Podcasts about Information assurance

Mariano Mattei is the Vice President of Cybersecurity and AI at Azzur Solutions, bringing over 30 years of expertise in cybersecurity, AI innovation, and software engineering. A Certified Chief Information Security Officer (CCISO), Mariano has led AI-driven transformations across Biotechnology, Pharmaceuticals, and Medical Device sectors, integrating AI into clinical trials, manufacturing automation, quality systems, and regulatory compliance frameworks (FDA 21 CFR Part 11, GAMP 5, GDPR, HIPAA). His work spans predictive analytics for risk management, AI-powered process optimization, anomaly detection in manufacturing, and regulatory AI governance. He recently graduated from Temple University's Master's Program in Cyber Defense and Information Assurance, and he's the author of "Data-Driven Cybersecurity – Proven Metrics for Reducing Cyber Risk"Listen NOW to discover, "The Secret to Taking A Secure Risk"

Guest host LeAnn Waldroup interviews Dr. Selwyn Ellis, a long-tenured professor and department head at Louisiana Tech University, about his journey and contributions to the institution. He discusses his transition from Mississippi to Louisiana Tech for his doctorate, his role in the Center for Information Assurance, and the evolution of Tech's computer information systems degree. He highlights the importance of critical thinking and problem-solving skills, the growing demand for AI and prompt engineers, and Louisiana Tech's rare and hard-earned NSA designation. CIS at Louisiana Tech: business.latech.edu Website: 1894.latech.edu/beyond/ Email: 1894@latech.edu

Information virality is an increasingly important topic in modern media environments, but it often remains overlooked in discussions about information security. This presentation will explain why information virality is a cybersecurity concern and how it can be exploited to manipulate public discourse. By utilizing theories from prominent cultural psychologists and employing natural language processing techniques, we will demonstrate methods for capturing viral discourse and identifying additional features linked to behavioral patterns that may motivate participation in discussions. This talk will focus solely on the methodology and our preliminary findings, as the research is still ongoing. About the speaker: Nick Harrell has served in the military for 18 years. Currently, he works as a data systems engineer, where he designs, builds, and maintains complex data systems that help Army leaders make informed decisions. He is on a fellowship at Purdue University, pursuing a Ph.D. in Information Security. Nick is a member of the International Information System Security Certification Consortium (ISC2) and the Project Management Institute (PMI). His research interests focus on Natural Language Processing (NLP) for Information Assurance, specifically on mechanisms that enhance user engagement in online public discourse.

Listen to Will Knehr, Senior Manager of Information Assurance and Data Privacy i-PRO Americas, explain how to effectively apply a zero trust mindset in the workplace.

In the latest episode of our Risk & Accounting Advisory podcast, National Technology Business Development Leader Marc Montoro, Leader is joined by Information Assurance & Cybersecurity Senior Managers Keith Jackson and Brian Kirk. Together, they discuss the basics of the HITRUST Framework, exploring its evolution from a healthcare focus to an industry-agnostic standard. Their conversation is packed with insights. From the foundational elements of High Trust to its benefits and strategic advantages, discover how this robust framework can set your business apart. Tune in to learn why HITRUST certification might be your next step in safeguarding sensitive information and achieving compliance across various sectors. Listeners will learn:What is HITRUST CSF?The benefits of being HITRUST CertifiedThe different types of HITRUST Certification and the pros and cons of eachHow to become HITRUST CertifiedRelated InsightsCPE Webinar: HITRUST CSF: A Comprehensive OverviewView All Podcasts from this Series

Mark Lazarus joins Ramon and the PD Flight Crew this week in the MissionCTRL studios to share his 20-year journey in IT and discuss how IT programs are transforming lives. Lazarus serves as the Program Manager of Information Technology at The Workplace's Tech Ready Career Training Program. In high school, Mark was an avid athlete, participating in basketball, track, and martial arts. After an injury, his guidance counselor recommended pursuing a career in IT. Following this advice, Lazarus earned an Associate Degree in Computer and Information Systems Security and Information Assurance from Norwalk Community College, followed by a Bachelor's Degree in Information Technology with a minor in Sociology from UConn. Mark's extensive real-life experience makes him the ideal advocate for serving the Bridgeport community by bridging the gap between job seekers and employers' demands. The Tech Ready Career Training Program focuses on accessibility, designing courses that equip participants with the skills and certifications needed to excel in the dynamic field of technology. In the "Tech Ready Career Training" segment, participants will have the opportunity to take classes covering a wide range of essential IT skills: CompTIA A+, CompTIA Network+, CompTIA Security+, CompTIA Server+, SQL, Project Management, AWS Cloud, Google Cloud, Python, and IC2 Cybersecurity.  Before we dive into today's main discussion, Ramon recaps his recent trip to Arizona, the PD Flight Crew shares updates on changes in web cookies that businesses need to be aware of, and we celebrate the Knicks making it to the second round of the playoffs. . . . Find Mission CTRL on Anchor, Apple Podcast, Spotify, and our website. Mission CTRL aims to ignite the innovative spirit inside us all through providing budding and successful entrepreneurs and community leaders with a platform to share their stories and inspire others. Tune in every Wednesday and catch up with the team at Peralta Design as we unleash the origin stories behind some exceptional leaders, share marketing/branding insights, and navigate the ever-changing currents of pop culture. Subscribe for weekly branding and entrepreneurial content here!  To learn more about Peralta Design's work visit peraltadesign.com. #welaunchbrands #digitalagency #mbeagency #mbe #digital #branding #marketing #web #startups #creative #BrandU #w2 #fulltime #leadership #contentcreator #contentstrategy #marketingstrategy #entrepreneurs #business #launchyourbrand

Today, we had the privilege of hosting Adam Austin, the Cybersecurity Lead at Totem.Tech, a minority veteran-owned Prime DoD contractor. With a decade of experience safeguarding classified, unclassified, and HIPAA-environment US Government IT systems, Adam brings a wealth of knowledge to the table. Throughout his career, he has collaborated with prestigious institutions like NASA, the Centers for Medicare and Medicaid (CMS), and all branches of the Department of Defense. Adam holds a Master's in Information Assurance from Capitol Technology University and boasts certifications such as ISACA Certified Information Security Manager (CISM) and Certified Information Systems Auditor (CISA). His mission is clear: to utilize his extensive background and education to aid small businesses in regulatory environments in implementing cost-effective, compliant, risk-based cybersecurity programs. During our conversation, Adam shed light on his current endeavors at Haight Bey/H-Bar, where he spearheads cybersecurity and systems integration services for a US Air Force weather information system. Moreover, he shared insights into the concept of "Cybersecurity Empowerment" for small businesses, alongside the development of Totem™, a lightweight GRC tool designed to facilitate cybersecurity assessments for small enterprises. With a specialization in security and software integration within the Aerospace industry, particularly in UAS and satellite ground control systems, Adam is well-versed in Windows and Linux operating systems, as well as various commercial and government-off-the-shelf software products. Notably, he has led multi-million dollar tactical systems through DIACAP/RMF certification and subsequent maintenance activities, serving in pivotal roles such as an IASO (ISSO) and technical lead. Adam's passion lies in information system risk assessment, assessment and authorization (A&A), and the formulation of risk mitigation strategies, security policies, and vulnerability remediation packages for networked systems, both in military and commercial settings. His expertise spans a broad spectrum, encompassing certifications like ISACA CISM, CISA, CompTIA Security+, and Core Impact Certified Professional (CICP), along with proficiencies in scripting languages for automation and constructing Windows group policy objects for enhanced domain security. As we wrap up today's episode, we extend our gratitude to Adam Austin for sharing his invaluable insights into the ever-evolving landscape of cybersecurity and his dedication to empowering small businesses in navigating regulatory complexities. Stay tuned for more enriching conversations with industry luminaries on GovCon Giants Podcast! Linkedin: https://www.linkedin.com/in/adam-austin-cybersecurity/  Company Linkedin: https://www.linkedin.com/company/totem-tech/  Website: https://www.totem.tech/  Facebook: https://www.facebook.com/TotemTechnology/   Youtube: https://www.youtube.com/channel/UCYKT-JYV0jqkvxFp-yUTjwg  Twitter: https://twitter.com/totem_tech  

Rick Howard, N2K's CSO and The CyberWire's Chief Analyst and Senior Fellow, interviews Eugene Spafford about his 2024 Cybersecurity Canon Hall of Fame book: “Cybersecurity Myths and Misconceptions.” References: Eugene Spafford, Leigh Metcalf, Josiah Dykstra, Illustrator: Pattie Spafford. 2023. Cybersecurity Myths and Misconceptions: Avoiding the Hazards and Pitfalls that Derail Us [Book]. Goodreads. Helen Patton, 2024. Cybersecurity Myths and Misconceptions: Avoiding the Hazards and Pitfalls that Derail Us [Book Review]. Cybersecurity Canon Project. Staff, 2024. CERIAS - Center for Education and Research in Information Assurance and Security [Homepage]. Purdue University. Rick Howard Cybersecurity Canon Concierge Cybersecurity Canon Committee members will be in the booth outside the RSA Conference Bookstore to help anybody interested in the Canon's Hall of Fame and Candidate books. If you're looking for recommendations, we have some ideas for you. RSA Conference Bookstore JC Vega: May 6, 2024  | 02:00 PM PDT Rick Howard: May 7, 2024  | 02:00 PM PDT Helen Patton: May 8, 2024  | 02:00 PM PDT Rick Howard RSA Birds of a Feather Session:  I'm hosting a small group discussion called  “Cyber Fables: Debating the Realities Behind Popular Security Myths.” We will be using Eugene Spafford's Canon Hall of Fame book, “ “Cyber Fables: Debating the Realities Behind Popular Security Myths” as the launchpad for discussion. If you want to engage in a lively discussion about the infosec profession, this is the event for you.  May. 7, 2024 | 9:40 AM - 10:30 AM PT Rick Howard RSA Book Signing I published my book at last year's RSA Conference. If you're looking to get your copy signed, or if you just want to tell me how I got it completely wrong, come on by. I would love to meet you. RSA Conference Bookstore May 8, 2024 | 02:00 PM PDT Rick Howard, 2023. Cybersecurity First Principles: A Reboot of Strategy and Tactics [Book]. Goodreads. Rick Howard Cyware Panel:  The Billiard Room at the Metreon | 175 4th Street | San Francisco, CA 94103 May 8, 2024 | 8:30am-11am PST Simone Petrella and Rick Howard RSA Presentation:  Location: Moscone South Esplanade level May. 9, 2024 | 9:40 AM - 10:30 AM PT Simone Petrella, Rick Howard, 2024. The Moneyball Approach to Buying Down Risk, Not Superstars [Presentation]. RSA 2024 Conference.

On this episode we are joined by the amazing Debora Plunkett, former Director of Information Assurance at the National Security Agency (NSA). Tune in to hear Debora discuss her illustrious career within the NSA, her time serving on the National Security Council, and what it was like working as CSI before CSI was cool. Hosted on Acast. See acast.com/privacy for more information.

In the latest episode of Cherry Bekaert's Risk & Accounting Advisory podcast series, Neal Beggan, is joined by Steven Ursillo and Dan Sembler, both partners in our Information Assurance & Cybersecurity practice. During this episode they discuss the many benefits of Service Organization Control (SOC) 2 reports, such as security insights, gaining customer trust and risk management, and how those benefits bring value to a company. Listeners will also discover how to prepare for SOC 2 and what to expect during a SOC 2 report, as well as the different types of SOC 2 reports.Tune in to learn more about:The value of SOC 2 and potential benefitsHow a SOC 2 report differs from a SOC 1 examinationThe components of a SOC 2 report and how to prepareOther Relevant GuidanceA Comprehensive Guide to SOC 2 Reporting: Webinar RecordingThe Impact of a SOC 2 Report on Your Organization Value and Customer RelationsA Guide to Understanding Service Organization Control (SOC) ReportsQuestions? Contact UsView All Podcasts from this Series

Joining the podcast this week is Tony Sager, Senior Vice President and Chief Evangelist for the Center of Internet Security and shares insights from his 45+ years on the security front lines, including 34 years at the NSA. Risk was a big theme of the discussion particularly looking at risk through a similar lens as we view other risky domains, such as the great work being done with the Cyber Safety Review Board. (And he shares color on the power of being okay with the risk of being wrong sometimes.) He also shares perspective on moving to incentive-based cyber models (such as what's been done in Ohio and Connecticut), and the criticality of translating technology, attacks & attackers into public policy and market incentives. And it can't be a great cyber discussion without addressing the growing sophistication of cyber criminals and their organizations – really becoming the defacto organized crime success path today. Tony Sager, Senior Vice President and Chief Evangelist for the Center for Internet Security Sager is a SVP and Chief Evangelist for CIS. He leads the development of the CIS Critical Security Controls™, a worldwide consensus project to find and support technical best practices in cybersecurity. Sager champions of use of CIS Controls and other solutions gleaned from previous cyber-attacks to improve global cyber defense. He also nurtures CIS's independent worldwide community of volunteers, encouraging them to make their enterprise, and the connected world, a safer place. In November 2018, he added strategy development and outreach for CIS to his responsibilities. In addition to his duties for CIS, he is an active volunteer in numerous community service activities: the Board of Directors for the Cybercrime Support Network; and a member of the National Academy of Sciences Cyber Resilience Forum; Advisory Boards for several local schools and colleges; and service on numerous national-level study groups and advisory panels. Sager retired from the National Security Agency (NSA) after 34 years as an Information Assurance professional. He started his career there in the Communications Security (COMSEC) Intern Program, and worked as a mathematical cryptographer and a software vulnerability analyst. In 2001, Sager led the release of NSA security guidance to the public. He also expanded the NSA's role in the development of open standards for security. Sager's awards and commendations at NSA include the Presidential Rank Award at the Meritorious Level, twice, and the NSA Exceptional Civilian Service Award. The groups he led at NSA were also widely recognized for technical and mission excellence with awards from numerous industry sources, including the SANS Institute, SC Magazine, and Government Executive Magazine. For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e273

Discover the forces shaping your financial data's safety as we sit down with the eminent Jake Lee Jaeung, the Clifford Ray King Endowed Professor of Information Systems. In a landscape where cybercriminals lurk at every digital corner, we dissect how a blend of routine activity theory and practical cybersecurity can alter the terrain to our advantage. Together, we plunge into Jake's rigorous study with 461 financial institution employees and unravel the factors that skew risk perception and the likelihood of data breaches.With Jake's expertise, we peel back the layers of data security, challenging the conventional wisdom that greater transparency equals higher risk. This episode illuminates how the value of information, the effectiveness of guardians, and the strategic reduction of data availability can form a robust shield against unauthorized access. We also navigate the nuanced chess game of social engineering defenses, providing valuable insights and tangible actions that can be applied across industries to shield your organization's most precious assets from the prying eyes of the digital underworld.Intro audio for the Cyber Ways Podcast Outro audio for Cyber Ways PodcastCyber Ways is brought to you by the Center for Information Assurance, which is housed in the College of Business at Louisiana Tech University. The podcast is made possible through a "Just Business Grant," which is funded by the University's generous donors.https://business.latech.edu/cyberways/

Can marriage survive the loss of a child?  Losing a child is the hardest thing a couple can go through. In fact 80 percent of marriages end in divorce after the loss of a child.  For the month of December we are sharing the stories of 4 couples and how their marriages not only survived the loss of a child, but continued to thrive.     In today's episode we have the Warren's.   Ivori and Kevin Warren have been married for 16 years and are a the mommy and daddy to an Angel  born in heaven on August 21, 2017. Ivori is a creative entrepreneur and many times has some bright ideas, one of which is the Loving Our Angel blog. The blog is their personal journal about her and hubby's journey to healing.  Loving Our Angel is also a new initiative that has been added to their non-profit foundation to increase pregnancy and infant loss awareness. As a very private person, it wasn't her initial thought to be so transparent, but as God did when she was diagnosed with Type 2 diabetes in February 2012, He is leading her to be transparent about their loss.  Ivori holds degrees in both Psychology and Human Resources Management – and currently working toward a doctoral degree in Higher Education.   Kevin holds degrees in both Information Systems & Science and Information Assurance – and currently working towards a doctoral degree in Applied Information System Management. She is also a MOMpreneur – Creative Director of Ivori Nicole EventsTM, professor, author, speaker, mentor, Chief Operating Officer of the Warren Community Cares Foundation, and active member of Alpha Kappa Alpha Sorority, Incorporated.  He is a United States Army Veteran, Master Rated 82nd Airborne Paratrooper, Chief Executive Officer  of the Warren Community Cares Foundation, and active member of Kappa Alpha Psi Fraternity, Incorporated. We reside in Northern Maryland with our two fur babies, Kole (the spoiled Pit Bull) and Kloe (the bossy cat).  Here are the Warren's. Listen to this episode here: sistersinloss.com/links Become a Sisters in Loss Birth Bereavement, and Postpartum Doula Here Living Water Doula Services Book Recommendations and Links Below You can shop my Amazon Store for the Book Recommendations You can follow Sisters in Loss on Social Join our Healing Collective Online Support Group Join the Sisters in Loss Online Community Sisters in Loss TV Youtube Channel Sisters in Loss Instagram Sisters in Loss Facebook Sisters in Loss Twitter You can follow Erica on Social Erica's Website Erica's Instagram Erica's Facebook Erica's Twitter

Embark on a cybersecurity journey in this enlightening episode of Yacht Crew Vlogs! Join Craig Woldridge, a representative of the IASME Consortium, to delve deep into the cybersecurity landscape within the yachting industry. Explore the significance of Information Assurance for Small and Medium Enterprises (IASMI) and unravel the importance of data protection for high net worth individuals during their yacht ventures. Discover the overarching cybersecurity challenges faced by yacht owners and how the Maritime Cyber Baseline scheme is effectively addressing them. Craig's expertise provides valuable insights into the intricate dynamics of cybersecurity in the maritime sector. Don't miss this eye-opening discussion on safeguarding your yachting experience!  To contact Craig: @craig-wooldridge - LinkedIn For IASME: @IASME1 - X @the-iasme-consortium-limited - LinkedIn @iasme1 - Facebook iasme.co.uk #YachtCrewVlogs #CybersecurityInYachting #MaritimeCyberBaseline #DataProtectionAtSea #YachtingInsights #InformationAssurance #YachtSecurity #CyberRiskManagement #HighNetWorthCyberProtection #MaritimeIndustryTalks

Are you ready to shift your perspective on cybersecurity? We've got Dr. Karen Renaud, the general chair of Dewald Roode Workshop (DRW) this year and a renowned figure in information security research, to guide us on this fascinating journey. We'll be dissecting the paradigm-shifting presentations, lively debates and thought-provoking discussions from the workshop, with a special focus on Basie von Solms' revolutionary thoughts on the future of cybersecurity.Looking to understand why people often disregard security procedures? Or how personality traits can impact the security decisions we make? Our discussion reveals that cautiousness, morality, and self-consciousness can positively affect security decisions, but increasing security knowledge doesn't always correlate with safer decisions. As we navigate through the papers, we'll also investigate how AI-enhanced security systems could alleviate user stress and transform the way we approach security training.We also tackle an under-discussed issue in the cybersecurity sphere: the misuse of system access and the potential for computer abuse by managers. With their unique position of trust and autonomy, could managers be the new insider threat to watch out for? We'll also delve into the role of habits in cyber hygiene, the promises and perils of AI in the field, and how these insights can be applied in the workplace. Join us for this enlightening discussion -- it's an episode you won't want to miss!DRW Website: https://drw2023.github.io/(All papers and the Key Note slides are available on the website.)Papers discussed:4Personality Facets and Behavior: Security Decisions under Competing Priorities,  Sanjay Goel, Jingyi Huang, Alan Dennis, Kevin WilliamsAn Examination of How Security-Related Stress, Burnout, and Accountability Design Features Affect Security Operations Decisions,  Mary Grace Kozuch, Adam Hooker, Philip Menard, Tien N Nguyen, Raymond ChooBosses Behaving Badly: Managers Committing Computer Abuse, Laura AmoEncouraging Peer Reporting of Information Security Wrongdoings: A Normative Ethics Perspective, Reza Mousavi, Adel Yazdanmehr, Jingguo Wang, Fereshteh GhahramaniImpact of Cyber Hygiene Behavior on Target Suitability using Dual Systems Embedded Dual Attitudes Model, Harsh Parekh, Andrew SchwarzThe Blend of Human Cognition and AI Automation: What Will ChatGPT Do to the Cybersecurity Landscape?, Hwee-Joo Kam, Chen Zhong, Hong Liu, Allen JohnstonIntro audio for the Cyber Ways Podcast Outro audio for Cyber Ways PodcastCyber Ways is brought to you by the Center for Information Assurance, which is housed in the College of Business at Louisiana Tech University. The podcast is made possible through a "Just Business Grant," which is funded by the University's generous donors.https://business.latech.edu/cyberways/

Guest: Dr. Ryan Ko, Professor of Cybersecurity, University of Queensland [@UQ_News]On Twitter | https://twitter.com/ryan_kl_koOn LinkedIn |https://www.linkedin.com/in/ryan-ko-38894824/________________________________Host: Mansi ThakarOn ITSPmagazine  

This book documents events experienced after becoming a Whistleblower against the most powerful debt collection organization in the world. Using fictional characters and conversations, this story exposes efforts to cause financial, emotional, and mental harm to me, my family, and my friends. Tactics such as privacy violations, illegal monitoring and surveillance, misuse of government records, and violation of trusted agreements with third-party banking, healthcare, credit, government officials and data are exploited by this institution to achieve their goal. About The Author: I am a senior leader with over 20 years of experience focused on business, finance, and acquisition management. I'm a change agent; transforming and improving business operations and processes. I have two Masters degrees in Business Administration and Information Systems, and a Bachelor of Science degree in Medical and Research Technology. I am also certified in Information Assurance (cybersecurity) and Project Management. I am by no means ignorant or naive. For several years, I worked for the Federal government with no problems, until I decided to take a stand against corruption. I did not know that taking on this new role would also mean a new title - a Whistleblower. You can puchase a copy of the book here: https://www.writersrepublic.com/bookshop/digital-assassins-surviving-cyberterrorism-and-digital-assassination-attempt --- Support this podcast: https://podcasters.spotify.com/pod/show/steve-richards/support

Ever thought about the digital footprints you leave while surfing the web? What about those convenient log-ins via multiple accounts - ever wondered about the risks involved? This week, we're thrilled to talk with Professors France Belanger and Donna Wertalik of Virginia Tech University's Pamplin College of Business to help us unravel these intriguing questions. They're here to discuss their groundbreaking initiative, Voices of Privacy (https://www.voicesofprivacy.com/), aimed at raising awareness about the significance of online privacy and empowering individuals to make informed decisions about their data.Navigating the digital world can be a complex affair, with pitfalls and challenges at every turn. In our conversation with Prof. Belanger and Prof. Wertalik, we dissect the crucial distinction between security and privacy, highlighting the understated importance of data protection. We also touch upon the increasingly blurred lines between convenience and privacy, scrutinizing the risks of logging into websites and apps with multiple accounts. Besides, we evaluate the role of big corporations in safeguarding consumer data and the dire need for raising awareness about this issue.As we dig deeper into this compelling conversation, we explore the Voices of Privacy initiative further. We discuss their treasure trove of resources, including engaging webisodes and insightful talks with privacy experts. We also evaluate the upcoming webisodes on children's privacy and privacy during vacation - essential, thought-provoking content that everyone should check out. So, brace yourself for an enlightening exploration of online privacy and how you can better protect your data.Voices of Privacy website: https://www.voicesofprivacy.com/Intro audio for the Cyber Ways Podcast Outro audio for Cyber Ways PodcastCyber Ways is brought to you by the Center for Information Assurance, which is housed in the College of Business at Louisiana Tech University. The podcast is made possible through a "Just Business Grant," which is funded by the University's generous donors.https://business.latech.edu/cyberways/

Guest: Ryan Leirvik, CEO of Neuvik [@Neuvik]On LinkedIn | https://www.linkedin.com/in/leirvik/____________________________Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martin____________________________This Episode's SponsorsImperva | https://itspm.ag/imperva277117988Pentera | https://itspm.ag/penteri67a___________________________Episode NotesIn this episode of Redefining Cybersecurity podcast, host Sean Martin discusses the fundamentals of risk management in cybersecurity with Ryan Leirvik, author of "Understand, Manage and Measure Cyber Risk: Practical Solutions for Creating a Sustainable Cyber Program." The conversation centers around the importance of understanding risk management in cybersecurity, categorizing assets, and identifying what's important to the business versus what's important to the individual. They also discuss the need to use frameworks like NIST-CSF to define and categorize risks and the importance of responding quickly to active threats and having a plan in place for recovery. Sean and Ryan provide practical advice for creating a sustainable cyber program that prioritizes risk management and explain how to set the stage for conversations about cybersecurity with stakeholders. Overall, the episode provides valuable insights into risk management in cybersecurity and how to prioritize and protect critical assets.ABOUT THE BOOKWhen it comes to managing cybersecurity in an organization, most organizations tussle with basic foundational components. This practitioner's guide lays down those foundational components, with real client examples and pitfalls to avoid.A plethora of cybersecurity management resources are available―many with sound advice, management approaches, and technical solutions―but few with one common theme that pulls together management and technology, with a focus on executive oversight. Author Ryan Leirvik helps solve these common problems by providing a clear, easy-to-understand, and easy-to-deploy "playbook" for a cyber risk management approach applicable to your entire organization.This second edition provides tools and methods in a straight-forward, practical manner to guide the management of a cybersecurity program. Expanded sections include the critical integration of cyber risk management into enterprise risk management, the important connection between a Software Bill of Materials and Third-party Risk Programs, and additional "how to" tools and material for mapping frameworks to controls.Who This Book Is ForCISOs, CROs, CIOs, directors of risk management, and anyone struggling to pull together frameworks or basic metrics to quantify uncertainty and address risk____________________________Watch this and other videos on ITSPmagazine's YouTube ChannelRedefining CyberSecurity Podcast with Sean Martin, CISSP playlist:

Guest: Ryan Leirvik, CEO of Neuvik [@Neuvik]On LinkedIn | https://www.linkedin.com/in/leirvik/____________________________Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martin____________________________This Episode's SponsorsImperva | https://itspm.ag/imperva277117988Pentera | https://itspm.ag/penteri67a___________________________Episode NotesIn this episode of Redefining Cybersecurity podcast, host Sean Martin discusses the fundamentals of risk management in cybersecurity with Ryan Leirvik, author of "Understand, Manage and Measure Cyber Risk: Practical Solutions for Creating a Sustainable Cyber Program." The conversation centers around the importance of understanding risk management in cybersecurity, categorizing assets, and identifying what's important to the business versus what's important to the individual. They also discuss the need to use frameworks like NIST-CSF to define and categorize risks and the importance of responding quickly to active threats and having a plan in place for recovery. Sean and Ryan provide practical advice for creating a sustainable cyber program that prioritizes risk management and explain how to set the stage for conversations about cybersecurity with stakeholders. Overall, the episode provides valuable insights into risk management in cybersecurity and how to prioritize and protect critical assets.ABOUT THE BOOKWhen it comes to managing cybersecurity in an organization, most organizations tussle with basic foundational components. This practitioner's guide lays down those foundational components, with real client examples and pitfalls to avoid.A plethora of cybersecurity management resources are available―many with sound advice, management approaches, and technical solutions―but few with one common theme that pulls together management and technology, with a focus on executive oversight. Author Ryan Leirvik helps solve these common problems by providing a clear, easy-to-understand, and easy-to-deploy "playbook" for a cyber risk management approach applicable to your entire organization.This second edition provides tools and methods in a straight-forward, practical manner to guide the management of a cybersecurity program. Expanded sections include the critical integration of cyber risk management into enterprise risk management, the important connection between a Software Bill of Materials and Third-party Risk Programs, and additional "how to" tools and material for mapping frameworks to controls.Who This Book Is ForCISOs, CROs, CIOs, directors of risk management, and anyone struggling to pull together frameworks or basic metrics to quantify uncertainty and address risk____________________________Watch this and other videos on ITSPmagazine's YouTube ChannelRedefining CyberSecurity Podcast with Sean Martin, CISSP playlist:

ChatGPT burst into public awareness only a few months ago. The popularity of ChatGPT and similar generative AI tools offer great promise, but also represent significant threats to cybersecurity. In this episode of Cyber Ways, Tom and Craig have a fascinating discussion with Dr. Karen Renaud of the University of Strathclyde and Dr. Merrill Warkentin of Mississippi State University about their recent article in MIT Sloan Management Review, which they co-authored with George Westerman of MIT's Sloan School of Management.Drs. Renaud and Warkentin talk about the effects of generative AI on cybersecurity and how these tools represent a threat, but can also be part of the solution. We talk about the importance of going beyond policies and describe new ways of thinking about cybersecurity. Renaud, K., Warkentin, M., & Westerman, G. (2023). From ChatGPT to HackGPT: meeting the cybersecurity threat of generative AI. https://pureportal.strath.ac.uk/en/publications/from-chatgpt-to-hackgpt-meeting-the-cybersecurity-threat-of-gener Intro audio for the Cyber Ways Podcast Outro audio for Cyber Ways PodcastCyber Ways is brought to you by the Center for Information Assurance, which is housed in the College of Business at Louisiana Tech University. The podcast is made possible through a "Just Business Grant," which is funded by the University's generous donors.https://business.latech.edu/cyberways/

Phishing attempts remain an important attack vector, despite efforts to mitigate their effectiveness. In this episode of Cyber Ways, Tom and Craig talk with Dr. Deanna House of the University of Nebraska - Omaha about her paper that examines the relationship between fear messaging and the success of phishing attempts. Dr. House gives some actionable advice to security professionals who want to help their users avoid falling victim to phishing attempts.Intro audio for the Cyber Ways Podcast Outro audio for Cyber Ways PodcastCyber Ways is brought to you by the Center for Information Assurance, which is housed in the College of Business at Louisiana Tech University. The podcast is made possible through a "Just Business Grant," which is funded by the University's generous donors.https://business.latech.edu/cyberways/

Security professionals often treat users as a major problem with securing information assets. But what if we could view humans as the SOLUTIONS?  Users aren't the enemy of security professionals and they shouldn't be treated as such. Our guest, Dr. Karen Renaud of Strathclyde University in Glasgow, Scotland, joins us to talk about the importance of treating users as allies, not the enemy, building a culture of security that focuses on successes, encourages learning, and builds resilience.Many of her ideas are captured in her 2019 paper:Zimmermann, V., & Renaud, K. (2019). Moving from a ‘human-as-problem” to a ‘human-as-solution” cybersecurity mindset. International Journal of Human-Computer Studies, 131, 169-187.Intro audio for the Cyber Ways Podcast Outro audio for Cyber Ways PodcastCyber Ways is brought to you by the Center for Information Assurance, which is housed in the College of Business at Louisiana Tech University. The podcast is made possible through a "Just Business Grant," which is funded by the University's generous donors.https://business.latech.edu/cyberways/

Security is everyone's job. This is a common feeling among cyber security professionals, but users may feel differently. In this episode of Cyber Ways, Tom and Craig talk about why this may be so, and what security professionals can do about it.Citation: Van Slyke, C., & Belanger, F. (2020). Explaining the interactions of humans and artifacts in insider security behaviors: The mangle of practice perspective. Computers & Security, 99, 102064.For a copy of the paper, email vanslyke@latech.edu.Intro audio for the Cyber Ways Podcast Outro audio for Cyber Ways PodcastCyber Ways is brought to you by the Center for Information Assurance, which is housed in the College of Business at Louisiana Tech University. The podcast is made possible through a "Just Business Grant," which is funded by the University's generous donors.https://business.latech.edu/cyberways/

For 5 years, we have experimented with technology, people, and process controls at RELX, all designed to create an integrated framework for phishing mitigation. I'll speak about technology we've adopted (and that we haven't). I'll speak about failures in industry efforts (e.g., digital signatures). I'll speak about behavioral science and how we have adopted its concepts to drive behavior change. I'll speak about the "human is the weakest link/humans are our strongest link" debate raging in the industry today. I'll tell you where we still struggle as a company and as an industry. This topic will drive conversation, because everyone gets phishing emails; and everyone thinks they have a solution. About the speaker: Aurobindo Sundaram is the Head of Information Assurance & Data Protection at RELX, a global provider of information and analytics for professional and business customers across industries. He works closely with the company's Board of Directors, Group & division CEOs and functional heads, Chief Technology Officers, and Chief Information Security Officers to articulate and implement RELX's global information security program. His remit extends across 30,000+ employees, offices in 40+ countries, and customers in 180+ countries. Aurobindo has graduate degrees in computer science and management and is a CISSP.

In this episode, Ty Sbano, an Information Security executive with over 17 years of experience heavily focused on empowering end users securely, talks about “Empathy-Driven Process Development.” He speaks about driving change and how we are changed by empathy. Key takeaways: What is empathy-driven process development Taking yourself out of the equation when changing processes How fast do you want to drive change Understand the impact of change on people The larger the scale of the impact, the more time you might need Understanding your change curve and having your champions Avoiding thrash by making only a finite number of touches to your process Intentional process development Thinking about the process, so your successor is set up for success About today's guest: Ty Sbano is an Information Security executive with over 17 years of experience heavily focused on empowering end users securely. Ty currently serves as Vercel's Chief Information Security Officer (CISO). Previously, Ty was the Chief Security & Trust Officer at Sisense. Ty's career has been focused on developing application and product security programs for Capital One, JPMorgan Chase, LendingClub, and Target. Key areas of knowledge include developing security champions, threat modeling, secure code training, static code analysis, component analysis, dynamic analysis, penetration testing, and red teaming. Outside of being a CISO, Ty is an active angel investor in Silicon Valley CISO Investment Groups (SVCI) and advisor to Cider Security, Nightfall.ai, and Identify Security. Ty's security mentality has been concentrated on enabling engineering and product teams to move securely at the speed of the business to make it a competitive advantage. Ty graduated from Penn State University with a B.S. in Information Science & Technology and from Norwich University with a M.S. in Information Assurance. He currently holds a CISSP, CEH, CCSK, and CPT. LinkedIn: https://www.linkedin.com/in/tysbano/ Thank you so much for checking out this episode of The Tech Trek, and we would appreciate it if you would take a minute to rate and review us on your favorite podcast player. Want to learn more about us? Head over at https://www.elevano.com Have questions or want to cover specific topics with our future guests? Please message me at https://www.linkedin.com/in/amirbormand (Amir Bormand)

Welcome to Ideagen Insights, Ideagen's official audit and risk management podcast. In this episode, Stephanie Jones is joined by Vince Warrington, CEO of Protective Intelligence. Together they explore the topic of cybersecurity, discussing what organizations can do to mitigate the risks of cyber-attacks and looking at what the future of cybersecurity looks like for businesses.Vince is a Cybersecurity and Information Assurance professional and the CEO of Protective Intelligence. He is also a member of the Information Assurance Advisory Council and the UK Cyber Security Forum. Vince works to help organizations move away from traditional IT Security to a model where everyone within their organization works towards the common goal of protecting information through joint responsibility and coordinated thinking. 

In this episode of The New CISO, Steve is joined by Jason Hamilton, CISO at Mutual of Omaha, to discuss how having a military background leads to security success. After twenty-two years in the U.S. Marine Corps, Jason was able to take his skillset and move into the cyber security industry. Today, he shares what he learned over the years that prepared him for the career he has today. Listen to the episode to learn more about Jason's military experience, tips for officers entering the civilian workforce, and the importance of corporate mentorship. Listen to Steve and Jason discuss ways for veterans to transition into the corporate world: Meet Jason (1:45) Host Steve Moore introduces our guest today, Jason Hamilton. Jason shares his first mission as a Communications Systems and Information Officer. Jason also divulges what a higher-ranking officer should do, such as refining leadership skills and managing efficiently.  Essential Lessons (8:30) Steve presses Jason on what else he learned from his early days as an officer. Jason explains that there's no such thing as a perfect leader, and everyone makes mistakes. The key is to learn from your mistakes when you're young, which applies to both the military and corporate world. Civilian Training (10:01) When Jason first joined the Marine Corps, information technology was separate from his role.  To move up, Jason had to learn to work with data on the battlefield and eventually took on an instructor position. To get smart fast, he took civilian classes to ensure he could adequately train other officers on information and data. Part Of The Job (14:56) As Jason rose through the ranks, working with data remained. Jason learned about Cyber, formerly known as Information Assurance, and how it became a priority of the Marine Corps. As Cyber became part of the military, it became more and more a part of Jason's career.  The Last Ten Years (19:22) Jason reflects on his last ten years in the corps. Like anyone who has long served, he had to broaden his horizons to reach a different level, often through education. Jason had a strictly cyber role by the end of his military career and focused on leadership. Ultimately, Jason credits everything he did in the Marine Corps for preparing him for the corporate world. General Feeback (22:55) Steve presses Jason for advice he can give other officers looking to transition into civilian work.  Jason reminds officers to humble themselves when entering the corporate sector because co-workers may not care about their military past. Also, he urges officers to work on resume writing and seek mentorship when looking for a job.  Lessons On Corporate Culture (32:10) When veterans come into an interview, there is a natural culture shock, primarily because workers are not as likely to be Type A outside the military. Other differences are incorporating empathy and listening into your leadership style.  While it is up to you to quickly solve a problem in the military, in the corporate world, there is much more emphasis on nurturing your team to fix workplace issues. The Mentor Relationship (35:31) Jason used to meet his corporate mentor once a month and learned after his first meeting that he would need to drive the conversation. Jason then would send his mentor his agenda two weeks ahead of time to ensure that he would make the most out of every encounter. Ultimately, veterans need to show initiative when transitioning into civilian work. The End Of The Mentorship (37:37) Steven asks Jason what officers should gain from a corporate mentorship program. Besides resume writing, Jason urges veterans to learn how to negotiate salaries and familiarize themselves with corporate culture. Finally, A CISO (41:58) Now a CISO, Jason shares his goals when starting his cyber security career. His first goal was to give himself two years in the corporate world to see how he fared. His next goal was to learn how to...

Every day we hear about cyber attacks and information data breaches. We live in almost a complete digital cloud where all your business information, your customer's information, and other data is accessible through the internet. How do you keep that information in the right hands? The team at Rochester Institute of Technology's ESL Global Cybersecurity Institute has some terrific ways for companies to test just how strong their cyber security is. Join us to hear from one of the team members in this very important episode of TST as we learn ways to keep our information safe and secure. More About Justin Pelletier Connect on LinkedIn: www.linkedin.com/in/justinmpelletier Justin Pelletier is the Director of the Cyber Range and Training Center in RIT's Global Cybersecurity Institute. As a component of this work, he trains and leads student teams to perform security assessments for partner organizations. He also oversees cybersecurity competitions that bring together top cyber talent from across the globe. As a Professor of Practice in the Department of Computing Security, Dr. Pelletier teaches at the undergraduate and graduate levels and helped to bring the Hacking for Defense initiative to RIT. He holds a PhD in Information Assurance and Security, an MBA in Entrepreneurship, and a BS in Computer Science. He is also a combat veteran and currently serves as a Major in the U.S. Army Reserve. More About the ESL Global Cybersecurity Institute at RIT Website: www.rit.edu/cybersecurity Follow on LinkedIn: www.linkedin.com/company/rit-esl-global-cybersecurity-institute RIT's ESL Global Cybersecurity Institute educates and trains cybersecurity professionals; develops new cybersecurity and AI-based knowledge for industry, academia, and government; and performs systems and network security testing for a wide range of partners. Founded in 2020, the ESL Global Cybersecurity Institute at RIT is a world-class facility dedicated to cybersecurity. Their students and researchers are working to build secure systems, software, devices, and technologies of the future, while providing resources to commercialize methods, algorithms, software, devices, and designs in cybersecurity to launch scalable entrepreneurial ventures. More About That Sounds Terrific - Host Nick Koziol For more information on our Podcast, That Sounds Terrific visit our website at www.thatsoundsterrific.com and be sure to follow us on Facebook, Twitter, and Instagram. If you or someone you know are doing some terrific things that should be featured by our show then be sure to reach out by emailing us at thatsoundsterrfic@gmail.com. Special Thank You to Our Sponsors & Key Supporters: Chris Jones of Chris Jones Media for the Introduction and Outro recordings for That Sounds Terrific. Into and Outro animation created in collaboration with Ben Albert of Balbert Marketing, LLC. Boost your business popularity, traffic, and conversions online! The video and audio portions of this podcast are powered by the Vidwheel Creator Network. Join Neil Carrol and be a part of the network that allows you to learn and develop video skills. Make powerful video content while looking terrific on camera so that you can sustain and grow your businesses. Reach a wider audience of clients and partners who need to hear your message and develop the flexibility in your businesses to thrive in a turbulent world. --- Support this podcast: https://podcasters.spotify.com/pod/show/thatsoundsterrific/support

Sometimes, as cybersecurity professionals, it's easy to forget what an attack is like for a user. In this episode, Tom interviews his Mother about a recent attack. Mom tells an interesting cautionary tale of falling for a convincing phishing attack. Tom and I offer thoughts on how security professionals can help users avoid such exploits.Cyber Ways is brought to you by the Center for Information Assurance, which is housed in the College of Business at Louisiana Tech University. The podcast is made possible through a "Just Business Grant," which is funded by the University's generous donors.Intro audio for the Cyber Ways Podcast Outro audio for Cyber Ways PodcastCyber Ways is brought to you by the Center for Information Assurance, which is housed in the College of Business at Louisiana Tech University. The podcast is made possible through a "Just Business Grant," which is funded by the University's generous donors.https://business.latech.edu/cyberways/

➡️ Like The Podcast? Leave A Rating: https://ratethispodcast.com/successstory   ➡️ About The Guest⁣ Andrew Nichols has been a Technical Pre-Sales Engineer for Samsung for 8 years and has been focused on delivering secure mobile solutions to many brands and companies you recognize. He is focused on living an independent and eco-friendly lifestyle with his family; growing food for the year, raising a flock of chickens, harvesting rainwater, and collecting solar energy to power his EV and E-Bike.  Andrew graduated from the University of Washington with a B.S. in Informatics and a focus on Information Assurance which spearheaded his interest in the world of privacy and security. Currently, Andrew has been volunteering and leading an organization in his community known as the ReMakery which is dedicated to helping teach and perform repairs for broken items in his community, as well as investigating using tech and techniques to turn trash into desirable products and objects. ➡️ Show Links https://www.linkedin.com/in/seattleandrew/  https://samsungknox.com/    ➡️ Check out Samsung Knox https://youtu.be/PHNfZ0fBMuI https://youtu.be/miO4nTBDois ➡️ Podcast Sponsors HUBSPOT - https://hubspot.com/ ➡️ Talking Points⁣ 00:00 - Intro 03:07 - Andrew Nichols's origin story 05:26 - What was the first job that allowed Andrew Nichols to start learning about what he's doing now? 10:03 - Why did Andrew pursue a field that is mission critical? 12:45 - The current environment for corporate security 24:39 - Solving human problems regarding corporate security 31:57 - How do people get attacked and how is their security compromised in an organization? 42:40 - Some mobile security cases that weren't set up properly 45:10 - Why did Samsung want to champion security? 49:10 - What differentiates Samsung Knox from other mobile security systems? 54:43 - What were some of the most interesting deployments made by Andrew Nichols? 1:00:39 - Some new things that will prevail in mobile security in the next 5 years 1:09:27 - Where can people connect with Andrew Nichols? 1:10:55 - What keeps Andrew up at night? 1:13:51 - The biggest challenge Andrew has ever faced in his life 1:16:51 - The most impactful person in Andrew's life 1:19:15 - A book, podcast, or source to learn from recommended by Andrew Nichols Learn more about your ad choices. Visit podcastchoices.com/adchoices

Joining the podcast this week is Tony Sager, Senior Vice President and Chief Evangelist for the Center of Internet Security and shares insights from his 45+ years on the security front lines, including 34 years at the NSA. Risk was a big theme of the discussion particularly looking at risk through a similar lens as we view other risky domains, such as the great work being done with the Cyber Safety Review Board. (And he shares color on the power of being okay with the risk of being wrong sometimes.) He also shares perspective on moving to incentive-based cyber models (such as what's been done in Ohio and Connecticut), and the criticality of translating technology, attacks & attackers into public policy and market incentives. And it can't be a great cyber discussion without addressing the growing sophistication of cyber criminals and their organizations – really becoming the defacto organized crime success path today. Tony Sager, Senior Vice President and Chief Evangelist for the Center for Internet Security Sager is a SVP and Chief Evangelist for CIS. He leads the development of the CIS Critical Security Controls™, a worldwide consensus project to find and support technical best practices in cybersecurity. Sager champions of use of CIS Controls and other solutions gleaned from previous cyber-attacks to improve global cyber defense. He also nurtures CIS's independent worldwide community of volunteers, encouraging them to make their enterprise, and the connected world, a safer place. In November 2018, he added strategy development and outreach for CIS to his responsibilities. In addition to his duties for CIS, he is an active volunteer in numerous community service activities: the Board of Directors for the Cybercrime Support Network; and a member of the National Academy of Sciences Cyber Resilience Forum; Advisory Boards for several local schools and colleges; and service on numerous national-level study groups and advisory panels. Sager retired from the National Security Agency (NSA) after 34 years as an Information Assurance professional. He started his career there in the Communications Security (COMSEC) Intern Program, and worked as a mathematical cryptographer and a software vulnerability analyst. In 2001, Sager led the release of NSA security guidance to the public. He also expanded the NSA's role in the development of open standards for security. Sager's awards and commendations at NSA include the Presidential Rank Award at the Meritorious Level, twice, and the NSA Exceptional Civilian Service Award. The groups he led at NSA were also widely recognized for technical and mission excellence with awards from numerous industry sources, including the SANS Institute, SC Magazine, and Government Executive Magazine. For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e197

In this episode of Cyber Ways, Dr. Jeffrey Proudfoot of Bentley University joins Tom and Craig to discuss his research on how cybersecurity regulations affect cybersecurity maturity. Dr. Proudfoot is collaborating with Dr. Stuart Madnick of MIT's Sloan School of Business on this program of research. Dr. Proudfoot is an associate professor on information and process management in Bentley's business school and is also a research affiliate at MIT's "Cybersecurity at MIT Sloan" research group. He holds a Ph.D. in management information systems from the University of Arizona. Dr. Proudfoot's research focuses on various aspects of cybersecurity. He has published over 40 scholarly works, including articles in some of our top journals, including MIS Quarterly, Journal of the Association for Information Systems, and Journal of Management Information Systems. He has also received over $1 million in research funding from agencies such as the National Science Foundation.Citation: Proudfoot, J. and Madnick, S. (2022). Regulatory facilitators and impediments impacting cybersecurity maturity, Proceedings of the Twenty-Eighth Americas Conference on Information Systems, Minneapolis.Cyber Ways is brought to you by the Center for Information Assurance, which is housed in the College of Business at Louisiana Tech University. The podcast is made possible through a "Just Business Grant," which is funded by the University's generous donors.Intro audio for the Cyber Ways Podcast Outro audio for Cyber Ways PodcastCyber Ways is brought to you by the Center for Information Assurance, which is housed in the College of Business at Louisiana Tech University. The podcast is made possible through a "Just Business Grant," which is funded by the University's generous donors.https://business.latech.edu/cyberways/

Ken Underhill's CyberLife.Tv is the ONLY Cybersecurity television show out there. This impressive television personality has been featured in Forbes, Reader's Digest, Medium, Tech Republic, Fox, NBC, Dark Reading, Voyage Houston Magazine, MSN Money, and many more places.Ken shares the history behind his television debut, the secret to successful branding, the circle of focus, and plenty of tips and tricks along the way!Ken's background ranges from pediatric nursing to the IT side of the house.. He has a master of science in Cybersecurity and Information Assurance. He holds board seats and advisory roles for several organizations. His TV show streams on over 100 platforms and averages over $2 million viewers per month.__________________________GuestKen UnderhillCEO, Executive Producer, Television Show Host at Cyber LifeOn LinkedIn | https://www.linkedin.com/in/kenunderhill/On YouTube | https://www.youtube.com/c/CyberLifeTVHostsJax ScottOn ITSPmagazine  

Ken Underhill's CyberLife.Tv is the ONLY Cybersecurity television show out there. This impressive television personality has been featured in Forbes, Reader's Digest, Medium, Tech Republic, Fox, NBC, Dark Reading, Voyage Houston Magazine, MSN Money, and many more places.Ken shares the history behind his television debut, the secret to successful branding, the circle of focus, and plenty of tips and tricks along the way!Ken's background ranges from pediatric nursing to the IT side of the house.. He has a master of science in Cybersecurity and Information Assurance. He holds board seats and advisory roles for several organizations. His TV show streams on over 100 platforms and averages over $2 million viewers per month.__________________________GuestKen UnderhillCEO, Executive Producer, Television Show Host at Cyber LifeOn LinkedIn | https://www.linkedin.com/in/kenunderhill/On YouTube | https://www.youtube.com/c/CyberLifeTVHostsJax ScottOn ITSPmagazine  

Human trafficking is a huge, growing global problem. Sex trafficking is the most pervasive form of human trafficking. In this episode, we discuss how the Deliver Fund uses information technology to help law enforcement track the traffickers through their P.A.T.H. system. Drs. Giddens and Petter also discuss their research into factors that affect law enforcement officers' use of P.A.T.H.Dr. Laurie Giddens is an assistant professor in the department of Technology and Decision Sciences at North Texas University.Dr. Stacie Petter is a professor in the School of Business at Wake Forest University.Giddens, L., Petter, S., & Fullilove, M. H. (2021). Information technology as a resource to counter domestic sex trafficking in the United States. Information Systems Journal.Cyber Ways is brought to you by the Center for Information Assurance, which is housed in the College of Business at Louisiana Tech University. The podcast is made possible through a "Just Business Grant," which is funded by the University's generous donors.Intro audio for the Cyber Ways Podcast Outro audio for Cyber Ways PodcastCyber Ways is brought to you by the Center for Information Assurance, which is housed in the College of Business at Louisiana Tech University. The podcast is made possible through a "Just Business Grant," which is funded by the University's generous donors.https://business.latech.edu/cyberways/

Protecting organizational information systems and information assets is a complex undertaking for both security professionals and end-users. In this episode of Cyber Ways, we discuss behavioral complexity as it relates to end-users' security behaviors with Dr. Clay Posey of Brigham Young University and Dr. Tom Roberts of the University of Texas at Tyler. We talk with Drs. Posey and Roberts about their 2017 paper, Insiders' Adaptations to Security-Based Demands in the Workplace: An Examination of Security Behavioral Control, which was published in Information Systems Frontiers.Security Roles:Account protectionReporting of suspicious behaviorPolicy-driven awareness and actionVerbal and electronic sensitive-information protectionLegitimate email handlingProtection against unauthorized exposureDistinctive security etiquetteSecure software, email, and Internet useAppropriate data entry and managementWireless installationWidely applicable security etiquetteCo-worker relianceDocument conversionEquipment location and storageBurns, A. J., Posey, C., & Roberts, T. L. (2021). Insiders' adaptations to security-based demands in the workplace: An examination of security behavioral complexity. Information Systems Frontiers, 23(2), 343-Intro audio for the Cyber Ways Podcast Outro audio for Cyber Ways PodcastCyber Ways is brought to you by the Center for Information Assurance, which is housed in the College of Business at Louisiana Tech University. The podcast is made possible through a "Just Business Grant," which is funded by the University's generous donors.https://business.latech.edu/cyberways/

In this episode, G.S. Gerry, author of Meth, Murder and Amazon, talks with us about his crazier than fiction true story of selling his home in Colorado where he was accused of murder and cooking meth in his garage. Three realtors later, he created a major media storm that backfired on him. This father of four is hilarious and down-to-earth. He writes in a way that is engaging and hysterical. As a hybrid publisher, offering authors a traditional publishing experience, we understand that publishing can be a labor of love and sometimes self-publishing is the best route. If you're willing to put in the time sourcing your own editors, designing your book and teaching yourself the publishing process you can save yourself quite a bit of money. Self-publishing isn't for everyone, but for G.S. Gerry, who has a Master's degree in Information Assurance and Cybersecurity, it was the perfect fit. We talked a bit about his writing process (he wrote it on his phone!), how he included his wife and some friends along the way and what he's doing to market his new book today. We wish him the best and encourage you to check out his website at https://grakeden.com/. For more about getting your book published we invite you to download our free publishing guide at https://www.olearypublishing.com/ where you can also secure a session to Pitch the Publisher while we're in open submission season. --- Send in a voice message: https://anchor.fm/olearypublishing/message

Organizational insiders represent the biggest threat to information security. Because of this, controlling insider computer abuse remains an important cyber security priority. In this episode of Cyber Ways, Dr, A.J Burns of Louisiana State University, and Dr. Bryan Fuller of Louisiana Tech University discuss their research into the tensions between insider's motivations to commit computer abuse, and organization's attempts to control such behavior.Intro audio for the Cyber Ways Podcast Outro audio for Cyber Ways PodcastCyber Ways is brought to you by the Center for Information Assurance, which is housed in the College of Business at Louisiana Tech University. The podcast is made possible through a "Just Business Grant," which is funded by the University's generous donors.https://business.latech.edu/cyberways/

The COVID-19 pandemic forced many people, and organizations, into telework, which led to the question of how to properly monitor teleworkers. In this episode of Cyber Ways, we talk with Grant Clary about his research into teleworker surveillance and how different modes of surveillance affect teleworker well-being.Intro audio for the Cyber Ways Podcast Outro audio for Cyber Ways PodcastCyber Ways is brought to you by the Center for Information Assurance, which is housed in the College of Business at Louisiana Tech University. The podcast is made possible through a "Just Business Grant," which is funded by the University's generous donors.https://business.latech.edu/cyberways/

Podcast: Cybercrime Magazine Podcast (LS 30 · TOP 10% what is this?)Episode: The Cyber Threat. Are Nuclear Power Plants At Risk? Hany Abdel-Khalik, Purdue University.Pub date: 2022-03-03Hany Abdel-Khalik is an Associate Professor of Nuclear Engineering and Researcher with Purdue University's Center for Education and Research in Information Assurance and Security (CERIAS) who, along with his students, created an algorithm to protect electric grids, manufacturing facilities, and nuclear power plants from cyber attacks. In this episode of Cybercrime Radio, Hany joins host Paul John Spaulding to discuss whether nuclear power plants are actually at risk for a cyber attack, how vulnerable electrical grids and manufacturing systems may be, and more. To learn more about Hany's work, visit https://cerias.purdue.edu • For more on cybersecurity, visit us at https://cybersecurityventures.comThe podcast and artwork embedded on this page are from Cybercrime Magazine, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Hany Abdel-Khalik is an Associate Professor of Nuclear Engineering and Researcher with Purdue University's Center for Education and Research in Information Assurance and Security (CERIAS) who, along with his students, created an algorithm to protect electric grids, manufacturing facilities, and nuclear power plants from cyber attacks. In this episode of Cybercrime Radio, Hany joins host Paul John Spaulding to discuss whether nuclear power plants are actually at risk for a cyber attack, how vulnerable electrical grids and manufacturing systems may be, and more. To learn more about Hany's work, visit https://cerias.purdue.edu • For more on cybersecurity, visit us at https://cybersecurityventures.com

When it comes to security controls and communications, more may be less. More complex security requirements, increased security communication, and complex security policies may actually lead to less secure end-user behaviors. Why? Security fatigue -- users simply feel worn out by having to deal with information security. In this episode of Cyber Ways, Dr. John D'Arcy of the University of Delaware joins us to discuss his research (conducted with Alec Cram of the University of Waterloo, and Jeffrey Proudfoot of Bentley University) on the causes, symptoms, and consequences of security fatigue.Citation: Cram, W. A., Proudfoot, J. G., & D'Arcy, J. (2021). When enough is enough: Investigating the antecedents and consequences of information security fatigue. Information Systems Journal, 31(4), 521-549.Intro audio for the Cyber Ways Podcast Outro audio for Cyber Ways PodcastCyber Ways is brought to you by the Center for Information Assurance, which is housed in the College of Business at Louisiana Tech University. The podcast is made possible through a "Just Business Grant," which is funded by the University's generous donors.https://business.latech.edu/cyberways/

In this episode of Cyber Ways, Tom and Craig discuss a classic behavioral security paper that explores how users rationalize their purposeful violations of security policy. Listen and learn the six common rationalizations and what security managers can do to reduce their effects.Citation:Siponen, M., & Vance, A. (2010). Neutralization: new insights into the problem of employee information systems security policy violations,  MIS Quarterly, 34(3), 487-502.Intro audio for the Cyber Ways Podcast Outro audio for Cyber Ways PodcastCyber Ways is brought to you by the Center for Information Assurance, which is housed in the College of Business at Louisiana Tech University. The podcast is made possible through a "Just Business Grant," which is funded by the University's generous donors.https://business.latech.edu/cyberways/

Joining us today are Matt Lee and Gerald Auger to discuss the recent actions against REvil and Ukraine under threat. Dr. Auger is a 15+ year cybersecurity professional, academic, and author. He has been the cybersecurity architect at MUSC, a multi-billion dollar academic medical center. He is currently a partner in a cybersecurity consulting firm, adjunct faculty at The Citadel Military College, and chief content creator of the successful YouTube channel SimplyCyber where he aims to bring Cybersecurity Education At Scale. Dr. Auger holds a PhD in cyber operations and two Masters in Computer Science and Information Assurance. Matt Lee has dedicated the last 10 years to raising the security tide in the SMB market. His efforts have served in every capacity in a growing MSP that grew to support 20,000 endpoints. His leadership around technology direction and security/compliance protected and elevated over 17,000 people in Small to midsize businesses in five states. He has since taken on a new role as a force multiplier under Brad Fugitt as the Senior director of Security and Compliance at Pax8. He is driving the external thought leadership to empower MSPs to continue to grow in their security knowledge and operability. He lives to ensure his children maintain the same quality of life we do around technology, which is imperiled daily by threat actors. Matt Lee https://cybermattlee.com https://www.twitter.com/cybermattlee https://www.linkedin.com/in/cybermattlee/ https://www.youtube.com/cybermattlee Gerald Auger Ph.D. https://www.linkedin.com/in/geraldauger/ https://www.youtube.com/c/GeraldAuger Eric Taylor https://www.linkedin.com/in/ransomware/ https://twitter.com/barricadecyber https://www.barricadecyber.com https://www.buymeacoffee.com/erictaylor Shiva Maharaj https://www.linkedin.com/in/shivamaharaj https://twitter.com/kontinuummsp https://www.kontinuum.com/ https://www.buymeacoffee.com/shivaemmvaemm --- Support this podcast: https://anchor.fm/amplifiedandintensified/support

Dr. Auger is a 15+ year cybersecurity professional, academic, and author. He has been the cybersecurity architect at MUSC, a multi-billion dollar academic medical center. He is currently a partner in a cybersecurity consulting firm, adjunct faculty at The Citadel Military College, and chief content creator of the successful YouTube channel SimplyCyber where he aims to bring Cybersecurity Education At Scale. Dr. Auger holds a PhD in cyber operations and two Masters in Computer Science and Information Assurance. https://www.linkedin.com/in/geraldauger/ https://www.youtube.com/c/GeraldAuger https://twitter.com/Gerald_Auger https://simplycyber.io Eric Taylor https://www.linkedin.com/in/ransomware/ https://twitter.com/barricadecyber https://www.barricadecyber.com https://www.buymeacoffee.com/erictaylor Shiva Maharaj https://www.linkedin.com/in/shivamaharaj https://twitter.com/kontinuummsp https://www.kontinuum.com/ https://www.buymeacoffee.com/shivaemmvaemm --- Support this podcast: https://anchor.fm/amplifiedandintensified/support

Every day we are bombarded with security warnings that all look more-or-less the same. Over time, we tend to tune out these warnings through a process called habituation. In this episode of Cyber Ways, we discuss this problem and how to address it with Dr. Anthony (Tony) Vance of Virginia Tech. Dr. Vance and his colleagues have conducted fascinating research using sophisticated technologies including functional magnetic resonance imaging (fMRI) and eye tracking to gain an understanding of the extent of the habituation to warnings problem. They also demonstrate how changing the look of warnings can reduce habituation. Their research shows strong results, and has clear implications for security professionals.Citation: Vance, A., Jenkins, J. L., Anderson, B. B., Bjornn, D. K., & Kirwan, C. B. (2018). Tuning out security warnings: A longitudinal examination of habituation through fMRI, eye tracking, and field experiments. MIS Quarterly, 42(2), 355-380.Cyber Ways is a production of the Louisiana Tech University's Center for Information Assurance, which is housed in of the College of Business, Department of Computer Information Systems. Cyber Ways is funded by the College's Just Business grant program.For more information contact Craig Van Slyke (vanslyke@latech.edu).Intro audio for the Cyber Ways Podcast Outro audio for Cyber Ways PodcastCyber Ways is brought to you by the Center for Information Assurance, which is housed in the College of Business at Louisiana Tech University. The podcast is made possible through a "Just Business Grant," which is funded by the University's generous donors.https://business.latech.edu/cyberways/

We humans, like all animals, are wired to respond to fear.  When a wildebeest senses a lion's presence, they go on alert and flee. Humans react similarly -- fear brings reaction. In this episode of Cyber Ways, we talk with Dr. Dennis Galletta from the Katz School of Business at the University of Pittsburg about his research into how to leverage users' fear to bring about protective behaviors, such as using antimalware software or backing up data. Boss, S. R., Galletta, D. F., Lowry, P. B., Moody, G. D., & Polak, P. (2015). What do systems users have to fear? Using fear appeals to engender threats and fear that motivate protective security behaviors. MIS Quarterly, 39(4), 837-864.Intro audio for the Cyber Ways Podcast Outro audio for Cyber Ways PodcastCyber Ways is brought to you by the Center for Information Assurance, which is housed in the College of Business at Louisiana Tech University. The podcast is made possible through a "Just Business Grant," which is funded by the University's generous donors.https://business.latech.edu/cyberways/

Episode 4 (Marine 0651>0689 to Cyber Pro) Host: Jon *** I am an active duty Marine, and any opinion expressed on this show is my own and is not military regulation or policy. *** Talk About The Episode: Jack Reedy ***Any opinion expressed is my own and not of any organization I am a part of*** Enlisted into the Marine Corps in 2009. 0651: Data Systems Administrator & 0689: Information Assurance Technician Currently is the Director of Cybersecurity Content at INE. Talk With The Guest: He had no prior experience before the Marine Corps, built his IT career, and then transitioned into a Cybersecurity (then Information Assurance) role. Since exiting military service, he has worked for the DoD, Sony Music and now works for INE. His favorite subject, or technology, he works with: Hands-on keyboard: Incident response None execution-oriented: Gannt Charts, more specifically project management. What helped him get to where he is today: His experiences with leadership, not just him in those roles, but leaders he had as well. Advice for Military transitioning out: Remember, you're worth it. We constantly build value around what we do within a workplace environment, and transitioning can be especially rough. Don't be afraid to leave the government umbrella and not use the security clearance. Build a professional network. Emerge yourself in the culture of whatever you choose to do so that you can pick up those skill sets. Closing: Jack Reedy, Director of Cybersecurity Content at INE Website: https://linktr.ee/secitguy Twitter: https://twitter.com/secitguy LinkedIn: https://www.linkedin.com/in/secitguy/ Instagram: https://www.instagram.com/secitguy/ Discord: https://discord.gg/cyberinsecurity Please take a look at our free Penetration Testing Student course here. As part of the community, I also do a weekly stream called Tipsy Cyber at 8 PM EST on the channel. Grab a drink, bring your questions, and hang out while we talk about the cyber security related news of the week, introduce a new topic or subject, and do a rolling AMA.  https://www.youtube.com/c/CyberInsecurity Also, I recently talked at VetSecCon 21 with my friend Josh Mason https://www.youtube.com/watch?v=vtrV9_MEFic You can contact the show by sending an email to thebunkhousecast@outlook.com. Follow on Twitter with @BunkhouseCast Follow on Facebook with @BunkhouseCast Follow on Reddit: TheBunkhouseCast I created this podcast using version 3.1.1 of Audacity(R) recording and editing software[1].   [1] Audacity® software is copyright © 1999-2021 Audacity Team. Web site: https://audacityteam.org/. It is free software distributed under the terms of the GNU General Public License. The name Audacity® is a registered trademark.  

John Noble was Director of Incident Management at the UK's National Cyber Security Centre (NCSC) until his retirement in 2018. During his 40 years of Government service, John specialised in operational delivery and strategic business change. For his work in creating effective partnerships in the run up to the London Olympics, he was made a Commander of the British Empire (CBE) in 2012. John helped to establish the NCSC and led the response to nearly 800 significant cyberincidents. This work has given him unrivalled experience in dealing with and understanding the causes of cyberattacks. John is currently a non-executive director at NHS Digital, where he chairs the Information Assurance and Cyber Security Committee. NHS Digital is the national information and technology partner to the health and social care system in England. Original music by Edith Mudge Got questions/suggestions/stories to share? Email tips@sophos.com Twitter @NakedSecurity Instagram @NakedSecurity