POPULARITY
Microsoft has its fingers in a lot of pots, but just how secure are said pots? On this episode, Corey is joined by Ann Johnson, Corporate Vice President and Deputy CISO of Microsoft's Customer Security Management Office. Ann talks about her 40-year professional journey and how it's culminated in her current role. Corey is known to “punch up” at the big guys in the tech industry, but he and Ann talk about the challenges of corporate leadership and being a public face in such a prominent company. Since it's 2025, of course, they're going to talk about AI's pros and cons (and why it shouldn't be used to make art).Show Highlights(0:00) Intro(0:51) The Duckbill Group sponsor read(1:25) What Ann's been up to since she and Corey last spoke (2:29) The makeup of Microsoft Security(4:28) The unique company culture at Microsoft(8:42) What's going on with Microsoft Azure(10:31) How Ann handles the immense pressure of working in Microsoft Security(14:13) The toxic nature of online criticism(19:57) The Duckbill Group sponsor read(20:24) The value of telling your leaders the truth(23:31) Ann's thoughts on the current state of AI(28:44) Properly defining what AI can and can't do(30:54) Why Ann helps fund multiple STEM scholarships(32:16) The need for the humanities alongside tech(33:38) Where you can find more from Ann JohnsonAbout Ann JohnsonAnn Johnson is Corporate Vice President and Deputy CISO at Microsoft. In this role, Ann drives all external engagement for the Microsoft Office of the CISO. She is a long-tenured, recognized thought leader on cybersecurity, published author, and a sought-after global speaker and digital author specializing in cyber resilience, online fraud, cyberattacks, compliance, and security. Ann challenges traditional schools of thought and cyber-norms–from the way the tech industry tackles cyber threats to the language it uses to communicate–and encourages the industry to get outside its comfort zones and expand how it addresses the evolving threat landscape with the power of technology and people. As a global cybersecurity leader and strategist, she is looking ahead at how today's cybersecurity investments will impact tomorrow's cybersecurity reality. Ann currently serves on the Board of Directors of N-Able, Human Security, Datavant, and is Member of the Board of Advisors for Cybersecurity Center of Excellence, WA and the Signal Cyber Museum Society. Ann is also an Executive Sponsor of the Microsoft Women in Cybersecurity Group.LinksAnn Johnson's LinkedIn: https://www.linkedin.com/in/ann-johnsons/Microsoft Security: https://www.microsoft.com/en-us/securityAfternoon Cyber Tea: afternooncybertea.comSponsorThe Duckbill Group: duckbillgroup.com
The DNS resolution path by which the world's internet content consumers locate the world's internet content producers has been under continuous attack since the earliest days of Internet commercialization and privatization. Much work has recently and is currently being invested to protect this vital source of Personally Identifiable Information -- but by whom, and why, and how? Let's discuss. About the speaker: Paul Vixie serves AWS Security as Deputy CISO, VP & Distinguished Engineer after a 29-year career as the founder and CEO of five startup companies covering the fields of DNS, anti-spam, Internet exchange, Internet carriage and hosting, and Internet security. Vixie earned his Ph.D. in Computer Science from Keio University in 2011 and was inducted into the Internet Hall of Fame in 2014. He has authored or co-authored several Internet RFC documents and open source software projects including Cron and BIND. https://en.wikipedia.org/wiki/Paul_Vixie
Control System Cyber Security Association International: (CS)²AI
Roya Gordon, previously the Executive Industry Consultant - Operational Technology (OT) Cybersecurity at Hexagon Asset Lifecycle Intelligence and currently, is the Deputy CISO at ENGIE North America Inc., joins Derek Harp live from Hack the Capitol 7.0 to explore the evolving landscape of asset inventory in operational technology (OT). Roya breaks down the differences between asset visibility, inventory, and management, sharing her firsthand experiences from both passive and configuration-based methodologies.Roya highlights the critical role of asset inventory in building a strong OT cybersecurity foundation. From distinguishing between passive and active network monitoring to the importance of configuration management, she emphasizes how a multi-layered approach can offer comprehensive visibility and risk management. Roya also dives into why organizations often overlook configuration change management, and how integrating different solutions can optimize security efforts.Whether you're a seasoned OT professional or just starting your cybersecurity journey, this episode offers valuable insights into improving asset management, reducing risks, and fostering collaboration between vendors and operators.
See the latest innovations in silicon design from AMD with new system-on-a-chip high bandwidth memory breakthroughs with up to 7 terabytes of memory bandwidth in a single virtual machine - and how it's possible to get more than 8x speed-ups without sacrificing compatibility from the previous generation to HBv5. These use AMD EPYC™ 9004 Processors with AMD 3D V-Cache™ Technology. And find out how Microsoft's own silicon including custom ARM-based Cobalt CPUs and Maia AI accelerators for performance and power efficiency. Mark Russinovich, Azure CTO, Deputy CISO, Technical Fellow, and Microsoft Mechanics lead contributor, shows how with workloads spanning Databricks, Siemens, Snowflake, or Microsoft Teams, Azure provides the tools to improve efficiency and performance in your datacenter at hyperscale. ► QUICK LINKS: 00:00 - 7TB memory bandwidth in a single VM 00:51 - Efficiency and optimization 02:33 - Choose the right hardware for workloads 04:52 - Microsoft Cobalt CPUs and Maia AI accelerators 06:14 - Hardware innovation for diverse workloads 07:53 - Speedups with HBv5 VMs 09:04 - Compatibility moving from HBv4 to HBv5 11:29 - Future of HPC 12:01 - Wrap up ► Link References Check out https://aka.ms/AzureHPC For more about HBv5 go to https://aka.ms/AzureHBv5 ► Unfamiliar with Microsoft Mechanics? As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast ► Keep getting this insider knowledge, join us on social: • Follow us on Twitter: https://twitter.com/MSFTMechanics • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics
New Year, New Role: 3 Key Strategies for Cyber LeadersListen to the latest Agent of Influence episode with Bindi Davé, Deputy CISO at DigiCert, as she discusses the Golden Triangle approach when entering a new company, focusing on asset discovery, defining acceptable risk, and fostering a comprehensive cybersecurity culture. + + +Find more episodes on YouTube or wherever you listen to podcasts, as well as at netspi.com/agentofinfluence.
Aaron M. Bostick is a seasoned CISSP-certified professional with 16+ years of expertise in IT Operations and Information Security Program Management. He excels in the implementation of ISO-27001, SOC-2, PCI, NIST 800-171, and CMMC security frameworks. During his tenure in leadership positions, including Deputy CISO at ThriveDX (formerly HackerU) and Manager of Information Security at K2 Software, Aaron has successfully implemented security policies, risk assessments, and compliance with various industry standards. Join us as we dive into many infosec topics including an in-depth discussion on the responsibility matrix, a necessary tool when working with service providers to ensure your and your client's or employer's information is kept secure, regardless of where it resides.
Join us on CISO Tradecraft as we explore the future of cybersecurity with Merritt Barrett, former Deputy CISO at AWS. Merritt, a Harvard Law graduate, shares her expert insights on the trends expected in the upcoming years, emphasizing the enduring aspects of cybersecurity, the implications of AI, and challenges in cloud security. Discover valuable strategies for managing security risks, the evolution of ransomware, and the integration of sustainable practices within the industry. Don't miss this episode filled with practical advice for current and aspiring CISOs! Thank you to our sponsors - ThreatLocker - https://hubs.ly/Q02_HRGK0 - CruiseCon - https://cruisecon.com/ Transcripts https://docs.google.com/document/d/1KRkN7jVZvAaYk1eSBde3GTiD-G9RPjXJ Chapters 00:00 Introduction and Guest Overview 01:16 Future of Cybersecurity 02:18 AWS Security Insights 04:35 Shared Responsibility Model 09:59 AI in Cybersecurity 21:55 Security and Environmental Concerns 32:36 Predictions for 2025 and Beyond 42:46 Closing Remarks and Contact Information
At TechNetCyber24, Francis Rose explored pressing cybersecurity challenges and strategies within the government sector with cyber experts, included ServiceNow's Mike Rohde. Discussions emphasized the need for effective data management and AI integration, the importance of adopting Zero Trust Architecture to combat sophisticated threats, and innovative strategies for retaining skilled cybersecurity professionals. Automation and AI were highlighted as crucial for enhancing efficiency and job satisfaction, while industry collaboration was noted as vital for driving innovation and knowledge transfer. A unified approach to these issues is essential for bolstering cybersecurity resilience across sectors. Link to YouTube Video: https://youtu.be/fmUXk-enrIg?feature=sharedSee omnystudio.com/listener for privacy information.
At TechNetCyber24, Francis Rose explored pressing cybersecurity challenges and strategies within the government sector with cyber experts, included ServiceNow's Mike Rohde. Discussions emphasized the need for effective data management and AI integration, the importance of adopting Zero Trust Architecture to combat sophisticated threats, and innovative strategies for retaining skilled cybersecurity professionals. Automation and AI were highlighted as crucial for enhancing efficiency and job satisfaction, while industry collaboration was noted as vital for driving innovation and knowledge transfer. A unified approach to these issues is essential for bolstering cybersecurity resilience across sectors. Link to YouTube Video: https://youtu.be/fmUXk-enrIg?feature=sharedSee omnystudio.com/listener for privacy information.
Financial institutions have been a leading target for cyber crime since the dawn of the internet. But phishing schemes have become far more intricate, and cyber heists go beyond stealing money from a bank. JF Legault, Deputy CISO at J.P. Morgan Chase, explains how he leads cyber defense on the front lines of work — and lays out a strategy to transform teams into early detection networks. Then David Adrian from Chrome unpacks how web browsing protections, robust monitoring, and a real-time view of threats can fit into this kind of strategy to maximize resilience to a cyber attack. This episode is sponsored by Chrome Enterprise.See omnystudio.com/listener for privacy information.
Today on the Social-Engineer Podcast: The Security Awareness Series, Chris is joined by Kimberly Sims. Kimberly is the Deputy CISO, Director of Cyber Operations and Cloud Security for American Century Investments. Kimberly has over 17 years' experience in the Financial Services sector. Prior to joining American Century, Kimberly ran the Information Security Program for the second-largest capital market's desk in the world, responsible for securing systems that process a trillion-dollar debt portfolio. Kimberly is an advisory member, and IT lead for the Charter for Veterans, a non-profit organization assisting recovering combat wounded veterans. She is an advocate for mentorship and coaching across the security industry and participates in several industry groups. [Aug 19, 2024] 00:00 - Intro 00:22 - Intro Links: - Social-Engineer.com - http://www.social-engineer.com/ - Managed Voice Phishing - https://www.social-engineer.com/services/vishing-service/ - Managed Email Phishing - https://www.social-engineer.com/services/se-phishing-service/ - Adversarial Simulations - https://www.social-engineer.com/services/social-engineering-penetration-test/ - Social-Engineer channel on SLACK - https://social-engineering-hq.slack.com/ssb - CLUTCH - http://www.pro-rock.com/ - innocentlivesfoundation.org - http://www.innocentlivesfoundation.org/ 03:01 - Kimberly Sims Intro 03:49 - Inspired by a Book 05:32 - Making a Giant Leap! 06:59 - Biggest Mistakes 09:14 - Lessons Learned 11:07 - Security Ambassador 13:23 - Overcoming the Fear 15:20 - Executive Order 17:06 - People, Process, Technology 18:38 - Back to Basics 20:11 - Resiliency Programs 23:14 - The Take Home 24:47 - Jump In! 25:46 - Book Recommendations - Blink - Malcolm Gladwell - Pitch Perfect - Bill McGowan - Permission to Screw Up - Kristen Hadeed 27:49 - Mentors 29:12 - Find Kimberly Sims online - LinkedIn: in/kimberly-sims-733510/ 29:26 - Wrap Up & Outro - www.social-engineer.com - www.innocentlivesfoundation.org
Since the 1995 publication of Daniel Goleman's international bestseller Emotional Intelligence, Why It Can Matter More Than IQ, a global movement has developed to bring “EQ” into practice in businesses, schools, and communities around the globe. But what is its impact on Cybersecurity? In this interview, we welcome Jessica Hoffman, Deputy CISO for the City of Philadelphia, to discuss how Emotional Intelligence can be applied by CyberSecurity leadership to create a better culture and better leaders. Jessica will discuss the five skills that encompass Emotional Intelligence, including: Self Awareness Self Regulation Motivation Empathy Social Skills and examples of how to use them. If you want to be a better cyber leader, then don't miss this episode. Semperis CISO Jim Doggett shares insights into the evolving role of the CISO. The daily onslaught of cyberattacks not only increases business risk, but also puts a company's most important data at risk – data on the company, its employees, customers, and partners. Now, more than ever, the CISO is being asked to understand the business of cyber without being given much time to implement plans for protecting an organization's infrastructure. There is a balance needed between being a technical and business leader, and Jim can share stories from his successful career to enlighten listeners. Segment Resources: Read: https://www.semperis.com/blog/5-itdr-steps-for-cisos/ Watch: https://www.semperis.com/resources/the-key-to-cyber-resilience-identity-system-defense/ This segment is sponsored by Semperis. Visit https://securityweekly.com/semperisrsac to learn more about them! With new industry regulations, like the SEC's Cybersecurity Disclosure Rules, there is an increasing demand on CISOs and security leaders to be able to quantify, communicate, and demonstrate how their cybersecurity programs and strategies are impacting the business. In this interview, Sivan Tehila, CEO and Founder of Onyxia Cyber, will discuss new advances in Cybersecurity Management and how CISOs and security leaders can harness the power of data intelligence, automation, and AI to proactively improve risk management, ensure organizational compliance, and align their security initiatives with business goals. Segment Resources: https://rsac.vporoom.com/2024-04-30-Onyxia-Introduces-AI-to-Cybersecurity-Management-Platform-to-Power-Predictive-Security-Program-Management https://www.forbes.com/sites/forbestechcouncil/2023/06/21/three-ways-to-best-communicate-the-value-of-your-security-program-to-business-stakeholders/?sh=18f0f6892e6f This segment is sponsored by Onyxia. Visit https://securityweekly.com/onyxiarsac to learn more about them! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-352
Since the 1995 publication of Daniel Goleman's international bestseller Emotional Intelligence, Why It Can Matter More Than IQ, a global movement has developed to bring “EQ” into practice in businesses, schools, and communities around the globe. But what is its impact on Cybersecurity? In this interview, we welcome Jessica Hoffman, Deputy CISO for the City of Philadelphia, to discuss how Emotional Intelligence can be applied by CyberSecurity leadership to create a better culture and better leaders. Jessica will discuss the five skills that encompass Emotional Intelligence, including: Self Awareness Self Regulation Motivation Empathy Social Skills and examples of how to use them. If you want to be a better cyber leader, then don't miss this episode. Show Notes: https://securityweekly.com/bsw-352
Since the 1995 publication of Daniel Goleman's international bestseller Emotional Intelligence, Why It Can Matter More Than IQ, a global movement has developed to bring “EQ” into practice in businesses, schools, and communities around the globe. But what is its impact on Cybersecurity? In this interview, we welcome Jessica Hoffman, Deputy CISO for the City of Philadelphia, to discuss how Emotional Intelligence can be applied by CyberSecurity leadership to create a better culture and better leaders. Jessica will discuss the five skills that encompass Emotional Intelligence, including: Self Awareness Self Regulation Motivation Empathy Social Skills and examples of how to use them. If you want to be a better cyber leader, then don't miss this episode. Semperis CISO Jim Doggett shares insights into the evolving role of the CISO. The daily onslaught of cyberattacks not only increases business risk, but also puts a company's most important data at risk – data on the company, its employees, customers, and partners. Now, more than ever, the CISO is being asked to understand the business of cyber without being given much time to implement plans for protecting an organization's infrastructure. There is a balance needed between being a technical and business leader, and Jim can share stories from his successful career to enlighten listeners. Segment Resources: Read: https://www.semperis.com/blog/5-itdr-steps-for-cisos/ Watch: https://www.semperis.com/resources/the-key-to-cyber-resilience-identity-system-defense/ This segment is sponsored by Semperis. Visit https://securityweekly.com/semperisrsac to learn more about them! With new industry regulations, like the SEC's Cybersecurity Disclosure Rules, there is an increasing demand on CISOs and security leaders to be able to quantify, communicate, and demonstrate how their cybersecurity programs and strategies are impacting the business. In this interview, Sivan Tehila, CEO and Founder of Onyxia Cyber, will discuss new advances in Cybersecurity Management and how CISOs and security leaders can harness the power of data intelligence, automation, and AI to proactively improve risk management, ensure organizational compliance, and align their security initiatives with business goals. Segment Resources: https://rsac.vporoom.com/2024-04-30-Onyxia-Introduces-AI-to-Cybersecurity-Management-Platform-to-Power-Predictive-Security-Program-Management https://www.forbes.com/sites/forbestechcouncil/2023/06/21/three-ways-to-best-communicate-the-value-of-your-security-program-to-business-stakeholders/?sh=18f0f6892e6f This segment is sponsored by Onyxia. Visit https://securityweekly.com/onyxiarsac to learn more about them! Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-352
Since the 1995 publication of Daniel Goleman's international bestseller Emotional Intelligence, Why It Can Matter More Than IQ, a global movement has developed to bring “EQ” into practice in businesses, schools, and communities around the globe. But what is its impact on Cybersecurity? In this interview, we welcome Jessica Hoffman, Deputy CISO for the City of Philadelphia, to discuss how Emotional Intelligence can be applied by CyberSecurity leadership to create a better culture and better leaders. Jessica will discuss the five skills that encompass Emotional Intelligence, including: Self Awareness Self Regulation Motivation Empathy Social Skills and examples of how to use them. If you want to be a better cyber leader, then don't miss this episode. Show Notes: https://securityweekly.com/bsw-352
On most days in cyber, it can seem like there are a million things to do. For Jim Kuiphof and his team, that was probably the case in 2022 when Spectrum Health and Beaumont Health merged to become 22-hospital strong Corewell Health. Of course, there was much foundational work to be done, but Kuiphof notes […] Source: Q&A with Corewell Health Deputy CISO Jim Kuiphof: “Proper Prioritization a Key to Cyber Success” on healthsystemcio.com - healthsystemCIO.com is the sole online-only publication dedicated to exclusively and comprehensively serving the information needs of healthcare CIOs.
A interview with Joseph Mager, Deputy CISO, NS Cybersecurity for NS Rail Netherlands. This interview took place at the Cyber Senate Rail Cybersecurity UK EU Summit in London 2024. www.railcybersecurity.com or www.cybersenate.comTwo main topics that rail sector professionals consider their biggest challenges:NIS 2 legistlation and Supply Chain Risk ManagementWe hope you enjoy this interview as much as we did working with NS Rail.
From his time overseeing cybersecurity for prominent Gap Inc. brands including Gap, Athleta, Old Navy, and Banana Republic as Deputy CISO, Khelan Bhatt has nearly two decades of information security expertise. He currently orchestrates cybersecurity strategy at FabFitFun as CISO and VP of IT. In this episode, Khelan and Matt discuss: Threat prevention & detection The crucial role of a CISO Data handling - Best practices The true cost of a cyber attack on your business Chapters: (0:00:00) The importance of bringing in security and privacy early in the data process (0:01:03) Critical steps to build a culture of security for growth (0:03:46) The role of a CISO and their responsibilities (0:06:51) The function of security in the earliest days of a company (0:08:37) When to designate a CISO and the structure of a security department (0:10:22) Common targets for cyber attacks and what attackers are trying to obtain (0:10:41) Credit card numbers and valuable data on the dark web (0:14:10) The value of hacking larger companies vs. smaller companies (0:15:56) Considerations for data handling and sharing with external partners (0:18:20) Post IDFA world and data handling for marketing teams (0:20:34) Evaluating third-party partners' security and privacy maturity (0:21:06) What marketers should understand about data handling (0:21:31) Bring security and privacy experts in early during contract negotiations (0:22:32) Data duplication increases risk and dilutes controls (0:22:54) Define granular roles and responsibilities for data access (0:23:23) Consider hiding sensitive fields based on user roles (0:24:11) Regularly assess and update security frameworks as the company grows (0:24:48) Data lakes can improve data governance and analytics (0:25:43) Regular security assessments are crucial for maturing organizations (0:26:13) Boards want to be aware of risks and progress in security measures (0:26:56) Security should be seen as a feature to increase trust and attract customers (0:28:32) Incorporate security features like SSO and role-based access control (0:30:24) Security, legal, and brand efforts contribute to long-term growth (0:31:37) Investments in security may protect against potential disasters (0:32:32) Advice for early stage CEOs who raised funding (0:33:04) Importance of investing in security for startups (0:33:29) Options for outsourcing security services (0:33:49) Creating a virtual security team within the organization (0:34:19) Evaluating security maturity level and making investments (0:34:48) Conclusion and appreciation for the discussion Link to Transcript
Wie bekomme ich eigentlich Compliance und operative Sicherheit unter einen Hut? Wenn es einer weiß, dann Max Imbiel, Deputy CISO bei N26. Mit Max diskutiere ich unter anderem über:
This week, we are joined by Lucas Moody, CISO at Alteryx, and Casey Essary, Deputy CISO at Bill.com, for a though leader discussion on what to look for when implementing cybersecurity measures at your company. From dedication to security, transparency, innovation, and customer trust, learn how others leverage Alteryx as a powerful data analytics software to drive informed decisions and enhance security operations.Panelists: Lucas Moody, CISO @ Alteryx - @lmoody, LinkedInCasey Essary, Deputy CISO @ Bill.com - LinkedIn,Megan Dibble (Host) - @MeganDibble,LinkedInShow notes: Security at AlteryxLearn more about security and data privacy with Alteryx Interested in sharing your feedback with the Alter Everything team? Take our feedback survey here!This episode was produced by Megan Dibble, Mike Cusic, and Matt Rotundo. Special thanks to Andy Uttley for the theme music and Mike Cusic for the for our album artwork.
There's an old adage that people won't comply with the “what” if they don't understand the “why.” For information security professionals, communicating the ‘why' around the need for compliance with security policies has always been a challenge. Trevor Brown, Deputy CISO with Yale New Haven Health, says one of the best ways to get the […] Source: Q&A with Yale New Haven Health Deputy CISO Trevor Brown: “Risk is a Language Clinicians Understand” on healthsystemcio.com - healthsystemCIO.com is the sole online-only publication dedicated to exclusively and comprehensively serving the information needs of healthcare CIOs.
In this episode of The New CISO, guest Chris Fredrick, Deputy CISO at Baxter International, returns for the final part of his interview series with host Steve.In parts one and two, Chris shared his background and the lessons he's learned during a breach. Today, Chris joins host Steve to discuss maintaining a productive outlook while looking for a new position. Listen to the episode to learn more about the lessons you can learn at every role, the importance of perception, and job-hunting challenges.Listen to Steve and Chris discuss the best time to leave a position post-breach and how to stay positive in the face of rejection:A New Job (1:40)After working on the SOC with Steve, Chris felt ready for a new challenge. He then saw a role that scared him, making him believe that that was the right position. This decision set him down his CISO path.However, this new position was temporary because when he threw his hat in the ring for the permanent role, it didn't work out. Ultimately, this rejection caused Chris to reflect on his career journey.Doing Things Differently (6:03)Steve asks Chris if he would have done things differently in his interview, knowing what he knows now. Chris would make the same decisions, especially since his time there had many challenges. Even though that role didn't pan out, Chris learned a lot during this time. He built confidence in his presentation skills and had the opportunity to meet more established CISOs. By networking with other CISOs, Chris realized he truly belonged in the security world.The Value of Stoicism (10:05)Chris advises on how to handle job rejection. He refers to Stoicism, which states we cannot control the outcome but can control our perception.When bad things happen, we can perceive it as a positive that will set us on the right path.Looking For Work (15:35)Despite Chris' impressive career history, it took him months to find his next role. After evaluating his many interviews, Chris recommends that security recruiters learn more about the field to better choose candidates. Chris and Steve then discuss the other lessons Chris learned during the job-hunting process, including what questions interviewers should or shouldn't ask. Referring to Stoicism again, Chris also recommends structuring a routine around job hunting, including doing a positive hobby you enjoy.The New CISO (28:32)To Chris, being a new CISO means understanding that we are tasked with the impossible. Therefore, it's essential to build an environment where people never feel like they are being asked to do the impossible for the ungrateful.Links:Linkedin
In this episode of The New CISO, guest Chris Fredrick, Deputy CISO at Baxter International, returns for the second part of his interview series with host Steve.In part one, Chris shared his background and the beginning of his professional journey. Today, Chris joins host Steve to discuss a pivotal moment in their careers: a significant breach. Listen to the episode to learn more about how Chris transitioned into a managerial role and stepped up during a crisis.Listen to Steve and Chris discuss who managers really work for and the mark of a great leader:Welcome Back, Chris (1:52)Steve and Chris discuss where they left off in the last episode when they left their security team for a new opportunity.Focusing on insider threats, Chris shares his daily work for this specific role. During this time, Chris focused less on operations and built a program instead. He also researched what would be in an insider program.Vulnerability Management (4:10)Chris reflects on the lessons he learned while doing vulnerability management that made him the leader he is today. Chris believes this time taught him how to tell a good story and have clear metrics to back himself up.Network Security (9:28)After working in vulnerability management, Chris moved into network security with Steve and created a Soc. Chris initially came in as an individual contributor until he became a team lead before eventually becoming the manager.When he was a manager, Chris realized his role now was to worry about his team and less about himself. It was a profound moment for Chris when he discovered this truth.The Breach Itself (15:14)Chris shares what lessons he learned from a significant security breach. Chris and his team noticed for a while that there were warning signs of the breach but were initially ignored.However, when the event happened, they could take what they knew and move forward. Because Chris had working partnerships with other teams, he was able to get the help they needed, showcasing the importance of building your relationships before a crisis.Client Management (20:48)Steve presses Chris on what he remembers regarding the client management side of this time. Chris recalls dealing with many calls from clients who were understandably concerned. Many of these calls became heated, but one client assured Chris he understood what he was going through. As a result, Chris tries to be empathetic with others since they could be having a bad day, which could affect their behavior.Pride In Their Team (28:25)Steve reflects on how working with this incredible team was one of the best memories of his career. He has immense pride in this group, which Chris shares.Chris loved building something from nothing and seeing the great things their colleagues have done since. Forming a great team requires a healthy culture that brings people together.Stepping Up (31:38)After Steve left, Chris had to step up into a higher leadership role. This change became a pivotal moment in Chris's career, coinciding with the birth of his first child.Links:Linkedin
In this episode of The New CISO, Steve is kicking off the first part of a three-part series with guest Chris Frederick, Deputy CISO at Baxter International.Chris began his career as a technician and met Steve on a small security team managing a large network. Now, Chris joins today to share key lessons from his early career and set the stage for the next upcoming episodes. Listen to the episode to learn more about Steve and Chris' time working together, the process of changing companies, and learning to be a better leader.Listen to Steve and Chris discuss how to deliver the news you're leaving a company and how managers should accept said news:Meet Chris (1:46)Chris has worked in IT security for over twenty years and knew since college that this area of the industry was his passion. Since starting a leadership role, he has found his new calling: becoming the best leader he can be.Infosec Memory Lane (5:04)Chris shares the memories of his time working with Steve on their small infosec security team. Chris remembers feeling overwhelmed initially but learned to handle the scope of his many responsibilities. Steve and Chris reminisce about the positives of this experience and the challenges. The best part was the camaraderie they felt as a team.Lessons Learned (9:43)Steve presses Chris on the lessons he learned during their time on the infosec team. This experience taught Chris the importance of curiosity and building credibility.Another valuable lesson was learning to have respectful conversations when colleagues disagree.Changing Companies (18:23)While working together, Steve and Chris had the opportunity to change companies after their CISO left. Chris walks through what occurred and the communication lessons it taught him. He wishes he had done some things differently since multiple people leaving put his manager in a tough spot, but he also learned valuable leadership skills.Links:Linkedin
Howdy, y'all, and welcome to The Cyber Ranch Podcast! We're joined today by Jacqueline (AKA “Jack”) Powell, CISO at Allianz Life and former Deputy CISO at Hanes. She has also consulted, and has worked at Chevron, General Dynamics, and SACI. Jack has an illustrious career! Jack is here today talking with Allan about the new SEC regulations about cybersecurity. For our listeners, the final version of the SEC ruling came out in late July, and publicly traded companies in America have 5 months to comply. Mid-December is when the switch gets thrown… Topics covered in this show: The new ruling and tell me its highlights Disclosure Risk Management Board expertise What are the implications of the disclosure rules? What are the challenges businesses face? What tools can be leveraged? It seems that “materiality” is the key term upon which all of this pivots. That term has definition and precedence in financial circles, but how is a cybersecurity professional to interpret it? What are the implications of the Risk Management rule? If you work with a cybersecurity framework like NIST CSF, for example, you've already got at least the basics in place? And now we get to Board Expertise… CISOs are all anticipating getting board roles overnight, but it's not that easy. NACD in conjunction with CISA put some material together. How should CISOS prepare themselves to be ready for a possible board role?
This week our guest is Merritt Baer, a Field CISO from Lacework, and a cloud security unicorn, sits down to share her incredible story working through the ranks to get to where she is today. Before working at Lacework Merritt served in the Office of the CISO at Amazon Web Services, as part of a small elite team that formed a Deputy CISO. She provided technical cloud security guidance to AWS' largest customers, like the Fortune 100, on security as a bottom line proposition. She also has experience in all three branches of government and the private sector and served as Lead Cyber Advisor to the Federal Communications Commission. Merritt shares some amazing advice for up and comers into the field, saying "my personal philosophy is that no one has to go down for you to go up. I'm always encouraging my colleagues, um, and other executives to be thinking about how we can, you know, steal, sharpen, steal, how we can be good for each other, how we can collaborate, how we can, um, create more strengths in one another." We thank Merritt for sharing her story with us. Learn more about your ad choices. Visit megaphone.fm/adchoices
This week our guest is Merritt Baer, a Field CISO from Lacework, and a cloud security unicorn, sits down to share her incredible story working through the ranks to get to where she is today. Before working at Lacework Merritt served in the Office of the CISO at Amazon Web Services, as part of a small elite team that formed a Deputy CISO. She provided technical cloud security guidance to AWS' largest customers, like the Fortune 100, on security as a bottom line proposition. She also has experience in all three branches of government and the private sector and served as Lead Cyber Advisor to the Federal Communications Commission. Merritt shares some amazing advice for up and comers into the field, saying "my personal philosophy is that no one has to go down for you to go up. I'm always encouraging my colleagues, um, and other executives to be thinking about how we can, you know, steal, sharpen, steal, how we can be good for each other, how we can collaborate, how we can, um, create more strengths in one another." We thank Merritt for sharing her story with us. Learn more about your ad choices. Visit megaphone.fm/adchoices
This episode was recorded on 7/18/2023 Welcome to the Take Five Podcast from Fortinet where we provide five cybersecurity tips and best practices for today's technology leaders. This podcast series taps into the experience of our Fortinet Field CISO team and the work being done with and through our ecosystem of partners, customers, and industry experts. In this episode, Bob Turner, Fortinet's Field CISO for education, is joined by Renee Tarun, Fortinet's Deputy CISO, to explore the current role of artificial intelligence (AI) and machine learning (ML) in cloud security. The conversation covers several key points, such as the potential risks linked to implementing AI and ML approaches, the impact on an organization's cybersecurity strategy, and how organizations can utilize FortiGuard Labs to remain up-to-date on the latest AI/ML-related threats and trends. For more information about cloud security, visit our website, www.fortinet.com/cloudsecurity?utm_source=social&utm_medium=linkedin-org&utm_campaign=sprinklr Read key findings from the 2023 Global Ransomware Report, brought to you by Fortinet: https://www.fortinet.com/blog/industry-trends/ransomware-protection-survey-for-organizational-prevention?utm_source=social&utm_medium=linkedin-org&utm_campaign=sprinklr
This episode was recorded on 7/12/2023 Welcome to the Take Five Podcast from Fortinet where we provide five cybersecurity tips and best practices for today's technology leaders. This podcast series taps into the experience of our Fortinet Field CISO team and the work being done with and through our ecosystem of partners, customers, and industry experts. In this episode, Renee Tarun, Fortinet's Deputy CISO joins Bob Turner, Fortinet's Field CISO for education, to further discuss how artifical intelligence (AI) and machine learning (ML) are playing a role in education cybersecurity today. The discussion encompasses various aspects, including the potential risks associated with the adoption of AI and ML strategies, the influence it can have on an organization's cybersecurity strategy, and guidance for organizations looking to begin or enhance their AI and ML initiatives in the field of education. For more information about security in education, visit our website, www.fortinet.com/education?utm_source=social&utm_medium=linkedin-org&utm_campaign=sprinklr Read key findings from the 2023 Global Ransomware Report, brought to you by Fortinet: https://www.fortinet.com/blog/industry-trends/ransomware-protection-survey-for-organizational-prevention?utm_source=social&utm_medium=linkedin-org&utm_campaign=sprinklr
This episode was recorded on 6/7/2023 Welcome to the Take Five Podcast from Fortinet where we provide five cybersecurity tips and best practices for today's technology leaders. This podcast series taps into the experience of our Fortinet Field CISO team and the work being done with and through our ecosystem of partners, customers, and industry experts. In this episode, Jonathan Nguyen-Duy, Fortinet VP and Field CISO joins Renee Tarun, Fortinet's Deputy CISO, to explore cybersecurity strategies for addressing cyber risk with service providers. Some of the topics they will cover include the top threats facing service providers today, advice for leaders looking to improve cyber readiness, and actionable measures organizations can take to mitigate potential risks. For more information about security for service providers, visit our website, https://www.fortinet.com/solutions/service-provider/communications-service-provider/mssp?utm_source=social&utm_medium=linkedin-org&utm_campaign=sprinklr Read key findings from the 2023 Global Ransomware Report, brought to you by Fortinet: https://www.fortinet.com/blog/industry-trends/ransomware-protection-survey-for-organizational-prevention?utm_source=social&utm_medium=linkedin-org&utm_campaign=sprinklr
This episode was recorded on 5/30/2023 Welcome to the Take Five Podcast from Fortinet where we provide five cybersecurity tips and best practices for today's technology leaders. This podcast series taps into the experience of our Fortinet Field CISO team and the work being done with and through our ecosystem of partners, customers, and industry experts. In this episode, Jonathan Nguyen-Duy, Fortinet VP and Field CISO joins Renee Tarun, Fortinet's Deputy CISO, to explore cybersecurity strategies aimed at tackling cloud-based cyber risks. Some of the topics they will cover include ways to reduce the attack surface, actionable measures organizations can take to mitigate potential risks, and the role that staff training and education can play in diminishing overall risk. For more information about cloud security, visit our website, www.fortinet.com/cloudsecurity?utm_source=social&utm_medium=linkedin-org&utm_campaign=sprinklr Read key findings from the 2023 Global Ransomware Report, brought to you by Fortinet: https://www.fortinet.com/blog/industry-trends/ransomware-protection-survey-for-organizational-prevention?utm_source=social&utm_medium=linkedin-org&utm_campaign=sprinklr
It's rough to start your career in an economic downturn, as many of our listeners are now finding out. Alyssa Robinson started her career in a down economy, but she found opportunity amidst the challenges. Listen to her episode to find out the silver linings of kicking off a career in uncertain times.Alyssa Robinson is Deputy CISO at HubSpot and has had security leadership roles at several organizations, including Compete, Inc. and the Broad Institute. HubSpot: https://www.linkedin.com/company/hubspot/ Alyssa Robinson on LinkedIn: https://www.linkedin.com/in/alyssa-robinson-0a83231/
Key insights from this episode featuring Jeremy Turner, Deputy CISO at Paidy:⚡ Security without passwords. "In a market like Japan, things are quite different. Thinking out of the box is probably the most critical skill we need. When we think about the consumer experience, they don't have to deal with [passwords], and that really does remove a lot of friction from the typical flow," Jeremy says.⚡ There's so much potential in the cloud. "Now you can just whip out a prepaid card, get an account, and replicate a whole enterprise. Thanks to infrastructure as code, a lot of things can be consistent. So I think that is the biggest potential for growth — more people having access to the technology."⚡ Understand your assets and data. "Sometimes, it feels like you are trying to fix a plane while it's in flight without it crashing, and it could be very delicate. It really can get complex if you don't understand your critical assets, especially data because we don't want to lose our data."
Key insights from this episode featuring Jeremy Turner, Deputy CISO at Paidy:⚡ Security without passwords. "In a market like Japan, things are quite different. Thinking out of the box is probably the most critical skill we need. When we think about the consumer experience, they don't have to deal with [passwords], and that really does remove a lot of friction from the typical flow," Jeremy says.⚡ There's so much potential in the cloud. "Now you can just whip out a prepaid card, get an account, and replicate a whole enterprise. Thanks to infrastructure as code, a lot of things can be consistent. So I think that is the biggest potential for growth — more people having access to the technology."⚡ Understand your assets and data. "Sometimes, it feels like you are trying to fix a plane while it's in flight without it crashing, and it could be very delicate. It really can get complex if you don't understand your critical assets, especially data because we don't want to lose our data."
This is the audio-only version of our twice-weekly cyber security talk show, teissTalk. Join us twice a week for free by visiting www.teiss.co.uk/teisstalkThe panel discussion is titledteissTalk: What can the arms race with the attackers teach us?What can you share to help educate end users about the tools, techniques and tactics of attackers?Are attackers getting more sophisticated, or do we keep making the same mistakes?How can you develop more effective security awareness programmes?This episode is hosted by Geoff Whitehttps://www.linkedin.com/in/geoffwhite247/Steven F. Fox, Deputy CISO, Policy & Program Management, State of Washingtonhttps://www.linkedin.com/in/stevenffoxmba/Jamie Moles, Senior Technical Marketing Manager, ExtraHophttps://www.linkedin.com/in/jamiemoles/Adam Gordon, Edutainer & SME, ITProTVhttps://www.linkedin.com/in/adam-gordon-0408981/Troy Stairwalt, Vice President & Chief Information Security Officer, Akron Children's Hospitalhttps://www.linkedin.com/in/troy-stairwalt/
In today's episode, our sandbox heads to new hire orientation for a discussion on what to expect as a new CISO and how you can properly structure your people/process/tech to find both short and long term success at your new org. Joining me is Tyler Young, Relativity alum and current BigID CISO, and Dominik Birk, PWC's Deputy CISO of EMEA. So, dust off your welcome materials, ice breakers, and org charts, and let's dive in.
Cybersecurity continues to evolve alongside businesses as they become more reliant on information technology. Are CISOs, CIOs and other security professionals modifying their approach to innovation in the workplace appropriately? With Nikki Dean moderating, the speakers of this roundtable are:Mel Reyes, Head of IT & Security, GetaroundStephen Fridakis, Deputy CISO, Verily Todd Dekkinga, CISO, Airgap NetworksFernando Madureira, Global CISO, Cosan
Did you know there has been a fundamental restructuring of cybercrime cartels thanks to a booming dark web economy of scale? Powerful cybercriminal groups now operate like multinational corporations and are relied upon by traditional crime syndicates to carry out illegal activities such as extortion and money laundering. As a result, cybercrime cartels are more organized than ever before and often enjoy greater protection and resources from the nation-states that view them as national assets. A recent report from VMware found that 63% of financial institutions experienced an increase in destructive attacks, a 17% increase from last year. Destructive attacks are launched punitively to destroy, disrupt, or degrade victim systems by taking actions such as encrypting files, deleting data, destroying hard drives, terminating connections, or executing malicious code. Tom Kellermann, Head of Cybersecurity Strategy, joins me on Tech Talks Daily to discuss the findings in the report and share his insights. About Tom Kellermann Tom Kellermann is the Head of Cybersecurity Strategy for VMware Inc. Previously, Tom held the position of Chief Cybersecurity Officer for Carbon Black Inc. Before joining Carbon Black, Tom was the CEO and founder of Strategic Cyber Ventures. In 2020, he was appointed to the Cyber Investigations Advisory Board for the United States Secret Service. Additionally, on January 19, 2017, Tom was appointed the Wilson Center's Global Fellow for Cyber Policy. Tom previously held the positions of Chief Cybersecurity Officer for Trend Micro; Vice President of Security for Core Security and Deputy CISO for the World Bank Treasury. In 2008 Tom was appointed a commissioner on the Commission on Cyber Security for the 44th President of the United States. In 2003 he co-authored the Book “Electronic Safety and Soundness: Securing Finance in a New Age.”
On this episode of CyberWire-X, we examine double extortion ransomware. The large-scale cyber events of yesterday – Stuxnet, the Ukraine Power Grid Attack – were primarily focused on disruption. Cybercriminals soon shifted to ransomware with disruption still the key focus – and then took things to the next level with Double Extortion Ransomware. When ransomware first started to take off as the attack method of choice around 2015, the hacker playbook was focused on encrypting data, requesting payment and then handing over the encryption keys. Their methods escalated with Double Extortion, stealing data as well as encrypting it - and threatening to leak data if they don't receive payment. We've seen with ransomware groups like Maze that they will follow through with publishing private information if not paid. In the first part of the show, Rick Howard, the CyberWire's CSO, Chief Analyst, and Senior Fellow, talks with Wayne Moore, Simply Business' CISO and CyberWire Hash Table member, and, in the second half of the show, the CyberWire's podcast host Dave Bittner talks with Nathan Hunstad, episode sponsor Code42's Deputy CISO. They discuss how classic ransomware protection such as offsite backups are no longer enough. They explain that Double Extortion means that you need to understand what data has been stolen and weigh the cost of paying with the cost of your data going public.
This topic couldn't be more relevant given recent events in the security community. Allan Alford is joined by Steve Mancini, CISO at Eclypsium, to have a refreshing conversation about the negative messaging, thinking, and tropes in cybersecurity - not just the stuff that the press says about us, or even the stuff we say about each other - but the self-defeating stuff we think and say to ourselves. Steve addresses the reinforcement of negative catchphrases and how it affects the psyche of the community and explores how burnout is creating a culture of sleepless nights and masochistic badges of honor. Lastly, they emphasize the importance of empathy and support within the community and remind us that humans are our greatest asset, not our weakest links. Guest Bio: Steve Mancini is the CISO at Eclypsium, former Deputy CISO at Cylance, and an advisory board member for several cyber companies. Links: Stay in touch with Steve Mancini on LinkedIn Follow Allan Alford on LinkedIn and Twitter Purchase a Cyber Ranch Podcast T-Shirt at the Hacker Valley Store Learn more about Hacker Valley Studio and The Cyber Ranch Podcast Sponsored by our good friends at Axonius
Rob Duhart, VP, Deputy CISO, at Walmart, shares his points of view on what can help today's CISOs avoid unexpected cyber issues and the trends he is seeing shape the current cyber landscape on this week's episode of Afternoon Cyber Tea with Ann Johnson. As an ally for underrepresented populations in the cyber industry, Rob also discusses how he leverages his voice to support diversity and inclusion across the technology industry and the rise of disinformation in the cybersecurity community. In This Episode You Will Learn: How to help avoid the unexpected and cyber predictions for 2022 Remaining conscious of risk without disrupting their business flow The connection between cybersecurity and disinformation Some Questions We Ask: What issues should security and risk leaders be planning for this year? How can companies help develop a culture of diversity and inclusion? How will disinformation become a larger problem in cybersecurity? Resources: View Rob Duhart on LinkedIn View Ann Johnson on LinkedIn Related: Listen to: Security Unlocked: CISO Series with Bret Arsenault Listen to: Security Unlocked Afternoon Cyber Tea with Ann Johnson is produced by Microsoft and distributed as part of The CyberWire Network.
This was recorded live on 03/14/22 Welcome to the Cyber Fire Fight podcast where we discuss “Fight Fire with Fire: Proactive #Cybersecurity Strategies for Today's Leaders,” a new book offering collective advice from industry experts to improve cyber strategies. Tune in as #Fortinet's Deputy CISO, Renee Tarun, Suzanne Hartin, Chief Risk Officer at Early Warning, and Maria Thompson, Cyber Security Leader in the Public Sector discuss their respective career journeys and cyber risk management.
This was recorded live on 03/09/22 Welcome to the Cyber Fire Fight podcast where we discuss “Fight Fire with Fire: Proactive Cybersecurity Strategies for Today's Leaders,” a new book offering collective advice from industry experts to improve cyber strategies. Tune in as Fortinet's Deputy CISO, Renee Tarun and Anne Marie Zettlemoyer, Business Security Officer, Mastercard, discuss #cybersecurity by design.
This was recorded live on 03/02/22 Welcome to the Cyber Fire Fight podcast where we discuss “Fight Fire with Fire: Proactive Cybersecurity Strategies for Today's Leaders,” a new book offering collective advice from industry experts to improve cyber strategies. Tune in as Fortinet's Deputy CISO, Renee Tarun and Terry Roberts, Founder and CEO of White Hawk Inc discuss cybersecurity and the supply chain.
This was recorded live on 02/22/22 Welcome to the Cyber Fire Fight podcast where we discuss “Fight Fire with Fire: Proactive #Cybersecurity Strategies for Today's Leaders,” a new book offering collective advice from industry experts to improve cyber strategies. Tune in as #Fortinet's Deputy CISO, Renee Tarun and Lisa Donnan, Partner at Option3 discuss addressing the skillsgap and need for more diversity in cybersecurity today.
This was recorded live on 01/18/22 Welcome to the Cyber Fire Fight podcast where we discuss “Fight Fire with Fire: Proactive #Cybersecurity Strategies for Today's Leaders,” a new book offering collective advice from industry experts to improve cyber strategies. In this edition of the #CyberFireFight podcast, #Fortinet's Renee Tarun, Deputy CISO and business #cybersecurity risk expert, Jenny Menna discuss who's behind today's quickly evolving threat landscape. #CyberFireFight
This was recorded live on 01/11/22 Welcome to the Cyber Fire Fight podcast where we discuss “Fight Fire with Fire: Proactive #Cybersecurity Strategies for Today's Leaders,” a new book offering collective advice from industry experts to improve cyber strategies. Join #Fortinet's Renee Tarun, Deputy CISO, and Beth-Anne Bygum, Chief Security & Compliance Officer at Acxiom as they discuss their perspectives around the changing role of governance, risk, and compliance in #cybersecurity. #CyberFireFight
Control System Cyber Security Association International: (CS)²AI
Derek Harp is happy to have Ernest Wohnig joining him as his guest for today's show! Ernest has performed a variety of different roles. Currently, he serves as the Senior Vice President of CISO Advisory in CIP and ICS services at System 1, a specialized cybersecurity consulting firm. In addition to that, he also serves on the Thomas Edison State University (TESU) Cybersecurity Program Advisory Board and chairs the global advisory board of the Control System Cyber Security Association International (CS2AI). Before that, he served as a Deputy CISO and Senior Global Cybersecurity Advisor for a Fortune 200 energy company, leading the coordination of cybersecurity activities across their global operations. Ernest is recognized internationally as a cybersecurity executive. He is a sought-after strategic adviser to the senior leadership of global firms, national government agencies, and corporate and non-profit directors. His main areas of interest and experience include integrating cyber risk as a key component of business risk and opportunity, the effects of cyber risk on critical infrastructure from both operations and national infrastructure governance perspectives, and the threat and promise of Artificial Intelligence as an enabler in the cybersphere. In the 1990s, Ernest served as an Air Force Intelligence officer and an Information Warfare advisor for the US Government. He also has significant experience, directing the development and delivery of cyber security consulting services for large and boutique global consulting firms. In this episode of the (CS)²AI Podcast, Ernest shares his superhero origin story. He discusses his early interest in the impact of technology on national security, his introduction to information warfare and cybersecurity while in the military, and the skills he needed when he joined the DIA after leaving the Air Force. He also talks about mentorship and offers suggestions for finding the right niche early in your career and developing additional non-technical career skills. Ernest is proof that you don't have to have a degree in computer science or engineering to do cybersecurity. Tune in today to hear his fascinating story! You won't want to miss this episode if you are entering the market after the military or thinking of transitioning into the cybersecurity space. Show highlights: As a talkative young lieutenant in the Air Force, Ernest often spoke to his colonel about the book, Third Wave by Alvin Toffler. That resulted in him becoming a liaison to the first Information Warfare Squadron. (2:39) Technology fascinated Ernest, but he focused more on how people use technology and how technology impacts national security. (4:30) You don't need any specific formal education to get into the cybersecurity space. (5:16) Ernest got introduced to cybersecurity after joining the military. (7:27) We have forgotten some of the security problems that Ernest addressed in the late 1990s. They have resurfaced again, however, and caused some concern in the last four or five years. (11:20) Ernest spent a year-and-a-half with the DIA after leaving the military. He talks about the skill sets that he needed there. (14:10) Reaching the level in his career where he had to dial down the technical aspect and dial up the people aspect. (15:36) We have come a long way with cybersecurity. It has grown a lot, and many subdivisions have formed since the time it was known as information security. (19:48) Find the right niche early on in your career. (20:58) Ernest talks about mentorship and discusses ways of developing additional skills. (24:47) Some practical advice for connecting with potential mentors in the industry sector you would like to join. (34:48) What you could gain from taking career-broadening tours. (44:52) Tips for increasing your amount of influence. (47:36) We will see some scary and exciting opportunities arise with cutting-edge AI technology in the future!...
So what's it like to be a CISO? We came across a thread on Twitter posted by now Deputy (and then acting) CISO of a billion-dollar crypto company that in the role for three months during the spring bull run. Aside from the burnout, what else can we glean from J.M. Porup's experience?____________________________GuestJ.M. PorupOn Twitter
It's the season finale! Mat and Mike welcome Rob Binkley, Deputy CISO of NASA, to the show. They reminisce on their times at Purdue, explore how cybersecurity developed and works at NASA.-------------------------Stay current with cyberTAP:cyber.tap.purdue.edu/blogFollow us on all the things:Twitter: @PCyberTAPLinkedIn: Purdue cyberTAPEmail the Cyber Tap with suggestions (or be a guest)cybertappodcast@purdue.eduTo learn more about Purdue cyberTAP's education and professional services, visit cyber.tap.purdue.edu