Podcasts about Information Security Forum

Steve Durbin engages in a compelling conversation with Faisal Hoque, a world-renowned technologist and best-selling author including his recently released ‘Transcend: Unlocking Humanity in the Age of AI'. Faisal shares his thoughts on how business leaders can preserve human values in the in the era of AI, how AI and humans can function together, and the threats posed by ceding control of our humanity to AI. Find out why he feels the government needs to provide legislative structures to protect citizens. Key Takeaways: 1. The challenge for business leaders in preserving human values amidst the rise of AI 2. How AI is gradually diminishing human emotion in daily life 3. The risks involved in relinquishing human control to AI Tune in to hear more about: 1. Preserving human values (1:14) 2. How government policies can influence society and the development of AI (6:15) 3. Harnessing the potential of AI whilst mitigating the risk (18:11) Standout quotes: 1. "The government needs to provide the legislative structures where citizens are protected. Things like intellectual property, privacy, and free market support." - Faisal Hoque 2. "The digital divide concerns me greatly. Not just with regard to AI, but with everything that we are doing from a technology standpoint." - Faisal Hoque 3. "Leaders' job is to create that psychological safety so that we can be productive and feel that we can actually contribute and fulfill our purpose, whatever that purpose is." - Faisal Hoque 4. "AI is going to be like electricity or internet. It is going to be part and parcel of everything and anything we do." - Faisal Hoque Read the transcript of this episode Subscribe to the ISF Podcast wherever you listen to podcasts Connect with us on LinkedIn and Twitter  From the Information Security Forum, the leading authority on cyber, information security, and risk management.

Steve Durbin engages in a compelling conversation with Faisal Hoque, a world-renowned technologist and best-selling author including his recently released ‘Transcend: Unlocking Humanity in the Age of AI'. Faisal shares his thoughts on how business leaders can preserve human values in the in the era of AI, how AI and humans can function together, and the threats posed by ceding control of our humanity to AI. Find out why he feels the government needs to provide legislative structures to protect citizens. Key Takeaways: 1. The challenge for business leaders in preserving human values amidst the rise of AI 2. How AI is gradually diminishing human emotion in daily life 3. The risks involved in relinquishing human control to AI Tune in to hear more about: 1. Preserving human values (1:14) 2. How government policies can influence society and the development of AI (6:15) 3. Harnessing the potential of AI whilst mitigating the risk (18:11) Standout quotes: 1. "The government needs to provide the legislative structures where citizens are protected. Things like intellectual property, privacy, and free market support." - Faisal Hoque 2. "The digital divide concerns me greatly. Not just with regard to AI, but with everything that we are doing from a technology standpoint." - Faisal Hoque 3. "Leaders' job is to create that psychological safety so that we can be productive and feel that we can actually contribute and fulfill our purpose, whatever that purpose is." - Faisal Hoque 4. "AI is going to be like electricity or internet. It is going to be part and parcel of everything and anything we do." - Faisal Hoque Read the transcript of this episode Subscribe to the ISF Podcast wherever you listen to podcasts Connect with us on LinkedIn and Twitter  From the Information Security Forum, the leading authority on cyber, information security, and risk management.

In today's episode, Steve speaks with Christopher Sestito (also known as Tito), chairman of the board, CEO, and co-founder of Hidden Layer, a cybersecurity startup dedicated to preventing adversarial machine learning attacks. Tito shares his perspective on where the business world is currently when it comes to AI and cybersecurity. He also gives his thoughts on the state of AI regulation and what business leaders should do to protect their organizations in the age of AI.  Key Takeaways: AI is changing the cybersecurity game Tech regulation is becoming more fragmented  Securing AI is really no different from securing other parts of the business Tune in to hear more about: Why Christopher Sestito started Hidden Layer (1:28) Why AI will play an increasingly important role in organizational cyber defense (5:47)  What business leaders should think about as they approach cyber in the age of AI (20:18) Standout Quotes: “I think the challenge at the AI level is how fast we've moved. There's been so many advancements that if you don't have a dedicated organization looking at this, it's really just moving too quickly to ultimately have things at a sort of hardening level at the model layer itself.” - Christopher Sestito “I think I'm a bit of a realist when it comes to artificial intelligence coming in. I think we are viewing a very fundamental shift in ultimately what's gonna affect workforces and skill sets required. I think that if I was entering the workforce right now, I'd be focusing heavily on the effects of artificial intelligence, how I can leverage artificial intelligence.” - Christopher Sestito “Every organization really needs to pay attention to their agentic strategy right now. I think if you're engaged with other enterprise organizations, as all are, everyone's building agents right now, and those agents have a lot of autonomy in order to be able to conduct transactions, in order to be able to deal with data, to be able to interact, organization or organization. And I think every CISO is gonna need to be able to really articulate what they want to be allowed here and not because we're removing humans in the loop with these agents, we're allowing them to have quite a bit of agency in order to conduct these transactions at an incredible rate.” - Christopher Sestito Read the transcript of this episode Subscribe to the ISF Podcast wherever you listen to podcasts Connect with us on LinkedIn and Twitter  From the Information Security Forum, the leading authority on cyber, information security, and risk management.

In today's episode, Steve speaks with Christopher Sestito (also known as Tito), chairman of the board, CEO, and co-founder of Hidden Layer, a cybersecurity startup dedicated to preventing adversarial machine learning attacks. Tito shares his perspective on where the business world is currently when it comes to AI and cybersecurity. He also gives his thoughts on the state of AI regulation and what business leaders should do to protect their organizations in the age of AI.  Key Takeaways: AI is changing the cybersecurity game Tech regulation is becoming more fragmented  Securing AI is really no different from securing other parts of the business Tune in to hear more about: Why Christopher Sestito started Hidden Layer (1:28) Why AI will play an increasingly important role in organizational cyber defense (5:47)  What business leaders should think about as they approach cyber in the age of AI (20:18) Standout Quotes: “I think the challenge at the AI level is how fast we've moved. There's been so many advancements that if you don't have a dedicated organization looking at this, it's really just moving too quickly to ultimately have things at a sort of hardening level at the model layer itself.” - Christopher Sestito “I think I'm a bit of a realist when it comes to artificial intelligence coming in. I think we are viewing a very fundamental shift in ultimately what's gonna affect workforces and skill sets required. I think that if I was entering the workforce right now, I'd be focusing heavily on the effects of artificial intelligence, how I can leverage artificial intelligence.” - Christopher Sestito “Every organization really needs to pay attention to their agentic strategy right now. I think if you're engaged with other enterprise organizations, as all are, everyone's building agents right now, and those agents have a lot of autonomy in order to be able to conduct transactions, in order to be able to deal with data, to be able to interact, organization or organization. And I think every CISO is gonna need to be able to really articulate what they want to be allowed here and not because we're removing humans in the loop with these agents, we're allowing them to have quite a bit of agency in order to conduct these transactions at an incredible rate.” - Christopher Sestito Read the transcript of this episode Subscribe to the ISF Podcast wherever you listen to podcasts Connect with us on LinkedIn and Twitter  From the Information Security Forum, the leading authority on cyber, information security, and risk management.

Today, Steve talks about ISF's flagship foresight report "Threat Horizon 2027: Grasping for Control." In a world defined by disruption and acceleration, this report offers not just a forecast of cyber threats, but a blueprint for resilience, and Steve walks listeners through the key themes. Key Takeaways: 1 Flexibility will be key in an increasingly volatile world. 2 Cyber must be considered in every aspect of an organization's operations. 3 Control is possible, even if it sometimes doesn't feel like it. Tune in to hear more about: 1 Why identity is becoming more and more important for businesses (2:24) 2 How senior leaders can prepare for the future (17:06) 3 Why control is still possible (21:42) Standout Quotes: 1 “Identity is really the cornerstone of everything that we do in the digital world, and it's fast becoming one of the most critical areas for business leaders to understand and take seriously.” - Steve Durbin 2 “Leaders need to understand the economic impact of cyber risk. What are the potential costs of disruption? How would a breach affect reputation, revenue, operations? It's the reputational bit, for instance, in my case, that worries me the most. And once you start thinking in those terms. You can make many more business-aligned, informed decisions about what you are going to do because you stop looking at the cost of doing something and instead you flip it and look at the implications and associated costs of not doing it.” - Steve Durbin 3 “I think that business leaders as a group, tend to be pretty resilient individuals. I've worked a lot with entrepreneurs, and they are probably some of the most resilient that I've ever come across because they have to be. And one of the things that they always believe in, I've found, is that irrespective of what's going on around you, control is still possible. But in order to have that level of control, it takes foresight, it takes focus, and I think above all it takes flexibility and, I would say, courage.” - Steve Durbin Read the transcript of this episode Subscribe to the ISF Podcast wherever you listen to podcasts Connect with us on LinkedIn and Twitter From the Information Security Forum, the leading authority on cyber, information security, and risk management.

Today, Steve talks about ISF's flagship foresight report "Threat Horizon 2027: Grasping for Control." In a world defined by disruption and acceleration, this report offers not just a forecast of cyber threats, but a blueprint for resilience, and Steve walks listeners through the key themes. Key Takeaways: 1 Flexibility will be key in an increasingly volatile world. 2 Cyber must be considered in every aspect of an organization's operations. 3 Control is possible, even if it sometimes doesn't feel like it. Tune in to hear more about: 1 Why identity is becoming more and more important for businesses (2:24) 2 How senior leaders can prepare for the future (17:06) 3 Why control is still possible (21:42) Standout Quotes: 1 “Identity is really the cornerstone of everything that we do in the digital world, and it's fast becoming one of the most critical areas for business leaders to understand and take seriously.” - Steve Durbin 2 “Leaders need to understand the economic impact of cyber risk. What are the potential costs of disruption? How would a breach affect reputation, revenue, operations? It's the reputational bit, for instance, in my case, that worries me the most. And once you start thinking in those terms. You can make many more business-aligned, informed decisions about what you are going to do because you stop looking at the cost of doing something and instead you flip it and look at the implications and associated costs of not doing it.” - Steve Durbin 3 “I think that business leaders as a group, tend to be pretty resilient individuals. I've worked a lot with entrepreneurs, and they are probably some of the most resilient that I've ever come across because they have to be. And one of the things that they always believe in, I've found, is that irrespective of what's going on around you, control is still possible. But in order to have that level of control, it takes foresight, it takes focus, and I think above all it takes flexibility and, I would say, courage.” - Steve Durbin Read the transcript of this episode Subscribe to the ISF Podcast wherever you listen to podcasts Connect with us on LinkedIn and Twitter From the Information Security Forum, the leading authority on cyber, information security, and risk management.

In today's episode, Steve speaks with Tavia about how AI and other emerging technology are reshaping society, and how we as humans should react to it.  Key Takeaways: AI and other emerging tech can help society, but guardrails are needed.  The world is becoming more fragmented when it comes to how it views AI and tech.  With AI and new technology, we have to be increasingly cautious in our interactions in cyberspace.  Tune in to hear more about: Why it's unlikely there will be international rules around AI (4:32) How technology is changing how we interact – and what that means (7:12) What people 50 years from now might say about how we're currently handling emerging tech (22:28) Standout Quotes: “We need to be putting in place guardrails, particularly when it comes to AI, around how it's going to be used, because we are playing with a technology, the power of which we don't fully understand yet.” - Steve Durbin “I think it is about how we get the balance right. I think that it isn't about shutting down some of the technological advances that we're seeing, it is about just being a little bit more realistic about their fallibility and trying to get equilibrium back between people and tools.” - Steve Durbin “I suspect that what they will do is take a look back and go, why on earth did they do that? Why on earth didn't somebody see that there was a better way? Because that's with the benefit of hindsight, isn't it? And we've got 20-20 vision when it comes to hindsight. And so I think that we are in the here and now and we need to find a way of muddling through. And I think that everybody has a responsibility to do that.” - Steve Durbin Read the transcript of this episode Subscribe to the ISF Podcast wherever you listen to podcasts Connect with us on LinkedIn and Twitter From the Information Security Forum, the leading authority on cyber, information security, and risk management.

In today's episode, Steve speaks with Tavia about how AI and other emerging technology are reshaping society, and how we as humans should react to it.  Key Takeaways: AI and other emerging tech can help society, but guardrails are needed.  The world is becoming more fragmented when it comes to how it views AI and tech.  With AI and new technology, we have to be increasingly cautious in our interactions in cyberspace.  Tune in to hear more about: Why it's unlikely there will be international rules around AI (4:32) How technology is changing how we interact – and what that means (7:12) What people 50 years from now might say about how we're currently handling emerging tech (22:28) Standout Quotes: “We need to be putting in place guardrails, particularly when it comes to AI, around how it's going to be used, because we are playing with a technology, the power of which we don't fully understand yet.” - Steve Durbin “I think it is about how we get the balance right. I think that it isn't about shutting down some of the technological advances that we're seeing, it is about just being a little bit more realistic about their fallibility and trying to get equilibrium back between people and tools.” - Steve Durbin “I suspect that what they will do is take a look back and go, why on earth did they do that? Why on earth didn't somebody see that there was a better way? Because that's with the benefit of hindsight, isn't it? And we've got 20-20 vision when it comes to hindsight. And so I think that we are in the here and now and we need to find a way of muddling through. And I think that everybody has a responsibility to do that.” - Steve Durbin Read the transcript of this episode Subscribe to the ISF Podcast wherever you listen to podcasts Connect with us on LinkedIn and Twitter From the Information Security Forum, the leading authority on cyber, information security, and risk management.

Tune in to this bonus episode where Steve is speaking with Prof. Federico Varese, a professor of criminology and head of the sociology department at Nuffield College at Oxford University. Prof. Varese talks with Steve about the history of organised crime in Russia and around the world, the mafia's movement into cybercrime, and what the future may hold for these criminal organisations. Related Resources from ISF: ISF Podcast, Alexander Seger — How Global Law Enforcement Fight Cybercrime ISF Podcast, Inside the Mind of Today's Cybercriminals, Brett Johnson Part 1 ISF Podcast, The Life of a Cybercriminal, Brett Johnson Part 2 ISF Podcast - The Democratisation of Cybercrime Misha Glenny: The Evolution of Cybercrime with Misha Glenny, author of McMafia Read the transcript of this episode Subscribe to the ISF Podcast wherever you listen to podcasts Connect with us on LinkedIn and Twitter From the Information Security Forum, the leading authority on cyber, information security, and risk management

Tune in to this bonus episode where Steve is speaking with Prof. Federico Varese, a professor of criminology and head of the sociology department at Nuffield College at Oxford University. Prof. Varese talks with Steve about the history of organised crime in Russia and around the world, the mafia's movement into cybercrime, and what the future may hold for these criminal organisations. Related Resources from ISF: ISF Podcast, Alexander Seger — How Global Law Enforcement Fight Cybercrime ISF Podcast, Inside the Mind of Today's Cybercriminals, Brett Johnson Part 1 ISF Podcast, The Life of a Cybercriminal, Brett Johnson Part 2 ISF Podcast - The Democratisation of Cybercrime Misha Glenny: The Evolution of Cybercrime with Misha Glenny, author of McMafia Read the transcript of this episode Subscribe to the ISF Podcast wherever you listen to podcasts Connect with us on LinkedIn and Twitter From the Information Security Forum, the leading authority on cyber, information security, and risk management

Today, Steve sits down with supply chain expert Neil Coole, who currently serves as Enterprise Partnership Director at BSI. He emphasizes the need to know your organization's supply chain story in order to stay secure and protect your brand. He and Steve talk about how regulation can go beyond a checklist and add value for companies. Key Takeaways:  1 The covid-19 pandemic and recent conflicts have highlighted the vulnerability of today's supply chains.  2 Standards exist as frameworks to help companies live up to responsibilities set upon them by law or consumers.  3 A harmonized assessment framework can help industries secure their supply chains and save organizations time and money. Tune in to hear more about:  1 How standards are created and what their purpose is (8:57)  2 Protecting critical infrastructure in the US (14:09)  3 The Supplier Compliance Audit Network, a community of US-based retailers and brand owners who's created a harmonized assessment framework for its industry (23:23) Standout Quotes:  1 “The expectation now is on more trust, transparency and also traceability, especially things like tech-enabled traceability. What kind of tech-enabled traceability solutions is that client using to determine where the goods are coming from? What route are they taking? Who's opening up the cargo containers and possibly adulterating goods, stealing in transit, all those other things – that's a real concern today for these organizations who are moving hundreds of thousands of freight containers on an annual basis. It's a real risk that they have to live with. The solutions are there. It's just helping those organizations understand the role that standards, shall we say – a standard is a best-practice framework – can play in helping to reduce, or, in some cases, even mitigate some of those risks.” - Neil Coole  2 “There's opportunities for improvement everywhere, but from a maturity standpoint, we do view parts of the critical infrastructure sectors like energy and finance to be on the more mature end. And then there's a few in the middle that are learning some important lessons. And then there's those who are actively being targeted we read about all the time. They are the ones that I feel would benefit more from some of the guidance and support and information that's available for them to be less of an attractive target.” Neil Coole  3 “So, if you're a single supplier working for the top 10 biggest brands, the top 10 are sending out some form of assessment of you. You're getting that 300-page assessment document, not just from one supplier, you're getting it from all the suppliers. But if those suppliers become part of the same community and they agree to accept a single assessment outcome, no matter who has instigated it, everyone benefits. The supplier benefits – minimizes their disruption, they get to work with more brands in an open and trusted environment – and it just saves that complete disruption and unnecessary costs of delivering an assessment by multiple brands.” - Neil Coole Mentioned in this episode:  • Dear Infosec Read the transcript of this episode Subscribe to the ISF Podcast wherever you listen to podcasts Connect with us on LinkedIn and Twitter From the Information Security Forum, the leading authority on cyber, information security, and risk management.

Today, Steve sits down with supply chain expert Neil Coole, who currently serves as Enterprise Partnership Director at BSI. He emphasizes the need to know your organization's supply chain story in order to stay secure and protect your brand. He and Steve talk about how regulation can go beyond a checklist and add value for companies. Key Takeaways:  1 The covid-19 pandemic and recent conflicts have highlighted the vulnerability of today's supply chains.  2 Standards exist as frameworks to help companies live up to responsibilities set upon them by law or consumers.  3 A harmonized assessment framework can help industries secure their supply chains and save organizations time and money. Tune in to hear more about:  1 How standards are created and what their purpose is (8:57)  2 Protecting critical infrastructure in the US (14:09)  3 The Supplier Compliance Audit Network, a community of US-based retailers and brand owners who's created a harmonized assessment framework for its industry (23:23) Standout Quotes:  1 “The expectation now is on more trust, transparency and also traceability, especially things like tech-enabled traceability. What kind of tech-enabled traceability solutions is that client using to determine where the goods are coming from? What route are they taking? Who's opening up the cargo containers and possibly adulterating goods, stealing in transit, all those other things – that's a real concern today for these organizations who are moving hundreds of thousands of freight containers on an annual basis. It's a real risk that they have to live with. The solutions are there. It's just helping those organizations understand the role that standards, shall we say – a standard is a best-practice framework – can play in helping to reduce, or, in some cases, even mitigate some of those risks.” - Neil Coole  2 “There's opportunities for improvement everywhere, but from a maturity standpoint, we do view parts of the critical infrastructure sectors like energy and finance to be on the more mature end. And then there's a few in the middle that are learning some important lessons. And then there's those who are actively being targeted we read about all the time. They are the ones that I feel would benefit more from some of the guidance and support and information that's available for them to be less of an attractive target.” Neil Coole  3 “So, if you're a single supplier working for the top 10 biggest brands, the top 10 are sending out some form of assessment of you. You're getting that 300-page assessment document, not just from one supplier, you're getting it from all the suppliers. But if those suppliers become part of the same community and they agree to accept a single assessment outcome, no matter who has instigated it, everyone benefits. The supplier benefits – minimizes their disruption, they get to work with more brands in an open and trusted environment – and it just saves that complete disruption and unnecessary costs of delivering an assessment by multiple brands.” - Neil Coole Mentioned in this episode:  • Dear Infosec Read the transcript of this episode Subscribe to the ISF Podcast wherever you listen to podcasts Connect with us on LinkedIn and Twitter From the Information Security Forum, the leading authority on cyber, information security, and risk management.

Today, Steve speaks with Kailyn Johnson, cyber intelligence and geopolitical risk lead at UK consulting firm Sibylline. Kailyn and Steve discuss the current threat landscape, focusing on areas where cyber and geopolitics overlap, and she offers some practical advice on how to contextualize security for your organization's C-suite. Key Takeaways: 1 The dark web is becoming more democratized, opening up the door for low-skilled threat actors to cause harm. 2 Open and frequent communication between security teams and other branches of the organization, in particular those in charge of the budget, is crucial for cyber resilience operations to receive sufficient support. 3 Staying up to date on patching, knowing your supply chains, and understanding how threats to critical infrastructure can affect you, will be key for organizations in 2025. Tune in to hear more about: 1 How the dark web is becoming more democratized, and what means for businesses 2 Why showing the worth of the cyber team is tricky but critical for long-term success 3 What organizations can do better in 2025 Standout Quotes:  1 “So we're seeing just ransomware continuing to be a consistent risk to business operations, financial risk, reputational risk, security risks, operational risks. But alongside that, we're also then seeing the influx of a lot more low-skilled threat actors having now the capabilities to conduct sophisticated operations with the democratization of the dark web.” - Kailyn Johnson  2 “Showing off the value that these teams have to the people with budget, sometimes might help unlock a bit of that budget. If you're seeing the benefit of those teams, you're more likely to give them the budget that they might need for it, and whether that's internally or sometimes externally, if you've produced really good work, or if you've created all these detections that have helped improve the network security for your organization, how could we maybe publish that, whether it's internally to the stakeholders, or if it's for everyone, so people are seeing, actually, they're doing a really good job.” - Kailyn Johnson  3 “But sometimes you're so focused on the impact of the regulations that you sometimes then forget, actually the processes that we're doing are working. Then should we just maybe let things play out and see how they're going? I think there's always a bit of a worry of, are we always in compliance? And it's good that we have that worry, but it's also sometimes the case of, just keep doing what you're doing, and you've got your compliance teams to tell you when you're not.” - Kailyn Johnson Mentioned in this episode: • ISF Analyst Insight Podcast Read the transcript of this episode Subscribe to the ISF Podcast wherever you listen to podcasts Connect with us on LinkedIn and Twitter From the Information Security Forum, the leading authority on cyber, information security, and risk management.

Today, Steve speaks with Kailyn Johnson, cyber intelligence and geopolitical risk lead at UK consulting firm Sibylline. Kailyn and Steve discuss the current threat landscape, focusing on areas where cyber and geopolitics overlap, and she offers some practical advice on how to contextualize security for your organization's C-suite. Key Takeaways: 1 The dark web is becoming more democratized, opening up the door for low-skilled threat actors to cause harm. 2 Open and frequent communication between security teams and other branches of the organization, in particular those in charge of the budget, is crucial for cyber resilience operations to receive sufficient support. 3 Staying up to date on patching, knowing your supply chains, and understanding how threats to critical infrastructure can affect you, will be key for organizations in 2025. Tune in to hear more about: 1 How the dark web is becoming more democratized, and what means for businesses 2 Why showing the worth of the cyber team is tricky but critical for long-term success 3 What organizations can do better in 2025 Standout Quotes:  1 “So we're seeing just ransomware continuing to be a consistent risk to business operations, financial risk, reputational risk, security risks, operational risks. But alongside that, we're also then seeing the influx of a lot more low-skilled threat actors having now the capabilities to conduct sophisticated operations with the democratization of the dark web.” - Kailyn Johnson  2 “Showing off the value that these teams have to the people with budget, sometimes might help unlock a bit of that budget. If you're seeing the benefit of those teams, you're more likely to give them the budget that they might need for it, and whether that's internally or sometimes externally, if you've produced really good work, or if you've created all these detections that have helped improve the network security for your organization, how could we maybe publish that, whether it's internally to the stakeholders, or if it's for everyone, so people are seeing, actually, they're doing a really good job.” - Kailyn Johnson  3 “But sometimes you're so focused on the impact of the regulations that you sometimes then forget, actually the processes that we're doing are working. Then should we just maybe let things play out and see how they're going? I think there's always a bit of a worry of, are we always in compliance? And it's good that we have that worry, but it's also sometimes the case of, just keep doing what you're doing, and you've got your compliance teams to tell you when you're not.” - Kailyn Johnson Mentioned in this episode: • ISF Analyst Insight Podcast Read the transcript of this episode Subscribe to the ISF Podcast wherever you listen to podcasts Connect with us on LinkedIn and Twitter From the Information Security Forum, the leading authority on cyber, information security, and risk management.

In this episode, Dr. Hany Demian, a pioneering medical doctor and CEO, known for his groundbreaking work in spine care and pain management, shares his journey from Cairo to Canada and the U.S., his innovative use of regenerative medicine and microscopic spine surgery, and his vision for improving patient care. He discusses the challenges and responsibilities of being a CEO in the medical field, his company BioSpine Institute's advancements in anti-aging treatments, and the importance of flexibility and discipline in leadership. This conversation is both inspiring and informative, offering valuable insights for C-suite leaders and medical professionals alike. Episode Highlights: 02:27 Dr. Demian's Journey and Career Insights 05:13 Innovations in Chronic Pain and Spine Care 08:29 Personal Stories and Impact of Treatments 19:56 Challenges and Responsibilities of a CEO Steve Durbin is a leading authority on cybersecurity and business culture transformation. As CEO of the Information Security Forum, he helps global enterprises navigate security risks and governance challenges. Since 2016, he has hosted the ISF Podcast, interviewing industry pioneers like Steve Wozniak and Helle Thorning-Schmidt. Previously, he advised Fortune 500 companies at Gartner and played a key role in IPOs and M&As at Ernst & Young. A top influencer in cybersecurity leadership, Steve also lectures at Henley Business School on board-level cyber strategy. His expertise spans threat landscapes, regulation, and the evolving role of cybersecurity in business. Connect with Steve:

How do we protect ourselves in a world where cyber threats are not just possible, but inevitable? In this episode of A Little Bit Radical, host Rob Fawkes speaks with Steve Durbin, CEO of the Information Security Forum (ISF), a global, not-for-profit organisation helping businesses manage cybersecurity risks.Steve shares his unconventional leadership journey, from growing up in Kenya and developing an instinct for questioning the status quo to leading one of the most influential cybersecurity organisations in the world. He talks about risk management, human behaviour in cybersecurity, and why you should aim to be the least attractive target for cybercriminals.

Today, Steve is in conversation with Dr. Kate Darling, Research Scientist at the MIT Media Lab and Research Lead at the Boston Dynamics AI Institute. Kate has spent years studying human-robot interaction, and she speaks with Steve about the fascinating impact such interactions can have on us as people, and what that means for businesses trying to incorporate robots and AI into their customer experience. Key Takeaways: 1. It is natural for humans to project human behavior onto non-humans. 2. Using robots to help humans do their work better is smarter than replacing them.  3. More technical expertise is needed for policymaking to keep pace with new technologies.  Tune in to hear more about: 1. Why humans form emotional connections with robots 2. How a grocery store robot is scaring customers 3. Pitfalls of commercializing robotics Standout Quotes: 1. “That's part of the reason that we do this, that we create these strong emotional connections, even with non-living things like robots, is because we have this drive, and especially in these emotionally difficult situations, it may even be something that helps people survive. So I don't think it's as black and white as just: we need to prevent this anymore, but it is something that we need to be extremely aware of and acknowledge that it's happening, so that we can address it appropriately where possible.” - Dr. Kate Darling 2. “So I think it's important that we're making the right choices. It's not that technology determines what happens. It really is us as a society choosing to set the right incentives for companies and invest in the right kinds of technology. And I do think that there's much more promise in that path, the path of trying to partner with these technologies and what we're trying to achieve, rather than trying to replace people or recreate something we already have.” - Dr. Kate Darling 3. “We've used most animals like tools and products, and some of them have been our companions, and my prediction for the future is that we're going to do the exact same thing with robots and AI, that most of them will be tools and products and some of them will be companions.” - Dr. Kate Darling Mentioned in this episode: • ISF Analyst Insight Podcast Read the transcript of this episode Subscribe to the ISF Podcast wherever you listen to podcasts Connect with us on LinkedIn and Twitter From the Information Security Forum, the leading authority on cyber, information security, and risk management.

Today, Steve is in conversation with Dr. Kate Darling, Research Scientist at the MIT Media Lab and Research Lead at the Boston Dynamics AI Institute. Kate has spent years studying human-robot interaction, and she speaks with Steve about the fascinating impact such interactions can have on us as people, and what that means for businesses trying to incorporate robots and AI into their customer experience. Key Takeaways: 1. It is natural for humans to project human behavior onto non-humans. 2. Using robots to help humans do their work better is smarter than replacing them.  3. More technical expertise is needed for policymaking to keep pace with new technologies.  Tune in to hear more about: 1. Why humans form emotional connections with robots 2. How a grocery store robot is scaring customers 3. Pitfalls of commercializing robotics Standout Quotes: 1. “That's part of the reason that we do this, that we create these strong emotional connections, even with non-living things like robots, is because we have this drive, and especially in these emotionally difficult situations, it may even be something that helps people survive. So I don't think it's as black and white as just: we need to prevent this anymore, but it is something that we need to be extremely aware of and acknowledge that it's happening, so that we can address it appropriately where possible.” - Dr. Kate Darling 2. “So I think it's important that we're making the right choices. It's not that technology determines what happens. It really is us as a society choosing to set the right incentives for companies and invest in the right kinds of technology. And I do think that there's much more promise in that path, the path of trying to partner with these technologies and what we're trying to achieve, rather than trying to replace people or recreate something we already have.” - Dr. Kate Darling 3. “We've used most animals like tools and products, and some of them have been our companions, and my prediction for the future is that we're going to do the exact same thing with robots and AI, that most of them will be tools and products and some of them will be companions.” - Dr. Kate Darling Mentioned in this episode: • ISF Analyst Insight Podcast Read the transcript of this episode Subscribe to the ISF Podcast wherever you listen to podcasts Connect with us on LinkedIn and Twitter From the Information Security Forum, the leading authority on cyber, information security, and risk management.

In this episode, Steve speaks with best-selling author and hypnotist Paul McKenna about something that affects all of us — stress at work. Paul talks about the impact stress can have on workers and gives practical tips to care for yourself and the employees you lead, even in the fast-paced, “always-on” security industry. Key Takeaways: 1 It's important to be mindful of signs of stress before it gets to burnout. 2 Mindfulness, hypnosis, and other types of self-care can significantly reduce stress. 3 For long-term success, employers should look to balance output and productivity with their employees' mental and physical well-being. Tune in to hear more about: 1 Why we're more stressed than ever (1:10) 2 How to identify signs that may lead to burnout (3:26) 3 How companies and leaders can support their employees well-being (12:32) Standout Quotes: 1 “It's right now a massive issue, anxiety, stress, fear, worry, because if you think about it, you turn on the TV, or you open a newspaper, you're under attack. It's the war, it's the virus, it's the economy, it's something or other. And so understandably, post the pandemic, we were out of the biological pandemic, but we're sort of in a psychological pandemic.” - Paul McKenna 2 “ Now the thing is, addiction is about changing your state of mind and body, so drinking, drug taking, gambling, sex, shopping, television and food, particularly sugar food, are the world's drugs of choice. And everybody in the world at some point feels too much stress. They feel overwhelmed, and so they resort to something to change how they feel, some of the things I just mentioned. And in a sense, some people, they form an addiction to their work because they can, you know, forget about everything else that's going on in their life. They might not have to think about their relationship or, you know, some other stress, from their family or something. So they immerse themselves in work.” - Paul McKenna 3 “Years ago, when I started corporate training, one of my colleagues, I asked him, ‘Why is it corporations pay so much money to have their staff trained?' He said, ‘Well, I can show you,' because look, they see that ‘days sick' goes down, the productivity goes up. So basically, by staying in the zone of balance – you've got enough output getting things done, versus balance, which is recovery time, in my mind. You get that mix right, then you're going to be more productive in the end.” - Paul McKenna  Mentioned in this episode: • Dear Infosec Read the transcript of this episode Subscribe to the ISF Podcast wherever you listen to podcasts Connect with us on LinkedIn and Twitter 
From the Information Security Forum, the leading authority on cyber, information security, and risk management.

In this episode, Steve speaks with best-selling author and hypnotist Paul McKenna about something that affects all of us — stress at work. Paul talks about the impact stress can have on workers and gives practical tips to care for yourself and the employees you lead, even in the fast-paced, “always-on” security industry. Key Takeaways: 1 It's important to be mindful of signs of stress before it gets to burnout. 2 Mindfulness, hypnosis, and other types of self-care can significantly reduce stress. 3 For long-term success, employers should look to balance output and productivity with their employees' mental and physical well-being. Tune in to hear more about: 1 Why we're more stressed than ever (1:10) 2 How to identify signs that may lead to burnout (3:26) 3 How companies and leaders can support their employees well-being (12:32) Standout Quotes: 1 “It's right now a massive issue, anxiety, stress, fear, worry, because if you think about it, you turn on the TV, or you open a newspaper, you're under attack. It's the war, it's the virus, it's the economy, it's something or other. And so understandably, post the pandemic, we were out of the biological pandemic, but we're sort of in a psychological pandemic.” - Paul McKenna 2 “ Now the thing is, addiction is about changing your state of mind and body, so drinking, drug taking, gambling, sex, shopping, television and food, particularly sugar food, are the world's drugs of choice. And everybody in the world at some point feels too much stress. They feel overwhelmed, and so they resort to something to change how they feel, some of the things I just mentioned. And in a sense, some people, they form an addiction to their work because they can, you know, forget about everything else that's going on in their life. They might not have to think about their relationship or, you know, some other stress, from their family or something. So they immerse themselves in work.” - Paul McKenna 3 “Years ago, when I started corporate training, one of my colleagues, I asked him, ‘Why is it corporations pay so much money to have their staff trained?' He said, ‘Well, I can show you,' because look, they see that ‘days sick' goes down, the productivity goes up. So basically, by staying in the zone of balance – you've got enough output getting things done, versus balance, which is recovery time, in my mind. You get that mix right, then you're going to be more productive in the end.” - Paul McKenna  Mentioned in this episode: • Dear Infosec Read the transcript of this episode Subscribe to the ISF Podcast wherever you listen to podcasts Connect with us on LinkedIn and Twitter 
From the Information Security Forum, the leading authority on cyber, information security, and risk management.

Today, Steve sits down with Duncan Wardle, the former head of innovation and creativity at Disney. Duncan talks to Steve about his current work teaching leaders to embrace creativity and inspire innovation in their teams. He suggests practical ways that leaders can create a more collaborative and fun work culture that will lead to more successful outcomes and enhance their teams' job fulfillment. Key Takeaways: We're all born with creativity, and a great leader can unlock it within people who may have lost it along the way.   Creativity is the ability to have an idea; innovation is the ability to get that idea done.  With AI, we have the opportunity to hand off mundane tasks and give ourselves time to think, be creative, and innovate.  Tune in to hear more about: Why it matters to say “yes, and…” instead of “no, because…”  The impact of AI on creativity and innovation Actions leaders can take to spark more creativity within their organizations Standout Quotes: “I define creativity as the ability to have an idea, and I think we can all do that every day. I define innovation as the ability to get that done. That's the hard part.” - Duncan Wardle  “As leaders, we have responsibilities, we've got quarterly results, we've got bosses, we've got – but if the first two words out of our mouth are ‘no, because,' they're the first two words when somebody comes at us with a new idea, they're not coming back in the door again, and they may have genius next week or next-. Just remind ourselves as leaders, we're not green lighting this idea for execution today. We're merely green housing it together, using ‘Yes, and.' As leaders, if we can use ‘Yes, and' before ‘No, because' you can completely and utterly change your culture.” - Duncan Wardle “Algorithms, and everything that AI will bring to the table, will merge with the human race, creativity, intuition, empathy, imagination, etc, we will merge to become a superhuman race.” - Duncan Wardle Mentioned in this episode: ISF Analyst Insight Podcast Read the transcript of this episode Subscribe to the ISF Podcast wherever you listen to podcasts Connect with us on LinkedIn and Twitter From the Information Security Forum, the leading authority on cyber, information security, and risk management.

Today, Steve sits down with Duncan Wardle, the former head of innovation and creativity at Disney. Duncan talks to Steve about his current work teaching leaders to embrace creativity and inspire innovation in their teams. He suggests practical ways that leaders can create a more collaborative and fun work culture that will lead to more successful outcomes and enhance their teams' job fulfillment. Key Takeaways: We're all born with creativity, and a great leader can unlock it within people who may have lost it along the way.   Creativity is the ability to have an idea; innovation is the ability to get that idea done.  With AI, we have the opportunity to hand off mundane tasks and give ourselves time to think, be creative, and innovate.  Tune in to hear more about: Why it matters to say “yes, and…” instead of “no, because…”  The impact of AI on creativity and innovation Actions leaders can take to spark more creativity within their organizations Standout Quotes: “I define creativity as the ability to have an idea, and I think we can all do that every day. I define innovation as the ability to get that done. That's the hard part.” - Duncan Wardle  “As leaders, we have responsibilities, we've got quarterly results, we've got bosses, we've got – but if the first two words out of our mouth are ‘no, because,' they're the first two words when somebody comes at us with a new idea, they're not coming back in the door again, and they may have genius next week or next-. Just remind ourselves as leaders, we're not green lighting this idea for execution today. We're merely green housing it together, using ‘Yes, and.' As leaders, if we can use ‘Yes, and' before ‘No, because' you can completely and utterly change your culture.” - Duncan Wardle “Algorithms, and everything that AI will bring to the table, will merge with the human race, creativity, intuition, empathy, imagination, etc, we will merge to become a superhuman race.” - Duncan Wardle Mentioned in this episode: ISF Analyst Insight Podcast Read the transcript of this episode Subscribe to the ISF Podcast wherever you listen to podcasts Connect with us on LinkedIn and Twitter From the Information Security Forum, the leading authority on cyber, information security, and risk management.

In this episode, Steve sits down with author and leadership expert Sylvie di Giusto. Sylvie delineates five areas for everyone to consider in order to enhance their emotional intelligence. She and Steve also discuss how self-awareness and authenticity relate to situational awareness, and how improving in these areas can support career mobility. Key Takeaways: The subconscious takes up 95% of the brain – use that to your advantage to gain the trust of the people you interact with. Situational awareness is more important than one-size-fits-all ideas of “always smiling” or “maintaining eye contact. Your appearance, behavior, communication, digital footprint, and environment all matter for how people see you.  Tune in to hear more about: How the meaning of emotional intelligence in business has changed over the years (01:48) Sylvie di Giusto's A.B.C.D.E. (Appearance, Behavior, Communication, Digital footprint, Environment) framework (07:50) The four levels of visibility (20:05) Standout Quotes: “The subconscious mind of a human takes up 95% of your brain. And 95% of your brain is where emotions live, where feelings live, where your gut feelings live. And only 5% of our brain actually transmits data, facts, figures, information. That is where your contracts are, where your proposals are, where all the facts and figures are that you deliver to your clients. [...] So, I always say, why don't you use this to your advantage, that behavior, and actually use the 95% of the brain and instantly imprint that feeling of trust in them and use it to your advantage. And before they buy into your solution, into your technical solution, let them buy into you.” - Sylvie di Giusto “You have to learn to read the moment, [...] and then adjust your behavior and make more intentional choices. I think one of the biggest challenges that we have nowadays, also driven by technology because we are constantly distracted by technology, is that we run on autopilot most of the day. Most of the day, we are so in our habits, in our patterns, that we do things, say things, that we are not even aware of, and they have a macro impact on our relationships. And we have to step back and sometimes turn that autopilot off, read the room, and be more intentional with the tools that we already have.” - Sylvie di Giusto “I think that authenticity means that we all play a role, but different roles, and in those roles, we are true to ourselves. [...] And in all those roles, I promise you, I'm truly authentic. But if I would try to talk with my husband the way I talk with my clients, we wouldn't have made it to 23 years, I promise you. Or if I would treat my clients like I treat my children, or if I look at home like I would on stage, and vice versa. So, yes, we are all authentic in those roles, but I think we have to accept that you just do you, no matter the circumstances – which brings us back to situational awareness – I think it's a lie that this is possible.” - Sylvie di Giusto Mentioned in this episode: Dear InfoSec Read the transcript of this episode Subscribe to the ISF Podcast wherever you listen to podcasts Connect with us on LinkedIn and Twitter From the Information Security Forum, the leading authority on cyber, information security, and risk management.

In this episode, Steve sits down with author and leadership expert Sylvie di Giusto. Sylvie delineates five areas for everyone to consider in order to enhance their emotional intelligence. She and Steve also discuss how self-awareness and authenticity relate to situational awareness, and how improving in these areas can support career mobility. Key Takeaways: The subconscious takes up 95% of the brain – use that to your advantage to gain the trust of the people you interact with. Situational awareness is more important than one-size-fits-all ideas of “always smiling” or “maintaining eye contact. Your appearance, behavior, communication, digital footprint, and environment all matter for how people see you.  Tune in to hear more about: How the meaning of emotional intelligence in business has changed over the years (01:48) Sylvie di Giusto's A.B.C.D.E. (Appearance, Behavior, Communication, Digital footprint, Environment) framework (07:50) The four levels of visibility (20:05) Standout Quotes: “The subconscious mind of a human takes up 95% of your brain. And 95% of your brain is where emotions live, where feelings live, where your gut feelings live. And only 5% of our brain actually transmits data, facts, figures, information. That is where your contracts are, where your proposals are, where all the facts and figures are that you deliver to your clients. [...] So, I always say, why don't you use this to your advantage, that behavior, and actually use the 95% of the brain and instantly imprint that feeling of trust in them and use it to your advantage. And before they buy into your solution, into your technical solution, let them buy into you.” - Sylvie di Giusto “You have to learn to read the moment, [...] and then adjust your behavior and make more intentional choices. I think one of the biggest challenges that we have nowadays, also driven by technology because we are constantly distracted by technology, is that we run on autopilot most of the day. Most of the day, we are so in our habits, in our patterns, that we do things, say things, that we are not even aware of, and they have a macro impact on our relationships. And we have to step back and sometimes turn that autopilot off, read the room, and be more intentional with the tools that we already have.” - Sylvie di Giusto “I think that authenticity means that we all play a role, but different roles, and in those roles, we are true to ourselves. [...] And in all those roles, I promise you, I'm truly authentic. But if I would try to talk with my husband the way I talk with my clients, we wouldn't have made it to 23 years, I promise you. Or if I would treat my clients like I treat my children, or if I look at home like I would on stage, and vice versa. So, yes, we are all authentic in those roles, but I think we have to accept that you just do you, no matter the circumstances – which brings us back to situational awareness – I think it's a lie that this is possible.” - Sylvie di Giusto Mentioned in this episode: Dear InfoSec Read the transcript of this episode Subscribe to the ISF Podcast wherever you listen to podcasts Connect with us on LinkedIn and Twitter From the Information Security Forum, the leading authority on cyber, information security, and risk management.

Today, Steve is speaking with Rear Admiral Brian Luther. After more than 30 years in the US Navy and at the Pentagon, Brian is now president and CEO of the insurance firm Navy Mutual. Brian talks about what he learned about leadership in his time commanding an aircraft carrier in the Navy and how he has translated his skills into working in the private sector. He and Steve also discuss how leaders can move from a tactical mindset into a logistical one, and prepare your team for worst case scenarios. Key Takeaways: There might be differences between generations or people of different cultures, but fundamentally most people want the same things, and basic respect goes a long way. As a leader, don't get bogged down in tactics. Remember to think about the logistics, so there is a plan B if something goes awry.  Technology can be an immensely useful tool, but don't get overly dependent on it.  Tune in to hear more about: The three stages of leadership (7:46) Conducting business in volatile regions (12:28) How a tabletop drill can reveal important weaknesses in your organization's crisis response (18:48) Standout Quotes: “You have to very clearly articulate to the people what you want done. And if it's very specific, you say, ‘I want this done,' and if it's generic, you say, ‘I want this outcome,' right? You can't say I want a general outcome when you have something specific in mind, because they're going to go off and do it whatever way you want. But if you're very clear, ‘I want this done this way,' or ‘I just want this outcome,' and you decide, delegate, disappear, you'd be amazed at what people can do.” - Brian Luther “If you go there and give them an opportunity to see you as just who you are, and learn them just as they are, you find that there's more in common than people would give credit for. So I would always say, before you go internationally, take some time to learn where you're going and respect the culture that you're going to be operating in.” - Brian Luther “There are tremendous benefits associated with technology, but any strength pushed too far is a weakness [...]. Don't be overreliant on something, and you put all your eggs in that one basket and you lose it, and then you don't have a second or a third option. You should be asking yourself, ‘What if I lose this, what if they figure out a way to foil that?' Because, remember, we put something out there, and in a strategic competition, there's move-countermove all the time. […] So use it as a tool, but don't be totally dependent on it that if someone takes that tool away from you, your whole organization collapses.” - Brian Luther Mentioned in this episode: Dear InfoSec Read the transcript of this episode Subscribe to the ISF Podcast wherever you listen to podcasts Connect with us on LinkedIn and Twitter From the Information Security Forum, the leading authority on cyber, information security, and risk management.

In today's episode, Steve sits down with Paul Bartel, a senior intelligence analyst with PeakMetrics. Paul was previously with the Defense Intelligence Agency, and he speaks with Steve about his experience working in the government sector, how the public and private sectors can cooperate more effectively, and what businesses can do to protect themselves from misinformation campaigns. Key Takeaways: Generative AI is rapidly changing the nature of misinformation. Social media companies must take more responsibility for moderating the content on their platforms. To protect your organization from damage from misinformation, being aware of the current information environment and what information is out there about you, is key. Tune in to hear more about: Paul Bartel's background with the Defense Intelligence Agency (1:30) The three primary sources of misinformation in the US (4:40) How businesses can adapt to the changing information environment (17:56) Standout Quotes: “I think one of the biggest things that we have going now, and this is obviously in every sort of sector, is the use of generative AI. So what we're seeing a lot in social media now is instead of just random accounts that might be controlled by a person or two, what you're seeing is hundreds and hundreds of bot accounts that are able to push forward a large amount of information very quickly.” - Paul Bartel “The biggest thing I think that needs to start happening is the social media companies really especially need to take accountability for their own clientele base that might be spreading the misinformation.” - Paul Bartel “Getting an early handle on what's being said about them, and the information environment at large, can help them [organizations] navigate a lot of the challenges that we see in an information environment that's pushing out more and more information and can change on a minute to minute, hour to hour basis.” - Paul Bartel Mentioned in this episode: Dear InfoSec Read the transcript of this episode Subscribe to the ISF Podcast wherever you listen to podcasts Connect with us on LinkedIn and Twitter  From the Information Security Forum, the leading authority on cyber, information security, and risk management.

Today we're listening to the second half of Steve's recent Emerging Threats webinar for security leaders. In this episode, Steve responds to audience questions, covering everything from government regulation to supply chain to raising awareness within your organization. Steve Durbin's Contact Information: steve.durbin@securityforum.org Steve Durbin on LinkedIn Key Takeaways: 1. Knowing what your crown jewels are and how to protect them is paramount in a volatile world. 2. The government should do what the government does well, and it should let businesses do what businesses do well. The government should provide clear guidelines, but then there should be little interference. 3. Everything begins and ends with cyber resilience. How do we deal with the aftermath of the cyber incident that inevitably will occur? Tune in to hear more about: 1. How to get the board to care about cybersecurity and cyber risk (2:48) 2. How to avoid making regulatory compliance a tick box exercise (9:13) 3. How ISF can help make your organization more resilient (26:06) Standout Quotes: 1. “I like bringing people into the cyber space that are not technical. That doesn't mean to say you don't need technical people in cyber – you do, your security team needs to have a combination of the two – but I do very much like bringing them in from the business because their perspective is very much more about how they're going to make use of the technologies and therefore the use and the role that cybersecurity can play in securing the critical assets. Now, because we obviously are in an industry where there's a shortage of skills, what it does do is open up the markets to attracting – if you get it right – a whole variety of people that perhaps you wouldn't normally be able to bring into cybersecurity. So not only does it give you fresh perspective, not only does it align you more closely with the business, but it also opens up a pool of talent that otherwise might not be there.” - Steve Durbin  2. “I don't actually differentiate very much anymore between cyber risk and enterprise risk. [...] The reason I don't is that for me, I've become very much more convinced that cyber is so integral in everything that we do, that actually you create something of a problem for yourself if you begin to differentiate between enterprise and cyber.” Steve Durbin  3. “We need to make it simple for our users to be able to contact somebody in security if they are at all concerned about something that they've seen either through their email, on a system. And all too often we're not doing that. I can't tell you the number of times I've spoken to organizations and they simply aren't doing some of those basics. We don't need to complicate it all the time.” Steve Durbin Mentioned in this episode: Dear InfoSec Read the transcript of this episode Subscribe to the ISF Podcast wherever you listen to podcasts Connect with us on LinkedIn and Twitter From the Information Security Forum, the leading authority on cyber, information security, and risk management.

We're starting 2025 with a preview of the episodes ahead, featuring Steve in conversation with thought leaders and security experts from around the world. We look forward to sharing the full episodes with you this winter. Stay tuned! Featured: • Rear Admiral Brian Luther, president and CEO of the insurance firm Navy Mutual • Duncan Wardle, former head of Innovation and Creativity at Disney • Dr. Kate Darling, research scientist at the MIT Media Lab, research lead at the Boston Dynamics AI Institute • Best-selling author and hypnotist Dr. Paul McKenna  • Author and leadership expert Sylvie di Giusto • Paul Bartel, senior intelligence analyst with PeakMetrics Read the transcript of this episode Subscribe to the ISF Podcast wherever you listen to podcasts Connect with us on LinkedIn and Twitter From the Information Security Forum, the leading authority on cyber, information security, and risk management.

In today's episode, journalist Nick Witchell speaks with Steve for the second of a two-part conversation about the coming Trump administration. Nick and Steve consider how Trump's famously unpredictable behavior may impact business confidence and the steps business leaders can take to insulate their business from possible market changes. Key Takeaways: For business leaders, there is reason to be optimistic about the incoming Trump administration. Businesses in the US can take a “sit back, wait, and see” approach and await what new policies Donald Trump introduces in the beginning of his presidency.  It's always wise to invest in cyber resilience. Tune in to hear more about: How the incoming Trump Administration can benefit businesses  How to “trump-proof” your business  The constant need for cyber resilience, no matter who's leading the country Standout Quotes: “So what do you expect from any incoming elected leader? Well, you hope for clarity. You hope for a very clear set of guidelines within which you can operate. You hope for removal of ambiguity. You hope for a reduction, I would say, in unnecessary regulation. The opposite of that, that what slows business down is an increase in regulation that is perhaps unnecessary and a lack of clarity. So I think that businesses will be hoping for that clarity.” - Steve Durbin “I think that certainly focusing more on the need for cyber resilience is something that business leaders need to do. I don't know that I particularly want my government to be telling me what to do. So I very much like being able to run my business in the way that I think is best suited to my needs. I'm not a fan of nanny government. What I am a fan of is clarity in government, understanding from government, and allowing me to get on and do what I'm good at.” - Steve Durbin “People are desperately looking for some form of guidance, something to trust. And I think that business leaders have a relatively unique opportunity, because we do have huge responsibility to the people that work within our businesses and also to our customers. And there's a significant opportunity, I think, in that, to carve out a path that allows us to be viewed in a way that, yes, suits the needs of the business, but also fills this gap in society for something that you can actually trust, something that people know you really do stand for and can get behind.” - Steve Durbin Mentioned in this episode: ISF Analyst Insight Podcast Read the transcript of this episode Subscribe to the ISF Podcast wherever you listen to podcasts Connect with us on LinkedIn and Twitter From the Information Security Forum, the leading authority on cyber, information security, and risk management.

In today's episode, journalist Nick Witchell speaks with Steve about the coming Trump administration will mean for businesses. In the first part of their two-part discussion, Steve and Nick consider potential changes to the US approach to tech regulation and foreign policy. Key Takeaways: The fact that cyber security wasn't part of Donald Trump's campaign, doesn't necessarily mean it won't be a focus of his presidency. Election interference is about misinformation as much (if not more)  as it is about hackers getting into voting systems. Government must collaborate with private sector to create meaningful policies around digital security.  Tune in to hear more about: Expectations and hopes for the Trump administration's approach to cyber security (Add time) Regulation of social media (Add time) The importance of cooperation between government and private sector (Add time) Standout Quotes: “If we look at some of the initiatives that he [Donald Trump] has in place around, for instance, immigration, then cybersecurity is fairly core and central to some of these programs and plans, because anything that involves technology, of course, also involves cybersecurity. So I think that that's the way we're going to start seeing cyber coming into his perspective on the world. Where it touches some of his other frontline policies, then we're going to see it playing a role.” - Steve Durbin “As soon as you implement technology without security, you're creating a huge problem for yourself further down the road; one which, unless you have invested ahead of time, is going to cost you a horrible amount of money to try to fix later.” - Steve Durbin “You need to have people in government who've actually been there and done it, because if you haven't, then where do you begin? And so I'd like to see a lot more collaboration between government and private sector in terms of getting a lot more knowledge, frontline knowledge, into some of the things that you absolutely must do to secure this technology, rather than simply deciding that that's the way we're going to go and then leaving it up to the different departments to figure things out.” - Steve Durbin Mentioned in this episode: ISF Analyst Insight Podcast Read the transcript of this episode Subscribe to the ISF Podcast wherever you listen to podcasts Connect with us on LinkedIn and Twitter From the Information Security Forum, the leading authority on cyber, information security, and risk management.

An interview with Steve Durbin, ISF CEO, by Security editor Stephen Pritchard. Originally published by Security Insights Podcast. Cybersecurity and geopolitics are more tightly linked than ever. The growth of online espionage, attacks by state actors, and governments turning a blind eye to cybercrime, are all increasing risk. And the “attack surface” is growing too. More and more of what we do every day is online, and this presents more opportunities to bad actors. In a connected world, it does not take much to cause huge disruption, whether by accident or design. The rise in ransomware over the decade shows just how vulnerable we are to cyber attack. And some of the most prolific ransomware groups have at least informal ties to nation states. But behind the scenes, the threats from state-based, not just state sanctioned, cyber attacks are growing. This, in turn, needs a different response from organisations, and their security teams. Geopolitics is driving cybersecurity threats, in ways that could hardly be imagined in the early days of the information security business. Our guest this week is Steve Durbin, CEO of the Information Security Forum. As he points out, a lot has changed over the last few decades, and especially in the last few years. We are now in a very risky place. And, in an increasingly connected world, cyber has the potential to be the “Achilles Heel” of our defences, he argues. Could we see the current level of cyber threats spill over into more overt conflict? And do organisations have the resources to operate in a more dangerous world?

In this episode, ISF CEO Steve Durbin is in conversation with Raffael Marty, Executive Vice President and General Manager of Cybersecurity Management at ConnectWise. Raffael is also the author of Applied Security Visualization and the Security Data Lake. He and Steve discuss how to prevent data from being compromised, what government and private enterprise can learn from each other vis a vis cybersecurity, the pros and cons of cyberinsurance, and more. Related ISF Resources: Protecting the Crown Jewels: How To Secure Mission-Critical Assets Mentioned in this episode: ISF Analyst Insight Podcast Read the transcript of this episode Subscribe to the ISF Podcast wherever you listen to podcasts Connect with us on LinkedIn and Twitter From the Information Security Forum, the leading authority on cyber, information security, and risk management

This episode is the first part of a two-part conversation between Steve and Dr. Christopher Hand. Chris is a senior lecturer in psychology at the University of Glasgow in Scotland. He and Steve talk about trust and authenticity online, cyber-bullying in the context of work, and what we know so far about the decision to return to the office post-pandemic. Mentioned in this episode: ISF Analyst Insight Podcast Read the transcript of this episode Subscribe to the ISF Podcast wherever you listen to podcasts Connect with us on LinkedIn and Twitter From the Information Security Forum, the leading authority on cyber, information security, and risk management

Today, Steve is speaking with investigative tech journalist Geoff White, who has been covering tech and financial crime for more than 20 years. Listeners may be familiar with his popular podcast The Lazarus Heist for the BBC World Service, and now his new book, Rinsed: From Cartels to Crypto: How the Tech Industry Washes Money for the World's Deadliest Crooks, will be available from Penguin Random House next week.  Steve and Geoff discuss current trends in organized cybercrime, how these criminals are—or maybe aren't—adopting AI, and the difficulties law enforcement still faces in helping the victims of these crimes. Key Takeaways: 1.  Nation states and government agencies have been known to adopt tactics from organized crime gangs and activists – a sort of trickle-up effect. 2. As technological advancements are presenting criminals with new avenues for money laundering, law enforcement is not always able to keep up and instead is having to prioritize high level crimes. 3. The law enforcement landscape is a fast changing world, as agencies adapt and gain more awareness of cybercrime tactics relating to AI and cryptocurrencies. Tune in to hear more about: 1. Cybercrime evolution, nation-state involvement, and tactics (3:31) 2. AI use in cybercrime, potential for innovation and defense (8:29) 3. Cybercrime and money laundering, with a focus on the role of technology and law enforcement (11:45) 4. Cybercrime, crypto, and organized crime evolution (15:59) Standout Quotes: 1. “Sometimes the tools of organized cybercrime, gangs, nation states have also learned from hacktivists. From leaks from people like WikiLeaks or from Anonymous, they've learned the damage that a leak can do a leak of information can do. And that's fed into that disinformation piece nation states now extremely astute at getting in stealing information and then weaponizing that information to change elections, to change people's attitudes, to influence world events, the nation states have got both feet in to this cybercrime game.” -Geoff White 2. “I think maybe it's worth thinking like a criminal and understanding how thinking like a criminal is different to thinking like a different type of enterprise. The reason I enjoy thinking about organized crime and covering organized crime is because it's organized. These are networks, as you say, of professional, organized people. But they're not out to win customers. They're not like Microsoft and Google who wants to come out with innovation and innovative new products to win customers in their competition. No. They want to make money from victims. And frankly, as long as you're making enough money from your victims month in month out, you don't change. There's no reason to innovate. Crime gangs innovate when law enforcement and the force of authority stop them from making the money they usually make. That's when you innovate.” -Geoff White 3. “I think there was a time when, frankly, explaining Bitcoin to sort of rank and file police officers was a struggle. I think those days are gone … There's been this realization that things like cryptocurrency is something that law enforcement needs to be on top of.” -Geoff White 4. “As cryptocurrency gets larger, as more financial institutions get behind it, as governments get behind it, yes, it can make it more legitimate, it can expand the legitimacy of it. But it also creates more noise, if you like, for the criminals to hide.” -Geoff White Mentioned in this episode: ISF Analyst Insight Podcast Read the transcript of this episode Subscribe to the ISF Podcast wherever you listen to podcasts Connect with us on LinkedIn and Twitter From the Information Security Forum, the leading authority on cyber, information security, and risk management.

This is the second of a two-part conversation between Steve and Brian Lord, who is currently the Chief Executive Officer of Protection Group International. Prior to joining PGI, Brian served as the Deputy Director of a UK Government Agency governing the organization's Cyber and Intelligence Operations. Today, Steve and Brian discuss the proliferation of mis- and disinformation online, the potential security threats posed by AI, and the need for educating children in cyber awareness from a young age. Key Takeaways: 1. The private sector serves as a skilled and necessary support to the public sector, working to counter mis- and disinformation campaigns, including those involving AI. 2. AI's increasing ability to create fabricated  images poses a particular threat to youth and other vulnerable users. Tune in to hear more about: 1. Brian gives his assessment of cybersecurity threats during election years. (16:04) 2. Exploitation of vulnerable users remains a major concern in the digital space, requiring awareness, innovative countermeasures, and regulation. (31:0) Standout Quotes: 1. “I think when we look at AI, we need to recognize it is a potentially long term larger threat to our institutions, our critical mass and infrastructure, and we need to put in countermeasures to be able to do that. But we also need to recognize that the most immediate impact on that is around what we call high harms, if you like. And I think that was one of the reasons the UK — over a torturously long period of time — introduced the The Online Harms Bill to be able to counter some of those issues. So we need to get AI in perspective. It is a threat. Of course it is a threat. But I see then when one looks at AI applied in the cybersecurity test, you know, automatic intelligence developing hacking techniques, bear in mind, AI is available to both sides. It's not just available to the attackers, it's available to the defenders. So what we are simply going to do is see that same kind of thing that we have in the more human-based countering the cybersecurity threat in an AI space.” -Brian Lord 2. “The problem we have now — now, one can counter that by the education of children, keeping them aware, and so on and so forth— the problem you have now is the ability, because of the availability of imagery online and AI's ability to create imagery, one can create an entirely fabricated image of a vulnerable target and say, this is you. Even though it isn't … when you're looking at the most vulnerable in our society, that's a very, very difficult thing to counter, because it doesn't matter whether it's real to whoever sees it, or the fear from the most vulnerable people, people who see it, they will believe that it is real. And we've seen that.” -Brian Lord Mentioned in this episode: • ISF Analyst Insight Podcast Read the transcript of this episode Subscribe to the ISF Podcast wherever you listen to podcasts Connect with us on LinkedIn and Twitter From the Information Security Forum, the leading authority on cyber, information security, and risk management.

In today's episode, Steve speaks with David Weisong, CIO of Information Systems at Energy Solutions, a growing company with many US government clients. He speaks with Steve about his experiences overseeing a full migration of the company's security framework, how he got buy-in for security from the C-suite, and how he has approached the challenge of staffing. Key Takeaways: 1. Organisations are advised to focus on protecting critical assets and closely monitoring any supply chain issues. 2. Security leaders and teams are also having to prepare policies for AI use and investigate cloud provider dependencies. 3. Security leaders and teams should be monitoring developments in quantum, staying in step with regulations and needed skills. Tune in to hear more about: 1. Security risks in technology innovation and adoption (1:29) 2. The impact of quantum computing on cybersecurity and the need for organisations to prioritise legacy technology updates (6:59) 3. Volatility, uncertainty, and technological change in the security industry (12:45) 4. How technology innovations can disrupt and improve organisations (18:22) 5. Managing innovation in a rapidly changing digital landscape (20:40) 6. Limitations of accessing powerful technologies due to restrictions, threats, and security concerns (26:12) 7. Emerging threats and risks in technology, including quantum computing, AI, and legacy systems (32:18) Standout Quotes: 1. “We're a professional services organisation, so our contracts are the foundation. And if they're not 100% met, then you actually don't proceed. So it became very easy to say, there's cause and effect here. And that's where that's taken a lot of … repeat exposure, I think, is one part of it, but also setting the stage that it's dynamic. It's not like, oh, yeah, we're done with that, so we can just kind of move on. It's like, we're done with this particular initiative right now. And there are more, and it will be changing probably, quarter to quarter.” - David Weisong 2. “There's a lot of things that are being put onto platforms or systems that you sometimes get into the area where you might have a unique combination of things that creates problems. And so that's where I think the industry is looking at it still in a category basis. I think there's a need for a more holistic approach, dare I say, coordination or cooperation between companies and their solution offerings.” - David Weisong 3. “When I think about the three to five year window, I mean, there's clearly more fraud and more cybersecurity attacks. It is significant, and it's not decreasing. And so the ability for both organisations to share and for the industry that serving up different solutions, there has to be a coordination and a collaboration around that. Because the priority could change from year to year.” - David Weisong     Mentioned in this episode: Times Higher Education: We need a social science of data by Cristina Alaimo and Jannis Kallinikos ISF Analyst Insight Podcast Read the transcript of this episode Subscribe to the ISF Podcast wherever you listen to podcasts Connect with us on LinkedIn and Twitter  From the Information Security Forum, the leading authority on cyber, information security, and risk management.

In today's episode, Steve speaks with Steve Satterwhite, the founder and CEO of Entelligence, and author of "Above the Line: How the Golden Rule Rules the Bottom Line." He shares some simple but fresh ideas about how to find the right person for the right role, how to overcome the skills shortage, and why putting people first is the key to successful cybersecurity. Key Takeaways: 1. Successful companies can upskill employees in technology, using positive experiences and promising opportunities. 2. Satterwhite reflects on fatherhood, emphasizing the importance of helping children discover their purpose and identity. 3.  Satterwhite believes that the organisation's role is to provide tools and systems for team members to thrive, while also acknowledging the reality of short-term employment. 4. Open-minded technology leaders who integrate technical skills with emotional intelligence thrive. Tune in to hear more about: 1. Attracting and retaining talent in the cybersecurity industry (2:40) 2. Cybersecurity talent shortage and skills gap in enterprises (10:00) 3. Finding and upskilling cybersecurity professionals for new technologies (16:44) 4. Prioritising people in business to boost revenue and profits (21:58) 5. Prioritising emotional intelligence in technology leadership (27:06) Standout Quotes: 1. “I believe that that culture attracts the kind of folks that are ambitious, that are hungry to learn, that are eager to move up in whatever way that they define moving up in their lives. And I think it's our job, really, as leaders, and especially here in our organisation. It's to create that environment so that people can thrive.” - Steve Satterwhite 2.  “Here's a stupid analogy, but I like to use it because it's how I think about the business. It's really just to simplify it. Let's say that you're a new airline, or you have a new airline route that you want to go from Houston to Paris, and you're short of pilots to fly the big Dreamliner or the big Airbus from here to there. It's a different operation. So what we do is we go look for people that have been flying 737s most of their career. They're deeply passionate about flying, and they're really good at it, and all we need to do is just kind of upskill them in a short period of time just to fly a different airplane. It's still piloting, it's still flying. That's what we do. So if you think about just the evolution of technology and the things that we're doing, all we're doing, constantly, at Entelligence is just upskilling people in the shortest possible time.” - Steve Satterwhite Mentioned in this episode: ISF Analyst Insight Podcast Read the transcript of this episode Subscribe to the ISF Podcast wherever you listen to podcasts Connect with us on LinkedIn and Twitter From the Information Security Forum, the leading authority on cyber, information security, and risk management.

Today, Steve sits down with Dr. Andrew Newell, Chief Scientific Officer at the British biometrics firm iProov, for a conversation about deep fakes. As technology improves, it's becoming ever more difficult to determine what's real and what's fake. Steve and Andrew discuss what this will mean going forward for security, social media platforms, and everyday technology users. Key Takeaways: 1. Technology is the key to mitigating the threat of deep fakes, which are synthetic images or videos created to deceive. 2. Deep fakes are becoming increasingly sophisticated, making them hard to spot. 3. Newell breaks down the problem into two parts: secure identity verification and detecting synthetic images. 4. Incentives for verifying imagery will radically shift as deep fakes become more prevalent. Tune in to hear more about: 1. Deep fake technology and its potential impact on identity verification processes (5:57) 2. Preventing deep fake images and videos using technology and algorithmic systems (9:57) 3. Deep fakes and their potential uses, including filmmaking and education (13:11) 4. Deep fakes and their impact on society, with a focus on technology's role in verifying authenticity (18:43) Standout Quotes: 1. “I think the urgency here — and this is the absolutely key part — is that we need to get the technology in place to make sure that the processes that rely on the genuineness of the person in imagery, that we can have something in place that we know works, that we know that we can trust, and is something that is very easy to use.” - Andrew Newell 2. “I think on the protection of identity proofing systems against the threat from deep fakes, we have a technology solution now. And the urgency is to make sure that this technology is used wherever that we need to actually guard against that threat.”  - Andrew Newell 3. “And one of the most important things, if not the most important thing, is: when we think about a way to mitigate these threats, it has to be something that works for everybody. We cannot end up with a system that only works for certain groups in a society.” - Andrew Newell  Mentioned in this episode: Dear Infosec Read the transcript of this episode Subscribe to the ISF Podcast wherever you listen to podcasts Connect with us on LinkedIn and Twitter From the Information Security Forum, the leading authority on cyber, information security, and risk management.

Today's episode is the second of three conversations with ISF CEO Steve Durbin around the increasing impact of technology on society and business. Societies have always been divided, but how future divisions may manifest feels more uncertain than ever right now. In this episode, Steve and producer Tavia Gilbert offer an analysis of potential future scenarios, as well as practical tips for what organisations can do now to prepare. Key Takeaways: 1. The future will be defined by technology and social media, leading to a shift away from traditional divisions and towards a more complex world where data and information are highly instantaneous and influential. 2. Leadership will need strong empathy, consolidation skills, and the ability to challenge/be challenged. 3.  Leaders should assume imperfection and constantly update their situational awareness to make informed decisions. They also ought to prioritize simplicity and clear communication to build trust and drive success. Tune in to hear more about: 1. Leadership and organisation in a rapidly changing world (4:44) 2. The role of businesses in society, including their potential to fill the void left by declining trust in traditional leadership models (9:58) 3.  Information security and the importance of skepticism in the digital age (14:33) 4. Technology's impact on information sharing and nationalism (18:33) 5. Trust and verification in social media and supply chains (22:35) 6. Leadership, adapting to change, and the importance of soft skills in a rapidly changing world (28:23) Standout Quotes: 1. “Businesses have a new responsibility in the modern era … provide guidelines and stability in a time of deep division.” - Steve Durbin 2. “The one thing that is going to be so important that will differentiate the winners from the losers in the organisational stakes is: those organisations that are able to consolidate this overall sense of corporate purpose with purpose of the individual, whatever that looks like. And if we can do that, then I think that we'll create something that's particularly special and magic.” - Steve Durbin Mentioned in this episode: ISF Analyst Insight Podcast Are we linking the ISF Threat Horizon Report? Protecting the Crown Jewels? Any other ISF resources for this episode? Read the transcript of this episode Subscribe to the ISF Podcast wherever you listen to podcasts Connect with us on LinkedIn and Twitter From the Information Security Forum, the leading authority on cyber, information security, and risk management.

Today's episode is the first of three conversations with ISF CEO Steve Durbin around the coming impact of technological development on society and business. We know that new technologies have always tested organisations, and technological innovation and integration into our lives and enterprises — it's only accelerating. We offer an analysis of potential future scenarios, as well as practical tips for what organisations can do now to prepare. Key Takeaways: 1. Organisations must prioritise supporting smaller entities in keeping up with the fast pace of technological change. 2. Security can deliver competitive advantage, but implementation challenges persist, and security risks can become low priority in a fast-paced tech landscape. 3. Organisations face pressure to modernise technology while managing legacy systems and regulatory demands. 4. CEOs must balance competing priorities, including ESG initiatives, employee expectations, and shareholder demands. 5. Political developments may force organisations to respect local restrictions on technologies. 6. Organisations are advised to protect crown jewels, ensure data protection, and monitor supply chain partners. 7. Organisations must prepare for quantum-proof encryption and socialise policies for AI use. Tune in to hear more about: 1. The impact of technological innovation on business and society, with a focus on adoption challenges and timing (0:00) 2. Security risks in technology innovation and adoption (1:29) 3. The impact of quantum computing on cybersecurity and the need for organizations to prioritize legacy technology updates (6:59) 4. Volatility, uncertainty, and technological change in the security industry (12:45) 5. How technology innovations can disrupt and improve organizations (18:22) 6. Managing innovation in a rapidly challenging digital landscape (20:40) 7. Limitations of accessing powerful technologies due to restrictions, threats, and security concerns (26:12) 8. Emerging threats and risks in technology, including quantum computing, AI, and legacy systems (32:18) Standout Quotes: 1. “Organisations could certainly find themselves cut off from the supercharged processing power, because it may be developed by a government for its own ends and restricted, expensive, all of those sorts of things, so that it effectively becomes unavailable. And I think organisations, despite all of that, are going to have to operate in the shadow of this massive computing power shift when it comes about as the pace of change accelerates, innovations proliferate, traditional life cycles of technology shorten.” - Steve Durbin 2. “If we're going to have smaller organisations within our overall ecosystem, we need to be just sparing a bit of a thought for how they might be keeping up with such a fast pace of change and how we're going to support them in continuing to meet some of the standards and bars that were setting, so that everybody benefits, frankly.” - Steve Durbin 3. “So the world is also reshaping, as we're introducing AI into what we're doing. And so again, I think that the challenge from the business perspective, from the security perspective, from the technology perspective, is really about: how do you focus on what is important for your organisation, for your people, for your customers, in a world that is constantly now changing? And the speed of that change is only going to get faster. And we haven't seen that before.” - Steve Durbin 4. “So you're in a much better position, if you can control your innovations irrespective of what's going on. But you're never going to be able, I think, to divorce yourself completely from the market, because you operate in the market. And so the speed at which the market is evolving is going to, I think, determine — to a certain extent, anyway — your success in managing your own innovation, so you may need to be innovating more quickly than you're comfortable, just in order to try to keep up.” - Steve Durbin Mentioned in this episode: ISF Analyst Insight Podcast ISF Podcast: Data Dilemmas: Outsmarting the perils of AI Read the transcript of this episode Subscribe to the ISF Podcast wherever you listen to podcasts Connect with us on LinkedIn and Twitter From the Information Security Forum, the leading authority on cyber, information security, and risk management.

Today, BBC journalist Nick Witchell interviews Steve about the threat landscape in light of a number of damaging hacks that have recently been made public. They consider the challenges regulators face given the current geopolitical situation and discuss how organisations can create a thorough cyber defense and response plan. Key Takeaways: 1. Organisations cannot abdicate responsibility for data security, even when outsourcing to third parties. They need strong incident response plans and ongoing assessment of third-party security capabilities.  2. In terms of any country's political agenda on cybersecurity, AI regulation is often overshadowed by other issues. 3. Few parliamentarians and ministers come from a security background, which is one reason why it's critical to provide guidance and insight to them. 4. A more thoughtful and funded approach to security would benefit society, considering the potential impact on people's lives and the need for effective incident response. Tune in to hear more about: 1. Accountability and responsibility in cybersecurity (1:59) 2. Role of cybersecurity centers and national institutions (5:13) 3. Government and political involvement in cybersecurity (8:29) 4. Public awareness and the ISF's role (12:21) 5. Risk management and security investment (16:32) 6. Concerns about technology implementation (20:14) Standout Quotes: 1. “We (at the ISF) don't want to be one of those organisations that's constantly barracking people and complaining. We want to be holding true to some of our founding principles, which is about providing best advice, providing some of the best tools, providing some of the best insights that we gather from our own team and also from our member community. But we do need to make more noise about that, because people desperately need to understand some of the implications, and indeed, very much more importantly, what they can actually practically do about it.”  - Steve Durbin 2. “There is no one size fits all. That's the other thing about this. You have to have it in line with your business direction, your size, your maturity, all of those sorts of things. Very often people ask me for blueprints or, what does good look like? And my answer is always the same: it varies depending on your stage of maturity and your willingness to spend, and how important your data is to you.” - Steve Durbin Mentioned in this episode: ISF Analyst Insight Podcast Read the transcript of this episode Subscribe to the ISF Podcast wherever you listen to podcasts Connect with us on LinkedIn and Twitter From the Information Security Forum, the leading authority on cyber, information security, and risk management.

Today's conversation is a fascinating discussion on the nature of data with Jannis Kallinikos, professor of Information Systems at the London School of Economics. Jannis co-wrote the recently published book Data Rules: Reinventing the Market Economy, in which he and co-author Cristina Alaimo posit that data are a fluid cultural record, rather than a static statistical entity. He and Steve discuss the implications of this understanding of data for the security industry, from how it could change regulatory approaches to how we understand ourselves as humans in relation to data. Key Takeaways: 1. Kallinikos argues that data are not just statistical entities, but cultural entities that convey aspects of our world and reality. 2. Data are cultural records, not just statistical entities, and are fundamental to economic and social transformation. 2. Durbin and Kallinikos discuss concerns about data-driven perspectives reinforcing narrow worldviews. 3. Data regulation needs to reflect data's interactive and morphing nature and serves to protect society from greedy companies. 4. Kallinikos warns that politics has become instinct-based, with little time for reflection. Tune in to hear more about: 1. Data's role in society, economy, and transformation (0:00) 2. Data's impact on society, culture, and individual perspectives, with a focus on regulation and balance (7:10) 3. Data as a living entity, challenges for security professionals, and need for education (18:01) 4. Data's impact on society and politics, with a focus on education and government's role in protecting data (23:15) Standout Quotes: 1. “Data are cultural elements and not statistical entities. It makes a whole lot of difference. By cultural entities, we mean that they are records by which we represent our world. and we act upon the world. We use them to produce, we use them to interact, we use them to communicate. In this respect, data are cultural records, once again, and not statistical entities or entities like those ones that contemporary data science debates.“ - Jannis Kallinikos 2. “Think how many things we can do that were out of reach before these beasts and these technologies and the data we produce in the facilities that they prepare for us, how many things we can do that were not virtually possible before. So there is a positive side to it. But as you English say, there is no free lunch in life. And this applies here. We win a lot. But there are also important things that we lose.“ - Jannis Kallinikos 3. “But these are difficult discussions to have in politics. Because they require a little bit of reflection, a step back, a little bit of time. Politics, for good or bad, has become very instinct based over the last three or four decades. Instinct based, more to react, target, and produce reactions of a particular type that are mostly emotional or instinctual.“ - Jannis Kallinikos Mentioned in this episode: Times Higher Education: We need a social science of data by Cristina Alaimo and Jannis Kallinikos ISF Analyst Insight Podcast Read the transcript of this episode Subscribe to the ISF Podcast wherever you listen to podcasts Connect with us on LinkedIn and Twitter  From the Information Security Forum, the leading authority on cyber, information security, and risk management.

In this insightful episode of Healthy Mind, Healthy Life, Avik Chakraborty sits down with Steve Durbin, Chief Executive of the Information Security Forum (ISF), to explore the intersection of leadership and mental health within the high-pressure world of cybersecurity. As cyber threats evolve at an unprecedented pace, leaders in this field face mounting stress and anxiety. Steve shares his extensive experience guiding Fortune 500 companies and global leaders, discussing the unique challenges cybersecurity leaders face today, including managing stress, avoiding burnout, and maintaining resilience. Join us as we uncover strategies for sustaining mental well-being in a rapidly changing digital landscape. About the Guest: Steve Durbin is the Chief Executive of the Information Security Forum, a leading authority on cybersecurity strategy and emerging threats. With a career spanning advising Fortune 500 companies and global leaders, Steve is a powerful voice on issues that extend beyond technology. His deep understanding of the cybersecurity landscape, coupled with his insights into the human challenges of leadership, make him an invaluable resource for those navigating this complex field. Key Takeaways: The Challenge of Time in Cybersecurity: Steve highlights the increasing speed at which cyber threats evolve and how this compresses the time leaders have to respond, creating significant stress and anxiety. Impact of Remote Leadership: The transition to remote work during the pandemic introduced new challenges for cybersecurity leaders, who had to adapt to managing teams without the benefit of in-person interactions, leading to increased stress. Recognizing Burnout: Steve discusses the subtle signs of burnout in cybersecurity professionals, emphasizing that those experiencing burnout often don't recognize it themselves. Leaders must be vigilant in identifying these signs among their teams. Building Resilience: The conversation touches on the importance of resilience in cybersecurity leadership, with Steve sharing strategies on how leaders can foster a work environment that supports mental well-being and high performance. Leadership Beyond Technology: The discussion expands beyond technical skills, focusing on the human aspects of leadership in cybersecurity, including the importance of empathy, communication, and understanding individual needs. This episode is a must-listen for anyone involved in cybersecurity leadership or those interested in how leaders can maintain their mental health while navigating the complexities of today's digital threats.

For our special Summer Listening series, we revisit some favorite listens: episodes that cover some of the most important, and current, issues in cyber. In today's episode, Steve speaks with actress, voice coach, leadership consultant, and expert in core energetics, or body-led psychotherapy, Kate Montague. Kate discusses the effectiveness in taking time to reset, what happens when you stay connected to your body and your breath, how to take the temperature of the room when the rooms are remote, and more. Learn more about Kate Montague. Mentioned in this episode: Royal Central School of Speech and Drama Read the transcript of this episode Subscribe to the ISF Podcast wherever you listen to podcasts Connect with us on LinkedIn and Twitter From the Information Security Forum, the leading authority on cyber, information security, and risk management

For our special Summer Listening series, we revisit some favorite listens: episodes that cover some of the most important, and current, issues in cyber. Today, ISF CEO Steve Durbin is in conversation with Dr. Brian Cox, professor of Particle Physics at the University of Manchester. Dr. Cox worked on the ATLAS experiment at the Large Hadron Collider at CERN in Switzerland and has co-written several books on physics, including Why does E=mc2? and The Quantum Universe. He's also known for appearances in many science programmes for BBC radio and television, including In Einstein's Shadow and the BBC Horizon series. Dr. Cox and Steve discuss how to translate a complex message to a lay audience, the need for intellectual honesty, and the value of play even in serious endeavors. Read the transcript of this episode Subscribe to the ISF Podcast wherever you listen to podcasts Connect with us on LinkedIn and Twitter From the Information Security Forum, the leading authority on cyber, information security, and risk management

For our special Summer Listening series, we revisit some favorite listens: episodes that cover some of the most important, and current, issues in cyber. In this episode, ISF CEO Steve Durbin speaks with computer programmer, philanthropist, and co-founder of Apple, Steve Wozniak. Woz reminisces about the past and looks into the future of Big Tech, and considers what both could mean for the future of security. Read the transcript of this episode Subscribe to the ISF Podcast wherever you listen to podcasts Connect with us on LinkedIn and Twitter From the Information Security Forum, the leading authority on cyber, information security, and risk management

For our special Summer Listening series, we revisit some favorite listens: episodes that cover some of the most important, and current, issues in cyber.  In this episode, Steve speaks with a guest whose focus includes human culture, behavior, and storytelling: singer/songwriter and activist Sir Bob Geldof, lead singer of the Boomtown Rats and founding member of Band Aid, famous for raising money for Ethiopian famine relief. Steve and Sir Bob discuss the effect of the Covid19 pandemic on creativity, the political turmoil facilitated by rapidly advancing digital technology, Sir Bob's hope for fresh ideas, the courage to embrace change, and more. Learn more about Sir Bob Geldof and the Boomtown Rats. Mentioned in this episode: Pete Briquette Simon Crowe Garry Roberts Vladimir Putin Xi Jinping Recep Tayyip Erdogan Boris Johnson Donald Trump Charles Darwin Sigmund Freud Karl Marx Live Aid Live 8 QAnon Thomas Piketty Shoshana Zuboff Marshall McLuhan Novacene: The Coming Age of Hyperintelligence by James Lovelock Richard Branson Bill Gates Steve Jobs Mark Zuckerberg Jack Ma Larry Page Sergey Brin Winston Churchill Alan Brooke George Bernard Shaw Tim Berners-Lee Johannes Gutenberg Colin Wilson The Rolling Stones Mick Jagger Keith Richards Billie Holiday John Lennon Paul McCartney Paul Allen Steve Wozniak Gaia Theory Read the transcript of this episode Subscribe to the ISF Podcast wherever you listen to podcasts Connect with us on LinkedIn and Twitter From the Information Security Forum, the leading authority on cyber, information security, and risk management. Your listens 807 2nd Aug - 8th Aug 16 see all stats   Subscribe   Next  Reggie Butler — Bringing Your Home to Work  Top Episodes  Steve Durbin — Emerging Threats for 2022  by ISF Podcast Steve Durbin — Emerging Threats for 2022: Q&A  by ISF Podcast CxO series – Cyber Resiliency in a defining moment in history  by ISF Podcast

For our special Summer Listening series, we revisit some favorite listens: episodes that cover some of the most important, and current, issues in cyber.  In this evergreen episode, Steve and Tavia discuss the constantly changing world of risk, what security can do to prepare for and mitigate risk, the role of the business leader, and the impact of risk management on strategy and business direction.  Mentioned in this episode: ISF Analyst Insight Podcast Read the transcript of this episode Subscribe to the ISF Podcast wherever you listen to podcasts Connect with us on LinkedIn and Twitter From the Information Security Forum, the leading authority on cyber, information security, and risk management

Steve recently sat for an interview with veteran journalist Julie MacDonald for a feature with The European. Last week, we listened to the first part of that conversation, and today, we're hearing the second. Julie and Steve talk about scenario planning, transparency within industries, and what good leadership looks like in this complex moment in history. Key Takeaways: 1. Durbin emphasizes AI's dependence on data integrity and the importance of starting with good data. 2. Durbin discusses the challenges of geopolitical threats and market flux, and how  organizations must prepare for an uncertain future. 3. Durbin notes increased use of ISF's supplier assessment tools to mitigate risks due to geopolitical tensions and COVID-19. Tune in to hear more about: 1. Cyber security, AI, and data integrity (0:00) 2. Cyber security threats, vulnerabilities, and supply chain risks (3:40) 3. Risk management, leadership priorities, and the importance of collaboration (9:28) Standout Quotes: 1. “Bear in mind that when it all comes crashing down, there isn't a piece of technology in the world that will get your systems back up and running. And so don't forget the role that people have to play. So look after the people, make sure that they understand the important role that they have, because I think all too often, we talk about them being the weakest link. Actually, they're the strongest link.“ - Steve Durbin 2. “You have to focus on the crown jewels. That's your starting point. Very often, people will say to me, well, how much should we be spending? And my answer to that is, it depends. It depends on your risk profile, depends how nervous you are, it depends if you're going to enter new markets, it depends if you're coming out of markets. So you have to, as the leader of an organization, I think, juggle all of those things. And you have to do it in a very sort of swanlike way.“ - Steve Durbin 3. “You will make mistakes. And the mistake itself isn't important. What is important is how you recover from that, and how you learn from it going forward. And how you share that with other people in your organization. And how you become very much more agile to take advantage of some of the opportunities that that might open up.“ - Steve Durbin Mentioned in this episode: ISF Analyst Insight Podcast Read the transcript of this episode Subscribe to the ISF Podcast wherever you listen to podcasts Connect with us on LinkedIn and Twitter From the Information Security Forum, the leading authority on cyber, information security, and risk management.

Steve recently sat for an interview with veteran journalist Julie MacDonald for a feature with The European. For the next two weeks, we'll be presenting that conversation in two parts. In the first part, Julie and Steve discuss the regulatory landscape, improving communication across the business, and how enterprises can successfully marry technology with the human element of work. Key Takeaways: 1. Durbin emphasizes the importance of alignment in creating a culture that supports risk management and growth. 2. MacDonald emphasizes the need for transparency beyond organizational borders, including collaboration with competitors and regulators. 3. Large organizations have resources to keep up with supply chain risks, while midsize and small enterprises struggle. 4. Durbin stresses the need for basic security practices and security awareness training, providing feedback in real-time to help individuals remember what they should have done. Tune in to hear more about: 1. Cybersecurity risks and how businesses can manage them effectively (0:00) 2. Cybersecurity transparency, regulation, and communication (5:13) Standout Quotes: 1. “I think for security people, what they have to be better at is understanding the role that security plays in achieving the business objectives, the business strategy, because if they can do that, then suddenly they have the ear of the business. On the other side, from the business perspective, they need to understand the role that technology plays in achieving what they're trying to do. Because technology equals security equals risk.“ - Steve Durbin 2. “If you look at the way in which now, technology is all pervasive, we use different elements of technology to do our jobs. So we may be doing something on our own mobile phone, for instance, which we wouldn't have been doing before. So the importance of security awareness has actually increased significantly. “ - Steve Durbin Mentioned in this episode: ISF Analyst Insight Podcast Read the transcript of this episode Subscribe to the ISF Podcast wherever you listen to podcasts Connect with us on LinkedIn and Twitter From the Information Security Forum, the leading authority on cyber, information security, and risk management.