Podcasts about ibm security

Organizations need to understand what AI can do and can't do. Start creating the best use cases within their organizations and also train people on how to use them responsibly." - Diana Kelley In this episode, host Ana Melikian delves into the pivotal role of Artificial Intelligence (AI) in today's world, particularly in the business world. Joined by guest Diana Kelley, a seasoned Chief Information Security Officer at ProtectAI, they explore the integration of AI into our daily lives and the business sphere. Ana and Diana discuss the importance of understanding AI's capabilities and limitations, likening it to a hundred-foot wave that businesses need to learn to surf rather than be overwhelmed by. They emphasize the necessity of increasing AI literacy to make informed decisions and identify the best use cases within organizations. Diana sheds light on the potential risks and vulnerabilities of AI, including data privacy concerns and the need for responsible adoption. Organizations are encouraged to enhance their security measures and train employees to use AI effectively and safely. As Ana and Diana examine AI's rapid advancement, they highlight the critical balance between embracing innovation and maintaining security. The conversation is filled with insightful analogies and expert advice, making it a must-listen for anyone interested in navigating the complexities of AI in business and security. Let's dive in! This week on the MINDSET ZONE: 00:00 Introduction to AI in Everyday Tools 01:02 Meet Diana Kelly: Cybersecurity Powerhouse 01:49 The AI 100-foot Wave 03:42 Understanding AI Risks and Vulnerabilities 11:43 AI Literacy: A Necessity for All 18:02 Data Privacy and Security Concerns 26:00 Resources for AI Literacy and Security 29:25 Conclusion and Final Thoughts About The Guest Diana Kelley is the Chief Information Security Officer (CISO) for Protect AI. She also serves on the boards of WiCyS, The Executive Women's Forum (EWF), InfoSec World, CyberFuture Foundation, TechTarget Security Editorial, and DevNet AI/ML. Diana was Cybersecurity Field CTO for Microsoft, Global Executive Security Advisor at IBM Security, GM at Symantec, VP at Burton Group (now Gartner), a Manager at KPMG, CTO and co-founder of SecurityCurve, and Chief vCISO at SaltCybersecurity. Her extensive volunteer work has included serving on the ACM Ethics & Plagiarism Committee, Cybersecurity Committee Advisor at CompTIA, CTO and Board Member at Sightline Security, Advisory Board Chair at WOPLLI Technologies, Advisory Council member Bartlett College of Science and Mathematics, Bridgewater State University, and RSAC US Program Committee. She is a sought-after keynote speaker, the host of BrightTALK's The (Security) Balancing Act, co-author of the books Practical Cybersecurity Architecture and Cryptographic Libraries for Developers, instructor for the LinkedIn Learning classes Security in AI and ML and Introduction to MLSecOps, has been a lecturer at Boston College's Masters program in cybersecurity, one of AuditBoard's Top 25 Resilient CISOs in 2024, a 2023 Global Cyber Security Hall of Fame Inductee, the EWF 2020 Executive of the Year and EWF Conference Chair 2021-Present, an SCMedia Power Player, and one of Cybersecurity Ventures 100 Fascinating Females Fighting Cybercrime. Connect with: Linkedin.com/in/dianakelleysecuritycurve ProtectAI.com Resources: NIST AI RMF: https://www.nist.gov/itl/ai-risk-management-framework OWASP AI Sec: https://genai.owasp.org/ OWASP AI Security and Privacy Guide: https://owasp.org/www-project-ai-security-and-privacy-guide/ MITRE ATLAS: https://atlas.mitre.org/ MLSecOps Community: https://mlsecops.com/ LinkedIn Learning: Introduction to MLSecOps Security Risks in AI and Machine Learning: Categorizing Attacks and Failure Modes Related Content: Expand What's Possible

Les attaques contre les API, ces interfaces qui facilitent l'interaction entre différents logiciels, dans l'industrie automobile ont connu une explosion de 380 % selon le dernier rapport Global Automotive Cyber Security. Cette hausse alarmante touche particulièrement les systèmes de recharge des véhicules électriques, devenus une cible privilégiée des cybercriminels. Ces derniers exploitent les failles pour voler des données sensibles ou perturber les services, et le rapport 2024 de Check Point souligne une augmentation de 90 % des attaques par ransomware sur les bornes de recharge au cours de l'année écoulée.Les bornes de recharge rapide, souvent installées dans des lieux très fréquentés, sont particulièrement vulnérables aux attaques de type "Man-in-the-Middle", qui permettent aux pirates de s'interposer entre le véhicule et la borne pour dérober des informations bancaires ou interrompre les sessions de recharge. En 2022, plusieurs réseaux de bornes ont été paralysés par des ransomwares sophistiqués, forçant les opérateurs à payer des rançons pour restaurer leurs systèmes. La technologie Vehicle-to-Grid (V2G), qui permet aux véhicules de renvoyer de l'électricité au réseau, amplifie le risque. Les experts avertissent qu'une cyberattaque réussie pourrait non seulement affecter les véhicules, mais également déstabiliser le réseau électrique, avec des conséquences potentiellement graves, telles que des coupures d'électricité à grande échelle.Pour faire face à ces menaces croissantes, les spécialistes recommandent l'adoption d'une architecture de sécurité Zero Trust, qui impose une authentification stricte pour chaque interaction au sein du réseau. Cette approche s'accompagne d'une surveillance continue pour détecter rapidement tout comportement suspect. De plus, la mise à jour régulière des logiciels via des solutions OTA (Over-The-Air) est essentielle pour corriger rapidement les vulnérabilités. De nombreuses entreprises se tournent également vers des fournisseurs de services de sécurité gérés (MSSP) comme IBM Security et Fortinet, pour garantir une surveillance constante et une réponse rapide aux incidents, tout en respectant les normes de sécurité du secteur, telles que l'ISO 15118. Hébergé par Acast. Visitez acast.com/privacy pour plus d'informations.

The US Space Force's X-37B Orbital Test Vehicle is executing a series of novel maneuvers, called aerobraking, to change its orbit around Earth and safely dispose of its service module components. NASA's Low-Cost Optical Terminal ground station transmitted its first laser communications uplink to the TBIRD (TeraByte Infrared Delivery). ispace and the Asteroid Mining Corporation (AMC) have announced an agreement for a space robotics demonstration on a future ispace mission to the lunar surface, and more. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our weekly intelligence roundup, Signals and Space, and you'll never miss a beat. And be sure to follow T-Minus on LinkedIn and Instagram. T-Minus Guest Our guest is Moez Kamel, Threat Management Specialist at IBM Security. You can follow Moez on LinkedIn and his work at IBM's Security Intelligence blog. Selected Reading X-37B begins novel space maneuver NASA Terminal Transmits First Laser Communications Uplink to Space https://x.com/SpaceX/status/1843797123420303789 ispace and Asteroid Mining Corporation Agree to Pursue Future Mission to the Moon UAE Cabinet approves establishment of Supreme Space Council- The National International Spaceports Launch New Strategic Alliance - Via Satellite Billionaire Robinhood co-founder launches Aetherflux, a space-based solar power startup- TechCrunch ViaSat-3 F1 Begins Delivering Service for Government Customers Bridgit Mendler's space startup Northwood passes first test, connecting prototype antenna to Planet satellites What's at Stake for Space in the Presidential Election - Bloomberg Carbon Mapper Releases First Emissions Detections from the Tanager-1 Satellite  Varda Announces Participation in the Annual Meetings of the American Association of Pharmaceutical Scientists and the American Institute of Chemical Engineers ESA - Sound of Earth's magnetic flip 41 000 years ago T-Minus Crew Survey We want to hear from you! Please complete our 4 question survey. It'll help us get better and deliver you the most mission-critical space intel every day. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at space@n2k.com to request more info. Want to join us for an interview? Please send your pitch to space-editor@n2k.com and include your name, affiliation, and topic proposal. T-Minus is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Do we have your permission to share this episode of Screaming in the Cloud with you? Sonrai CTO and Co-Founder Sandy Bird is back on the show to help Corey break down the woes that come with granting permissions in the world of cloud security. As they catch up, the pair touch base on how automation can create major headaches, what goes into navigating the minefield of granting permissions, and if the future of adoption patterns is as grim as Corey predicts. Sandy also answers one of Corey's long-time questions: how do you pronounce “Sonrai?” Who knows? Maybe Corey will finally learn how to say it properly...Show Highlights:(0:00) Intro(0:30) Breaking down Sonrai's name(1:45) Sonrai sponsor read(2:25) Getting alerts vs. fixing the root of the problem(4:50) The problems with granting permissions(7:34) The dangers of automating permissions(10:10) "Where do I make this change, and how do I enforce it?" (13:46) The security concerns that come with tagging automation(16:12) Sonrai sponsor read(16:53)  Properly deploying permissions access(21:16) Woes of running reporting in the middle of the night(23:21) Are adoption patterns getting worse?(29:01) Where you can find more from Sonrai SecurityAbout Sandy BirdSandy Bird is the co-founder and CTO of Sonrai Security, helping enterprises protect their data by securing cloud identities and access. Sandy was the co-founder and CTO of Q1 Labs, which was acquired by IBM in 2011. At IBM, Sandy became the CTO for the global security business and worked closely with research, development, marketing and sales to develop new and innovative solutions to help the IBM Security business grow to ~$2B in annual revenue. He is a trusted and experienced cloud security expert., Sandy Bird is the co-founder and CTO of Sonrai Security, helping enterprises protect their data by securing cloud identities and access. Sandy was the co-founder and CTO of Q1 Labs, which was acquired by IBM in 2011. At IBM, Sandy became the CTO for the global security business and worked closely with research, development, marketing and sales to develop new and innovative solutions to help the IBM Security business grow to ~$2B in annual revenue. He is a trusted and experienced cloud security expert.LinksSonrai Security: https://sonraisecurity.com/Sonrai Security free trial: https://sonraisecurity.com/trial/Sonrai Security demos: https://sonraisecurity.com/demo/Sonrai Security learning resources: https://sonraisecurity.com/resource-library/Sonrai Security blog: https://sonraisecurity.com/blog/Sonrai Security ACCESS Virtual Summit: sonrai.co/access-on-demandSponsorSonrai Security: https://sonraisecurity.com/

Hear Peter Warren discuss insights from Prof. Leslie Wilcox, Professor at London School of Economics; Lord Francis Maude, former Minister of State for Trade and Investment; Prof Keith Martin, Director of the EPSRC Centre for Doctoral Training in Cyber Security for the Everyday; Prof. Neil Barrett, former advisor of cybercrime to then Home Labour Secretary ,Jack Straw; Martin Borrett, IBM Security's UK Technical Director; David Chavez, Cyber Insurance Product Manager and Tushar Nandwana, Risk Control Technology Segment Manager at Intact Insurance Specialty Solutions, and Dr Constance Dierickx, Founder and President of CD Consulting Group.This podcast is for informational purposes only and is not intended to replace professional legal, financial or insurance advice. We are not responsible for any losses, damages, or liabilities that may arise from the use of this podcast. The content and views expressed are those of the host and guests.

Join Peter Warren; Martin Borrett, IBM Security's UK Technical Director; Prof. Neil Barrett, former advisor of cybercrime to then Home Labour Secretary ,Jack Straw, and Prof Keith Martin, Director of the EPSRC Centre for Doctoral Training in Cyber Security for the Everyday, as they discuss how organisations can use AI to defend against the growing threat of cybercrime in an increasingly digital world. This podcast is for informational purposes only and is not intended to replace professional legal, financial or insurance advice. We are not responsible for any losses, damages, or liabilities that may arise from the use of this podcast. The content and views expressed are those of the host and guests.

On today's episode of Insights Tomorrow, Patrick LeBlanc is joined by Wangui McKelvey, who leads product marketing for Microsoft's data analytics portfolio. Wangui highlights the transformative impact of AI on marketing, especially in boosting productivity by speeding up the creative process. She reflects on major product launches she has been part of, including IBM Security, Windows 365, and Microsoft Fabric. The conversation also touches on the potential future of AI integration and overcoming customer hesitancy towards adopting AI innovations. In this episode you'll learn: How AI and data technologies are significantly improving productivity in marketing The importance of having a supportive network and mentors in career development AI tools like Microsoft's CoPilot are revolutionizing the way marketers develop presentations Some questions we ask: What are some lesser-known tools marketers should consider for their work? How can marketers stay updated with the latest tools and technologies in their field? What are some tools and software marketers use to boost productivity? Resources: View Wangui McKelvey on LinkedIn View Patrick LeBlanc on LinkedIn Discover and follow other Microsoft podcasts at microsoft.com/podcasts Hosted on Acast. See acast.com/privacy for more information.

Send us a Text Message.Episode SummaryOn this episode, Sandy Bird, CTO and Co-Founder of Sonrai Security, joins the show to discuss identity security in the Cloud. Prior to Sonrai Security, Sandy co-founded Q1 Labs, which was acquired by IBM. He then became the CTO and helped IBM Security grow to $2B in revenue.Today, Sandy talks about his journey in cybersecurity and how to manage and eliminate dormant identities. Why should listeners be concerned about zombie identities? Hear about the permissions attack surface and where to start implementing zero trust policies.Timestamp Segments·       [01:41] Getting into cybersecurity.·       [03:48] Key lessons from IBM.·       [08:40] Zombie identities.·       [12:53] Is it possible to manage and eliminate dormant identities?·       [16:17] Tying the process into a CI/CD pipeline.·       [21:01] The Dirty Dozen of Cloud Identity.·       [24:13] The permissions attack surface.·       [27:00] Zero Trust best practices.·       [30:08] Creating nett new machine identities.·       [33:17] Prioritizing identity misconfigurations.·       [35:15] Sandy's mentors and inspirations.·       [37:37] How does Sandy stay sharp? Sound Bites"Nothing is a straight path in starting companies in your career.""Zombie identities are identities that were part of previous projects and never get cleaned up.""Fix the low-hanging fruit first, such as getting rid of zombie identities and locking down sensitive identities." Relevant LinksWebsite:          sonraisecurity.comLinkedIn:         Sandy BirdQuantifying Cloud Access: Overprivileged Identities and Zombie Identities

On this Featured Guest episode of Screaming in the Cloud, Corey is joined by Sandy Bird, Co-Founder and CTO of Sonrai Security. The two discuss the current state of cloud permissions security, and Sandy details the company's breakthrough Cloud Permissions Firewall which promises fast and scalable cloud least privilege all with one click. Corey and Sandy also talk about bunk AWS tools in this space, the insanely high “zombie” population in the cloud, and how Sonrai works for companies of all sizes.Highlights:(00:00) Welcome to Screaming in the Cloud with Corey Quinn(00:50) Sponsored Ad(01:32) Exploring Sonrai Security's Mission and Challenges(03:38) Introducing the Cloud Permissions Firewall Concept(05:59) Comparing Cloud Providers' Permissions Models(09:49) Sponsored Ad(10:12) Addressing the Zombie Identity Problem(16:44) Scaling Solutions for Different Company Sizes(20:10) Navigating Cloud Security Challenges(23:38) Innovative Approaches to Permission Management(25:27) Optimizing Permission Requests with Statistics(27:04) Improving Cloud Security with Permissions on Demand(35:15) Concluding Thoughts and ContactAbout Sandy: Sandy Bird is the co-founder and CTO of Sonrai Security, helping enterprises protect their data by securing cloud identities and access. Sandy was the co-founder and CTO of Q1 Labs, which was acquired by IBM in 2011. At IBM, Sandy became the CTO for the global security business and worked closely with research, development, marketing and sales to develop new and innovative solutions to help the IBM Security business grow to ~$2B in annual revenue. He is a trusted and experienced cloud security expert.Links referenced: Sonrai Security Website:  https://sonrai.co/screaming-cloud Free 14-Day Trial:  https://sonrai.co/screaming-trialSandy's LinkedIn: https://www.linkedin.com/in/sandy-bird-835b5576/* Sponsor Sonrai Security: https://sonrai.co/screaming-cloud 

Diana Kelley is the Chief Information Security Officer (CISO) for ProtectAI. She also serves on the boards of Women in Cybersecurity, The Executive Women's Forum, InfoSec World, CyberFuture Foundation, TechTarget Security Editorial, and DevNet AI/ML. Diana was Cybersecurity Field CTO for Microsoft, Global Executive Security Advisor at IBM Security, GM at Symantec, VP at Burton Group (now Gartner), a Manager at KPMG, CTO and co-founder of SecurityCurve, and Chief vCISO at SaltCybersecurity.In the episode, we talk about her involvement with all of these different groups and how that has changed over time, plus how and why she arrived at ProtectAI. She also talks about the ProtectAI product strategy and how their different products play into their broader vision for AI security. Website: protect.ai Sponsor: VulnCheck - vulncheck.com

On this episode of Embracing Erosion, Devon chats with Michael Applebaum, the Vice President of Product Marketing at Indigo Ag and formerly of Tenable, Nexthink, IBM Security, and Opower. They discuss climate and agriculture technology trends and how to get into mission-driven companies, how the product marketing discipline has evolved over two decades, how pre-sales and sales ops can teach you to be a better product marketer, tips on how to become a better more effective leader, and much more. Enjoy! --- Support this podcast: https://podcasters.spotify.com/pod/show/devon-orourke/support

Your content has the power to reposition your brand's place in the industry. It's time for you to take the lead. So we're sharing a story with you about a campaign that did just that. IBM's Outthink campaign declared the beginning of the cognitive era; an era in which they were no longer a company that just sells technology. The campaign repositioned them as a thought leader in this new era.And in this episode, we're analyzing IBM's Outthink campaign with the help of our special guest, Founder & CEO of Omnia Strategy Group, Jessica Marie. Together, we talk about capitalizing on the moment, venturing outside your branding, and taking high quality photos and videos. So put your thinking caps on for this episode of Remarkable.About our guest, Jessica MarieJessica is an accomplished visionary strategist and catalyst in the tech industry, renowned for her achievements within the B2B cybersecurity space. She's helped leading organizations in Silicon Valley, and played a pivotal role, from guiding companies through multiple funding rounds, to achieving notable successes and lucrative exits.Her expertise in discovery, positioning, product marketing and thought leadership has driven multi-million dollar product launches, media campaigns, and helped transform organizational dynamics during times of uncertainty.Recognized for her ability to think beyond conventional methods and bring a deeper perspective to any situation, Jessica's profound understanding of the technology industry and emerging trends has positioned her as a trusted advisor and industry influencer.Jessica's personal philosophy is rooted in her manifold interests and experiences. As a writer, artist, and futurist, she delves into the complexities of societal patterns and trends, casting a visionary eye towards the potential futures of humanity. Her diverse areas of curiosity, including technology ethics, spirituality, ancient teachings, and economics, are colored by her personal voyage through depth psychotherapy, spiritual exploration, travel, and artistic expression.As the founder of Omnia Strategy Group, she draws on both her personal and professional experience, leveraging her strategic insights to help companies and leaders create and maintain a positive impact in the world, while shaping the future of the technology landscape.About Omnia Strategy GroupOmnia Strategy Group is a visionary guide for B2B tech startups poised to become market leaders. Their mission is to identify potential, fuel growth, and drive companies out of stealth mode and into the forefront of their industries. They specialize in product marketing, thought leadership, and strategic positioning, leveraging our unique insights to catapult tech companies to success. At Omnia, we redefine the future of technology, turning possibilities into reality, and startups into industry pioneers.About IBM's Outthink CampaignIBM's “Outthink” campaign was created by ad agency Ogilvy, and launched in 2015 to promote IBM Watson, a data analytics processor. Watson uses Natural Language Processing to understand a question, analyze tons of data, and come back with an answer based on the data. In other words, you ask Watson a question, and it returns momentarily with an answer based on data across the internet that it has analyzed. It's named after former IBM CEO Thomas J. Watson, and became world famous after beating human contestants in Jeopardy in 2011. IBM CEO Ginni Rometty says the goal was to “redefine the relationship between man and machine.” It's been used in healthcare, finance, retail, and more. So the “Outthink” campaign promoted this idea of cognitive business through the use of Watson. In that by using Watson, you're leveraging a tool that will enable employees to work faster and smarter. And give you a leg up on your competitors. It was considered an integrated media campaign, and consisted of a series of print, digital and video ads, the print versions which featured in the New York Times and The Wall Street Journal. Each ad was different, so an example of what this looked like was an ad targeting the cybersecurity industry. It's a full-color image of a network of connections lit up in the shape of an eye. And it says, “Outthink threats”. In smaller text, it says, “Seeing threats others might miss helps you respond to attacks before they endanger your business.” It goes on to explain how IBM Security and Watson scan blogs, forums and bulletins to gain security intelligence, while being able to search through unstructured data to find threats.What B2B Companies Can Learn From IBM's Outthink Campaign:Capitalize on the moment. Timing is everything. Jessica says IBM launched their Outthink campaign when “cognitive computing was just starting to enter the public sphere. AI was still this Star Trek concept. And IBM capitalized on that moment with a campaign that was both educational and inspirational. It set the stage for discussions about the future of technology in a way that was really accessible. And AI was suddenly a topic that we could have real conversations about.” So launch content that speaks to the moment in your industry and position your brand as a thought leader.Venture outside your branding. A standalone campaign is an opportunity to be adventurous in your marketing. Jessica says, “Creativity and design are incredibly powerful in helping to further messaging. Even when it's really out there and creative, it really stops you.” The Outthink campaign was a clear departure from the black and blue colors with stark geometric shapes normally used in IBM's branding. And because it was, the campaign stood out. So create a campaign with its own unique look to grab attention.Take high quality photos and videos. The images in IBM's Outthink campaign are captivating. They're well-lit, sharp, detailed and vibrant. Ian says, “Get a photographer and take some really cool photos of your actual customers. It's always worth the money to take high quality photo and video.” It humanizes your brand, highlights your customers, and is visually compelling.Quotes*”With a lot of the earlier stage companies that I work with, there are so many priorities. And a lot of the time, unfortunately, what ends up happening is that their story isn't told. And so a lot of the time their messaging and positioning will suffer because of that. I don't think it's possible to really get to great content unless there is solid messaging and positioning. And you can't get to messaging and positioning without really diving deep into the story and the narrative of that company.” - Jessica Marie*”There's a tendency to think that we have to be really technical about things to show the value. Like that's just not true. We can show value based on how we are solving a problem that no one else is in a way that no one else is. How is it making your life easier? Like, those things are compelling.” - Jessica MarieTime Stamps[0:55] Meet Jessica Marie, Founder & CEO of Omnia Strategy Group[2:42] Why are we talking about IBM's Outthink campaign?[5:07] Tell me more about the Outthink campaign.[9:22] What makes the Outthink campaign remarkable?[16:32] What marketing lessons can we take from the Outthink campaign?[26:00] How does Jessica think about marketing at Omnia?[35:57] How does Jessica think about the ROI of content?LinksSee IBM's Outthink CampaignConnect with Jessica on LinkedInLearn more about Omnia Strategy GroupAbout Remarkable!Remarkable! is created by the team at Caspian Studios, the premier B2B Podcast-as-a-Service company. Caspian creates both non-fiction and fiction series for B2B companies. If you want a fiction series check out our new offering - The Business Thriller - Hollywood style storytelling for B2B. Learn more at CaspianStudios.com. In today's episode, you heard from Ian Faison (CEO of Caspian Studios) and Meredith Gooderham (Senior Producer). Remarkable was produced this week by Jess Avellino, mixed by Scott Goodrich, and our theme song is “Solomon” by FALAK. Create something remarkable. Rise above the noise.

On this episode of The Six Five – On The Road, hosts Daniel Newman and Patrick Moorhead welcome Nick Otto, Head of Global Strategic Partnerships at IBM and Justin Copie, Owner and CEO at Innovative Solutions for a conversation on a new program from IBM Security, announced at AWS re:Invent 2023, aimed at service providers. Their discussion covers: An introduction from Nick Otto as Head of Global Strategic Partnerships at IBM and Justin Copie as Owner and CEO at Innovative Solutions The partnerships between IBM, Innovative Solutions, and AWS A look at the new IBM Security's program for service providers to help accelerate their adoption of IBM security software Innovative Solutions' launch of a generative AI managed service, Managed Data Services (MDS), on top of AWS Bedrock, IBM Watson and Anthropic technologies to help with securely managing customer data Learn more about IBM's AI platform, watsonx, on the company's website.  

Today James is speaking with Troy Fisher, an ethical hacker at IBM Security who educates using Rubik's cubes and draws from early experience battling major malware like the ILOVEYOU virus outbreak. Join us as Troy discusses facing major malware incidents early in his career and puzzling his way into a role in ethical hacking. We'll also hear how Troy uses Rubik's cubes to demonstrate hacking concepts, how his background in music and performance aids compelling security education, and more stories from his eclectic career path on this episode of The Adventures of Alice and Bob podcast.

In episode 81 of the We Hack Purple Podcast host Tanya Janca spoke to Diana Kelley, Chief Information Security Officer (CISO) at Protect AI. Diana and Tanya worked together at Microsoft, and to say that Diana is a pillar of the information security industry is somewhat of an understatement. Together they discussed problems with Large Language Models (LLMs) ingesting crappy code, and bad licenses, the OSSF (and it's goodness), and that sometimes people don't even realize they are breaking software licences when they use what an LLM has produced.We discussed the fact that if a CVE comes out for a library an LLM gave you, but it didn't identify it with the correct name of the library, you wouldn't receive notifications about it. She clarified how ML pipelines are set up, how data scientists work, with insecure juniper laptops all over the place (perhaps a generalization on my part). We discussed how data science seems to be a topic a lot of CISOs are pretending aren't in their domain to protect, but both of us agreed that is not so. They have some of the most valuable data your organization can possess.We also covered best practices for securing MLSec, the OWASP Top Ten for LLMs, and the new free community her company has started MLSECOPS. She also released an update version of her book, Practical Cyber Security Architecture!.Diana Links:Diana on LinkedInhttps://www.wicys.org/. (of course!)https://mlsecops.com/OSS Jupyter Notebook scanner here: https://nbdefense.ai/https://protectai.com/ Her book https://www.packtpub.com/product/practical-cybersecurity-architecture-second-edition/9781837637164.Bio: Diana Kelley is the Chief Information Security Officer (CISO) for Protect AI. She also serves on the boards of Cyber Future Foundation, WiCyS, and The Executive Women's Forum (EWF). Diana was Cybersecurity Field CTO for Microsoft, Global Executive Security Advisor at IBM Security, GM at Symantec, VP at Burton Group (now Gartner), a Manager at KPMG, CTO and co-founder of SecurityCurve, and Chief vCISO at SaltCybersecurity..Very special thanks to our sponsor!Semgrep Supply Chain's reachability analysis lets you ignore the 98% of false positives in open source vulnerabilities and quickly find and fix the 2% of issues that are actually reachable.Get Your Free Trial Here! Semgrep also makes a ludicrously fast static analysis tool They have a free and paid version of this tool, which uses an open-source engine, and offers additional community created ruleset! Check out Semgrep Code HERE

IBM Security today released its annual Cost of a Data Breach Report, showing the global average cost of a data breach reached $4.45 million in 2023 - an all-time high for the report and a 15% increase over the last three years. Detection and escalation costs jumped 42% over this same time frame, representing the highest portion of breach costs and indicating a shift towards more complex breach investigations. According to the 2023 IBM report, businesses are divided in how they plan to handle the increasing cost and frequency of data breaches. The study found that while 95% of studied organisations have experienced more than one breach, breached organisations were more likely to pass incident costs onto consumers (57%) than to increase security investments (51%). The 2023 Cost of a Data Breach Report is based on in-depth analysis of real-world data breaches experienced by 553 organisations globally between March 2022 and March 2023. The research, sponsored and analysed by IBM Security, was conducted by Ponemon Institute and has been published for 18 consecutive years. Some key findings in the 2023 IBM report include: · AI Picks Up Speed - AI and automation had the biggest impact on speed of breach identification and containment for studied organisations. Organisations with extensive use of both AI and automation experienced a data breach lifecycle that was 108 days shorter compared to studied organisations that have not deployed these technologies (214 days versus 322 days). · The Cost of Silence - Ransomware victims in the study that involved law enforcement saved $470,000 in average costs of a breach compared to those that chose not to involve law enforcement. Despite these potential savings, 37% of ransomware victims studied did not involve law enforcement in a ransomware attack. · Detection Gaps - Only one third of studied breaches were detected by an organisation's own security team, compared to 27% that were disclosed by an attacker. Data breaches disclosed by the attacker cost nearly $1 million more on average compared to studied organisations that identified the breach themselves. Elaine Hanley, Security Services, IBM Ireland, said: "Across the globe, and very similar to the UK, this report confirms what we are seeing as ordinary citizens in Ireland. Across all industries studied, customer personally identifiable information was the most commonly breached record type and the costliest. In Ireland, we are seeing a surge in phishing emails and texts in recent months. Globally, we are seeing that firms with a smaller number of employees were disproportionally affected by higher breach costs, which in the context of Ireland, means that most of the indigent industries operating here need to pay attention to cybersecurity. Globally, we saw that only about half of those who suffered a breach actually plan to invest more in their cybersecurity programme post-breach. The pandemic has accelerated digital transformation in Ireland, and although this can be seen as generally positive, it does incur additional cybersecurity risks. However, AI and automation had the biggest impact on speed of breach identification and containment for studied organisations. So now is the time to understand the technologies and strategies that best protect your data." Additional findings in the 2023 IBM Data Breach report include: · Breaching Data Across Environments - Nearly 40% of data breaches studied resulted in the loss of data across multiple environments including public cloud, private cloud, and on-prem - showing that attackers were able to compromise multiple environments while avoiding detection. Data breaches studied that impacted multiple environments also led to higher breach costs ($4.75 million on average). · Costs of Healthcare Breaches Continue to Soar - The average costs of a studied breach in healthcare reached nearly $11 million in 2023 - a 53% price increase since 2020. Cybercriminals have started making stolen data more accessi...

In this special episode, we welcome Chris McCurdy and Dimple Ahluwalia of IBM Security to the show. They'll be talking with AWS security expert, Clarke Rodgers about our joint research report titled, “Data Security as Business Accelerator?” Hear directly from the authors themselves about how trusted data is driving competitive advantage for companies today and why it's the key ingredient to AI innovation. Resource links: Data Security as Business Accelerator? The Unsung Hero Driving Competitive Advantage | https://aws.amazon.com/executive-insights/content/data-security-as-business-accelerator/ Think Like an Auditor: How to Measure Security Compliance | https://aws.amazon.com/executive-insights/content/think-like-an-auditor-how-to-measure-security-compliance/

Moez Kamel, Threat Management Specialist at IBM Security, joins us on T-Minus Deep Space for a special edition all about the cybersecurity ecosystem in the New Space industry. You can follow Moez on LinkedIn and his work at IBM's Security Intelligence blog. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our weekly intelligence roundup, Signals and Space, and you'll never miss a beat. And be sure to follow T-Minus on Twitter and LinkedIn. Selected Reading Cybersecurity in the Next-Generation Space Age, Pt. 1: Introduction to New Space Cybersecurity in the Next-Generation Space Age, Pt. 2: Cybersecurity Threats in the New Space Cybersecurity in the Next-Generation Space Age, Pt. 3: Securing the New Space  Cybersecurity in the Next-Generation Space Age, Pt. 4: New Space Future Development and Challenges     Audience Survey We want to hear from you! Please complete our 4 question survey. It'll help us get better and deliver you the most mission-critical space intel every day. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at space@n2k.com to request more info. Want to join us for an interview? Please send your pitch to space-editor@n2k.com and include your name, affiliation, and topic proposal. T-Minus is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc.

Moez Kamel, Threat Management Specialist at IBM Security, joins us on T-Minus Deep Space for a special edition all about the cybersecurity ecosystem in the New Space industry. You can follow Moez on LinkedIn and his work at IBM's Security Intelligence blog. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our weekly intelligence roundup, Signals and Space, and you'll never miss a beat. And be sure to follow T-Minus on Twitter and LinkedIn. Selected Reading Cybersecurity in the Next-Generation Space Age, Pt. 1: Introduction to New Space Cybersecurity in the Next-Generation Space Age, Pt. 2: Cybersecurity Threats in the New Space Cybersecurity in the Next-Generation Space Age, Pt. 3: Securing the New Space  Cybersecurity in the Next-Generation Space Age, Pt. 4: New Space Future Development and Challenges     Audience Survey We want to hear from you! Please complete our 4 question survey. It'll help us get better and deliver you the most mission-critical space intel every day. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at space@n2k.com to request more info. Want to join us for an interview? Please send your pitch to space-editor@n2k.com and include your name, affiliation, and topic proposal. T-Minus is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

Australia's Space Command stands on its own. Landspace's methalox Zhuque-2 sets a date for its orbital flight test. Anti-collision maneuvers by Starlink satellites are growing exponentially. A two-stage student rocket proves launch capabilities at Spaceport Nova Scotia. We discuss New Space cybersecurity with Moez Kamel, Threat Management Security Technical Specialist at IBM Security. And a whole lot more! Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our weekly intelligence roundup, Signals and Space, and you'll never miss a beat. And be sure to follow T-Minus on Twitter and LinkedIn. T-Minus Guest Moez Kamel, Threat Management Specialist at IBM Security, on the cybersecurity ecosystem in the New Space industry. You can follow Moez on LinkedIn and his work at IBM's Security Intelligence blog. Selected Reading Space Command formally exits the RAAF- Space Connect Saber Astronautics opens new SA state HQ and Spacecraft Design Facility- EX2 for Defence Innovators  'We've Been Doing It Wrong': SPACECOM's Shaw Pushes New View of Operations- Air & Space Forces Magazine China's Landspace set for second methalox rocket launch- SpaceNews  Multi-National Crew to Visit FMARS (Canada) for Upgrade Work & Science Mission- The Mars Society  Leonardo to develop Nasa's infrared sensors to find habitable planets- Electronics Weekly SpaceX Starlink satellites caused 25,000 near-misses in just 6 months- Space MLS, Space Community Celebrates Debut Student Rocket Launch at Spaceport Nova Scotia- SpaceQ  Ecuador Government connects six Galápagos Islands schools to SpaceX St- Tesmanian  We must address a key obstacle to our new age of space exploration- New Scientist  Building U.S. Space Force Counterspace Capabilities: An Imperative for America's Defense - Mitchell Institute for Aerospace Studies  Elon Musk's SpaceX Now Has a ‘De Facto' Monopoly on Rocket Launches- WSJ T-Minus Crew Survey We want to hear from you! Please complete our 4 question survey. It'll help us get better and deliver you the most mission-critical space intel every day. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here's our media kit. Contact us at space@n2k.com to request more info. Want to join us for an interview? Please send your pitch to space-editor@n2k.com and include your name, affiliation, and topic proposal. T-Minus is a production of N2K Networks, your source for strategic workforce intelligence. © 2023 N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

For this week's episode of the podcast, we're joined by Patrick Vandenberg, director of product marketing at Invicti Security. Patrick helps us unpack the reasons behind why 70% of security incidents start from web applications and talks us through the importance of application security and dynamic application security testing (DAST). Patrick also touches on where the future of application security testing may be heading and how scanning varies across industries. Patrick Vandenberg, Director of Product Marketing at Invicti A seasoned cybersecurity leader, Patrick Vandenberg is the Director of Product Marketing at Invicti Security. He works closely with security and DevSecOps stakeholders to understand today's cybersecurity pain points so we can continue to help our customers solve their application security challenges. As an alumnus of several cybersecurity companies, including Hunters, Snyk, and IBM Security, Patrick brings over 20 years of experience in cybersecurity across product marketing and product management roles. Patrick holds a degree in Systems & Computer Engineering from Carleton University and, in his free time, continues a longtime passion for coaching and playing hockey. For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e234

The International Risk Podcast is a weekly podcast for senior executives, board members and risk advisors. In these podcasts, we speak with risk management specialists from around the world. Our host is Dominic Bowen, one of Europe's leading international risk specialists. Having spent the last 20 years successfully establishing large and complex operations in the world's highest risk areas and conflict zones, Dominic now joins you to speak with exciting guests from around the world to discuss risk.The International Risk Podcast – Reducing risk by increasing knowledgeFollow us on Facebook, Twitter, Instagram, and LinkedIn for all our great updates.This week, Dominic talks with Diana Kelley.  Diana is the Co-Founder and CTO of SecurityCurve, as well as Chief Strategy Officer/Chief Security Officer (CSO2) and co-founder of Cybrize. Throughout Diana's career, she has held positions in the Cybersecurity Field for Microsoft, IBM Security, Symantec, Burton Group (now Gartner), KPMG, and altCybersecurity. Her most recent book with Ed Moyle is Practical Cybersecurity Architecture: A Guide to Creating and Implementing Robust Designs for Cybersecurity Architects (2022). 

The Six Five – In The Booth for RSA 2023, Patrick Moorhead and Daniel Newman welcome Christopher Meenan, VP of Product Management, Threat Detection and Response at IBM. Their discussion covers: * How the evolvement of AI will be more powerful and efficient, leading to a major impact on IBM's product strategy * IBM is embracing the future of innovation in the security space by investing in new technologies and partnerships * IBM's core principles of trust, transparency, and innovation are helping drive security across their portfolio * How essential open and interoperable technology/tools are to IBM's security strategy

In this episode, host Raghu Nandakumara sits down with Stephen Coraggio and Greg Tkaczyk, Managing Partner and Executive Consultant at IBM Security, to discuss the business value of cybersecurity, defining your crown jewels, and overcoming “analysis paralysis” and other Zero Trust challenges. --------“Back in the day it was around protecting everything, encrypting everything, and really making sure that we scan everything in an environment. Now when we talk to clients, it's around how do we make sure that we are truly looking after the most important things in our environment, making sure that those are properly protected, [and] controlled.” - Stephen Coraggio“You don't want to spend four months deciding what top five policies you want to enforce in a CSPM solution—Make those decisions quickly and reduce risk.” - Greg Tkaczyk--------Time Stamps* 10:17 – Defining your “crown jewels”* 13:09 – Overcoming “analysis paralysis”* 22:35 – ZT as a framework: “It's a set of guiding principles”* 30:30 – What comes next in cyber (a case for AI/automation)* 34:10 – Using data to demonstrate ROI--------SponsorAssume breach, minimize impact, increase resilience ROI, and save millions in downtime costs — with Illumio, the Zero Trust Segmentation company. Learn more at illumio.com/--------LinksConnect with Stephen on LinkedInConnect with Greg on LinkedIn

While the growth of ransomware, phishing schemes and other nefarious cyber activities are obviously not positive developments for the industrial sector, the resulting exposure and fallout from high profile events like Colonial Pipeline, JBS and, most recently, Dole Foods, have mandated a need for more data on attack surfaces, hacker tactics and the bad actors themselves. In this episode, we'll be taking a closer look at all of these topics via findings from IBM Security's most recent Threat Intelligence Index as we sit down with John Dwyer, Head of Research for IBM Security's X-Force.We're also excited to announce that Security Breach is being sponsored by Rockwell Automation. For more information on their cybersecurity solutions, you can go to rockwellautomation.com.For more information on the work IBM Security X Force is doing, you can go to www.ibm.com/security.To catch up on past episodes, you can go to Manufacturing.net, IEN.com or MBTmag.com. You can also check Security Breach out wherever you get your podcasts, including Apple, Amazon and Overcast. If you have a cybersecurity story or topic that you'd like to have us explore on Security Breach, reach out at jeff@ien.com.To download our latest report on industrial cybersecurity, The Industrial Sector's New Battlefield, click here.

Alan Shimel and Mitch Ashley are joined by Mat Newfield of Unisys, Olivia Rose of Mailchimp, Heather Ricciuto of IBM Security, Larry Whiteside Jr. of ICMCP and Julian Waits of DEVO for a brand new episode on “Diversity in Security and Cyber.”

In this episode of the Endace Packet Forensic files, Michael Morris talks with RoseAnn Guttierrez, Technical Enablement Specialist BM at IBM Security and a former SOC analyst.Rose shares her experience of what a day in the life of a SOC engineer is really like. She discusses the best practices she and her team put in place to manage the day-to-day challenges and improve their security posture. She also highlights some of the tools that were most valued in their daily operations and the critical importance of interoperability and integrated workflows to ensure efficiency and simplicity for SOC teams.Rose's combination of SOC experience and deep knowledge of the security landscape has given her unique insight into the importance of having an interoperable ecosystem of tools and vendors that enables SOC teams to build resiliency and efficiency into their DNA.You can catch previous episodes in the Secure Networks Series here: https://blog.endace.com/category/pack...Or hit Subscribe to be notified when we post new episodes.ABOUT ENDACE *****************Endace (https://www.endace.com) is a world leader in high-performance packet capture solutions for cybersecurity, network and application performance. Endace's open EndaceProbe Analytics Platform (https://www.endace.com/endaceprobe) can host 3rd-party analytics solutions while simultaneously recording a 100% accurate history of network activity. EndaceProbes are deployed on some of the world's largest, fastest and most critical networks.

Ad practices draw a large EU fine (and may set precedents for online advertising). Updates on the LastPass breach, and on Russian cyber activity against Poland. Malek Ben Salem from Accenture explains smart deepfakes. Our guest is Leslie Wiggins, Program Director for Data Security at IBM Security on the role of the security specialist. And cellphones, opsec, and the Makiivka strike. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/2 Selected reading. Meta's Ad Practices Ruled Illegal Under E.U. Law (New York Times) Meta Fined More Than $400 Million in EU for Serving Ads Based on Online Activity (Wall Street Journal) Meta's New Year kicks off with $410M+ in fresh EU privacy fines (TechCrunch) LastPass data breach: notes and actions to take. (CyberWire) Poland warns of attacks by Russia-linked Ghostwriter hacking group (BleepingComputer)  Russia says phone use allowed Ukraine to target its troops (AP NEWS) Russian soldier gave away his position with geotagged social media posts (Task & Purpose) Russian commanders blamed for heavy losses in New Year's Day strike (Washington Post)

Join us this week for another episode of Breaking Through in Cybersecurity Marketing. Today, we're talking with Dillon Townsel, Head of Public Relations at Armis, as he takes us on a ride through his career journey. From Egypt and Afghanistan to IBM: Dillon tells the story of how he, like many others, unexpectedly found cybersecurity and ended up loving it. He also shares how he found himself teaching cybersecurity and emphasizes that knowledge in the field is not the first thing he looks for in employees.    Timecoded Guide: [02:15] Background as a musician, opening recording studios, and sales [09:23] X-Force Red and working for IBM [13:09] Working as a combat journalist and telling stories [20:43] How to gain technical knowledge in the field [27:40] Why Dillon could be a professor   Dillon's technical background and the journey of getting there  Dillon shares how his technical background in cybersecurity came in more towards the middle of his career trajectory. First, he tells how his technical knowledge fell like dominoes into more opportunities down the road. Dillon shares how his music background led him to learn the ins and outs of a recording studio which then led him to broadcast journalism in the military. He built on this, eventually going into security PR and then working on a team called X-Force Red at IBM.   “That was tough at times, right, I was out by myself, lugging around camera gear for . . . four or five days at a time. I learned a lot. Getting stories out of people and just going out and you've never met this person before. And your goal is to go out, meet some 21-year-old kid from Oklahoma, and find out what's interesting about maintaining a Humvee or working on military equipment—pulling the stories out of people.”   Meant to be: Jumping into cyber at X-Force Red After taking paternity leave, Dillon dove into cybersecurity, taking a job at IBM. He describes how, on the team, he looked for security vulnerabilities and emphasized that, at IBM, everyone is a customer. He shares why this took a lot of trust-building and how his team ended up getting media coverage for hacking into cars and exposing security vulnerabilities in nuclear power plants, among other things. Along with X-Force Red, Dillon also worked on Trusteer and mobile device management. “I think IBM Security was probably my crash course. That was when I got the most exposure to the most diverse set of security projects that are out there—because IBM Security works on everything. And so the possibilities are endless.”   Boots on the ground stories in Afghanistan Dillon takes us back to his time in Afghanistan and traces back where and how he learned to tell meaningful stories. Aside from getting senior leaders camera-ready and running a radio show, during his time in the service, Dillon had to learn how to tell stories on the fly. This, he says, prepared him for his future endeavors working in PR. Now, he takes his technical and journalistic experience, working at Armis Security. “Especially when we were doing stuff with X-Force Red, we had to take those stories and figure out 'why is this important to the average person?' 'Why would my grandmother care about this piece of security research?' And so it was always about finding the human element and being able to tell that side of security because everything we do is eventually protecting regular citizens. So all of this stuff trickles down to them.”   Where do you see print fitting in today's cybersecurity marketing? Dillon says that, although the majority of his background is in broadcasting, print is aecessary. He also mentions that he picked up a lot of copyediting experience throughout his career which has become quite valuable in his job. He says that his skill set has allowed him to review press releases, video scripts, and other writing. Dillon emphasizes that, in the end, little skill sets can go a long way throughout someone's career—whatever job they find themselves in. “In our world, telling a story in print is aecessary, right? We must get our commentary and thought leadership into those articles, making the business press understand why security is important.” ---------- Links: Spend some time with Dillon on LinkedIn and Twitter. Visit Armis Security on LinkedIn and Twitter. Check out the Armis Security website.  Keep up with Hacker Valley on our website, LinkedIn, Instagram, and Twitter. Follow Gianna on LinkedIn. Catch up with Maria on LinkedIn. Join the Cybersecurity Marketing Society on our website, and keep up with us on Twitter.  

This episode was sponsored by IBMThe nature of trust and security online has been a big challenge throughout the pandemic, but the events of 2022 have tested these issues like never before. We had been planning this sponsored episode for many months, but when it fell into place this turned out to be an excellent time to talk to Chris Hockings, APAC CTO at IBM Security about the state of security and trust in Australia today. Hosted on Acast. See acast.com/privacy for more information.

According to the media release from IBM Security, incident responders – the frontline responders to cyberattacks – are primarily driven by a strong sense of duty to protect others; a responsibility that's increasingly challenged by the surge of disruptive attacks, from the proliferation of ransomware attacks to the recent rise of wiper malware. The post Crossing into the Physical World? New IBM Study Examines the Critical Role of Cybersecurity Incident Responders appeared first on ComplexDiscovery.

Travelers have always been vulnerable. Centuries ago they were attacked by pirates, but nowadays most of the thefts happen on a digital level. In 2019, transport became the second priority for cybercriminals, right after financial organizations. USB chargers might be traveler-friendly and installed in public places for their convenience, but they're not necessarily safe. IBM Security experts say that cybercriminals use USB ports in airports, train stations and other public places to steal personal data from your gadgets. They have no difficulty modifying USB ports by installing special software that steals the owner's personal data, including bank information. Learn more about your ad choices. Visit megaphone.fm/adchoices

Dan Gisolfi is currently leading the delivery of innovation capabilities across Discover Financial Services (DFS), such as Hack-aaS, Patent Program, Design Thinking Services, and an Innovation Accelerator. Prior to joining DFS, he led an innovation team focused on the incubation of IBM Security's Zero Trust Architecture in collaboration with internal labs, academic institutions and NIST. About Podcast Episode Some of the key topics covered during this episode with Dan are: How does the chicken and egg problem relate to digital identity? Is there a dependency on Government IDs to seed the marketplace? Are unique identifier databases required to become a credential issuer? What is transitive trust? And how does it differ from how trust gets established otherwise (e.g., through backend API calls)? The missing role in the trust triangle: The Examiner. Can Examiners become digital notaries? Rethinking authentication and authorization - using attestations from multiple issuers helps to create more trust. How Issuance can become a business model for many trusted service providers. Some challenges with the mDL (ISO/IEC 18013) standard. The benefits of using a Microcredentials approach. Misconceptions about becoming credential issuers (e.g., assuming liability, data minimization). Where to find Dan? LinkedIn: https://www.linkedin.com/in/vinomaster/ Blogs: https://www.ibm.com/blogs/blockchain/author/dan-gisolfi/ Follow Mathieu Glaude Twitter: https://twitter.com/mathieu_glaude LinkedIn: https://www.linkedin.com/in/mathieuglaude/ Website: https://northernblock.io/

On Aug. 15, 2012, Saudi Arabia's national oil company, Saudi Aramco, was hit by one of the worst cyberattacks the world has ever seen. The result was a devastating wiping of data across 85% of Saudi Aramco's Microsoft-based technology, affecting tens of thousands of workstations. A decade later, and the frequency and severity of cyberattacks have increased, while tech policy in most of the Western world remains in its infancy. Cyber guru Chris Kubecka joins cohosts Nick Bradley and Mitch Mayne to do a retrospective on Shamoon including what happened and why. 

Techstination, your destination for gadgets and gear.   I'm Fred Fishkin.        We're all paying the price for cyber-attacks.    A new IBM security report finds that the costs of ransomware and other data breaches….which often run into the millions of dollars….are being passed along, increasingly, to...

Mark interviews Limor Kessem and discusses the key findings from the IBM 2022 security report - how bad Cyber Attacks are affecting our way of life. What is the cost of a Data Breach?ABOUT ~ Limor Kessem Principal Consultant, Cyber Crisis Management, IBM Security  https://www.linkedin.com/in/limor-sylvie-kessem/ Limor helps organizations use threat intelligence to understand cybersecurity threats, the risks most relevant to their business, and what they can do to become more resilient. Helping customers build plans and processes for cyber crisis management adds maturity to their security programs and gets them to a prepared state that strengthens their security posture. For more information please visit: http://www.ibm.com/security

August 5, 2022 ShipBob Dhruv Saxena, Small Biz Acquisition Financing Chris Hurn and IBM Security Limor Kessem

Keamanan siber adalah perlindungan yang sangat dibutuhkan untuk menjaga dan mempertahankan kerahasiaan (confidentiality), integritas (integrity), dan ketersediaan (availability) informasi elektronik atau Sistem Elektronik. Lalu, apa endgame dari kemanan siber? Pei Yuen Wong CTO dari IBM Security untuk Asia Tenggara, Australia, Selandia Baru, and Korea, bicara tentang pentingnya prinsip “zero-trust” dan resiliensi dalam menghadapi ancaman siber. Pei Yuen Wong adalah pimpinan senior di bidang bisnis dan teknologi dengan pengalaman lebih dari 20 tahun dalam R&D Pertahanan, Pemerintah dan Sektor Keuangan, serta keahlian di bidang Security Architecture, Security Programme dan Portfolio Management, Offensive Security, SOC Operations, Governance, Risk Management & Compliance. Saat ini, Pei Yuen berperan aktif dalam transformasi keamanan siber untuk melindungi organisasi dari ancaman siber dengan memanfaatkan inovasi dalam teknologi keamanan siber. #Endgame #GitaWirjawan #cybersecurity -------------------------- Pre-Order merchandise resmi Endgame: https://wa.me//628119182045 Berminat menjadi "policy leaders" berikutnya? Hubungi: admissions.sgpp.ac.id admissions@sgpp.ac.id https://wa.me/628111522504 Playlist episode "Endgame" lainnya: https://endgame.id/season2 https://endgame.id/season1 https://endgame.id/thetake

Techstination interview: Cyber-attack costs being passed on to consumers: IBM Security's Limor Kessem

I'll wrap up the earnings from Microsoft, Alphabet, Spotify and Shopify. Proof that the cost of a data breach for companies is skyrocketing. What ever happened to the legislative crackdown on Big Tech? Inflation comes to the Metaverse as Meta is jacking up the prices on Quest headsets. And a big update to Google Maps.Sponsors:Storyblok.com/ridehomeLinks:Techmeme headlines from this morning running down earnings (Techmeme, 8:25am eastern today)IBM Security report finds data breaches are costlier than ever before (SiliconAngle)Discovery of new UEFI rootkit exposes an ugly truth: The attacks are invisible to us (ArsTechnica)Senate's Antitrust Crackdown Sputters as Schumer Signals Doubts (Bloomberg)Quest 2 Price Jumps To $399 As Meta Costs Rise (UploadVR)Google Maps rolls out location sharing notifications, immersive views and better bike navigation (TechCrunch)See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

In the modern enterprise network, endpoints have grown exponentially and the built-in perimeter we had at the office has disappeared. In this remote, cloud-native world, bad actors have a wider attack surface to exploit.   Enter endpoint detection and response (EDR).  Shelby Skrhak speaks with Jennifer Lavender , world wide sales and business development leader for IBM Security at IBM, about:      - The difference between EDR and XDR     - The acquisition of ReaQta     - 3 differentiating components of ReaQta  Email Jilina Damin or visit IBM Security ReaQta for more information.  To join the discussion, follow us on Twitter @IngramTechSol #B2BTechTalk  Listen to this episode and more like it by subscribing to B2B Tech Talk on Spotify, Apple Podcasts, or Stitcher . Or tune in on our website. 

In this episode, Marc talks with Sonrai Security's Brendan Hannigan, on how he went from security guard on a Jack Nicolson movie set, to cybersecurity CEO. Trained as a coder, learn how his early days at Forrester Research honed Brendan's skills in understanding marketplace fit and fueled his passion to go out and start building things. Brendan went on to lead Q1 Labs until they were acquired by IBM, where he joined as the GM of the newly formed IBM Security. That journey lead him to his current role, CEO of Sonrai Security, where he and his team are changing the way organizations secure the cloud. You'll also learn about: Why the complexities of being a Cyber CEO haven't changed in decades The origins of the term security intelligence The fulfillment of saying "OK sure, I'll try that" Why CISOs may not need to "shift left" but they have to shift somewhere

“I think that the future of audio is one that's customized, personalized, interactive, intelligent and dynamic, you know, instead of always treating audio as on and off, we need to treat it in a way that's delivered to each person as a unique experience.” -- Sean Beeson This episode features a rare two-for-one interview with a powerful sonic duo, Jon Brennan and Sean Beeson, formerly of Sonic Signatures. Jon Brennan's a music composer and sound designer with twenty years of experience creating sound for iconic brands and multimedia platforms. With the rise of voice, podcasts, and streaming, he founded Sonic Signatures to enable brands to effectively use branded audio across every campaign and platform. He's created audio logos, original music, and sound design for leading brands including Amazon Alexa, Tide, Southwest Airlines, IBM Security, Mercy Health, Union Home Mortgage, and KeepTruckin. His film scores include internationally distributed feature films and documentaries, and he has an MFA in Music Composition for the Screen from Columbia College Chicago. Very recently, he decided to work with Sixième Son in the US. Sean Beeson is a composer and sound designer who's worked on hundreds of scores for video games, ads, trailers, and podcasts for clients like Google, Disney, McDonald's, Taco Bell, State Farm, Wizards of the Coast, Neoglyphic, and Sony. He helped develop the sonic identity of Google's Pixel phone, Pixel Buds 2, and Google's Home and Max speakers. He's contributed to three Emmy award-winning projects and has been nominated for multiple Game Audio Network Guild Awards. He's now doing independent music and sound design work. If you want to understand why audio is so important to your brand, Jon and Sean have a thing or two to tell you about that. As always, if you have any questions for my guest, you're welcome to reach out through the links in the show notes.  If you have questions for me, just visit http://www.audiobrandingpodcast.com/ (www.audiobrandingpodcast.com) where you'll find all sorts of ways to get in touch. Plus, subscribing to the newsletter (on the http://www.audiobrandingpodcast.com/ (www.audiobrandingpodcast.com) webpage) will let you know when the new podcasts are available.   The Essence of a Project We start off with a look at the early influences that shaped Jon and Sean's interest in sound. Jon tells us how his older brother's Depeche Mode album sparked a lifelong career in music, while Sean recalls his very first encounter with audio branding when he played Sega video games as a child.  The topic turns to the versatility of sonic branding in everything from mobile games to casino slot machines. The goal, as Sean explains it is, is "to boil down the essence of a project or product or brand to what really makes it unique and what really helps make it relate to the consumer or the user of that product."   Supporting the Brand The interview continues with the story of how Sean and Jon met at a gaming conference, and how their combined experience in commercial music and interactive audio gave them a unique perspective when it comes to audio branding and marketing."We feel that we can best help a company through our one-on-one relationship," Jon says, "and it's through that personalization that we can come up with the most custom and creative results that are the most effective in the long run."   Everything is Interactive Next, we talk about audio branding, what it means to them, and how video games in particular have always been ahead of the curve when it comes to dynamic audio and using sound to continually shape the listener's experience. Jon sees interactive audio, guided by machine learning, playing a more vital role in our everyday lives as smart devices become widespread: "Sonic branding," as he explains, "extends beyond just having a jingle or a piece of music, and it really needs to kind of aid the user to be able to identify, interact and...

In this episode, host John Laurito talks with the Founder and CEO of JupiterOne about his journey from leading security for other organizations to starting his own cybersecurity company. He also shares his views on expanding comfort zones, hiring A-players as an A-player himself, and his advice to leaders who are only starting in their entrepreneurial journeys.Erkang Zheng, Founder of JupiterOne and CISO at LifeOmic, is a leader in cybersecurity with 15 years of experience in all domains from identity and access, penetration testing, and incident response to data, application, and cloud security. Zheng holds several patents and is passionate about combining innovation and execution to deliver practical solutions that address cybersecurity challenges at their root cause. Previously, he was the head of software security architecture and assurance practice for Fidelity Personal Investing, servicing over 12 million customer accounts. He also led a team of engineers building customer protection solutions as well as patent-pending security R&D. Before Fidelity, Zheng held global leadership roles at IBM Security and at a number of tech startups.Reach out to Erkang at:Website: https://jupiterone.com/LinkedIn: https://www.linkedin.com/in/erkang/Twitter: https://twitter.com/erkangShow notes:[2:03] Erkang's journey that led him to JupiterOne[4:35] Raising capital[6:58] Hiring people that are better than him[12:17] Handling and expanding comfort zones[15:33] Where to find Erkang Zheng and JupiterOne[16:05] Words of wisdom[18:00] OutroGet a copy of Tomorrow's Leader on Amazon https://tinyurl.com/huseae9hText LEADER to 617-393-5383 to receive The Top 10 Things That The Best Leaders Are Doing Right NowFor questions, suggestions, or speaker inquiries, contact me at john@lauritogroup.com

Recibimos a Adolfo Ramírez Morales, promotor de Vida Silver y premio a la Excelencia de Capital Radio a la Transformación Digital. Analizamos el último informe de IBM sobre los ciberataques con Limor Kessem, asesora ejecutiva de Seguridad, IBM Security. En el "Espectador Económico" Luis Vicente Muñoz y el profesor Guillermo de Haro buscan los aspectos económicos de la película "No mires arriba".

The incredibly articulate https://my.captivate.fm/Anne%20Leslie,%20Senior%20Management%20Consultant,%20IBM%20Security (Anne Leslie, Threat Management Consultant, IBM Security), shares some powerful messages and recommendations on threat management. One such message is to nurture a Whole-of-Enterprise approach where "leaders believe that the people who work for them are not just as important as the systems and the data, they're more important." Anne also emphasizes the importance of "looking within and knowing what it is that we have, why people might want that, and how they might go about getting it." Time Stamps 00:42 -- So, let's begin by talking about the major information security threats out there and you being in Europe, we'd love to get that perspective. 05:49 -- Anything that you see out there by way of best practices, in terms of staying on top of the latest attack vectors and methods. 10:43 -- I'd love to hear your perspective on a human-centered cyber defense strategy. 19:20 -- I read in the media reports that organizations are often slow, and for lack of a better word, negligent in promptly and effectively responding to cyber intelligence. This is definitely a weakness that no organization can afford. What are your thoughts? 29:38 -- I'd love to get your thoughts on joint ownership and accountability, or shared ownership and accountability? 38:44 -- Any final thoughts? Memorable Anne Leslie Quotes 06:29 "So one of the things that I notice in our industry, across businesses, is that we have a tendency to look outwards before we look inwards. And in practical terms, what that means is, we're not very clear collectively about what it is in our organizations and our businesses that adversaries might want." 06:29 "Let's start with looking within and knowing what it is that we have, why people might want that, and how they might go about getting it. If we already have answers to those questions, we're on a good footing." 13:34 "I believe that people come to work every day with an often unarticulated aspiration to be useful. And it just seems to me that we're totally missing out on capitalizing on people's best intentions and their creativity and their motivation - when we label them weak when we label them as a vulnerability against which we need to defend." 13:34 "People want to contribute, people want to be helpful, they want to be united in something that's a little bit bigger than themselves. And security practitioners, in particular, maybe not all of them, but the majority that I've interacted with, are driven by a desire to protect, they're driven by a cause. To them, security is more than a job, it's a cause they want to defend." 18:09 "It's not just about buying more technology, It's about doing more with what we have, where we are. And making the most of the capability that we can get from our people is a key factor in that." 23:41 "I loved what you just said about the impact of security being positively correlated with the health of the culture in the organization. Yes, a million times, yes! Because when you have a healthy organization - which is built up consistently, with consistent behaviors, consistent attitudes, consistent interventions on the part of leadership - what it instills, in people at every level of the organization, is a sense of accountability, a sense of responsibility, a sense of pride. And most importantly, it instills a desire to protect, because people have an emotional connection to their organization and an emotional connection to the leadership, even if they've never spoken to them." ---------------------------------------------- Connect with Host Dr. Dave Chatterjee and Subscribe to the Podcast Please subscribe to the podcast so you don't miss any new episodes! And please leave the show a rating if you like what you hear. New episodes release every two weeks. Connect with Dr. Chatterjee on these platforms: LinkedIn: https://www.linkedin.com/in/dchatte/...

This episode of CRO Wisdom features Shamla Naidoo, Managing Partner, IBM Security. In this episode hosted by Atul Vashistha, Chairman, Supply Wisdom, Shamla talks about the challenges of risk management at a time when digital risks are rising. She talks about why she expects continuous monitoring will lead to a cultural shift towards self-regulating organizations.Shamla discusses what she sees as the problems of silo-isation and fragmentation of data and why an integrated view of risk will lead to exponential new benefits. Don't miss her advise to CISOs on the need to look outside to get a truly complete picture of risk to their organizations.

Diana Kelley of The Analyst Syndicate is on the podcast to chat about her 25-year-long career in security. She touches on artificial intelligence and machine learning ethics, sneaking into DARPA in the '70s and much more. 0:00 - Intro 3:14 - Getting into cybersecurity11:51 - Cybersecurity changes in the past 25 years15:34 - Choosing exciting cybersecurity projects19:49 - What is The Analyst Syndicate?23:00 - Editorial process at The Analyst Syndicate26:26 - Changes in security from the pandemic32:22 - Combating fatigue at home34:35 - Digital transformation39:25 - Bringing more women into cybersecurity43:08 - Tips for hiring managers46:16 - Using AI and ML ethically51:50 - Tips to get into cybersecurity 55:15 - Kelley's next projects56:18 - Learn more about Kelley57:08 - OutroHave you seen our new, hands-on training series Cyber Work Applied? Tune in every other week as expert Infosec instructors teach you a new cybersecurity skill and show you how that skill applies to real-world scenarios. You'll learn how to carry out different cyberattacks, practice using common cybersecurity tools, follow along with walkthroughs of how major breaches occurred, and more. And it's free! Click the link below to get started.– Learn cybersecurity with our FREE Cyber Work Applied training series: https://www.infosecinstitute.com/learn/​ – View Cyber Work Podcast transcripts and additional episodes: https://www.infosecinstitute.com/podcastDiana Kelley's security career spans over 30 years. She is co-founder and CTO of SecurityCurve and donates much of her time to volunteer work in the cybersecurity community, including serving on the ACM Ethics & Plagiarism Committee, as CTO and board member at Sightline Security, board member and Inclusion Working Group champion at WiCyS, cybersecurity committee advisor at CompTIA, Advisory Council, Bartlett College of Science and Mathematics, Bridgewater State University and RSAC US Program Committee. Kelley produces the #MyCyberWhy series and is the host of BrightTALK's The (Security) Balancing Act and co-host of the Your Everyday Cyber podcast. She is also a principal consulting analyst at TechVision Research and a member of The Analyst Syndicate. She was the Cybersecurity Field CTO for Microsoft, global executive security advisor at IBM Security, GM at Symantec, VP at Burton Group (now Gartner) and a manager at KPMG. She is a popular keynote speaker, the co-author of the books "Practical Cybersecurity Architecture" and "Cryptographic Libraries for Developers," has been a lecturer at Boston College's Masters program in cybersecurity, the EWF 2020 Executive of the Year and one of Cybersecurity Ventures 100 Fascinating Females Fighting Cybercrime.About InfosecInfosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with  skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It's our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.

This week Zack is solo and is discussing a new report out from IBM Security on the costs of data breaches. To put it bluntly, it's not cheap. However, the report shows that all is not lost and that organizations that have strong cybersecurity plans, software, and personnel, will save millions of dollars post-breach compared to those who have nothing. The lesson here is to hire us because every dollar you spend before an incident will return a lot more should something occur. We highly recommend you review the report which you can find here: https://www.ibm.com/security/digital-assets/cost-data-breach-report/Cost%20of%20a%20Data%20Breach%20Report%202020.pdf Check out NuHarbor Security for complete cybersecurity protection for your business and a security partner you can trust. Website: https://nuharborsecurity.com Facebook: https://www.facebook.com/nuharbor/ Twitter: https://twitter.com/NuHarbor@nuharbor LinkedIn: https://www.linkedin.com/company/nuharbor/ Instagram: https://www.instagram.com/nuharborsecurity/  

"I think we've really seen the concept of a SOC grow and evolve over the past 10 years or so," says Emma Bickerstaffe, Senior Research Analyst at the Information Security Forum. As your business and the threat landscape change, how do you keep pace with your security operations centre (SOC)?    Emma Bickerstaffe, Senior Research Analyst, ISF and Jamie Cowper, Product Marketing Manager at IBM Security, join the podcast for a discussion about building and enhancing a SOC, or "the eyes and ears of an organisation."  They cover business drivers for improving a SOC; perspectives on internal, external, and hybrid models; and the five core capabilities of a SOC. https://www.securityforum.org/videos-podcasts/isf-podcast-emma-bickerstaffe-the-evolving-security-operations-centre/