Podcast appearances and mentions of diana kelley

Organizations need to understand what AI can do and can't do. Start creating the best use cases within their organizations and also train people on how to use them responsibly." - Diana Kelley In this episode, host Ana Melikian delves into the pivotal role of Artificial Intelligence (AI) in today's world, particularly in the business world. Joined by guest Diana Kelley, a seasoned Chief Information Security Officer at ProtectAI, they explore the integration of AI into our daily lives and the business sphere. Ana and Diana discuss the importance of understanding AI's capabilities and limitations, likening it to a hundred-foot wave that businesses need to learn to surf rather than be overwhelmed by. They emphasize the necessity of increasing AI literacy to make informed decisions and identify the best use cases within organizations. Diana sheds light on the potential risks and vulnerabilities of AI, including data privacy concerns and the need for responsible adoption. Organizations are encouraged to enhance their security measures and train employees to use AI effectively and safely. As Ana and Diana examine AI's rapid advancement, they highlight the critical balance between embracing innovation and maintaining security. The conversation is filled with insightful analogies and expert advice, making it a must-listen for anyone interested in navigating the complexities of AI in business and security. Let's dive in! This week on the MINDSET ZONE: 00:00 Introduction to AI in Everyday Tools 01:02 Meet Diana Kelly: Cybersecurity Powerhouse 01:49 The AI 100-foot Wave 03:42 Understanding AI Risks and Vulnerabilities 11:43 AI Literacy: A Necessity for All 18:02 Data Privacy and Security Concerns 26:00 Resources for AI Literacy and Security 29:25 Conclusion and Final Thoughts About The Guest Diana Kelley is the Chief Information Security Officer (CISO) for Protect AI. She also serves on the boards of WiCyS, The Executive Women's Forum (EWF), InfoSec World, CyberFuture Foundation, TechTarget Security Editorial, and DevNet AI/ML. Diana was Cybersecurity Field CTO for Microsoft, Global Executive Security Advisor at IBM Security, GM at Symantec, VP at Burton Group (now Gartner), a Manager at KPMG, CTO and co-founder of SecurityCurve, and Chief vCISO at SaltCybersecurity. Her extensive volunteer work has included serving on the ACM Ethics & Plagiarism Committee, Cybersecurity Committee Advisor at CompTIA, CTO and Board Member at Sightline Security, Advisory Board Chair at WOPLLI Technologies, Advisory Council member Bartlett College of Science and Mathematics, Bridgewater State University, and RSAC US Program Committee. She is a sought-after keynote speaker, the host of BrightTALK's The (Security) Balancing Act, co-author of the books Practical Cybersecurity Architecture and Cryptographic Libraries for Developers, instructor for the LinkedIn Learning classes Security in AI and ML and Introduction to MLSecOps, has been a lecturer at Boston College's Masters program in cybersecurity, one of AuditBoard's Top 25 Resilient CISOs in 2024, a 2023 Global Cyber Security Hall of Fame Inductee, the EWF 2020 Executive of the Year and EWF Conference Chair 2021-Present, an SCMedia Power Player, and one of Cybersecurity Ventures 100 Fascinating Females Fighting Cybercrime. Connect with: Linkedin.com/in/dianakelleysecuritycurve ProtectAI.com Resources: NIST AI RMF: https://www.nist.gov/itl/ai-risk-management-framework OWASP AI Sec: https://genai.owasp.org/ OWASP AI Security and Privacy Guide: https://owasp.org/www-project-ai-security-and-privacy-guide/ MITRE ATLAS: https://atlas.mitre.org/ MLSecOps Community: https://mlsecops.com/ LinkedIn Learning: Introduction to MLSecOps Security Risks in AI and Machine Learning: Categorizing Attacks and Failure Modes Related Content: Expand What's Possible

Guest: Diana Kelley, CISO, Protect.AI [@ProtectAICorp]On LinkedIn | https://www.linkedin.com/in/dianakelleysecuritycurve/______________________Host: Christina Stokes, Host of On Cyber & AI PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/christina-stokes______________________This Episode's SponsorsAre you interested in sponsoring an ITSPmagazine Channel?

Diana Kelley is the Chief Information Security Officer (CISO) for ProtectAI. She also serves on the boards of Women in Cybersecurity, The Executive Women's Forum, InfoSec World, CyberFuture Foundation, TechTarget Security Editorial, and DevNet AI/ML. Diana was Cybersecurity Field CTO for Microsoft, Global Executive Security Advisor at IBM Security, GM at Symantec, VP at Burton Group (now Gartner), a Manager at KPMG, CTO and co-founder of SecurityCurve, and Chief vCISO at SaltCybersecurity.In the episode, we talk about her involvement with all of these different groups and how that has changed over time, plus how and why she arrived at ProtectAI. She also talks about the ProtectAI product strategy and how their different products play into their broader vision for AI security. Website: protect.ai Sponsor: VulnCheck - vulncheck.com

Guests: Dr. Rebecca Wynn | https://www.linkedin.com/in/rebeccawynncissp/CISO | Cybersecurity Strategist | Data Privacy & Risk Mgmt Advisor | Board Member | Soulful CXO Show Host | Author | Keynote SpeakerNigel Cannings | https://www.linkedin.com/in/nigelcannings/CTO, Intelligent Voice | RDSBL Industrial Fellow @ University of East London | JSaRC Industry Secondee @UK Home Office | NLP and Speech AI Expert | Innovator | Mental Health Advocate | Passionate Entrepreneur | SpeakerKevin Macnish, PhD, CIPP/E | https://www.linkedin.com/in/kevinmacnish/Managing ethics and sustainability risk in the private and public sectorsDiana Kelley | https://www.linkedin.com/in/dianakelleysecuritycurve/CISO | Board Member | Volunteer | Executive AdvisorJustin "Hutch" Hutchens | https://www.linkedin.com/in/justinhutchens/Award-Winning Speaker | Author | Podcaster | Teacher | Technologist | Security Researcher | Data Scientist | Full-Stack DeveloperLen Noe | https://www.linkedin.com/in/len-noe/CyberArk Technical Evangelist/ White Hat Hacker / BioHackerSean Martin | https://www.linkedin.com/in/imsmartin/Analyst, Writer, Journalist, Podcaster, Professor, Photographer | Co-Founder of ITSPmagazine Podcast Network: At the Intersection of Technology, CyberSecurity & Society™_____________________________Host: Marco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast and Audio Signals PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli_____________________________This Episode's SponsorsBlackCloak

Diana Kelley feels strongly that community plays a critical role in all careers, but especially cybersecurity. She explains why in this episode.She and Gene also talk about increasing the number of females in cybersecurity, what she looks for in entry level candidates, and more. Diana Kelley on LinkedIn: https://www.linkedin.com/in/dianakelleysecuritycurve/Executive Women's Forum: https://www.ewf-usa.com/WICYS: https://www.wicys.org/

In episode 81 of the We Hack Purple Podcast host Tanya Janca spoke to Diana Kelley, Chief Information Security Officer (CISO) at Protect AI. Diana and Tanya worked together at Microsoft, and to say that Diana is a pillar of the information security industry is somewhat of an understatement. Together they discussed problems with Large Language Models (LLMs) ingesting crappy code, and bad licenses, the OSSF (and it's goodness), and that sometimes people don't even realize they are breaking software licences when they use what an LLM has produced.We discussed the fact that if a CVE comes out for a library an LLM gave you, but it didn't identify it with the correct name of the library, you wouldn't receive notifications about it. She clarified how ML pipelines are set up, how data scientists work, with insecure juniper laptops all over the place (perhaps a generalization on my part). We discussed how data science seems to be a topic a lot of CISOs are pretending aren't in their domain to protect, but both of us agreed that is not so. They have some of the most valuable data your organization can possess.We also covered best practices for securing MLSec, the OWASP Top Ten for LLMs, and the new free community her company has started MLSECOPS. She also released an update version of her book, Practical Cyber Security Architecture!.Diana Links:Diana on LinkedInhttps://www.wicys.org/. (of course!)https://mlsecops.com/OSS Jupyter Notebook scanner here: https://nbdefense.ai/https://protectai.com/ Her book https://www.packtpub.com/product/practical-cybersecurity-architecture-second-edition/9781837637164.Bio: Diana Kelley is the Chief Information Security Officer (CISO) for Protect AI. She also serves on the boards of Cyber Future Foundation, WiCyS, and The Executive Women's Forum (EWF). Diana was Cybersecurity Field CTO for Microsoft, Global Executive Security Advisor at IBM Security, GM at Symantec, VP at Burton Group (now Gartner), a Manager at KPMG, CTO and co-founder of SecurityCurve, and Chief vCISO at SaltCybersecurity..Very special thanks to our sponsor!Semgrep Supply Chain's reachability analysis lets you ignore the 98% of false positives in open source vulnerabilities and quickly find and fix the 2% of issues that are actually reachable.Get Your Free Trial Here! Semgrep also makes a ludicrously fast static analysis tool They have a free and paid version of this tool, which uses an open-source engine, and offers additional community created ruleset! Check out Semgrep Code HERE

This week, Justin and Jack are talking AI with one of the security industry's most well-known experts and influencers, Diana Kelley of Protect AI. The topics, like the growth of AI, are all over the place, from the impacts of AI on security teams to secure AI development, and even a quick mention of the rights of sentient AI. Come hear what's new in ML SecOps and high-integrity AI, and some well-informed predictions for the future. If you want to get in touch with Diana, you can find her LinkedIn here. Check out this week's video: If you have any questions or suggestions, send us an email at pwned@nuharborsecurity.com. For general information, you can reach us at info@nuharborsecurity.com. If you like our content, please like, share, and subscribe! We'll catch you on the next one. Check out NuHarbor Security for complete cybersecurity protection for your business and a security partner you can trust. Website: https://nuharborsecurity.com Facebook: https://www.facebook.com/nuharbor/ Twitter: https://twitter.com/NuHarbor LinkedIn: https://www.linkedin.com/company/nuharbor/ Instagram: https://www.instagram.com/nuharborsecurity/

Diana Kelly, Chief Information Security Officer, Protect AI. Cybrize Co-founder after IBM and Microsoft, Diana leans outwardly and looks inwardly to succeed in Security and AI. See other full episodes at www.MarkSpencerCook.com/Podcast/. Mark recently Interviewed Diana Kelly. She's a surprising expert of professional relationships, is a Chief Information Security Officer: “Once you establish yourself in a team and company, reach out and collaborate with other teams… “Enter a new relationship and have an open heart to help others…Abundance with long-term thinking… “If you don't feel fear, you're not thinking about others enough. But remember, it's not about you…” Hear more of Diana's 10 secrets about feeling criticized and more episodes at MarkSpencerCook. Click “Podcast” or search Bold Encounters on any platform. “Like” and comment to help others find us. PS More from Diana: “Patience. Many are aware of what they want, but please grant yourself the gift of patience…Seek resources to assist you in unraveling your true passions.” (see WindfallPartners.com/Twelve) See: Diana Kelley, CISO, Protect AI on LinkedIn: https://www.linkedin.com/in/dianakelleysecuritycurve/ Also, see: ProtectAI.com In this episode of Bold Encounters, Mark Cook presents his interview with Diana Kelly. Diana shares her professional journey, starting with being recruited by Microsoft while working at IBM. She was initially hired for her expertise in application security and later expanded her role to become the global Executive Security Advisor. Diana emphasizes the importance of focusing on the team you work with within a large organization to make a significant impact. Diana speaks about her experience and career growth within Microsoft, acknowledging the scale of the company and the unique opportunities it offers. We were curious about her insights gained from navigating her companies environment, including interactions with colleagues and team. She told us about obstacles and challenges she has faced in their career, emphasizing the presence of opposition in life. We discussed Diana's entry point into Microsoft and Diana gives examples of collaborating with the Consulting Group at IBM. Diana believes that leadership starts with individuals themselves and then extends to their team objectives, mission, and vision for their firm's ecosystem. Diana says she guards against any intention to dismiss or discourage anyone. Rather, she aims to present an encouraging, realistic perspective. “Oftentimes,” Diana says. “People find themselves feeling stuck in their current circumstances, unsure of where they want to go or what they want to pursue. In such instances, it becomes imperative to reflect upon one's true desires without judgment.” In my own career, I have experienced various roles and acquired expertise in different facets of security technology. One consistent factor that has fueled my journey is the exhilaration of acquiring new knowledge and then sharing it with others, ensuring responsible and ethical utilization. For instance, during the early days of widespread Wi-Fi adoption, countless organizations struggled with its implementation. Recognizing this need, I immersed myself in understanding the intricacies of Wi-Fi technology. Consequently, I had the privilege of delivering numerous talks and conducting classes to aid businesses in effectively leveraging Wi-Fi while upholding security measures. The common thread throughout this experience was the sheer delight I derived from the learning process itself, which fueled my energy and passion for helping others navigate the realm of technology Moreover, when you pursue a path driven by passion, your performance tends to excel naturally. By immersing yourself in something you genuinely love, you are more likely to devote yourself wholeheartedly and achieve remarkable results.

Diana Kelley, Chief Information Security Officer (CISO) at Protect AI joins host David Puner for a dive into the world of artificial intelligence (AI) and machine learning (ML), exploring the importance of privacy and security controls amid the AI Gold Rush. As the world seeks to capitalize on generative AI's potential, risks are escalating. From protecting data from nefarious actors to addressing privacy implications and cyber threats, Kelley highlights the need for responsible AI development and usage. The conversation explores the principle of least privilege (PoLP) in AI, the privacy implications of using AI and ML platforms and the need for proper protection and controls in the development and deployment of AI and ML systems.

The International Risk Podcast is a weekly podcast for senior executives, board members and risk advisors. In these podcasts, we speak with risk management specialists from around the world. Our host is Dominic Bowen, one of Europe's leading international risk specialists. Having spent the last 20 years successfully establishing large and complex operations in the world's highest risk areas and conflict zones, Dominic now joins you to speak with exciting guests from around the world to discuss risk.The International Risk Podcast – Reducing risk by increasing knowledgeFollow us on Facebook, Twitter, Instagram, and LinkedIn for all our great updates.This week, Dominic talks with Diana Kelley.  Diana is the Co-Founder and CTO of SecurityCurve, as well as Chief Strategy Officer/Chief Security Officer (CSO2) and co-founder of Cybrize. Throughout Diana's career, she has held positions in the Cybersecurity Field for Microsoft, IBM Security, Symantec, Burton Group (now Gartner), KPMG, and altCybersecurity. Her most recent book with Ed Moyle is Practical Cybersecurity Architecture: A Guide to Creating and Implementing Robust Designs for Cybersecurity Architects (2022). 

Guests: Edna Conway, VP, Security & Risk Officer, Azure Hardware Systems & Infrastructure, Microsoft [@Microsoft]On LinkedIn | https://www.linkedin.com/in/ednaconway/On Twitter | https://twitter.com/Edna_ConwayAt RSAC | https://www.rsaconference.com/experts/edna-conwayDiana Kelley, Chief Security Officer / Chief Strategy Officer, CybrizeOn LinkedIn | https://www.linkedin.com/in/dianakelleysecuritycurve/At RSAC | https://www.rsaconference.com/experts/diana-kelley____________________________Host: Chloé Messdaghi, Host of Secure Your Strategy Podcast and Host osThe Changemaking PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/chloe-messdaghi____________________________This Episode's SponsorsBlackCloak | https://itspm.ag/itspbcwebBrinqa | https://itspm.ag/brinqa-pmdpSandboxAQ | https://itspm.ag/sandboxaq-j2en____________________________Episode NotesThis podcast episode emphasizes the importance of prioritizing security team wellness and taking proactive measures to build resilience in the face of evolving cybersecurity threats. It offers strategies and initiatives that organizations can adopt to reduce burnout, foster a positive workplace culture, and better prepare for potential security incidents. By investing in security team wellness and being proactive, organizations can maintain a strong cybersecurity posture and minimize the impact of security incidents. The panel will cover:The importance of prioritizing security team wellness to reduce burnout, foster a positive workplace culture, and promote a healthy work-life balance.The need for proactive measures, such as regular training and education, threat modeling exercises, and incorporating security into the development lifecycle, to help security teams build resilience and better prepare for potential security incidents.The benefits of investing in security team wellness and taking a proactive approach, including maintaining a strong cybersecurity posture, minimizing the impact of security incidents, and ensuring the long-term sustainability of the organization's security program.____________________________For more RSAC Conference Coverage podcast and video episodes visit: https://www.itspmagazine.com/rsa-conference-usa-2023-rsac-san-francisco-usa-cybersecurity-event-coverageAre you interested in telling your story in connection with RSA Conference by sponsoring our coverage?

Guests: Leah McLean, Vice President - Cybersecurity Specialist, Mastercard Data & Services [@Mastercard]On LinkedIn | https://www.linkedin.com/in/leahrmclean/On Twitter | https://twitter.com/lmcleanDiana Kelley, Chief Security Officer / Chief Strategy Officer, CybrizeOn LinkedIn | https://www.linkedin.com/in/dianakelleysecuritycurve/At RSAC | https://www.rsaconference.com/experts/diana-kelleyDavi Ottenheimer, VP Trust and Digital Ethics, Inrupt [@inrupt]At RSAC | https://www.rsaconference.com/experts/Davi%20Ottenheimer____________________________Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]____________________________This Episode's SponsorsBlackCloak | https://itspm.ag/itspbcwebBrinqa | https://itspm.ag/brinqa-pmdpSandboxAQ | https://itspm.ag/sandboxaq-j2en____________________________Episode NotesIn this panel, we will explore the potential impact artificial intelligence  technologies can have on the role of the security analyst and security operations. How can these technologies be used for:Education, training, skill development, and practice?Better protection, detection, response, and recovery?Program definition, planning, management, and measurement to create better results?Connect security operations to the business to drive better business outcomes?Given some of the controversy surrounding generative AI (ChatGPT), we will also explore the potential harms coming from the use of these technologies.____________________________For more RSAC Conference Coverage podcast and video episodes visit: https://www.itspmagazine.com/rsa-conference-usa-2023-rsac-san-francisco-usa-cybersecurity-event-coverageAre you interested in telling your story in connection with RSA Conference by sponsoring our coverage?

Guests: Leah McLean, Vice President - Cybersecurity Specialist, Mastercard Data & Services [@Mastercard]On LinkedIn | https://www.linkedin.com/in/leahrmclean/On Twitter | https://twitter.com/lmcleanDiana Kelley, Chief Security Officer / Chief Strategy Officer, CybrizeOn LinkedIn | https://www.linkedin.com/in/dianakelleysecuritycurve/At RSAC | https://www.rsaconference.com/experts/diana-kelleyDavi Ottenheimer, VP Trust and Digital Ethics, Inrupt [@inrupt]At RSAC | https://www.rsaconference.com/experts/Davi%20Ottenheimer____________________________Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]____________________________This Episode's SponsorsBlackCloak | https://itspm.ag/itspbcwebBrinqa | https://itspm.ag/brinqa-pmdpSandboxAQ | https://itspm.ag/sandboxaq-j2en____________________________Episode NotesIn this panel, we will explore the potential impact artificial intelligence  technologies can have on the role of the security analyst and security operations. How can these technologies be used for:Education, training, skill development, and practice?Better protection, detection, response, and recovery?Program definition, planning, management, and measurement to create better results?Connect security operations to the business to drive better business outcomes?Given some of the controversy surrounding generative AI (ChatGPT), we will also explore the potential harms coming from the use of these technologies.____________________________For more RSAC Conference Coverage podcast and video episodes visit: https://www.itspmagazine.com/rsa-conference-usa-2023-rsac-san-francisco-usa-cybersecurity-event-coverageAre you interested in telling your story in connection with RSA Conference by sponsoring our coverage?

HostsSean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelliEpisode NotesThe ITSPmagazine Weekly Catch-Up | 14-April-2023 | With Marco Ciappelli and Sean MartinITSPmagazine YouTube Channel

In this episode of the Future of Security Operations podcast, Thomas speaks with Diana Kelley, Chief Security Officer / Chief Strategy Officer at Cybrize, which connects organizations, security leaders, and job seekers to train and support the next generation of cybersecurity professionals.  Diana has been a trailblazer in the cybersecurity industry for over three decades. She's served as CTO for Microsoft and Global Executive Security Advisor at IBM; she was also previously VP of Burton Group (now Gartner for Technical Professionals) and a manager at KPMG. Diana volunteers with numerous organizations in her free time, including ACM Ethics & Plagiarism Committee and WiCyS (Women in Cybersecurity), all devoted to advancing diversity within this field. Topics include:  How Diana first developed a passion for computers and security Diana's career path, from building and managing a global network to working as a consultant The changing security landscape and how increasingly sophisticated adversaries challenge it Why executives need to recognize compliance is not just a checkbox exercise, and how Diana helps business leaders bring compliance in as part of their toolkits to develop better security programs The challenge of balancing security policies with different pressures within an organization The cybersecurity skills gap and how hiring managers can attract and retain the best candidates through DEIA, allyship, creating open-minded job descriptions, and recognizing the value of different skill sets The importance of sizing security teams properly to prevent exhaustion and burnout, measuring the success of your security program, and communicating the value of your security team Why Diana believes SOCs will be more distributed in the future, why it makes sense for smaller companies to outsource, and the rise of AI and automation to support humans rather than replace humans Diana reflects on a striking security incident Resources:  LinkedIn

Join us on this episode of the Ask A CISO podcast as we discuss AI and ML in cybersecurity with Diana Kelley, CISO and co-founder of Cyberize. With International Women's Day in a week, we also look at the challenges of recruiting women and diversity in the tech sphere. Plus, there's a giveaway! So make sure you stay tuned to the entire episode and take part on LinkedIn to stand a chance of winning an autographed copy of the book "Practical Cybersecurity Architecture!" Host Jeremy Snyder and Diana started by discussing the organization WiCyS, short for Women in CyberSecurity, which promotes the recruitment, retention, and advancement of women in cybersecurity. We also discussed using Artificial Intelligence and Machine Learning in cybersecurity, how they can help analysts, managers, and those in charge of tracking and hunting down attacks, and further explored the implications of this technology, such as its application in healthcare, national security, and financial services, and how data provenance can be used to protect organizations. Read the associated short blog on what threats AI and ML present to cybersecurity here: https://www.horangi.com/blog/ai-ml-in-cybersecurity - About Horangi Cybersecurity -- More information about the Ask A CISO podcast: https://www.horangi.com/resources/ask-a-ciso-podcast About Horangi Cyber Security: https://www.horangi.com - About the Guest -- Diana's LinkedIn: https://www.linkedin.com/in/dianakelleysecuritycurve/

This interview from September 16th, 2022 originally aired as a shortened version on the CyberWire Daily Podcast. In this extended interview, Dave Bittner sits down with Diana Kelley, CSO & Co-founder of Cybrize to discuss the need for innovation and entrepreneurship in cybersecurity.

Uber suffers a data breach. Social media executives testify before Congress. A Large DDoS attack is thwarted in Eastern Europe. The FBI warns of increased cyberattacks against healthcare payment processors. Policy makers consider new OT security incentives. Malek Ben Salem from Accenture on future-proof cloud security. Our guest Diana Kelley from Cybrize discusses the need for innovation and entrepreneurship in cybersecurity. And if you've been hoping for a LockerGoga decryptor, you're in luck. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/11/179 Selected reading. Uber hacked, internal systems breached and vulnerability reports stolen (BleepingComputer)  Uber suffers computer system breach, alerts authorities (Washington Post) Uber Investigating Data Breach After Hacker Claims Extensive Compromise (SecurityWeek)  Uber Investigating Breach of Its Computer Systems (New York Times) Uber investigating "total compromise" of its internal systems (Computing)  There's No Honor Among Thieves: Carding Forum Staff Defraud Users in an ESCROW Scam (Digital Shadows)  Social media hearings highlight lack of trust, transparency in sector (The Record by Recorded Future)  Breaking the Boycott (Cybersixgill) Record-Breaking DDoS Attack in Europe (Akamai) Cyber Criminals Targeting Healthcare Payment Processors, Costing Victims Millions in Losses (FBI) Siemens Mobility CoreShield OWG Software (CISA) Siemens Simcenter Femap and Parasolid (CISA) Siemens RUGGEDCOM ROS (CISA)  Siemens Mendix SAML Module (CISA) Siemens SINEC INS (CISA) Siemens RUGGEDCOM ROS (Update A) (CISA) Simcenter Femap and Parasolid (CISA)  Siemens Industrial Products Intel CPUs (Update A) (CISA) Siemens OpenSSL Affected Industrial Products (CISA)  Siemens OpenSSL Vulnerability in Industrial Products (Update E) (CISA) Siemens SCALANCE (CISA)  CISA Adds Six Known Exploited Vulnerabilities to Catalog (CISA) Building on our Baseline: Securing Industrial Control Systems Against Cyberattacks (House Committee on Homeland Security)  Bitdefender Releases Universal LockerGoga Decryptor in Cooperation with Law Enforcement (Bitdefender Labs)

Diana Kelley returns to the show to discuss her work as a board member of the Cyber Future Foundation and the goings-on at this year's Cyber Talent Week. Whether you're a cybersecurity hiring manager who doesn't know why you're not getting the applicants you want, a candidate who hears the profession has 0% unemployment but still can't seem to get a callback or anyone in between, DO. NOT. MISS. THIS. EPISODE. This is one for the books, folks. – Start learning cybersecurity for free: https://www.infosecinstitute.com/free – View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcast0:00 - Cybersecurity hiring and job searching4:30 - Diana Kelley of Cyber Future Foundation9:00 - Cyber Future Foundation talent week13:58 - Reexamining cybersecurity job descriptions 21:52 - Cybersecurity hiring manager and applicant training27:10 - Strategies to bring in diverse talent from other industries33:06 - Narrowing your cybersecurity job pursuit39:37 - Using different educations in cybersecurity roles41:32 - Implementing an educational pipeline44:40 - Hiring based on strong skills from other trades48:22 - Cybersecurity apprenticeships 53:22 - Fostering cybersecurity community value 59:09 - Diana Kelley's future projects1:00:30 - Outro

#CISOThursdays​: Breaking Into Cybersecurity + Diana Kelley 04/07/2022  Cyber Future Foundation ~ Cyber Talent Week 2022 https://cyberfuturefoundation.org/ctw2022.html  It's really a conversation about what they did before, why did they pivot in cyber, what was the process they went through Breaking Into Cybersecurity, how do you keep up, and advice/tips/tricks along the way.  About Breaking Into Cybersecurity: This series was created by Renee Small &  Christophe Foulon to share stories of how the most recent cybersecurity professionals are breaking into the industry. Our special editions are us talking to experts in their fields and cyber gurus who share their experiences of helping others break-in.  #cybersecurity #breakingintocybersecurity #informationsecurity #JamesAzar #ChrisFoulon #ReneeSmall #InfoSecHires  Check out our new book, Develop Your Cybersecurity Career Path: How to Break into Cybersecurity at Any Level: https://amzn.to/3443AUI   _________________________________________  About the hosts:   Renee Small is the CEO of Cyber Human Capital, one of the leading human resources business partners in the field of cybersecurity, and author of the Amazon #1 best-selling book, Magnetic Hiring: Your Company's  Secret Weapon to Attracting Top Cyber Security Talent. She is committed to helping leaders close the cybersecurity talent gap by hiring from within and helping more people get into the lucrative cybersecurity profession. https://www.linkedin.com/in/reneebrownsmall/  Download a free copy of her book at magnetichiring.com/book  Christophe Foulon focuses on helping to secure people and processes with a  solid understanding of the technology involved. He has over 10 years as an experienced Information Security Manager and Cybersecurity Strategist with a passion for customer service, process improvement, and information security. He has significant experience in optimizing the use of technology while balancing the implications to people, processes, and information security by using a consultative approach.  https://www.linkedin.com/in/christophefoulon/  Find out more about CPF-Coaching at https://cpf-coaching.com  - Website: https://www.cyberhubpodcast.com/breakingintocybersecurity - Podcast: https://anchor.fm/breakingintocybersecurity - YouTube: https://www.youtube.com/c/BreakingIntoCybersecurity - Linkedin: https://www.linkedin.com/company/breaking-into-cybersecurity/ - Twitter: https://twitter.com/BreakintoCyber

#CISOThursdays​: Breaking Into Cybersecurity + Diana Kelley 04/07/2022 Cyber Future Foundation ~ Cyber Talent Week 2022 https://cyberfuturefoundation.org/ctw2022.html It's really a conversation about what they did before, why did they pivot in cyber, what was the process they went through Breaking Into Cybersecurity, how do you keep up, and advice/tips/tricks along the way. About Breaking Into Cybersecurity: This series was created by Renee Small & Christophe Foulon to share stories of how the most recent cybersecurity professionals are breaking into the industry. Our special editions are us talking to experts in their fields and cyber gurus who share their experiences of helping others break-in. #cybersecurity #breakingintocybersecurity #informationsecurity #JamesAzar #ChrisFoulon #ReneeSmall #InfoSecHires Check out our new book, Develop Your Cybersecurity Career Path: How to Break into Cybersecurity at Any Level: https://amzn.to/3443AUI _________________________________________ About the hosts: Renee Small is the CEO of Cyber Human Capital, one of the leading human resources business partners in the field of cybersecurity, and author of the Amazon #1 best-selling book, Magnetic Hiring: Your Company's Secret Weapon to Attracting Top Cyber Security Talent. She is committed to helping leaders close the cybersecurity talent gap by hiring from within and helping more people get into the lucrative cybersecurity profession. https://www.linkedin.com/in/reneebrownsmall/ Download a free copy of her book at magnetichiring.com/book Christophe Foulon focuses on helping to secure people and processes with a solid understanding of the technology involved. He has over 10 years as an experienced Information Security Manager and Cybersecurity Strategist with a passion for customer service, process improvement, and information security. He has significant experience in optimizing the use of technology while balancing the implications to people, processes, and information security by using a consultative approach. https://www.linkedin.com/in/christophefoulon/ Find out more about CPF-Coaching at https://cpf-coaching.com - Website: https://www.cyberhubpodcast.com/breakingintocybersecurity - Podcast: https://anchor.fm/breakingintocybersecurity - YouTube: https://www.youtube.com/c/BreakingIntoCybersecurity - Linkedin: https://www.linkedin.com/company/breaking-into-cybersecurity/ - Twitter: https://twitter.com/BreakintoCyber --- Support this podcast: https://anchor.fm/breakingintocybersecurity/support

Protecting Data & the Supply Chain so deeply intertwined with everything from software to identity. Join Program Committee members Edna Conway and Diana Kelley as they discuss the challenges that folks are struggling with right now and some potential mitigation strategies. We'll explore what's happening with Log4j and other vulnerabilities as well as the need for a software Bill of Materials (SBOM). Speakers: Edna Conway, Vice President, Security & Risk Officer, Azure, VP, Chief Security & Risk Officer, Azure Microsoft Diana Kelley, CTO and Co-Founder, SecurityCurve Kacy Zurkus, Content Strategist, RSAC

Want to get started with a backup program to protect your sensitive information? Security expert and trainer Mike McBride explains how to keep your most important personal and business data safe.Conversation highlights:Why every home and business needs a backup strategyHow to determine what you should backupAre cloud backup services (iCloud, OneDrive, Google Drive) enough for home and small business backups?What a 3-2-1 backup strategy means and how to apply it for your home or business.Backup services: do you need one? Is it worth the cost?How Ransomware can encrypt backups in the cloudHow often should you back up data?Adopting a cost effective backup solution for home users and small businesses________________________________GuestMike McBrideOn LinkedIn | https://www.linkedin.com/in/mikemac29/On Twitter | https://twitter.com/mikemac29________________________________HostsLimor KessemOn ITSPmagazine  

Technology for the 2021 holidays! Check out the cool tech gear that's at the top of guest Scott Scheferman's wish list as he shares how to use them safely.Conversation highlights:VR headsets - what's the latest?How attackers are targeting VRThe latest in streaming deck technologyRisks with streaming desksAre voice activated assistants a potential privacy risk?Can Alexa call 911 in an emergency?Security considerations when using the latest gaming consolesHow your wireless mouse lead to a loss of your banking data?Does you wearable have an ulterior functionality motive for a foreign government?Should you turn wearables on airplane mode when traveling?The future of attacks: digital extortion and how wearables could enable these attacks________________________________GuestScott SchefermanOn LinkedIn | https://www.linkedin.com/in/scottscheferman/On Twitter | https://twitter.com/transhackerism________________________________HostsLimor KessemOn ITSPmagazine  

The cloud changes many things for businesses and the teams responsible for running their operations in one or more of these as-a-service-oriented environments. An organization's security operations for (and in) the cloud must follow suit.Threat Hunting in the Cloud: Defending AWS, Azure and Other Cloud Platforms Against CyberattacksBook AbstractIn Threat Hunting in the Cloud: Defending AWS, Azure and Other Cloud Platforms Against Cyberattacks, celebrated cybersecurity professionals and authors Chris Peiris, Binil Pillai, and Abbas Kudrati leverage their decades of experience building large scale cyber fusion centers to deliver the ideal threat hunting resource for both business and technical audiences. You'll find insightful analyses of cloud platform security tools and, using the industry leading MITRE ATT&CK framework, discussions of the most common threat vectors.You'll discover how to build a side-by-side cybersecurity fusion center on both Microsoft Azure and Amazon Web Services and deliver a multi-cloud strategy for enterprise customers. And you will find out how to create a vendor-neutral environment with rapid disaster recovery capability for maximum risk mitigation.Perfect for technical executives (i.e., CTO, CISO), technical managers, architects, system admins and consultants with hands-on responsibility for cloud platforms, Threat Hunting in the Cloud is also an indispensable guide for business executives (i.e., CFO, COO CEO, board members) and managers who need to understand their organization's cybersecurity risk framework and mitigation strategy.____________________________GuestsAbbas KudratiOn LinkedIn | https://www.linkedin.com/in/akudrati/On Twitter | https://twitter.com/askudratiBinil PillaiOn LinkedIn | https://www.linkedin.com/in/binilpillai/On Twitter | https://twitter.com/pillai_binil____________________________Co-HostDiana KelleyOn ITSPmagazine

Every few years, a group of individuals work together to deliver what has become a staple in application security practices: The Open Web Application Security Project (OWASP) Top 10. In the 2021 edition, the team took a fresh look at the data and what it means. Everything changed while somehow stayed the same.The real changes are in how organizations should look at this information and how to use it to make a difference in their application development and information security programs. While data analytics played a huge role in changing the game for the OWASP Top 10 for 2021, it's the humans that will see the outcomes come to fruition. Or, at least we hope.____________________________GuestsDiana KelleyOn ITSPmagazine

Heading to the kitchen for some serious cooking for the winter holidays? Chris Roberts joins us as we talk about cool, and secure, kitchen tech and gadgets.Chestnuts roasting on an open fire and automatically stirred by a pot bot? Holiday turkey that you can check for doneness from your office? There's some very cool tech to help make your holiday meals great - we'll help you understand how to keep them safe too.Conversation highlights:What we're cooking this holidayAutomatic pot stirrers and barista-botsWhat's happening with printed toast?Is your smart fridge telling criminals when you're away?Privacy considerations at the grocery store________________________________GuestChris RobertsOn LinkedIn | https://www.linkedin.com/in/sidragon1/On Twitter | https://twitter.com/sidragon1________________________________HostsLimor KessemOn ITSPmagazine  

About Our Diary Entry: Diana Kelley's security career spans over 30 years. She is Co-Founder and CTO of SecurityCurve and donates much of her time to volunteer work in the cybersecurity community, including serving on the ACM Ethics & Plagiarism Committee, as CTO and Board member at Sightline Security, Board member and Inclusion Working Group champion at WiCyS, Cybersecurity Committee Advisor at CompTIA, Advisory Council, Bartlett College of Science and Mathematics, Bridgewater State University, and RSAC US Program Committee.  Diana produces the #MyCyberWhy series and is the host of BrightTALK's The (Security) Balancing Act and co-host of the Your Everyday Cyber podcast. Diana is also a Principal Consulting Analyst at TechVision Research and a member of The Analyst Syndicate. She was the Cybersecurity Field CTO for Microsoft, Global Executive Security Advisor at IBM Security, GM at Symantec, VP at Burton Group (now Gartner), and a Manager at KPMG. She is a sought after keynote speaker, the co-author of the books Practical Cybersecurity Architecture and Cryptographic Libraries for Developers, has been a lecturer at Boston College's Masters program in cybersecurity, the EWF 2020 Executive of the Year, and one of Cybersecurity Ventures 100 Fascinating Females Fighting Cybercrime. Diana Kelley recently joined Cyber Future Foundation as an Advisor.  Highlights: 0:00 - Introductions and Backgrounds On how she does it all… “It takes a village – everything I do is in partnership with others” “I'm super hyper organized and that helps a lot – once I showed somebody my pantry and everything is labeled” Loves being back on the advisory side; has been at big companies for 8+ years – gives her balance working with smaller companies   6:09 - “When you get to the really big companies, as things get scaled the complications grow exponentially – have legal requirements, regulatory needs based on the geo – people can get really siloed in their focus. CISO has to have some kind of a view…” 8:44 – Diana's Perspective on Leadership. Leadership – she's been called “pushy,” but some people want to go in and get organized and bring people together. In college (she went to Boston College) and loved the radio station. They needed a general manager, and it was a student selected role; in her second year she decided to run for GM and she was the first woman!   Years later when she was working in Cambridge and building out a team, she thought to herself “I could be a Vice President someday – she had been building towards this… Advice: think about what is natural for you and embrace the opportunity. Leaders don't necessarily have to be managers 21:09 - The Button Learning - @whataboutbunny on Instagram 41:04 - What Gets You Excited and Which Role in Cybersecurity?   There are CISOs presenting to boards – what is that you want to do in cyber? Look at people who are in those roles and reach out and talk to them – ask them what their job is like “I've learned so much by just asking people. For a while I was really curious – what's a distinguished engineer…” Ask people what it's like to be in their job and how did they get there Engage with Diana Kelley: LinkedIn: https://www.linkedin.com/in/dianakelleysecuritycurve/ (https://www.linkedin.com/in/dianakelleysecuritycurve/) Twitter: https://twitter.com/dianakelley14 (https://twitter.com/dianakelley14) The (Security) Balancing Act: https://www.brighttalk.com/channel/17830/ (https://www.brighttalk.com/channel/17830/)

To get live links to the music we play and resources we offer, visit This show includes the following songs: Julie Nevel - Asbury Lane   Alex Bach (writer Ed Daniels) - No Greater love  Livia & the Rosebuds - Had To  Sabrina Carmen - Dreaming Wide Awake  Dierdre - Bleed for Me  Diana Kelley - Willow  One Week Later - Mars  IMAGESONG - And Was It Just Luck  Sa'ra Charismata - Life Is Not About Control  Koko Conley - I Was Coming Back Home  For Music Biz Resources Visit and Visit our Sponsor Shena! at Visit our Sponsor Rock Your Next Release at Visit our Sponsor Bandzoogle at:

To get live links to the music we play and resources we offer, visit This show includes the following songs: Julie Nevel - Asbury Lane   Alex Bach (writer Ed Daniels) - No Greater love  Livia & the Rosebuds - Had To  Sabrina Carmen - Dreaming Wide Awake  Dierdre - Bleed for Me  Diana Kelley - Willow  One Week Later - Mars  IMAGESONG - And Was It Just Luck  Sa'ra Charismata - Life Is Not About Control  Koko Conley - I Was Coming Back Home  For Music Biz Resources Visit and Visit our Sponsor Shena! at Visit our Sponsor Rock Your Next Release at Visit our Sponsor Bandzoogle at:

Social media, a fun way to share photos of the kids and pets or toxic soup of misinformation? Anthony Coggins, Director of Social Media at West Michigan Cloud Security Alliance explains.Social media, it's a household staple, but it's not all fun photos - governments are concerned about how social use has impacted everything from privacy to election outcomes to mental health. Our guest explains what's been shaking social media up these days and shares ways you can stay safer on your favorite platforms. Conversation highlights:Most popular social platformsIdentifying misinformation and conspiracy theoriesHow to determine if data and research are real or made-upWhy Google & YouTube were fined 170m USD for violating children's privacy lawsPrivacy considerations when using socialWhy social activity is causing mental health issues in some usersHow social algorithms work to keep you engage and sometimes enragedFinsta explained________________________________GuestAnthony CogginsOn LinkedIn | https://www.linkedin.com/in/secopsandhops/On Twitter | https://twitter.com/SecOps_and_Hops________________________________HostsLimor KessemOn ITSPmagazine  

Michelle and Naima Bond discuss the experience of supporting families through pregnancy and infant loss as doulas. Naima shares her own story of pregnancy loss and how that inspired her to do additional training in perinatal loss as she became a birth professional. Naima explains some of the challenges that African American families can face in receiving compassionate care, understanding, and support when they are experiencing perinatal loss. She also shares tips for grieving families and for those supporting them. "So that's what I would say. The support of people who truly love you and just knowing, fortunately, or unfortunately, that other people are going through the same thing; and, that you are not alone [makes a difference]."—Naima BondAbout Naima Bond:Naima Bond, M.Ed. has been serving children and families for over 25 years in the area of early childhood and disabilities. She has recently shifted her focus to supporting mothers through the birthing process. She is a certified Birth Doula with the Matron and is also going through her DONA certification. She has been associated with Calm Birth and completed the program in 2017 and then became a Calm Birth teacher trainer in 2019. Naima was brought up with meditation as a child. She learned about Calm Birth through APPPAH and knew it was a practice she wanted to include in her birth business. She supports families in her private practice and is assisting Calm Birth in teaching Calm Birth to other birth and wellness practitioners. She resides in Atlanta Ga. with her sons Mashante and LaParish.Connect with Naima Bond: Website: http://www.oyabirthandwellnesss.com/Email:  Oyabirthandwellness@gmail.comInstagram: @naimadanita Resources:https://sistersinloss.com/https://rtzhope.org/https://blackmamasmatter.org/https://4kira4moms.com/ Nneka Hall: https://pailadvocates.mypixieset.com/about/https://www.annaya.org/about-us/nneka-hallNenka Hall's PAIL Summit 2021:https://www.eventbrite.com/e/advocating-pregnancy-and-infant-loss-conference-october-2021-tickets-172272059367 Episodes mentioned: Gary Vogel  S1 E11 & E12, Diana Kelley  S1 E7, and Amy Wright Glenn S1 E18.  Connect with Rev. Michelle:Website:  BirthEaseServices.com /loss-supportFacebook:   Birth Ease Baby Loss SupportInstagram:   @birtheaselossssupportLinkedIn:  Birth Ease Michelle SmithThank you for listening! Remember, you are not alone in your grief. 

Stalkerware can monitor all of your device activity. Martijn Grooten, Coordinator The Coalition Against Stalkerware talks us through what to do if you're being cyberstalked.Stalkerware is software that is installed by abusers and predators on a victim's device without their consent. Stalkerware can monitor your emails, texts, social media posts, phone conversations and browsing history. Unfortunately, the solution may not be as simple as deleting the app, if you can even find it. But there are ways to protect yourself.Conversation highlights:What stalkerware is and doesWhether or not stalkerware is legalHow stalkers install it on devicesWhy you might not want to delete it immediatelySteps you can take online and IRL to protect yourselfWhere and how to report if you are in an abusive relationship and need help________________________________GuestMartijn GrootenOn LinkedIn | https://www.linkedin.com/in/martijngrooten/________________________________HostsLimor KessemOn ITSPmagazine  

Cybersecurity is so hot companies can't hire fast enough. What's the blocker? Experience. But how can recent grads and those in school get it? CTF expert Akshay Rohatgi explains how to get involved.One of the most common questions we get is: how can I get experience if I can't get that first job? Even entry-level cyber roles often require 1-3 years of experience. Early stage cyber experts can practice and hone their skills by participating in bug bounty programs, open-source projects, and internships. Another great way to get experience and build your network are Capture the Flag (or CTF) competitions.Conversation highlights:What a capture the flag contest isThe difference between Jeopardy v. Attack/Defense competitionsWhat to expect during an eventHow much experience you need to join oneLearn about the Air Force Association's CyberPatriot National Youth Cyber Education ProgramThe craziest thing that happened to Akshay during competitionHow you can get involved________________________________GuestAkshay RohatgiOn LinkedIn | https://www.linkedin.com/in/akshay-rohatgi-1564521b2/On Twitter | ________________________________HostsLimor KessemOn ITSPmagazine  

Michelle has the privilege to have a conversation with Diana Kelley, the director of Infants Remembered In Silence © (IRIS) a 501(c)3 Nonprofit organization that she founded in 1987, following the full-term stillbirth of her son. Together they discuss how the care parents experiencing baby loss receive has become more compassionate throughout the years and the extreme value of having someone to sit with us in our grief and give space for the power of silence. Diana shares sage advice for bereaved families, how IRIS's services have grown and evolved over the last 33 years, and IRIS's project to invite cities across the nation to light up buildings, statues, and monuments on October 15th in honor of Pregnancy & Infant Loss Awareness Day. Thank you cities of St. Cloud and Orlando, Florida for your support!We invite you to share photos of your cities remembering our babies gone too soon. We would be honored to have you tag us on Facebook and Instagram @birtheaselosssuport and @Infants Remembered in Silence "Well, it used to be that people thought that you're not going to remember if you don't get to see, hold, and touch. We discovered that wasn't real. Then we discovered that people forget, and even if they can't communicate with you very well, their body still remembers. They still know themselves that this is when my child died passed away. And I think that is something that is really hard to comprehend.  But at a certain point, your thinking changes from being, "I am never going to be able to forget this. This is a huge impact on my life." to things changing to where you're afraid you're going to forget it and then it becomes your mission to make sure others don't forget." —Diana Kelley About Diana Kelley:Diana Kelley uses her personal and career experiences to help grieving parents through their birth process and in the years of grieving that follow the death of a child. Diana provides grieving parents with the support they need when their life seems unfair and more than they can handle.  As a bereaved parent herself, she knows how grief can affect every aspect of one's life, as well as the lives of their loved ones and friends.Diana became involved in Childbirth Education following the birth of her first child in 1981. By 1984 she was a Certified Childbirth Educator working in her local hospital with hundreds of families each year and training/certifying new instructors. In 2012, after 31 years, she left the organization to expand her teaching and certifying instruction with Infants Remembered In Silence © (IRIS) a 501(c)3 Nonprofit organization that she founded in 1987, following the full term stillbirth of her son. Today IRIS services include: Bereavement Support Materials and Burial Clothing Sets designed by Diana and several other IRIS volunteers. (These Clothing Sets fit infants from 10 - 42 Gestational weeks and include matching blanket and hat, along with everything needed to work directly with the child in the hospital and funeral home settings). IRIS offers Support Group Gatherings, Special Events including the October 15th Memorial Service at the IRIS Office - in front of an Angel weeping over an empty cradle – a bronze, life sized statue, arranges for countless buildings, monuments, bridges, etc. to be lit for Pregnancy and Infant Loss Remembrance Day,  Holiday Service of Remembrance and more. These supplies and countless other resources, including the book, Sharing the Tears by Diana Kelley, are available on the IRIS website. Diana services as the executive director of IRIS. She lives in Faribault MN along with her four surviving children and one grandchild.   Connect with Diana Kelly:Email: diana@irisRemembers.comInfants Remembered In Silence © (IRIS) website: www.irisRemembers.comFB Business Page:  https://www.facebook.com/InfantsRememberedinSilenceFB Infants Remembered In Silence Private Group: https://www.facebook.com/groups/163068716993 Angel of Hope Central Florida: Facebook: https://www.facebook.com/AngelofHopeCFLWebsite: https://angelofhopecfl.wordpress.com/ Connect with Rev. Michelle:Website:  BirthEaseServices.com /loss-supportFacebook:   Birth Ease Baby Loss SupportInstagram:   @birtheaselossssupportLinkedIn:  Birth Ease Michelle Smith

Diana Kelley and Christy Kelley didn't know each other and had never met. But they did have three things in common that led to both of them being murdered. 

Today's students need to contend with video learning, privacy issues, and cyberbullying. Lisa Plaggemier Executive Director at National Cyber Security Alliance explains how kids can stay safe online.Is online/remote school here to stay and what do parents need to know to help their children stay safe?Tips for staying safe even if you're going to school IRLIs one video tool better/worse for safe online learning and post class collaboration?Are there special privacy considerations for children under 13 who go online?The power of family managed password walletsWhy Lisa loves multi-factor but doesn't love the nameHow children born after 2000 view online privacyThe real risks of online cyberbullying and how to protect your child3 things Lisa wishes every student would do to keep themselves safe________________________________GuestLisa PlaggemierOn LinkedIn | https://www.linkedin.com/in/lisaplaggemier/On Twitter | ________________________________HostsLimor KessemOn ITSPmagazine  

To get live links to the music we play and resources we offer, visit This show includes the following songs: Diana Kelley - Damn This Love I Feel  Lois Berg feat. Melissa Duvall - Va Va Voom  Charleesa - LMTD (Dreamin)  A Better Life - Against The Breeze (featuring Herica and The Wolf)  Pia of Sunlending Sky - Over the Top  Karen Osburn - Forgive & Forget  Steen Rylander - It's That Magic Thing We Do  Jack Franklin Wise - Remembrance  Liv Clark (writer John Walradt) - Rainflakes Evan Pace - Hot Hot  For Music Biz Resources Visit and Visit our Sponsor Bandzoogle at: Visit our Sponsor Rock Your Next Release at Visit our Sponsor Indie Bible at:

Unless you're “borrowing” network access from your neighbor, you've probably got a WiFi setup in your home. Expert JJ Minella explains what you need to know to build your best home WiFi ever.JJ walks us through current WiFi options and helps you create the most secure and reliable system for your home without breaking the bank.Conversation highlights:Routers, Extenders, Access points - the building blocks of WiFi networksHow to plan for gamer bandwidth needs and why most of the bandwidth reviews are “bunk”Considerations when working from homeHow to use WPA-2 securityWhat network names (SSIDs) meanDifference between WiFi 5 and 6Pros and cons of “guest” networksPicking strong but easy to remember WiFi passwordsWhat to look for when buying equipment for your home network________________________________GuestJennifer (JJ) MinellaOn LinkedIn | https://www.linkedin.com/in/jenniferminella/On Twitter | https://twitter.com/jjx________________________________HostsLimor KessemOn ITSPmagazine  

To get live links to the music we play and resources we offer, visit This show includes the following songs: Diana Kelley - Damn This Love I Feel  Lois Berg feat. Melissa Duvall - Va Va Voom  Charleesa - LMTD (Dreamin)  A Better Life - Against The Breeze (featuring Herica and The Wolf)  Pia of Sunlending Sky - Over the Top  One Week Later - Forgive & Forget  Steen Rylander - It's That Magic Thing We Do  Jack Franklin Wise - Remembrance  Liv Clark (writer John Walradt) - Rainflakes Evan Pace - Hot Hot  For Music Biz Resources Visit and Visit our Sponsor Bandzoogle at: Visit our Sponsor Rock Your Next Release at Visit our Sponsor Indie Bible at:

Want to join the cybersecurity workforce, but don't know where to start? Kathleen Smith explains transferable skills you may already have that can open the door to a career in cyber.The number of unfilled cybersecurity jobs is expected to grow from one million positions in 2013 to 3.5 million in 2021. And of the candidates who are applying for these positions, fewer than one in four are even qualified - but how do you get qualified? And what where to focus the job hunt if you're just getting started?Conversation highlights:Why people want to get into CyberThe importance of passion and problem solvingNot all cyber jobs are high techTop transferable skills for cybersecurityIf it's better to get a degree, training, or a certificationThe first cybersecurity job titles people should aim for when they are planning to pivot their careerSome of the non-technical roles people can enter the field with________________________________GuestKathleen SmithOn LinkedIn

Jax Scott has had an incredible career from the front lines in Afghanistan all the way to leading Threat Intel teams in the private sector. Hear her inspiring story.Conversation highlights:The of success for the Cultural Support Leader program in AfghanistanHow Jax started her cyber military careerWhat Electronic Warfare Officers doThe difference between threat intel in the military vs the private sectorWhat it's like to serve in the National Guard and work full-time in the private sectorHow Jax balances her incredibly busy scheduleWhat it's like starting a Woman-Owned Small Business (WOSB) and Service Disabled Veteran Owned Small Business (SDVOSB)Why it's so important to engage policymakers on behalf of the special operations forces (SOF) community________________________________GuestJaclyn (Jax) ScottOn ITSPmagazine  

Online shopping is awesome and easy, but when it comes to paying how can you be sure your hard earned money is safe?In this episode, we cover:From Credit cards to Apple/Google Pay to Venmo - how can you pay online?Who's on the hook if there's fraud?Is one payment method is more secure than the other?Why your credit card could be at risk even if you don't use it onlineHow banks and payment companies protect your transactionsWhat to do if you're double billedWhat are the differences between paying through an app store or directly to the seller?________________________________GuestKarisse HendrickOn Linkedin

Fuel pipelines, meat packing plants, ferries: is no business safe from ransomware? There is hope, you have power. Scott Scheferman shares what every small business needs to know about ransomware.Tune in to hear:Why you're suddenly hearing more about ransomwareWhat it means for the DOJ to be treating ransomware attacks as acts of terrorismAre small businesses too small to be targets of ransomware crimes?Why ransomware is part of a large pattern of criminal cyber-extortionTo pay or not to pay? Does it make sense to have some bitcoin on hand “just in case?”How attackers weaponize fearShould small business prepare for disruption by ransomware attacks on the supply chain?Why you many not get your data back even if you pay the ransomApproaches small businesses can build out to protect against ransomware extortion without breaking the bankScott's top three ransomware harm reduction tips for small businesses________________________________GuestScott SchefermanOn Linkedin

Hear the straight scoop about cyber-hackers from Deb Radcliff the first journalist to cover cybersecurity as a beat and the author of the recently published thriller: Breaking Backbones.Tune in to hear:How Deb started covering cybercrime in 1996What it's like to be harassed by Kevin Mitnick's friendsThe real deal on “hacker groups” like the l0pht and Cult of the Dead CowWhat the term “hacker” really meansWhat's up with those crazy hacker names like: Des0l8tion, Sk3w, and Elv3nWhat it was like to make the shift from journalism to cyber-thriller authorIssues and concerns with human microchippingSome of the real world characters that are fictionalized in the bookSneak peak into the rest of the trilogyHow you can win an autographed copy of Deb's book!________________________________GuestDeb RadcliffOn Linkedin

What is an architecture? Is it a document? A process? A policy? A map? A discipline? A mindset? When you hear what it is, you may have to re-evaluate how you approach your cybersecurity program. Are you ready?“The ideal architect should be a man of letters, a skillful draftsman, a mathematician, familiar with historical studies, a diligent student of philosophy, acquainted with music, not ignorant of medicine, learned in the responses of jurisconsults, familiar with astronomy and astronomical calculations.” ― VitruviusAbout the BookCybersecurity architects work with others to develop a comprehensive understanding of the business' requirements. They work with stakeholders to plan designs that are implementable, goal-based, and in keeping with the governance strategy of the organization.With this book, you'll explore the fundamentals of cybersecurity architecture: addressing and mitigating risks, designing secure solutions, and communicating with others about security designs. The book outlines strategies that will help you work with execution teams to make your vision a concrete reality, along with covering ways to keep designs relevant over time through ongoing monitoring, maintenance, and continuous improvement. As you progress, you'll also learn about recognized frameworks for building robust designs as well as strategies that you can adopt to create your own designs.By the end of this book, you will have the skills you need to be able to architect solutions with robust security components for your organization, whether they are infrastructure solutions, application solutions, or others.GuestsDiana KelleyOn ITSPmagazine

What is an architecture? Is it a document? A process? A policy? A map? A discipline? A mindset? When you hear what it is, you may have to re-evaluate how you approach your cybersecurity program. Are you ready?“The ideal architect should be a man of letters, a skillful draftsman, a mathematician, familiar with historical studies, a diligent student of philosophy, acquainted with music, not ignorant of medicine, learned in the responses of jurisconsults, familiar with astronomy and astronomical calculations.” ― VitruviusAbout the BookCybersecurity architects work with others to develop a comprehensive understanding of the business' requirements. They work with stakeholders to plan designs that are implementable, goal-based, and in keeping with the governance strategy of the organization.With this book, you'll explore the fundamentals of cybersecurity architecture: addressing and mitigating risks, designing secure solutions, and communicating with others about security designs. The book outlines strategies that will help you work with execution teams to make your vision a concrete reality, along with covering ways to keep designs relevant over time through ongoing monitoring, maintenance, and continuous improvement. As you progress, you'll also learn about recognized frameworks for building robust designs as well as strategies that you can adopt to create your own designs.By the end of this book, you will have the skills you need to be able to architect solutions with robust security components for your organization, whether they are infrastructure solutions, application solutions, or others.GuestsDiana KelleyOn ITSPmagazine

Communicating Cybersecurity ROI, AppSec Frameworks, AI and ML Security, and MoreIn this episode of Agent of Influence, Nabil speaks with Diana Kelley, founding partner and CTO at Security Curve, volunteer, security architect, keynote speaker, among her many other roles. They discuss how she unknowingly jumpstarted her security career after she found a vulnerability in ARPANET at age 13, tips for communicating cybersecurity ROI to leadership, the top frameworks and processes for application security, DevSecOps, how to safely leverage machine learning and artificial intelligence, inclusivity in cybersecurity, and their rescue pets. 

Websites and apps track us, monetize our activity, and predict what we might want or need so that advertisers can offer it to us. The Data Diva, Debbie Reynolds explains how to protect your privacy.Tune in to hear:Why the luggage you were shopping for at a retail site is now following you around while you read the news and surf the webWhat it means to “fingerprint”How marketers “predict” what you might want to buy nextTracking that takes place without your consentThe difference between first party and third part cookiesAre your apps really listening to you?A cookie by any other name - is still tracking youDeclining cookies and trackers and taking back control of your data________________________________GuestDebbie Reynolds | CEO and CPO, Debbie Reynolds Consulting LLCOn LinkedIn: https://www.linkedin.com/in/debbieareynolds/On Twitter: https://twitter.com/DebbieDataDiva________________________________HostsLimor Kessem | Diana Kelley________________________________ResourcesHow to Control Web Cookies and Boost Online Privacyhttps://www.consumerreports.org/privacy/how-to-control-web-cookies-and-boost-online-privacy/How to Control and Delete Cookies on your Browserhttps://www.pcmag.com/how-to/how-to-control-and-delete-cookies-on-your-browser________________________________This Episode's SponsorsIf you'd like to sponsor this or any other podcast episode on ITSPmagazine, you can learn more here: https://www.itspmagazine.com/podcast-series-sponsorships________________________________ For more podcast stories from Your Everyday Cyber With Limor Kessem and Diana Kelley: https://www.itspmagazine.com/your-everyday-cyber-podcast

Sean Martin and Marco Ciappelli brought together some of ITSPmagazine's podcast hosts and a couple special guests to stream a live community event immediately following the RSAC closing keynote. We shared our stories and experiences about resilience.What does resilience mean for the profession, the industry, our societies, but more importantly, for each one of us? There are many answers.Let's listen to each one.GuestsBritta Glade, Senior Director, Content & Curation at RSA ConferenceOn Twitter

There has been a rise in remote healthcare services — also cyber risks and attacks. What can we do about it?GuestTyler Cohen WoodOn Linkedin

Apple recently updated its mobile operating system, iOS, to give users a choice about what is shared and how apps use personal data. Journalist Kate O'Flaherty fills us in.Tune in to hear:What the iOS 14.5 update means for users and privacyHow to get apps to stop tracking youIf families of apps (think: Facebook + Instagram + WhatsApp) track usWhat the heck an IDFA is and how advertisers use isPenalties for developers that don't follow Apple's privacy rulesIs there a downside to blocking all tracking?Top 4 things you can do on your Apple device to boost your privacyGuestKate O'Flaherty, Freelance Technology Journalist and Copywriter (@kateoflaherty on Twitter)HostsLimor Kessem | Diana KelleyResourcesHow iOS 14.5 Is An Exciting Privacy Upgrade For All iPhone Users: https://www.forbes.com/sites/kateoflahertyuk/2021/04/17/ios-145-how-1-game-changing-feature-will-transform-iphone-privacy/5G Join / Sign In Stop iPhone apps from tracking you in iOS 14.5. Here's how: https://www.cnet.com/how-to/stop-iphone-apps-tracking-you-in-ios-14-5-heres-how/This Episode's SponsorsIf you'd like to sponsor this or any other podcast episode on ITSPmagazine, you can learn more here: https://www.itspmagazine.com/podcast-series-sponsorshipsFor more podcast stories from Your Everyday Cyber With Limor Kessem and Diana Kelley: https://www.itspmagazine.com/your-everyday-cyber-podcastAre you interested in sponsoring an ITSPmagazine Channel?https://www.itspmagazine.com/podcast-series-sponsorships

If you're looking for your next job, chances are you're interacting with AI-powered ATS (applicant tracking system) at some point in the process. Former technical recruiter Christina Stokes explains.One of the biggest frustrations is the online job submission platforms. ATS is so pervasive that a recent study indicated 99% of Fortune 500 companies are using one for hiring. Tune into this episode to hear Christina Stokes, former technical recruiter explain everything you need to know about what an ATS is and how to re-do your resume to go from reject to accept.Topics covered:Why companies use ATSHow ATS automates the sorting process for companiesIf bots rejecting your resume without human interventionWhen MBA isn't the same as M.B.A. or Masters of Business AdministrationWhy cool formatting may not be a good ideaIf cover letters still matter and if so how to write one that will help you get the jobWhat you can do to check your resume for ATS matching before submittingGuestChristina Stokes, former technical recruiter, M.S. Cybersecurity 2018 | MBA 2021, University of Maryland Global CampusOn Linkedin

While online games can be a healthy coping strategy, they can also pose some risks as cyber-attackers lurk looking for loot. Game security expert Etay Maor explains what you need to know to stay safe.Tune in to learn:Which platforms are most used by gamersHow criminal launder money through gamesHow predators fool players and even groom them, especially younger onesWhy parents need to balance privacy with safety for their child's well beingTricks game companies use to get us to buy more and play longerIf parents should game too to learn more about what their kids are doingWhat to do if you've been scammedGuestEtay Maor, Senior Director Security Strategy at Cato NetworksHostsLimor Kessem | Diana KelleyResourcesGet Safe Online: Children and Gaming: https://www.getsafeonline.org/safeguarding-children/gaming/Online Gaming Advice Hub: https://www.internetmatters.org/resources/online-gaming-advice/This Episode's SponsorsIf you'd like to sponsor this or any other podcast episode on ITSPmagazine, you can learn more here: https://www.itspmagazine.com/podcast-series-sponsorshipsFor more podcast stories from Your Everyday Cyber With Limor Kessem and Diana Kelley: https://www.itspmagazine.com/your-everyday-cyber-podcastAre you interested in sponsoring an ITSPmagazine Channel?https://www.itspmagazine.com/podcast-series-sponsorships

Diana Kelley, CTO and Founding Partner at SecurityCurve drops some serious knowledge around ransomware, zero trust architecture, and some tips on storing and protecting data in the cloud.

The online dating waters can be hard to navigate and you may kiss some frogs. Kristin Judge, Founder of the non-profit Cybercrime Support Network shares how to navigate the online dating pond safely.Tune in to learn:How apps use location data and other information about usersThe risks of cyberstalking and retaliation if the romance goes sourHow to avoid becoming a victim of revenge pornTells and red flags that your ‘true love' may actually be a true nightmareThe types of scams being committed on dating sitesWhy you should never send strangers money no matter how “close” you feel to themGuestKristin Judge, Founder and CEO, Cybercrime Support Network (@kfjudge on Twitter)HostsLimor Kessem | Diana KelleyResourcesCybercrime Support Network: https://cybercrimesupport.org/Scam Spotter: https://www.scamspotter.org/This Episode's SponsorsIf you'd like to sponsor this or any other podcast episode on ITSPmagazine, you can learn more here: https://www.itspmagazine.com/podcast-series-sponsorshipsFor more podcast stories from Your Everyday Cyber With Limor Kessem and Diana Kelley: https://www.itspmagazine.com/your-everyday-cyber-podcastAre you interested in sponsoring an ITSPmagazine Channel?https://www.itspmagazine.com/podcast-series-sponsorships

The Your Everyday Cyber audience has questions and we have answers: welcome to our special “Ask Us Anything” episode, crafted especially for you, our listener.Tune in to hear our answers to these questions:How do you find guests for the podcast?Why did you decide to focus on the Everyday consumer?What's your favorite part about being in cyber security?My family keeps asking me to manage their WiFi networks and fix their laptops, what should I do?Why do Experian, Equifax and TransUnion have permission to gather our most personal information without our consent?What it's like working in cyber at a big company like IBM or Microsoft?If you weren't doing cyber what do you think you'd be doing?Do you hack in your spare time?Did Diana's dog, Nora, learn to speak with the buttons?HostsLimor Kessem | Diana KelleyResourcesActions Taken by Equifax and Federal Agencies in Response to the 2017 Breach (link opens a PDF): https://www.gao.gov/assets/gao-18-559.pdfThis Episode's SponsorsIf you'd like to sponsor this or any other podcast episode on ITSPmagazine, you can learn more here: https://www.itspmagazine.com/podcast-series-sponsorshipsFor more podcast stories from Your Everyday Cyber With Limor Kessem and Diana Kelley: https://www.itspmagazine.com/your-everyday-cyber-podcastAre you interested in sponsoring an ITSPmagazine Channel?https://www.itspmagazine.com/podcast-series-sponsorships

Diana Kelley of The Analyst Syndicate is on the podcast to chat about her 25-year-long career in security. She touches on artificial intelligence and machine learning ethics, sneaking into DARPA in the '70s and much more. 0:00 - Intro 3:14 - Getting into cybersecurity11:51 - Cybersecurity changes in the past 25 years15:34 - Choosing exciting cybersecurity projects19:49 - What is The Analyst Syndicate?23:00 - Editorial process at The Analyst Syndicate26:26 - Changes in security from the pandemic32:22 - Combating fatigue at home34:35 - Digital transformation39:25 - Bringing more women into cybersecurity43:08 - Tips for hiring managers46:16 - Using AI and ML ethically51:50 - Tips to get into cybersecurity 55:15 - Kelley's next projects56:18 - Learn more about Kelley57:08 - OutroHave you seen our new, hands-on training series Cyber Work Applied? Tune in every other week as expert Infosec instructors teach you a new cybersecurity skill and show you how that skill applies to real-world scenarios. You'll learn how to carry out different cyberattacks, practice using common cybersecurity tools, follow along with walkthroughs of how major breaches occurred, and more. And it's free! Click the link below to get started.– Learn cybersecurity with our FREE Cyber Work Applied training series: https://www.infosecinstitute.com/learn/​ – View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcastDiana Kelley's security career spans over 30 years. She is co-founder and CTO of SecurityCurve and donates much of her time to volunteer work in the cybersecurity community, including serving on the ACM Ethics & Plagiarism Committee, as CTO and board member at Sightline Security, board member and Inclusion Working Group champion at WiCyS, cybersecurity committee advisor at CompTIA, Advisory Council, Bartlett College of Science and Mathematics, Bridgewater State University and RSAC US Program Committee. Kelley produces the #MyCyberWhy series and is the host of BrightTALK's The (Security) Balancing Act and co-host of the Your Everyday Cyber podcast. She is also a principal consulting analyst at TechVision Research and a member of The Analyst Syndicate. She was the Cybersecurity Field CTO for Microsoft, global executive security advisor at IBM Security, GM at Symantec, VP at Burton Group (now Gartner) and a manager at KPMG. She is a popular keynote speaker, the co-author of the books "Practical Cybersecurity Architecture" and "Cryptographic Libraries for Developers," has been a lecturer at Boston College's Masters program in cybersecurity, the EWF 2020 Executive of the Year and one of Cybersecurity Ventures 100 Fascinating Females Fighting Cybercrime.About InfosecInfosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with  skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It's our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.

Chances are you're on at least one social media platform. It's a great way to connect, but you need to connect and share mindfully. Tim Sadler helps us take a closer look at how to social safely.You can overshare on social media and it can get risky quickly if you share personal data like your birthday, you COVID vaccine card, or even the names of your children. Bad actors (aka cybercriminals) look for this kind of information so they can exploit it and use it against you. This subject never loses importance because attackers never lose interest in you and what you say and what you do and the things they can do with it.Tune in to hear:What it means to “hack the human”Today's most popular social media platformsHow people are merging their personal and professional lives through socialWhy it makes sense to think before you post content about your personal lifeWhy using your dog (or cat or ferret)'s name as your password is a riskProtecting your Instagram account with privacy filtersHow to talk to your kids about responsible social useRed flags that indicate someone connecting on social may not have good intentIf one social platform is more or less risky than anotherThe one thing Tim wishes every listener would STOP doing on social!GuestTim Sadler, CEO, TessianHostsLimor Kessem | Diana KelleyResourcesResearch: How to Hack the Human — https://www.tessian.com/research/how-to-hack-a-human/Social Media Safety — https://www.childwelfare.gov/topics/management/workforce/socialmedia/safety/Safety While Using Social Media — https://www.womenslaw.org/about-abuse/safety-tips/safety-while-using-social-media/allThis Episode's SponsorsIf you'd like to sponsor this or any other podcast episode on ITSPmagazine, you can learn more here: https://www.itspmagazine.com/podcast-series-sponsorshipsFor more podcast stories from Your Everyday Cyber With Limor Kessem and Diana Kelley: https://www.itspmagazine.com/your-everyday-cyber-podcastAre you interested in sponsoring an ITSPmagazine Channel?https://www.itspmagazine.com/podcast-series-sponsorships

Podcast: ITSPmagazine Podcast (LS 33 · TOP 5% what is this?)Episode: Safe To Drink? Cyber Attacks And The Water Supply: What You Need To Know | A Conversation With Bryson Bort | Your Everyday Cyber With Limor Kessem And Diana KelleyPub date: 2021-02-18Water, we usually take it for granted that what comes out of our taps is safe. But recently an attacker attempted to poison a water supply in Florida. Bryson Bort, explains what happened.Bryson is a cyber-security expert with vast experience in cyber mission support for national defense, especially where a lot of industrial controls are implemented. He is here today to help explain what went on with the attack, what the future of water safety may look like, and what our listeners can do to help protect their own water sources.Tune in to hear:What happened in Oldsmar, FloridaHow remote access was a factor in the attackRisks of password sharingWhether or not Bryson thinks the attack was initiated by a Nation State actorWhat Nation State actors do inside of utilities like water and electricWhat “red line” would trigger a military responseHow water safety is managed in the USWhat Industrial Control Systems (ICS) areWhy Bryson founded ICS VillageWhat local water treatment systems can do to increase the safety of our supplyGuestBryson Bort, Co-Founder ICS Village and Founder Scythe (@brysonbort on Twitter)HostsLimor Kessem | Diana KelleyResourcesLye-poisoning attack in Florida shows cybersecurity gaps in water systems: https://www.nbcnews.com/tech/security/lye-poisoning-attack-florida-shows-cybersecurity-gaps-water-systems-n1257173Preventing water system cyber-attacks critical to health, safety, security: https://www.awwa.org/AWWA-Articles/preventing-water-system-cyber-attacks-critical-to-health-safety-securityThis Episode’s SponsorsIf you’d like to sponsor this or any other podcast episode on ITSPmagazine, you can learn more here: https://www.itspmagazine.com/podcast-series-sponsorshipsFor more podcast stories from Your Everyday Cyber With Limor Kessem and Diana Kelley: https://www.itspmagazine.com/your-everyday-cyber-podcastAre you interested in sponsoring an ITSPmagazine Channel?https://www.itspmagazine.com/podcast-series-sponsorshipsThe podcast and artwork embedded on this page are from ITSPmagazine, Marco Ciappelli, Sean Martin, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Water, we usually take it for granted that what comes out of our taps is safe. But recently an attacker attempted to poison a water supply in Florida. Bryson Bort, explains what happened.Bryson is a cyber-security expert with vast experience in cyber mission support for national defense, especially where a lot of industrial controls are implemented. He is here today to help explain what went on with the attack, what the future of water safety may look like, and what our listeners can do to help protect their own water sources.Tune in to hear:What happened in Oldsmar, FloridaHow remote access was a factor in the attackRisks of password sharingWhether or not Bryson thinks the attack was initiated by a Nation State actorWhat Nation State actors do inside of utilities like water and electricWhat “red line” would trigger a military responseHow water safety is managed in the USWhat Industrial Control Systems (ICS) areWhy Bryson founded ICS VillageWhat local water treatment systems can do to increase the safety of our supplyGuestBryson Bort, Co-Founder ICS Village and Founder Scythe (@brysonbort on Twitter)HostsLimor Kessem | Diana KelleyResourcesLye-poisoning attack in Florida shows cybersecurity gaps in water systems: https://www.nbcnews.com/tech/security/lye-poisoning-attack-florida-shows-cybersecurity-gaps-water-systems-n1257173Preventing water system cyber-attacks critical to health, safety, security: https://www.awwa.org/AWWA-Articles/preventing-water-system-cyber-attacks-critical-to-health-safety-securityThis Episode's SponsorsIf you'd like to sponsor this or any other podcast episode on ITSPmagazine, you can learn more here: https://www.itspmagazine.com/podcast-series-sponsorshipsFor more podcast stories from Your Everyday Cyber With Limor Kessem and Diana Kelley: https://www.itspmagazine.com/your-everyday-cyber-podcastAre you interested in sponsoring an ITSPmagazine Channel?https://www.itspmagazine.com/podcast-series-sponsorships

Getting and setting up a new phone has become a regular occurrence for many of us. Rachel Arnold helps us understand what we should do to protect our privacy when setting up a new device.Tune in to hear:What smartphone privacy meansHow law enforcement uses cell information to track suspectsHow exercising the same place a crime is committed could make you a suspectIf locations tracking apps including retail loyalty, food delivery, and healthcare like COVID-19 tracers are a privacy concernWhat you're consenting to and why when you download appsWhy social app policies deserve a second lookHow to be a privacy-informed consumer of mobile appsWhy mobile companies and apps are farming your dataWhy dating apps can be so intrusive on privacyIf you should be worried about apps that want access to your microphone/cameraWhich apps suck up the most personal dataAnd the first 3-5 privacy relation actions everyone should take when they get a new phoneNerd Alert: Why Rachel looks for hard-coded APIs when she gets a new phoneGuestRachel Arnold, Client Relationship Specialist, SecureNation (@Th3_Human_API on Twitter)HostsLimor Kessem | Diana KelleyResourcesGossip, Rumor Mills and Your Favorite Applications: https://www.linkedin.com/pulse/gossip-rumor-mills-your-favorite-applications-rachel-arnoldContact Tracing Mobile Apps for COVID-19: Privacy Considerations and Related Trade-offs: https://arxiv.org/abs/2003.11511This Episode's Sponsors:If you'd like to sponsor this or any other podcast episode on ITSPmagazine, you can learn more here: https://www.itspmagazine.com/podcast-series-sponsorshipsFor more podcast stories from Your Everyday Cyber With Limor Kessem and Diana Kelley: https://www.itspmagazine.com/your-everyday-cyber-podcastAre you interested in sponsoring an ITSPmagazine Channel?https://www.itspmagazine.com/podcast-series-sponsorships

Nostalgia is not as good as it used to be.

Listen to one of the top cybersecurity and technology thought leaders. Former Microsoft Field CTO Diana Kelley shares her journey in this episode with host Hillarie McClure. Learn more about Diana at https://www.linkedin.com/in/dianakelleysecuritycurve/

In this special episode honoring Pregnancy and Infant Loss Awareness Month, Michelle has the privilege to have a conversation with Diana Kelley, the director of Infants Remembered In Silence © (IRIS) a 501(c)3 Nonprofit organization that she founded in 1987, following the full-term stillbirth of her son. Together they discuss how the care parents experiencing baby loss receive has become more compassionate throughout the years and the extreme value having someone to sit with us in our grief and give space for the power of silence. Diana shares sage advice for bereaved families, how IRIS's services have grown and evolved over the last 33 years, and IRIS's project to invite cities across the nation to light up buildings, statues, and monuments on October 15th in honor Pregnancy & Infant Loss Awareness Day. Thank you cities of St. Cloud and Orlando, Florida for your support! We invite you to share photos of your cities remembering our babies gone too soon. We would be honored to have you tag is on Facebook and Instagram @birtheaselosssuport and @Infants Remembered in Silence "Well, it used to be that people thought that you're not going to remember if you don't get to see, hold, and touch. We discovered that wasn't real. Then we discovered that people forget, and even if they can't communicate with you very well, their body still remembers. They still know themselves that this is when my child died passed away. And I think that is something that is really hard to comprehend.  But at a certain point, your thinking changes from being, "I am never going to be able to forget this. This is a huge impact on my life." to things changing to where you're afraid you're going to forget it and then it becomes your mission to make sure others don't forget."—Diana Kelley{This episode is dedicated to the Smith babies. You are forever safe and loved within our hearts.} About Diana Kelley:Diana Kelley uses her personal and career experiences to help grieving parents through their birth process and in the years of grieving that follow the death of a child. Diana provides grieving parents with the support they need when their life seems unfair and more than they can handle.  As a bereaved parent herself, she knows how grief can affect every aspect of one's life, as well as the lives of their loved ones and friends.Diana became involved in Childbirth Education following the birth of her first child in 1981. By 1984 she was a Certified Childbirth Educator working in her local hospital with hundreds of families each year and training/certifying new instructors. In 2012, after 31 years, she left the organization to expand her teaching and certifying instruction with Infants Remembered In Silence © (IRIS) a 501(c)3 Nonprofit organization that she founded in 1987, following the full term stillbirth of her son. Today IRIS services include: Bereavement Support Materials and Burial Clothing Sets designed by Diana and several other IRIS volunteers. (These Clothing Sets fit infants from 10 - 42 Gestational weeks and include matching blanket and hat, along with everything needed to work directly with the child in the hospital and funeral home settings). IRIS offers Support Group Gatherings, Special Events including the October 15th Memorial Service at the IRIS Office - in front of an Angel weeping over an empty cradle – a bronze, life-sized statue, arranges for countless buildings, monuments, bridges, etc. to be lit for Pregnancy and Infant Loss Remembrance Day,  Holiday Service of Remembrance and more. These supplies and countless other resources, including the book, Sharing the Tears by Diana Kelley, are available on the IRIS website. Diana services as the executive director of IRIS. She lives in Faribault MN along with her four surviving children and one grandchild.   Connect with Diana Kelly:   Email:   diana@irisRemembers.comWebsite: www.irisRemembers.comFB Business Page:  https://www.facebook.com/InfantsRememberedinSilenceFB Infants Remembered In Silence Private Group: https://www.facebook.com/groups/163068716993 Angel of Hope Central Florida: Facebook:  @AngelofHopeCFLWebsite: https://angelofhopecfl.wordpress.com/ Connect with Michelle Smith:Website:  BirthEaseServices.comFacebook:   Birth Ease,   The Birth Ease Podcast,  Birth Ease Baby Loss SupportInstagram:    @birtheasemichellesmith,  @birtheaselossssupportYouTube:    Birth EaseLinkedIn:  Birth Ease Michelle SmithPinterest:  Birth EaseShow:  Birth Ease

ITSPmagazine | Conversations At the Intersection of Technology, Cybersecurity, and Society. The Unusual Gatherings Talk Show A few years ago, we decided to set up camp at a crossroads where people from a wide variety of backgrounds, cultures, and professions happen to walk by. We invite them to stop, rest a bit, and join our conversations — most of them gladly do. We call these encounters Unusual Gatherings. Co-Host: Diana Kelley Guest: Adam Shostack Hosts: Sean Martin | Marco Ciappelli Threat Modeling Technology, Business, Humans, and Society Threats? What? When? Why? I'll worry when and if the time comes. And life goes on smoothly as usual — until it doesn't. We invited our friend Diana Kelley to join us once more on our talk show, Unusual Gatherings, but instead of being the guest, she would be our co-host bringing a guest of her choosing. She knows we like to talk about technology and humanity, and that we love time traveling through the past, present, and future of this weird relationship -- and to get philosophical about it too. So she invited Adam Shostack to be her guest on the show. What a perfect choice. He wrote THE BOOK on Threat Modeling and can apply that way of thinking to software, technological systems, business, organizations, complex systems, social media, news manipulations, CyberSecurity, social engineering, group sociology, animal behaviors, everything that makes us humans, our relationships, and our society as a whole — pretty much, life. What are we working on? What can go wrong? What are we going to do about it? And did we do a good job? If you think about it for a second, these actually have nothing to do with technology. You can apply them anywhere. Truth? We're all faced with different threats every day, and probably most of us don't even realize it. Bigger truth? "If you want to avoid problems and don't have donuts, you have a problem." Listen up, and it will all make sense. Well, most of it. __________________________________ For more Unusual Gatherings: www.itspmagazine.com/unusual-gatherings __________ Interested in sponsoring an ITSPmagazine Channel? Visit: www.itspmagazine.com/talk-show-sponsorships

Diana Kelley is the Cybersecurity Field CTO at Microsoft, where she leads the Microsoft Cybersecurity Thought Leadership team and advises CIO's, CISO's, and CTO's on cyber strategy and approach. In addition to her work at Microsoft, Diana also serves on the Board of the non-profit, Women in CyberSecurity, on the Program Committee for the RSA Conference, hosts the MyCyberWhy podcast, and regularly appears on media platforms like CNBC, CBS, NY Times, and WSJ. During the interview, Diana and I discuss: How did Diana find herself in cybersecurity and ultimately in her current role at Microsoft? How does she envision the continued move to the Cloud and security's role in this industry migration? How does she encourage her customers to approach conversations with their business peers? Why should security teams take a leadership role in helping their business peers better understand cybersecurity? Website: businessofcyber.com LinkedIn: Joe Vinck & Business of Cyber Twitter: @joey_vinck OFFER FOR FIRST TEN EPISODES In order to enter for a chance to win each book discussed in the first 10 episodes, please rate & leave a review wherever you listen to podcasts and reach out to Joe via Email, LinkedIn, or Twitter with your username to let us know you've rated. Winners will be announced after Episode 10

To mark International Women’s Day 2020 and highlight the amazing women making a difference in cybersecurity, we invited 13 of our previous guests to answer a single question. Their responses are collated into this podcast: a snapshot of the industry from the women who are leading it. Diana Kelley, Field CTO at Microsoft, on digital […]

Demystifying Artificial Intelligence and Machine Learning. Diana Kelley, Cybersecurity Field CTO for Microsoft, and Dr. Char. Sample, Cybersecurity Research Fellow at Idaho National Laboratories, join Ashwin on RSA’s Broadcast Alley to discuss their “All that Glitters” talk debunking artificial intelligence and machine learning marketing. In an industry with so many buzzwords and too little understanding, […]

By Marco Ciappelli & Sean Martin Guest: Diana Kelley | Cybersecurity Field CTO at Microsoft, Security Architect, Keynote Speaker, Author and Strategist. One of the main topics we discuss in our Talk Show, The Future Of The Future, is how the decisions we make today will either help — or screw over — society, and humanity, down the road. Today’s conversation fits this topic to a tee: looking at whether or now we can achieve sustainability with (and in) technology. To find out, we get to chat with our good friend, Diana Kelley. To kick this conversation into gear, we must remember that technology is not just about technology in and of itself. Instead, technology is humanity; technology is also the future of humanity. And, to this end, if the technology is not sustainable—if it uses more resources than available to function—so will our society be unsustainable. This begs the following questions: Do we need all of those IoT devices in our homes, our offices, our vehicles, our cities? Do we need to “keep up with the Jones” by buying a new smartphone every year? And a new tablet? And a new laptop? And a new digital assistant? Can we not get new features for our “things” without having to buy the latest and most excellent device? Think about blind spot warnings, automated parking, backup protection, pedestrian detection, and other security-related features in a car — does everybody need to buy that new car for society to be safer? Or, are there different ways to handle these upgrades? What parallels can we draw upon—namely in modularization, APIs, and other plug-n-play and over-the-air-update models—to make our technological world a better, more sustainable place? It’s no secret that we are living in a throw-away economy—as soon as we buy something, we are counting the days until we pay for that something and can update it to the next version. It’s a trend that can’t stick if we want to create a society that succeeds through sustainability, and save ourselves and our planet while we do that. With this view of the world in mind, what decisions will you make today to make for a better future for yourself and the next generation? This might not be an easy question to answer. The important ones often aren’t. This doesn’t mean we can avoid the hard work to find the answer(s). Instead, it means we must hit the question head-on to explore what options we have, such that the decisions we do make today will, in fact, make for a better future. *Hint: we have options. __________________ For more of The Future Of The Future on ITSPmagazine, visit: https://www.itspmagazine.com/the-future-of-the-future

Sean Martin and Marco Ciappelli chat with Diana Kelley, Cybersecurity Field CTO at Microsoft, and Abbas Kudrati, Chief Cyber Security Officer at Microsoft as part of their RSA Conference 2019 APJ event coverage from the Marina Bay Sands in Singapore. There's also a video version of this chat which can be viewed here: https://vimeo.com/348404682 ________ We'd like to thank our conference coverage sponsors for their support. Be sure to visit their directory pages on ITSPmagazine to learn more about them. Bugcrowd: https://www.itspmagazine.com/company-directory/bugcrowd Devo: https://www.itspmagazine.com/company-directory/devo STEALTHbits: https://www.itspmagazine.com/company-directory/stealthbits ________ Want more from RSA Conference 2019 in Singapore? Follow all of our coverage here: https://www.itspmagazine.com/rsa-conference-apj-2019-event-coverage-singapore-cybersecurity-news-coverage-and-podcasts Looking for our chats on the road to RSA Conference Singapore? You can find those here: https://www.itspmagazine.com/itsp-chronicles/chats-on-the-road-to-rsa-conference-2019-singapore

In today’s chat, we are joined by Diana Kelley, CyberSecurity Field CTO at Microsoft. Diana is also one of the keynote speakers at RSA Conference APJ for the 3rd time — this time, she will be talking about: Better Cybersecurity with AI and ML? Focus on Culture, Diversity and Inclusion. Session Description: To get the most benefit from advances in the fields of AI and machine learning, organisations must focus on the culture and diversity within their own cybersecurity teams. AI and ML can help speed up the response cycle, but without diverse teams working on the ML models, the data and the threat models may end up automating bias or even the attack paths for criminals. Of course, in addition to enjoying our conversations with Diana, we also really like these topics: Artificial Intelligence, Machine Learning, Culture, Diversity, and Inclusion. What a mix! We are thrilled to have this chat with Diana to learn more about her keynote session, the ethical and moral issues surrounding those topics, other viewpoints she has for any regional differences that may exist in Asia Pacific region, and for thoughts on the RSA Conference APJ in general. Enjoy! ________ We'd like to thank our conference coverage sponsors for their support. Be sure to visit their directory pages on ITSPmagazine to learn more about them. Bugcrowd: https://www.itspmagazine.com/company-directory/bugcrowd Devo: https://www.itspmagazine.com/company-directory/devo STEALTHbits: https://www.itspmagazine.com/company-directory/stealthbits ________ Want more from RSA Conference 2019 in Singapore? Follow all of our coverage here: https://www.itspmagazine.com/rsa-conference-apj-2019-event-coverage-singapore-cybersecurity-news-coverage-and-podcasts Looking for more chats on the road to RSA Conference in Singapore? You can find those here: https://itspmagazine.com/itsp-chronicles/chats-on-the-road-to-rsa-conference-2019-singapore

This week, Down the Security Rabbithole Podcast is publishing episode 3 of 4 which were recorded LIVE at RSA Conference 2019. This episode features Diana Kelley, of Microsoft, talking about the latest security report and other goodies. Highlights from this week's show include... Diana discusses the highlights from the latest Microsoft Security Intelligence Report Raf provides an opinion on how Microsoft could totally own the endpoint space Rafal & Diana dive back into passwords...apparently, we just can't get away from them Diana tells a really interesting story about Microsoft Windows Hello and twins Guest Diana Kelley - @DianaKelley14 - Microsoft Enterprise Cybersecurity Group Leadership team member. Represent Microsoft at global security conferences, author-industry analysis, white papers, and blogs on Microsoft security strategy and response to cyber threats. Contribute to the all up security messaging and provide insight into the strategic vision and direction for the company in close partnership with marketing, business groups, and engineering, as well as working closing with the security PR and AR teams.

Unusual Gathering | Episode XXIII Conversations At The Intersection Of IT Security And Society Part Of Our RSA Conference | San Francisco 2019 Coverage Guests Diana Kelley | Priscilla Koepke | Ann Cleaveland Host Marco Ciappelli This Episode: Tomorrow starts today. Cybersecurity Futures 2025. This panel was recorded on the Moscone Center floor during RSA Conference 2025. It follows a Pre-Conference podcast with panelist Dawn Thomas and Alan Cohn and the actual presentation that took place the day before this recording. The project “Cybersecurity Futures 2025” is a collaboration between the University of California, Berkeley Center for Long-Term Cybersecurity (CLTC) and CNA’s Institute for Public Research, conducted in partnership with the World Economic Forum’s Global Future Council on Cybersecurity (2016-2018) and the Forum’s Centre for Cybersecurity. If this topic doesn’t fit right At The Intersection Of IT Security And Society I am not sure what else could. It is an exciting time to be alive with so many incredible scientific and technological advancements in every area of our lives, with states interacting together and cultures mixing in a global boundary-less cyberspace. It is also a dangerous time to be alive in this new technological era where cybersecurity issues encompass every area of our lives and affect geopolitical dynamics, and the way societies evolve. The decisions we are making today about technology interacting with humans are going to affect our society in 2025 and way beyond that time.  It is now that we must force ourselves to think about fundamental philosophical questions and come up with good answers and courses of action, because those, or the lack of those, are already affecting us now and will affect us even more in our future. For this panel, I invited Ann Cleaveland, (CLTC Executive Director), Diana Kelly (Microsoft), and Priscilla Koepke (Massachusetts Institute of Technology) to recap the research and discuss what the biggest challenges, fears, and possible solutions to the four presented scenarios are. Scenario 1 — Quantum Leap Scenario 2 — The New Wiggle Room Scenario 3 — Barlow’s Revenge Scenario 4 — Trust Us Are we looking at a dystopian, a utopian or a realistic future that we can shape making the right choices today? You decide. Literally, you, they, and we. We can decide, all together if we act now. This is just a starting point. ________ Thanks to our episode sponsors: Edgescan - https://www.itspmagazine.com/company-directory/edgescan Bugcrowd - https://www.itspmagazine.com/company-directory/bugcrowd STEALTHbits - https://www.itspmagazine.com/company-directory/stealthbits Devo - https://www.itspmagazine.com/company-directory/devo Onapsis - https://www.itspmagazine.com/company-directory/onapsis Nintex - https://www.itspmagazine.com/company-directory/nintex ________ For more Unusual Gatherings: https://www.itspmagazine.com/unusual-gatherings

Unusual Gathering | Episode XIII Conversations At The Intersection Of IT Security And Society Guests Diana Kelley | Gabriel Lawrence Hosts Marco Ciappelli | Sean Martin This Episode:

Britta Glade and Dr. Hugh Thompson delve into the latest cybersecurity technology developments with Microsoft’s Diana Kelley and Denim Group’s John Dickson. Topics to be covered include: •What is data gravity and how can it help analysts in the SOC/CDOC? •How can security strategies be adapted for DevOps application developments? •What are the advantages of using a layered machine learning (ML) model over a single ML? •Are humans in danger of being replaced by artificial intelligence?

* Special thanks to Microsoft for giving DtSR access to fantastic guests, and printing t-shirts & stickers for RSA Conference 2018. Please help us say thank you and check out all of the MS announcements at https://microsoft.com/rsa and if you really want to check out something amazing where IoT and cloud collide, check out https://microsoft.com/azure-sphere. On this very special episode of the podcast, Raf sits down at RSA Conference 2018 with the one and only Diana Kelley to talk data integrity, crisis communication, and fear-based selling in security. Again, special thanks to Jessica and the Microsoft.   Guest Diana Kelley ( @DianaKelley14 ) - Diana is the Cybersecurity Field CTO for Microsoft, a cybersecurity thought leader, practitioner, executive advisor, architect, speaker, author and co-founder of SecurityCurve. More here: https://www.linkedin.com/in/dianakelleysecuritycurve/ 

Diana Kelley is the Cybersecurity Field CTO at Microsoft and a cybersecurity thought leader, practitioner, executive advisor, speaker, author and co-founder of SecurityCurve. Ed Moyle is currently Director of Thought Leadership and Research for ISACA. Prior to joining ISACA, Ed was Senior Security Strategist with Savvis and a founding partner of the analyst firm Security Curve. Diana and Ed join us this week for an interview on Paul’s Security Weekly! Full Show Notes: https://wiki.securityweekly.com/Episdoe54 Subscribe to our YouTube channel: https://www.youtube.com/securityweekly Visit our website: http://securityweekly.com Follow us on Twitter: https://www.twitter.comsecurityweekly

Diana Kelley and Ed Moyle of Security Curve join us for an interview! Jake Williams, founder of Rendition Infosec and Senior Instructor at the SANS Institute joins us for another interview! In the news, fingerprinting digital documents, Skype finally getting end-to-end encryption, Apple set to patch yet another macOS password security flaw, and more on this episode of Paul's Security Weekly! Full Show Notes: https://wiki.securityweekly.com/Episode543 Visit https://www.securityweekly.com/psw for all the latest episodes!

Diana Kelley and Ed Moyle of Security Curve join us for an interview! Jake Williams, founder of Rendition Infosec and Senior Instructor at the SANS Institute joins us for another interview! In the news, fingerprinting digital documents, Skype finally getting end-to-end encryption, Apple set to patch yet another macOS password security flaw, and more on this episode of Paul's Security Weekly! Full Show Notes: https://wiki.securityweekly.com/Episode543 Visit https://www.securityweekly.com/psw for all the latest episodes!

Diana Kelley is the Cybersecurity Field CTO at Microsoft and a cybersecurity thought leader, practitioner, executive advisor, speaker, author and co-founder of SecurityCurve. Ed Moyle is currently Director of Thought Leadership and Research for ISACA. Prior to joining ISACA, Ed was Senior Security Strategist with Savvis and a founding partner of the analyst firm Security Curve. Diana and Ed join us this week for an interview on Paul’s Security Weekly! Full Show Notes: https://wiki.securityweekly.com/Episdoe54 Subscribe to our YouTube channel: https://www.youtube.com/securityweekly Visit our website: http://securityweekly.com Follow us on Twitter: https://www.twitter.comsecurityweekly

In celebration of National Teacher Appreciation Week, currently underway in the U.S., four of IBM Security's top subject matter experts have come together for a special podcast honoring their most memorable teachers and mentors. Listen now to hear Limor Kessem, Pam Cobb, Diana Kelley and Neil Jones reflect on the teachers who shaped their young minds or guided them on the path to their current careers. Visit https://securityintelligence.com/ to read the latest security content from all the IBM experts, and download the brand new executive report entitled, "Addressing the Skills Gap with a New Collar Approach," at https://ibm.co/2pZmUw4.