHow including contractual language for liability in procurement contracts can protect organizations against cybersecurity risksKen shares his thoughts on the future of the cybersecurity industryLinks and resources:(CS)²AI Derek Harp on LinkedInKen Munro on LinkedInPen TestPartnersThe podcast and artwork embedded on this page are from Derek Harp, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: (CS)²AI Podcast Show: Control System Cyber SecurityEpisode: 106: Top Gun Meets the Cloud: Ken's Guide to Keeping Your Airplanes (and Data) SafePub date: 2024-02-01We are delighted to have Ken Munro joining us from the UK today! Ken is a Partner and Co-founder of Pen Test Partners. He is a seasoned technologist, the founder of multiple ventures, a pilot, a skier, and a dynamic and adventurous contributor to our community. Ken brings a wealth of experience and expertise that promises to enrich our understanding of the evolving landscape in cybersecurity. In today's discussion, we dive into his remarkable career journey and explore his perspective on OT and ICS-related cybersecurity.Join us for this informative session with Ken as he shares his valuable perspectives.Show Highlights:Ken discusses his cybersecurity industry journeyHow Ken's past Air Force experience relates to his current work in cybersecurityThe benefits of telling a story when communicating complex conceptsKen shares a story to highlight the importance of safety and security within the aviation industryKen talks about the unique systems on board planes and their vulnerabilitiesHow the isolated protocols used in older aircraft systems are more robust and stable than the modern systemsHow even simple display systems can cause airport outagesKen shares his concerns about cybersecurity risks within cloud management platforms for industrial control systemsHow including contractual language for liability in procurement contracts can protect organizations against cybersecurity risksKen shares his thoughts on the future of the cybersecurity industryLinks and resources:(CS)²AI Derek Harp on LinkedInKen Munro on LinkedInPen TestPartnersThe podcast and artwork embedded on this page are from Derek Harp, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

We are delighted to have Ken Munro joining us from the UK today! Ken is a Partner and Co-founder of Pen Test Partners. He is a seasoned technologist, the founder of multiple ventures, a pilot, a skier, and a dynamic and adventurous contributor to our community. Ken brings a wealth of experience and expertise that promises to enrich our understanding of the evolving landscape in cybersecurity. In today's discussion, we dive into his remarkable career journey and explore his perspective on OT and ICS-related cybersecurity.Join us for this informative session with Ken as he shares his valuable perspectives.Show Highlights:Ken discusses his cybersecurity industry journeyHow Ken's past Air Force experience relates to his current work in cybersecurityThe benefits of telling a story when communicating complex conceptsKen shares a story to highlight the importance of safety and security within the aviation industryKen talks about the unique systems on board planes and their vulnerabilitiesHow the isolated protocols used in older aircraft systems are more robust and stable than the modern systemsHow even simple display systems can cause airport outagesKen shares his concerns about cybersecurity risks within cloud management platforms for industrial control systemsHow including contractual language for liability in procurement contracts can protect organizations against cybersecurity risksKen shares his thoughts on the future of the cybersecurity industryLinks and resources:(CS)²AI Derek Harp on LinkedInKen Munro on LinkedInPen TestPartners

Guest: D. Greg Scott, Principal Technical Account Manager at Red Hat [@RedHat]On Linkedin | https://www.linkedin.com/in/dgregscott/On Twitter | https://twitter.com/DGregScottWebsite | https://www.dgregscott.com/____________________________Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martin____________________________This Episode's SponsorsImperva | https://itspm.ag/imperva277117988Pentera | https://itspm.ag/penteri67a___________________________Episode NotesOn this episode of 'Redefining CyberSecurity,' our host, Sean Martin, engages in an enlightening conversation with IT veteran and author, D. Greg Scott. Greg provides valuable insights from his journey in technology and cybersecurity, revealing how the seemingly innocuous act of not updating systems can lead to substantial financial damage. Using engaging stories that mirror real-world incidents, Greg delves into his novels 'Bullseye Breach' and 'Virus Bomb,' underlining the educational potential of the fiction genre in cybersecurity.Together, they explore how these narratives can play a pivotal role in transforming perspectives about IT and cyber preparedness, emphasizing the urgent transition of viewing IT not only as an expense but a crucial business asset. The profound human and financial costs of failing to prioritize cybersecurity are brought to the fore, serving as a wake-up call for awareness and action. Greg also gives a sneak peek into his upcoming novel 'Trafficking You', yet another compelling narrative marrying the realms of technology and reader-engaging fiction.Tune in for a unique blend of thrilling storytelling and critical cybersecurity learnings.Key Insights:The importance of updating and patching systems in cybersecurityThe role of storytelling in effectively conveying cybersecurity concepts and threatsThe real-world consequences of cybersecurity breaches, including the potential for loss of life___________________________Watch this and other videos on ITSPmagazine's YouTube ChannelRedefining CyberSecurity Podcast with Sean Martin, CISSP playlist:

Guest: D. Greg Scott, Principal Technical Account Manager at Red Hat [@RedHat]On Linkedin | https://www.linkedin.com/in/dgregscott/On Twitter | https://twitter.com/DGregScottWebsite | https://www.dgregscott.com/____________________________Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martin____________________________This Episode's SponsorsImperva | https://itspm.ag/imperva277117988Devo | https://itspm.ag/itspdvweb___________________________Episode NotesOn this episode of 'Redefining CyberSecurity,' our host, Sean Martin, engages in an enlightening conversation with IT veteran and author, D. Greg Scott. Greg provides valuable insights from his journey in technology and cybersecurity, revealing how the seemingly innocuous act of not updating systems can lead to substantial financial damage. Using engaging stories that mirror real-world incidents, Greg delves into his novels 'Bullseye Breach' and 'Virus Bomb,' underlining the educational potential of the fiction genre in cybersecurity.Together, they explore how these narratives can play a pivotal role in transforming perspectives about IT and cyber preparedness, emphasizing the urgent transition of viewing IT not only as an expense but a crucial business asset. The profound human and financial costs of failing to prioritize cybersecurity are brought to the fore, serving as a wake-up call for awareness and action. Greg also gives a sneak peek into his upcoming novel 'Trafficking You', yet another compelling narrative marrying the realms of technology and reader-engaging fiction.Tune in for a unique blend of thrilling storytelling and critical cybersecurity learnings.Key Insights:The importance of updating and patching systems in cybersecurityThe role of storytelling in effectively conveying cybersecurity concepts and threatsThe real-world consequences of cybersecurity breaches, including the potential for loss of life___________________________Watch this and other videos on ITSPmagazine's YouTube ChannelRedefining CyberSecurity Podcast with Sean Martin, CISSP playlist:

Podcast: The PrOTect OT Cybersecurity Podcast (LS 29 · TOP 10% what is this?)Episode: Dan Gunter: Lessons Learned from Real-World Attack on Ukraine's Critical InfrastructurePub date: 2023-12-14About Dan Gunter: Dan Gunter, founder and CEO of Insane Forensics, is a seasoned cybersecurity professional renowned for his extensive expertise in the field. With a background as an officer in the United States Air Force, specifically with the Air Force Computer Emergency Response Team (AFCERT) and operational CYBERCOM teams, Dan has a wealth of experience in protecting critical infrastructure sites. His leadership extends to the private sector, where he served as the Director of Research and Development for Dragos Inc. before founding Insane Forensics. As a prominent speaker at major cybersecurity events, including Black Hat and ShmooCon, Dan shares his insights on incident response, threat hunting, consequence analysis, and security operations. Under his guidance, Insane Forensics provides a cutting-edge cybersecurity automation platform and services, catering to the unique challenges faced by industrial sites with limited cybersecurity resources.In this episode, Aaron and Dan Gunter discuss:Addressing the growing threat of cyber attacks on critical infrastructure, reflecting on Mandiant's report on attacks in UkraineNavigating the complexities, resource limitations, and timely application of threat intelligenceRethinking industrial cybersecurityThe intersection of cybersecurity, AI, and OTKey Takeaways:In the face of escalating cyber threats to critical infrastructure, exemplified by recent attacks like the Ukraine power grid incident, it is evident that a passive approach alone is insufficient; as attackers grow more sophisticated, understanding and actively monitoring both network and host activities become imperative for effective defense strategies.The evolving landscape of OT cybersecurity demands a nuanced approach, addressing the historical lack of understanding, resource constraints, and the critical need for timely threat intelligence application, highlighting the urgency for industry-wide collaboration and the integration of advanced technologies like AI.To navigate the integration of AI and ML in industrial settings, overcoming fear and resistance is key. Scaling incident response, fostering collaboration, and embracing proactive and reactive measures are essential for building a resilient security foundation in critical infrastructure.In the next 5 to 10 years, the increasing scale and sophistication of cyber attacks, especially in critical infrastructure, pose a significant concern, requiring a holistic approach that combines people, processes, and technology to address evolving threats and vulnerabilities, emphasizing the need for proactive design considerations in new environments and fostering collaborative efforts to share knowledge and solutions. "I worry about how we keep up. We're not going to do it by people alone. We won't do it by process or technology alone. It's going to be all three. It's going to be just us being smart about it and being open to the future." — Dan Gunter Connect with Dan Gunter: Website: https://insaneforensics.com/ Email: dan@insaneforensics.comYouTube: https://www.youtube.com/channel/UCSBx8on8ffSm00kqUcTrRPALinkedIn: https://www.linkedin.com/in/dan-gunter/Twitter: https://twitter.com/insaneforensicsConnect with Aaron:LinkedIn: https://www.linkedin.com/in/aaronccrowLearn more about Industrial Defender:Website: https://www.industrialdefender.com/podcast LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/Twitter: https://twitter.com/iDefend_ICSYouTube: https://www.youtube.com/@industrialdefender7120Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it. The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: The PrOTect OT Cybersecurity Podcast (LS 31 · TOP 5% what is this?)Episode: Dan Gunter: Lessons Learned from Real-World Attack on Ukraine's Critical InfrastructurePub date: 2023-12-14About Dan Gunter: Dan Gunter, founder and CEO of Insane Forensics, is a seasoned cybersecurity professional renowned for his extensive expertise in the field. With a background as an officer in the United States Air Force, specifically with the Air Force Computer Emergency Response Team (AFCERT) and operational CYBERCOM teams, Dan has a wealth of experience in protecting critical infrastructure sites. His leadership extends to the private sector, where he served as the Director of Research and Development for Dragos Inc. before founding Insane Forensics. As a prominent speaker at major cybersecurity events, including Black Hat and ShmooCon, Dan shares his insights on incident response, threat hunting, consequence analysis, and security operations. Under his guidance, Insane Forensics provides a cutting-edge cybersecurity automation platform and services, catering to the unique challenges faced by industrial sites with limited cybersecurity resources.In this episode, Aaron and Dan Gunter discuss:Addressing the growing threat of cyber attacks on critical infrastructure, reflecting on Mandiant's report on attacks in UkraineNavigating the complexities, resource limitations, and timely application of threat intelligenceRethinking industrial cybersecurityThe intersection of cybersecurity, AI, and OTKey Takeaways:In the face of escalating cyber threats to critical infrastructure, exemplified by recent attacks like the Ukraine power grid incident, it is evident that a passive approach alone is insufficient; as attackers grow more sophisticated, understanding and actively monitoring both network and host activities become imperative for effective defense strategies.The evolving landscape of OT cybersecurity demands a nuanced approach, addressing the historical lack of understanding, resource constraints, and the critical need for timely threat intelligence application, highlighting the urgency for industry-wide collaboration and the integration of advanced technologies like AI.To navigate the integration of AI and ML in industrial settings, overcoming fear and resistance is key. Scaling incident response, fostering collaboration, and embracing proactive and reactive measures are essential for building a resilient security foundation in critical infrastructure.In the next 5 to 10 years, the increasing scale and sophistication of cyber attacks, especially in critical infrastructure, pose a significant concern, requiring a holistic approach that combines people, processes, and technology to address evolving threats and vulnerabilities, emphasizing the need for proactive design considerations in new environments and fostering collaborative efforts to share knowledge and solutions. "I worry about how we keep up. We're not going to do it by people alone. We won't do it by process or technology alone. It's going to be all three. It's going to be just us being smart about it and being open to the future." — Dan Gunter Connect with Dan Gunter: Website: https://insaneforensics.com/ Email: dan@insaneforensics.comYouTube: https://www.youtube.com/channel/UCSBx8on8ffSm00kqUcTrRPALinkedIn: https://www.linkedin.com/in/dan-gunter/Twitter: https://twitter.com/insaneforensicsConnect with Aaron:LinkedIn: https://www.linkedin.com/in/aaronccrowLearn more about Industrial Defender:Website: https://www.industrialdefender.com/podcast LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/Twitter: https://twitter.com/iDefend_ICSYouTube: https://www.youtube.com/@industrialdefender7120Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it. The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

December 18, 2023: Laura O'Toole (CEO, SureTest), Drex DeFord (Executive Healthcare Strategist, CrowdStrike), and David Ting (CTO and Founder, Tausight) join Bill for the news. Covering highlights from 2023, the guests share their insights and pose vital questions: Will the continued attacks impact healthcare's reputation and patient trust? How about the increased legal actions against breached systems – will they finally stimulate change? Moving on, they also delve into unexpected shifts in the EHR landscape and what's next for the main players. Moreover, they discuss distressing financial challenges for healthcare providers and the impact on cybersecurity investments. Lastly, has 2023 become the 'year of AI' within healthcare, and what does it mean for the industry?Key Points:Cybersecurity ThreatsEHR Market MovementsIncreasing Role of AIEffective Risk ManagementNews articles:Open AI: The Real Story Behind the Wild Four Days Between Sam Altman's Firing and ReturnWhy Sam Altman's removal—and reinstatement—as OpenAI CEO actually mattersHow many hospital CIOs still own innovation, data analytics, cybersecurityThe vanishing chief digital officerThis Week Health SubscribeThis Week Health TwitterThis Week Health Linkedin

About Dan Gunter: Dan Gunter, founder and CEO of Insane Forensics, is a seasoned cybersecurity professional renowned for his extensive expertise in the field. With a background as an officer in the United States Air Force, specifically with the Air Force Computer Emergency Response Team (AFCERT) and operational CYBERCOM teams, Dan has a wealth of experience in protecting critical infrastructure sites. His leadership extends to the private sector, where he served as the Director of Research and Development for Dragos Inc. before founding Insane Forensics. As a prominent speaker at major cybersecurity events, including Black Hat and ShmooCon, Dan shares his insights on incident response, threat hunting, consequence analysis, and security operations. Under his guidance, Insane Forensics provides a cutting-edge cybersecurity automation platform and services, catering to the unique challenges faced by industrial sites with limited cybersecurity resources.In this episode, Aaron and Dan Gunter discuss:Addressing the growing threat of cyber attacks on critical infrastructure, reflecting on Mandiant's report on attacks in UkraineNavigating the complexities, resource limitations, and timely application of threat intelligenceRethinking industrial cybersecurityThe intersection of cybersecurity, AI, and OTKey Takeaways:In the face of escalating cyber threats to critical infrastructure, exemplified by recent attacks like the Ukraine power grid incident, it is evident that a passive approach alone is insufficient; as attackers grow more sophisticated, understanding and actively monitoring both network and host activities become imperative for effective defense strategies.The evolving landscape of OT cybersecurity demands a nuanced approach, addressing the historical lack of understanding, resource constraints, and the critical need for timely threat intelligence application, highlighting the urgency for industry-wide collaboration and the integration of advanced technologies like AI.To navigate the integration of AI and ML in industrial settings, overcoming fear and resistance is key. Scaling incident response, fostering collaboration, and embracing proactive and reactive measures are essential for building a resilient security foundation in critical infrastructure.In the next 5 to 10 years, the increasing scale and sophistication of cyber attacks, especially in critical infrastructure, pose a significant concern, requiring a holistic approach that combines people, processes, and technology to address evolving threats and vulnerabilities, emphasizing the need for proactive design considerations in new environments and fostering collaborative efforts to share knowledge and solutions. "I worry about how we keep up. We're not going to do it by people alone. We won't do it by process or technology alone. It's going to be all three. It's going to be just us being smart about it and being open to the future." — Dan Gunter Connect with Dan Gunter: Website: https://insaneforensics.com/ Email: dan@insaneforensics.comYouTube: https://www.youtube.com/channel/UCSBx8on8ffSm00kqUcTrRPALinkedIn: https://www.linkedin.com/in/dan-gunter/Twitter: https://twitter.com/insaneforensicsConnect with Aaron:LinkedIn: https://www.linkedin.com/in/aaronccrowLearn more about Industrial Defender:Website: https://www.industrialdefender.com/podcast LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/Twitter: https://twitter.com/iDefend_ICSYouTube: https://www.youtube.com/@industrialdefender7120Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it.

In this episode Jacob speaks with Derrich Phillips from Aspire Cyber about best practices and tips when filling out cybersecurity questionnaires.Derrich Phillips is a cybersecurity expert with over 20 years of experience in the field. He started his career in the Army's security operations center, defending networks against cyber attacks. As the founder of Aspire Cyber, he focuses on helping small companies prove their cybersecurity readiness to handle information for enterprise customers.Here are some highlights from the episode:How Derrich get into cybersecurityThe what and why of security questionnairesHow to save time and money while filling out a security questionnairesWhen to push back on overly burdensome requirementsCheck out this video where Derrich and I discuss how ChatGPT can be used in information security compliance: https://youtu.be/IAAJPJLBeaYFollow Derrich on LinkedIn: https://www.linkedin.com/in/derrichphillips/Aspire Cyber website: https://www.aspirecyber.com/-----------Governance, Risk, and Compliance Academy (GRC) Academy is a training and research platform!Online GRC Training: https://grcacademy.io/courses/?utm_source=podcast&utm_medium=s1-e17&utm_campaign=coursesNeed a FedRAMP authorized Password Manager?Start a free 14-day trial of Keeper: https://grcacademy.io/ref/keeper/b2b-trial/See the CMMC controls that Keeper meets: https://grcacademy.io/ref/keeper/cmmc-controls-sheet/

Podcast: The PrOTect OT Cybersecurity Podcast (LS 31 · TOP 5% what is this?)Episode: Kayne McGladrey: The CISO's Role Is To Advise on Business RiskPub date: 2023-11-09About Kayne McGladrey: Kayne McGladrey, CISSP, is a seasoned cybersecurity expert with over twenty-five years of experience and a senior member of the IEEE. As the field CISO for Hyperproof, he specializes in advising companies on upholding the implicit social contract to protect entrusted data. Kayne's transformative leadership has been instrumental in implementing robust security measures, disaster-recovery systems, and compliance standards, earning him recognition as a spokesperson for IEEE's Public Visibility Initiative and a prominent media presence. Additionally, his dedication to fostering diversity in cybersecurity has led him to develop educational programs and build effective teams, showcasing his commitment to expanding opportunities in the field.In this episode, Aaron and Kayne McGladrey discuss:Strategic alignment of cybersecurity with business riskNavigating the changing landscape of cybersecurityEmpowering CISOs in the evolving landscape of cybersecurityThe challenges and opportunities of generative AIKey Takeaways:The key to a successful cybersecurity strategy lies in reframing it as a business imperative, focusing on aligning security efforts with business risks, engaging with cross-functional teams, proactively obtaining certifications, and leveraging control design expertise, ensuring a competitive advantage and effective risk management beyond mere compliance and technology concerns.In today's dynamic cybersecurity landscape, CISOs must continually reassess their controls and their alignment with business risks, while also considering the personal liability they bear, making succession planning and strategic adaptability vital for maintaining effective security programs.The role of a CISO is crucial, yet often misunderstood; empowering and respecting CISOs' authority is essential to effectively manage cyber risks and avoid potential disasters, as generic approaches and AI-driven risk registers fall short of addressing the unique challenges faced by businesses.In a world where cybersecurity threats are inevitable, the key lies in fostering resiliency rather than aiming for an unattainable zero-risk goal; while a lot are excited about the potential of education and automation, the lack of regulatory control over generative AI poses a daunting challenge, risking societal upheaval and economic unrest."If we don't decide to manage the economic impacts of artificial intelligence, potentially a lot of industries could be at least partially automated. And that has the potential for a lot of social arm where people just don't have jobs. And when you get people who are automated out of a job, what are they going to go do? They're going to do something that everybody can do fine, but it doesn't pay well. Like you end up going and driving for a living or doing deliveries for a living. And you end up with a highly educated workforce that is unhappy. That's like a recipe right there for civil unrest." — Kayne McGladrey Connect with Kayne McGladrey: Email: kayne@hyperproof.ioWebsite: https://hyperproof.ioLinkedIn: https://www.linkedin.com/in/kaynemcgladrey/YouTube: https://www.youtube.com/@hyperproofTwitter: https://twitter.com/kaynemcgladreyKayne will be speaking at the GPSEC Columbus next week: https://go.guidepointsecurity.com/2023_11_14_GPSEC_Columbus_NC_01-Registration-Page.htmlConnect with Aaron:LinkedIn: https://www.linkedin.com/in/aaronccrowLearn more about Industrial Defender:Website: https://www.industrialdefender.com/podcast LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/Twitter: https://twitter.com/iDefend_ICSYouTube: https://www.youtube.com/@industrialdefender7120Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it. The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: The PrOTect OT Cybersecurity Podcast (LS 29 · TOP 10% what is this?)Episode: Kayne McGladrey: The CISO's Role Is To Advise on Business RiskPub date: 2023-11-09About Kayne McGladrey: Kayne McGladrey, CISSP, is a seasoned cybersecurity expert with over twenty-five years of experience and a senior member of the IEEE. As the field CISO for Hyperproof, he specializes in advising companies on upholding the implicit social contract to protect entrusted data. Kayne's transformative leadership has been instrumental in implementing robust security measures, disaster-recovery systems, and compliance standards, earning him recognition as a spokesperson for IEEE's Public Visibility Initiative and a prominent media presence. Additionally, his dedication to fostering diversity in cybersecurity has led him to develop educational programs and build effective teams, showcasing his commitment to expanding opportunities in the field.In this episode, Aaron and Kayne McGladrey discuss:Strategic alignment of cybersecurity with business riskNavigating the changing landscape of cybersecurityEmpowering CISOs in the evolving landscape of cybersecurityThe challenges and opportunities of generative AIKey Takeaways:The key to a successful cybersecurity strategy lies in reframing it as a business imperative, focusing on aligning security efforts with business risks, engaging with cross-functional teams, proactively obtaining certifications, and leveraging control design expertise, ensuring a competitive advantage and effective risk management beyond mere compliance and technology concerns.In today's dynamic cybersecurity landscape, CISOs must continually reassess their controls and their alignment with business risks, while also considering the personal liability they bear, making succession planning and strategic adaptability vital for maintaining effective security programs.The role of a CISO is crucial, yet often misunderstood; empowering and respecting CISOs' authority is essential to effectively manage cyber risks and avoid potential disasters, as generic approaches and AI-driven risk registers fall short of addressing the unique challenges faced by businesses.In a world where cybersecurity threats are inevitable, the key lies in fostering resiliency rather than aiming for an unattainable zero-risk goal; while a lot are excited about the potential of education and automation, the lack of regulatory control over generative AI poses a daunting challenge, risking societal upheaval and economic unrest."If we don't decide to manage the economic impacts of artificial intelligence, potentially a lot of industries could be at least partially automated. And that has the potential for a lot of social arm where people just don't have jobs. And when you get people who are automated out of a job, what are they going to go do? They're going to do something that everybody can do fine, but it doesn't pay well. Like you end up going and driving for a living or doing deliveries for a living. And you end up with a highly educated workforce that is unhappy. That's like a recipe right there for civil unrest." — Kayne McGladrey Connect with Kayne McGladrey: Email: kayne@hyperproof.ioWebsite: https://hyperproof.ioLinkedIn: https://www.linkedin.com/in/kaynemcgladrey/YouTube: https://www.youtube.com/@hyperproofTwitter: https://twitter.com/kaynemcgladreyKayne will be speaking at the GPSEC Columbus next week: https://go.guidepointsecurity.com/2023_11_14_GPSEC_Columbus_NC_01-Registration-Page.htmlConnect with Aaron:LinkedIn: https://www.linkedin.com/in/aaronccrowLearn more about Industrial Defender:Website: https://www.industrialdefender.com/podcast LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/Twitter: https://twitter.com/iDefend_ICSYouTube: https://www.youtube.com/@industrialdefender7120Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it. The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

About Kayne McGladrey: Kayne McGladrey, CISSP, is a seasoned cybersecurity expert with over twenty-five years of experience and a senior member of the IEEE. As the field CISO for Hyperproof, he specializes in advising companies on upholding the implicit social contract to protect entrusted data. Kayne's transformative leadership has been instrumental in implementing robust security measures, disaster-recovery systems, and compliance standards, earning him recognition as a spokesperson for IEEE's Public Visibility Initiative and a prominent media presence. Additionally, his dedication to fostering diversity in cybersecurity has led him to develop educational programs and build effective teams, showcasing his commitment to expanding opportunities in the field.In this episode, Aaron and Kayne McGladrey discuss:Strategic alignment of cybersecurity with business riskNavigating the changing landscape of cybersecurityEmpowering CISOs in the evolving landscape of cybersecurityThe challenges and opportunities of generative AIKey Takeaways:The key to a successful cybersecurity strategy lies in reframing it as a business imperative, focusing on aligning security efforts with business risks, engaging with cross-functional teams, proactively obtaining certifications, and leveraging control design expertise, ensuring a competitive advantage and effective risk management beyond mere compliance and technology concerns.In today's dynamic cybersecurity landscape, CISOs must continually reassess their controls and their alignment with business risks, while also considering the personal liability they bear, making succession planning and strategic adaptability vital for maintaining effective security programs.The role of a CISO is crucial, yet often misunderstood; empowering and respecting CISOs' authority is essential to effectively manage cyber risks and avoid potential disasters, as generic approaches and AI-driven risk registers fall short of addressing the unique challenges faced by businesses.In a world where cybersecurity threats are inevitable, the key lies in fostering resiliency rather than aiming for an unattainable zero-risk goal; while a lot are excited about the potential of education and automation, the lack of regulatory control over generative AI poses a daunting challenge, risking societal upheaval and economic unrest."If we don't decide to manage the economic impacts of artificial intelligence, potentially a lot of industries could be at least partially automated. And that has the potential for a lot of social arm where people just don't have jobs. And when you get people who are automated out of a job, what are they going to go do? They're going to do something that everybody can do fine, but it doesn't pay well. Like you end up going and driving for a living or doing deliveries for a living. And you end up with a highly educated workforce that is unhappy. That's like a recipe right there for civil unrest." — Kayne McGladrey Connect with Kayne McGladrey: Email: kayne@hyperproof.ioWebsite: https://hyperproof.ioLinkedIn: https://www.linkedin.com/in/kaynemcgladrey/YouTube: https://www.youtube.com/@hyperproofTwitter: https://twitter.com/kaynemcgladreyKayne will be speaking at the GPSEC Columbus next week: https://go.guidepointsecurity.com/2023_11_14_GPSEC_Columbus_NC_01-Registration-Page.htmlConnect with Aaron:LinkedIn: https://www.linkedin.com/in/aaronccrowLearn more about Industrial Defender:Website: https://www.industrialdefender.com/podcast LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/Twitter: https://twitter.com/iDefend_ICSYouTube: https://www.youtube.com/@industrialdefender7120Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it.

Podcast: (CS)²AI Podcast Show: Control System Cyber SecurityEpisode: 100: Exploring OT Security and Cyber Practices with IBM's Rob DysonPub date: 2023-10-31We are delighted to welcome Rob Dyson as our special guest for the 100th episode of the CS2AI podcast! Rob is the Global OT Security Services Leader for IBM. Beyond his corporate role, he is a military veteran, a tech enthusiast, a devoted father and husband, a proud grandfather, and an avid scuba diver. His extensive experience overseeing key service areas within an industry giant like IBM makes Rob an exceptional guest for this milestone podcast. He joins us today to share his insights on control systems, operating technology, and cybersecurity practices.Rob truly brings a wealth of knowledge and clarity to today's discussion. Stay tuned for more!Show highlights:How Rob's interest in technology influenced his desire to explore new things and push boundariesThe challenges of setting up a business continuity plan in a remote locationHow security measures have evolved from the early days of network security to modern-day cybersecurityThe importance of understanding the network for OT securityHow software developers can bring valuable skills to cybersecurity after mastering the fundamentals of networkingRob shares his insights on entrepreneurship in the cybersecurity spaceHow Rob got offered a job with IBM in 2012 after a quick and unexpected interview process Rob explains how he transitioned to full-time OT security work in 2016 Why is there a need for a different mindset and cultural understanding within the OT cybersecurity industry? Rob offers advice for people who have recently begun their career journeysLinks and resources:(CS)²AI Derek Harp on LinkedInRob Dyson on LinkedInIBMThe podcast and artwork embedded on this page are from Derek Harp, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: (CS)²AI Podcast Show: Control System Cyber SecurityEpisode: 100: Exploring OT Security and Cyber Practices with IBM's Rob DysonPub date: 2023-10-31We are delighted to welcome Rob Dyson as our special guest for the 100th episode of the CS2AI podcast! Rob is the Global OT Security Services Leader for IBM. Beyond his corporate role, he is a military veteran, a tech enthusiast, a devoted father and husband, a proud grandfather, and an avid scuba diver. His extensive experience overseeing key service areas within an industry giant like IBM makes Rob an exceptional guest for this milestone podcast. He joins us today to share his insights on control systems, operating technology, and cybersecurity practices.Rob truly brings a wealth of knowledge and clarity to today's discussion. Stay tuned for more!Show highlights:How Rob's interest in technology influenced his desire to explore new things and push boundariesThe challenges of setting up a business continuity plan in a remote locationHow security measures have evolved from the early days of network security to modern-day cybersecurityThe importance of understanding the network for OT securityHow software developers can bring valuable skills to cybersecurity after mastering the fundamentals of networkingRob shares his insights on entrepreneurship in the cybersecurity spaceHow Rob got offered a job with IBM in 2012 after a quick and unexpected interview process Rob explains how he transitioned to full-time OT security work in 2016 Why is there a need for a different mindset and cultural understanding within the OT cybersecurity industry? Rob offers advice for people who have recently begun their career journeysLinks and resources:(CS)²AI Derek Harp on LinkedInRob Dyson on LinkedInIBMThe podcast and artwork embedded on this page are from Derek Harp, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

We are delighted to welcome Rob Dyson as our special guest for the 100th episode of the CS2AI podcast! Rob is the Global OT Security Services Leader for IBM. Beyond his corporate role, he is a military veteran, a tech enthusiast, a devoted father and husband, a proud grandfather, and an avid scuba diver. His extensive experience overseeing key service areas within an industry giant like IBM makes Rob an exceptional guest for this milestone podcast. He joins us today to share his insights on control systems, operating technology, and cybersecurity practices.Rob truly brings a wealth of knowledge and clarity to today's discussion. Stay tuned for more!Show highlights:How Rob's interest in technology influenced his desire to explore new things and push boundariesThe challenges of setting up a business continuity plan in a remote locationHow security measures have evolved from the early days of network security to modern-day cybersecurityThe importance of understanding the network for OT securityHow software developers can bring valuable skills to cybersecurity after mastering the fundamentals of networkingRob shares his insights on entrepreneurship in the cybersecurity spaceHow Rob got offered a job with IBM in 2012 after a quick and unexpected interview process Rob explains how he transitioned to full-time OT security work in 2016 Why is there a need for a different mindset and cultural understanding within the OT cybersecurity industry? Rob offers advice for people who have recently begun their career journeysLinks and resources:(CS)²AI Derek Harp on LinkedInRob Dyson on LinkedInIBM

Podcast: The PrOTect OT Cybersecurity Podcast (LS 29 · TOP 10% what is this?)Episode: Raphael Arakelian: Beyond the Tools - Maturing Implementation to Reduce RiskPub date: 2023-10-05About Raphael Arakelian: Raphael Arakelian is a distinguished figure in the field of cybersecurity, serving as a manager within PwC Canada's OT & IoT cybersecurity team. With a national leadership role, he directs PwC Canada's efforts in OT monitoring implementation services, overseeing proof-of-concept evaluations and implementations across diverse industries. Raphael's unwavering commitment to securing critical infrastructure and industrial systems against cyber threats showcases his profound passion for advancing OT monitoring technology and staying at the forefront of cybersecurity innovation.In this episode, Aaron and Raphael Arakelian discuss:Evaluation OT security solutions beyond technological featuresMaturing implementation considering technical requirements, business requirements, and organizational factorsExploring the integration of active scanning in OT cybersecurity protocolsAchieving comprehensive OT asset management and cybersecurity monitoringBridging the gap between OT and cybersecurityThe evolving role of OT cybersecurityKey Takeaways:To build a robust OT cyber monitoring program, organizations must embrace a collective approach involving a combination of tools, people, active and passive methods, and meticulous asset inventory management to enhance their security posture in an evolving threat landscape.In the world of OT cybersecurity, it's not enough to simply have tools; success hinges on a meticulous understanding of assets, ongoing monitoring, and a proactive approach to vulnerabilities, even if achieving 100% coverage remains elusive.It's crucial to move beyond black-and-white thinking, embrace active scanning safely, involve vendors collaboratively, and establish hybrid roles to take ownership and advance visibility for more robust OT cybersecurity practices.In the next 5 to 10 years, we'll witness a pivotal shift towards more comprehensive and collaborative OT cybersecurity practices, embracing advanced monitoring technologies and the active involvement of OEMs, as the critical importance of safeguarding operational technology becomes increasingly evident. "Most of the time, it's too much of a burden to be able to take care of the technology parts, but also influence on both sides the culture to be able to have a successful OT cyber program." — Raphael Arakelian Connect with Raphael Arakelian: Email: raphael.arakelian@pwc.comLinkedIn: https://www.linkedin.com/in/raphael-arakelian/Raphael will be presenting a paper at S4 this March 2024 around active scanning of OT PLCs: https://s4xevents.com/page/4/?et_blogConnect with Aaron:LinkedIn: https://www.linkedin.com/in/aaronccrowLearn more about Industrial Defender:Website: https://www.industrialdefender.com/podcast LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/Twitter: https://twitter.com/iDefend_ICSYouTube: https://www.youtube.com/@industrialdefender7120Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it. The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Podcast: The PrOTect OT Cybersecurity Podcast (LS 31 · TOP 5% what is this?)Episode: Raphael Arakelian: Beyond the Tools - Maturing Implementation to Reduce RiskPub date: 2023-10-05About Raphael Arakelian: Raphael Arakelian is a distinguished figure in the field of cybersecurity, serving as a manager within PwC Canada's OT & IoT cybersecurity team. With a national leadership role, he directs PwC Canada's efforts in OT monitoring implementation services, overseeing proof-of-concept evaluations and implementations across diverse industries. Raphael's unwavering commitment to securing critical infrastructure and industrial systems against cyber threats showcases his profound passion for advancing OT monitoring technology and staying at the forefront of cybersecurity innovation.In this episode, Aaron and Raphael Arakelian discuss:Evaluation OT security solutions beyond technological featuresMaturing implementation considering technical requirements, business requirements, and organizational factorsExploring the integration of active scanning in OT cybersecurity protocolsAchieving comprehensive OT asset management and cybersecurity monitoringBridging the gap between OT and cybersecurityThe evolving role of OT cybersecurityKey Takeaways:To build a robust OT cyber monitoring program, organizations must embrace a collective approach involving a combination of tools, people, active and passive methods, and meticulous asset inventory management to enhance their security posture in an evolving threat landscape.In the world of OT cybersecurity, it's not enough to simply have tools; success hinges on a meticulous understanding of assets, ongoing monitoring, and a proactive approach to vulnerabilities, even if achieving 100% coverage remains elusive.It's crucial to move beyond black-and-white thinking, embrace active scanning safely, involve vendors collaboratively, and establish hybrid roles to take ownership and advance visibility for more robust OT cybersecurity practices.In the next 5 to 10 years, we'll witness a pivotal shift towards more comprehensive and collaborative OT cybersecurity practices, embracing advanced monitoring technologies and the active involvement of OEMs, as the critical importance of safeguarding operational technology becomes increasingly evident. "Most of the time, it's too much of a burden to be able to take care of the technology parts, but also influence on both sides the culture to be able to have a successful OT cyber program." — Raphael Arakelian Connect with Raphael Arakelian: Email: raphael.arakelian@pwc.comLinkedIn: https://www.linkedin.com/in/raphael-arakelian/Raphael will be presenting a paper at S4 this March 2024 around active scanning of OT PLCs: https://s4xevents.com/page/4/?et_blogConnect with Aaron:LinkedIn: https://www.linkedin.com/in/aaronccrowLearn more about Industrial Defender:Website: https://www.industrialdefender.com/podcast LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/Twitter: https://twitter.com/iDefend_ICSYouTube: https://www.youtube.com/@industrialdefender7120Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it. The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

About Raphael Arakelian: Raphael Arakelian is a distinguished figure in the field of cybersecurity, serving as a manager within PwC Canada's OT & IoT cybersecurity team. With a national leadership role, he directs PwC Canada's efforts in OT monitoring implementation services, overseeing proof-of-concept evaluations and implementations across diverse industries. Raphael's unwavering commitment to securing critical infrastructure and industrial systems against cyber threats showcases his profound passion for advancing OT monitoring technology and staying at the forefront of cybersecurity innovation.In this episode, Aaron and Raphael Arakelian discuss:Evaluation OT security solutions beyond technological featuresMaturing implementation considering technical requirements, business requirements, and organizational factorsExploring the integration of active scanning in OT cybersecurity protocolsAchieving comprehensive OT asset management and cybersecurity monitoringBridging the gap between OT and cybersecurityThe evolving role of OT cybersecurityKey Takeaways:To build a robust OT cyber monitoring program, organizations must embrace a collective approach involving a combination of tools, people, active and passive methods, and meticulous asset inventory management to enhance their security posture in an evolving threat landscape.In the world of OT cybersecurity, it's not enough to simply have tools; success hinges on a meticulous understanding of assets, ongoing monitoring, and a proactive approach to vulnerabilities, even if achieving 100% coverage remains elusive.It's crucial to move beyond black-and-white thinking, embrace active scanning safely, involve vendors collaboratively, and establish hybrid roles to take ownership and advance visibility for more robust OT cybersecurity practices.In the next 5 to 10 years, we'll witness a pivotal shift towards more comprehensive and collaborative OT cybersecurity practices, embracing advanced monitoring technologies and the active involvement of OEMs, as the critical importance of safeguarding operational technology becomes increasingly evident. "Most of the time, it's too much of a burden to be able to take care of the technology parts, but also influence on both sides the culture to be able to have a successful OT cyber program." — Raphael Arakelian Connect with Raphael Arakelian: Email: raphael.arakelian@pwc.comLinkedIn: https://www.linkedin.com/in/raphael-arakelian/Raphael will be presenting a paper at S4 this March 2024 around active scanning of OT PLCs: https://s4xevents.com/page/4/?et_blogConnect with Aaron:LinkedIn: https://www.linkedin.com/in/aaronccrowLearn more about Industrial Defender:Website: https://www.industrialdefender.com/podcast LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/Twitter: https://twitter.com/iDefend_ICSYouTube: https://www.youtube.com/@industrialdefender7120Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it.

In this episode Jacob Hill talks with Jacob Horne from Summit 7!Jacob Horne is Summit 7's Chief Security Evangelist, and has a unique genetic superpower that allows him to delve into NIST publications & government regulations without experiencing even a hint of boredom!In the episode Jacob Horne explains the history leading up to the CMMC program, when CMMC may be required, and the significance of the FAR CUI rule!Here are some key topics we discussed:How he started in cybersecurityThe history leading up to CMMCWhat is rulemakingThe two CMMC rules we are waiting onWhen CMMC may appear in contractsThe FAR CUI rule and its importanceWhy DHS and VA regulations were silent on NIST 800-171When will the FAR CUI rule drop?Follow Jacob on LinkedIn: https://www.linkedin.com/in/jacob-evan-horne/Summit 7 website: https://www.summit7.us/Jacob Horne's Deep dive on CMMC rulemaking timeline: https://www.youtube.com/watch?v=qyLDQxo-YPgFederal Rulemaking book: https://www.amazon.com/Rulemaking-Government-Agencies-Write-Policy/dp/1483352811/-----------Governance, Risk, and Compliance Academy (GRC) Academy is a training and research platform!Online GRC Training: https://grcacademy.io/courses/?utm_source=podcast&utm_medium=s1-e13&utm_campaign=coursesNeed a FedRAMP authorized Password Manager?Start a free 14-day trial of Keeper: https://grcacademy.io/ref/keeper/b2b-trial/See the CMMC controls that Keeper meets: https://grcacademy.io/ref/keeper/cmmc-controls-sheet/

Episode 24, Season 2. This week on All Quiet, Tyler chats with Bryon Kroger, Air Force veteran and Founder and CEO of Rise8. Together, they unpack the pitfalls of current risk management and cybersecurity in government operations and Bryon critiques the ATO process, advocating for a more agile, people-centric approach. Tyler and Bryon also delve into the buzz-worthy topic of software factories and the crucial role of HR in driving change. Bryon's insights serve as a call to action for rethinking how we approach tech in government.What's Happening on the Second Front:Critique of the current ATO process and its focus on cybersecurityThe role of culture in risk management and operational efficiencyThe concept and challenges of software factories in government settingsLimitations of traditional HR practices in hiring tech talent for government rolesToyota's production system as a model for organizational efficiencyBalancing speed and security in software developmentConnect with Bryon:LinkedIn: Bryon KrogerConnect with Tyler:LinkedIn: Tyler Sweatt Website: secondfront.comBooks mentioned:Recoding America by Jennifer PahlkaWardley Maps by Simon WardleyCatch 2F's Offset Symposium replay here. This show is produced by Soulfire Productions

In this episode Jacob talks with operational technology (OT) cybersecurity expert Joseph Loomis!Joseph is the President of Secrabus Inc where he performs cybersecurity assessments on Oil & Gas companies to help elevate their security posture and protect their critical assets.Joseph shares his experiences after more than 15 years in the Oil & Gas industrial control system (ICS) and OT cybersecurity space.Here are some key topics we discussed:How he started in cybersecurityThe just in time deliverability aspect of Oil & GasIT and OT convergenceDefense in depth architectureGRC Standards that apply to the Oil & Gas industryPurdue Model for ICS SecurityHis risk assessment methodologyInteresting storiesAnd more!Follow Joseph on LinkedIn: https://www.linkedin.com/in/josephloomis/Secrabus Inc's Website: https://secrabus.com/-----------Governance, Risk, and Compliance Academy (GRC) Academy is a training and research platform!Online GRC Training: https://grcacademy.io/courses/?utm_source=podcast&utm_medium=s1-e9&utm_campaign=coursesNeed a FedRAMP authorized Password Manager?Start a free 14-day trial of Keeper: https://grcacademy.io/ref/keeper/b2b-trial/See the CMMC controls that Keeper meets: https://grcacademy.io/ref/keeper/cmmc-controls-sheet/

In today's episode, I talk with Dan DeCloss. He is the Founder and CEO of PlexTrac - PlexTrac is a revolutionary, yet simple, Cybersecurity platform that centralizes all security assessments, penetration test reports, bug bounty submissions, audit findings and vulnerabilities into a single location. He is going to share with us how he got started in cybersecurity, and his journey as the founder of PlexTrac. He's going to tell us what Purple Teaming is and what his advice is for founders going after their dream.Here's a closer look at the episode:Dan's dream of entrepreneurshipNaval Postgraduate SchoolDepartment of Defense cybersecurityHow report automating sparked the idea for PlexTracThe Red Team vs. the Blue Team in cybersecurityThe importance of validationDeciding to commit full-timeWhy timing was rightUnanticipated challenges as PlexTrac has grownThe COVID impact and lessons learnedHow things changed after fundraisingThe relationship with Insight PartnersImportance of leadership developmentWhat's coming up for PlexTracDan's advice for other foundersResources:Website: https://plextrac.com/ Dan's Linkedin: https://www.linkedin.com/in/ddecloss/ Dan's Twitter: https://twitter.com/wh33lhouse PlexTrac Twitter: https://twitter.com/PlexTracPlexTrac LinkedIn: https://www.linkedin.com/company/plextrac/ PlexTrac Facebook: https://www.facebook.com/plextrac 

We know that cybersecurity presents a huge risk to us both personally and professionally, but what can we do to stay safe? To answer this question I spoke with cybersecurity expert Raj Samani, who at the time of recording was Chief Scientist at McAfee, and is now at Rapid7 on the Actionable Futurist Podcast®.As an international cybercrime expert, Raj has assisted multiple law enforcement agencies in cybercrime cases, and is a special advisor to the European Cybercrime Centre and is on the advisory councils for Infosecurity Europe and Infosecurity Magazine.Cybersecurity threats now have the potential to completely cripple companies and complete supply chains and my discussion with Raj is accessible to audiences of all types, and contains advice for a board of directors, right down to students considering their career options.In this wide-ranging discussion, we covered topics including:Cybercrime in a pandemic worldHow cybercrime has evolvedHow supply chains are now a targetThe Log4j vulnerability and what it meansAre boards taking cyber threats seriously?Making the board uncomfortable about the risksContextualising why cybersecurity mattersCan AI help fight cybercrime?Actionable advice to keep safeHow much security do you need?The industries most at riskNation-states running social media campaignsWhat the FireEye acquisition means for McAfee Criminals now have R&D departmentsIoT and APIs as the next threat areas?Children's toys are getting hackedPutting security at the heart of designBletchley Park's role in cybersecurityThe hot roles in cybersecurityTop 3 cybersecurity trendsDo companies need a dedicated Chief Security Officer?3 things to do today to stay safeRaj provides us with actionable and practical advice on what to do this week to reduce your exposure.Make 2022 the year you lean forward and take cybersecurity seriously.More on RajLinkedInTwitterMcAfee EnterpriseRaj's BlogsResources mentioned on the showHave I Been Pwned? websiteSpeakers for Schools websiteNoMoreRansom.orgThe Cuckoo's Egg bookApplied Cyber Security and the Smart Grid bookDave Grohl BiographyBletchley ParkYour Host: Actionable Futurist® Andrew GrillFor more on Andrew - what he speaks about and replays of recent talks, please visit ActionableFuturist.comfollow @AndrewGrill on Twitteror @andrew.grill on Instagram.

Today's guest is Niamh Vianney Muldoon. Niamh is an experienced self-starter with extensive Information Security risk management experience. She is currently the Global Data Protection Officer at OneLogin, who the leader in Unified Access Management, Enabling Organizations to Access the World. They make it simpler and safer for organizations to access the apps and data they need anytime, everywhere.In the show, Niamh will tell you about:How she got into CybersecurityThe exciting roles she has enjoyed over the yearsThe importance of mentoringSuccess stories of moving into the world of ITData GovernanceThe exciting work at OneLoginNiamh Muldoonhttps://www.linkedin.com/in/niamh-vianney-muldoon-b2174853/ The Data Standardhttps://datastandard.io/https://www.linkedin.com/company/the-data-standard/

Cybersecurity isn't an issue that can be dealt with simply by using technology. It's about working together to solve challenging puzzles, bringing together technology and people to solve complex problems. This week's guest on MindSET, Arlette Hart, Senior Technologist for Cybersecurity at Leidos, believes cybersecurity sits at the intersection between technology and people. For Arlette, if you want to protect against cybersecurity threats and vulnerabilities, both technology and people have to work together. Of course technology is important, it creates an opportunity for us to better detect, sense and react to activities happening, and even predict them, but it also creates new challenges of having to then protect the things that you've just created. It's a vicious cycle. Joining Arlette in this podcast is MindSET host, Meghan Good, Cyber Solutions Lead for the Intelligence Group at Leidos. And what makes the conversation so rich is that, while they both have cybersecurity as their focus, including its challenges and innovations, they've come at it along very different paths. On today's podcast:Cybersecurity sits at the intersection of people and technologyThe various pathways to cybersecurity at LeidosThe biggest threat to cybersecurity todayThe advancements in cybersecurityThe impact of COVID-19 on cybersecurity

The IntroBeverley won't let Louisa move into the spare room, even if it is her birthday!Beverley talks about how we all want to help small business with their cybersecurity but are we doing the right things that are right for that marketLouisa has been researching (again) looking at the confusing landscape of advice for small businesses on cyber securityWhy Adam is the perfect guest to help us better understand the market, the problem and what small business needs from securityThe ChatAdam Selwood is Director, Co-founder and CTO at Cynch Security and we are so pleased to have a local Melbourne cybersecurity entrepreneur in the café with us!We talk aboutWhere Adam started his career, how he moved into cybersecurity and why he loves itWhy he and Suzie first discovered the pain that small business experiences around data breaches and the passion he and Suzie found for trying to finding solutions to help themWhat is a small business and how to define that areaThe challenges with getting data around the impacts for small businessWhat are the attitudes towards cybersecurity within small businesses and whether they are optimistic about their securityWhether it's a realistic figure that 60% of small business go out of business after a cyber attackWhat are the characteristics on a small business and the challenges they haveWhat small business needs from cybersecurity solutions and what they have invested in so farHow the cybersecurity industry can confuse small business with our languageWhy small businesses are not keeping up to date with cybersecurity threats and solutions to address thoseWhat the biggest risk for small business is when it comes to cybersecurityThe relationship between small business and large corporates when it comes to supply chain riskThe changing landscape for small business around regulation and how this will impact themWhat the future holds for small business security includingincreased data breach regulation (and disclosure)customers driving increased security from small businessDigital natives changing the expectations of small businessIncreasing attacks affecting small businessWhy there is no bigger problem in cybersecurity than small business security and why Adams is optimistic on the solutions coming for small businessWhy cybersecurity is part of a long list of challenges for small businessAdam's fantastic advice for would be entrepreneurs in cybersecurityThe debriefOur key takeaways from the chat includingConfirmation email is the biggest threat for small businessThe amazing amount of passion and due diligence done by Adam and Suzie on the problems that small businesses experienceWhy we should support Cynch and why small business is important for the Australian economyThe misquoted fact about the number of small businesses that go out of business after a cyber attackWhere to find facts that you can use about small business cybersecurityHow to follow Adam:Visit: https://cynch.com.au/LinkedIn: https://www.linkedin.com/in/adamselwoodTwitter @adamselwoodCREDITSGuest: Adam SelwoodHosts: Beverley Roche and Louisa VogelenzangProducer/Editor: Louisa VogelenzangSound Producer: Darcy Milne (Propodcastproduction.com)RESEARCHThe in-question fact about 60% of small businesses going out of business after a cyber attackhttps://staysafeonline.org/press-release/national-cyber-security-alliance-statement-regarding-incorrect-small-business-statistic/https://www.bankinfosecurity.com/blogs/60-hacked-small-businesses-fail-how-reliable-that-stat-p-2464Security Boulevard facts you can use on small medium business security (with some facts around small business only)https://www.securityboulevard.com/2019/06/15-small-business-cyber-security-statistics-that-you-need-to-know/amp/CONTACT THE CYBERSECURITY CAFÉJoin our LinkedIn Group https://www.linkedin.com/company/the-cybersecurity-caféEmail us:louisa@cybersecuritycafe.com.aubeverley@cybersecuritycafe.com.auVisit our website: https://www.cybersecuritycafe.com.auWant to be on the show? Send us your bio and an overview on what you want to chat about and we'll be in touch asap.We also welcome guest suggestions – in particular we'd love to hear from new voices in the industry who have new ideas to share about the human side of security.See omnystudio.com/listener for privacy information.