Podcasts about global ciso

Jim Richberg, Head of Cyber Policy and Global Field CISO at Fortinet rejoins the show for a timely discussion on the fast-evolving landscape of artificial intelligence and we unpack AI's unprecedented energy demands, its implications on national infrastructure, and the critical cybersecurity considerations government agencies must navigate in this new era. Jim also shares his "Three Rules for Government Technology Transformation," and we explore why education and clear procurement strategies are vital to responsible AI rollout in public sector programs.

In this episode of the ShorelineHudson Maritime Risk Podcast, we explore how the maritime sector is confronting the growing challenge of cyber risk with data-driven clarity. Our guests include Rob Vasquez, CEO of Beacon Technologies, Rick Siebenaler, CEO of the Maritime Cybersecurity Institute and academic sponsor of this fully funded research initiative, and Sean Jensen, ShorelineHudson's cyber expert and program facilitator. Together, they discuss the Maritime Cybersecurity Institute's vessel cyber risk analysis program powered by CYFAX+ and how it is transforming the way shipowners, operators, and regulators visualize, assess, and act on vessel-level cyber threat intelligence. If you're ready to understand what it truly means to "see the threat," this is a conversation you won't want to miss. Speakers: Rob Vazquez – Beacon Technologies Rob Vazquez is the CEO of Beacon Technology Group and a pioneer in cybersecurity innovation with over 30 years of experience across global IT and data protection. He has led enterprise-scale deployments for multinational firms and is the inventor behind a patent-pending AI-based threat processing system. Rob's work at Beacon focuses on developing accessible cybersecurity solutions, including the CYFAX+ platform, which supports advanced threat visibility and regulatory compliance.   Rick Siebenaler - Maritime Cybersecurity Institute Rick Siebenaler is the CEO of the Maritime Cybersecurity Institute, a nonprofit dedicated to advancing cyber resilience in the commercial maritime sector. With a distinguished background at the NSA, CyberGuard, EY, and Deloitte—holding titles such as Chief Scientist and Global CISO, Rick brings strategic depth to maritime cybersecurity. His leadership is driving the sector toward a more mature, integrated approach to cyber risk management.   Sean Jensen - ShorelineHudson Sean Jensen is a cyber threat specialist at ShorelineHudson with a master's in Homeland Security and expertise in maritime risk assessment. He leads the development and deployment of the AVRA platform, delivering intelligence-driven cyber and physical vulnerability assessments for global port and vessel operations. Certified as a Facility Security Officer and Business Continuity Professional, Sean supports compliance and resilience strategies across the maritime domain.    

From 2023 to 2024, ransomware has seen a 67 percent jump, with an average payment of $2 million and another $2.7 million in recovery costs for most companies that are hit by an attack. Fortunately, there are multiple steps businesses can take to lower the risk of being a victim. In this episode, Adam Keown, global CISO at Eastman, joins host Heather Engel to discuss the value of email filtering for organizations across the globe. • For more on cybersecurity, visit us at https://cybersecurityventures.com

From 2023 to 2024, ransomware has seen a 67 percent jump, with an average payment of $2 million and another $2.7 million in recovery costs for most companies that are hit by an attack. Fortunately, there are multiple steps businesses can take to lower the risk of being a victim. In this episode, Adam Keown, global CISO at Eastman, joins host Heather Engel to discuss how organizations can protect their remote access areas. • For more on cybersecurity, visit us at https://cybersecurityventures.com

Rinki Sethi is a top global CISO, board member, and cybersecurity expert. In this episode, she joins host Amanda Glassner from the RSA Conference 2025 to discuss women in cybersecurity, how attendance at the event this year panned out, and more. • For more on cybersecurity, visit us at https://cybersecurityventures.com

From 2023 to 2024, ransomware has seen a 67 percent jump, with an average payment of $2 million and another $2.7 million in recovery costs for most companies that are hit by an attack. Fortunately, there are multiple steps businesses can take to lower the risk of being a victim. In this episode, Adam Keown, global CISO at Eastman, joins host Heather Engel to discuss reasons why it is beneficial for organizations to limit employee access and permissions. • For more on cybersecurity, visit us at https://cybersecurityventures.com

Whether compliance-as-security in CNI offers security or false confidenceNavigating tool and dashboard complexity to avoid CNI cyber blind spots Attracting cyber talent into CNI and away from finance and tech This episode is hosted by Jonathan Craven:https://www.linkedin.com/in/thomlangford/Sofia Martinez Gomez, VP, Risk & Tech Practice - Cybersecurity, Privacy & Compliance, AlixPartnershttps://www.linkedin.com/in/sofia-martinez-gomez-8b5534136/?locale=en_US  Monika Atanasova, Global Head of Third Party Risk Management, Raiffeisen Gruppehttps://www.linkedin.com/in/monika-atanasova-746633b7/?originalSubdomain=chDeryck Mitchelson, Global CISO, Check Point Software Technologieshttps://www.linkedin.com/in/deryckmitchelson

In this episode, we sit with security leader and venture investor Sergej Epp to discuss the Cloud-native Security Landscape. Sergej currently serves as the Global CISO and Executive at Cloud Security leader Sysdig and is a Venture Partner at Picus Capital. We will dive into some insights from Sysdig's recent "2025 Cloud-native Security and Usage Report."Big shout out to our episode sponsor, Yubico!Passwords aren't enough. Cyber threats are evolving, and attackers bypass weak authentication every day. YubiKeys provides phishing-resistant security for individuals and businesses—fast, frictionless, and passwordless.Upgrade your security:https://yubico.comSergj and I dove into a lot of great topics related to Cloud-native Security, including:Some of the key trends in the latest Sysdig 2025 Cloud-native Security Report and trends that have stayed consistent YoY. Sergj points out that while attackers have stayed consistent, organizations have and continue to make improvements to their securitySergj elaborated on his current role as Sysdig's internal CISO and his prior role as a field CISO and the differences between the two roles in terms of how you interact with your organization, customers, and the community.We unpacked the need for automated Incident Response, touching on how modern cloud-native attacks can happen in as little as 10 minutes and how organizations can and do struggle without sufficient visibility and the ability to automate their incident response.The report points out that machine identities, or Non-Human Identities (NHI), are 7.5 times riskier than human identities and that there are 40,000 times more of them to manage. This is a massive problem and gap for the industry, and Sergj and I walked through why this is a challenge and its potential risks.Vulnerability prioritization continues to be crucial, with the latest Sysdig report showing that just 6% of vulnerabilities are “in-use”, or reachable. Still, container bloat has ballooned, quintupling in the last year alone. This presents real problems as organizations continue to expand their attack surface with expanded open-source usage but struggle to determine what vulnerabilities truly present risks and need to be addressed.We covered the challenges with compliance, as organizations wrestle with multiple disparate compliance frameworks, and how compliance can drive better security but also can have inverse impacts when written poorly or not keeping pace with technologies and threats.We rounded out the conversation with discussing AI/ML packages and the fact they have grown by 500% when it comes to usage, but organizations have decreased public exposure of AI/ML workloads by 38% since the year prior, showing some improvements are being made to safeguarding AI workloads from risks as well.

Greg Crowley is the CISO at eSentire. In this episode, he joins host Heather Engel and Dwayne Smith, Sr. VP Information Security and Global CISO at Vensure Employer Solutions, to discuss M&A integration, including how CISOs can ensure a secure process, tackling inherited vulnerabilities, and more. Next Level CISO is a Cybercrime Magazine podcast brought to you by eSentire, the Authority in Managed Detection and Response. eSentire's mission is to hunt, investigate and stop cyber threats before they become business disrupting events. To learn more about our sponsor, visit https://esentire.com

From 2023 to 2024, ransomware has seen a 67 percent jump, with an average payment of $2 million and another $2.7 million in recovery costs for most companies that are hit by an attack. Fortunately, there are multiple steps businesses can take to lower the risk of being a victim. In this episode, Adam Keown, global CISO at Eastman, joins host Heather Engel to discuss software updates and how they are essential to protection strategies for organizations across the globe. • For more on cybersecurity, visit us at https://cybersecurityventures.com

From 2023 to 2024, ransomware has seen a 67 percent jump, with an average payment of $2 million and another $2.7 million in recovery costs for most companies that are hit by an attack. Fortunately, there are multiple steps businesses can take to lower the risk of being a victim. In this episode, Adam Keown, global CISO at Eastman, joins host Heather Engel to discuss regular backups and how they are essential to protection strategies for organizations across the globe. • For more on cybersecurity, visit us at https://cybersecurityventures.com

From 2023 to 2024, ransomware has seen a 67 percent jump, with an average payment of $2 million and another $2.7 million in recovery costs for most companies that are hit by an attack. Fortunately, there are multiple steps businesses can take to lower the risk of being a victim. In this episode, Adam Keown, global CISO at Eastman, joins host Heather Engel to discuss strong passwords, multi-factor authentication, and how they are essential to protection strategies for organizations across the globe. • For more on cybersecurity, visit us at https://cybersecurityventures.com

Who really owns patient data? Can digital identity reshape healthcare security, privacy, and fraud prevention? We sit down with Dan Bowden, Global CISO at Marsh, to tackle these questions. Dan brings a wealth of experience in healthcare cybersecurity, previously serving as CISO at Sentara Healthcare. We dive deep into digital identity, data sovereignty, and the evolving role of AI in protecting patient privacy. Tune in as we discuss: Potential for errors in traditional healthcare ID systems How digital IDs could fight fraud & streamline claims Impact of AI on patient data privacy & security The path to patient data ownership Find Dan's work at: www.marsh.com Subscribe and stay at the forefront of the digital healthcare revolution. Watch the full video on YouTube @TheDigitalHealthcareExperience The Digital Healthcare Experience is a hub to connect healthcare leaders and tech enthusiasts. Powered by Taylor Healthcare, this podcast is your gateway to the latest trends and breakthroughs in digital health. Learn more at taylor.com/digital-healthcare About Us: Taylor Healthcare empowers healthcare organizations to thrive in the digital world. Our technology streamlines critical workflows such as procedural & surgical informed consent with patented mobile signature capture, ransomware downtime mitigation, contactless patient check-in and more. Learn more at taylor.com/healthcare/imedhealth   The Digital Healthcare Experience Podcast: Powered by Taylor Healthcare Produced by Naomi Schwimmer  Hosted by Chris Civitarese Edited by Eli Banks Music by Nicholas Bach  

Adam Keown is the Global CISO at Eastman and a former special agent with the FBI. In this episode, he joins host Paul John Spaulding, Kyle Haglund, VP, Audio Engineering at Cybercrime Magazine, and Sam White, Video Producer at Cybercrime Magazine, to discuss illegally distributed games, his perspective as a former FBI agent, and more. • For more on cybersecurity, visit us at https://cybersecurityventures.com

Adam Keown is the Global CISO at Eastman. In this episode, he joins host Heather Engel to discuss the evolving ransomware landscape, including some of the latest threats, such as AI-enabled ransomware, and how CISOs across organizations can safeguard their business operations and ensure continuity. • For more on cybersecurity, visit us at https://cybersecurityventures.com

Steve Satterwhite On Cyber is a Cybercrime Magazine Podcast series brought to you by Entelligence. In this episode, Steve Satterwhite, founder and CEO at Entelligence, joins host Scott Schober and Adam Keown, Global CISO at Eastman, to discuss the human factor in cybersecurity. An industry leader in delivering affordable, high value professional services to security-conscious enterprise and government organizations worldwide, Entelligence addresses the cyber skills gap by working as a seamless extension of each customer's organization, providing a set of customized services that include security readiness assessments, quick-start solution deployments, and longer-term resident expert engagements. Learn more about our sponsor at https://entelligence.com

Breaking Into Cybersecurity Leadership with Phani Dasari In this episode of Breaking into Cybersecurity, join host Christophe as he interviews Phani Dasari, the Global CISO at Hinduja Global Solutions (HGS). Phani shares his remarkable journey into cybersecurity, from his early days in the United States during the 2008 recession, to his pivotal roles at EMC, RSA, ADP, TikTok, and HGS. He delves into valuable insights on navigating and succeeding in the cybersecurity industry, emphasizing the importance of personal branding, continuous learning, and people management skills. This episode offers actionable advice for aspiring and current cybersecurity professionals on developing a broad skill set, pursuing career advancements, and effectively leading teams in a dynamic and challenging field. Sponsored by CPF Coaching LLC - http://cpf-coaching.com The Breaking into Cybersecurity: It's a conversation about what they did before, why did they pivot into cyber, what the process was they went through Breaking Into Cybersecurity, how they keep up, and advice/tips/tricks along the way. The Breaking into Cybersecurity Leadership Series is an additional series focused on cybersecurity leadership and hearing directly from different leaders in cybersecurity (high and low) on what it takes to be a successful leader. We focus on the skills and competencies associated with cybersecurity leadership and tips/tricks/advice from cybersecurity leaders. Check out our books: Develop Your Cybersecurity Career Path: How to Break into Cybersecurity at Any Level https://amzn.to/3443AUI Hack the Cybersecurity Interview: Navigate Cybersecurity Interviews with Confidence, from Entry-level to Expert roles https://www.amazon.com/Hack-Cybersecurity-Interview-Interviews-Entry-level/dp/1835461298/ Hacker Inc.: Mindset For Your Career https://www.amazon.com/Hacker-Inc-Mindset-Your-Career/dp/B0DKTK1R93/ _________________________________________ About the hosts: Renee Small is the CEO of Cyber Human Capital, one of the leading human resources business partners in the field of cybersecurity, and author of the Amazon #1 best-selling book, Magnetic Hiring: Your Company's Secret Weapon to Attracting Top Cyber Security Talent. She is committed to helping leaders close the cybersecurity talent gap by hiring from within and helping more people get into the lucrative cybersecurity profession. https://www.linkedin.com/in/reneebrownsmall/ Download a free copy of her book at magnetichiring.com/book Christophe Foulon focuses on helping to secure people and processes, using a solid understanding of the technology involved. He has over ten years of experience as an Information Security Manager and Cybersecurity Strategist. He is passionate about customer service, process improvement, and information security. He has significant expertise in optimizing the use of technology while balancing the implications for people, processes, and information security through a consultative approach. https://www.linkedin.com/in/christophefoulon/ Find out more about CPF-Coaching at https://www.cpf-coaching.com - Website: https://www.cyberhubpodcast.com/breakingintocybersecurity - Podcast: https://podcasters.spotify.com/pod/show/breaking-into-cybersecuri - YouTube: https://www.youtube.com/c/BreakingIntoCybersecurity - Linkedin: https://www.linkedin.com/company/breaking-into-cybersecurity/ - Twitter: https://twitter.com/BreakintoCyber - Twitch: https://www.twitch.tv/breakingintocybersecurity

This week Nicole interviews Devon Bryan, Global CISO of Carnival Corporation. They talk all things cybersecurity careers, the inspiration to start Cyversity, managing the cybersecurity of floating cities, and redefining ROI. To learn more about Cyversity and their programs, visit their website or LinkedIn page.

Teresa Zielinski, CISSP, is the Global CISO at GE Vernova. In this episode, she joins Oz Alashe, founder and CEO at CybSafe, and host Paul John Spaulding to discuss security awareness training and human risk management, including where large organizations are in the shift, how the risk landscape has evolved, and more. BEHAVE: A Human Risk Podcast is brought to you by CybSafe, developers of the Human Risk Management Platform. Learn more at https://cybsafe.com

Podcast: PrOTect It All (LS 24 · TOP 10% what is this?)Episode: Navigating Cybersecurity Challenges: AI, Tabletop Exercises, and Operational TechnologyPub date: 2024-11-04Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this episode, host Aaron Crow is joined by Clint Bodungen, Director of Cybersecurity Innovation at Morgan Franklin Cyber and founder of Threatgen, alongside Michael Welch, Managing Director at Morgan Franklin Cyber. Together, they delve into the ever-evolving world of cybersecurity in honor of Cybersecurity Awareness Month. Aaron kicks things off by discussing the importance of iterative processes and tabletop exercises in enhancing decision-making and preparedness. The conversation then shifts to the exciting yet complex role of AI in cybersecurity, particularly in operational technology (OT) and critical infrastructure. The experts emphasize the potential of generative AI for data analysis while underscoring the need for human oversight to avoid biases and misinformation. Clint introduces an “engineering informed cyber” approach to better integrate OT and IT in managing cybersecurity risks, while Aaron stresses the importance of collaboration between cybersecurity professionals and engineers. The episode also tackles balancing convenience and security, the intricacies of password management, and the critical role of communication and trust. Listeners will gain valuable insights into AI's role in enhancing security operations, the consequences of system failures, and the debate between compliance and true security. This episode offers expert opinions, real-world examples, and practical advice for navigating today's cybersecurity challenges. Join us for a comprehensive discussion on protecting our digital world.   Key Moments:    04:20 Generative AI aids efficient GRC and cybersecurity management. 08:40 AI lacks context for verifying asset information. 11:38 Generative AI creating and automating malware tools. 15:58 Building data centers using decommissioned power plants. 17:14 Regulation growing in infrastructure for compliance security. 22:09 Compliance is binary; partial compliance isn't sufficient. 24:33 Prioritize "engineering informed cyber" for OT resilience. 28:14 Collaboration between IT and OT is essential. 33:54 Frustration with excessive video game security measures. 34:49 Cybersecurity fails due to over-engineering complexity. 40:49 Make security easy with password managers, authenticators. 42:31 AI improves tabletop exercises for comprehensive insights. 45:31 Generative AI augments human capabilities and creativity. 48:08 Automated injects streamline engagement and business continuity. 53:46 Executives misunderstand risk, leading to false security. 54:29 Strong IT security, but vulnerable weak points. About the Guests :    Clint Bodungen:    Clint Bodungen is a globally recognized cybersecurity professional and thought leader with 30 years of experience (focusing primarily on industrial cybersecurity, red teaming, and risk assessment). He is the author of two best-selling books, "Hacking Exposed: Industrial Control Systems" and “ChatGPT for Cybersecurity Cookbook. Clint is a United States Air Force veteran and has worked for notable cybersecurity firms like Symantec, Booz Allen Hamilton, and Kaspersky Lab, and is currently the founder of ThreatGEN and Director of Cybersecurity Innovation at Morgan Franklin Consulting. Renowned for his creative approach to cybersecurity education and training, he has been at the forefront of integrating gamification and AI applications into cybersecurity training; he created ThreatGEN® Red vs. Blue, the world's first online multiplayer computer designed to teach real-world cybersecurity. His latest innovation is AutoTableTop, which uses the latest generative AI technology to automate, simplify, and revolutionize IR tabletop exercises. As AI technology continues evolving, so does his pursuit of helping revolutionize the cybersecurity industry using gamification generative AI. Connect Clint at - https://www.linkedin.com/in/clintb/   Michael Welch :    Michael Welch has over twenty-five years of expertise in Governance, Risk Management, Compliance and Cybersecurity.  In his role as Sector Lead, Michael  will focus on the importance of cybersecurity in Utilities and Industrial Manufacturing.  Michael understands that robust cybersecurity measures are not just a regulatory requirement but are pivotal in safeguarding the resilience of organizations, safety of its people, and overall economic stability.  Michael has worked for organizations such as NextEra and Duke Energy as well as engineering firm Burns & McDonnell.  In addition, he was the Global CISO for the food manufacturing firm OSI Industries.Some of the certifications he has obtained through his career are Certified Information System Security Professional (CISSP), Certified Information Security Manager (CISM), Certified Information Security Auditor (CISA), Global Industrial Cyber Security Professional (GICSP), Certified Data Privacy Solutions Engineer (CDPSE) and CMMC - Registered Practitioner Advanced (RPA).  Connect Michael Welch at : https://www.linkedin.com/in/michael-welch-93375a4/ Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow   Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:  https://facebook.com/protectitallpodcast    To be a guest or suggest a guest/episode, please email us at info@protectitall.coThe podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

The Haunted House of API'sToday, we are releasing another episode for Cybersecurity Awareness month, in our series entitled the Haunted House of API's, sponsored by our friends at Traceable AI. In this series, we are building awareness around API's, their security risks – and what you can do about it. Traceable AI is building One Platform to secure every API, so you can discover, protect, and test all your API's with contextual API security, enabling organizations to minimize risk and maximize the value API's bring to their customers.Phantom Threats: The Ghosts Haunting Your API SecurityToday's episode is titled Phantom Threats: The Ghosts Haunting Your API Security, with Adam Arellano. API security threats often go unnoticed, hiding like ghosts in your infrastructure. Bots, sophisticated fraud attempts, account takeovers and attackers disguising themselves within legit traffic… these all pose risk to your organization, and can bypass traditional security measures, wreaking havoc without detection – until it's too late. Adam is a tech advisor, Global CISO at Traceable, and will guide listeners through the world of phantom threats haunting API security.What are "phantom threats" in the context of API security, and how do they go undetected?Can you explain how advanced botnets and fraud attempts exploit APIs while blending into legitimate traffic?Do you have a real-world example of a phantom threat that caused significant damage to an organization?What makes detecting these phantom threats so challenging, and why do traditional security measures often fail?What are the best strategies or technologies organizations can adopt to detect and eliminate these hidden threats before they cause harm?SponsorsTraceableLinkshttps://www.traceable.ai/https://www.linkedin.com/in/adamrossarellano/Support this podcast at — https://redcircle.com/code-story/donationsAdvertising Inquiries: https://redcircle.com/brandsPrivacy & Opt-Out: https://redcircle.com/privacy

The buck stops here—or does it? How much should former US President, Harry S Truman's famous slogan apply to the role of CISO? In this episode of Brass Tacks - Talking Cybersecurity, host Joe Robertson is joined by Raffaele Maresca, Global CISO at AkzoNobel, for an illuminating discussion of the evolving role of the CISO. Rather than pinning ultimate responsibility for all cyber risk on the CISO, Raffaele argues that once risks have been identified, quantified, and a plan of action agreed for their reduction, it should then be up to asset owners to ensure adherence to the agreed plan. He then shares approaches that have proved effective in managing the expectations of non-technical board members who often have a more binary, "is my business at risk or not?", attitude to cybersecurity. Whatever your role in today's digital world, don't miss this broad and fascinating discussion." Learn more: https://www.fortinet.com/blog/ciso-collective/distributing-ownership-of-an-organization-cybersecurity-risks More about Fortinet: https://ftnt.net/60595CcyH Read our blog: https://ftnt.net/60505Ccyj Follow us on LinkedIn: https://ftnt.net/60515Ccyd

Everyone, from top leadership to the frontline, has a role in safeguarding against cyber threats. In this episode, Peter Naumovski, the Global CISO and VP of IT Risk Management at AbbVie, and  Teresa Tonthat, Vice President and Associate Chief Information Officer at Texas Children's Hospital, emphasize the critical role of maintaining good cyber hygiene. Peter explains how simple measures like enabling multi-factor authentication, effective vulnerability management, and promptly addressing identified risks can prevent many potential breaches. Teresa discusses the persistent cyber threats targeting the healthcare industry and shares insights into Texas Children's robust risk evaluation process and their inspiring mission to expand healthcare access. Throughout this eye-opening conversation, both guests highlight the necessity of cultivating a proactive security culture.  Stay tuned for a deep dive into the strategies and mindsets that keep these leaders ahead in cybersecurity! Note: What is discussed by Peter Naumovski are his personal views and not the views of AbbVie.  Resources:  Connect and follow Teresa Tonthat on LinkedIn. Learn more about Texas Children's Hospital on their LinkedIn and website. Connect and follow Peter Naumovski on LinkedIn. Learn more about AbbVie on their LinkedIn and website. Explore insights, emerging threats, and their potential impact in Deloitte's Annual CyberThreat Trends Report Here. 

In today's fast-paced business world, resilience is key to thriving, not just surviving. Mel Reyes, a former Global CISO and CIO turned executive coach, shares his unique 5V Framework to help leaders build resilient teams. This framework emphasises mastering Views (skills and experience), defining Values, embracing Vulnerability, finding one's Voice, and creating a strong Vision. Through these five elements, leaders can foster resilience within themselves and their teams, ensuring long-term success in any environment. Join now to learn more. [00:37] - About Mel Reyes Mel is an Executive Coach, a Recovering Global CISO, and a CIO. He is an expert in the subject of resilience. --- Support this podcast: https://podcasters.spotify.com/pod/show/tbcy/support

Patch Tuesday rundown. Microsoft integrates post-quantum cryptography (PQC) algorithms into its SymCrypt cryptographic library.The FTC finalizes rules to combat fake reviews and testimonials. A payment card thief pleads guilty. On our latest CertByte segment, N2K's Chris Hare and George Monsalvatge share questions and study tips from the Microsoft Azure Fundamentals (AZ-900) Practice Test.  Hard Drive Heaven: How Iconic Music Sessions Are Disappearing.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CertByte Segment Welcome to CertByte! On this bi-weekly segment hosted by Chris Hare, a content developer and project management specialist at N2K. In each segment, Chris is joined by an N2K Content Developer to help illustrate the learning. This week, Chris is joined by resident Microsoft SME George Monsalvatge to break down a question from N2K's Microsoft Azure Fundamentals (AZ-900) Practice Test. Have a question that you'd like to see covered? Email us at certbyte@n2k.com. If you're studying for a certification exam, check out N2K's full exam prep library of certification practice tests, practice labs, and training courses by visiting our website at n2k.com/certify. Reference: What is public cloud? (RedHat) Please note: The questions and answers provided here, and on our site, are not actual current or prior questions and answers from these certification publishers or providers. Remembering 9/11 In today's episode, we pause to honor and remember the lives lost on September 11, 2001. We pay tribute to the courageous first responders, the resilient survivors, and the families whose lives were forever altered by that tragic day. Amidst the profound loss, the spirit of unity and compassion shone brightly, reminding us of our shared humanity. Additionally, you can check out our special segment featuring personal remembrances from N2K CyberWire's very own Rick Howard, who was in the Pentagon on that fateful day. His reflections provide a heartfelt perspective on the events and are well worth your time. Tune in to hear his poignant insights. Special Edition Podcast In today's special edition of Solution Spotlight, we welcome Mary Haigh, Global CISO of BAE Systems, as she sits down with N2K's Simone Petrella. Together, they discuss moving beyond the technical aspects of cybersecurity to build and lead a high-performing security team. Selected Reading Microsoft Fixes Four Actively Exploited Zero-Days (Infosecurity Magazine) Adobe releases september 2024 patches for flaws in multiple products, including critical (Beyond Machines) Chrome 128 Update Resolves High-Severity Vulnerabilities (SecurityWeek) ICS Patch Tuesday: Advisories Published by Siemens, Schneider, ABB, CISA (SecurityWeek) Ivanti fixes maximum severity RCE bug in Endpoint Management software (Bleeping Computer) Microsoft Adds Support for Post-Quantum Algorithms in SymCrypt Library (SecurityWeek) Federal Trade Commission Announces Final Rule Banning Fake Reviews and Testimonials (Federal Trade Commission) Hacker pleads guilty after arriving on plane from Ukraine with a laptop crammed full of stolen credit card details (Bitdefender) Inside Iron Mountain: It's Time to Talk About Hard Drives (Mixonline) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach top security leaders. Explore our network sponsorship opportunities and build your brand where industry leaders get their daily news. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

On this Solution Spotlight, guest Dr. Mary Haigh, Global CISO of BAE Systems, speaks with N2K President Simone Petrella about moving beyond the technical to build a cybersecurity team. Learn more about your ad choices. Visit megaphone.fm/adchoices

Cadet Blizzard is part of Russia's elite GRU Unit. Apache releases a security update for its open-source ERP system. SonicWall has issued an urgent advisory for a critical vulnerability. Researchers uncover a novel technique exploiting Linux's Pluggable Authentication Modules. Google's kCTF team has discloses a critical security vulnerability affecting the Linux kernel's netfilter component. Predator spyware has resurfaced.  US health care firm Confidant Health exposes 5.3 terabytes of sensitive health information. Dealing with the National Public Data breach. On our Solution Spotlight: Mary Haigh, Global CISO of BAE Systems, speaks with N2K's Simone Petrella about moving beyond the technical to build an effective cybersecurity team. An AI music streaming scheme strikes a sour note.  Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest On our Solution Spotlight segment, Mary Haigh, Global CISO of BAE Systems, speaks with N2K President Simone Petrella about moving beyond the technical to build a cybersecurity team. Selected Reading Russia's Most Notorious Special Forces Unit Now Has Its Own Cyber Warfare Team (WIRED) Apache Makes Another Attempt at Patching Exploited RCE in OFBiz (SecurityWeek) SonicWall Access Control Vulnerability Exploited in the Wild (GB Hackers) Linux Pluggable Authentication Modules Abused to Create Backdoors (Cyber Security News) PoC Exploit Released for Linux Kernel Vulnerability that Allows Root Access (Cyber Security News) Predator spyware resurfaces with signs of activity, Recorded Future says (CyberScoop) Therapy Sessions Exposed by Mental Health Care Firm's Unsecured Database (WIRED) Frustration Trying to Opt-Out After the National Public Data Breach (Security Boulevard) Musician charged with $10M streaming royalties fraud using AI and bots (Bleeping Computer) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show.  Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Steve Satterwhite On Cyber is a Cybercrime Magazine Podcast series brought to you by Entelligence. In this episode, Steve Satterwhite, founder and CEO at Entelligence, joins host Heather Engel to discuss marketing and sales tactics that vendors should avoid, as highlighted by Adam Keown, Global CISO at Eastman. An industry leader in delivering affordable, high value professional services to security-conscious enterprise and government organizations worldwide, Entelligence addresses the cyber skills gap by working as a seamless extension of each customer's organization, providing a set of customized services that include security readiness assessments, quick-start solution deployments, and longer-term resident expert engagements. Learn more about our sponsor at https://entelligence.com

Adam Keown is Global CISO at Eastman, a Fortune 500 company based in Kingsport, Tennessee. In this episode, he joins host Steve Morgan to discuss some of the largest recent cyberattacks and data breaches. This episode is brought to you by our partner, Evolution Equity Partners, an international venture capital investor partnering with exceptional entrepreneurs to develop market leading cybersecurity and enterprise software companies. To learn more, visit: https://evolutionequity.com/

Today Nicole Eagan, Chief Strategy and AI Officer and Michael Beck, Global CISO of Darktrace AI Research centre share experience, predictions and guidance on the future of AI and Cybersecurity.Topics Include:A brief history of DarktraceApplying AI to the challenge of cyber securityChanges and evolution of cyber security threatsWhat are the key security challenges business are facing?Generative AI provided a seismic shift with threat actorsBest practices for managing and scaling security teamsGuidance for leaders for baking AI into workflowsResponsible AI best practices for building trustTrends of Generative AI on the security landscapeLeveraging Generative AI to transform the customer experiencePredictions for emerging technology trends over the next 10 yearsRecommendations and parting wisdom for security and AIKeeping a workforce trained and relevant for technology trendsInterview wrap upParticipants:Nicole Eagan – Chief Strategy Officer and AI Officer, DarktraceMichael Beck – Global CISO, DarktracePhil Le-Brun – Director, Enterprise Strategy, Amazon Web Services

Where in the world are Adam and Cristian? In this episode, they're coming to you live from São Paulo, Brazil, where they sat down with a special guest: Fernando Madureira. Fernando is the Global CISO of Cosan, a Brazilian conglomerate of several businesses spanning energy, transportation and logistics, and other sectors that operates around the world. Given Cosan's size and the nature of its business, Fernando has a broad range of threats at top of mind. Operational technology (OT) security is a key concern because adversaries seek access to OT devices and traffic, and it requires a different mindset and technology than a modern IT environment. Social engineering is another, as adversaries attempt to disguise themselves as employees to manipulate customers and partners. Tune in to hear a conversation that explores OT security, modern phishing scams and how the Global CISO of a major company is taking steps to protect it.

A special report from Moody's Investor Service features the results of a 2023 90-question survey of more than 1,700 respondents that gauges cybersecurity practices among global debt issuers. In this episode, Adam Keown, Global CISO at Eastman, joins host Steve Morgan to discuss cyber teams, recruiting and retaining skilled individuals, and more. CISO Q&A is a Cybercrime Magazine podcast series brought to you by Black Kite, the industry's most accurate, timely, comprehensive, and operational cyber risk intelligence. Learn more about our sponsor at https://blackkite.com.

Reimagining Cyber is 100 episodes old! The podcast began in December 2020 as a bi-weekly dive into cybersecurity and cyber resiliency. It is now a weekly affair and has become a regular feature in the Apple Podcast Technology charts. It is also one of the most respected shows in the cybersecurity genre. Hosts Rob Aragao and Stan Wisseman alternate between head-to-head discussions on the latest cyber topics of the day and guest interviews.  This week's guest is Mark Fernandes,  Global CISO at CAE. Mark heads a team focused on cyber resilience, particularly in the critical sectors like aviation, defense and security. CAE is a prominent force in the defense and government, but it's also equally recognized in their commercial pilot training programs. With over 28 years of experience in cybersecurity, Mark has extensive knowledge in governance, analytics, intelligence, and advanced threat defense.Follow or subscribe to the show on your preferred podcast platform.Share the show with others in the cybersecurity world.Get in touch via reimaginingcyber@gmail.com

A special report from Moody's Investor Service features the results of a 2023 90-question survey of more than 1,700 respondents that gauges cybersecurity practices among global debt issuers. In this episode, Adam Keown, Global CISO at Eastman, joins host Steve Morgan to discuss vulnerability disclosure programs. CISO Q&A is a Cybercrime Magazine podcast series brought to you by Black Kite, the industry's most accurate, timely, comprehensive, and operational cyber risk intelligence. Learn more about our sponsor at https://blackkite.com.

James Beeson, an advisor, board member, investor, and former Global CISO for The Cigna Group and GE Capital, joins the show to share his deep experience and insights on communicating cyber risk, collaborating with CIOs, and establishing oneself as a trusted professional. Learn why keeping the difference between what you say and what you do to a minimum is critical to integrity and effectiveness.

In this episode of Reimagining Cyber Rob and Stan look at the staggering costs and ongoing epidemic of data breaches and ransomware attacks. Did you know that the average cost of a mega breach involving 50 to 60 million records is a jaw-dropping $332 million? Ransomware, though less expensive, still costs businesses an average of $4.5 million per attack. It's clear that organizations must be better prepared to face these threats.To shed light on effective strategies and insights Rob and Stan are joined by Shamoun Siddiqui, VP and Global CISO of the Upbound Group. He helps answer the burning question: Can businesses ever be truly breach-proof, even with unlimited funds? Shamoun emphasizes that while complete security is unattainable, companies can operate with risk management strategies, acknowledging limitations in funding, talent, and technology.Shamoun shares real-world examples of vulnerabilities exploited during modernization efforts and stresses the importance of maintaining robust cybersecurity programs. He offers invaluable advice on building business justifications for cybersecurity investments, communicating effectively with boards of directors, and focusing on core security controls like multi-factor authentication and privileged access management.He also delves into the critical role of external relationships with law enforcement and forensic companies during a breach, and how these interactions can impact the outcome. Shamoun highlights the importance of having a pre-established plan, managing internal and external communications, and the necessity of resilience and recovery strategies.Follow or subscribe to the show on your preferred podcast platform.Share the show with others in the cybersecurity world.Get in touch via reimaginingcyber@gmail.com

Although mergers and acquisitions (M&As) are strategic moves that can propel companies toward greater market share, enhanced capabilities, and increased innovation, one critical aspect often overlooked is cybersecurity. Ensuring robust cybersecurity during the M&A process is paramount, as it safeguards the integrity of both companies involved, protects sensitive data, and mitigates potential risks that could derail the transaction or devalue the acquisition. In this podcast episode, Greg Crowley, Chief Information Security Officer at eSentire, discusses the role of cybersecurity in M&As with Ron Park, Operating Partner & Technology Advisor to PE firms, and Dwayne Smith, SVP, Security and Global CISO of PrismHR. Together, Ron, Dwayne, and Greg discuss the importance of incorporating cybersecurity considerations in the due diligence process, the practical aspects of evaluating a company's security posture, managing risks, and ensuring a smooth post-acquisition integration. Key discussion points include: The various stakeholders involved in M&A processes (e.g., buyers, sellers, and third-party consultants) and key areas to focus on during tech and product diligence, including cybersecurity, organizational structure, and technology processes. The importance of having a standardized playbook for M&A processes and the challenges of dealing with disparate cybersecurity practices across merged entities. The critical need for effective communication with non-technical stakeholders. -- Have a question for us? Reach out: hello@esentire.com --- About Cyber Talks From ransomware attacks to supply chain compromises, eSentire's Cyber Talks podcast will delve into the world of the latest cyber threats that are impacting businesses globally. Join our team of security experts as we speak with C-level executives and security practitioners about the cyber risks affecting their business and how they're addressing these challenges. About eSentire eSentire, Inc., the Authority in Managed Detection and Response (MDR), protects the critical data and applications of 2000+ organizations in 80+ countries, across 35 industries from known and unknown cyber threats by providing Exposure Management, Managed Detection and Response and Incident Response services designed to build an organization's cyber resilience & prevent business disruption. Founded in 2001, eSentire protects the world's most targeted organizations with 65% of its global base recognized as critical infrastructure, vital to economic health and stability. By combining open XDR platform technology, 24/7 threat hunting, and proven security operations leadership, eSentire's award-winning MDR services and team of experts help organizations anticipate, withstand and recover from cyberattacks. For more information, visit ⁠⁠⁠⁠⁠⁠⁠www.esentire.com⁠⁠⁠⁠⁠⁠⁠ and follow ⁠⁠⁠⁠⁠⁠⁠@eSentire⁠⁠⁠⁠⁠⁠⁠.

A special report from Moody's Investor Service features the results of a 2023 90-question survey of more than 1,700 respondents that gauges cybersecurity practices among global debt issuers. In this episode, Adam Keown, Global CISO at Eastman, joins host Steve Morgan to discuss assessing cyber risk in terms of financial impact, and why doing so can help promote conversations with the board and other stakeholders. CISO Q&A is a Cybercrime Magazine podcast series brought to you by Black Kite, the industry's most accurate, timely, comprehensive, and operational cyber risk intelligence. Learn more about our sponsor at https://blackkite.com.

A special report from Moody's Investor Service features the results of a 2023 90-question survey of more than 1,700 respondents that gauges cybersecurity practices among global debt issuers. In this episode, Adam Keown, Global CISO at Eastman, joins host Steve Morgan to discuss whether vendors should require cyber insurance. CISO Q&A is a Cybercrime Magazine podcast series brought to you by Black Kite, the industry's most accurate, timely, comprehensive, and operational cyber risk intelligence. Learn more about our sponsor at https://blackkite.com.

In this episode of The New CISO, host Steve is joined again by guest Ash Hunt, Global CISO at Apex Group Ltd.Today, Ash shares how he transitioned from his career as a jazz musician into the vastly different world of cyber security. He also reveals his tips as a leader and a decision-maker. Listen to the episode to learn more about Ash's unique professional journey, how security leaders inhibit their candidate search, and the secrets behind an empowered staff.Listen to Steve and Ash discuss the power of delegation and how to determine the best time to find a new role:Ash's Return (1:39)Ash returns to the podcast to share how he achieved his cyber security start. Initially touring as a jazz musician in London, Ash acknowledges how his past has helped him with his current career.Fresh Challenges (10:13)Ash explains when to seek new challenges to avoid professional stagnation. He believes that when a company gets more out of him than he is out of that company, it is time to move on. This mentality has helped him decide when to leave an opportunity for a fresh one.Being Creative (17:21)Steve and Ash discuss the impact that they can have on others early in their careers. Ash tries to expose his interns to the industry as much as possible because there are so many exciting things to do in tech.He believes leaders should be more creative when judging and developing talent. For Ash, creative compromise, persuasion, stakeholder management, and communication are skills that he considers when evaluating potential candidates. Ownership and Delegation (22:01)While discussing the importance of enabling your staff, Ash asserts what makes an effective leader. Allowing your team to own their work and delegating tasks creates an empowered and productive company culture. Evaluating Loss (26:37)Steve presses Ash on how he handles approaching inefficiencies at work, such as issues with AI, to the executive team. Ash's answer is to follow the money and expose what people think is true, but it turns out to be the opposite.Loss is rarely tracked, but pinpointing those causes can benefit your organization.The Cost of a Breach (33:19)Staying on the topic of loss, Steve and Ash reflect on the vast cost of a data breach and inefficient client management. Although Ash acknowledges that technology will be able to solve these issues over time, there is no harm in prioritizing clear data reports now.New CISO (38:01)To Ash, being a new CISO means converging cyber with technology. Ultimately, it is about working smarter, not harder, as a team.Links:Linkedin

www.CPOPLAYBOOK.comEpisode TranscriptAboutThe podcast underscores the crucial role of Chief Information Security Officers (CISOs) in protecting organizations from cyber threats. Gary Hayslip, a seasoned CISO, emphasizes the evolving nature of the role from technical to strategic leadership. He highlights the importance of integrating CISOs into the executive team and discusses the ethical concerns surrounding their reporting structure.*Gary HaysllipGary Hayslip is an experienced Global CISO with repeated success delivering innovative security programs to safeguard enterprises at every touchpoint. An insightful thought leader with proven business acumen and commitment to organizational mission, values, and goals. Hayslip brings this wealth of information technology, security leadership, and risk management experience to his role as the CISO, for SoftBank Investment Advisers & SoftBank Group International. Hayslip's previous executive roles include multiple CISO, CIO, Deputy Director of IT, and Chief Privacy Officer roles for the U.S. Navy (Active Duty), the U.S. Navy (Federal Government employee), the City of San Diego California, and Webroot Software.Hayslip is a proven cybersecurity professional; he has established a reputation as a highly-skilled communicator, author, and keynote speaker. Hayslip co-authored the CISO Desk Reference Guide: A Practical Guide for CISOs – Volumes 1 & 2, The Executive Primer: An Executives Guide to Security Programs, and Developing your Cybersecurity Career Path. He also recently published The Essential Guide to Cybersecurity for SMBs. Hayslip serves as a director on several boards and is also a technology advisor for several others.*All media inquiries: media@cpoplaybook.com

A special report from Moody's Investor Service features the results of a 2023 90-question survey of more than 1,700 respondents that gauges cybersecurity practices among global debt issuers. In this episode, Adam Keown, Global CISO at Eastman, joins host Steve Morgan to discuss risk when it comes to vendors, including how new vendors compare to existing vendors. CISO Q&A is a Cybercrime Magazine podcast series brought to you by Black Kite, the industry's most accurate, timely, comprehensive, and operational cyber risk intelligence. Learn more about our sponsor at https://blackkite.com.

Guest: Nitin Raina, Global CISO, Thoughtworks [@thoughtworks]On LinkedIn | https://www.linkedin.com/in/nnraina/____________________________Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinView This Show's Sponsors___________________________Episode NotesIn this episode of the Redefining Cybersecurity Podcast, host Sean Martin connects with Nitin Raina, the global Chief Information Security Officer (CISO) for ThoughtWorks. The discussion centers around Nitin's innovative approaches to transforming and elevating cybersecurity, drawing from his rich experience and strategic mindset. Nitin shares his journey in cybersecurity, emphasizing the evolution of the security program under his leadership. He discusses the significance of adapting a business-centric approach to cybersecurity, breaking away from conventional, technology-focused strategies. This includes the development and successful implementation of a business security maturity model designed to align with the organization's diverse, global operations.A notable aspect of Nitin's strategy is the emphasis on leadership activation and the importance of governance in driving cybersecurity initiatives. By fostering a culture of security ownership across all levels of leadership and the broader organization, Nitin underscores the transformational shift in how cybersecurity is perceived and managed within ThoughtWorks. He highlights the collaborative efforts with different departments, such as IT operations and legal compliance, to ensure a cohesive approach to protecting the organization's 'crown jewels.' Through anecdotes and examples, Nitin illustrates the impact of these strategies on enhancing security awareness, decision-making, and operational effectiveness across the company.The conversation also touches on the technical side, discussing the role of developers within the cybersecurity landscape and the utilization of contemporary technologies and frameworks to bolster the security posture. The episode concludes with insights into the future of cybersecurity, advocating for a more integrated and business-aligned approach. Nitin's reflections on the journey and achievements of his company's cybersecurity initiatives provide valuable lessons for organizations aiming to redefine their security strategies in a rapidly evolving digital world.Key Questions AddressedHow did Nitin Raina's leadership and strategies transform the cybersecurity posture at his company?What role does leadership activation play in redefining cybersecurity across an organization?How can cybersecurity be aligned with business strategies to foster growth and innovation?___________________________Watch this and other videos on ITSPmagazine's YouTube ChannelRedefining CyberSecurity Podcast with Sean Martin, CISSP playlist:

Adam Keown is the Global CISO at Eastman. In this episode, he joins host Steve Morgan to discuss marketing and sales tactics vendors should avoid, including cold phone calls, emails, and LinkedIn messages, as well as more effective ways to reach and engage companies. • For more on cybersecurity, visit us at https://cybersecurityventures.com

In this episode of The New CISO, Steve is joined by guest Ash Hunt, Global CISO at Apex Group Ltd.Today, Steve and Ash dive into the action of M&A (mergers and acquisitions) and how to conduct it well. As a CISO at one of the world's largest administrators, Ash shares his valuable insight on loss, risk, and revenue generation in a constantly changing IT environment. Tune in to learn more about what causes loss during a merger, why decision management and risk management are one and the same, and the cultural changes in the security industry. Listen to Steve and Ash discuss how to quantify loss and what jaywalking and cyber security have in common.Meet Ash (1:34)Ash shares that he is proud to work for a fast-moving organization that has expanded worldwide. This growth has led to an exciting time from a technology and cybersecurity perspective.Successful M&A (5:16)Steve presses Ash on how to conduct M&A successfully. What hurts a business during an acquisition is when there are breaks in infrastructure that get overlooked.Luckily for Ash, he has a strong team that prioritizes infrastructure integration to avoid loss and increase revenue.Things in Common (12:25)Ash reveals what jaywalking and risk have in common. For example, everyone in London jaywalks, but like in cyber security, there is a degree of risk. Risk Management (15:10)According to Ash, risk management is decision management. Decision science is a critical part of Ash's approach to security.Psychological barriers in the workplace halt optimal investment decisions that can generate revenue.Adding Value (25:36)Ash acknowledges that his most significant contribution toward his company is successfully integrating their infrastructure into one operating platform. He knows it will rationalize his tool stacks and clean up his budget, amongst other benefits.He has seen other companies experience operation inefficiency, access control failure, and inadvertent data disclosure, which he actively prevents.Changing the Operation Process (30:48)Steve and Ash marvel at the operational changes that need to be done in security. For example, many people still default to email versus a more secure portal for data exchange.In order to mitigate risk, cultural changes need to be made to operational processes. Links:LinkedIn

A special report from Moody's Investor Service features the results of a 2023 90-question survey of more than 1,700 respondents that gauges cybersecurity practices among global debt issuers. In this episode, Adam Keown, Global CISO at Eastman, joins host Steve Morgan to discuss the widespread adoption of cybersecurity practices across businesses. CISO Q&A is a Cybercrime Magazine podcast series brought to you by Black Kite, the industry's most accurate, timely, comprehensive, and operational cyber risk intelligence. Learn more about our sponsor at https://blackkite.com.

A special report from Moody's Investor Service features the results of a 2023 90-question survey of more than 1,700 respondents that gauges cybersecurity practices among global debt issuers. In this episode, Adam Keown, Global CISO at Eastman, joins host Steve Morgan to discuss changes in the cybersecurity reporting structure, why they're important, and more. CISO Q&A is a Cybercrime Magazine podcast series brought to you by Black Kite, the industry's most accurate, timely, comprehensive, and operational cyber risk intelligence. Learn more about our sponsor at https://blackkite.com.

A special report from Moody's Investor Service features the results of a 2023 90-question survey of more than 1,700 respondents that gauges cybersecurity practices among global debt issuers. In this episode, Adam Keown, Global CISO at Eastman, joins host Steve Morgan to discuss the increase in executive oversight. CISO Q&A is a Cybercrime Magazine podcast series brought to you by Black Kite, the industry's most accurate, timely, comprehensive, and operational cyber risk intelligence. Learn more about our sponsor at https://blackkite.com.

A special report from Moody's Investor Service features the results of a 2023 90-question survey of more than 1,700 respondents that gauges cybersecurity practices among global debt issuers. A new podcast on Cybercrime Radio, "CISO Q&A," highlights this survey with commentary from Adam Keown, Global CISO at Eastman. In this episode, host Paul John Spaulding is joined by Steve Morgan, Founder of Cybersecurity Ventures and Editor-in-Chief at Cybercrime Magazine, to discuss. The Cybercrime Magazine Update airs weekly and covers the latest news, interviews, podcasts, reports, videos, and special productions from Cybercrime Magazine, published by Cybersecurity Ventures. For more on cybersecurity, visit us at https://cybersecurityventures.com

Howdy, y'all, and welcome to The Cyber Ranch Podcast!  Our guest is Andrew Wilder, Retained CISO at Community Veterinary Partners, Member of the Board of Directors at Washington University in St. Louis, Advisory Board Member, former Global CISO, former Regional CISO... He's got a real history in this game.  What we're talking about today is retained, fractional, virtual, and part-time CISOing...   Topics addressed:   Challenge of vCISO - do i have a job 6 months from now? Marketing and sales - building pipeline OR work for someone else - they get a big cut? Life insurance in the US is normally employment-based, and paid time off is a thing.  Allan's cancer scare brought all of those risks to light. Tax benefits to 1099 Work/Life balance - or should that be life/work balance? Two fulltime vCISO roles at the same time?  Possible... Fractional, one-offs, consultations SEC and SolarWinds - a vCISO is not an officer of the company Andrew calls himself 'retained CISO' - he got that term from our friend Steve Zelewski Fractional vs. virtual vs. retainers - everyone says retainer is the path to victory, but how does that really work?