Podcasts about cybersecuritythe

Play Episode Listen Later Dec 4, 2024 26:49

Guest: Joseph Carson, Chief Security Scientist (CSS) & Advisory CISO, DelineaOn LinkedIn | https://www.linkedin.com/in/josephcarson/Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast & Audio Signals PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesAt AISA Cyber Con 2024, amidst the bustling energy of Melbourne, the conversation between Sean Martin, Marco Ciappelli, and Joseph Carson provided a unique perspective on cybersecurity challenges and insights. The setting wasn't just a backdrop—it was a canvas where shared experiences and professional journeys painted a vivid picture of evolving cyber threats and collaborative defense strategies.The Dynamics of EngagementThe dialogue kicked off with a casual and candid exchange, where the speakers reflected on the nuances of attending conferences—long walks between sessions, weather swings, and the unexpected yet pleasant surprise of encountering familiar faces. Marco and Sean seamlessly blended humor and camaraderie into their conversation, making the technical discussion both engaging and relatable.Insights on Ransomware RealitiesJoseph Carson shared a deeply technical yet accessible walkthrough of ransomware attacks. He explained his approach to recreating real-world scenarios to educate organizations on vulnerabilities and lessons learned. He highlighted that while AI garners much attention, attackers often rely on basic techniques that remain effective. His revelation that many victims still struggle with simple misconfigurations and weak credential management served as a stark reminder of cybersecurity's foundational importance.The audience's reaction underscored the relevance of these insights. Many attendees, identifying parallels with their organizational experiences, approached Carson afterward to share stories or seek advice. This interactive exchange emphasized the importance of open dialogue and proactive learning in addressing cyber threats.Ethical and Strategic Considerations in CybersecurityThe discussion also touched on the ethical dilemmas surrounding ransomware payments. Carson recounted incidents where organizations faced the difficult decision to pay ransoms to save critical operations. His narrative of assisting a cancer research organization emphasized that these decisions are fundamentally business-driven, balancing continuity against principles.Sean and Marco expanded on the implications of regulatory frameworks. They debated the effectiveness of Australia's laws permitting ransomware payments under strict disclosure conditions, exploring whether such measures could foster collaboration between government agencies and the private sector or inadvertently sustain the criminals' business model.Global Trends and Local ChallengesThe conversation delved into how sanctions and geopolitics influence cybercrime. Carson explained how ransomware operators adapt their strategies, targeting regions with fewer regulatory constraints or financial barriers. He emphasized the need for global cooperation to create a resilient cybersecurity ecosystem, advocating for shared intelligence and collaborative defense measures.Marco's observations on the societal aspect of cybersecurity resonated strongly. He noted that resilient countries could inadvertently shift the burden of ransomware to less developed regions, highlighting the ethical responsibility to extend cybersecurity efforts globally.Final Thoughts: Building a Safer Digital WorldThe discussion wrapped up with a call for cooperation and proactive measures. Whether through fostering societal awareness or tightening organizational controls, the speakers agreed that tackling cybercrime requires a unified effort. Carson emphasized that sharing knowledge—be it through podcasts, conferences, or direct collaboration—creates a ripple effect of security.This conversation at AISA Cyber Con wasn't just an exchange of ideas but a demonstration of the power of collaboration in combating the ever-evolving challenges of cybersecurity. Through humor, storytelling, and expertise, Sean, Marco, and Carson left their audience not only informed but inspired to act.____________________________This Episode's SponsorsThreatlocker: https://itspm.ag/threatlocker-r974____________________________ResourcesLearn more and catch more stories from Australian Cyber Conference 2024 coverage: https://www.itspmagazine.com/australian-cyber-conference-melbourne-2024-cybersecurity-event-coverage-in-australiaBe sure to share and subscribe!____________________________Catch all of our event coverage: https://www.itspmagazine.com/technology-cybersecurity-society-humanity-conference-and-event-coverageTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastTo see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcastWant to tell your Brand Story Briefing as part of our event coverage?Learn More

Inside the MIND of a Hacker - Insights and Lessons From a Ransomware Attack | An Australian Cyber Conference 2024 in Melbourne Conversation with Joseph Carson | On Location Coverage with Sean Martin and Marco Ciappelli

Play Episode Listen Later Dec 4, 2024 26:49

Guest: Joseph Carson, Chief Security Scientist (CSS) & Advisory CISO, DelineaOn LinkedIn | https://www.linkedin.com/in/josephcarson/Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast & Audio Signals PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesAt AISA Cyber Con 2024, amidst the bustling energy of Melbourne, the conversation between Sean Martin, Marco Ciappelli, and Joseph Carson provided a unique perspective on cybersecurity challenges and insights. The setting wasn't just a backdrop—it was a canvas where shared experiences and professional journeys painted a vivid picture of evolving cyber threats and collaborative defense strategies.The Dynamics of EngagementThe dialogue kicked off with a casual and candid exchange, where the speakers reflected on the nuances of attending conferences—long walks between sessions, weather swings, and the unexpected yet pleasant surprise of encountering familiar faces. Marco and Sean seamlessly blended humor and camaraderie into their conversation, making the technical discussion both engaging and relatable.Insights on Ransomware RealitiesJoseph Carson shared a deeply technical yet accessible walkthrough of ransomware attacks. He explained his approach to recreating real-world scenarios to educate organizations on vulnerabilities and lessons learned. He highlighted that while AI garners much attention, attackers often rely on basic techniques that remain effective. His revelation that many victims still struggle with simple misconfigurations and weak credential management served as a stark reminder of cybersecurity's foundational importance.The audience's reaction underscored the relevance of these insights. Many attendees, identifying parallels with their organizational experiences, approached Carson afterward to share stories or seek advice. This interactive exchange emphasized the importance of open dialogue and proactive learning in addressing cyber threats.Ethical and Strategic Considerations in CybersecurityThe discussion also touched on the ethical dilemmas surrounding ransomware payments. Carson recounted incidents where organizations faced the difficult decision to pay ransoms to save critical operations. His narrative of assisting a cancer research organization emphasized that these decisions are fundamentally business-driven, balancing continuity against principles.Sean and Marco expanded on the implications of regulatory frameworks. They debated the effectiveness of Australia's laws permitting ransomware payments under strict disclosure conditions, exploring whether such measures could foster collaboration between government agencies and the private sector or inadvertently sustain the criminals' business model.Global Trends and Local ChallengesThe conversation delved into how sanctions and geopolitics influence cybercrime. Carson explained how ransomware operators adapt their strategies, targeting regions with fewer regulatory constraints or financial barriers. He emphasized the need for global cooperation to create a resilient cybersecurity ecosystem, advocating for shared intelligence and collaborative defense measures.Marco's observations on the societal aspect of cybersecurity resonated strongly. He noted that resilient countries could inadvertently shift the burden of ransomware to less developed regions, highlighting the ethical responsibility to extend cybersecurity efforts globally.Final Thoughts: Building a Safer Digital WorldThe discussion wrapped up with a call for cooperation and proactive measures. Whether through fostering societal awareness or tightening organizational controls, the speakers agreed that tackling cybercrime requires a unified effort. Carson emphasized that sharing knowledge—be it through podcasts, conferences, or direct collaboration—creates a ripple effect of security.This conversation at AISA Cyber Con wasn't just an exchange of ideas but a demonstration of the power of collaboration in combating the ever-evolving challenges of cybersecurity. Through humor, storytelling, and expertise, Sean, Marco, and Carson left their audience not only informed but inspired to act.____________________________This Episode's SponsorsThreatlocker: https://itspm.ag/threatlocker-r974____________________________ResourcesLearn more and catch more stories from Australian Cyber Conference 2024 coverage: https://www.itspmagazine.com/australian-cyber-conference-melbourne-2024-cybersecurity-event-coverage-in-australiaBe sure to share and subscribe!____________________________Catch all of our event coverage: https://www.itspmagazine.com/technology-cybersecurity-society-humanity-conference-and-event-coverageTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastTo see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcastWant to tell your Brand Story Briefing as part of our event coverage?Learn More

Dodging the Ball and ways for CISOs to avoid: Essential Strategies for CISOs | A Black Hat USA 2024 Conversation with Jess Nall | On Location Coverage with Sean Martin and Marco Ciappelli

Play Episode Listen Later Jul 17, 2024 21:53

Guest: Jess Nall, Partner, Defense Against Government Investigations, Baker McKenzie, LLP [@bakermckenzie]On LinkedIn | https://www.linkedin.com/in/jess-nall/____________________________Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesAs the countdown to Black Hat 2024 begins, ITSP Magazine's “Chats On the Road” series kicks off with a compelling pre-event discussion featuring Jess Nall, a partner at Baker McKenzie with over two decades of experience in federal investigations and defending Chief Information Security Officers (CISOs). Hosted by Sean Martin and Marco Ciappelli, the episode blends humor and serious insights to tackle the evolving challenges faced by CISOs today.The Dodgeball Analogy: Setting the StageThe conversation starts on a light-hearted note with a playful dodgeball analogy, a clever metaphor used to illustrate the growing complexities in the cybersecurity landscape. This sets the tone for a deeper exploration of the pressures and responsibilities that modern CISOs face, bridging the gap between legacy technology and contemporary cybersecurity challenges.Legacy Technology vs. Modern CybersecurityDrawing from the dodgeball metaphor, Sean and Marco highlight the burden of legacy technology and its impact on current cybersecurity practices. Jess Nall shares her perspective on how past business operations influence today's cybersecurity strategies, emphasizing the need for CISOs to adapt and innovate continually.ITSP Magazine's Milestone and Black Hat ConnectionsThis episode also marks a celebratory milestone for ITSP Magazine. Sean and Marco reflect on their journey from Los Angeles to Las Vegas, the birthplace of ITSP Magazine, and how their experiences have shaped the publication's mission and growth. As they gear up for Black Hat 2024, they express their excitement about reconnecting with the cybersecurity community and exploring new opportunities for collaboration.Introducing Jess Nall: Expertise and ExperienceJess Nall, a seasoned expert in federal investigations, brings invaluable insights to the discussion. She underscores the severe implications of government scrutiny on CISOs, drawing from high-profile cases like SEC v. SolarWinds and Tim Brown. Jess provides practical advice for CISOs to avoid regulatory pitfalls and highlights the importance of staying vigilant and proactive in their roles.The Internet's Troubled History and Its ImpactMarco steers the conversation towards the Internet's troubled history and its initial lack of security foresight. Jess reflects on how these historical challenges have shaped modern cybersecurity practices, emphasizing the difficulties of keeping up with evolving threats and expanding attack surfaces. She also discusses the controversial strategy of targeting CISOs to influence corporate cybersecurity measures, a practice she staunchly opposes.The Perfect Storm: AI and CybersecurityThe discussion turns to the increasing complexity of cybersecurity in the age of AI. Sean and Jess delve into the pressures CISOs face as they balance the incorporation of AI technologies with maintaining robust cybersecurity measures. Jess describes this scenario as a “perfect storm,” making the role of a CISO more challenging than ever.Regulation and Legislation: A Critical ExaminationMarco raises critical concerns about the reactive nature of current cybersecurity legislation and regulation. Jess discusses how federal agencies often target individuals closest to a cybersecurity breach and outlines the topics she will cover in her upcoming Black Hat presentation. She aims to educate CISOs on preventive measures and strategic responses to navigate these challenges effectively.Looking Ahead: Black Hat 2024As the episode concludes, Sean emphasizes the importance of awareness and proactive measures among CISOs. Marco encourages listeners to attend Jess Nall's presentation at Black Hat 2024 on August 7th at Mandalay Bay in Las Vegas. This critical discussion promises to equip CISOs and their teams with the knowledge and tools to navigate their increasingly scrutinized roles.Stay Tuned with ITSP MagazineSean and Marco remind their audience that this episode is just the beginning of a series of insightful conversations leading up to Black Hat 2024. They invite listeners to stay tuned for more engaging episodes that will continue to explore the dynamic world of cybersecurity.Be sure to follow our Coverage Journey and subscribe to our podcasts!____________________________Follow our Black Hat USA 2024 coverage: https://www.itspmagazine.com/black-hat-usa-2024-hacker-summer-camp-2024-event-coverage-in-las-vegasOn YouTube:

Dodging the Ball and ways for CISOs to avoid: Essential Strategies for CISOs | A Black Hat USA 2024 Conversation with Jess Nall | On Location Coverage with Sean Martin and Marco Ciappelli

Play Episode Listen Later Jul 17, 2024 21:53

Guest: Jess Nall, Partner, Defense Against Government Investigations, Baker McKenzie, LLP [@bakermckenzie]On LinkedIn | https://www.linkedin.com/in/jess-nall/____________________________Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesAs the countdown to Black Hat 2024 begins, ITSP Magazine's “Chats On the Road” series kicks off with a compelling pre-event discussion featuring Jess Nall, a partner at Baker McKenzie with over two decades of experience in federal investigations and defending Chief Information Security Officers (CISOs). Hosted by Sean Martin and Marco Ciappelli, the episode blends humor and serious insights to tackle the evolving challenges faced by CISOs today.The Dodgeball Analogy: Setting the StageThe conversation starts on a light-hearted note with a playful dodgeball analogy, a clever metaphor used to illustrate the growing complexities in the cybersecurity landscape. This sets the tone for a deeper exploration of the pressures and responsibilities that modern CISOs face, bridging the gap between legacy technology and contemporary cybersecurity challenges.Legacy Technology vs. Modern CybersecurityDrawing from the dodgeball metaphor, Sean and Marco highlight the burden of legacy technology and its impact on current cybersecurity practices. Jess Nall shares her perspective on how past business operations influence today's cybersecurity strategies, emphasizing the need for CISOs to adapt and innovate continually.ITSP Magazine's Milestone and Black Hat ConnectionsThis episode also marks a celebratory milestone for ITSP Magazine. Sean and Marco reflect on their journey from Los Angeles to Las Vegas, the birthplace of ITSP Magazine, and how their experiences have shaped the publication's mission and growth. As they gear up for Black Hat 2024, they express their excitement about reconnecting with the cybersecurity community and exploring new opportunities for collaboration.Introducing Jess Nall: Expertise and ExperienceJess Nall, a seasoned expert in federal investigations, brings invaluable insights to the discussion. She underscores the severe implications of government scrutiny on CISOs, drawing from high-profile cases like SEC v. SolarWinds and Tim Brown. Jess provides practical advice for CISOs to avoid regulatory pitfalls and highlights the importance of staying vigilant and proactive in their roles.The Internet's Troubled History and Its ImpactMarco steers the conversation towards the Internet's troubled history and its initial lack of security foresight. Jess reflects on how these historical challenges have shaped modern cybersecurity practices, emphasizing the difficulties of keeping up with evolving threats and expanding attack surfaces. She also discusses the controversial strategy of targeting CISOs to influence corporate cybersecurity measures, a practice she staunchly opposes.The Perfect Storm: AI and CybersecurityThe discussion turns to the increasing complexity of cybersecurity in the age of AI. Sean and Jess delve into the pressures CISOs face as they balance the incorporation of AI technologies with maintaining robust cybersecurity measures. Jess describes this scenario as a “perfect storm,” making the role of a CISO more challenging than ever.Regulation and Legislation: A Critical ExaminationMarco raises critical concerns about the reactive nature of current cybersecurity legislation and regulation. Jess discusses how federal agencies often target individuals closest to a cybersecurity breach and outlines the topics she will cover in her upcoming Black Hat presentation. She aims to educate CISOs on preventive measures and strategic responses to navigate these challenges effectively.Looking Ahead: Black Hat 2024As the episode concludes, Sean emphasizes the importance of awareness and proactive measures among CISOs. Marco encourages listeners to attend Jess Nall's presentation at Black Hat 2024 on August 7th at Mandalay Bay in Las Vegas. This critical discussion promises to equip CISOs and their teams with the knowledge and tools to navigate their increasingly scrutinized roles.Stay Tuned with ITSP MagazineSean and Marco remind their audience that this episode is just the beginning of a series of insightful conversations leading up to Black Hat 2024. They invite listeners to stay tuned for more engaging episodes that will continue to explore the dynamic world of cybersecurity.Be sure to follow our Coverage Journey and subscribe to our podcasts!____________________________Follow our Black Hat USA 2024 coverage: https://www.itspmagazine.com/black-hat-usa-2024-hacker-summer-camp-2024-event-coverage-in-las-vegasOn YouTube:

Exploring the Future of Software Supply Chain Security | An RSA Conference 2024 Conversation with Cassie Crossley | On Location Coverage with Sean Martin and Marco Ciappelli

Play Episode Listen Later May 12, 2024 22:14

Guest: Cassie Crossley, VP, Supply Chain Security, Schneider Electric [@SchneiderElec]On LinkedIn | https://www.linkedin.com/in/cassiecrossley/On Twitter | https://twitter.com/Cassie_CrossleyOn Mastodon | https://mastodon.social/@Cassie_Crossley____________________________Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesThis discussion shed light on various aspects of cybersecurity, technology, and the evolving role of IT professionals in addressing the challenges of the digital age.The conversation kicked off with Sean Martin providing a warm welcome to the audience as he introduced the topic of software supply chain security. Cassie Crossley shared insights from her extensive experience in cybersecurity at Schneider Electric, emphasizing the critical importance of safeguarding product security and supply chain integrity.Embracing Innovation and Resilience in CybersecurityThe discussion dive into the concept of resilience in cybersecurity and the need for proactive risk management strategies. Both speakers emphasized the importance of leveraging AI-driven decision-making processes to enhance efficiency and reduce false positives in security operations. They also highlighted the role of machine learning and behavior analytics in strengthening cybersecurity posture.Bridging the Gap between IT and Business ObjectivesCrossley and Martin discussed the evolving role of IT professionals in bridging the gap between technical cybersecurity measures and broader business objectives. They stressed the significance of aligning cybersecurity initiatives with the overall strategic goals of the organization and fostering communication between C-suite executives and security professionals.Navigating the Complexities of Hardware Development and CybersecurityThe conversation also touched upon the complexities of hardware development and the unique challenges faced in securing chipboards and other hardware components. Crossley highlighted the nuances of cybersecurity in defending against a myriad of potential threats and underscored the need for robust verification processes in hardware security.Empowering Businesses with GRC Controls and Cybersecurity Best PracticesAs the discussion progressed, Crossley shared practical insights from her book on software supply chain security, emphasizing the essential GRC controls and cybersecurity best practices that organizations can implement to enhance their security posture. She highlighted the need for startups and companies to prioritize cybersecurity measures despite budget constraints.Concluding Thoughts and Looking Towards the FutureIn wrapping up the conversation, both speakers expressed optimism about the future of software supply chain security and the potential for innovation in AI-driven cybersecurity technologies. They encouraged businesses to prioritize cybersecurity education, resilience planning, and proactive risk management to stay ahead of emerging threats.The engaging discussion between Cassie Crossley and Sean Martin at RSA Conference 2024 provided valuable insights into the evolving landscape of software supply chain security and the key challenges facing cybersecurity professionals. As organizations navigate the complexities of the digital age, proactive cybersecurity measures and a strategic alignment with business objectives are essential for safeguarding critical assets and maintaining a strong security posture.Be sure to follow our Coverage Journey and subscribe to our podcasts!____________________________Follow our RSA Conference USA 2024 coverage: https://www.itspmagazine.com/rsa-conference-usa-2024-rsac-san-francisco-usa-cybersecurity-event-infosec-conference-coverageOn YouTube:

Exploring the Future of Software Supply Chain Security | An RSA Conference 2024 Conversation with Cassie Crossley | On Location Coverage with Sean Martin and Marco Ciappelli

Play Episode Listen Later May 12, 2024 22:14

Guest: Cassie Crossley, VP, Supply Chain Security, Schneider Electric [@SchneiderElec]On LinkedIn | https://www.linkedin.com/in/cassiecrossley/On Twitter | https://twitter.com/Cassie_CrossleyOn Mastodon | https://mastodon.social/@Cassie_Crossley____________________________Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesThis discussion shed light on various aspects of cybersecurity, technology, and the evolving role of IT professionals in addressing the challenges of the digital age.The conversation kicked off with Sean Martin providing a warm welcome to the audience as he introduced the topic of software supply chain security. Cassie Crossley shared insights from her extensive experience in cybersecurity at Schneider Electric, emphasizing the critical importance of safeguarding product security and supply chain integrity.Embracing Innovation and Resilience in CybersecurityThe discussion dive into the concept of resilience in cybersecurity and the need for proactive risk management strategies. Both speakers emphasized the importance of leveraging AI-driven decision-making processes to enhance efficiency and reduce false positives in security operations. They also highlighted the role of machine learning and behavior analytics in strengthening cybersecurity posture.Bridging the Gap between IT and Business ObjectivesCrossley and Martin discussed the evolving role of IT professionals in bridging the gap between technical cybersecurity measures and broader business objectives. They stressed the significance of aligning cybersecurity initiatives with the overall strategic goals of the organization and fostering communication between C-suite executives and security professionals.Navigating the Complexities of Hardware Development and CybersecurityThe conversation also touched upon the complexities of hardware development and the unique challenges faced in securing chipboards and other hardware components. Crossley highlighted the nuances of cybersecurity in defending against a myriad of potential threats and underscored the need for robust verification processes in hardware security.Empowering Businesses with GRC Controls and Cybersecurity Best PracticesAs the discussion progressed, Crossley shared practical insights from her book on software supply chain security, emphasizing the essential GRC controls and cybersecurity best practices that organizations can implement to enhance their security posture. She highlighted the need for startups and companies to prioritize cybersecurity measures despite budget constraints.Concluding Thoughts and Looking Towards the FutureIn wrapping up the conversation, both speakers expressed optimism about the future of software supply chain security and the potential for innovation in AI-driven cybersecurity technologies. They encouraged businesses to prioritize cybersecurity education, resilience planning, and proactive risk management to stay ahead of emerging threats.The engaging discussion between Cassie Crossley and Sean Martin at RSA Conference 2024 provided valuable insights into the evolving landscape of software supply chain security and the key challenges facing cybersecurity professionals. As organizations navigate the complexities of the digital age, proactive cybersecurity measures and a strategic alignment with business objectives are essential for safeguarding critical assets and maintaining a strong security posture.Be sure to follow our Coverage Journey and subscribe to our podcasts!____________________________Follow our RSA Conference USA 2024 coverage: https://www.itspmagazine.com/rsa-conference-usa-2024-rsac-san-francisco-usa-cybersecurity-event-infosec-conference-coverageOn YouTube:

Is there a Frankenstein's Industry Monster lurking in the shadow at RSAC 2024? | Cybersecurity Chronicles from Broadcast Alley with Christina Stokes | On Location Coverage with Sean Martin and Marco Ciappelli

Play Episode Listen Later May 8, 2024 35:20

Guest: Christina Stokes, Host, On Cyber & AI Podcast, Founder of Narito CybersecurityOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/christina-stokesOn LinkedIn | https://www.linkedin.com/in/xTinaStokes/____________________________Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesThe Evolution of CybersecurityThe dialogue initiated by Sean, Christina, and Marco shed light on how cybersecurity has matured over the years. From the early days of hacking as a hobby to the current focus on ethical practices, the panelists emphasized the importance of adapting to the changing technological landscape. They discussed how regulations, policies, and laws have played a crucial role in shaping the cybersecurity industry, emphasizing the need for responsible use of technology to prevent it from becoming a monster.AI and Its ImplicationsThe conversation also touched upon the growing role of Artificial Intelligence (AI) in cybersecurity. While AI has brought about advancements in threat detection and response, there are concerns about privacy and data protection. The panelists emphasized the importance of using AI ethically and responsibly to avoid potential risks associated with its misuse.Supply Chain VulnerabilitiesA significant portion of the discussion revolved around supply chain vulnerabilities and the interconnected nature of global industries. The experts highlighted the importance of understanding and securing supply chains, particularly in the context of operational technology and manufacturing processes. They stressed the need for resilience and innovation to address evolving cybersecurity threats.The Human Element in CybersecurityThroughout the conversation, the experts reiterated the significance of human connections and collaborations in the cybersecurity domain. They emphasized the need for organizations to invest in education, training, and building strong relationships within the industry to combat cyber threats effectively. The dialogue underscored the essential role of people in securing digital ecosystems and fostering a culture of cybersecurity awareness.Looking Towards the FutureAs the discussion came to a close, Sean, Christina, and Marco expressed optimism about the future of cybersecurity. They discussed upcoming trends such as Generative AI, AI Bill of Materials, and the continued focus on governance, data security, and AI ethics. The experts highlighted the importance of ongoing conversations, collaborations, and innovation in driving the industry forward.This insightful chat at RSAC 2024 offered valuable perspectives on the current challenges and opportunities in cybersecurity. The experts' nuanced discussions about AI, supply chain vulnerabilities, and human-centric cybersecurity shed light on the complex nature of the digital threat landscape. As we navigate the evolving cybersecurity landscape, collaboration, innovation, and a shared commitment to ethical practices will be key to ensuring a secure digital future.Be sure to follow our Coverage Journey and subscribe to our podcasts!____________________________Follow our RSA Conference USA 2024 coverage: https://www.itspmagazine.com/rsa-conference-usa-2024-rsac-san-francisco-usa-cybersecurity-event-infosec-conference-coverageOn YouTube:

Is there a Frankenstein's Industry Monster lurking in the shadow at RSAC 2024? | Cybersecurity Chronicles from Broadcast Alley with Christina Stokes | On Location Coverage with Sean Martin and Marco Ciappelli

Play Episode Listen Later May 8, 2024 35:20

Guest: Christina Stokes, Host, On Cyber & AI Podcast, Founder of Narito CybersecurityOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/christina-stokesOn LinkedIn | https://www.linkedin.com/in/xTinaStokes/____________________________Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesThe Evolution of CybersecurityThe dialogue initiated by Sean, Christina, and Marco shed light on how cybersecurity has matured over the years. From the early days of hacking as a hobby to the current focus on ethical practices, the panelists emphasized the importance of adapting to the changing technological landscape. They discussed how regulations, policies, and laws have played a crucial role in shaping the cybersecurity industry, emphasizing the need for responsible use of technology to prevent it from becoming a monster.AI and Its ImplicationsThe conversation also touched upon the growing role of Artificial Intelligence (AI) in cybersecurity. While AI has brought about advancements in threat detection and response, there are concerns about privacy and data protection. The panelists emphasized the importance of using AI ethically and responsibly to avoid potential risks associated with its misuse.Supply Chain VulnerabilitiesA significant portion of the discussion revolved around supply chain vulnerabilities and the interconnected nature of global industries. The experts highlighted the importance of understanding and securing supply chains, particularly in the context of operational technology and manufacturing processes. They stressed the need for resilience and innovation to address evolving cybersecurity threats.The Human Element in CybersecurityThroughout the conversation, the experts reiterated the significance of human connections and collaborations in the cybersecurity domain. They emphasized the need for organizations to invest in education, training, and building strong relationships within the industry to combat cyber threats effectively. The dialogue underscored the essential role of people in securing digital ecosystems and fostering a culture of cybersecurity awareness.Looking Towards the FutureAs the discussion came to a close, Sean, Christina, and Marco expressed optimism about the future of cybersecurity. They discussed upcoming trends such as Generative AI, AI Bill of Materials, and the continued focus on governance, data security, and AI ethics. The experts highlighted the importance of ongoing conversations, collaborations, and innovation in driving the industry forward.This insightful chat at RSAC 2024 offered valuable perspectives on the current challenges and opportunities in cybersecurity. The experts' nuanced discussions about AI, supply chain vulnerabilities, and human-centric cybersecurity shed light on the complex nature of the digital threat landscape. As we navigate the evolving cybersecurity landscape, collaboration, innovation, and a shared commitment to ethical practices will be key to ensuring a secure digital future.Be sure to follow our Coverage Journey and subscribe to our podcasts!____________________________Follow our RSA Conference USA 2024 coverage: https://www.itspmagazine.com/rsa-conference-usa-2024-rsac-san-francisco-usa-cybersecurity-event-infosec-conference-coverageOn YouTube:

The Role Behavioral Science In Understanding And Improving Cybersecurity Posture In A Technological Society | A Conversation with Jason Nurse | Redefining Society with Marco Ciappelli

Play Episode Listen Later Apr 8, 2024 33:15

Guest: ✨ Jason Nurse, Reader in Cyber Security, University of Kent, UK [@UniKent]On LinkedIn | https://www.linkedin.com/in/jasonrcnurseOn Twitter | https://twitter.com/jasonnurse____________________________Host: Marco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli_____________________________This Episode's SponsorsBlackCloak

Now You're in Role: The Fearless CISO | A Conversation With Jessica Robinson | A Deep Dive into RSA Conference 2024 | On Location Coverage with Sean Martin and Marco Ciappelli

Play Episode Listen Later Apr 2, 2024 23:26

Guests: Jessica Robinson, Executive Officer of PurePoint International [@PurIntl]On LinkedIn | https://www.linkedin.com/in/jessica-a-robinson-she-her-22740311/At RSAC | https://www.rsaconference.com/experts/jessica-robinson____________________________Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesThe RSA Conference 2024 is just around the corner, and our hosts Sean Martin and Marco Ciappelli are gearing up for an insightful and engaging on-location coverage of the event. In this second Chat On The Road to RSA Conference 2024 conversation with cybersecurity expert Jessica Robinson, we got a sneak peek into what to expect from this year's talk she will give during the event.Now You're in Role: The Fearless CISOAs a follow up to the talk last year at RSAC, attendees will learn the top three skills for success for any first time CISOs to advance and grow their cybersecurity program. This talk will be a discussion on what is most important as we start to really think about what is required for success in the CISO role as it directly relates to the success of the cybersecurity program.The stage is set for an enriching dialogue on the nuances of the CISO role, cybersecurity programs, and the evolving landscape of cyber threats. Jessica Robinson, with her wealth of experience and fearless approach to cybersecurity leadership, promises to dive deep into the art of making possibilities a reality in the realm of cybersecurity.Embracing Fear to Unlock PotentialOne of the key themes that emerged from the conversation was the idea of embracing fear to unlock untapped potential. Jessica emphasized the importance of facing challenges head-on, advocating for cybersecurity programs, and pushing boundaries to drive meaningful change within organizations. By transforming fear into a catalyst for growth and innovation, CISOs can navigate the complex cybersecurity landscape with confidence and resilience.The Art of Possibility in CybersecurityThe theme of this year's RSA Conference, "The Art of Possible," resonates deeply with Jessica's approach to cybersecurity leadership. By infusing creativity, strategic thinking, and a proactive mindset into their roles, CISOs can redefine what is achievable in the realm of cybersecurity. The session with Jessica promises to offer valuable insights on how to leverage the art of possibility to advance cybersecurity programs and drive success in an ever-evolving threat landscape.Joining the ConversationAs Sean Martin and Marco Ciappelli gear up for the RSA Conference 2024, they invite cybersecurity enthusiasts, industry experts, and professionals to join them on this enriching journey. The on-location coverage promises to capture the pulse of the conference, featuring engaging conversations, expert insights, and thought-provoking discussions on the future of cybersecurity.With Jessica Robinson's fearless approach to cybersecurity leadership and the insightful conversations lined up for the RSA Conference 2024, this year's event is set to be a landmark gathering for cybersecurity professionals. Stay tuned for more updates, interviews, and coverage as Sean Martin and Marco Ciappelli bring you the latest insights from the forefront of cybersecurity innovation.RSA Conference 2024 promises to be a platform where possibilities converge with reality, fear transforms into opportunity, and cybersecurity leaders pave the way for a secure digital future. Join us on this exciting journey as we explore the art of possibility in cybersecurity with Sean Martin, Marco Ciappelli, and a host of industry experts at RSA Conference 2024.Be sure to follow our Coverage Journey and subscribe to our podcasts!____________________________Follow our RSA Conference USA 2024 coverage: https://www.itspmagazine.com/rsa-conference-usa-2024-rsac-san-francisco-usa-cybersecurity-event-infosec-conference-coverageOn YouTube:

Now You're in Role: The Fearless CISO | A Conversation With Jessica Robinson | A Deep Dive into RSA Conference 2024 | On Location Coverage with Sean Martin and Marco Ciappelli

Play Episode Listen Later Apr 2, 2024 23:26

Guests: Jessica Robinson, Executive Officer of PurePoint International [@PurIntl]On LinkedIn | https://www.linkedin.com/in/jessica-a-robinson-she-her-22740311/At RSAC | https://www.rsaconference.com/experts/jessica-robinson____________________________Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesThe RSA Conference 2024 is just around the corner, and our hosts Sean Martin and Marco Ciappelli are gearing up for an insightful and engaging on-location coverage of the event. In this second Chat On The Road to RSA Conference 2024 conversation with cybersecurity expert Jessica Robinson, we got a sneak peek into what to expect from this year's talk she will give during the event.Now You're in Role: The Fearless CISOAs a follow up to the talk last year at RSAC, attendees will learn the top three skills for success for any first time CISOs to advance and grow their cybersecurity program. This talk will be a discussion on what is most important as we start to really think about what is required for success in the CISO role as it directly relates to the success of the cybersecurity program.The stage is set for an enriching dialogue on the nuances of the CISO role, cybersecurity programs, and the evolving landscape of cyber threats. Jessica Robinson, with her wealth of experience and fearless approach to cybersecurity leadership, promises to dive deep into the art of making possibilities a reality in the realm of cybersecurity.Embracing Fear to Unlock PotentialOne of the key themes that emerged from the conversation was the idea of embracing fear to unlock untapped potential. Jessica emphasized the importance of facing challenges head-on, advocating for cybersecurity programs, and pushing boundaries to drive meaningful change within organizations. By transforming fear into a catalyst for growth and innovation, CISOs can navigate the complex cybersecurity landscape with confidence and resilience.The Art of Possibility in CybersecurityThe theme of this year's RSA Conference, "The Art of Possible," resonates deeply with Jessica's approach to cybersecurity leadership. By infusing creativity, strategic thinking, and a proactive mindset into their roles, CISOs can redefine what is achievable in the realm of cybersecurity. The session with Jessica promises to offer valuable insights on how to leverage the art of possibility to advance cybersecurity programs and drive success in an ever-evolving threat landscape.Joining the ConversationAs Sean Martin and Marco Ciappelli gear up for the RSA Conference 2024, they invite cybersecurity enthusiasts, industry experts, and professionals to join them on this enriching journey. The on-location coverage promises to capture the pulse of the conference, featuring engaging conversations, expert insights, and thought-provoking discussions on the future of cybersecurity.With Jessica Robinson's fearless approach to cybersecurity leadership and the insightful conversations lined up for the RSA Conference 2024, this year's event is set to be a landmark gathering for cybersecurity professionals. Stay tuned for more updates, interviews, and coverage as Sean Martin and Marco Ciappelli bring you the latest insights from the forefront of cybersecurity innovation.RSA Conference 2024 promises to be a platform where possibilities converge with reality, fear transforms into opportunity, and cybersecurity leaders pave the way for a secure digital future. Join us on this exciting journey as we explore the art of possibility in cybersecurity with Sean Martin, Marco Ciappelli, and a host of industry experts at RSA Conference 2024.Be sure to follow our Coverage Journey and subscribe to our podcasts!____________________________Follow our RSA Conference USA 2024 coverage: https://www.itspmagazine.com/rsa-conference-usa-2024-rsac-san-francisco-usa-cybersecurity-event-infosec-conference-coverageOn YouTube:

Why Personal Cybersecurity Is Critical For Protecting Your Family Office

Colloquium

Play Episode Listen Later Mar 26, 2024 33:37

How can high-net-worth individuals protect their digital lives from increasingly sophisticated cyber threats? In this episode, Chris Pierson, a renowned cybersecurity expert, discusses the dynamic and fast-evolving nature of cyber threats, especially against high-net-worth individuals and family offices. They delve into the complexities of digital executive protection, the nuances of cyber risks for corporations versus individuals, and practical steps for enhancing cybersecurity. The conversation illuminates the multi-faceted approach required to safeguard digital assets, highlighting the importance of active defense and the necessity of adapting to the ever-changing cyber landscape.[00:01 - 07:10] The Ever-Changing Cyber Threat LandscapeThe rapid evolution of cyber threats and their impact on families and corporationsThe sophistication of cybercriminals and nation-state actorsThe personal experience of cyber threats by high-profile individuals[07:11 - 14:35] Cybersecurity Dichotomy: Professional vs. PersonalThe disparity between cybersecurity measures in family offices and personal livesThe concept of being a constant target regardless of one's role or positionThe importance of a holistic approach to cybersecurity across all facets of life[14:36 - 21:33] Practical Cyber Defense StrategiesEmphasis on active defense and practical steps to improve cybersecurityThe critical role of education in combating cyber threatsRecommendations for implementing robust cybersecurity measures in daily life[21:34 - 26:32] Balancing Convenience and SecurityThe challenge of reducing friction while maintaining high-security standardsPersonal anecdotes and examples of effective cybersecurity practicesThe relationship between user experience and cybersecurity effectiveness[26:33 - 33:37] Emerging Cybersecurity Trends and Personal InsightsDiscussion on new and not widely reported cybersecurity threatsPersonal routines and practices that contribute to peace of mind in a digital worldThe significance of staying ahead of cyber threats through proactive measuresKey Notes:"Once something is stolen digitally, it's gone forever. That's why protection is so important." - Chris Pierson"The goal is to try to get the individual to move as far as they can into a better place from a cybersecurity and privacy perspective." - Chris PiersonConnect with Chris!Website:https://blackcloak.io/ LinkedIn:https://www.linkedin.com/in/drchristopherpierson/ This episode is sponsored by Mack International, a specialized executive search and human capital consulting firm serving the family office/wealth management markets. Please visit their website here for more information.Connect with me:https://www.linkedin.com/in/brian-c-adams/ (LinkedIn)LIKE, SUBSCRIBE, AND LEAVE US A REVIEW on Apple Podcasts, Spotify, Google Podcasts, or whatever platform you listen on. Thank you for tuning in and Stay Tuned for the Next Episode COMING SOON!Hosted on Acast. See acast.com/privacy for more information. Hosted on Acast. See acast.com/privacy for more information.

spotify personal acast google podcasts cybersecurity family office protecting your family securitythe chris pierson cybersecuritythe

Tipisodes: 7 Steps To Better Cybersecurity

Play Episode Listen Later Mar 24, 2024 7:20

Podcast: Process Safety with Trish & Traci (LS 29 · TOP 10% what is this?)Episode: Tipisodes: 7 Steps To Better CybersecurityPub date: 2024-03-19In this episode, we offer 7 steps for better cybersecurity. If you are a process control engineer, an IT professional in a company with an automation division, or a business manager responsible for safety or security, you may be wondering how your organization can get moving on more robust cybersecurity practices. View the transcript for links to all the materials mentioned in this podcast. https://www.chemicalprocessing.com/process-safety-w-trish-traci/article/33038811/tipisodes-7-steps-to-better-cybersecurityThe podcast and artwork embedded on this page are from chemicalprocessingsafety, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

cybersecurity 7steps listen notes 19in cybersecuritythe

Tipisodes: 7 Steps To Better Cybersecurity

Play Episode Listen Later Mar 24, 2024 7:20

Podcast: Process Safety with Trish & Traci (LS 28 · TOP 10% what is this?)Episode: Tipisodes: 7 Steps To Better CybersecurityPub date: 2024-03-19In this episode, we offer 7 steps for better cybersecurity. If you are a process control engineer, an IT professional in a company with an automation division, or a business manager responsible for safety or security, you may be wondering how your organization can get moving on more robust cybersecurity practices. View the transcript for links to all the materials mentioned in this podcast. https://www.chemicalprocessing.com/process-safety-w-trish-traci/article/33038811/tipisodes-7-steps-to-better-cybersecurityThe podcast and artwork embedded on this page are from chemicalprocessingsafety, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

cybersecurity 7steps listen notes 19in cybersecuritythe

107: Keeping the Lights On: Carlos's Roadmap to Becoming an Energy Cybersecurity Pro

Play Episode Listen Later Feb 12, 2024 41:36

Podcast: (CS)²AI Podcast Show: Control System Cyber SecurityEpisode: 107: Keeping the Lights On: Carlos's Roadmap to Becoming an Energy Cybersecurity ProPub date: 2024-02-06We are thrilled to welcome Juan Carlos Buenano as our distinguished guest for today's episode of the CS2AI podcast! Carlos is the Chief Technology Officer for OT at Armis. He is a born technologist and an engineer by training. Beyond his professional endeavors, he embraces a life filled with adventure, enjoying many outdoor activities, including scuba diving, mountain biking, and exploring the scenic expanses of unspoiled nature. Carlos was born in Venezuela and grew up in a small town outside Caracas. After graduating as an electronic engineer in Venezuela, he traveled to Australia to learn English, fell in love with the country, the lifestyle, and the nature, and has lived there for the last 23 years.Carlos brings a unique perspective to today's show, shaped by his professional and personal experiences. Join us for an engaging discussion as he shares his wealth of experiences and insights and explains how he serves his community.Show Highlights:Carlos shares his journey to becoming an engineer in the energy industryHow his interest in control systems beganCarlos recounts his early cybersecurity experiences in industrial systems during the early 2000sThe importance of keeping operating systems up to date to prevent vulnerabilities and ensure reliabilityWhy it is essential to understand how technology works in both physical security and cybersecurityCarlos discusses the challenges of integrating cybersecurity into process control systemsCarlos offers advice for engineers who want to get into cybersecurityThe importance of mentorship and learning from others in their industryCarlos discusses the weekly open mic Ask Me Anything sessions he does at workLinks and resources:(CS)²AI Derek Harp on LinkedInCarlos Buenano on LinkedInArmisThe podcast and artwork embedded on this page are from Derek Harp, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

australia english energy lights venezuela cybersecurity ot roadmap ask me anything chief technology officer caracas listen notes industryhow cybersecuritythe

107: Keeping the Lights On: Carlos's Roadmap to Becoming an Energy Cybersecurity Pro

Control System Cyber Security Association International: (CS)²AI

Play Episode Listen Later Feb 12, 2024 41:36

Podcast: (CS)²AI Podcast Show: Control System Cyber SecurityEpisode: 107: Keeping the Lights On: Carlos's Roadmap to Becoming an Energy Cybersecurity ProPub date: 2024-02-06We are thrilled to welcome Juan Carlos Buenano as our distinguished guest for today's episode of the CS2AI podcast! Carlos is the Chief Technology Officer for OT at Armis. He is a born technologist and an engineer by training. Beyond his professional endeavors, he embraces a life filled with adventure, enjoying many outdoor activities, including scuba diving, mountain biking, and exploring the scenic expanses of unspoiled nature. Carlos was born in Venezuela and grew up in a small town outside Caracas. After graduating as an electronic engineer in Venezuela, he traveled to Australia to learn English, fell in love with the country, the lifestyle, and the nature, and has lived there for the last 23 years.Carlos brings a unique perspective to today's show, shaped by his professional and personal experiences. Join us for an engaging discussion as he shares his wealth of experiences and insights and explains how he serves his community.Show Highlights:Carlos shares his journey to becoming an engineer in the energy industryHow his interest in control systems beganCarlos recounts his early cybersecurity experiences in industrial systems during the early 2000sThe importance of keeping operating systems up to date to prevent vulnerabilities and ensure reliabilityWhy it is essential to understand how technology works in both physical security and cybersecurityCarlos discusses the challenges of integrating cybersecurity into process control systemsCarlos offers advice for engineers who want to get into cybersecurityThe importance of mentorship and learning from others in their industryCarlos discusses the weekly open mic Ask Me Anything sessions he does at workLinks and resources:(CS)²AI Derek Harp on LinkedInCarlos Buenano on LinkedInArmisThe podcast and artwork embedded on this page are from Derek Harp, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

australia english energy lights venezuela cybersecurity ot roadmap ask me anything chief technology officer caracas listen notes industryhow cybersecuritythe

107: Keeping the Lights On: Carlos's Roadmap to Becoming an Energy Cybersecurity Pro

Play Episode Listen Later Feb 6, 2024 41:36

We are thrilled to welcome Juan Carlos Buenano as our distinguished guest for today's episode of the CS2AI podcast! Carlos is the Chief Technology Officer for OT at Armis. He is a born technologist and an engineer by training. Beyond his professional endeavors, he embraces a life filled with adventure, enjoying many outdoor activities, including scuba diving, mountain biking, and exploring the scenic expanses of unspoiled nature. Carlos was born in Venezuela and grew up in a small town outside Caracas. After graduating as an electronic engineer in Venezuela, he traveled to Australia to learn English, fell in love with the country, the lifestyle, and the nature, and has lived there for the last 23 years.Carlos brings a unique perspective to today's show, shaped by his professional and personal experiences. Join us for an engaging discussion as he shares his wealth of experiences and insights and explains how he serves his community.Show Highlights:Carlos shares his journey to becoming an engineer in the energy industryHow his interest in control systems beganCarlos recounts his early cybersecurity experiences in industrial systems during the early 2000sThe importance of keeping operating systems up to date to prevent vulnerabilities and ensure reliabilityWhy it is essential to understand how technology works in both physical security and cybersecurityCarlos discusses the challenges of integrating cybersecurity into process control systemsCarlos offers advice for engineers who want to get into cybersecurityThe importance of mentorship and learning from others in their industryCarlos discusses the weekly open mic Ask Me Anything sessions he does at workLinks and resources:(CS)²AI Derek Harp on LinkedInCarlos Buenano on LinkedInArmis

australia english energy lights venezuela cybersecurity ot roadmap ask me anything chief technology officer caracas industryhow cybersecuritythe

106: Top Gun Meets the Cloud: Ken's Guide to Keeping Your Airplanes (and Data) Safe

Play Episode Listen Later Feb 2, 2024 42:08

Podcast: (CS)²AI Podcast Show: Control System Cyber SecurityEpisode: 106: Top Gun Meets the Cloud: Ken's Guide to Keeping Your Airplanes (and Data) SafePub date: 2024-02-01We are delighted to have Ken Munro joining us from the UK today! Ken is a Partner and Co-founder of Pen Test Partners. He is a seasoned technologist, the founder of multiple ventures, a pilot, a skier, and a dynamic and adventurous contributor to our community. Ken brings a wealth of experience and expertise that promises to enrich our understanding of the evolving landscape in cybersecurity. In today's discussion, we dive into his remarkable career journey and explore his perspective on OT and ICS-related cybersecurity.Join us for this informative session with Ken as he shares his valuable perspectives.Show Highlights:Ken discusses his cybersecurity industry journeyHow Ken's past Air Force experience relates to his current work in cybersecurityThe benefits of telling a story when communicating complex conceptsKen shares a story to highlight the importance of safety and security within the aviation industryKen talks about the unique systems on board planes and their vulnerabilitiesHow the isolated protocols used in older aircraft systems are more robust and stable than the modern systemsHow even simple display systems can cause airport outagesKen shares his concerns about cybersecurity risks within cloud management platforms for industrial control systemsHow including contractual language for liability in procurement contracts can protect organizations against cybersecurity risksKen shares his thoughts on the future of the cybersecurity industryLinks and resources:(CS)²AI Derek Harp on LinkedInKen Munro on LinkedInPen TestPartnersThe podcast and artwork embedded on this page are from Derek Harp, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

uk guide data partner guns safe cloud air force ot top gun airplanes ics listen notes systemshow ken munro pen test partners cybersecuritythe

106: Top Gun Meets the Cloud: Ken's Guide to Keeping Your Airplanes (and Data) Safe

Control System Cyber Security Association International: (CS)²AI

Play Episode Listen Later Feb 2, 2024 42:08

Podcast: (CS)²AI Podcast Show: Control System Cyber SecurityEpisode: 106: Top Gun Meets the Cloud: Ken's Guide to Keeping Your Airplanes (and Data) SafePub date: 2024-02-01We are delighted to have Ken Munro joining us from the UK today! Ken is a Partner and Co-founder of Pen Test Partners. He is a seasoned technologist, the founder of multiple ventures, a pilot, a skier, and a dynamic and adventurous contributor to our community. Ken brings a wealth of experience and expertise that promises to enrich our understanding of the evolving landscape in cybersecurity. In today's discussion, we dive into his remarkable career journey and explore his perspective on OT and ICS-related cybersecurity.Join us for this informative session with Ken as he shares his valuable perspectives.Show Highlights:Ken discusses his cybersecurity industry journeyHow Ken's past Air Force experience relates to his current work in cybersecurityThe benefits of telling a story when communicating complex conceptsKen shares a story to highlight the importance of safety and security within the aviation industryKen talks about the unique systems on board planes and their vulnerabilitiesHow the isolated protocols used in older aircraft systems are more robust and stable than the modern systemsHow even simple display systems can cause airport outagesKen shares his concerns about cybersecurity risks within cloud management platforms for industrial control systemsHow including contractual language for liability in procurement contracts can protect organizations against cybersecurity risksKen shares his thoughts on the future of the cybersecurity industryLinks and resources:(CS)²AI Derek Harp on LinkedInKen Munro on LinkedInPen TestPartnersThe podcast and artwork embedded on this page are from Derek Harp, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

uk guide data partner guns safe cloud air force ot top gun airplanes ics listen notes systemshow ken munro pen test partners cybersecuritythe

106: Top Gun Meets the Cloud: Ken's Guide to Keeping Your Airplanes (and Data) Safe

Play Episode Listen Later Feb 1, 2024 42:08

We are delighted to have Ken Munro joining us from the UK today! Ken is a Partner and Co-founder of Pen Test Partners. He is a seasoned technologist, the founder of multiple ventures, a pilot, a skier, and a dynamic and adventurous contributor to our community. Ken brings a wealth of experience and expertise that promises to enrich our understanding of the evolving landscape in cybersecurity. In today's discussion, we dive into his remarkable career journey and explore his perspective on OT and ICS-related cybersecurity.Join us for this informative session with Ken as he shares his valuable perspectives.Show Highlights:Ken discusses his cybersecurity industry journeyHow Ken's past Air Force experience relates to his current work in cybersecurityThe benefits of telling a story when communicating complex conceptsKen shares a story to highlight the importance of safety and security within the aviation industryKen talks about the unique systems on board planes and their vulnerabilitiesHow the isolated protocols used in older aircraft systems are more robust and stable than the modern systemsHow even simple display systems can cause airport outagesKen shares his concerns about cybersecurity risks within cloud management platforms for industrial control systemsHow including contractual language for liability in procurement contracts can protect organizations against cybersecurity risksKen shares his thoughts on the future of the cybersecurity industryLinks and resources:(CS)²AI Derek Harp on LinkedInKen Munro on LinkedInPen TestPartners

uk guide data partner guns safe cloud air force ot top gun airplanes ics systemshow ken munro pen test partners cybersecuritythe

A Literary Approach: The Novel Intersection of Fiction and Cybersecurity Storytelling | A Conversation with D. Greg Scott | Redefining CyberSecurity Podcast with Sean Martin

Play Episode Listen Later Jan 21, 2024 45:52

Guest: D. Greg Scott, Principal Technical Account Manager at Red Hat [@RedHat]On Linkedin | https://www.linkedin.com/in/dgregscott/On Twitter | https://twitter.com/DGregScottWebsite | https://www.dgregscott.com/____________________________Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martin____________________________This Episode's SponsorsImperva | https://itspm.ag/imperva277117988Pentera | https://itspm.ag/penteri67a___________________________Episode NotesOn this episode of 'Redefining CyberSecurity,' our host, Sean Martin, engages in an enlightening conversation with IT veteran and author, D. Greg Scott. Greg provides valuable insights from his journey in technology and cybersecurity, revealing how the seemingly innocuous act of not updating systems can lead to substantial financial damage. Using engaging stories that mirror real-world incidents, Greg delves into his novels 'Bullseye Breach' and 'Virus Bomb,' underlining the educational potential of the fiction genre in cybersecurity.Together, they explore how these narratives can play a pivotal role in transforming perspectives about IT and cyber preparedness, emphasizing the urgent transition of viewing IT not only as an expense but a crucial business asset. The profound human and financial costs of failing to prioritize cybersecurity are brought to the fore, serving as a wake-up call for awareness and action. Greg also gives a sneak peek into his upcoming novel 'Trafficking You', yet another compelling narrative marrying the realms of technology and reader-engaging fiction.Tune in for a unique blend of thrilling storytelling and critical cybersecurity learnings.Key Insights:The importance of updating and patching systems in cybersecurityThe role of storytelling in effectively conveying cybersecurity concepts and threatsThe real-world consequences of cybersecurity breaches, including the potential for loss of life___________________________Watch this and other videos on ITSPmagazine's YouTube ChannelRedefining CyberSecurity Podcast with Sean Martin, CISSP playlist:

conversations technology co founders storytelling fiction cybersecurity redefining intersection literary cissp sean martin greg scott cybersecurity podcast cybersecuritythe

A Literary Approach: The Novel Intersection of Fiction and Cybersecurity Storytelling | A Conversation with D. Greg Scott | Redefining CyberSecurity Podcast with Sean Martin

Play Episode Listen Later Jan 21, 2024 45:52

Guest: D. Greg Scott, Principal Technical Account Manager at Red Hat [@RedHat]On Linkedin | https://www.linkedin.com/in/dgregscott/On Twitter | https://twitter.com/DGregScottWebsite | https://www.dgregscott.com/____________________________Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martin____________________________This Episode's SponsorsImperva | https://itspm.ag/imperva277117988Devo | https://itspm.ag/itspdvweb___________________________Episode NotesOn this episode of 'Redefining CyberSecurity,' our host, Sean Martin, engages in an enlightening conversation with IT veteran and author, D. Greg Scott. Greg provides valuable insights from his journey in technology and cybersecurity, revealing how the seemingly innocuous act of not updating systems can lead to substantial financial damage. Using engaging stories that mirror real-world incidents, Greg delves into his novels 'Bullseye Breach' and 'Virus Bomb,' underlining the educational potential of the fiction genre in cybersecurity.Together, they explore how these narratives can play a pivotal role in transforming perspectives about IT and cyber preparedness, emphasizing the urgent transition of viewing IT not only as an expense but a crucial business asset. The profound human and financial costs of failing to prioritize cybersecurity are brought to the fore, serving as a wake-up call for awareness and action. Greg also gives a sneak peek into his upcoming novel 'Trafficking You', yet another compelling narrative marrying the realms of technology and reader-engaging fiction.Tune in for a unique blend of thrilling storytelling and critical cybersecurity learnings.Key Insights:The importance of updating and patching systems in cybersecurityThe role of storytelling in effectively conveying cybersecurity concepts and threatsThe real-world consequences of cybersecurity breaches, including the potential for loss of life___________________________Watch this and other videos on ITSPmagazine's YouTube ChannelRedefining CyberSecurity Podcast with Sean Martin, CISSP playlist:

conversations technology co founders storytelling fiction cybersecurity redefining intersection literary cissp sean martin greg scott cybersecurity podcast cybersecuritythe

Dan Gunter: Lessons Learned from Real-World Attack on Ukraine's Critical Infrastructure

Play Episode Listen Later Dec 19, 2023 58:28

Podcast: The PrOTect OT Cybersecurity Podcast (LS 31 · TOP 5% what is this?)Episode: Dan Gunter: Lessons Learned from Real-World Attack on Ukraine's Critical InfrastructurePub date: 2023-12-14About Dan Gunter: Dan Gunter, founder and CEO of Insane Forensics, is a seasoned cybersecurity professional renowned for his extensive expertise in the field. With a background as an officer in the United States Air Force, specifically with the Air Force Computer Emergency Response Team (AFCERT) and operational CYBERCOM teams, Dan has a wealth of experience in protecting critical infrastructure sites. His leadership extends to the private sector, where he served as the Director of Research and Development for Dragos Inc. before founding Insane Forensics. As a prominent speaker at major cybersecurity events, including Black Hat and ShmooCon, Dan shares his insights on incident response, threat hunting, consequence analysis, and security operations. Under his guidance, Insane Forensics provides a cutting-edge cybersecurity automation platform and services, catering to the unique challenges faced by industrial sites with limited cybersecurity resources.In this episode, Aaron and Dan Gunter discuss:Addressing the growing threat of cyber attacks on critical infrastructure, reflecting on Mandiant's report on attacks in UkraineNavigating the complexities, resource limitations, and timely application of threat intelligenceRethinking industrial cybersecurityThe intersection of cybersecurity, AI, and OTKey Takeaways:In the face of escalating cyber threats to critical infrastructure, exemplified by recent attacks like the Ukraine power grid incident, it is evident that a passive approach alone is insufficient; as attackers grow more sophisticated, understanding and actively monitoring both network and host activities become imperative for effective defense strategies.The evolving landscape of OT cybersecurity demands a nuanced approach, addressing the historical lack of understanding, resource constraints, and the critical need for timely threat intelligence application, highlighting the urgency for industry-wide collaboration and the integration of advanced technologies like AI.To navigate the integration of AI and ML in industrial settings, overcoming fear and resistance is key. Scaling incident response, fostering collaboration, and embracing proactive and reactive measures are essential for building a resilient security foundation in critical infrastructure.In the next 5 to 10 years, the increasing scale and sophistication of cyber attacks, especially in critical infrastructure, pose a significant concern, requiring a holistic approach that combines people, processes, and technology to address evolving threats and vulnerabilities, emphasizing the need for proactive design considerations in new environments and fostering collaborative efforts to share knowledge and solutions. "I worry about how we keep up. We're not going to do it by people alone. We won't do it by process or technology alone. It's going to be all three. It's going to be just us being smart about it and being open to the future." — Dan Gunter Connect with Dan Gunter: Website: https://insaneforensics.com/ Email: dan@insaneforensics.comYouTube: https://www.youtube.com/channel/UCSBx8on8ffSm00kqUcTrRPALinkedIn: https://www.linkedin.com/in/dan-gunter/Twitter: https://twitter.com/insaneforensicsConnect with Aaron:LinkedIn: https://www.linkedin.com/in/aaronccrowLearn more about Industrial Defender:Website: https://www.industrialdefender.com/podcast LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/Twitter: https://twitter.com/iDefend_ICSYouTube: https://www.youtube.com/@industrialdefender7120Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it. The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

ceo director ai research ukraine development attack addressing lessons learned scaling ot real world ml united states air force black hat listen notes critical infrastructure mandiant turnkey podcast productions shmoocon cybercom cybersecuritythe dragos inc dan gunter

Dan Gunter: Lessons Learned from Real-World Attack on Ukraine's Critical Infrastructure

The PrOTect OT Cybersecurity Podcast

Play Episode Listen Later Dec 19, 2023 58:28

Podcast: The PrOTect OT Cybersecurity Podcast (LS 29 · TOP 10% what is this?)Episode: Dan Gunter: Lessons Learned from Real-World Attack on Ukraine's Critical InfrastructurePub date: 2023-12-14About Dan Gunter: Dan Gunter, founder and CEO of Insane Forensics, is a seasoned cybersecurity professional renowned for his extensive expertise in the field. With a background as an officer in the United States Air Force, specifically with the Air Force Computer Emergency Response Team (AFCERT) and operational CYBERCOM teams, Dan has a wealth of experience in protecting critical infrastructure sites. His leadership extends to the private sector, where he served as the Director of Research and Development for Dragos Inc. before founding Insane Forensics. As a prominent speaker at major cybersecurity events, including Black Hat and ShmooCon, Dan shares his insights on incident response, threat hunting, consequence analysis, and security operations. Under his guidance, Insane Forensics provides a cutting-edge cybersecurity automation platform and services, catering to the unique challenges faced by industrial sites with limited cybersecurity resources.In this episode, Aaron and Dan Gunter discuss:Addressing the growing threat of cyber attacks on critical infrastructure, reflecting on Mandiant's report on attacks in UkraineNavigating the complexities, resource limitations, and timely application of threat intelligenceRethinking industrial cybersecurityThe intersection of cybersecurity, AI, and OTKey Takeaways:In the face of escalating cyber threats to critical infrastructure, exemplified by recent attacks like the Ukraine power grid incident, it is evident that a passive approach alone is insufficient; as attackers grow more sophisticated, understanding and actively monitoring both network and host activities become imperative for effective defense strategies.The evolving landscape of OT cybersecurity demands a nuanced approach, addressing the historical lack of understanding, resource constraints, and the critical need for timely threat intelligence application, highlighting the urgency for industry-wide collaboration and the integration of advanced technologies like AI.To navigate the integration of AI and ML in industrial settings, overcoming fear and resistance is key. Scaling incident response, fostering collaboration, and embracing proactive and reactive measures are essential for building a resilient security foundation in critical infrastructure.In the next 5 to 10 years, the increasing scale and sophistication of cyber attacks, especially in critical infrastructure, pose a significant concern, requiring a holistic approach that combines people, processes, and technology to address evolving threats and vulnerabilities, emphasizing the need for proactive design considerations in new environments and fostering collaborative efforts to share knowledge and solutions. "I worry about how we keep up. We're not going to do it by people alone. We won't do it by process or technology alone. It's going to be all three. It's going to be just us being smart about it and being open to the future." — Dan Gunter Connect with Dan Gunter: Website: https://insaneforensics.com/ Email: dan@insaneforensics.comYouTube: https://www.youtube.com/channel/UCSBx8on8ffSm00kqUcTrRPALinkedIn: https://www.linkedin.com/in/dan-gunter/Twitter: https://twitter.com/insaneforensicsConnect with Aaron:LinkedIn: https://www.linkedin.com/in/aaronccrowLearn more about Industrial Defender:Website: https://www.industrialdefender.com/podcast LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/Twitter: https://twitter.com/iDefend_ICSYouTube: https://www.youtube.com/@industrialdefender7120Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it. The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

ceo director ai research ukraine development attack addressing lessons learned scaling ot real world ml united states air force black hat listen notes critical infrastructure mandiant turnkey podcast productions shmoocon cybercom cybersecuritythe dragos inc dan gunter

Newsday: End of Year: A Look Back at the News Stories of 2023

Today in Health IT

Play Episode Listen Later Dec 18, 2023 42:17 Transcription Available

December 18, 2023: Laura O'Toole (CEO, SureTest), Drex DeFord (Executive Healthcare Strategist, CrowdStrike), and David Ting (CTO and Founder, Tausight) join Bill for the news. Covering highlights from 2023, the guests share their insights and pose vital questions: Will the continued attacks impact healthcare's reputation and patient trust? How about the increased legal actions against breached systems – will they finally stimulate change? Moving on, they also delve into unexpected shifts in the EHR landscape and what's next for the main players. Moreover, they discuss distressing financial challenges for healthcare providers and the impact on cybersecurity investments. Lastly, has 2023 become the 'year of AI' within healthcare, and what does it mean for the industry?Key Points:Cybersecurity ThreatsEHR Market MovementsIncreasing Role of AIEffective Risk ManagementNews articles:Open AI: The Real Story Behind the Wild Four Days Between Sam Altman's Firing and ReturnWhy Sam Altman's removal—and reinstatement—as OpenAI CEO actually mattersHow many hospital CIOs still own innovation, data analytics, cybersecurityThe vanishing chief digital officerThis Week Health SubscribeThis Week Health TwitterThis Week Health Linkedin

founders ai moving covering firing end of year cios crowdstrike news stories newsday ehr mattershow openai ceo cybersecuritythe

Dan Gunter: Lessons Learned from Real-World Attack on Ukraine's Critical Infrastructure

Play Episode Listen Later Dec 14, 2023 58:28

About Dan Gunter: Dan Gunter, founder and CEO of Insane Forensics, is a seasoned cybersecurity professional renowned for his extensive expertise in the field. With a background as an officer in the United States Air Force, specifically with the Air Force Computer Emergency Response Team (AFCERT) and operational CYBERCOM teams, Dan has a wealth of experience in protecting critical infrastructure sites. His leadership extends to the private sector, where he served as the Director of Research and Development for Dragos Inc. before founding Insane Forensics. As a prominent speaker at major cybersecurity events, including Black Hat and ShmooCon, Dan shares his insights on incident response, threat hunting, consequence analysis, and security operations. Under his guidance, Insane Forensics provides a cutting-edge cybersecurity automation platform and services, catering to the unique challenges faced by industrial sites with limited cybersecurity resources.In this episode, Aaron and Dan Gunter discuss:Addressing the growing threat of cyber attacks on critical infrastructure, reflecting on Mandiant's report on attacks in UkraineNavigating the complexities, resource limitations, and timely application of threat intelligenceRethinking industrial cybersecurityThe intersection of cybersecurity, AI, and OTKey Takeaways:In the face of escalating cyber threats to critical infrastructure, exemplified by recent attacks like the Ukraine power grid incident, it is evident that a passive approach alone is insufficient; as attackers grow more sophisticated, understanding and actively monitoring both network and host activities become imperative for effective defense strategies.The evolving landscape of OT cybersecurity demands a nuanced approach, addressing the historical lack of understanding, resource constraints, and the critical need for timely threat intelligence application, highlighting the urgency for industry-wide collaboration and the integration of advanced technologies like AI.To navigate the integration of AI and ML in industrial settings, overcoming fear and resistance is key. Scaling incident response, fostering collaboration, and embracing proactive and reactive measures are essential for building a resilient security foundation in critical infrastructure.In the next 5 to 10 years, the increasing scale and sophistication of cyber attacks, especially in critical infrastructure, pose a significant concern, requiring a holistic approach that combines people, processes, and technology to address evolving threats and vulnerabilities, emphasizing the need for proactive design considerations in new environments and fostering collaborative efforts to share knowledge and solutions. "I worry about how we keep up. We're not going to do it by people alone. We won't do it by process or technology alone. It's going to be all three. It's going to be just us being smart about it and being open to the future." — Dan Gunter Connect with Dan Gunter: Website: https://insaneforensics.com/ Email: dan@insaneforensics.comYouTube: https://www.youtube.com/channel/UCSBx8on8ffSm00kqUcTrRPALinkedIn: https://www.linkedin.com/in/dan-gunter/Twitter: https://twitter.com/insaneforensicsConnect with Aaron:LinkedIn: https://www.linkedin.com/in/aaronccrowLearn more about Industrial Defender:Website: https://www.industrialdefender.com/podcast LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/Twitter: https://twitter.com/iDefend_ICSYouTube: https://www.youtube.com/@industrialdefender7120Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it.

ceo director ai research ukraine development attack addressing lessons learned scaling ot real world ml united states air force black hat critical infrastructure mandiant turnkey podcast productions shmoocon cybercom cybersecuritythe dragos inc dan gunter

Cyber Security Questionnaire Essentials with Derrich Phillips of Aspire Cyber

GRC Academy

Play Episode Listen Later Nov 28, 2023 12:23

In this episode Jacob speaks with Derrich Phillips from Aspire Cyber about best practices and tips when filling out cybersecurity questionnaires.Derrich Phillips is a cybersecurity expert with over 20 years of experience in the field. He started his career in the Army's security operations center, defending networks against cyber attacks. As the founder of Aspire Cyber, he focuses on helping small companies prove their cybersecurity readiness to handle information for enterprise customers.Here are some highlights from the episode:How Derrich get into cybersecurityThe what and why of security questionnairesHow to save time and money while filling out a security questionnairesWhen to push back on overly burdensome requirementsCheck out this video where Derrich and I discuss how ChatGPT can be used in information security compliance: https://youtu.be/IAAJPJLBeaYFollow Derrich on LinkedIn: https://www.linkedin.com/in/derrichphillips/Aspire Cyber website: https://www.aspirecyber.com/-----------Governance, Risk, and Compliance Academy (GRC) Academy is a training and research platform!Online GRC Training: https://grcacademy.io/courses/?utm_source=podcast&utm_medium=s1-e17&utm_campaign=coursesNeed a FedRAMP authorized Password Manager?Start a free 14-day trial of Keeper: https://grcacademy.io/ref/keeper/b2b-trial/See the CMMC controls that Keeper meets: https://grcacademy.io/ref/keeper/cmmc-controls-sheet/

army risk chatgpt cybersecurity essentials governance keeper aspire questionnaire password managers fedramp cybersecuritythe derrich phillips

Kayne McGladrey: The CISO's Role Is To Advise on Business Risk

Play Episode Listen Later Nov 10, 2023 58:58

Podcast: The PrOTect OT Cybersecurity Podcast (LS 31 · TOP 5% what is this?)Episode: Kayne McGladrey: The CISO's Role Is To Advise on Business RiskPub date: 2023-11-09About Kayne McGladrey: Kayne McGladrey, CISSP, is a seasoned cybersecurity expert with over twenty-five years of experience and a senior member of the IEEE. As the field CISO for Hyperproof, he specializes in advising companies on upholding the implicit social contract to protect entrusted data. Kayne's transformative leadership has been instrumental in implementing robust security measures, disaster-recovery systems, and compliance standards, earning him recognition as a spokesperson for IEEE's Public Visibility Initiative and a prominent media presence. Additionally, his dedication to fostering diversity in cybersecurity has led him to develop educational programs and build effective teams, showcasing his commitment to expanding opportunities in the field.In this episode, Aaron and Kayne McGladrey discuss:Strategic alignment of cybersecurity with business riskNavigating the changing landscape of cybersecurityEmpowering CISOs in the evolving landscape of cybersecurityThe challenges and opportunities of generative AIKey Takeaways:The key to a successful cybersecurity strategy lies in reframing it as a business imperative, focusing on aligning security efforts with business risks, engaging with cross-functional teams, proactively obtaining certifications, and leveraging control design expertise, ensuring a competitive advantage and effective risk management beyond mere compliance and technology concerns.In today's dynamic cybersecurity landscape, CISOs must continually reassess their controls and their alignment with business risks, while also considering the personal liability they bear, making succession planning and strategic adaptability vital for maintaining effective security programs.The role of a CISO is crucial, yet often misunderstood; empowering and respecting CISOs' authority is essential to effectively manage cyber risks and avoid potential disasters, as generic approaches and AI-driven risk registers fall short of addressing the unique challenges faced by businesses.In a world where cybersecurity threats are inevitable, the key lies in fostering resiliency rather than aiming for an unattainable zero-risk goal; while a lot are excited about the potential of education and automation, the lack of regulatory control over generative AI poses a daunting challenge, risking societal upheaval and economic unrest."If we don't decide to manage the economic impacts of artificial intelligence, potentially a lot of industries could be at least partially automated. And that has the potential for a lot of social arm where people just don't have jobs. And when you get people who are automated out of a job, what are they going to go do? They're going to do something that everybody can do fine, but it doesn't pay well. Like you end up going and driving for a living or doing deliveries for a living. And you end up with a highly educated workforce that is unhappy. That's like a recipe right there for civil unrest." — Kayne McGladrey Connect with Kayne McGladrey: Email: kayne@hyperproof.ioWebsite: https://hyperproof.ioLinkedIn: https://www.linkedin.com/in/kaynemcgladrey/YouTube: https://www.youtube.com/@hyperproofTwitter: https://twitter.com/kaynemcgladreyKayne will be speaking at the GPSEC Columbus next week: https://go.guidepointsecurity.com/2023_11_14_GPSEC_Columbus_NC_01-Registration-Page.htmlConnect with Aaron:LinkedIn: https://www.linkedin.com/in/aaronccrowLearn more about Industrial Defender:Website: https://www.industrialdefender.com/podcast LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/Twitter: https://twitter.com/iDefend_ICSYouTube: https://www.youtube.com/@industrialdefender7120Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it. The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

ai risk strategic advise ciso kayne ieee cisos listen notes cissp turnkey podcast productions hyperproof registration page iowebsite cybersecuritythe

Kayne McGladrey: The CISO's Role Is To Advise on Business Risk

The PrOTect OT Cybersecurity Podcast

Play Episode Listen Later Nov 10, 2023 58:58

Podcast: The PrOTect OT Cybersecurity Podcast (LS 29 · TOP 10% what is this?)Episode: Kayne McGladrey: The CISO's Role Is To Advise on Business RiskPub date: 2023-11-09About Kayne McGladrey: Kayne McGladrey, CISSP, is a seasoned cybersecurity expert with over twenty-five years of experience and a senior member of the IEEE. As the field CISO for Hyperproof, he specializes in advising companies on upholding the implicit social contract to protect entrusted data. Kayne's transformative leadership has been instrumental in implementing robust security measures, disaster-recovery systems, and compliance standards, earning him recognition as a spokesperson for IEEE's Public Visibility Initiative and a prominent media presence. Additionally, his dedication to fostering diversity in cybersecurity has led him to develop educational programs and build effective teams, showcasing his commitment to expanding opportunities in the field.In this episode, Aaron and Kayne McGladrey discuss:Strategic alignment of cybersecurity with business riskNavigating the changing landscape of cybersecurityEmpowering CISOs in the evolving landscape of cybersecurityThe challenges and opportunities of generative AIKey Takeaways:The key to a successful cybersecurity strategy lies in reframing it as a business imperative, focusing on aligning security efforts with business risks, engaging with cross-functional teams, proactively obtaining certifications, and leveraging control design expertise, ensuring a competitive advantage and effective risk management beyond mere compliance and technology concerns.In today's dynamic cybersecurity landscape, CISOs must continually reassess their controls and their alignment with business risks, while also considering the personal liability they bear, making succession planning and strategic adaptability vital for maintaining effective security programs.The role of a CISO is crucial, yet often misunderstood; empowering and respecting CISOs' authority is essential to effectively manage cyber risks and avoid potential disasters, as generic approaches and AI-driven risk registers fall short of addressing the unique challenges faced by businesses.In a world where cybersecurity threats are inevitable, the key lies in fostering resiliency rather than aiming for an unattainable zero-risk goal; while a lot are excited about the potential of education and automation, the lack of regulatory control over generative AI poses a daunting challenge, risking societal upheaval and economic unrest."If we don't decide to manage the economic impacts of artificial intelligence, potentially a lot of industries could be at least partially automated. And that has the potential for a lot of social arm where people just don't have jobs. And when you get people who are automated out of a job, what are they going to go do? They're going to do something that everybody can do fine, but it doesn't pay well. Like you end up going and driving for a living or doing deliveries for a living. And you end up with a highly educated workforce that is unhappy. That's like a recipe right there for civil unrest." — Kayne McGladrey Connect with Kayne McGladrey: Email: kayne@hyperproof.ioWebsite: https://hyperproof.ioLinkedIn: https://www.linkedin.com/in/kaynemcgladrey/YouTube: https://www.youtube.com/@hyperproofTwitter: https://twitter.com/kaynemcgladreyKayne will be speaking at the GPSEC Columbus next week: https://go.guidepointsecurity.com/2023_11_14_GPSEC_Columbus_NC_01-Registration-Page.htmlConnect with Aaron:LinkedIn: https://www.linkedin.com/in/aaronccrowLearn more about Industrial Defender:Website: https://www.industrialdefender.com/podcast LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/Twitter: https://twitter.com/iDefend_ICSYouTube: https://www.youtube.com/@industrialdefender7120Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it. The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

ai risk strategic advise ciso kayne ieee cisos listen notes cissp turnkey podcast productions hyperproof registration page iowebsite cybersecuritythe

Kayne McGladrey: The CISO's Role Is To Advise on Business Risk

Play Episode Listen Later Nov 9, 2023 58:58

About Kayne McGladrey: Kayne McGladrey, CISSP, is a seasoned cybersecurity expert with over twenty-five years of experience and a senior member of the IEEE. As the field CISO for Hyperproof, he specializes in advising companies on upholding the implicit social contract to protect entrusted data. Kayne's transformative leadership has been instrumental in implementing robust security measures, disaster-recovery systems, and compliance standards, earning him recognition as a spokesperson for IEEE's Public Visibility Initiative and a prominent media presence. Additionally, his dedication to fostering diversity in cybersecurity has led him to develop educational programs and build effective teams, showcasing his commitment to expanding opportunities in the field.In this episode, Aaron and Kayne McGladrey discuss:Strategic alignment of cybersecurity with business riskNavigating the changing landscape of cybersecurityEmpowering CISOs in the evolving landscape of cybersecurityThe challenges and opportunities of generative AIKey Takeaways:The key to a successful cybersecurity strategy lies in reframing it as a business imperative, focusing on aligning security efforts with business risks, engaging with cross-functional teams, proactively obtaining certifications, and leveraging control design expertise, ensuring a competitive advantage and effective risk management beyond mere compliance and technology concerns.In today's dynamic cybersecurity landscape, CISOs must continually reassess their controls and their alignment with business risks, while also considering the personal liability they bear, making succession planning and strategic adaptability vital for maintaining effective security programs.The role of a CISO is crucial, yet often misunderstood; empowering and respecting CISOs' authority is essential to effectively manage cyber risks and avoid potential disasters, as generic approaches and AI-driven risk registers fall short of addressing the unique challenges faced by businesses.In a world where cybersecurity threats are inevitable, the key lies in fostering resiliency rather than aiming for an unattainable zero-risk goal; while a lot are excited about the potential of education and automation, the lack of regulatory control over generative AI poses a daunting challenge, risking societal upheaval and economic unrest."If we don't decide to manage the economic impacts of artificial intelligence, potentially a lot of industries could be at least partially automated. And that has the potential for a lot of social arm where people just don't have jobs. And when you get people who are automated out of a job, what are they going to go do? They're going to do something that everybody can do fine, but it doesn't pay well. Like you end up going and driving for a living or doing deliveries for a living. And you end up with a highly educated workforce that is unhappy. That's like a recipe right there for civil unrest." — Kayne McGladrey Connect with Kayne McGladrey: Email: kayne@hyperproof.ioWebsite: https://hyperproof.ioLinkedIn: https://www.linkedin.com/in/kaynemcgladrey/YouTube: https://www.youtube.com/@hyperproofTwitter: https://twitter.com/kaynemcgladreyKayne will be speaking at the GPSEC Columbus next week: https://go.guidepointsecurity.com/2023_11_14_GPSEC_Columbus_NC_01-Registration-Page.htmlConnect with Aaron:LinkedIn: https://www.linkedin.com/in/aaronccrowLearn more about Industrial Defender:Website: https://www.industrialdefender.com/podcast LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/Twitter: https://twitter.com/iDefend_ICSYouTube: https://www.youtube.com/@industrialdefender7120Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it.

ai risk strategic advise ciso kayne ieee cisos cissp turnkey podcast productions hyperproof registration page iowebsite cybersecuritythe

100: Exploring OT Security and Cyber Practices with IBM's Rob Dyson

Play Episode Listen Later Nov 1, 2023 56:53

Podcast: (CS)²AI Podcast Show: Control System Cyber SecurityEpisode: 100: Exploring OT Security and Cyber Practices with IBM's Rob DysonPub date: 2023-10-31We are delighted to welcome Rob Dyson as our special guest for the 100th episode of the CS2AI podcast! Rob is the Global OT Security Services Leader for IBM. Beyond his corporate role, he is a military veteran, a tech enthusiast, a devoted father and husband, a proud grandfather, and an avid scuba diver. His extensive experience overseeing key service areas within an industry giant like IBM makes Rob an exceptional guest for this milestone podcast. He joins us today to share his insights on control systems, operating technology, and cybersecurity practices.Rob truly brings a wealth of knowledge and clarity to today's discussion. Stay tuned for more!Show highlights:How Rob's interest in technology influenced his desire to explore new things and push boundariesThe challenges of setting up a business continuity plan in a remote locationHow security measures have evolved from the early days of network security to modern-day cybersecurityThe importance of understanding the network for OT securityHow software developers can bring valuable skills to cybersecurity after mastering the fundamentals of networkingRob shares his insights on entrepreneurship in the cybersecurity spaceHow Rob got offered a job with IBM in 2012 after a quick and unexpected interview process Rob explains how he transitioned to full-time OT security work in 2016 Why is there a need for a different mindset and cultural understanding within the OT cybersecurity industry? Rob offers advice for people who have recently begun their career journeysLinks and resources:(CS)²AI Derek Harp on LinkedInRob Dyson on LinkedInIBMThe podcast and artwork embedded on this page are from Derek Harp, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

security practices ibm ot cyber listen notes ot security locationhow cybersecuritythe rob dyson

100: Exploring OT Security and Cyber Practices with IBM's Rob Dyson

Control System Cyber Security Association International: (CS)²AI

Play Episode Listen Later Nov 1, 2023 56:53

Podcast: (CS)²AI Podcast Show: Control System Cyber SecurityEpisode: 100: Exploring OT Security and Cyber Practices with IBM's Rob DysonPub date: 2023-10-31We are delighted to welcome Rob Dyson as our special guest for the 100th episode of the CS2AI podcast! Rob is the Global OT Security Services Leader for IBM. Beyond his corporate role, he is a military veteran, a tech enthusiast, a devoted father and husband, a proud grandfather, and an avid scuba diver. His extensive experience overseeing key service areas within an industry giant like IBM makes Rob an exceptional guest for this milestone podcast. He joins us today to share his insights on control systems, operating technology, and cybersecurity practices.Rob truly brings a wealth of knowledge and clarity to today's discussion. Stay tuned for more!Show highlights:How Rob's interest in technology influenced his desire to explore new things and push boundariesThe challenges of setting up a business continuity plan in a remote locationHow security measures have evolved from the early days of network security to modern-day cybersecurityThe importance of understanding the network for OT securityHow software developers can bring valuable skills to cybersecurity after mastering the fundamentals of networkingRob shares his insights on entrepreneurship in the cybersecurity spaceHow Rob got offered a job with IBM in 2012 after a quick and unexpected interview process Rob explains how he transitioned to full-time OT security work in 2016 Why is there a need for a different mindset and cultural understanding within the OT cybersecurity industry? Rob offers advice for people who have recently begun their career journeysLinks and resources:(CS)²AI Derek Harp on LinkedInRob Dyson on LinkedInIBMThe podcast and artwork embedded on this page are from Derek Harp, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

practices ibm ot cyber listen notes ot security locationhow cybersecuritythe rob dyson

100: Exploring OT Security and Cyber Practices with IBM's Rob Dyson

Play Episode Listen Later Oct 31, 2023 56:53

We are delighted to welcome Rob Dyson as our special guest for the 100th episode of the CS2AI podcast! Rob is the Global OT Security Services Leader for IBM. Beyond his corporate role, he is a military veteran, a tech enthusiast, a devoted father and husband, a proud grandfather, and an avid scuba diver. His extensive experience overseeing key service areas within an industry giant like IBM makes Rob an exceptional guest for this milestone podcast. He joins us today to share his insights on control systems, operating technology, and cybersecurity practices.Rob truly brings a wealth of knowledge and clarity to today's discussion. Stay tuned for more!Show highlights:How Rob's interest in technology influenced his desire to explore new things and push boundariesThe challenges of setting up a business continuity plan in a remote locationHow security measures have evolved from the early days of network security to modern-day cybersecurityThe importance of understanding the network for OT securityHow software developers can bring valuable skills to cybersecurity after mastering the fundamentals of networkingRob shares his insights on entrepreneurship in the cybersecurity spaceHow Rob got offered a job with IBM in 2012 after a quick and unexpected interview process Rob explains how he transitioned to full-time OT security work in 2016 Why is there a need for a different mindset and cultural understanding within the OT cybersecurity industry? Rob offers advice for people who have recently begun their career journeysLinks and resources:(CS)²AI Derek Harp on LinkedInRob Dyson on LinkedInIBM

security practices ibm ot cyber ot security locationhow cybersecuritythe rob dyson

Raphael Arakelian: Beyond the Tools - Maturing Implementation to Reduce Risk

Play Episode Listen Later Oct 11, 2023 57:08

Podcast: The PrOTect OT Cybersecurity Podcast (LS 31 · TOP 5% what is this?)Episode: Raphael Arakelian: Beyond the Tools - Maturing Implementation to Reduce RiskPub date: 2023-10-05About Raphael Arakelian: Raphael Arakelian is a distinguished figure in the field of cybersecurity, serving as a manager within PwC Canada's OT & IoT cybersecurity team. With a national leadership role, he directs PwC Canada's efforts in OT monitoring implementation services, overseeing proof-of-concept evaluations and implementations across diverse industries. Raphael's unwavering commitment to securing critical infrastructure and industrial systems against cyber threats showcases his profound passion for advancing OT monitoring technology and staying at the forefront of cybersecurity innovation.In this episode, Aaron and Raphael Arakelian discuss:Evaluation OT security solutions beyond technological featuresMaturing implementation considering technical requirements, business requirements, and organizational factorsExploring the integration of active scanning in OT cybersecurity protocolsAchieving comprehensive OT asset management and cybersecurity monitoringBridging the gap between OT and cybersecurityThe evolving role of OT cybersecurityKey Takeaways:To build a robust OT cyber monitoring program, organizations must embrace a collective approach involving a combination of tools, people, active and passive methods, and meticulous asset inventory management to enhance their security posture in an evolving threat landscape.In the world of OT cybersecurity, it's not enough to simply have tools; success hinges on a meticulous understanding of assets, ongoing monitoring, and a proactive approach to vulnerabilities, even if achieving 100% coverage remains elusive.It's crucial to move beyond black-and-white thinking, embrace active scanning safely, involve vendors collaboratively, and establish hybrid roles to take ownership and advance visibility for more robust OT cybersecurity practices.In the next 5 to 10 years, we'll witness a pivotal shift towards more comprehensive and collaborative OT cybersecurity practices, embracing advanced monitoring technologies and the active involvement of OEMs, as the critical importance of safeguarding operational technology becomes increasingly evident. "Most of the time, it's too much of a burden to be able to take care of the technology parts, but also influence on both sides the culture to be able to have a successful OT cyber program." — Raphael Arakelian Connect with Raphael Arakelian: Email: raphael.arakelian@pwc.comLinkedIn: https://www.linkedin.com/in/raphael-arakelian/Raphael will be presenting a paper at S4 this March 2024 around active scanning of OT PLCs: https://s4xevents.com/page/4/?et_blogConnect with Aaron:LinkedIn: https://www.linkedin.com/in/aaronccrowLearn more about Industrial Defender:Website: https://www.industrialdefender.com/podcast LinkedIn: https://www.linkedin.com/company/industrial-defender-inc/Twitter: https://twitter.com/iDefend_ICSYouTube: https://www.youtube.com/@industrialdefender7120Audio production by Turnkey Podcast Productions. You're the expert. Your podcast will prove it. The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

tools ot iot implementation maturing oems s4 listen notes reduce risk turnkey podcast productions pwc canada blogconnect cybersecuritythe

Raphael Arakelian: Beyond the Tools - Maturing Implementation to Reduce Risk