Podcasts about dspm

1. NOTICIAS DE TECNOLOGÍA2. CIBERPÍLDORA: IT VS OT, CUANDO UN CIBERATAQUE SALTA DE LA OFICINA A LA MÁQUINA3. TECNOEFEMÉRIDE4. MONOGRÁFICO: EL GOBIERNO DEL DATO5. TECNOLOGÍA CURIOSA: TELÉFONOS MÓVILES EN LOS AVIONES6. ENTREVISTA: JORGE CRESPO, responsable de operaciones IT, CAPITAL ENERGY7. CONCURSO

One IT department expected 50 agents in their tenant. They found over 500. Welcome to agent sprawl — the SharePoint site sprawl story, just faster, more autonomous, and with a billing model nobody fully understands yet.In this episode, Christian Buckley and Ragnar Heil sit down with Timothy Boettcher, SVP Go-to-Market & Global Product Marketing at AvePoint and fellow Microsoft MVP, to talk about what governance actually looks like when agents start creating other agents.

If you walked RSAC Conference 2026 expecting incremental updates, you left with something very different. Thyaga Vasudevan, EVP, Product at Skyhigh Security, describes this year as unlike any prior conference -- not because of a single announcement, but because the customers asking how to secure agentic AI were the same customers already building and deploying it. The urgency was real, immediate, and universal across organization sizes. The defining theme was agentic security. Vasudevan frames it around three core questions every security team now needs to answer: who is acting (agent identity), what are they accessing (data and APIs), and what are they trying to do (actions and permissions). The ChatGPT launch in November 2022 marked a generational shift -- and at RSAC 2026, Skyhigh Security observed that the industry had moved decisively from data-in and data-out protection to governing the actions of autonomous agents themselves. Data sovereignty was the other major conversation thread, driven by geopolitical realities and tightening regional data regulations. Vasudevan spoke with CISOs from financial services, healthcare, public sector, and not-for-profit organizations, each with different infrastructure approaches -- from on-prem data centers to sovereign clouds to full cloud deployments -- but all navigating the same fundamental challenge. DSPM and hybrid architectures are no longer optional for global enterprises. And quietly but significantly, browser security emerged as a front-and-center priority, reflecting the browser's growing role as a primary cloud endpoint. This is a Brand Highlight. A Brand Highlight is a ~5 minute introductory conversation designed to put a spotlight on the guest and their company. Learn more: https://www.studioc60.com/creation#highlight GUEST Thyaga Vasudevan, EVP, Product, Skyhigh Security LinkedIn: https://www.linkedin.com/in/thyaga12/ RESOURCES Skyhigh Security: https://www.skyhighsecurity.com RSAC Conference 2026 Coverage: https://itspmagazine.com/rsac26 Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Thyaga Vasudevan, Skyhigh Security, Sean Martin, Marco Ciappelli, brand story, brand marketing, marketing podcast, brand highlight, agentic AI security, data sovereignty, SSE, Security Service Edge, DSPM, zero trust, browser security, cloud security, RSAC Conference 2026, RSAC 2026, AI agent security, MCP security Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Most organizations are not cloud-only and, according to Thyaga Vasudevan, EVP, Product at Skyhigh Security, they are unlikely to become cloud-only anytime soon. Legacy on-prem applications, new AI workloads kept inside the firewall, and the growing cost of routing all enterprise traffic through a cloud proxy are pushing organizations toward a hybrid security architecture -- one that needs to enforce consistent policy regardless of where the traffic goes or where the data lives. Skyhigh Security announced three major innovations at RSAC Conference 2026: a next-generation SSE hybrid platform with a single console managing on-prem and cloud enforcement under one policy construct; a patent-pending browser security capability that injects JavaScript controls dynamically into existing browser sessions without requiring a dedicated enterprise browser; and the general availability of its DSPM platform, which uniquely provides visibility into both data at rest and data in motion by combining proxy-layer inspection with posture management. The browser has quietly become the most important enforcement point in the enterprise. As AI tools like Microsoft Copilot operate through web socket connections that cannot be intercepted at the server level, security controls have to reach inside the browser session itself. Vasudevan describes a seamless approach: because Skyhigh Security already sees the traffic flowing through its SSE cloud, it can inject controls at the browser layer without asking employees to change the tools they use. Data sovereignty is no longer a compliance footnote -- it is an architectural driver. Vasudevan walked through a global manufacturer operating simultaneously in Europe, the United States, and China. Each region carries different regulatory constraints, different trust postures for cloud infrastructure, and different performance requirements. Skyhigh Security's hybrid platform handles all three scenarios under the same management framework and the same policy construct. The customer chooses where enforcement happens -- on-prem, cloud, or hybrid -- without rebuilding their security architecture. On AI agents, Vasudevan describes the evolution clearly: 2022 was about protecting data flowing into generative AI tools; 2025 became about protecting the actions of the agents themselves. Skyhigh Security positions itself as a proxy between agent traffic and the systems agents interact with -- whether MCP servers or SaaS applications -- monitoring what goes in and what comes out in real time. DSPM provides the baseline: know where sensitive data is and what risk it carries before any agent is given access to it. That distinction between sensitivity and risk is what allows organizations to make smart, dynamic decisions rather than blanket restrictions. This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight GUEST Thyaga Vasudevan, EVP, Product, Skyhigh Securityhttps://www.linkedin.com/in/thyaga12/ RESOURCES Skyhigh Security: https://www.skyhighsecurity.com Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Thyaga Vasudevan, Skyhigh Security, Sean Martin, brand story, brand marketing, marketing podcast, brand spotlight, hybrid security, SSE, Security Service Edge, DSPM, data security posture management, zero trust, browser security, data sovereignty, AI agents, agentic AI, cloud security, RSAC Conference 2026, cybersecurity Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

At RSAC Conference 2026, the floor at Moscone Center was buzzing with talk of AI -- but underneath the excitement, a sharper question was forming: are enterprises actually ready to secure the AI systems they are rushing to deploy? Ed Wright, VP of Product Marketing at Menlo Security, joined Sean Martin on-site to dig into exactly that question. With 85 percent of knowledge workers now operating primarily through a browser, Menlo Security has spent 13 years building the infrastructure to protect that surface -- and the threat landscape has just taken a significant turn. The traditional browser threat model centers on humans: phishing links, malicious downloads, social engineering, deepfake video scams. Enterprises have spent billions on SSE stacks and endpoint protection stacks. Yet attacks continue to multiply. What Menlo Security is now tracking is a second threat model layered on top -- one designed specifically for AI agents. Agents use browsers to acquire data and complete tasks, often spinning up hundreds or thousands of headless browser sessions outside the enterprise perimeter, invisible to network security tools that only monitor the wire. The threat profile for agents is distinct. Where a human might miss a suspicious link, an agent reads white-on-white text and zero-font-size characters embedded in web pages -- classic prompt injection techniques. Agents are maniacally focused on task completion and do not naturally separate instructions from data. A co-opted agent, redirected through hidden instructions, will pursue its new goal with the same single-mindedness as its original one. Ed Wright notes that the top concern among CISOs at the RSAC Conference CISO bootcamp -- confirmed by a live audience poll -- is data exfiltration from agents: an agent accessing files, scraping internal pages, passing data to external LLMs, and moving sensitive information outside the organization. Menlo Security's response is a unified browser security platform that applies a single policy framework to both human and agentic workloads. The platform is built on four pillars: threat prevention including zero-day protection, secure application access, data security through AI Adaptive DLP, and file security. AI Adaptive DLP is the capability Ed Wright emphasizes most -- it functions as a combination of DLP and DSPM, discovering and classifying sensitive data across the organization and masking it in real time rather than blocking access. When traditional DLP blocks a human, they call IT. When it blocks an agent, the workflow silently fails. AI Adaptive DLP eliminates that failure mode entirely, keeping workflows uninterrupted while sensitive data stays protected at the source. The unification argument cuts through a crowded point-solution market. Rather than deploying separate tools for prompt injection, file security, and application access, Menlo Security delivers a single layer of visibility and observability across the entire workforce. Single policies. Single set of capabilities. No stitching together of forensic data from disconnected systems. Ed Wright points to a Fortune 500 customer that deployed 20,000-plus agents in a short window after a board mandate -- and quickly realized they had no security guardrails in place for browser-based agentic activity. The emergency call to Menlo Security was not the first of its kind, and it will not be the last. This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight GUEST Ed Wright, VP of Product Marketing, Menlo Security LinkedIn: https://www.linkedin.com/in/edwardwright1/ RESOURCES Menlo Security: https://www.menlosecurity.com Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Ed Wright, Menlo Security, Sean Martin, browser security, agentic AI security, AI agents, headless browsers, prompt injection, data exfiltration, AI Adaptive DLP, DSPM, zero-day threats, enterprise browser, SSE, RSAC Conference 2026, brand spotlight, brand story, brand marketing, marketing podcast Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Faraz Siraj, vice president of global channels and alliances at Fortra Faraz Siraj, vice president of global channels and alliances at Fortra, joins the podcast to talk about what it looks like to build a channel program around a cybersecurity platform assembled through more than 20 acquisitions – and why MSPs should be paying attention now. Fortra’s portfolio spans offensive security tools like Cobalt Strike and Core Impact, data protection through Digital Guardian, and security awareness training via Terra Nova Security. It’s a wide footprint, and as Faraz acknowledges, many partners still know the acquired brands without realizing they’re all under one roof. The Fortra Protect partner program, launched in 2025 with guaranteed margins and a single FortraOne partner agreement, is the company’s answer to the fragmented discount structures and multiple contracts that came with all that M&A. The conversation also digs into Fortra’s recent decision to sell its Alert Logic managed detection and response services to LevelBlue – a deliberate move to position the company as a software provider, not a services competitor to its own partners. Faraz is candid about where offensive security capabilities realistically fit into an MSP’s stack and where they don’t, and offers a practical on-ramp for Canadian partners through Fortra’s acquisitions of Ottawa-based Titus and Montreal-based Terra Nova. Read Full Transcript Robert Dutt: Hello and welcome to In The Channel from ChannelBuzz.ca, bringing news and information to the Canadian IT channel community for the last 16 years. I’m Robert Dutt, editor of ChannelBuzz.ca and your host for the show. If I say the name Fortra, there’s a decent chance you might not immediately place it. But if I say Cobalt Strike, or Digital Guardian, or Alert Logic, or Titus, especially if you’re in Ottawa, those might ring a bell. Fortra is the company that’s been quietly acquiring cybersecurity companies for the better part of a decade. More than 20 acquisitions in all, and now they’re trying to stitch it all together into a unified platform, pointed squarely at MSPs and MSSPs. What makes this story interesting right now is they’ve recently made some moves that signal where they think they fit into the ecosystem. They sold off their Alert Logic managed services business to LevelBlue, which is a pretty clear statement. We make software, we’re not going to compete with you on service delivery. And they’ve rolled out a new partner program called Fortra Protect with guaranteed margins and a single partner agreement that covers the whole portfolio. My guest today is Faraz Siraj, Fortra’s Vice President of Global Channels and Alliances, and I wanted to talk to you about what it looks like to build a channel program around a platform that was assembled through acquisition, how MSPs should think about the balance between offensive and defensive security capabilities, and whether there’s a Canadian go-to-market story here. Let’s get right into it. My chat with Faraz Siraj. Faraz, thanks for taking the time. I appreciate it. Faraz Siraj: Great to be here. Robert Dutt: Fortra has been built through a bunch of acquisitions. 20+, 25+ I think? For MSPs who know Cobalt Strike or Digital Guardian but don’t necessarily know the umbrella brand of Fortra, what’s the pitch for why they should think of you guys as a platform rather than sort of a collection of tools? Faraz Siraj: Great question. Well, all of these products that we acquired over a, I’d say, a five-year period, it was around a little over 20 companies, we are going to platformization, and all of these will be available via the platform. And the platform provides a variety of tools to manage, and so MSPs would probably want to welcome that opportunity to utilize a single platform with multi-tenancy to help manage those solutions for their customers. It’s just a natural fit, and rather than having multi-screens, multiple interfaces to be able to provide those types of managed services, so it’s a very, very powerful way of bringing it all together. Robert Dutt: For that MSP market, you guys sold off Alert Logic’s managed services business to LevelBlue a couple of months ago. What does that signal to MSPs about where you see Fortra sitting in the ecosystem moving forward, in terms of trying to be a technology brand behind the MSP? Faraz Siraj: Well, that’s a perfect fit. I think we realized that the managed service business is not really what our strong suit is. And we aligned our Alert Logic business with a suitor that can take full advantage of that kind of business, and they’re very good at it. We, over time, realized that if you want to do that business, you have to really focus in on it, whereas we had other priorities. And so what that tells the market and other partners out there is that we need our partners to be able to provide those managed solutions. We truly are in the business of making and providing software. We do not want to be in the services game. We want to have our partners provide those services, whether it is managed services or whether it’s installation services, optimization services delivery, we need our partners to do that. And that’s what creates opportunity. And that’s what I’m really excited about with our platform play, as well as where our future direction is as a company around the products that we provide. Robert Dutt: One of the most interesting things I think you guys talk about is the idea of MSPs balancing offense and defense. And I guess I want to dig into what that actually looks like in terms of the service delivery level. Where does offensive insight realistically show up in the day-to-day stack for an MSP? Faraz Siraj: Well, it shows up everywhere, whether you realize or not. It is in whether it is vulnerability management, it’s in offensive security tooling, it is in pen testing, it is in simulations. That takes some knowledge and ability to provide those services around those capabilities. And that’s just from an offensive side. There is a need for support for those particular product sets. On the defensive side, it’s pretty simple. I mean, we have a lot of those defensive protection products, and we need our partners to be able to provide solutions around it. Robert Dutt: Yeah, and MSPs, most I would dare say at this point, are defensive operators by nature. Prevent, detect, respond, deal with the problem. What can MSPs realistically do with offensive capabilities, and where should they not be trying to operationalize offensive capabilities in their stack? Faraz Siraj: Well, the first thing that I would tell them is be comfortable with what you’re providing. Be comfortable with your capabilities that you can go to your market with, with your customers. If you don’t know it, you can certainly learn, but you don’t want to try to pigeonhole yourself into a technology that you’re unfamiliar with. We can help with that. We have a lot of training. We have a lot of classes available through our Fortra Academy that can help them, and we have onboarding that we can help partners with. Again, it would be, I would think about the customer and work backwards. You would want to qualify the customer and qualify their needs. And if offensive security is something that is a pain point for your customer, then investigate it. And sometimes it’s not. And if it’s not needed, why would you want to venture and invest in an area that you’re unfamiliar with? Now I’d love for all of them to do it, but I’m an honest person. Sometimes it doesn’t make the right business sense. Robert Dutt: You guys acquired Red Macros Factory to enhance Outflank Security Tooling. Cobalt Strike is used by red teams worldwide, but it’s also used by threat actors who are probably using cracked copies. That led Fortra and Microsoft to take joint legal action in the past. How do you talk to partners about selling offensive tools when some of those tools have been weaponized against their customers? Faraz Siraj: It’s a discussion point. It’s also sort of a proof of concept in a twisted sort of way. Well, we do not support any illegal use of our products. We do not support using it for the wrong reasons, so to speak. We have strict legal language on it and we have gone to legal with Microsoft about those kinds of things, because we have strict requirements of how you’re going to utilize this tool. If we find out that you’re using it for the wrong reasons, weaponization, we cut it off. And that’s part of the qualification. And that’s also part of the execution and inspection that we look at. These are very powerful tools and they are not for that purpose. And just as another example is when we provide NFR gear, it’s meant for testing purposes and lab gear. You cannot be utilizing it to provide protection from as a customer standpoint, even though it’s not the same completely. It’s similar. And we just, we have to be very transparent and upfront about what these tools are about and how they’re supposed to be used. Robert Dutt: Let’s talk about the program and what you guys are doing there. You’ve introduced guaranteed margins with Fortra Protect and the FortraOne agreement. What problem were you specifically trying to solve with that model and what was sort of the problem with how partners were engaging with Fortra before? Faraz Siraj: Yeah, there’s several problems that we were addressing and yet we came to an innovative way on how to address it. So let’s look at a little history. When you acquire so many companies, your discount structure is all over the place. In Fortra transparency, we had discounts that were in the low 20s and going way north into the higher discounts. And when partners want to work with you, they expect a certain discount table for all products. And when you’re all over the map, you can’t really do that. Additionally, we wanted to encourage our partners to look at the entire portfolio and be encouraged by representing all Fortra. We had different agreements and we had different programs by product lines and we needed to bring it all together. And so as I joined, we did the FortraOne agreement, which brings everything into one unified legal agreement to be able to represent our products. And that’s the easy part. Second, we wanted to provide incentives to our partners to represent not only the products they’re familiar with, but all the other products that we had. And guaranteed margin was the best way to do it. Now there’s no guesswork on partner profitability. You know what you’re going to be making. And when you know that upfront, you can now focus in on the real problem at hand is providing customer solutions. We can work on it jointly. I can tell you I’ve been in the industry long enough where I continuously talk to partners and their pain points are around profitability and the unknown. Working deals and then being squeezed or not knowing what they’re going to make until the very end. And you’ve spent all this time working on these solutions and then you are not going to kind of have that profitability that you want. That’s a big deal. And we took the guesswork out of it. And now let’s focus on the customer, which is quite from what I hear the most important thing. Robert Dutt: I’ve heard the same thing, believe it or not. What do you see as sort of the, as you’re looking at the platform structure and trying to make it easier and more smooth for partners to sell across that, what are kind of the one or two top entry points for partners? And what do you see as sort of the next adjacencies that partners naturally gravitate towards as they get to know what all you guys are doing and get comfortable with the model? Faraz Siraj: Yeah, I think the best entry point would be around data protection. And we offer so many varieties of security solutions, but the best way is around data protection. And let’s face it, data has been exploding and will continue to explode. There is a fun new variable out there called AI that is in the forefront of everybody’s minds. And it’s being utilized for the right reasons and the wrong reasons. And whatever your case is, you need to protect your data with however which way it’s exposed. And so we have data protection solutions that will be enhanced by AI, but also will protect against AI because your data is the most valuable commodity that you have as a company. And so with our data protection, such as our DLP solutions, our data classification solutions, DSPM, that’s a great entry point. And then you can expand from there with the use of the platform. But that’s what I highly recommend for partners that are just getting into this. Robert Dutt: You joined Fortra in late 2024, and this is being described as kind of the company’s first dedicated channel push. For Canadian MSPs who aren’t in the ecosystem currently, what’s the realistic on-ramp for working with you guys? And I’m curious where you’re at in the Canadian market in terms of is there a distribution and go-to-market story here, or is it sort of primarily still being built around the US model? Faraz Siraj: No, it’s a true North American model. By the way, we acquired a few Canadian companies, and we have several Canadian MSPs already that we work with. We are always looking to expand within the Canadian market. Companies that we acquired that are well-known in Canada, such as Terra Nova and Titus. Terra Nova out of Montreal. Titus was out of, I believe, Ottawa. Terra Nova, by the way, human risk management or security awareness training, if you want to call it, is an MSP’s dream. It can be branded by a partner, and it can be run as if it were the partner’s business. And we actually go to market heavily with a lot of Canadian companies for that particular product line. If you ever wanted the easy button to get involved with Fortra, it would really be the Terra Nova product, human risk management, because everybody needs security awareness training. I go through it every six months at Fortra ourselves. I’m a user on product, but you need to have that refresher, because in the simplest forms, we are exposed to crazy stuff that comes to us, and you need to be trained on it. So that’s where I would go from a market perspective, but we love our Canadian companies, and we’ll continue to operate that way. Robert Dutt: It sounds like you’re open to adding additional MSPs, obviously. What do you find are some of the common threads among successful Fortra MSPs? Faraz Siraj: It really is around providing good customer joint solutions. We obviously want to be in the software business, but we also want to be with partners that align to that software as well as providing the customer satisfaction. And so the ones that do it well are the ones that are able to bolt onto their services on top of the solution and do it well. And we’re not hearing about issues. In fact, the successful ones are the ones that are expanding those solutions and going into more and more customers. The other piece of it is being able to be creative with billing for the partner so that it entices them to go out and obviously have partner profitability. Robert Dutt: If an MSP is listening to this and they’re doing the standard defensive stack – EDR, SIEM, firewall – but they’ve never really offered anything on the offensive side, what’s the first conversation they should be having with customers? And how do they avoid turning offense into, you know, the once-a-year pentest PDF and call it a day kind of thing? Faraz Siraj: Yeah, well, it really goes back to understanding the customer. Now, it starts with, yes, pen testing is very important, but it’s not just once a year. Given today’s threat landscape, you need to do that a lot more often. Vulnerability management, those are the two major entry points. We built our vulnerability management tool from a mixture of six different technologies from six different companies, and we fused it together to make our own Fortra vulnerability management tool. Such companies like Tripwire, Digital Defense, Beyond Security, even a little bit of Alert Logic that was in there and there’s a couple others that I’m forgetting, but when you’re able to do that, it makes for a great value product. Robert Dutt: Interesting conversation. I appreciate the colour around the partner program and I appreciate the idea of adding offensive capabilities to the MSP stack. I think that’ll be an interesting space to watch. Faraz, thank you very much for joining us. Faraz Siraj: Oh, you bet. Thank you, Robert. Robert Dutt: There you have it, Faraz Siraj from Fortra. I’d like to thank Faraz for his time. I appreciated his candor, especially on the managed services exit and the reality of what MSPs should and shouldn’t try to take on when it comes to offensive security. Thank you for listening today. A couple things that stuck with me from this conversation. First, the Alert Logic move. When a vendor sells off their managed services business and tells you straight up, we’re in the business of making software and not competing with you on services, that’s worth paying attention to. Doesn’t guarantee anything, but it’s the right signal. And in a market where MSPs are constantly wondering which vendors are going to show up as competitors, it matters. Second, the platform story. 20-plus acquisitions is a lot of integration work. And I think the jury’s still out on how seamless that experience actually is for partners day to day. But the FortraOne agreement and the guaranteed margin model suggest they’re at least thinking about the partner experience at the business level, not just the technology level. And for Canadian MSPs specifically, the Terra Nova and Titus acquisitions mean there’s a local footprint here that a lot of people might not realize. If you’re not subscribed to the ChannelBuzz.ca podcast, now’s a great time. You can find us on Apple Podcasts, Spotify, YouTube, and most podcast directories. If you’re finding value in these conversations, a rating or review goes a long way. Until next time, I’m Robert Dutt for ChannelBuzz.ca, and I’ll see you in the channel.

In this special Thales Security Sessions “Podcast On the Go” episode, we are at RSA Conference 2026 in San Francisco, bringing listeners straight from the show floor. The RSAC 2026 Pulse takes you straight to the heart of the event, where Liz Kelly captures real-time insights from cybersecurity leaders, innovators, and practitioners on the show floor. In this fast-paced episode, experts share their perspectives on the explosive impact of AI on both threats and defenses, the growing importance of data visibility and DSPM, and the convergence of identity, data, and application security. From post-quantum readiness to API security and autonomous agents, this episode delivers a concise, on-the-ground look at the trends shaping the future of cybersecurity - and what organizations need to do next to stay ahead.

In this ISACA Podcast episode, host Safia Kazi, Principal Research Analyst – Privacy, is joined by Dirk Schrader, VP of Security Research at Netwrix, to discuss how generative AI is revealing long-standing gaps in enterprise data security and governance. This episode builds on insights from a recent ISACA webinar that explored how generative AI is exposing weaknesses in enterprise data security and governance. The discussion examines why many organizations lack visibility into where sensitive data resides and who can access it, particularly across hybrid and cloud environments. The conversation also addresses emerging risks introduced by AI tools, including non-human access and overexposed data. Listeners will gain practical, governance-focused guidance on how DSPM helps organizations assess risk, support compliance, and prepare data responsibly for AI initiatives. Related Resources: Watch the ISACA Webinar from the ISACA Virtual Summit 2025: “Securing Data in the Age of AI with DSPM” https://www.isaca.org/training-and-events/online-training/virtual-summits/ai-governance-strategies Learn more from Netwrix: https://netwrix.com/en/resources/ Explore more ISACA Podcasts: https://www.isaca.org/resources/news-and-trends/isaca-podcast-library ISACA on YouTube: https://www.youtube.com/@IsacaHq

(05:22) Brought to you by CyberhavenAI is exfiltrating your data in fragments. Not one big breach — a prompt here, a screenshot there, a quiet export into a shadow AI tool. Every week, AI makes your team faster and your data harder to see. Files are moved to new SaaS apps, models are trained on sensitive inputs, and legacy DLP is blind to the context that matters most.On February 3rd at 11 am Pacific, Cyberhaven is unveiling a unified DSPM and DLP platform, built on the original data lineage, so security teams get X-ray vision into how data actually moves — and can stop risky usage in real time.Watch the launch live at cyberhaven.com/techleadjournal.Did you know Singapore is one of the world's top countries launching cyberattacks? Not as a victim, but as the source. Your routers, smart TVs, robot vacuums, or network-attached storage could be part of a massive botnet right now.In this eye-opening episode, Joseph Yap, founder of Otonata and cybersecurity expert, reveals the hidden cyber threat lurking in our homes. He reveals how everyday devices from routers to smart TVs become attack weapons. He explains why Singapore's excellent infrastructure ironically makes it attractive for hackers and shares practical steps to protect your network. From residential proxies renting out your internet connection to teenagers running ransomware gangs, this conversation exposes the gap between our connected lives and our digital security practices.Key topics discussed:Why Singapore, Indonesia, and Vietnam are top cyberattack source countriesWhy Singapore's infrastructure makes it attractive for hackersHow 700,000+ compromised devices launch 30 terabits per second DDoS attacksThe rise of residential proxies and dark web rental of home networksHow hackers exploit publicly disclosed vulnerabilities in outdated firmwareWhy AI is lowering the barrier to entry for hackersWhat makes executives and high-net-worth individuals attractive targetsPractical steps to audit and protect your home networkTimestamps:(00:00:00) Trailer & Intro(00:02:40) How Can I Apply Journalism Skills to Tech(00:06:14) Why is Curiosity Essential for Tech Leaders?(00:08:48) Why is Singapore a Top Source for Cyber Attacks?(00:12:11) What Makes Singapore Attractive for Cyber Attacks?(00:16:39) How Many Devices in Singapore are Already Compromised?(00:20:40) How Can I Tell if My Home Network is Compromised?(00:30:13) Which Devices are Hackers' Favorite Entry Points?(00:33:18) What is a Residential Proxy and Why Should I Care?(00:36:27) How do Hackers Actually Break into My Network?(00:47:47) Why are Executives and High-Net-Worth Individuals Prime Target?(00:55:12) Why isn't Singapore's Cyber Attack Problem in the News?(00:59:26) Can Internet Providers Stop These Attacks?(01:02:16) What Can I Do to Protect My Home Network?(01:05:19) How Do I Protect My Network-Attached Storage (NAS)?(01:10:41) How is AI Changing the Cyber Attack Landscape?(01:17:35) How Can Otonata Help Protect My Home Network?(01:23:39) What are Real-World Examples of Home Network Compromises?(01:28:20) 3 Tech Lead Wisdom_____Joseph Yap's BioWith 20+ years in Operations and Supply Chain, Joseph Yap founded Otonata (https://otonata.com) after realizing how vulnerable home networks are to security breaches. Otonata brings corporate-grade cybersecurity to homes using digital hygiene and lean management principles, protecting dozens of households from growing threats posed by AI, smart devices, and expanding attack surfaces.Follow Joseph:LinkedIn – linkedin.com/in/-joseph-yapOtonata – https://otonata.com/Free Hack Check – https://otonata.com/hack-checkLike this episode?Show notes & transcript: techleadjournal.dev/episodes/245.Follow @techleadjournal on LinkedIn, Twitter, and Instagram.Buy me a coffee or become a patron.

Interview Segment: Tony Kelly Illuminating Data Blind Spots As data sprawls across clouds and collaboration tools, shadow data and fragmented controls have become some of the biggest blind spots in enterprise security. In this segment, we'll unpack how Data Security Posture Management (DSPM) helps organizations regain visibility and control over their most sensitive assets. Our guest will break down how DSPM differs from adjacent technologies like DLP, CSPM, and DSP, and how it integrates into broader Zero Trust and cloud security strategies. We'll also explore how compliance and regulatory pressures are shaping the next evolution of the DSPM market—and what security leaders should be doing now to prepare. Segment Resources: https://static.fortra.com/corporate/pdfs/brochure/fta-corp-fortra-dspm-br.pdf This segment is sponsored by Fortra. Visit https://securityweekly.com/fortra to learn more about them! Topic Segment: We've got passkeys, now what? Over this year on this podcast, we've talked a lot about infostealers. Passkeys are a clear solution to implementing phishing and theft-resistant authentication, but what about all these infostealers stealing OAuth keys and refresh tokens? As long as session hijacking is as simple as moving a cookie from one machine to another, securing authentication seems like solving only half the problem. Locking the front door, but leaving a side door unlocked. After doing some research, it appears that there has been some work on this front, including a few standards that have been introduced: DBSC (Device Bound Session Credentials) for browsers DPoP (Demonstrating Proof of Possession) for OAuth applications We'll address a few key questions in this segment: 1. how do these new standards help stop token theft? 2. how broadly have they been adopted? Segment Resources: FIDO Alliance White Paper: DBSC/DPOP as Complementary Technologies to FIDO Authentication News Segment Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-437

Interview Segment: Tony Kelly Illuminating Data Blind Spots As data sprawls across clouds and collaboration tools, shadow data and fragmented controls have become some of the biggest blind spots in enterprise security. In this segment, we'll unpack how Data Security Posture Management (DSPM) helps organizations regain visibility and control over their most sensitive assets. Our guest will break down how DSPM differs from adjacent technologies like DLP, CSPM, and DSP, and how it integrates into broader Zero Trust and cloud security strategies. We'll also explore how compliance and regulatory pressures are shaping the next evolution of the DSPM market—and what security leaders should be doing now to prepare. Segment Resources: https://static.fortra.com/corporate/pdfs/brochure/fta-corp-fortra-dspm-br.pdf This segment is sponsored by Fortra. Visit https://securityweekly.com/fortra to learn more about them! Topic Segment: We've got passkeys, now what? Over this year on this podcast, we've talked a lot about infostealers. Passkeys are a clear solution to implementing phishing and theft-resistant authentication, but what about all these infostealers stealing OAuth keys and refresh tokens? As long as session hijacking is as simple as moving a cookie from one machine to another, securing authentication seems like solving only half the problem. Locking the front door, but leaving a side door unlocked. After doing some research, it appears that there has been some work on this front, including a few standards that have been introduced: DBSC (Device Bound Session Credentials) for browsers DPoP (Demonstrating Proof of Possession) for OAuth applications We'll address a few key questions in this segment: 1. how do these new standards help stop token theft? 2. how broadly have they been adopted? Segment Resources: FIDO Alliance White Paper: DBSC/DPOP as Complementary Technologies to FIDO Authentication News Segment Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-437

Interview Segment: Tony Kelly Illuminating Data Blind Spots As data sprawls across clouds and collaboration tools, shadow data and fragmented controls have become some of the biggest blind spots in enterprise security. In this segment, we'll unpack how Data Security Posture Management (DSPM) helps organizations regain visibility and control over their most sensitive assets. Our guest will break down how DSPM differs from adjacent technologies like DLP, CSPM, and DSP, and how it integrates into broader Zero Trust and cloud security strategies. We'll also explore how compliance and regulatory pressures are shaping the next evolution of the DSPM market—and what security leaders should be doing now to prepare. Segment Resources: https://static.fortra.com/corporate/pdfs/brochure/fta-corp-fortra-dspm-br.pdf This segment is sponsored by Fortra. Visit https://securityweekly.com/fortra to learn more about them! Topic Segment: We've got passkeys, now what? Over this year on this podcast, we've talked a lot about infostealers. Passkeys are a clear solution to implementing phishing and theft-resistant authentication, but what about all these infostealers stealing OAuth keys and refresh tokens? As long as session hijacking is as simple as moving a cookie from one machine to another, securing authentication seems like solving only half the problem. Locking the front door, but leaving a side door unlocked. After doing some research, it appears that there has been some work on this front, including a few standards that have been introduced: DBSC (Device Bound Session Credentials) for browsers DPoP (Demonstrating Proof of Possession) for OAuth applications We'll address a few key questions in this segment: 1. how do these new standards help stop token theft? 2. how broadly have they been adopted? Segment Resources: FIDO Alliance White Paper: DBSC/DPOP as Complementary Technologies to FIDO Authentication News Segment Show Notes: https://securityweekly.com/esw-437

Interview Segment: Tony Kelly Illuminating Data Blind Spots As data sprawls across clouds and collaboration tools, shadow data and fragmented controls have become some of the biggest blind spots in enterprise security. In this segment, we'll unpack how Data Security Posture Management (DSPM) helps organizations regain visibility and control over their most sensitive assets. Our guest will break down how DSPM differs from adjacent technologies like DLP, CSPM, and DSP, and how it integrates into broader Zero Trust and cloud security strategies. We'll also explore how compliance and regulatory pressures are shaping the next evolution of the DSPM market—and what security leaders should be doing now to prepare. Segment Resources: https://static.fortra.com/corporate/pdfs/brochure/fta-corp-fortra-dspm-br.pdf This segment is sponsored by Fortra. Visit https://securityweekly.com/fortra to learn more about them! Topic Segment: We've got passkeys, now what? Over this year on this podcast, we've talked a lot about infostealers. Passkeys are a clear solution to implementing phishing and theft-resistant authentication, but what about all these infostealers stealing OAuth keys and refresh tokens? As long as session hijacking is as simple as moving a cookie from one machine to another, securing authentication seems like solving only half the problem. Locking the front door, but leaving a side door unlocked. After doing some research, it appears that there has been some work on this front, including a few standards that have been introduced: DBSC (Device Bound Session Credentials) for browsers DPoP (Demonstrating Proof of Possession) for OAuth applications We'll address a few key questions in this segment: 1. how do these new standards help stop token theft? 2. how broadly have they been adopted? Segment Resources: FIDO Alliance White Paper: DBSC/DPOP as Complementary Technologies to FIDO Authentication News Segment Show Notes: https://securityweekly.com/esw-437

Matt Yanchyshyn, AWS Marketplace and Partner Services VP, reveals how AI agents are transforming enterprises worldwide while Atlassian and Netskope leaders share strategies for scaling up Agentic AI marketplace deals.Topics Include:Matt Yanchyshyn of AWS opens with massive shift to multi-agent production systemsEnterprise software seeing huge AI adoption: 33% will include AI by year endAutomated agents now handle Matt's daily workflow, prioritizing emails and messages autonomouslyReal business transformation across financial reporting, demand forecasting, and automated incident managementAWS Marketplace team productivity up 31%, deploying software 27% faster with agentsNew agent mode for Marketplace uses autonomous data collection improving customer experiencesSuccess requires proper data governance with fine-grained access controls for safe operationsQ Developer and Qiro CLI integrate seamlessly into developer workflows without disruptionAWS maintains 400+ MCP servers, shared spec farms enabling teams to collaborate effectivelyEmbedded experts and principal engineers spread agent knowledge and measure productivity closelyAndy Horwitz notes security leads Marketplace growth, primarily through private offer expansionNetskope's new DSPM product addresses AI data security, driving strong customer adoption momentumEnterprise customers now ask if vendors are AWS badged, deals 41-58% largerAndy advises ISVs: prepare sales teams thoroughly, focus co-sell, secure executive buy-inBill Hustad emphasizes distinct marketplace strategy, seller training, and ruthless operational tracking for successParticipants:Bill Hustad - Global Head of Channel and GTM Ecosystems, AtlassianAndy Horwitz – SVP, Global Partner Ecosystems, NetskopeMatt Yanchyshyn – VP, AWS Marketplace & Partner Services, Amazon Web ServicesSee how Amazon Web Services gives you the freedom to migrate, innovate, and scale your software company at https://aws.amazon.com/isv/

Locate, assess, and prioritize high-risk data across Microsoft and non-Microsoft services using Microsoft Purview Data Security Posture Management (DSPM). Identify sensitive files, understand emerging data risks, and focus remediation efforts where they matter most without slowing down productivity. You can also remediate oversharing, enforce data loss prevention policies, and monitor AI agent activity with full visibility into their interactions with sensitive data. Talhah Mir, Microsoft Purview Partner GM, shares how to take control of your data security posture, act on top priorities, and build a sustainable discipline for protecting your organization's information at scale. ► QUICK LINKS:  00:00 - Unified solution with DSPM 01:48 - Day-to-day DSPM use 03:36 - Prevent oversharing 05:52 - AI observability 07:42 - Longer-term view of DSPM 08:25 - How to get DSPM working in your org 09:28 - Wrap up ► Link References Try it out at https://aka.ms/DSPM ► Unfamiliar with Microsoft Mechanics? As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast ► Keep getting this insider knowledge, join us on social: • Follow us on Twitter: https://twitter.com/MSFTMechanics • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics

Nos acompañan Lucía Halty, Directora de la Cátedra de Innovación y Salud Mental Digital de la Universidad Pontificia de Comillas para hablarnos del proyecto EVE, la inteligencia que identifica tu apetito al ciberriesgo. También viene al estudio José Antonio Martinez, Director de Preventa de AREXDATA, uno de los líderes mundiales en DSPM. Además damos un repaso a las Mascotas Digitales y así resto de habituales secciones. Con: Enrique Maza y Rubén Carrasco. Dirige: Carlos Lillo

Nos acompañan Lucía Halty, Directora de la Cátedra de Innovación y Salud Mental Digital de la Universidad Pontificia de Comillas para hablarnos del proyecto EVE, la inteligencia que identifica tu apetito al ciberriesgo.También viene al estudio José Antonio Martinez, Director de Preventa de AREXDATA, uno de los líderes mundiales en DSPM.Además damos un repaso a las Mascotas Digitales y así resto de habituales secciones. Con: Enrique Maza y Rubén Carrasco.Dirige: Carlos Lillo

Welcome back to another episode of the Microsoft Cloud IT Pro Podcast! In this episode, we dive deep into one of Microsoft Purview's AI monitoring and protection capabilities: Data Security Posture Management (DSPM) for AI - your secret weapon for monitoring and securing AI usage across your organization. Your support makes this show possible! Please consider becoming a premium member for access to live shows and more. Check out our membership options. Show Notes Learn about Data Security Posture Management Learn about Data Security Posture Management (DSPM) for AI Governing AI Shadow IT with the Microsoft Purview Browser Extension Get started with the Microsoft Purview extension for Chrome Considerations for DSPM for AI to manage data security and compliance protections for AI interactions Learn about Microsoft Purview billing models List of AI sites supported by Microsoft Purview Data Security Posture Management for AI About the sponsors Would you like to become the irreplaceable Microsoft 365 resource for your organization? Let us know!

SummaryIn this episode of the Blue Security Podcast, hosts Andy and Adam celebrate their five-year anniversary with guest Amren Gill, a data security solutions engineer at Microsoft. They delve into the complexities of data protection, focusing on Microsoft Purview's capabilities, including data classification, data loss prevention (DLP), and advanced data protection features. The conversation highlights the importance of securing data by default, leveraging AI for enhanced security measures, and the role of data security posture management (DSPM) in identifying and addressing security gaps. Amren also discusses the new Data Security Investigations tool, which aids in responding to data breaches effectively.----------------------------------------------------YouTube Video Link: ⁠https://youtu.be/MZBEW265WwU----------------------------------------------------Documentation:https://learn.microsoft.com/en-us/purview/deploymentmodels/depmod-securebydefault-introhttps://learn.microsoft.com/en-us/purview/purview----------------------------------------------------Contact Us:Website: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://bluesecuritypod.comBluesky: https://bsky.app/profile/bluesecuritypod.comLinkedIn: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.linkedin.com/company/bluesecpodYouTube: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.youtube.com/c/BlueSecurityPodcast-----------------------------------------------------------Andy JawBluesky: https://bsky.app/profile/ajawzero.comLinkedIn: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.linkedin.com/in/andyjaw/Email: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠andy@bluesecuritypod.com⁠----------------------------------------------------Adam BrewerTwitter: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://twitter.com/ajbrewerLinkedIn: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠https://www.linkedin.com/in/adamjbrewer/Email: ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠adam@bluesecuritypod.com

Welcome back to Guardians of M365 Governance!

In this episode of BetterTech, host Jocelyn Houle speaks with Katharina Koerner, Senior Principal Consultant in AI Governance at Trace3. Katharina shares her expertise on bridging the AI governance maturity gap, explaining the challenges organizations face in turning high-level principles into enforceable, monitored practices. She discusses critical topics such as operationalizing governance, managing shadow AI, integrating governance into product workflows, and leveraging tools like DSPM for data security. Katharina also explores the distinctions between ethics, trustworthy AI, and responsible AI, highlighting the importance of privacy-enhancing technologies. Listeners gain practical insights into balancing innovation with accountability, ensuring AI adoption is both safe and strategically aligned.

Data security in the age of AI requires more than just basic protections. It's an ongoing, evolving challenge. In this episode, Jen Kemmerer, Senior Cloud Solution Architect specializing in data security, breaks down how organizations can manage sensitive information in the era of AI and Microsoft Purview. From the rise of AI-powered agents to tools like DSPM for AI, Jen explains how businesses can stay ahead of data security risks while embracing AI innovations. Tune in for actionable insights on keeping your data safe and navigating the evolving landscape of security and AI.

Data is the lifeblood of every business, and it is flowing faster and more freely than ever. But with great data comes great risk. Organizations of all types are drowning. They have sensitive information scattered across cloud platforms, SaaS apps, and data lakes—often with no clear idea of where it all is, who can access it, or how well it's protected. If that isn't bad enough, when trouble strikes, a breach, for example, are you able to tell your customers that the breached data is useless to the threat actors because it was carefully encrypted? Are you able to prove to the regulators that you had the right controls in place, and that you have been proactively monitoring your data? This is no longer just your data that is at stake. Your reputation and your future are on the line as well.

Are you struggling to keep up with the rapid pace of growth in cybersecurity sales? Wondering how to build a high-performing go-to-market team without sacrificing consistency or culture? Curious about what it takes to lead and enable teams through hypergrowth while navigating constant change? If so, you'll find answers and inspiration in this episode focused on Sierra, one of the fastest-growing cybersecurity firms on the market.In this conversation we discuss: 

Stay in control as GenAI adoption accelerates across your organization using Data Security Posture Management for AI in Microsoft Purview. With built-in visibility into how AI apps and agents interact with sensitive data—whether inside Microsoft 365 or across unmanaged consumer tools—you can detect risks early, take decisive action, and enforce the right protections without slowing innovation. Monitor usage trends, investigate prompts and responses, and respond to potential data oversharing or policy violations in real time. From compliance-ready audit logs to adaptive data protection, you'll have the insights and tools to keep data secure as AI becomes a part of everyday work. Shilpa Ranganathan, Microsoft Purview Principal Group PM, shares how to balance GenAI innovation with enterprise-grade data governance and security. ► QUICK LINKS: 00:00 - GenAI app security, governance, & compliance 01:30 - Take Action with DSPM for AI 02:08 - Activity logging 02:32 - Control beyond Microsoft services 03:09 - Use DSPM for AI to monitor data risk 05:06 - ChatGPT Enterprise 05:36 - Set AI Agent guardrails using DSPM for AI 06:44 - Data oversharing 08:30 - Audit logs 09:19 - Wrap up ► Link References Check out https://aka.ms/SecureGovernAI ► Unfamiliar with Microsoft Mechanics? As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft.  • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast ► Keep getting this insider knowledge, join us on social: • Follow us on Twitter: https://twitter.com/MSFTMechanics • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics  

Manage the rise of generative AI across your organization using the Copilot Control System in Microsoft 365. Control who can find, use, and create agents, define permissions, approve or block agent deployments, and configure billing models including pay-as-you-go or prepaid options. Get detailed visibility into how agents are used, which users and groups are driving consumption, and how much they're costing you. With Microsoft Purview integration, monitor for sensitive data exposure, track compliance risks, and audit agent activity to stay secure and aligned with your organization's data policies.  Jeremy Chapman, Director of Microsoft 365, shares how to configure, deploy, monitor, and secure AI agents at scale. ► QUICK LINKS: 00:00 - Copilot Control System 01:34 - Copilot Chat 02:21 - Manage agent use 03:23 - Agent deployment 04:09 - Visibility into how agents are used 05:10 - Copilot Dashboard 06:06 - DSPM for AI 06:47 - Microsoft Purview agent protections 07:32 - Wrap up ► Link References  Check out https://aka.ms/CopilotAgentControls ► Unfamiliar with Microsoft Mechanics? As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast ► Keep getting this insider knowledge, join us on social: • Follow us on Twitter: https://twitter.com/MSFTMechanics • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics

Use Microsoft Purview and Microsoft 365 Copilot together to build a secure, enterprise-ready foundation for generative AI. Apply existing data protection and compliance controls, gain visibility into AI usage, and reduce risk from oversharing or insider threats. Classify, restrict, and monitor sensitive data used in Copilot interactions. Investigate risky behavior, enforce dynamic policies, and block inappropriate use—all from within your Microsoft 365 environment.  Erica Toelle, Microsoft Purview Senior Product Manager, shares how to implement these controls and proactively manage data risks in Copilot deployments.  ► QUICK LINKS: 00:00 - Microsoft Purview controls for Microsoft 365 Copilot 00:32 - Copilot security and privacy basics 01:47 - Built-in activity logging 02:24 - Discover and Prevent Data Loss with DSPM for AI 04:18 - Protect sensitive data in AI interactions 05:08 - Insider Risk Management 05:12 - Monitor and act on inappropriate AI use 07:14 - Wrap up ► Link References Check out https://aka.ms/M365CopilotwithPurview Watch our show on oversharing at https://aka.ms/OversharingMechanics ► Unfamiliar with Microsoft Mechanics? As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast ► Keep getting this insider knowledge, join us on social: • Follow us on Twitter: https://twitter.com/MSFTMechanics • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics  

Protect your organization's data with Microsoft Purview. Gain complete visibility into potential data leaks, from AI applications to unmanaged cloud services, and take immediate action to prevent unwanted data sharing. Microsoft Purview unifies data security controls across Microsoft 365 apps, the Edge browser, Windows and macOS endpoints, and even network communications over HTTPS —all in one place. Take control of your data security with automated risk insights, real-time policy enforcement, and seamless management across apps and devices. Strengthen compliance, block unauthorized transfers, and streamline policy creation to stay ahead of evolving threats. Roberto Yglesias, Microsoft Purview Principal GPM, goes beyond Data Loss Prevention (DLP) and shows how to ensure your data stays protected no matter where it goes. ► QUICK LINKS: 00:00 - Data Loss Prevention in Microsoft Purview 01:33 - Assess DLP Policies with DSPM 03:10 - DLP across apps and endpoints 04:13 - Unmanaged cloud apps in Edge browser 04:39 - Block file transfers across endpoints 05:27 - Network capabilities 06:41 - Updates for policy creation 08:58 - New options 09:36 - Wrap up ► Link References Get started at https://aka.ms/PurviewDLPUpdates ► Unfamiliar with Microsoft Mechanics? As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast ► Keep getting this insider knowledge, join us on social: • Follow us on Twitter: https://twitter.com/MSFTMechanics • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics 

In this episode we're joined by Francis Odum, founder and lead research analyst at Software Analyst Cyber Research. Drawing from his extensive research and conversations with CISOs, security operators, and vendors, Francis shares his insights on the state of identity security and the rise of non-human identities (NHI) in the cloud, why solving the data problem is critical to reducing false positives, improving SOC efficiency, and cutting costs, the early but growing landscape of AI and LLM security and its intersection with DSPM and data governance and predictions for 2025 trends, including what should be ditched and what the cybersecurity industry should prioritize. Guest Socials: ⁠⁠⁠⁠⁠Francis's Linkedin Podcast Twitter - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠@CloudSecPod⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels: - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Podcast- Youtube⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Newsletter ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security BootCamp⁠⁠⁠ If you are interested in AI Cybersecurity, you can check out our sister podcast -⁠⁠⁠ AI Cybersecurity Podcast Questions asked: (00:00) Introduction (01:56) A bit about Francis (03:45) What is CNAPP in 2025? (06:55) The Identity space in 2025 (10:34) The state of SOC in 2025 (19:23) The AI Security Ecosystem (24:44) DSPM vs DLP (29:48) What should we ditch in 2025? (33:01) What should we see a lot more in 2025? (41:39) A bit about Cloud Security Bootcamp (42:58) The Fun Section Resources spoken about during the episode: Software Analyst Cyber Research

In this latest episode of the Imperva Brand Story on ITSP Magazine, Sean Martin and Marco Ciappelli sit down with Terry Ray, CTO for Data Security at Imperva. Together, they discuss the pressing challenges and transformative innovations shaping the future of safeguarding information.Unpacking Data Security Posture ManagementTerry Ray introduces Data Security Posture Management (DSPM), comparing it to inspecting a home—where identifying vulnerabilities is just as important as fixing them. He emphasizes that data security requires constant vigilance, urging organizations to develop a deep understanding of their infrastructure while staying agile against emerging threats.Moving Beyond Compliance to Real SecurityThe conversation highlights the often-misunderstood relationship between compliance and genuine security. While meeting regulatory requirements is necessary, Terry argues that true data protection requires a broader, risk-based approach, addressing vulnerabilities in both regulated and non-regulated systems to prepare for audits and unforeseen breaches.The Power of Automation and Machine LearningTerry underscores Imperva's dedication to leveraging advanced automation, AI, and machine learning technologies to process vast data sets and detect threats proactively. By adopting innovative strategies, companies can transition from reactive to proactive measures in protecting their digital ecosystems.Fostering Collaboration and Security AwarenessA standout point from the discussion is the importance of collaboration across organizational roles—from compliance officers to database managers and security teams. By fostering a culture of continuous learning and teamwork, businesses can better allocate resources and adapt to evolving security priorities.Embracing Security's Ever-Changing NatureThe conversation concludes with a powerful reflection on the unpredictable nature of cybersecurity. As new threats and technologies emerge, organizations must remain adaptable, forward-thinking, and prepared for the unexpected to stay ahead in an ever-changing security landscape.Learn more about Imperva: https://itspm.ag/imperva277117988Note: This story contains promotional content. Learn more.Guest: Terry Ray, SVP Data Security GTM, Field CTO and Imperva Fellow [@Imperva]On Linkedin | https://www.linkedin.com/in/terry-ray/On Twitter | https://twitter.com/TerryRay_FellowResourcesLearn more and catch more stories from Imperva: https://www.itspmagazine.com/directory/impervaAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story

In this latest episode of the Imperva Brand Story on ITSP Magazine, Sean Martin and Marco Ciappelli sit down with Terry Ray, CTO for Data Security at Imperva. Together, they discuss the pressing challenges and transformative innovations shaping the future of safeguarding information.Unpacking Data Security Posture ManagementTerry Ray introduces Data Security Posture Management (DSPM), comparing it to inspecting a home—where identifying vulnerabilities is just as important as fixing them. He emphasizes that data security requires constant vigilance, urging organizations to develop a deep understanding of their infrastructure while staying agile against emerging threats.Moving Beyond Compliance to Real SecurityThe conversation highlights the often-misunderstood relationship between compliance and genuine security. While meeting regulatory requirements is necessary, Terry argues that true data protection requires a broader, risk-based approach, addressing vulnerabilities in both regulated and non-regulated systems to prepare for audits and unforeseen breaches.The Power of Automation and Machine LearningTerry underscores Imperva's dedication to leveraging advanced automation, AI, and machine learning technologies to process vast data sets and detect threats proactively. By adopting innovative strategies, companies can transition from reactive to proactive measures in protecting their digital ecosystems.Fostering Collaboration and Security AwarenessA standout point from the discussion is the importance of collaboration across organizational roles—from compliance officers to database managers and security teams. By fostering a culture of continuous learning and teamwork, businesses can better allocate resources and adapt to evolving security priorities.Embracing Security's Ever-Changing NatureThe conversation concludes with a powerful reflection on the unpredictable nature of cybersecurity. As new threats and technologies emerge, organizations must remain adaptable, forward-thinking, and prepared for the unexpected to stay ahead in an ever-changing security landscape.Learn more about Imperva: https://itspm.ag/imperva277117988Note: This story contains promotional content. Learn more.Guest: Terry Ray, SVP Data Security GTM, Field CTO and Imperva Fellow [@Imperva]On Linkedin | https://www.linkedin.com/in/terry-ray/On Twitter | https://twitter.com/TerryRay_FellowResourcesLearn more and catch more stories from Imperva: https://www.itspmagazine.com/directory/impervaAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story

Stay ahead of evolving risks and mitigate vulnerabilities with Microsoft Purview Data Security Posture Management (DSPM). Gain prioritized visibility into data security risks, track unprotected sensitive information, and receive actionable insights. With built-in classifiers, automated risk assessments, and AI-powered capabilities like Security Copilot, you can identify and mitigate threats, ensuring a compliant data security environment. Talhah Mir, Microsoft Purview's Principal Group Product Manager, shows how to transform your data security strategy with automated, intelligent risk management and maintain continuous protection across your organization.   ► QUICK LINKS: 00:00 - Build and maintain a strong data security posture 01:25 - Start in Microsoft Purview Portal 02:14 - Microsoft Purview solutions 03:39 - Analytic reports 04:39 - Take action 05:30 - AI app-focused view 06:13 - View trends 06:59 - Add Security Copilot capabilities 09:37 - Wrap up   ► Link References Get started at https://aka.ms/DSPM   ► Unfamiliar with Microsoft Mechanics?  As Microsoft's official video series for IT, you can watch and share valuable content and demos of current and upcoming tech from the people who build it at Microsoft. • Subscribe to our YouTube: https://www.youtube.com/c/MicrosoftMechanicsSeries • Talk with other IT Pros, join us on the Microsoft Tech Community: https://techcommunity.microsoft.com/t5/microsoft-mechanics-blog/bg-p/MicrosoftMechanicsBlog • Watch or listen from anywhere, subscribe to our podcast: https://microsoftmechanics.libsyn.com/podcast   ► Keep getting this insider knowledge, join us on social: • Follow us on Twitter: https://twitter.com/MSFTMechanics  • Share knowledge on LinkedIn: https://www.linkedin.com/company/microsoft-mechanics/ • Enjoy us on Instagram: https://www.instagram.com/msftmechanics/ • Loosen up with us on TikTok: https://www.tiktok.com/@msftmechanics

Is it a product or a feature? Is it DLP 4.0, or something legitimately new? Buy now, or wait for further consolidation? There are SO many questions about this market. It's undeniably important - data hygiene and governance continues to be a frustrating mess in many organizations, but is this the solution? We'll discuss with Todd to find out. Show Notes: https://securityweekly.com/esw-383

Is it a product or a feature? Is it DLP 4.0, or something legitimately new? Buy now, or wait for further consolidation? There are SO many questions about this market. It's undeniably important - data hygiene and governance continues to be a frustrating mess in many organizations, but is this the solution? We'll discuss with Todd to find out. Show Notes: https://securityweekly.com/esw-383

Møde nr. 14 i salen 1) Besvarelse af oversendte spørgsmål til ministrene (spørgetid)Spørgetid.1.1) Spm. nr. S 201 om artiklen »Eksministre siger nej til at deltage i Folketingets udredning af nederlaget til Taleban i AfghanistanSpm. nr. S 201 Til forsvarsministeren af: Trine Pertou Mach (EL): Finder ministeren det tilfredsstillende, at formanden for Folketinget, Søren Gade, der var forsvarsminister fra 2004 til 2010, ikke ønsker at besvare spørgsmål fra forskere fra Dansk Institut for Internationale Studier (DIIS), som alle de nuværende partier i det nuværende Folketing har anmodet om at gennemføre en uvildig historisk udredning af Danmarks indsats i Afghanistan? 1.2) Spm. nr. S 202 om artiklen »Troels Lund: Vi kan ikke forhindre, at danske våbendele kan havne i Israel«Spm. nr. S 202 Til forsvarsministeren af: Trine Pertou Mach (EL): Vil ministeren uddybe den udtalelse, som han fremsatte i et interview i Politiken den 17. oktober 2024, hvor han bl.a. sagde, at »det er bekymrende«, at Danmark i Israel leverer våben til en krigsførelse, der bryder FN's regler, og vil ministeren forklare, hvordan han mener at hans bekymring på dette område kan bringes ud af verden?1.3) Spm. nr. S 159 om at israelske styrker ifølge øjenvidner adskiller familier i det nordlige GazaSpm. nr. S 159 Til udenrigsministeren af: Christina Olumeko (ALT): Hvad er regeringens holdning til, at israelske styrker ifølge øjenvidner adskiller familier i det nordlige Gaza?1.4) Spm. nr. S 183 om at anvende personers datamateriale i et forskningsprojektSpm. nr. S 183 Til indenrigs- og sundhedsministeren af: Sandra Elisabeth Skalvig (LA): Mener ministeren, at det er i orden at anvende en persons datamateriale i et forskningsprojekt, hvis der ikke er godkendelse til det og personen ikke ønsker det, og mener ministeren ikke, at det er rigtigst, at personen bør kunne gøre krav på at blive udtaget, så vedkommendes data ikke længere indgår i projektet?1.5) Spm. nr. S 208 om at Danmark skal tage imod evakuerede syge og sårede fra GazaSpm. nr. S 208 Til indenrigs- og sundhedsministeren af: Peder Hvelplund (EL): Vil ministeren genoverveje, om Danmark vil følge anmodningen fra WHO om at tage imod evakuerede syge og sårede patienter fra Gaza til behandling i Danmark, set i lyset af de seneste måneders eskalering i bl.a. dræbte og sårede civile, den desperate humanitære situation i Gaza og et næsten totalt ødelagt sundhedsvæsen?1.6) Spm. nr. S 153 om sagen om Paul WatsonSpm. nr. S 153 Til justitsministeren af: Sascha Faxe (ALT): Hvad er ministerens holdning til, at sagen om Paul Watsons udlevering – som har stor international bevågenhed – før eller siden havner på ministerens bord?1.7) Spm. nr. S 155 om den vedvarende kritik af Danmarks brug af varetægtsfængslingSpm. nr. S 155 Til justitsministeren af: Sascha Faxe (ALT): Hvad er ministerens holdning til den vedvarende kritik af Danmarks brug af varetægtsfængsling, herunder længden af varetægtsfængslingen og brug af isolation?1.8) Spm. nr. S 186 om at kortlægge kriminelle klanerSpm. nr. S 186 Til justitsministeren af: Peter Skaarup (DD): Hvis ministeren er enig i, at det er nødvendigt at lave en national analyse, der kortlægger landets klannetværk, fordi de ofte er spredt over flere politikredse, synes ministeren så ikke, at politimyndighederne burde have fulgt op på Sydsjællands og Lolland-Falsters Politis opfordring i 2021 om at lave en sådan national analyse?1.9) Spm. nr. S 204 om sigtelser for vanvidsbilismeSpm. nr. S 204 Til justitsministeren af: Michael Rosenmark (DD): Hvad mener ministeren om, at over en fjerdedel af alle sigtelser for vanvidsbilisme er rejst mod udlændinge?1.10) Spm. nr. S 139 om planer om at lave en maritim naturnationalpark i ØresundSpm. nr. S 139 Til miljøministeren af: Kim Edberg Andersen (DD): Mener ministeren, at havplanen skal genåbnes for forhandlinger for at gøre plads til miljøministerens planer om at lave en maritim naturnationalpark i Øresund? 1.11) Spm. nr. S 141 om en kommende naturnationalpark i Køge Bugt bør medføre et stop for råstofindvinding i bugtenSpm. nr. S 141 Til miljøministeren af: Kim Edberg Andersen (DD): Mener ministeren, at en kommende naturnationalpark i Køge Bugt, som inkluderer områder inden for 3 sømil (5,56 km) fra land, bør medføre et stop for råstofindvinding i bugten, og i så fald hvor vil ministeren hente råstofferne til hovedstadsområdet?1.12) Spm. nr. S 151 om affaldstilsynSpm. nr. S 151 Til miljøministeren af: Theresa Scavenius (UFG): Hvad er ministerens holdning til, at den fysiske afvisning af et affaldslæs ikke vil være praktisk muligt, som det fremgår af bemærkningerne til lovforslag nr. L 38 om affaldstilsyn, da affaldstilsynet placeres ved indgangen til forbrændingsanlæg og ikke ved indsamling eller indsamlingsvirksomheder, der blander affaldslæs sammen?1.13) Spm. nr. S 152 om affaldstilsynSpm. nr. S 152 Til miljøministeren af: Theresa Scavenius (UFG): Hvad er ministerens holdning til, at begrebet administrativ afvisning i lovforslag nr. L 38 om affaldstilsyn kan anklages for at være misvisende og greenwashing?1.14) Spm. nr. S 212 om at Vejle Havn siden 2020 har afventet svar på sin ansøgning om at få en klaptilladelseSpm. nr. S 212 Til miljøministeren af: Kenneth Fredslund Petersen (DD): Er det ministerens opfattelse, at det er udtryk for en effektiv sagsbehandling, at Vejle Havn siden 2020 har afventet svar på sin ansøgning om at få en klaptilladelse?1.15) Spm. nr. S 138 om at DR vil frasortere medvirkende til deres programmer baseret på køn og bopælSpm. nr. S 138 Til ministeren for ligestilling af: Sólbjørg Jakobsen (LA): Hvad mener ministeren om, at DR i fremtiden vil frasortere medvirkende til deres programmer baseret på deres køn og bopæl?1.16) Spm. nr. S 132 om at sikre, at rockere og bandemedlemmer ikke kan modtage førtids- eller seniorpensionSpm. nr. S 132 Til beskæftigelsesministeren af: Nick Zimmermann (DF): Hvilke initiativer vil ministeren tage for at sikre, at rockere og bandemedlemmer ikke kan modtage førtids- eller seniorpension?1.17) Spm. nr. S 133 om at sikre, at sagen om børn, der har arbejdet med asbest, ikke gentager sigSpm. nr. S 133 Til beskæftigelsesministeren af: Nick Zimmermann (DF): Hvilke initiativer vil ministeren tage for at sikre, at sagen om børn, der har arbejdet med asbest, ikke gentager sig?1.18) Spm. nr. S 213 om børn der lever i fattigdomSpm. nr. S 213 Til beskæftigelsesministeren af: Victoria Velasquez (EL): Hvad er ministerens holdning til, at Egmont Indsigts undersøgelse viser, at alt for mange børn lever i fattigdom, og burde regeringen ikke se på muligheden for en fremrykning af ydelserne, så de ikke er efterreguleret med 2 år?1.19) Spm. nr. S 214 om giftgrunden i Nyborg og at bygherren skal sanktioneresSpm. nr. S 214 Til beskæftigelsesministeren af: Victoria Velasquez (EL): Ministeren har tidligere tilkendegivet, at det er et lovbrud at sætte medarbejdere til at arbejde på giftgrunden i Nyborg, når der er giftige stoffer, så hvis Arbejdstilsynet og politiet ikke kan forfølge bygherren, hvordan vil ministeren så sikre, at en bygherre, som bryder reglerne, kan sanktioneres?1.20) Spm. nr. S 84 om flere elever skal tvinges til at gå på et gymnasium, som de ikke har lyst til at gå påSpm. nr. S 84 Til børne- og undervisningsministeren af: Helena Artmann Andresen (LA): Vil ministeren bekræfte eller afkræfte, om ministeren påtænker, at flere elever skal tvinges til at gå på et gymnasium, som de ikke har lyst til at gå på, blot fordi regeringen ønsker en mere balanceret elevsammensætning?1.21) Spm. nr. S 85 om det bare er ærgerligt for eleverne på de gymnasier, der berøres af det justerede undervisningstaxameterSpm. nr. S 85 Til børne- og undervisningsministeren af: Helena Artmann Andresen (LA): Mener ministeren, at det bare er ærgerligt for eleverne på de gymnasier, der berøres af det såkaldte justerede undervisningstaxameter, hvis justeringen fører til faglig ensretning, forringelse af naturvidenskabelige og sproglige fag og lukning af mindre studieretninger som græsk og latin, kreative fag eller naturvidenskab på højt niveau?1.22) Spm. nr. S 205 om trappestigningsordningen for udlændingeSpm. nr. S 205 Til udlændinge- og integrationsministeren af: Peter Skaarup (DD): Hvad mener ministeren om, at den tidligere socialdemokratiske etpartiregering agtede at fremsætte et lovforslag, der ville afskaffe trappestigeordningen for alle udlændinge, der idømmes en ubetinget frihedsstraf?1.23) Spm. nr. S 206 om muslimske forældreSpm. nr. S 206 Til udlændinge- og integrationsministeren af: Susie Jessen (DD): Hvad mener ministeren om, at Jyllands-Posten har kunnet fremlægge flere holdningsundersøgelser blandt herboende muslimer, som viser, at muslimske forældre ikke vil acceptere, at deres døtre gifter sig med ikkemuslimer, og at de ikke vil acceptere homoseksualitet?1.24) Spm. nr. S 149 om afskaffelsen af tilladelseskrav for varebiler vil styrke den danske transportbrancheSpm. nr. S 149 Til transportministeren af: Kenneth Fredslund Petersen (DD): Er det ministerens opfattelse, at afskaffelsen af tilladelseskrav for varebiler vil styrke den danske transportbranche?1.25) Spm. nr. S 157 om udbygning af Rute 16 mellem Hillerød og FrederiksværkSpm. nr. S 157 Til transportministeren af: Mette Thiesen (DF): Vil ministeren tage initiativ til udbygningen af Rute 16 mellem Hillerød og Frederiksværk?1.26) Spm. nr. S 162 om at lempe økonomi og beskæftigelseskravene i universitetsreformen fra 2023Spm. nr. S 162 Til uddannelses- og forskningsministeren af: Katrine Robsøe (RV): Vil ministeren lempe økonomi- og beskæftigelseskravene i universitetsreformen fra 2023, hvis kandidatudvalget ikke kan anvise nye og konkrete tiltag i sin kommende endelige rapport, som kan sikre 20 pct. erhvervskandidater og derved sænke andelen af kandidathalveringer fra de 23 pct., som universiteterne havde indmeldt til udvalgets delrapport?1.27) Spm. nr. S 163 om advarslen fra flere borgmestre om universitetsreformen fra 2023Spm. nr. S 163 Til uddannelses- og forskningsministeren af: Katrine Robsøe (RV): Hvordan forholder ministeren sig til advarslen fra borgmestrene i Aarhus, København, Odense, Aalborg og Randers om, at universitetsreformen fra 2023 vil betyde, at »flere studerende skal studere mere på mindre tid. Det betyder lavere kvalitet i uddannelserne og dermed risiko for, at viden, talent og tilknytning til arbejdsmarkedet går tabt«?1.28) Spm. nr. S 207 om tilsynet med ældreområdetSpm. nr. S 207 Til ældreministeren af: Pia Kjærsgaard (DF): Hvad er ministerens intention med, at tilsynet med ældreområdet skal stige fra mindst én gang årligt helt op til hvert femte år?1.29) Spm. nr. S 209 om det statslige tilskud til Danske ÆldrerådSpm. nr. S 209 Til ældreministeren af: Marlene Harpsøe (DD): Mener ministeren, at det rimer på mindre bureaukrati og mere velfærd, når regeringen fjerner det statslige tilskud til Danske Ældreråd og i stedet lægger det over på bloktilskuddet i kommunerne, således at udbetalingen af tilskuddet fremover skal administreres fra 98 skriveborde frem for ét?1.30) Spm. nr. S 175 om balancen i fordelingen af statslige arbejdspladser i og uden for byerneSpm. nr. S 175 Til ministeren for byer og landdistrikter af: Susie Jessen (DD): Hvad mener ministeren om balancen i fordelingen af statslige arbejdspladser i og uden for byerne, og såfremt ministeren er enig med Danmarksdemokraterne i, at den er skæv, hvad er ministerens holdning i så fald til at sløjfe regeringens flytning af arbejdspladser uden for de store byer til København og i stedet lave en ny udflytningsrunde med Danmarksdemokraterne?1.31) Spm. nr. S 140 om at der er udbetalt skattefri kørselsgodtgørelse til medlemmer af Folketinget uden tilstrækkelig lovhjemmelSpm. nr. S 140 Til skatteministeren af: Christina Olumeko (ALT): Hvad er ministerens holdning til, at der er udbetalt skattefri kørselsgodtgørelse til medlemmer af Folketinget uden nødvendig og tilstrækkelig lovhjemmel?

Møde nr. 14 i salen 1) Besvarelse af oversendte spørgsmål til ministrene (spørgetid)Spørgetid.1.1) Spm. nr. S 201 om artiklen »Eksministre siger nej til at deltage i Folketingets udredning af nederlaget til Taleban i AfghanistanSpm. nr. S 201 Til forsvarsministeren af: Trine Pertou Mach (EL): Finder ministeren det tilfredsstillende, at formanden for Folketinget, Søren Gade, der var forsvarsminister fra 2004 til 2010, ikke ønsker at besvare spørgsmål fra forskere fra Dansk Institut for Internationale Studier (DIIS), som alle de nuværende partier i det nuværende Folketing har anmodet om at gennemføre en uvildig historisk udredning af Danmarks indsats i Afghanistan? 1.2) Spm. nr. S 202 om artiklen »Troels Lund: Vi kan ikke forhindre, at danske våbendele kan havne i Israel«Spm. nr. S 202 Til forsvarsministeren af: Trine Pertou Mach (EL): Vil ministeren uddybe den udtalelse, som han fremsatte i et interview i Politiken den 17. oktober 2024, hvor han bl.a. sagde, at »det er bekymrende«, at Danmark i Israel leverer våben til en krigsførelse, der bryder FN's regler, og vil ministeren forklare, hvordan han mener at hans bekymring på dette område kan bringes ud af verden?1.3) Spm. nr. S 159 om at israelske styrker ifølge øjenvidner adskiller familier i det nordlige GazaSpm. nr. S 159 Til udenrigsministeren af: Christina Olumeko (ALT): Hvad er regeringens holdning til, at israelske styrker ifølge øjenvidner adskiller familier i det nordlige Gaza?1.4) Spm. nr. S 183 om at anvende personers datamateriale i et forskningsprojektSpm. nr. S 183 Til indenrigs- og sundhedsministeren af: Sandra Elisabeth Skalvig (LA): Mener ministeren, at det er i orden at anvende en persons datamateriale i et forskningsprojekt, hvis der ikke er godkendelse til det og personen ikke ønsker det, og mener ministeren ikke, at det er rigtigst, at personen bør kunne gøre krav på at blive udtaget, så vedkommendes data ikke længere indgår i projektet?1.5) Spm. nr. S 208 om at Danmark skal tage imod evakuerede syge og sårede fra GazaSpm. nr. S 208 Til indenrigs- og sundhedsministeren af: Peder Hvelplund (EL): Vil ministeren genoverveje, om Danmark vil følge anmodningen fra WHO om at tage imod evakuerede syge og sårede patienter fra Gaza til behandling i Danmark, set i lyset af de seneste måneders eskalering i bl.a. dræbte og sårede civile, den desperate humanitære situation i Gaza og et næsten totalt ødelagt sundhedsvæsen?1.6) Spm. nr. S 153 om sagen om Paul WatsonSpm. nr. S 153 Til justitsministeren af: Sascha Faxe (ALT): Hvad er ministerens holdning til, at sagen om Paul Watsons udlevering – som har stor international bevågenhed – før eller siden havner på ministerens bord?1.7) Spm. nr. S 155 om den vedvarende kritik af Danmarks brug af varetægtsfængslingSpm. nr. S 155 Til justitsministeren af: Sascha Faxe (ALT): Hvad er ministerens holdning til den vedvarende kritik af Danmarks brug af varetægtsfængsling, herunder længden af varetægtsfængslingen og brug af isolation?1.8) Spm. nr. S 186 om at kortlægge kriminelle klanerSpm. nr. S 186 Til justitsministeren af: Peter Skaarup (DD): Hvis ministeren er enig i, at det er nødvendigt at lave en national analyse, der kortlægger landets klannetværk, fordi de ofte er spredt over flere politikredse, synes ministeren så ikke, at politimyndighederne burde have fulgt op på Sydsjællands og Lolland-Falsters Politis opfordring i 2021 om at lave en sådan national analyse?1.9) Spm. nr. S 204 om sigtelser for vanvidsbilismeSpm. nr. S 204 Til justitsministeren af: Michael Rosenmark (DD): Hvad mener ministeren om, at over en fjerdedel af alle sigtelser for vanvidsbilisme er rejst mod udlændinge?1.10) Spm. nr. S 139 om planer om at lave en maritim naturnationalpark i ØresundSpm. nr. S 139 Til miljøministeren af: Kim Edberg Andersen (DD): Mener ministeren, at havplanen skal genåbnes for forhandlinger for at gøre plads til miljøministerens planer om at lave en maritim naturnationalpark i Øresund? 1.11) Spm. nr. S 141 om en kommende naturnationalpark i Køge Bugt bør medføre et stop for råstofindvinding i bugtenSpm. nr. S 141 Til miljøministeren af: Kim Edberg Andersen (DD): Mener ministeren, at en kommende naturnationalpark i Køge Bugt, som inkluderer områder inden for 3 sømil (5,56 km) fra land, bør medføre et stop for råstofindvinding i bugten, og i så fald hvor vil ministeren hente råstofferne til hovedstadsområdet?1.12) Spm. nr. S 151 om affaldstilsynSpm. nr. S 151 Til miljøministeren af: Theresa Scavenius (UFG): Hvad er ministerens holdning til, at den fysiske afvisning af et affaldslæs ikke vil være praktisk muligt, som det fremgår af bemærkningerne til lovforslag nr. L 38 om affaldstilsyn, da affaldstilsynet placeres ved indgangen til forbrændingsanlæg og ikke ved indsamling eller indsamlingsvirksomheder, der blander affaldslæs sammen?1.13) Spm. nr. S 152 om affaldstilsynSpm. nr. S 152 Til miljøministeren af: Theresa Scavenius (UFG): Hvad er ministerens holdning til, at begrebet administrativ afvisning i lovforslag nr. L 38 om affaldstilsyn kan anklages for at være misvisende og greenwashing?1.14) Spm. nr. S 212 om at Vejle Havn siden 2020 har afventet svar på sin ansøgning om at få en klaptilladelseSpm. nr. S 212 Til miljøministeren af: Kenneth Fredslund Petersen (DD): Er det ministerens opfattelse, at det er udtryk for en effektiv sagsbehandling, at Vejle Havn siden 2020 har afventet svar på sin ansøgning om at få en klaptilladelse?1.15) Spm. nr. S 138 om at DR vil frasortere medvirkende til deres programmer baseret på køn og bopælSpm. nr. S 138 Til ministeren for ligestilling af: Sólbjørg Jakobsen (LA): Hvad mener ministeren om, at DR i fremtiden vil frasortere medvirkende til deres programmer baseret på deres køn og bopæl?1.16) Spm. nr. S 132 om at sikre, at rockere og bandemedlemmer ikke kan modtage førtids- eller seniorpensionSpm. nr. S 132 Til beskæftigelsesministeren af: Nick Zimmermann (DF): Hvilke initiativer vil ministeren tage for at sikre, at rockere og bandemedlemmer ikke kan modtage førtids- eller seniorpension?1.17) Spm. nr. S 133 om at sikre, at sagen om børn, der har arbejdet med asbest, ikke gentager sigSpm. nr. S 133 Til beskæftigelsesministeren af: Nick Zimmermann (DF): Hvilke initiativer vil ministeren tage for at sikre, at sagen om børn, der har arbejdet med asbest, ikke gentager sig?1.18) Spm. nr. S 213 om børn der lever i fattigdomSpm. nr. S 213 Til beskæftigelsesministeren af: Victoria Velasquez (EL): Hvad er ministerens holdning til, at Egmont Indsigts undersøgelse viser, at alt for mange børn lever i fattigdom, og burde regeringen ikke se på muligheden for en fremrykning af ydelserne, så de ikke er efterreguleret med 2 år?1.19) Spm. nr. S 214 om giftgrunden i Nyborg og at bygherren skal sanktioneresSpm. nr. S 214 Til beskæftigelsesministeren af: Victoria Velasquez (EL): Ministeren har tidligere tilkendegivet, at det er et lovbrud at sætte medarbejdere til at arbejde på giftgrunden i Nyborg, når der er giftige stoffer, så hvis Arbejdstilsynet og politiet ikke kan forfølge bygherren, hvordan vil ministeren så sikre, at en bygherre, som bryder reglerne, kan sanktioneres?1.20) Spm. nr. S 84 om flere elever skal tvinges til at gå på et gymnasium, som de ikke har lyst til at gå påSpm. nr. S 84 Til børne- og undervisningsministeren af: Helena Artmann Andresen (LA): Vil ministeren bekræfte eller afkræfte, om ministeren påtænker, at flere elever skal tvinges til at gå på et gymnasium, som de ikke har lyst til at gå på, blot fordi regeringen ønsker en mere balanceret elevsammensætning?1.21) Spm. nr. S 85 om det bare er ærgerligt for eleverne på de gymnasier, der berøres af det justerede undervisningstaxameterSpm. nr. S 85 Til børne- og undervisningsministeren af: Helena Artmann Andresen (LA): Mener ministeren, at det bare er ærgerligt for eleverne på de gymnasier, der berøres af det såkaldte justerede undervisningstaxameter, hvis justeringen fører til faglig ensretning, forringelse af naturvidenskabelige og sproglige fag og lukning af mindre studieretninger som græsk og latin, kreative fag eller naturvidenskab på højt niveau?1.22) Spm. nr. S 205 om trappestigningsordningen for udlændingeSpm. nr. S 205 Til udlændinge- og integrationsministeren af: Peter Skaarup (DD): Hvad mener ministeren om, at den tidligere socialdemokratiske etpartiregering agtede at fremsætte et lovforslag, der ville afskaffe trappestigeordningen for alle udlændinge, der idømmes en ubetinget frihedsstraf?1.23) Spm. nr. S 206 om muslimske forældreSpm. nr. S 206 Til udlændinge- og integrationsministeren af: Susie Jessen (DD): Hvad mener ministeren om, at Jyllands-Posten har kunnet fremlægge flere holdningsundersøgelser blandt herboende muslimer, som viser, at muslimske forældre ikke vil acceptere, at deres døtre gifter sig med ikkemuslimer, og at de ikke vil acceptere homoseksualitet?1.24) Spm. nr. S 149 om afskaffelsen af tilladelseskrav for varebiler vil styrke den danske transportbrancheSpm. nr. S 149 Til transportministeren af: Kenneth Fredslund Petersen (DD): Er det ministerens opfattelse, at afskaffelsen af tilladelseskrav for varebiler vil styrke den danske transportbranche?1.25) Spm. nr. S 157 om udbygning af Rute 16 mellem Hillerød og FrederiksværkSpm. nr. S 157 Til transportministeren af: Mette Thiesen (DF): Vil ministeren tage initiativ til udbygningen af Rute 16 mellem Hillerød og Frederiksværk?1.26) Spm. nr. S 162 om at lempe økonomi og beskæftigelseskravene i universitetsreformen fra 2023Spm. nr. S 162 Til uddannelses- og forskningsministeren af: Katrine Robsøe (RV): Vil ministeren lempe økonomi- og beskæftigelseskravene i universitetsreformen fra 2023, hvis kandidatudvalget ikke kan anvise nye og konkrete tiltag i sin kommende endelige rapport, som kan sikre 20 pct. erhvervskandidater og derved sænke andelen af kandidathalveringer fra de 23 pct., som universiteterne havde indmeldt til udvalgets delrapport?1.27) Spm. nr. S 163 om advarslen fra flere borgmestre om universitetsreformen fra 2023Spm. nr. S 163 Til uddannelses- og forskningsministeren af: Katrine Robsøe (RV): Hvordan forholder ministeren sig til advarslen fra borgmestrene i Aarhus, København, Odense, Aalborg og Randers om, at universitetsreformen fra 2023 vil betyde, at »flere studerende skal studere mere på mindre tid. Det betyder lavere kvalitet i uddannelserne og dermed risiko for, at viden, talent og tilknytning til arbejdsmarkedet går tabt«?1.28) Spm. nr. S 207 om tilsynet med ældreområdetSpm. nr. S 207 Til ældreministeren af: Pia Kjærsgaard (DF): Hvad er ministerens intention med, at tilsynet med ældreområdet skal stige fra mindst én gang årligt helt op til hvert femte år?1.29) Spm. nr. S 209 om det statslige tilskud til Danske ÆldrerådSpm. nr. S 209 Til ældreministeren af: Marlene Harpsøe (DD): Mener ministeren, at det rimer på mindre bureaukrati og mere velfærd, når regeringen fjerner det statslige tilskud til Danske Ældreråd og i stedet lægger det over på bloktilskuddet i kommunerne, således at udbetalingen af tilskuddet fremover skal administreres fra 98 skriveborde frem for ét?1.30) Spm. nr. S 175 om balancen i fordelingen af statslige arbejdspladser i og uden for byerneSpm. nr. S 175 Til ministeren for byer og landdistrikter af: Susie Jessen (DD): Hvad mener ministeren om balancen i fordelingen af statslige arbejdspladser i og uden for byerne, og såfremt ministeren er enig med Danmarksdemokraterne i, at den er skæv, hvad er ministerens holdning i så fald til at sløjfe regeringens flytning af arbejdspladser uden for de store byer til København og i stedet lave en ny udflytningsrunde med Danmarksdemokraterne?1.31) Spm. nr. S 140 om at der er udbetalt skattefri kørselsgodtgørelse til medlemmer af Folketinget uden tilstrækkelig lovhjemmelSpm. nr. S 140 Til skatteministeren af: Christina Olumeko (ALT): Hvad er ministerens holdning til, at der er udbetalt skattefri kørselsgodtgørelse til medlemmer af Folketinget uden nødvendig og tilstrækkelig lovhjemmel?

Dave Farrow, CISO at Red Canary is our feature interview this week. News from Ball Arena, RigStrips, DISH Network, Fluid Truck, Techstars, Red Canary, Ping Identity and a lot more. Support us on Patreon! Fun swag available - all proceeds will directly support the Colorado = Security infrastructure. Come join us on the new Colorado = Security Slack channel to meet old and new friends. Sign up for our mailing list on the main site to receive weekly updates - https://www.colorado-security.com/. If you have any questions or comments, or any organizations or events we should highlight, contact Alex and Robb at info@colorado-security.com This week's news: Join the Colorado = Security Slack channel Denver rezones Ball Arena property for massive redevelopment Denver startup on 'Shark Tank' signs deal with Raising Cane CEO DirecTV buys Colorado-based Dish as satellite rivals hunker down against onslaught of streaming services Scheme by Fluid Truck defrauded investors of $11M, lawsuit says Techstars revives Boulder accelerator, with a twist Colorado accidentally put voting system passwords online, but officials say election is secure Hackers leak thousands of confidential files from Axis Health System Artificial authentication: Monitoring Azure OpenAI abuse Why Siloed IAM Is a Burden on IT Resources and Security National Cybersecurity Center Opens Registration for 2025 Cybersecurity Certification Courses Job Openings: CommonSpirit - Sys SVP Chief Information Security Officer Invenergy - Director, Cyber Security Programs Boston Consulting Group - Senior Consultant, Cybersecurity - Platinion H&R Block - Director, Security Engineering iTradeNetwork - Director of Information & Security BakerHostetler - Associate - Digital Risk Advisory and Cybersecurity Visa - Global Safety & Security Senior Manager-Engineer– Physical Security Technology Bank of America - Senior Information Security Officer Securitas Security Services - Cyber Security Awareness Analyst Plante Moran - Cybersecurity Compliance Sr. Consultant Upcoming Events: This Week and Next: Check out the full calendar ISSA COS - November Meeting - 11/12 ISC2 Pikes Peak - November Meeting - 11/13 Denver ISSA - Doing more with DSPM - 11/13 Let's Talk Software Security - Are Automated Testing Tools Truly Reducing Risks? - 11/13 WiCyS Colorado 2nd Annual CyberCon - 11/13 Not-So-Secret Secret Speakeasy Cyber Event - 11/14 ISSA COS - November Mini Seminar - 11/16 CSA Colorado - Modernizing big data to help secure your cloud - 11/19 Denver ISSA - Women in Security SIG: Back to Basics - 11/20 ISACA Denver - November Meeting (Online) - 11/21 ISSA and ISACA Annual Holiday Party - 12/4 View our events page for a full list of upcoming events * Thanks to CJ Adams for our intro and exit! If you need any voiceover work, you can contact him here at carrrladams@gmail.com. Check out his other voice work here. * Intro and exit song: "The Language of Blame" by The Agrarians is licensed under CC BY 2.0

All links and images for this episode can be found on CISO Series. Check out this post for the discussion that is the basis of our conversation on this week's episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Steve Zalewski. Joining us is our sponsored guest Karthik Krishnan, founder and CEO, Concentric AI. In this episode: Meet the new risk, same as the old risk Understanding where your risks are coming from Identifying best practices Know what you're getting into Thanks to our podcast sponsor, Concentric AI Concentric AI's DSPM solution automates data security, protecting sensitive data in real-time. Our AI-driven solution identifies, classifies, and secures on-premises and cloud data to reduce risk across your enterprise. Seamlessly integrated with tools like Microsoft Copilot, Concentric AI empowers your team to innovate securely and maintain compliance all while eliminating manual data protection tasks. Ready to put RegEx and trainable classifiers in the rear view mirror? Contact Concentric AI today! 

All links and images for this episode can be found on CISO Series. Check out this post for the discussion that is the basis of our conversation on this week's episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Geoff Belknap (@geoffbelknap). Joining us is Davi Ottenheimer, vp, trust and digital ethics, Inrupt. Sir Tim Berners-Lee co-founded Inrupt to provide enterprise-grade software and services for the Solid Protocol. You can find their open positions here. In this episode: LLMs lack integrity controls A valid criticism Doubts in self-policing AI New tech, familiar problems  Thanks to our podcast sponsor, Concentric AI Concentric AI's DSPM solution automates data security, protecting sensitive data in real-time. Our AI-driven solution identifies, classifies, and secures on-premises and cloud data to reduce risk across your enterprise. Seamlessly integrated with tools like Microsoft Copilot, Concentric AI empowers your team to innovate securely and maintain compliance all while eliminating manual data protection tasks. Ready to put RegEx and trainable classifiers in the rear view mirror? Contact Concentric AI today!

All links and images for this episode can be found on CISO Series. Check out this post for the discussion that is the basis of our conversation on this week's episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Geoff Belknap (@geoffbelknap). Joining us is Dennis Pickett, vp, CISO, Westat. In this episode: Not all education requires tests Understand your users Building reflexes An ounce of prevention Thanks to our podcast sponsor, Concentric AI Concentric AI's DSPM solution automates data security, protecting sensitive data in real-time. Our AI-driven solution identifies, classifies, and secures on-premises and cloud data to reduce risk across your enterprise. Seamlessly integrated with tools like Microsoft Copilot, Concentric AI empowers your team to innovate securely and maintain compliance all while eliminating manual data protection tasks.  Ready to put RegEx and trainable classifiers in the rear view mirror? Contact Concentric AI today!

Guarding the corporate crown jewels from abuse theft and ransom, Sotero Podcast, “We want to make sure that all data stays protected, but we also want to make sure that the data can be accessed and used by the company to drive their business.” “Even if the external defenses were to be breached you can rest assured that your data or the information is still secure and Sotero is going to make sure that nothing happens to your information,” says Purandar Das, CEO and Co-Founder. Organizations of all kinds understand the challenge to find this balance. Data, as Purandar will tell us, constitute the crown jewel of the organization. Government agency, hospital, trucking company, law firm, or non-for profit, not only is the data a critical asset, but access to the data, indeed easy access to the data, is central to the organization's ability to carry out its functions. But that exposure opens a door that can take down the firm. The world's richest, most sophisticated companies, including carriers, entertainment, retailers, from household name companies to regional libraries, many have been humbled.  “We want to make sure that all data stays protected, but we also want to make sure that the data can be accessed and used by the company to drive their business.” “We are actually inside the castle, or if you will, inside the network, protecting data. Even if the external protection were to be breached, you've got Sotero in there protecting your information and your data.” And as Purandar, not only can those attacks come from anywhere and from anyone, but they can also come at any time, and all the time. Many companies lack visibility to the threat. We learn that even something that might seem harmless, is an opportunity for abuse. “When you put the data into the wild, you're putting consumers, patients, at risk because their information's out there. But you're also helping contribute to building out a massive profile of consumers that is being leveraged by stealing data from multiple sources. When a data set that looks pretty innocuous from one thing, when it's merged with other sources from like two or three places, now you've built an extremely valuable profile of the people you're trying to attack.” In this podcast we discuss the nature of the threat, and we explore various approaches to keep data safe. We learn about Sotero's approach. “The protection we provide against that is keep the data encrypted, even if they've somehow got their hands on it, that they have an encrypted copy of the data, which is useless to them. There are two things. One is they can't hold you for ransom, nor can they go extort you by throwing the data into the dark web” About Sotero Sotero is a cutting-edge Data Security Posture Management company that closes the DSPM loop of Data Exfiltration. With our advanced DSPM platform, Sotero is able to stop an attacker in motion and render data useless. We are your true ransomware defense. To learn more about Sotero, visit us at: www.soterosoft.com Sotero Common Use Cases Ransomware Protection SharePoint Security Insider Risk Data Sharing 3rd Party Data Sharing Cloud Security Data Compliance Security Ecosystem Consolidation Data Identification and Classification Data Analysis in Pharma Data at the Edge  

Send us a Text Message.Episode SummaryOn this episode, Global Head of InfoSec and GRC Strategy at VMWare, Ashish Suri, joins the show to discuss data security and AI. Ashish has over 20 years of experience in business transformation, cybersecurity, data privacy, and enterprise risk management. He has served in numerous roles, including Head for Data Risk, Privacy, and Cybersecurity at Apple, Head of Technology Process and Controls at PayPal, and Senior Director of Finance Internal Controls at Visa.Today, Ashish talks about the distinction between data secrecy and data security, data security in the Cloud, and the business benefits of investing in data security. How does AI fit into security? Hear about cost-effective risk mitigation strategies and the evolving DSPM space, and get Ashish's formula for personal growth. Timestamp Segments·       [01:33] Ashish's role at Apple.·       [04:27] Data secrecy vs data security.·       [07:20] Data security in the Cloud.·       [09:30] Ashish's approach to data security.·       [13:53] What does a business get out of data security?·       [17:34] The CIA Triad.·       [21:39] AI and Cloud security.·       [24:24] AI in cybersecurity products.·       [27:59] Cost-effective risk mitigation strategies.·       [30:49] Wading through the DSPM space.·       [35:15] Ashish's growth formula.·       [37:06] Being humble.·       [38:00] Ashish's parting words. Notable Quotes·       “The more we are out there in the Cloud, the larger our footprint becomes, and the risk continues multiplying in different directions.”·       “Speed, accuracy, and automation will also get complimented with people, process, and technology.”·       “Keep learning and keep listening.” Relevant LinksWebsite:          Bedrock Security

En el podcast hablamos de los tuitulares de la edición 2614 del 3 al 9 de mayo de 2024. del Semanario ZETA. Nolasco va por transparencia; Agatón propone vialidades. En Mexicali: choque político por academia de policía. Los Mayos, asesinos de director de policía. Poder presidencial para liberar criminales. DSPM dejó huir a policías vinculados al Cártel de Sinaloa. Más detalles, en la edición impresa del Semanario ZETA y en nuestro portal web: www.zetatijuana.com

Møde nr. 84 i salen 1) Besvarelse af oversendte spørgsmål til ministrene (spørgetid)Spørgetid.1.1) Spm. nr. S 815 om Anholts spritny redningsbådSpm. nr. S 815 Til forsvarsministeren af: Kristian Bøgsted (DD): Vil ministeren forholde sig til Anholts beboeres bekymringer om, at de ikke har set deres ellers nye redningsbåd siden februar sidste år? 1.2) Spm. nr. S 853 om den seneste udtalelse fra FN's særlige efterforsker i de palæstinensiske områder, Francesca AlbaneseSpm. nr. S 853 Til udenrigsministeren af: Sascha Faxe (ALT): Hvordan forholder ministeren sig til den seneste udtalelse fra FN's særlige efterforsker i de palæstinensiske områder, Francesca Albanese, der den 26. marts konkluderede, at der er »rimelige grunde til at tro, at tærsklen for, hvorvidt der er tale om folkedrab begået af Israel, er overskredet«, og hvordan forventer ministeren at agere på baggrund af denne vurdering?1.3) Spm. nr. S 818 om samtykkeloven er præcis nokSpm. nr. S 818 Til justitsministeren af: Mette Thiesen (DF): Finder ministeren, at samtykkeloven er præcis nok, og at den dermed ikke rammer uskyldige, som dømmes som gerningsmænd?1.4) Spm. nr. S 854 om orienteringsbriefing om kinesisk hackerangreb af tidligere folketingsmedlemmers computereSpm. nr. S 854 Til justitsministeren af: Sascha Faxe (ALT): Hvad er ministerens holdning til, at to tidligere medlemmer af Folketinget er blevet tilbudt orienteringsbriefing om kinesisk hackerangreb af deres computere af FBI og ikke af PET?1.5) Spm. nr. S 849 om at børn behandles kønsstereotypt i barndommenSpm. nr. S 849 Til børne- og undervisningsministeren af: Lotte Rod (RV): Anerkender ministeren, at de strukturelle forskelle mellem mænd og kvinders muligheder i samfundet hænger sammen med, at børn behandles kønsstereotypt i barndommen, herunder i dagtilbud og folkeskolen, og mener ministeren, at der er behov for at arbejde mere med kønsstereotyper i dagtilbud og folkeskolen?1.6) Spm. nr. S 836 om at indføre en dansk CO2-afgift på erhvervsfiskerietSpm. nr. S 836 Til skatteministeren af: Kristian Bøgsted (DD): Hvad er ministerens holdning til at indføre en dansk CO2-afgift på erhvervsfiskeriet, hvilket muligvis kan være i strid med EU's energibeskatningsdirektiv?1.7) Spm. nr. S 850 om opbakning til Ærø og Søby Havn-projektetSpm. nr. S 850 Til transportministeren af: Mai Mercado (KF): Mener ministeren ikke, at det er rimeligt, at der snart kommer opbakning til Ærø og Søby Havn-projektet, som har ligget stille siden ministerens besøg på Ærø for mere end et år siden, hvor ministeren erklærede sig villig til at kigge på finansiering til den resterende del af Søby Havn?1.8) Spm. nr. S 851 om en hensigtsmæssig måde at lovgive påSpm. nr. S 851 Til klima-, energi- og forsyningsministeren af: Theresa Scavenius (UFG): Mener ministeren, at det er en hensigtsmæssig måde at lovgive på, når det i lovforslag nr. L 106 fremgår over 1.679 gange, at ministeren eller vandsektortilsynet »fastsætter« reglerne senere, hvilket i praksis betyder, at det er embedsfolk i Konkurrence- og Forbrugerstyrelsen, som skal træffe en række politiske valg i udmøntningen af de mange bemyndigelser?1.9) Spm. nr. S 852 om det lovforberedende arbejde i forbindelse med lovforslag nr. L 106Spm. nr. S 852 Til klima-, energi- og forsyningsministeren af: Theresa Scavenius (UFG): Hvad er ministerens holdning til, at det lovforberedende arbejde i forbindelse med lovforslag nr. L 106 samt udmøntningen af lovforslagets mange bemyndigelser sker i tæt samarbejde mellem forvaltning og industri, og at denne dialog ikke er omfattet af adgangen til aktindsigt?2) 1. behandling af B 120 om indførelse af en selvbestemmelsesordning ved valg af bostøtte for borgere i hjemløshedForslag til folketingsbeslutning om indførelse af en selvbestemmelsesordning ved valg af bostøtte for borgere i hjemløshed. Af Theresa Berg Andersen (SF) m.fl.3) 1. behandling af B 112 om at indføre fradrag på varmepumperForslag til folketingsbeslutning om at indføre fradrag på varmepumper. Af Steffen W. Frølund (LA) m.fl.4) 1. behandling af B 180 om at flytte ansvaret for Danmarks klimaberegninger til et uafhængigt organForslag til folketingsbeslutning om at flytte ansvaret for Danmarks klimaberegninger til et uafhængigt organ. Af Torsten Gejl (ALT) og Søren Egge Rasmussen (EL) m.fl.5) 1. behandling af B 189 om en præcis metode til målopfølgning for 2025- og 2030-klimamåleneForslag til folketingsbeslutning om en præcis metode til målopfølgning for 2025- og 2030-klimamålene. Af Torsten Gejl (ALT), Mona Juul (KF), Søren Egge Rasmussen (EL) og Samira Nawa (RV) m.fl.

Møde nr. 84 i salen 1) Besvarelse af oversendte spørgsmål til ministrene (spørgetid)Spørgetid.1.1) Spm. nr. S 815 om Anholts spritny redningsbådSpm. nr. S 815 Til forsvarsministeren af: Kristian Bøgsted (DD): Vil ministeren forholde sig til Anholts beboeres bekymringer om, at de ikke har set deres ellers nye redningsbåd siden februar sidste år? 1.2) Spm. nr. S 853 om den seneste udtalelse fra FN's særlige efterforsker i de palæstinensiske områder, Francesca AlbaneseSpm. nr. S 853 Til udenrigsministeren af: Sascha Faxe (ALT): Hvordan forholder ministeren sig til den seneste udtalelse fra FN's særlige efterforsker i de palæstinensiske områder, Francesca Albanese, der den 26. marts konkluderede, at der er »rimelige grunde til at tro, at tærsklen for, hvorvidt der er tale om folkedrab begået af Israel, er overskredet«, og hvordan forventer ministeren at agere på baggrund af denne vurdering?1.3) Spm. nr. S 818 om samtykkeloven er præcis nokSpm. nr. S 818 Til justitsministeren af: Mette Thiesen (DF): Finder ministeren, at samtykkeloven er præcis nok, og at den dermed ikke rammer uskyldige, som dømmes som gerningsmænd?1.4) Spm. nr. S 854 om orienteringsbriefing om kinesisk hackerangreb af tidligere folketingsmedlemmers computereSpm. nr. S 854 Til justitsministeren af: Sascha Faxe (ALT): Hvad er ministerens holdning til, at to tidligere medlemmer af Folketinget er blevet tilbudt orienteringsbriefing om kinesisk hackerangreb af deres computere af FBI og ikke af PET?1.5) Spm. nr. S 849 om at børn behandles kønsstereotypt i barndommenSpm. nr. S 849 Til børne- og undervisningsministeren af: Lotte Rod (RV): Anerkender ministeren, at de strukturelle forskelle mellem mænd og kvinders muligheder i samfundet hænger sammen med, at børn behandles kønsstereotypt i barndommen, herunder i dagtilbud og folkeskolen, og mener ministeren, at der er behov for at arbejde mere med kønsstereotyper i dagtilbud og folkeskolen?1.6) Spm. nr. S 836 om at indføre en dansk CO2-afgift på erhvervsfiskerietSpm. nr. S 836 Til skatteministeren af: Kristian Bøgsted (DD): Hvad er ministerens holdning til at indføre en dansk CO2-afgift på erhvervsfiskeriet, hvilket muligvis kan være i strid med EU's energibeskatningsdirektiv?1.7) Spm. nr. S 850 om opbakning til Ærø og Søby Havn-projektetSpm. nr. S 850 Til transportministeren af: Mai Mercado (KF): Mener ministeren ikke, at det er rimeligt, at der snart kommer opbakning til Ærø og Søby Havn-projektet, som har ligget stille siden ministerens besøg på Ærø for mere end et år siden, hvor ministeren erklærede sig villig til at kigge på finansiering til den resterende del af Søby Havn?1.8) Spm. nr. S 851 om en hensigtsmæssig måde at lovgive påSpm. nr. S 851 Til klima-, energi- og forsyningsministeren af: Theresa Scavenius (UFG): Mener ministeren, at det er en hensigtsmæssig måde at lovgive på, når det i lovforslag nr. L 106 fremgår over 1.679 gange, at ministeren eller vandsektortilsynet »fastsætter« reglerne senere, hvilket i praksis betyder, at det er embedsfolk i Konkurrence- og Forbrugerstyrelsen, som skal træffe en række politiske valg i udmøntningen af de mange bemyndigelser?1.9) Spm. nr. S 852 om det lovforberedende arbejde i forbindelse med lovforslag nr. L 106Spm. nr. S 852 Til klima-, energi- og forsyningsministeren af: Theresa Scavenius (UFG): Hvad er ministerens holdning til, at det lovforberedende arbejde i forbindelse med lovforslag nr. L 106 samt udmøntningen af lovforslagets mange bemyndigelser sker i tæt samarbejde mellem forvaltning og industri, og at denne dialog ikke er omfattet af adgangen til aktindsigt?2) 1. behandling af B 120 om indførelse af en selvbestemmelsesordning ved valg af bostøtte for borgere i hjemløshedForslag til folketingsbeslutning om indførelse af en selvbestemmelsesordning ved valg af bostøtte for borgere i hjemløshed. Af Theresa Berg Andersen (SF) m.fl.3) 1. behandling af B 112 om at indføre fradrag på varmepumperForslag til folketingsbeslutning om at indføre fradrag på varmepumper. Af Steffen W. Frølund (LA) m.fl.4) 1. behandling af B 180 om at flytte ansvaret for Danmarks klimaberegninger til et uafhængigt organForslag til folketingsbeslutning om at flytte ansvaret for Danmarks klimaberegninger til et uafhængigt organ. Af Torsten Gejl (ALT) og Søren Egge Rasmussen (EL) m.fl.5) 1. behandling af B 189 om en præcis metode til målopfølgning for 2025- og 2030-klimamåleneForslag til folketingsbeslutning om en præcis metode til målopfølgning for 2025- og 2030-klimamålene. Af Torsten Gejl (ALT), Mona Juul (KF), Søren Egge Rasmussen (EL) og Samira Nawa (RV) m.fl.

In this episode of Infrastructure Matters, hosts Steven Dickens with Krista Macomber and Camberley Bates cover the a peak at the 60th birthday party for the Mainframe, Rubrik's IPO and AI tech from AWS to memory and CXL technology. Key moments from the conversation include: The Mainframe turns sixty, and Steve and Camberley look back and forward on the amazing endurance plus the new adoption of the mainframe. The Infrastructure Matters team lends a view into the recent Amazon's Just Walk Out technology, and what is evolving within AI and computer vision technology and where to expect Amazon to go next.  AI was the top conversation at MemCon 2024 where the importance of memory technologies like HBM and CXL are addressing performance bottlenecks in high-performance computing and AI. How we will see data storage and other technologies gain traction as the new AI gains hold in everyday life.  Rubrik's IPO announcement prompts discussion on its financials, its acquisitions, and the broader trend of data protection companies pivoting towards cybersecurity amidst growing cyber threats.    

Jo Peterson, Vice President of Cloud and Security Services at Clarify360 discusses the critical importance of Data Security Posture Management (DSPM) in protecting against modern cyber threats. She covers the essential aspects of understanding exposure and accessibility of data, the importance of determining access levels, and how DSPM benefits organizations by enhancing data protection.

In the enterprise security news, Axonius raises $200M and is doing $100M ARR! Claroty raises $100M and is doing $100M ARR! Crowdstrike picks up DSPM with Flow Security CyCode picks up Bearer Are attackers like lawyers? How a bank failed (with no help from a cyber attack) the FTC cracks down on customer data collection Apple's car sadly won't be a thing any time soon or maybe ever. All that and more, on this episode of Enterprise Security Weekly. Show Notes: https://securityweekly.com/esw-352

In the enterprise security news, Axonius raises $200M and is doing $100M ARR! Claroty raises $100M and is doing $100M ARR! Crowdstrike picks up DSPM with Flow Security CyCode picks up Bearer Are attackers like lawyers? How a bank failed (with no help from a cyber attack) the FTC cracks down on customer data collection Apple's car sadly won't be a thing any time soon or maybe ever. All that and more, on this episode of Enterprise Security Weekly. Show Notes: https://securityweekly.com/esw-352

Defenders spend a lot of time and money procuring and implementing security controls. At the heart of SecOps and the SOC are technologies like XDR, SIEM, and SOAR. How do we know these technologies are going to detect or prevent attacks? Wait for the annual pen test? Probably not a good idea. In this segment, we'll talk with Michael Mumcuoglu about how MITRE's ATT&CK framework can help defenders better prepare for inevitable attack TTPs they'll have knocking on their doors. Segment Resources: CardinalOps Contributes to MITRE ATT&CK for Fourth Consecutive Release ESG Report: Operationalize MITRE ATT&CK with Detection Posture Management Report: Enterprise SIEMs offer inadequate threat detection 2023 State of SIEM Detection Risk Report In the enterprise security news, Axonius raises $200M and is doing $100M ARR! Claroty raises $100M and is doing $100M ARR! Crowdstrike picks up DSPM with Flow Security CyCode picks up Bearer Are attackers like lawyers? How a bank failed (with no help from a cyber attack) the FTC cracks down on customer data collection Apple's car sadly won't be a thing any time soon or maybe ever. All that and more, on this episode of Enterprise Security Weekly. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-352

Defenders spend a lot of time and money procuring and implementing security controls. At the heart of SecOps and the SOC are technologies like XDR, SIEM, and SOAR. How do we know these technologies are going to detect or prevent attacks? Wait for the annual pen test? Probably not a good idea. In this segment, we'll talk with Michael Mumcuoglu about how MITRE's ATT&CK framework can help defenders better prepare for inevitable attack TTPs they'll have knocking on their doors. Segment Resources: CardinalOps Contributes to MITRE ATT&CK for Fourth Consecutive Release ESG Report: Operationalize MITRE ATT&CK with Detection Posture Management Report: Enterprise SIEMs offer inadequate threat detection 2023 State of SIEM Detection Risk Report In the enterprise security news, Axonius raises $200M and is doing $100M ARR! Claroty raises $100M and is doing $100M ARR! Crowdstrike picks up DSPM with Flow Security CyCode picks up Bearer Are attackers like lawyers? How a bank failed (with no help from a cyber attack) the FTC cracks down on customer data collection Apple's car sadly won't be a thing any time soon or maybe ever. All that and more, on this episode of Enterprise Security Weekly. Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-352

Mike Melo, CISO and head of technology at LifeLabs, talks about his approach to innovation and insights on leading cloud security tools.About Mike Melo: "Heavily focused on people and integrity-led progression, Mike Melo is a Senior IT Executive and Chief Information Security Officer (CISO) with over 15+ years of experience advancing operational efficiencies, cyber indomitability, and overall organizational success. Currently serving as the CISO & VP IT Shared Services for LifeLabs in Canada, Mike holds an extensive background involving agile risk mitigation, post-breach transformation, security architecture, cross-functional technical leadership, regulatory compliance, and the art of developing high-performing team environments that are as positive as they are productive. In addition, he is passionate about not only helping industry leaders rectify security weaknesses while attaining sustainable protection, but doing so in such a way that ultimately propels their competitive capacities and growth initiatives forward. Prior to his most recent role overseeing multi-million cybersecurity programs and their implementation across organizational systems, Mike Initially worked as an International Information Security Officer, quickly scaling to hold several C-level roles under LifeLabs. Notably, this includes being an IT Security Lead, where Mike had the opportunity to support the tech team in rendering new security program development and overseeing the inception of the Incident Response program. More formerly, Mike became a CISO in December of 2019.That said, Mike's ambitions for security excellence were also done in conjunction with ongoing side affiliations supporting various professional engagements, keynote presentations/talking panels, and public contributions. Namely, this involves being a Board Member and Co-Chair of the Operations Committee for the Canadian Cyber Threat Exchange, a CISO Co-Chair for Evanta, and an active Board Member of HUMINT Cybersecurity Recruitment. Furthermore, Mike's devotion to bridging security gaps and innate avocation for making cybersecurity knowledge accessible has not gone unnoticed.Mike currently resides in Calgary with his wife and two children who inspire him to always become better than the day before, and enjoys spending his free time playing guitar - including attending Berklee College of Music in the evenings for guitar performance."SPONSER NOTE: Support for Cloud Ace podcast comes from SANS Institute. If you like the topics covered in this podcast and would like to learn more about cloud security, SANS Cloud Security curriculum is here to support your journey into building, deploying, and managing secure cloud infrastructure, platforms, and applications. Whether you are on a technical flight plan, or a leadership one, SANS Cloud Security curriculum has resources, training, and certifications to fit your needs. Focus on where the cloud is going, not where it is today. Your organization is going to need someone with hands-on technical experience and cloud security-specific knowledge. You will be prepared not only for your current role, but also for a cutting-edge future in cloud security. Review and Download Cloud Security Resources: sans.org/cloud-security/ Join our growing and diverse community of cloud security professionals on your platform of choice: Discord | Twitter | LinkedIn | YouTube

Today's guest is Vlad Constantinescu, Head of Data Science at Getvisibility. Based in Cork, Getvisibility's customisable AI revolutionises the DSPM landscape. With cutting-edge algorithms and user-friendly interfaces, it empowers businesses to unlock unprecedented insights, optimise performance and detect anomalies in real-time. The company's tailored solutions elevate your DSPM capabilities to new heights. Getvisibility are nominated in the Best Use of Responsible AI and Ethics at the 2023 AI Awards for addressing the challenge of managing unstructured legacy data. Their platform classifies data and ensures trustworthiness through explainable AI models impacting over 150 enterprise customers globally, by promoting data security and compliance. Topics include: Problems they are solving in unstructured legacy data for customers Choosing large models AI for core problems, smaller models for trust and ethics Utilizing a mesh of AI models to tackle generic issues efficiently Using language-agnostic document vectors for consistent data processing Applying AI models to enhance data analysis with a committee approach

DSPM or Data Security Posture Management with Yotam Segev from Cyera: Most security teams have known about data challenges in their organization and some of them are put in the too hard to solve right now bucket. Yotam came on the show to talk about who should own and manage data security programs and what can a data security roadmap look like for leaders who are working on the data problem today. Episode YouTube: ⁠⁠⁠ ⁠⁠⁠⁠Video Link⁠⁠⁠⁠⁠⁠⁠⁠⁠ Host Twitter: Ashish Rajan (⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠@hashishrajan⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠) Guest Socials: Yotam's Linkedin (⁠Yotam Segev⁠⁠) Podcast Twitter - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠@CloudSecPod⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels: - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security Newsletter ⁠⁠⁠⁠⁠⁠⁠⁠⁠ - ⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠Cloud Security BootCamp⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠⁠ Spotify TimeStamp for Interview Question (00:00) Introduction (04:32) Why is data security getting attention? (05:46) How was data security done before? (06:43) Cloud native way of managing data (07:31) What triggers a data security project? (08:35) At what stage should you start data security? (10:06) Challenges with starting data security projects (13:02) What does success look like? (15:02) Does the CISO own data security? (16:03) The right skill set for data security See you at the next episode!

Send us a Text Message.Lets learn about Data Security Posture Management(#DSPM) technology today. this is evolving tech in 2023 and I expect more adoption of this technology as we adopt to more cloud based apps that exchange data with other apps.Support the Show.Google Drive link for Podcast content:https://drive.google.com/drive/folders/10vmcQ-oqqFDPojywrfYousPcqhvisnkoMy Profile on LinkedIn: https://www.linkedin.com/in/prashantmishra11/Youtube Channnel : https://www.youtube.com/@TheCybermanShow Twitter handle https://twitter.com/prashant_cyber PS: The views are my own and dont reflect any views from my employer.

Liat Hayun is the CEO & Co-Founder of Eureka Security. Eureka is based in Tel Aviv and raised $8m seed round from YL Ventures in 2022.

Securing data is hard. Business stops when data flows are hindered, stopped, sometimes even slowed. Placing controls around data traditionally leads to more friction and less productivity. Can it be a different story in the cloud? Today, we find out when we talk to Dan Benjamin about why he founded Dig and the space they're trying to fill in public cloud services. Paddy Harrington joins us from Forrester research to discuss his findings in this year's state of IoT security report. Computers have been shoved into anything and everything, both in the home and in the workplace. Paddy will share some interesting insights from the report, and we'll discuss why some of the results seem to conflict. Segment description coming soon! Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/esw-322

Securing data is hard. Business stops when data flows are hindered, stopped, sometimes even slowed. Placing controls around data traditionally leads to more friction and less productivity. Can it be a different story in the cloud? Today, we find out when we talk to Dan Benjamin about why he founded Dig and the space they're trying to fill in public cloud services. Paddy Harrington joins us from Forrester research to discuss his findings in this year's state of IoT security report. Computers have been shoved into anything and everything, both in the home and in the workplace. Paddy will share some interesting insights from the report, and we'll discuss why some of the results seem to conflict. Segment description coming soon! Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly Show Notes: https://securityweekly.com/esw-322

Securing data is hard. Business stops when data flows are hindered, stopped, sometimes even slowed. Placing controls around data traditionally leads to more friction and less productivity. Can it be a different story in the cloud? Today, we find out when we talk to Dan Benjamin about why he founded Dig and the space they're trying to fill in public cloud services.   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-322 

Securing data is hard. Business stops when data flows are hindered, stopped, sometimes even slowed. Placing controls around data traditionally leads to more friction and less productivity. Can it be a different story in the cloud? Today, we find out when we talk to Dan Benjamin about why he founded Dig and the space they're trying to fill in public cloud services.   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw-322 

This episode was recorded LIVE at the 2023 Symmetry Systems Unconference on Zero Trust, adjunct to RSAC 2023. Allan is joined by his friend Claude Mandy, former CISO, former analyst, and now Chief Evangelist at Symmetry Systems.  Like Allan, Claude is a Zero Trust enthusiast.  The podcast was the capstone to a long day of Zero Trust presentations, panels, book reviews and other great topics and conversations. Join Allan and Claude at this live recording that covers: - How does DSPM fit into Zero Trust? - Allan's victory at a recent Digital Fight Club event where he championed Zero Trust - Overcoming Zero Trust marketing hype - Is Zero Trust a framework, an architecture, or something else?  Hint: Claude says it's something else. - What are the biggest challenges in implementing Zero Trust? - What are the benefits to the business of Zero Trust? - Security is about the intersection of Data & Entities - not about Assets - What are the most exciting aspects of RSAC 2023 for Claude and Allan?

In this episode of SecurPod, Ralph C. Jensen, publisher of Security Today magazine, talks with Parandar Das, the co-founder and CEO of Sotero. The conversation centers around the data security market and how Data Security Posture Management (DSPM) seems to be the future of cybersecurity. Das answers questions of why companies are pivoting more toward a data-first approach to securing their cloud-based data. He also addresses the question of why current approaches to data security are no longer effective. This Podcast is sponsored by Sotero.

Episode sponsors: Binarly (https://binarly.io) FwHunt (https://fwhunt.run) Symmetry Systems executive Claude Mandy joins the show to discuss a career in the security trenches, life as a CISO during the WannaCry crisis, and first principles around data security. We dig into the emerging Data Security Posture Management (DSPM) category and how it extends the Zero Trust philosophy to hybrid cloud data stores.

On this episode, we had the opportunity to speak to Tyler Young, the CISO at BigID, a leading modern data security vendor that helps organizations with their data security, privacy, compliance, and governance. Find out what key lessons Tyler learned as a newly-appointed CISO, how you can protect your data, and what he, as a CISO, thinks is the best way to implement and communicate security needs to various departments and people in an organization. You'll also learn more about Data Security Posture Management or DSPM and how and why Identity Management is closely tied to Data Security. Read the associated blog: Understanding DSPM & CSPM for Optimal Data Security here: https://www.horangi.com/blog/understanding-dspm--cspm-for-optimal-data-security - About Horangi Cybersecurity -- More information about the Ask A CISO podcast: https://www.horangi.com/resources/ask-a-ciso-podcast About Horangi Cyber Security: https://www.horangi.com - About the Guest -- Tyler's LinkedIn: https://www.linkedin.com/in/tyler-young-07841085/

After 2 decades of trying to make SIEMs work, security data lakes are a hot topic as they present an increasingly attractive alternative. The only hotter topic is ChatGPT and the game changing potential of AI. So in episode 52 of Security Voices, we mash the two together as Dave, Pathik Patel (Informatica), and Omer Singer (Snowflake) explore the many angles of security data lakes with an AI-assist from ChatGPT.From a functional definition to dishing on whether security data lakes signal the death of the SIEM, ChatGPT weighs in impressively early in the episode. Its later performance is much more suspect, seemingly gassing out under the pressure of harder (more poorly formed?) questions and likely a knee-buckling workload from millions of others testing the service simultaneously. The humans go on to discuss the real-time expectations for SIEMs vs. the “single source of truth” nature of security data lakes which lead to an exploration of product “suites” vs. specialized services and promise of the data lake to potentially unify them all.The week prior to the recording was the announcement of both the Open Cybersecurity Schema Framework (OCSF) standard alongside AWS' new Security Data Lake offering built on top of S3. We discuss the implications of AWS entering the space and what it means for already entrenched companies like Snowflake and Splunk. Pathik explains the significance of OCSF for security leaders and his projection of how important it will be for alleviating vendor lock-in and ultimately boosting our ability to provide strong security analytics.The practical realities of building and running a security data lake are clearly described from Pathik's experience at Informatica focusing on harmonizing and reporting on vulnerability data. He makes plain the amount of work involved– and the clear benefits of piggybacking off the company's existing data lake.The episode wraps with ChatGPT refusing to say anything further while Omer and Pathik take turns doing some end of year crystal ball gazing.

Jonathan Roizin is the Co-Founder and CEO at Flow Security, a startup that is revolutionizing data security by providing a platform that helps businesses secure their cloud data wherever it flows. Jonathan explains the difference between data security posture management (DSPM) and cloud security posture management (CSPM) and the important attributes of each. Jonathan also talks about his experience in various cybersecurity related roles spanning 16 years including investigations, incidence response, and how visibility and automation are becoming increasingly important. https://www.flowsecurity.com/

Hackers are using the recent Twitter breach, combined with the other 4,100 data breaches in 2022, to steal identities. Learn about new systems like #DSPM to mitigate your company's sprawling data. With Flow Security CEO, Jonathan Roizin.

Despite certain economic indicators warning that a recession is on the horizon, investment remains healthy within the security market amid thirst for cloud security, in particular. One such emerging field is data security posture management (DSPM), which aims to bridge the gap between business goals and a comprehensive security mechanism that leaves no data behind as organizations scale in the cloud.   A deep-rooted cyber security culture is crucial, and it goes as far back as the hiring process… 10 years ago, a typical hiring process consisted of working your way through a checklist, hiring individuals based solely on a CV. Today, the ‘Simon Sinek' culture is gaining more prevalence, with employers realizing that hiring the right person, rather than the CV, can have immeasurable benefits for business. Ryan will talk about why this is particularly true within the cyber security sphere, and why business leaders should follow this particular ‘Simon Sinek' strategy to build a successful security operation, and secure business, starting directly with the human's that run it. You will walk away from this session knowing why it is important to employ the right individual rather than the CV, and how adopting this approach can drastically improve how a business responds to and manages security threats, company wide. Segment Resources: Github: https://github.com/stripesoc TEDx Talk, How clicking a link can cost millions: https://www.youtube.com/watch?v=OI9n2tLf0Tg&list=PLcR8SW0W6hdAQvxYI9XJUEe50zFln6QMY&index=1 I   n the enterprise security news, Funding announcements take a bit of a break, We explore a few new vendors and organizations that have come to our attention recently, Wiz researchers annoy yet another cloud service by pointing out ridiculous vulnerabilities - IBM Cloud, this time, Docker Hub has tons of shady stuffs going on, EU strengthens cybersecurity with new legislation, The US Department of Defense releases Zero Trust strategy (no more Five E   Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly   Show Notes: https://securityweekly.com/esw301

Despite certain economic indicators warning that a recession is on the horizon, investment remains healthy within the security market amid thirst for cloud security, in particular. One such emerging field is data security posture management (DSPM), which aims to bridge the gap between business goals and a comprehensive security mechanism that leaves no data behind as organizations scale in the cloud.   A deep-rooted cyber security culture is crucial, and it goes as far back as the hiring process… 10 years ago, a typical hiring process consisted of working your way through a checklist, hiring individuals based solely on a CV. Today, the ‘Simon Sinek' culture is gaining more prevalence, with employers realizing that hiring the right person, rather than the CV, can have immeasurable benefits for business. Ryan will talk about why this is particularly true within the cyber security sphere, and why business leaders should follow this particular ‘Simon Sinek' strategy to build a successful security operation, and secure business, starting directly with the human's that run it. You will walk away from this session knowing why it is important to employ the right individual rather than the CV, and how adopting this approach can drastically improve how a business responds to and manages security threats, company wide. Segment Resources: Github: https://github.com/stripesoc TEDx Talk, How clicking a link can cost millions: https://www.youtube.com/watch?v=OI9n2tLf0Tg&list=PLcR8SW0W6hdAQvxYI9XJUEe50zFln6QMY&index=1 I   n the enterprise security news, Funding announcements take a bit of a break, We explore a few new vendors and organizations that have come to our attention recently, Wiz researchers annoy yet another cloud service by pointing out ridiculous vulnerabilities - IBM Cloud, this time, Docker Hub has tons of shady stuffs going on, EU strengthens cybersecurity with new legislation, The US Department of Defense releases Zero Trust strategy (no more Five E   Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly   Show Notes: https://securityweekly.com/esw301

Despite certain economic indicators warning that a recession is on the horizon, investment remains healthy within the security market amid thirst for cloud security, in particular. One such emerging field is data security posture management (DSPM), which aims to bridge the gap between business goals and a comprehensive security mechanism that leaves no data behind as organizations scale in the cloud.   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw298

Despite certain economic indicators warning that a recession is on the horizon, investment remains healthy within the security market amid thirst for cloud security, in particular. One such emerging field is data security posture management (DSPM), which aims to bridge the gap between business goals and a comprehensive security mechanism that leaves no data behind as organizations scale in the cloud.   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw298

Ryan Boulais, Chief Information Security Officer at The AES Corporation, joins the podcast to discuss data security and cloud security in the energy industry, the evolution of cybersecurity programs and DSPM, and where technology and global privacy regulations will have to intersect.

Cybersecurity is now battling a human problem just as much, if not more, than a technical one. According to Verizon's 2021 Data Breach Security Report, 85% of successful cyberattacks now involve a human element. Combine that with the fact that even the very best technology can only thwart about 93% of attacks and that leaves a large hole in an organization's basic security hygiene. This has led to a growing demand for ongoing educational programs that rely on behavioral science to measure and manage cybersecurity risk as a distinctly different solution from generic, one-size-fits-all training programs.   In the enterprise security news, SentinelOne and Crowdstrike reinvest in the security market, Malwarebytes raises $100M, Ox Security raises a $34M Seed round??? Jamf acquires ZecOps, New startups looking to improve Code Reviews…Outsource questionnaires…provide consumer privacy awareness…Federal security funding for state and local governments, New software supply chain attacks, Microsoft Windows slaps your hand when you try to update passwords.txt, and stick around until the end, when we talk about a New Jersey Deli with a $100M market cap!   This is a recurring segment, in which we bring on a VC to provide an investor's point-of-view on all this activity. It's hard to imagine a better investor to join us than Will Lin, co-founder of Forgepoint, one of the few VC firms that exclusively invests in cybersecurity startups. We'll discuss: - How, the last time we had Will on (20 episodes ago, ESW 270), we were asking about huge valuations and potential market resets/corrections. Well, it seems that day arrived. What now? - Crowdstrike and SentinelOne are active investors with their own funds now. Is this a new trend, or are we just now noticing it? What does it mean for the larger market and for founders looking to raise? - We've had guests on to discuss enterprise browsers, and DSPM - what hot markets should we target next?   Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly   Show Notes: https://securityweekly.com/esw290

Cybersecurity is now battling a human problem just as much, if not more, than a technical one. According to Verizon's 2021 Data Breach Security Report, 85% of successful cyberattacks now involve a human element. Combine that with the fact that even the very best technology can only thwart about 93% of attacks and that leaves a large hole in an organization's basic security hygiene. This has led to a growing demand for ongoing educational programs that rely on behavioral science to measure and manage cybersecurity risk as a distinctly different solution from generic, one-size-fits-all training programs.   In the enterprise security news, SentinelOne and Crowdstrike reinvest in the security market, Malwarebytes raises $100M, Ox Security raises a $34M Seed round??? Jamf acquires ZecOps, New startups looking to improve Code Reviews…Outsource questionnaires…provide consumer privacy awareness…Federal security funding for state and local governments, New software supply chain attacks, Microsoft Windows slaps your hand when you try to update passwords.txt, and stick around until the end, when we talk about a New Jersey Deli with a $100M market cap!   This is a recurring segment, in which we bring on a VC to provide an investor's point-of-view on all this activity. It's hard to imagine a better investor to join us than Will Lin, co-founder of Forgepoint, one of the few VC firms that exclusively invests in cybersecurity startups. We'll discuss: - How, the last time we had Will on (20 episodes ago, ESW 270), we were asking about huge valuations and potential market resets/corrections. Well, it seems that day arrived. What now? - Crowdstrike and SentinelOne are active investors with their own funds now. Is this a new trend, or are we just now noticing it? What does it mean for the larger market and for founders looking to raise? - We've had guests on to discuss enterprise browsers, and DSPM - what hot markets should we target next?   Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly   Show Notes: https://securityweekly.com/esw290

This is a recurring segment, in which we bring on a VC to provide an investor's point-of-view on all this activity. It's hard to imagine a better investor to join us than Will Lin, co-founder of Forgepoint, one of the few VC firms that exclusively invests in cybersecurity startups. We're excited to have Will back with us! We'll discuss - How, the last time we had Will on (20 episodes ago, ESW 270), we were asking about huge valuations and potential market resets/corrections. Well, it seems that day arrived. What now? - Crowdstrike and SentinelOne are active investors with their own funds now. Is this a new trend, or are we just now noticing it? What does it mean for the larger market and for founders looking to raise? - We've had guests on to discuss enterprise browsers, and DSPM - what hot markets should we target next?   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw290

This is a recurring segment, in which we bring on a VC to provide an investor's point-of-view on all this activity. It's hard to imagine a better investor to join us than Will Lin, co-founder of Forgepoint, one of the few VC firms that exclusively invests in cybersecurity startups. We're excited to have Will back with us! We'll discuss - How, the last time we had Will on (20 episodes ago, ESW 270), we were asking about huge valuations and potential market resets/corrections. Well, it seems that day arrived. What now? - Crowdstrike and SentinelOne are active investors with their own funds now. Is this a new trend, or are we just now noticing it? What does it mean for the larger market and for founders looking to raise? - We've had guests on to discuss enterprise browsers, and DSPM - what hot markets should we target next?   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw290

Data Security Posture Management (DSPM) is not your dad's DLP. This new category has emerged to tackle one of the toughest areas of security: protecting data. Today, Jonathan Roizin from Flow Security helps us understand what this new security category is all about and how it differs from the OG, false positive heavy DLP we'd all rather forget. Segment Resources: Flow's blog post - "5 Key Takeaways About DSPM From the Gartner® Hype Cycle™ For Data Security, 2022": https://www.flowsecurity.com/gartner-dspm/ Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw289

Data Security Posture Management (DSPM) is not your dad's DLP. This new category has emerged to tackle one of the toughest areas of security: protecting data. Today, Jonathan Roizin from Flow Security helps us understand what this new security category is all about and how it differs from the OG, false positive heavy DLP we'd all rather forget. Segment Resources: Flow's blog post - "5 Key Takeaways About DSPM From the Gartner® Hype Cycle™ For Data Security, 2022": https://www.flowsecurity.com/gartner-dspm/ Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw289

The new category of Data Security Posture Management, what is it and why it's important. Discussing real customer stories where DSPM products played a critical role in helping companies secure their data.   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw286

The new category of Data Security Posture Management, what is it and why it's important. Discussing real customer stories where DSPM products played a critical role in helping companies secure their data.   Since the dawn of the internet, companies have been fighting cyber vulnerabilities with a myriad of traditional technologies. And assigning cybersecurity training to people without really knowing its effectiveness or being able to tell the difference between knowledge and behavior. This is why AwareGO created the Human Risk Assessment. Designed by behavioral and cybersecurity experts, it allows organizations to measure human risk and resilience across a number of critical cybersecurity threat vectors. It measures cyber risks connected to social media that are not only personal but can affect the workplace as well. It helps assess awareness of secure password handling with multiple interactive experiences and situations. And it allows you to discover how employees would deal with tricky situations around the workplace, such as tailgating and shouldersurfing …. and issues related to remote work. All in a safe and friendly environment. After completing the assessment employees get individualized results with an explanation of what they did right and what they could have done better. This offers guidance and a chance to learn. The overall results help organizations gather actionable insights and make informed decisions about their security strategy. The Human Risk Assessment works as a stand alone product but its flexibility allows integration into existing platforms. When combined with AwareGO's live action training content it can bring your organization's cyber resilience to the next level. Segment Resources: https://awarego.com/human-risk-assessment/ https://www.securityweekly.com/awaregoresource https://awarego.com/how-to-measure-human-cyber-risk-finally/ https://awarego.com/materials/the-human-side-of-cybersecurity/ This segment is sponsored by AwareGO. Visit https://securityweekly.com/awarego to learn more about them!   In the Enterprise Security News: We discuss Twitterpocalypse 2022! The Biggest Winner? Security startup Wiz reaches $100M ARR in 18 months??? Tons of funding we probably won't get to, sorry in advance, we've got 2 weeks of news to catch up on! Awesome free tools, free training and DIY tips! Third party attacks and supply chain attacks continue to ramp up, John Deere's security deficiencies get exposed again, Cyber insurers reduce coverage… again, ESPN8 the Ocho, explained, and more, on this episode of Enterprise Security Weekly!   Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly   Show Notes: https://securityweekly.com/esw286

The new category of Data Security Posture Management, what is it and why it's important. Discussing real customer stories where DSPM products played a critical role in helping companies secure their data.   Since the dawn of the internet, companies have been fighting cyber vulnerabilities with a myriad of traditional technologies. And assigning cybersecurity training to people without really knowing its effectiveness or being able to tell the difference between knowledge and behavior. This is why AwareGO created the Human Risk Assessment. Designed by behavioral and cybersecurity experts, it allows organizations to measure human risk and resilience across a number of critical cybersecurity threat vectors. It measures cyber risks connected to social media that are not only personal but can affect the workplace as well. It helps assess awareness of secure password handling with multiple interactive experiences and situations. And it allows you to discover how employees would deal with tricky situations around the workplace, such as tailgating and shouldersurfing …. and issues related to remote work. All in a safe and friendly environment. After completing the assessment employees get individualized results with an explanation of what they did right and what they could have done better. This offers guidance and a chance to learn. The overall results help organizations gather actionable insights and make informed decisions about their security strategy. The Human Risk Assessment works as a stand alone product but its flexibility allows integration into existing platforms. When combined with AwareGO's live action training content it can bring your organization's cyber resilience to the next level. Segment Resources: https://awarego.com/human-risk-assessment/ https://www.securityweekly.com/awaregoresource https://awarego.com/how-to-measure-human-cyber-risk-finally/ https://awarego.com/materials/the-human-side-of-cybersecurity/ This segment is sponsored by AwareGO. Visit https://securityweekly.com/awarego to learn more about them!   In the Enterprise Security News: We discuss Twitterpocalypse 2022! The Biggest Winner? Security startup Wiz reaches $100M ARR in 18 months??? Tons of funding we probably won't get to, sorry in advance, we've got 2 weeks of news to catch up on! Awesome free tools, free training and DIY tips! Third party attacks and supply chain attacks continue to ramp up, John Deere's security deficiencies get exposed again, Cyber insurers reduce coverage… again, ESPN8 the Ocho, explained, and more, on this episode of Enterprise Security Weekly!   Visit https://www.securityweekly.com/esw for all the latest episodes! Follow us on Twitter: https://www.twitter.com/securityweekly Like us on Facebook: https://www.facebook.com/secweekly   Show Notes: https://securityweekly.com/esw286

The new category of Data Security Posture Management, what is it and why it's important. Discussing real customer stories where DSPM products played a critical role in helping companies secure their data.   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw286

Symmetry Systems co-founder Mohit Tiwari has been studying data security and control flow access for more than a decade. On this episode of the podcast, he discusses his transition from academia to data security entrepreneurship, first principles around the data security and privacy, the exploding DSPM (data security posture management) space, and the mission to solve one of cybersecurity's biggest problems.

This is a recurring segment, in which we bring on a VC to provide an investor's point-of-view on all this activity. It's hard to imagine a better investor to join us than Will Lin, co-founder of Forgepoint, one of the few VC firms that exclusively invests in cybersecurity startups! We're very excited to have Will back on and are looking forward to discussing: - Huge valuations and potential pricing/market resets and corrections - Interesting new security categories: DSPM, SaaS Security, Enterprise Browsers - Why security startups seem to be more resilient than in other markets (for reference: https://www.cbinsights.com/research/biggest-startup-failures/)   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw270

This is a recurring segment, in which we bring on a VC to provide an investor's point-of-view on all this activity. It's hard to imagine a better investor to join us than Will Lin, co-founder of Forgepoint, one of the few VC firms that exclusively invests in cybersecurity startups! We're very excited to have Will back on and are looking forward to discussing: - Huge valuations and potential pricing/market resets and corrections - Interesting new security categories: DSPM, SaaS Security, Enterprise Browsers - Why security startups seem to be more resilient than in other markets (for reference: https://www.cbinsights.com/research/biggest-startup-failures/)   Visit https://www.securityweekly.com/esw for all the latest episodes! Show Notes: https://securityweekly.com/esw270

Reciben policías vacunas de Pfizer Alrededor de 400 agentes municipales pertenecientes a la DSPM en Ensenada fueron inoculados, el pasado sábado, con la primera dosis del biológico

Buenos días, viernes 18 de septiembre. Le presentamos la información para empezar el día. 1.- Ruth Medina Alemán, Fiscal General del Estado de Durango, informó que los reportes de violencia al 911 han incrementado un 85.5 por ciento, delito que aumentó por el aislamiento, la falta de empleo y la crisis económica que se vive por el Covid - 19. 2.- Con la iniciativa “La vida en la Colmena” diferentes instituciones buscan resguardar los enjambres que se crean en diferentes sectores habitacionales, ante ello Laura Sarmiento, de “Alas de Vida Laguna”, solicita a la ciudadanía no dañarlos porque son parte importante del ecosistema. 3.- Debido al incremento de robos en los negocios, se creó el programa “Centinela” que tiene como finalidad prevenir este delito y alertar de manera inmediata a las unidades policíacas, así lo dio a conocer Primo García, titular de la Dirección de Seguridad Pública Municipal de Torreón (DSPM) . 4.- Para hoy y los próximos días la Comisión Nacional del Agua (Conagua), pronostica para la Comarca Lagunera un ligero descenso en las temperaturas, cielo nublado a despejado, posibilidad de lluvia y viento moderado. 5.- Hoy es el Día Mundial de las Playas, y se busca que la población tome conciencia sobre la conservación de estos destinos turísticos, que enfrentan grandes problemas de contaminación. Acompáñenos con toda la información dos minutos antes de las ocho de la noche por Meganoticias.