POPULARITY
RSAC Conference 2025 has been full on, with cybersecurity experts from all over the world descending on San Francisco to share trends, data, and announcements.This year, ITPro has been providing both remote and on the ground coverage from the event, across talks covering topics such as AI security and threat actor methodology.In this episode, Jane speaks to Rory about some of his RSAC coverage and key takeaways from the event.Read more:RSAC Conference 2025 was a sobering reminder of the challenges facing cybersecurity professionalsRSAC Conference Day One: Vibe Is 'All In' on AI for Security“Governance is an irreplaceable role”: Microsoft Security VP on why diversity and sector expertise will keep security workers relevant in the age of agentic AIRSAC Conference day two: A focus on what attackers are doing"There needs to be an order of magnitude more effort"": AI security experts call for focused evaluation of frontier models and agentic systemsCyber defenders need to remember their adversaries are human, says Trellix research headRSAC Conference day three: using AI to do more with less and facing new attack techniques"China has almost doubled their aggression in cyber': Kevin Mandia and Nicole Perlroth warn organizations aren't waking up to growing APT threats
This episode of the InfoSec Beat podcast focused on careers in information security features a conversation between Accenture CISO Kris Burkhardt and Paul Kunas, who led our Governance, Risk, and Compliance (GRC) function for almost 10 years. Paul's career journey involved security roles at Accenture and other companies and ultimately a return to Accenture to formalize GRC for Information Security. The work spanned developing global strategies and building many programs to arrive at one common view of risk today. Activities center on various analyses to secure technology, updating strategies, validating approaches, instilling a common view and vision, and responding to new challenges.
Episode 65 features Marina Segal, a friend, former colleague, and now co-founder and CEO of her VC-backed start-up, Tamnoon (www.tamnoon.io). I first met and worked with Marina Segal at Dome9 and, subsequently, Check Point Software. Marina is a shrewd and highly experienced executive with a strong background in Security Governance, Risk, and Compliance. In this age of AI, automation, and BOTs, she and her team have created an interesting value proposition with a human touch. I hope you enjoy the discussion. *PLEASW NOTE*Correction* Midway through the broadcast I refer to CNAPP as a 'horizontal vertical' solution and I meant to say CSPM, not CNAPP. My bad. Thanks!
In this episode, I talk to Brian Wilson whose departure from the Navy was prompted by an offer that was just too good to pass up. Known throughout the Corps for his kindness, humbleness, intelligence, and hid dedication to the mission, we all thought Brian would stay until forced out. His first stint out of the Navy lasted 14 years, allowing him to combine many of the roles and skills he developed while on active duty. Just recently, Brian moved to the Institute for Security Governance in Monterey, CA. Brian is on LinkedIn. --- Support this podcast: https://podcasters.spotify.com/pod/show/tom-welsh/support
In this insightful session, InfosecTrain presents "A CISO's Guide to Effective Cloud Security Governance Masterclass session 2," offering invaluable guidance for Chief Information Security Officers (CISOs) and security professionals navigating the complexities of cloud security.
In this insightful Podcast, InfosecTrain delves into the intricate world of cloud security governance, offering a comprehensive guide tailored for Chief Information Security Officers (CISOs) and security professionals alike. With cloud computing becoming increasingly prevalent in today's digital landscape, the need for robust security measures is paramount. The podcast explores key strategies and best practices essential for ensuring effective cloud security governance, empowering CISOs to navigate the complexities of securing cloud environments with confidence.
Guest: Nitin Raina, Global CISO, Thoughtworks [@thoughtworks]On LinkedIn | https://www.linkedin.com/in/nnraina/____________________________Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinView This Show's Sponsors___________________________Episode NotesIn this episode of the Redefining Cybersecurity Podcast, host Sean Martin connects with Nitin Raina, the global Chief Information Security Officer (CISO) for ThoughtWorks. The discussion centers around Nitin's innovative approaches to transforming and elevating cybersecurity, drawing from his rich experience and strategic mindset. Nitin shares his journey in cybersecurity, emphasizing the evolution of the security program under his leadership. He discusses the significance of adapting a business-centric approach to cybersecurity, breaking away from conventional, technology-focused strategies. This includes the development and successful implementation of a business security maturity model designed to align with the organization's diverse, global operations.A notable aspect of Nitin's strategy is the emphasis on leadership activation and the importance of governance in driving cybersecurity initiatives. By fostering a culture of security ownership across all levels of leadership and the broader organization, Nitin underscores the transformational shift in how cybersecurity is perceived and managed within ThoughtWorks. He highlights the collaborative efforts with different departments, such as IT operations and legal compliance, to ensure a cohesive approach to protecting the organization's 'crown jewels.' Through anecdotes and examples, Nitin illustrates the impact of these strategies on enhancing security awareness, decision-making, and operational effectiveness across the company.The conversation also touches on the technical side, discussing the role of developers within the cybersecurity landscape and the utilization of contemporary technologies and frameworks to bolster the security posture. The episode concludes with insights into the future of cybersecurity, advocating for a more integrated and business-aligned approach. Nitin's reflections on the journey and achievements of his company's cybersecurity initiatives provide valuable lessons for organizations aiming to redefine their security strategies in a rapidly evolving digital world.Key Questions AddressedHow did Nitin Raina's leadership and strategies transform the cybersecurity posture at his company?What role does leadership activation play in redefining cybersecurity across an organization?How can cybersecurity be aligned with business strategies to foster growth and innovation?___________________________Watch this and other videos on ITSPmagazine's YouTube ChannelRedefining CyberSecurity Podcast with Sean Martin, CISSP playlist:
Guest: Nitin Raina, Global CISO, Thoughtworks [@thoughtworks]On LinkedIn | https://www.linkedin.com/in/nnraina/____________________________Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinView This Show's Sponsors___________________________Episode NotesIn this episode of the Redefining Cybersecurity Podcast, host Sean Martin connects with Nitin Raina, the global Chief Information Security Officer (CISO) for ThoughtWorks. The discussion centers around Nitin's innovative approaches to transforming and elevating cybersecurity, drawing from his rich experience and strategic mindset. Nitin shares his journey in cybersecurity, emphasizing the evolution of the security program under his leadership. He discusses the significance of adapting a business-centric approach to cybersecurity, breaking away from conventional, technology-focused strategies. This includes the development and successful implementation of a business security maturity model designed to align with the organization's diverse, global operations.A notable aspect of Nitin's strategy is the emphasis on leadership activation and the importance of governance in driving cybersecurity initiatives. By fostering a culture of security ownership across all levels of leadership and the broader organization, Nitin underscores the transformational shift in how cybersecurity is perceived and managed within ThoughtWorks. He highlights the collaborative efforts with different departments, such as IT operations and legal compliance, to ensure a cohesive approach to protecting the organization's 'crown jewels.' Through anecdotes and examples, Nitin illustrates the impact of these strategies on enhancing security awareness, decision-making, and operational effectiveness across the company.The conversation also touches on the technical side, discussing the role of developers within the cybersecurity landscape and the utilization of contemporary technologies and frameworks to bolster the security posture. The episode concludes with insights into the future of cybersecurity, advocating for a more integrated and business-aligned approach. Nitin's reflections on the journey and achievements of his company's cybersecurity initiatives provide valuable lessons for organizations aiming to redefine their security strategies in a rapidly evolving digital world.Key Questions AddressedHow did Nitin Raina's leadership and strategies transform the cybersecurity posture at his company?What role does leadership activation play in redefining cybersecurity across an organization?How can cybersecurity be aligned with business strategies to foster growth and innovation?___________________________Watch this and other videos on ITSPmagazine's YouTube ChannelRedefining CyberSecurity Podcast with Sean Martin, CISSP playlist:
In an era where organizations increasingly depend on cloud services, mastering the intricacies of cloud security is crucial. Explore the fundamental elements of governance, risk management, and compliance to maintain an advantage in the ever-evolving realm of cloud technology. What is Cloud Security Governance? Cloud Security Governance encompasses the array of policies, procedures, and safeguards an organization establishes to ensure the efficient and secure utilization of cloud services. As businesses increasingly adopt cloud computing to host applications, store and process data, and manage their infrastructure, it becomes crucial to implement strong governance practices to address the unique security challenges presented by the cloud environment. View More: Why Cloud Security Governance Training Course with InfosecTrain?
In this episode of What That Means, Camille gets into product security governance with Vernetta Dorsey Windsong, Director of Product Security Governance at Intel. They talk about how product security and governance practices work together, how to get started with product security governance, the challenges of implementing new practices, automation within a secure development lifecycle, the effects of AI on processes, preventing governance creep, and more. Learn more about the secure development lifecycle in Vernetta and Camille's previous conversation: https://cybersecurityinside.libsyn.com/49-what-than-means-with-camille-secure-development-lifecycle-sdl The views and opinions expressed are those of the guests and author and do not necessarily reflect the official policy or position of Intel Corporation.
Although our paths did not cross too many times while serving in the Navy JAG Corps, Ian Wexler and I had many common career experiences, including career challenges and duty stations. Ian's last assignment on active duty was as Director, Institute for International Legal Studies in Newport, RI. Following his retirement this past fall, Ian became Director, Institute for Security Governance in Monterey, CA. DISCLAIMER: THE OPINIONS EXPRESSED BY IAN WEXLER IN THIS PODCAST ARE HIS PERSONAL VIEWS AND NOT THOSE OF THE INSTITUTE FOR SECURITY GOVERNANCE, THE DEFENSE SECURITY COOPERATION UNIVERSITY, THE DEFENSE SECURITY AGENCY, OR THE DEPARTMENT OF DEFENSE. Ian's biography can be found HERE while his LinkedIn profile can be accessed HERE. --- Support this podcast: https://podcasters.spotify.com/pod/show/tom-welsh/support
Join Us for a Session on "What is Cloud Security Governance? | Advanced Cloud Security Governance"
Notes:- Dr. Benoît Dupont has written a book on the ecology of cybercrime, which was born from his frustration with the segmentation of research on cybercrime within criminology and between disciplines. - The book argues that all research on cybercrime should be connected because we all live in the same digital ecosystem. - There are many hurdles and obstacles in the way of making positive change in the fight against cybercrime, but Dr. Dupont is optimistic about our chances. - Residual cybercrime will always subsist, but it can also help identify vulnerabilities in technologies that the industry hasn't identified, which can help improve security. - It's important to address the needs of victims of cybercrime, which is often forgotten. - The government has the data or the tools to generate the data but needs to work with the private sector and academia to make sense of the data and agree on a roadmap for anti-cybercrime and anti-cybercrime control and prevention.About our Guest:Dr. Benoît Duponthttps://crim.umontreal.ca/repertoire-departement/professeurs/professeur/in/in15263/sg/Benoît Dupont/https://www.linkedin.com/in/benoit-dupont-9369702/ Papers or resources mentioned in this episode:Dupont, B., Grabosky, P., & Shearing, C. (2003). The Governance of Security in Weak and Failing States. Criminal Justice, 3(4), 331-349. https://doi.org/10.1177/146680250334001Berg, J., Nakueira, S. & Shearing, C. 2014. Global Non- State Auspices of Security Governance. In: Bersot, H. & Ariigo, B. Eds. The Routledge Handbook of International Crime and Justice Studies. Routledge, 77-97Other:“Much time and energy have been devoted by taxonomists to isolating morphological patterns of species and subspecies and determining the geographic ranges of each. This is only a stepping stone to further progress in many lines- units around which accumulations of knowledge could be formed for comparison with one another. Until such units are stabilized so that they can be recognized, specific knowledge cannot accumulate - it will of necessity be generalized because, without such standardization, one worker cannot add to the specific knowledge of others.” pp.3.Woodbury, A. M. (1952). Ecological taxonomy. Science, 115(2992), 3-3.
Ready to fortify your organizational security? We promise to equip you with a deeper understanding of security governance principles - the backbone of any effective information security program. We highlight the pressing need for strategies that align with the mission and vision of the organization, especially in the face of the growing threat of ransomware attacks. We dissect a recent news piece that underscores the importance of safeguarding critical infrastructure. But that's not all, we also reveal the resources that'll help you ace the CISSP certification exam.Imagine having the power to create a foolproof USB policy. We guide you through the process of crafting a classification schema, handling procedures for each classification level, and constructing an impactful security awareness program. Get the inside scoop on why specialized training for your security personnel could be a game-changer. We touch upon the necessity of consistent feedback and evaluation mechanisms that can instigate continuous improvements in your security initiatives.Change can be daunting, but what if we told you that embracing security control framework mapping could be transformative? We delve into the pros and cons of security control mapping, the challenges you might face, and the various methodologies at your disposal. We'll also share practical examples of mapping NIST to ISO and HIPAA to COVID to ensure compliance with varying regulations. Navigating GDPR and the ISO 27,000 framework needn't be a nightmare anymore. If you're gearing up for the CISSP test this September, you'll have our best wishes and a wealth of invaluable information.Gain access to 30 FREE CISSP Exam Questions each and every month by going to FreeCISSPQuestions.com and sign-up to join the team for Free.
Civilians are heavily dependent on space systems for everyday life. Yet, those same space systems can also be critical for national and international security. While the civilian and military uses of space are governed by international law, the current framework needs to be strengthened to ensure the protection of civilians, particularly in light of the increasing militarization and weaponization of outer space. In this post, part of a series on War, Law, and Outer Space, Nivedita Raju, a researcher at the Stockholm International Peace Research Institute (SIPRI), presents an overview of space security governance and proposes three steps towards this objective.
Jeevan Lobo has piled up an impressive amount of leadership knowledge throughout his career, and is eager to share what he learned. In this episode, he walks Matt through his role as a Cross-Functional Manager, and how he transitioned to his current position as Security and Governance Leader. In addition, he shares some tips on how to implement new processes in an organization, measure success, and get teams actively involved. Jeevan Lobo is currently the Vice President of Security and Governance in Citibank He is an ITIL Expert, and has over two decades of experience in IT. Jeevan has worked over the years across Consulting, Managed Service providers, and Captive organizations, with multiple stakeholders from all over the world, and in a wide range of industries, such as Financial institutions, Health & Life Sciences, Energy & Utilities, and Retail. His areas of expertise include Cross-Functional Leadership, Digital Transformation and Risk & Control.
Ospiti della puntata:Andrea De Micheli di Web3 Alliance,Laura Gusmeroli di Show Reel Agency,Emiliano Massa di Proofpoint,Alessandra Coletti di Abstract e Giacomo Zaninetta di AGICAP
To power through business issues takes two. Whether it's the two customer bookends (the initial sale and delivering on promises) or the two-some of you and a co-founder, balance is power. By navigating relationships and using each other's strengths, you can sustain the passion to build a business.In this episode, I (Daniel) discuss balance in both leadership and your team with Jim Goldman, the Co-Founder and CEO of Trava. Jim shares how working well together, having at least one person who loves sales, and passing along knowledge sustains passion. He goes on to offer the perspective of hiring people who already possess proper balance and capabilities, and then training for skills.“Laughter makes us more productive… [So] we take our laughter very seriously.” -- Jim GoldmanWhat You'll LearnSustaining passionPartner balanceOne needs to love salesRelinquishing controlHire for capabilities, train for skillsSavage with a sage mindsetCharging intensityRecommended ResourcesConnect with Jim GoldmanJim is the Co-Founder and CEO of Trava, a cybersecurity risk management company. Along with having worked for the FBI and Salesforce, Jim says about himself…“I am proud of my ability to solve big hairy problems (BHPs). I believe in doing things right or not at all. My to-do lists are legendary. I am a strategist, connecting dots that others don't see, but also an achiever, focused on delivering meaningful results.At Salesforce, I built the company's first Security GRC organization where I am responsible for enterprise-wide Security Governance, Risk Management, Compliance. I was initially also responsible for Information Management/Data Governance including GDPR, which has since transferred to the Chief Data Officer's organization.I am a diversity champion. My current team (~80 people globally) is 41% women and my leadership team is 42.8% women.I build efficient programs and effective organizations. I fix broken processes. I solve problems rather than treat symptoms. I believe in the speed of trust.I have started degree programs at major universities, research labs serving the FBI, and trust organizations for cloud computing companies. I am an internationally published author and am a frequently invited conference speaker and panelist.The values that I live by and profess to my teams are loyalty, honesty, and humor (mostly at my own expense). I was practicing servant leadership before it had a name.”Trava Linkedin - Jim GoldmanLinkedin - Trava Securityjim.goldman@travasecurity.comFacebook - Trava HQInstagram- Trava SecurityTwitter - Ttrava SecurityCONNECT WITH DANIEL FULLERDaniel is a partner and the VP of Business Development for FullStack PEO and co-host of the Savage to Sage podcast. He is passionate about seeing people, leaders, cultures, and organizations develop. He says, “When I have the honor of being a part of that maturation process, it's even more satisfying. My life and work are given to empowering...
Cloud security governance is a regulatory and management framework that ensures better cloud business computing by ensuring individuals, procedures, and technology. The procedures and standards for cloud governance are specifically developed to increase efficiency, structure, and compliance. Every cloud user should be aware of the risks associated with cloud computing. Cloud security governance is essential in ensuring that the cloud remains a trustworthy place to store and share an organization's daily activities. The three elements of cloud security governance include policy, process, and internal controls. For more details or free demo with out expert write into us at sales@infosectrain.com #CloudSecurityGovernance #ArchitectureofCloudComputing #cloudsecurity #securitygovernanceincloudcomputing #cloudcomputing #cloudcomputingsecurity #cloudservice Subscribe to our channel to get video updates. Hit the subscribe button above. Facebook: https://www.facebook.com/Infosectrain/ Twitter: https://twitter.com/Infosec_Train LinkedIn: https://www.linkedin.com/company/infosec-train/ Instagram: https://www.instagram.com/infosectrain/ Telegram: https://t.me/infosectrains
What is Cloud Security Governance | Architecture of Cloud Computing Security Governance For more details or free demo with out expert write into us at sales@infosectrain.com Subscribe to our channel to get video updates. Hit the subscribe button above. Facebook: https://www.facebook.com/Infosectrain/ Twitter: https://twitter.com/Infosec_Train LinkedIn: https://www.linkedin.com/company/infosec-train/ Instagram: https://www.instagram.com/infosectrain/ Telegram: https://t.me/infosectrains
INE's Director of Cyber Security Content Jack Reedy is pairing up with Igor Volovich, the VP of Compliance Strategy at Qmulos for a rapid-fire discussion on today's challenges and tomorrow's solutions when it comes to Cyber Governance. Join live for insight into risk management trends, quantifiable success metrics for recruiting, hiring, and retaining top CISO/CIO talent, and an interactive poll designed to give you a unique understanding of market compliance. As always, bring your own questions!
INE's Director of Cyber Security Content Jack Reedy is pairing up with Igor Volovich, the VP of Compliance Strategy at Qmulos for a rapid-fire discussion on today's challenges and tomorrow's solutions when it comes to Cyber Governance. Join live for insight into risk management trends, quantifiable success metrics for recruiting, hiring, and retaining top CISO/CIO talent, and an interactive poll designed to give you a unique understanding of market compliance. As always, bring your own questions!
What are the problems with Samuel Huntington's views about civil-military relations? Why do military coups persist in countries such as Pakistan, and what might be done to reduce their likelihood? In a study drawing upon extensive interview research in Pakistan, Cornelia Baciu argues that international organisations can help create a framework of security governance which can have a positive impact upon the political roles assumed by the military. Her 2021 book Civil-Military Relations and Global Security Governance Strategy: Hybrid Orders and the Case of Pakistan investigates the relationship between international security governance, democratic civil-military relations and the relevance of strategy, as well as of absolute and relative gains, in norms formation in hybrid orders. Highlighting caveats of the legacy of Huntington's paradigm of military professionalism, the book applies a robust methodology and data collected in four sample regions in Pakistan. It gauges the effects of international and local actors' support in the Security Sector Reform domain and examines instances of civil-military interactions and military transition. The book also analyses determinants and strategies that can influence them to demonstrate the impact of global governance in norms diffusion, as well as of absolute and relative utility gains and incentives in normative change. The author generates a new theory pertaining to international organisations and actors as determinants of transformation processes and consequently sheds new light on the issue of global security governance, especially its impact on civil-military relations and democratisation in hybrid orders. Cornelia Baciu is a researcher at the Centre for Military Studies at the Department of Political Science, University of Copenhagen. She specialises in international security organizations and conflict research. Duncan McCargo is Director of the Nordic Institute of Asian Studies and a professor of political science at the University of Copenhagen. The Nordic Asia Podcast is a collaboration sharing expertise on Asia across the Nordic region, brought to you by the Nordic Institute of Asian Studies (NIAS) based at the University of Copenhagen, along with our academic partners: the Centre for East Asian Studies at the University of Turku, and Asianettverket at the University of Oslo. We aim to produce timely, topical and well-edited discussions of new research and developments about Asia. About NIAS: www.nias.ku.dk Transcripts of the Nordic Asia Podcasts: http://www.nias.ku.dk/nordic-asia-podcast Learn more about your ad choices. Visit megaphone.fm/adchoices Support our show by becoming a premium member! https://newbooksnetwork.supportingcast.fm/new-books-network
What are the problems with Samuel Huntington's views about civil-military relations? Why do military coups persist in countries such as Pakistan, and what might be done to reduce their likelihood? In a study drawing upon extensive interview research in Pakistan, Cornelia Baciu argues that international organisations can help create a framework of security governance which can have a positive impact upon the political roles assumed by the military. Her 2021 book Civil-Military Relations and Global Security Governance Strategy: Hybrid Orders and the Case of Pakistan investigates the relationship between international security governance, democratic civil-military relations and the relevance of strategy, as well as of absolute and relative gains, in norms formation in hybrid orders. Highlighting caveats of the legacy of Huntington's paradigm of military professionalism, the book applies a robust methodology and data collected in four sample regions in Pakistan. It gauges the effects of international and local actors' support in the Security Sector Reform domain and examines instances of civil-military interactions and military transition. The book also analyses determinants and strategies that can influence them to demonstrate the impact of global governance in norms diffusion, as well as of absolute and relative utility gains and incentives in normative change. The author generates a new theory pertaining to international organisations and actors as determinants of transformation processes and consequently sheds new light on the issue of global security governance, especially its impact on civil-military relations and democratisation in hybrid orders. Cornelia Baciu is a researcher at the Centre for Military Studies at the Department of Political Science, University of Copenhagen. She specialises in international security organizations and conflict research. Duncan McCargo is Director of the Nordic Institute of Asian Studies and a professor of political science at the University of Copenhagen. The Nordic Asia Podcast is a collaboration sharing expertise on Asia across the Nordic region, brought to you by the Nordic Institute of Asian Studies (NIAS) based at the University of Copenhagen, along with our academic partners: the Centre for East Asian Studies at the University of Turku, and Asianettverket at the University of Oslo. We aim to produce timely, topical and well-edited discussions of new research and developments about Asia. About NIAS: www.nias.ku.dk Transcripts of the Nordic Asia Podcasts: http://www.nias.ku.dk/nordic-asia-podcast Learn more about your ad choices. Visit megaphone.fm/adchoices Support our show by becoming a premium member! https://newbooksnetwork.supportingcast.fm/political-science
What are the problems with Samuel Huntington's views about civil-military relations? Why do military coups persist in countries such as Pakistan, and what might be done to reduce their likelihood? In a study drawing upon extensive interview research in Pakistan, Cornelia Baciu argues that international organisations can help create a framework of security governance which can have a positive impact upon the political roles assumed by the military. Her 2021 book Civil-Military Relations and Global Security Governance Strategy: Hybrid Orders and the Case of Pakistan investigates the relationship between international security governance, democratic civil-military relations and the relevance of strategy, as well as of absolute and relative gains, in norms formation in hybrid orders. Highlighting caveats of the legacy of Huntington's paradigm of military professionalism, the book applies a robust methodology and data collected in four sample regions in Pakistan. It gauges the effects of international and local actors' support in the Security Sector Reform domain and examines instances of civil-military interactions and military transition. The book also analyses determinants and strategies that can influence them to demonstrate the impact of global governance in norms diffusion, as well as of absolute and relative utility gains and incentives in normative change. The author generates a new theory pertaining to international organisations and actors as determinants of transformation processes and consequently sheds new light on the issue of global security governance, especially its impact on civil-military relations and democratisation in hybrid orders. Cornelia Baciu is a researcher at the Centre for Military Studies at the Department of Political Science, University of Copenhagen. She specialises in international security organizations and conflict research. Duncan McCargo is Director of the Nordic Institute of Asian Studies and a professor of political science at the University of Copenhagen. The Nordic Asia Podcast is a collaboration sharing expertise on Asia across the Nordic region, brought to you by the Nordic Institute of Asian Studies (NIAS) based at the University of Copenhagen, along with our academic partners: the Centre for East Asian Studies at the University of Turku, and Asianettverket at the University of Oslo. We aim to produce timely, topical and well-edited discussions of new research and developments about Asia. About NIAS: www.nias.ku.dk Transcripts of the Nordic Asia Podcasts: http://www.nias.ku.dk/nordic-asia-podcast Learn more about your ad choices. Visit megaphone.fm/adchoices Support our show by becoming a premium member! https://newbooksnetwork.supportingcast.fm/world-affairs
What are the problems with Samuel Huntington's views about civil-military relations? Why do military coups persist in countries such as Pakistan, and what might be done to reduce their likelihood? In a study drawing upon extensive interview research in Pakistan, Cornelia Baciu argues that international organisations can help create a framework of security governance which can have a positive impact upon the political roles assumed by the military. Her 2021 book Civil-Military Relations and Global Security Governance Strategy: Hybrid Orders and the Case of Pakistan investigates the relationship between international security governance, democratic civil-military relations and the relevance of strategy, as well as of absolute and relative gains, in norms formation in hybrid orders. Highlighting caveats of the legacy of Huntington's paradigm of military professionalism, the book applies a robust methodology and data collected in four sample regions in Pakistan. It gauges the effects of international and local actors' support in the Security Sector Reform domain and examines instances of civil-military interactions and military transition. The book also analyses determinants and strategies that can influence them to demonstrate the impact of global governance in norms diffusion, as well as of absolute and relative utility gains and incentives in normative change. The author generates a new theory pertaining to international organisations and actors as determinants of transformation processes and consequently sheds new light on the issue of global security governance, especially its impact on civil-military relations and democratisation in hybrid orders. Cornelia Baciu is a researcher at the Centre for Military Studies at the Department of Political Science, University of Copenhagen. She specialises in international security organizations and conflict research. Duncan McCargo is Director of the Nordic Institute of Asian Studies and a professor of political science at the University of Copenhagen. The Nordic Asia Podcast is a collaboration sharing expertise on Asia across the Nordic region, brought to you by the Nordic Institute of Asian Studies (NIAS) based at the University of Copenhagen, along with our academic partners: the Centre for East Asian Studies at the University of Turku, and Asianettverket at the University of Oslo. We aim to produce timely, topical and well-edited discussions of new research and developments about Asia. About NIAS: www.nias.ku.dk Transcripts of the Nordic Asia Podcasts: http://www.nias.ku.dk/nordic-asia-podcast Learn more about your ad choices. Visit megaphone.fm/adchoices Support our show by becoming a premium member! https://newbooksnetwork.supportingcast.fm/south-asian-studies
What are the problems with Samuel Huntington's views about civil-military relations? Why do military coups persist in countries such as Pakistan, and what might be done to reduce their likelihood? In a study drawing upon extensive interview research in Pakistan, Cornelia Baciu argues that international organisations can help create a framework of security governance which can have a positive impact upon the political roles assumed by the military. Her 2021 book Civil-Military Relations and Global Security Governance Strategy: Hybrid Orders and the Case of Pakistan investigates the relationship between international security governance, democratic civil-military relations and the relevance of strategy, as well as of absolute and relative gains, in norms formation in hybrid orders. Highlighting caveats of the legacy of Huntington's paradigm of military professionalism, the book applies a robust methodology and data collected in four sample regions in Pakistan. It gauges the effects of international and local actors' support in the Security Sector Reform domain and examines instances of civil-military interactions and military transition. The book also analyses determinants and strategies that can influence them to demonstrate the impact of global governance in norms diffusion, as well as of absolute and relative utility gains and incentives in normative change. The author generates a new theory pertaining to international organisations and actors as determinants of transformation processes and consequently sheds new light on the issue of global security governance, especially its impact on civil-military relations and democratisation in hybrid orders. Cornelia Baciu is a researcher at the Centre for Military Studies at the Department of Political Science, University of Copenhagen. She specialises in international security organizations and conflict research. Duncan McCargo is Director of the Nordic Institute of Asian Studies and a professor of political science at the University of Copenhagen. The Nordic Asia Podcast is a collaboration sharing expertise on Asia across the Nordic region, brought to you by the Nordic Institute of Asian Studies (NIAS) based at the University of Copenhagen, along with our academic partners: the Centre for East Asian Studies at the University of Turku, and Asianettverket at the University of Oslo. We aim to produce timely, topical and well-edited discussions of new research and developments about Asia. About NIAS: www.nias.ku.dk Transcripts of the Nordic Asia Podcasts: http://www.nias.ku.dk/nordic-asia-podcast
What are the problems with Samuel Huntington's views about civil-military relations? Why do military coups persist in countries such as Pakistan, and what might be done to reduce their likelihood? In a study drawing upon extensive interview research in Pakistan, Cornelia Baciu argues that international organisations can help create a framework of security governance which can have a positive impact upon the political roles assumed by the military. Her 2021 book Civil-Military Relations and Global Security Governance Strategy: Hybrid Orders and the Case of Pakistan investigates the relationship between international security governance, democratic civil-military relations and the relevance of strategy, as well as of absolute and relative gains, in norms formation in hybrid orders. Highlighting caveats of the legacy of Huntington's paradigm of military professionalism, the book applies a robust methodology and data collected in four sample regions in Pakistan. It gauges the effects of international and local actors' support in the Security Sector Reform domain and examines instances of civil-military interactions and military transition. The book also analyses determinants and strategies that can influence them to demonstrate the impact of global governance in norms diffusion, as well as of absolute and relative utility gains and incentives in normative change. The author generates a new theory pertaining to international organisations and actors as determinants of transformation processes and consequently sheds new light on the issue of global security governance, especially its impact on civil-military relations and democratisation in hybrid orders. Cornelia Baciu is a researcher at the Centre for Military Studies at the Department of Political Science, University of Copenhagen. She specialises in international security organizations and conflict research. Duncan McCargo is Director of the Nordic Institute of Asian Studies and a professor of political science at the University of Copenhagen. The Nordic Asia Podcast is a collaboration sharing expertise on Asia across the Nordic region, brought to you by the Nordic Institute of Asian Studies (NIAS) based at the University of Copenhagen, along with our academic partners: the Centre for East Asian Studies at the University of Turku, and Asianettverket at the University of Oslo. We aim to produce timely, topical and well-edited discussions of new research and developments about Asia. About NIAS: www.nias.ku.dk Transcripts of the Nordic Asia Podcasts: http://www.nias.ku.dk/nordic-asia-podcast Learn more about your ad choices. Visit megaphone.fm/adchoices
Our guest is Terry O'Daniel, the Director of Security Governance, Risk, and Compliance at Instacart. Terry talks about building high-performing engineering-focused GRC functions. Key Takeaways: Unnecessary overhead on the engineering team Importance of focusing on operational hygiene and security risks. Risk as the common language between security and compliance. Dealing with risk and your engineering team Is shifting left, really the goal? Terry's success formula, REVEALED! Importance of having deep conversations with your engineering functions. The value of shifting left Working with your developer towards better behavior. Security and compliance checkbox must-haves Importance of knowing your risk and having implemented controls. Tips to create a good engineering cultural shift. How to do less and empower your team The ultimate job is to be the second line of defense. Security is all about context About Terry O'Daniel - https://www.linkedin.com/in/terryodaniel Terry O'Daniel leads Security Governance, Risk, and Compliance at Instacart. His specialty is building lean teams focused on applying technology to solve security engineering & GRC challenges at scale via automation and instrumentation--rather than compliance-by-spreadsheet. Before Instacart, Terry built the functions for Security Assurance at Netflix, Security & Technology Risk & Compliance at Salesforce, and GRC within Production Engineering at Yahoo! He also worked in consulting to build security strategy, vCISO, and cyber risk quantification offerings for companies in highly regulated industries. In his spare time, Terry enjoys music, fencing, martial arts, and gaming with his kids. ________ Thank you so much for checking out this episode of The Tech Trek and if you enjoyed this episode, please take a minute and leave a quick rating and review on the Apple podcast app! Want to learn more about us? Head over at https://www.elevano.com Have questions or want to cover specific topics with our future guests? Please message me at https://www.linkedin.com/in/amirbormand (Amir Bormand)
Fausto Lendeborg, Co-Founder & CEO of Secberus, explains cloud security governance and how Secberus secures cloud infrastructure and prevents misconfiguration of applications of apps being developed. He also introduces concepts such as the shared responsibility model, and policy as code, and explains the importance of scaling across multi-cloud environments, and time to remediation. At the beginning of the discussion Fausto talks about the amazing ecosystem for startups in Miami, his early interest in computers and hacking, how he got started in network security, how he landed his first job at a cyber security startup, and why he founded Secberus. www.secberus.com
✅Agenda of the Session ✔️Information Security ✔️Information Risk Management ✔️Information Security Program ✔️Information Security Incident Management
LETS TALK (11th April, 2022): Security, Governance and the State of the Nation --- Send in a voice message: https://anchor.fm/jay-fm-podcast/message
In this episode I talk about Personnel Security, Separation of Duties, Least Privilege, Need to Know, Vendor, Consultant and Contractor Controls, Security Governance, Risk Management. If you like this episode do share it with your buddies and also feel free to reach out to me with your suggestions, comments and queries. https://linkedin.com/in/tanayshandilya --- Send in a voice message: https://anchor.fm/tanayshandilya/message Support this podcast: https://anchor.fm/tanayshandilya/support
Adam Baldwin (@adam_baldwin) Amélie Koran (@webjedi) https://logging.apache.org/log4j/2.x/license.html https://www.theregister.com/2021/12/14/log4j_vulnerability_open_source_funding/ https://www.zdnet.com/article/security-firm-blumira-discovers-major-new-log4j-attack-vector/ F/OSS developer deliberately bricks his software in retaliation for big companies not supporting OSS. https://twitter.com/BleepinComputer/status/1480182019854327808 https://www.bleepingcomputer.com/news/security/dev-corrupts-npm-libs-colors-and-faker-breaking-thousands-of-apps/ https://developers.slashdot.org/story/22/01/09/2336239/open-source-developer-intentionally-corrupts-his-own-widely-used-libraries Faker.js - https://www.npmjs.com/package/faker Generate massive amounts of fake contextual data Colors.js - https://www.npmjs.com/pafaker - npm package/colors get color and style in your node.js console https://abc7ny.com/suspicious-package-queens-astoria-fire/6425363/ Should OSS teams expect payment for giving their time/code away for free? What are their expectations Should open source projects be aware of how popular they are? What happens when they reach a certain level of popularity? OSS Sustainability - https://github.blog/2019-01-17-lets-talk-about-open-source-sustainability/ https://webjedi.net/2022/01/03/security-puppy/ Apparently, “Hobbyists” were the bane of a young Bill Gates: (can you https://en.wikipedia.org/wiki/Open_Letter_to_Hobbyists https://en.wikipedia.org/wiki/History_of_free_and_open-source_software History of open source Licensing Overview: https://youtu.be/Eu_GvrSlShI (this was a talk I gave for Splunk on this --AK) Event-stream = https://www.trendmicro.com/vinfo/hk-en/security/news/cybercrime-and-digital-threats/hacker-infects-node-js-package-to-steal-from-bitcoin-wallets https://libraries.io/ Libraries.io monitors 5,039,738 open source packages across 32 different package managers, so you don't have to.
Ryan and Evan kick off a new series this week, "Information Security Governance Simplified".In the first installment in the series (Episode 7), the guys define information security governance and address some of VERY important fundamentals, such as: - What is information security governance? - Why does information security governance make people cringe? - Governance is not one size fits all. - A CISO (by title, or otherwise) has ONLY two jobs.Next week, Ryan and Evan will tackle Governance Alignment. Hope you enjoy!
In this episode of the Virtual Coffee with Ashish edition, we spoke with Jon Zeolla (@jonzeolla ) is a Cloud Native Contributor, co-founder CTO of Seiso. Episode ShowNotes, Links and Transcript on Cloud Security Podcast: www.cloudsecuritypodcast.tv Host Twitter: Ashish Rajan (@hashishrajan) Guest Twitter: Jon Zeolla (@jonzeolla ) Podcast Twitter - Cloud Security Podcast (@CloudSecPod) If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our YouTube Channel: - Cloud Security News - Cloud Security Academy
JC Gaillard is joined by Richard Preece, Founder & Director, DA Resilience to discuss how the pandemic has affected cybersecurity governance, controls appetite and risk management from the Board down, and how exponential changes over the next decade are going to impact those trends
Resources:Visit the CIS WebsiteHighlights:The importance of information security governanceSecurity vs. complianceData – determining what you need and where to find itUnderstanding risk from a decision-basisCritical elements to fulfill business requirementsProducing value in a compliance programApplying agility for continuous improvementGood compliance = good securitySecurity is the practice of implementing effective technical controls to protect an organization's digital assets. Compliance, on the other hand, is the application of that practice to meet regulatory or contractual requirements. Unfortunately, more often than not, organizations focus on compliance once a year when it's time to certify that their “security is good.” The process of being compliant and secure should be a continuous process.
Join me in this episode as I interview Darin Carter about cryptocurrencies! Darin Carter is a Security Governance, Risk and Compliance Manager at Coinbase shares why blockchain education is invaluable and how he aims to increase representation through education! Start scoring in life and finance today as Darin, the crypto connoisseur simplifies what crypto, bitcoin, and blockchain is all about! Highlights: >> Crypto is the new finance >> What is an IPO? >> Equity is thinking in multiples >> What is crypto and blockchain? >> What is Bitcoin? >> Misconceptions about Bitcoin >> What is the SCORE system? >> Why is extending gratitude important? Connect with Darin Carter: >> https://www.linkedin.com/in/darin-carter-a2a451103 (LinkedIn) >> https://twitter.com/dare_carter/ (Twitter) If you loved this episode, you have to listen to these episodes as well: >> https://www.minoritymoneypodcast.com/podcast/episode/af002070/the-ins-and-outs-of-cryptocurrency-and-growing-from-failure (The Ins and Outs of Cryptocurrency and Growing From Failure) >> https://www.minoritymoneypodcast.com/podcast/episode/bf9c0643/the-importance-of-growing-your-personal-equity (The Importance of Growing Your Personal Equity) >> https://www.minoritymoneypodcast.com/podcast/episode/22b21cd2/taking-your-investing-to-the-next-level-through-impact-investing-with-jennifer-kenning (Taking Your Investing to the Next Level through Impact Investing) --- I’m sure you’re getting tons of value from the podcast! Don’t forget to subscribe onhttps://podcasts.apple.com/us/podcast/minority-money/id1473231134 ( Apple Podcasts),https://open.spotify.com/show/0and9szy0q9RxxQhZ2vnrf ( Spotify),https://podcasts.google.com/?feed=aHR0cHM6Ly9mZWVkcy5jYXB0aXZhdGUuZm0vbWlub3JpdHktbW9uZXkv ( Google Podcasts), or on your favorite podcast app andhttps://www.facebook.com/sharer/sharer.php?u=https://www.minoritymoneypodcast.com/podcast ( SHARE THIS) with a friend. ********** Let's Continue the Conversation! Head on over to the Facebook Group and let’s discuss how we can change the complexion of wealth (https://www.facebook.com/groups/423846561552747/ (https://www.facebook.com/groups/423846561552747/)) Want to chat with a fee-only financial planner? Shoot me an email at emlen@minoritymoneypodcast.com Can't wait to meet you.
Welcome to the Policy People Podcast. In this conversation I take a deep dive into disinformation with Chris Kremidas-Courtney. We discuss how to anticipate emerging hybrid threats, new digital vulnerabilities born from the pandemic, disinformation across human history, 5G and COVID conspiracies, the psychological appeal of disinformation, group identity and conspiracy communities, how disinformation erodes economic competitiveness, and many more topics.You can listen to the episode right away in the audio player embedded above, or right below it you can click “Listen in podcast app” — which will connect you to the show’s feed. Alternatively, you can click the icons below to listen to it on Apple Podcasts or Spotify. If you enjoy this conversation and would like to help the show, consider sharing this episode with a friend. Getting the word out about the show really helps us to grow and keep new episodes coming your way.Chris Kremidas-Courtney is a Senior Fellow for Peace, Security and Defence at Friends of Europe in Brussels. He’s also lecturer at the Geneva Center for Security Policy, the Institute for Security Governance in Monterey, California and the StratCom Hybrid Program at Rey Juan Carlos University in Madrid. Chris has worked for over three decades advising various parts of the US government on security threats. He has been posted as a policy and political advisor at the Commander of NATO’s Training Mission in Iraq, NATO’s Joint Force Headquarters in Naples and at the US Mission to the European Union. Most recently, he served as the Multilateral Engagement Coordinator for the US European Command and as the first Director of Training and Exercises for the Hybrid Center of Excellence in Helsinki. You can find out more about Chris and his work at the Friends of Europe website or connect with him on LinkedIn. Subscribe at policypeople.substack.com
Welcome to the Policy People Podcast. In this conversation I take a deep dive into disinformation with Chris Kremidas-Courtney. We discuss how to anticipate emerging hybrid threats, new digital vulnerabilities born from the pandemic, disinformation across human history, 5G and COVID conspiracies, the psychological appeal of disinformation, group identity and conspiracy communities, how disinformation erodes economic competitiveness, and many more topics. You can listen to the episode right away in the audio player embedded above, or right below it you can click “Listen in podcast app” — which will connect you to the show’s feed. Alternatively, you can click the icons below to listen to it on Apple Podcasts or Spotify. If you enjoy this conversation and would like to help the show, consider sharing this episode with a friend. Getting the word out about the show really helps us to grow and keep new episodes coming your way.Chris Kremidas-Courtney is a Senior Fellow for Peace, Security and Defence at Friends of Europe in Brussels. He’s also lecturer at the Geneva Center for Security Policy, the Institute for Security Governance in Monterey, California and the StratCom Hybrid Program at Rey Juan Carlos University in Madrid. Chris has worked for over three decades advising various parts of the US government on security threats. He has been posted as a policy and political advisor at the Commander of NATO’s Training Mission in Iraq, NATO’s Joint Force Headquarters in Naples and at the US Mission to the European Union. Most recently, he served as the Multilateral Engagement Coordinator for the US European Command and as the first Director of Training and Exercises for the Hybrid Center of Excellence in Helsinki. You can find out more about Chris and his work at the Friends of Europe website or connect with him on LinkedIn. Subscribe at policypeople.substack.com
Discussion around cyber security governance and compliance. What they are, the professions that perform these roles and what they do and how they differ. I go over key regulations including SOX, HIPAA, GDPR and others explaining what they cover and why it matters to cyber security professionals.cybergreybeard@gmail.com Sarbanes Oxley: https://www.soxlaw.com/PCI-DSS: https://www.pcisecuritystandards.org/HIPAA: https://www.hhs.gov/hipaa/index.htmlGDPR: https://gdpr-info.eu/CCPA: https://oag.ca.gov/privacy/ccpaGDPR Enforcement and Fines: https://www.enforcementtracker.com/HIPAA Fines: https://compliancy-group.com/hipaa-fines-directory-year/Tennessee Diagnostic Medical Imaging Service: https://www.hhs.gov/hipaa/for-professionals/compliance-enforcement/agreements/tmi/index.htmlLifespan Health: https://www.hhs.gov/about/news/2020/07/27/lifespan-pays-1040000-ocr-settle-unencrypted-stolen-laptop-breach.html
Cybercrime Magazine CISO Minute host Theresa Payton, Former White House CIO emphasizes information security is a complex field that requires myriad processes, tools, and decisions — and having an effective framework makes a CISO’s job a little easier. The CISO Minute is sponsored by https://www.knowbe4.com/ For more on cybersecurity, visit us at https://cybersecurityventures.com/
Today's guest is Visar Duriqi, an investigative journalist from Kosovo. He has been working as a journalist since January of 2009. As part of Kosovo Center for Investigative Journalism, which is a project of Çohu!, an anticorruption NGO, he investigated public procurement, corruption going on in the energy sector, relations between donors to political campaigns and the public budget as well as reporting about the radicalization of Islam at a time when other media were not reporting on this topic. At BIRN and Pristina Insight, he published articles related to the economy and health system as well as organized crime and corruption, which involves groups and individuals related to politics. He also wrote articles related to religion, not necessary about radicalization but also covering some issues inside the Islamic community of Kosovo, such as the elections and the manipulation of this institution by a handful of people surrounding the Mufti of Kosovo, Mr. Naim Tërnava. From March of 2015 to February of 2016, he was a guest of the Hamburg Foundation for Politically Persecuted People in Germany. During this time he also got a degree from the University of Amsterdam (UvA) in Security Governance and Conflict Resolution. Since 2018 he has hosted a show called InDoks. In this show, he has investigated mostly organized crime and groups who on trial, but also has uncovered cases way before the justice system began any investigation against them, such as the case of Ismet Osmani (known as Curri, the guy with a half ear). Almost a year after InDoks broadcast a documentary about him, he was arrested for usury and InDoks produced another more detailed documentary about “Curri”, named “The Albanian Mob”. Many of the shows broadcast by InDoks contain also information to expose corruption within the Kosovo Police and its relation to corruption and organized crime, as well as the involvement of some police officers in morbid crimes such as raping children, killing, and abuse of power. The almost 100 shows broadcast by InDoks include documentaries about war crimes, misuses of trust by religious people through practicing exorcism, as well as investigating cases of people who were put in prison without evidence, or in some cases where evidence shows that they are completely innocent. InDoks has aired profiles of politicians, including a profile of Albin Kurti, the current Prime Minister of Kosovo, to show how much he has changed from an Idealist to a Machiavellist. Lately, InDoks has focused on covering the pandemic situation in Kosovo caused by COVID19, where some of the shows have brought to the public’s attention the public budget being misused to make people rich in the name of buying medical supplies. In this episode, we discuss religious radicalization and those Kosovars who have joined ISIS, Turkey’s ever-growing influence in Kosovo, and Kosovo-Serbia relations and the EU role in that regard.
Developing the Cyber Security Governance of a Nation – A Mix of IT and Strategic PlanningIn this episode of Agent of Influence, Nabil talks with former Central Intelligence Agency (CIA) CISO, Robert Bigman about his 30-year career path within the agency. Recognized as a pioneer in the field of classified information protection, Bigman developed technical measures and procedures to manage the nation’s most sensitive secrets. As an information security trailblazer, he also participated in developing security measures for government computers well before the commercial industry found the Internet.Now an independent consultant, Bigman works with the U.S. Government, foreign governments, and Fortune 50 companies, helping them both build productive cyber security programs and successfully resist attacks from the most sophisticated hackers.
How can businesses benefit from sharing information in cybersecurity? Wendy Kanna, Global Head of Security Governance and Oversight, Information Security and Risk at Takeda Pharmaceutical Company Limited, sits down with cyber series host, Deb Golden, to discuss key cyber priorities, the importance of partnering with the business, and the cultural challenges she’s navigating as a cyber leader in Japan.
Paul Feldman joins us to explore cybersecurity governance topics for boards of directors in the North American electric sector. Paul is a former director of WECC and MISO, among many other roles. He talks to us about what are the responsibilities of boards of directors for cybersecurity and what kinds of cybersecurity discussions he sees taking place at the board level.This podcast is produced by P.I. Media for Waterfall Security Solutions.
In this podcast, we’ll discuss who in an organization is responsible for security OF the cloud vs. security IN the cloud. What does that mean and how do we address regulatory and compliance in the cloud?
Podcast: The Industrial Security PodcastEpisode: Board-Level Security Governance – Paul FeldmanPub date: 2019-02-14Paul Feldman joins us to explore cybersecurity governance topics for boards of directors in the North American electric sector. Paul is a former director of WECC and MISO, among many other roles. He talks to us about what are the responsibilities of boards of directors for cybersecurity and what kinds of cybersecurity discussions he sees taking place at the board level.The podcast and artwork embedded on this page are from Waterfall, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.
On today's Defence Deconstructed Podcast, we discuss defence business planning with CGAI Fellow, and RMC adjunct professor, Ross Fetterly. Defence Deconstructed is part of the CGAI Podcast Network and today's episode is brought to you by the Canadian Association of Defence and Security Industries (CADSI). Subscribe to the CGAI Podcast Network on iTunes, SoundCloud, or wherever else you can find Podcasts! Bios: Dave Perry - Senior Analyst and Vice President with the Canadian Global Affairs Institute. Ross Fetterly - An adjunct professor at the Royal Military College of Canada (RMC) department of management and economics, CGAI Fellow, and a Senior Fellow with the Centre for Security Governance. Related Links: - "Defence Business Planning in Canada" by Ross Fetterly [CGAI Policy Perspective] (https://www.cgai.ca/defence_business_planning_in_canada) - "The Importance of People in Defence" by Ross Fetterly [CGAI Policy Perspective] (https://www.cgai.ca/the_importance_of_people_in_defence) Recording Date: February 28th, 2019 Follow the Canadian Global Affairs Institute on Facebook, Twitter (@CAGlobalAffairs), or on Linkedin. Head over to our website at www.cgai.ca for more commentary. Produced by Jared Maltais. Music credits to Drew Phillips.
In this episode, Shon will be going over cybersecurity news items concerning a large email/password discovery. Payment Card Industry Application Development Standards and Part II around building out an Information Security Governance program for your business.
In this episode, Shon will be going over recent items in the cybersecurity news along with Part One of the Information Security Governance.
Learn how to assess your state of security on Entrepreneur Connect brought to you by Dewpoint. Hear from top experts; Don Cornish, Chief Information Security Officer at Dewpoint, Andy Woodard, Chief Information Security Officer at Delta Dental of Michigan, Kacy Reed, Network and Security Architect at Dewpoint, Leon Dupree, Security & Compliance at Dewpoint, and Kierk Sanderlin, Director of Engineering at Check Point.
Learn how to assess your state of security on Entrepreneur Connect brought to you by Dewpoint. Hear from top experts; Don Cornish, Chief Information Security Officer at Dewpoint, Andy Woodard, Chief Information Security Officer at Delta Dental of Michigan, Kacy Reed, Network and Security Architect at Dewpoint, Leon Dupree, Security & Compliance at Dewpoint, and Kierk Sanderlin, Director of Engineering at Check Point.
This week on the podcast, we’re bringing you some post-Thanksgiving food for thought on the uncertain state of the Arab world. On November 21, Madeleine Albright, Tamara Cofman Wittes, Stephen Hadley, and Amr Hamzawy sat down at the Brookings Institution to discuss a new report on “Real Security: Governance and Stability in the Arab World." What lead to the breakdown of governance across Arab countries? What can be done to establish more stable governance and increase security? And what role does the United States have in all of this?
In the past on this program we have talked about the need for better security in an on line world. We have also talked about corporate governance failures at several companies and organizations. This week we are going to discuss how corporate boards of directors manage a corporate IT crisis. Just like with traditional crisis management there is no doubt that a major IT incident will occur, it’s just a matter of when. And like with a ‘normal’ crisis, the time to get ready is in advance of the problem, but are they doing enough? Be sure to visit www.rynmelberg.com
Materials Available here: https://media.defcon.org/DEF%20CON%2023/DEF%20CON%2023%20presentations/DEFCON-23-Ian-Latter-Remote-Access-the-APT.pdf Remote Access, the APT Ian Latter Midnight Code ThruGlassXfer (TGXf) is a new and exciting technique to steal files from a computer through the screen. Any user that has screen and keyboard access to a shell (CLI, GUI or browser) in an enterprise IT environment has the ability to transfer arbitrary data, code and executables in and out of that environment without raising alarms, today. This includes staff, partners and suppliers, both on and off-shore. And implementation of best practice Data Center (Jump hosts), Perimeter / Remote Access (VPN, VDI, ..) and End Point Security (DLP, AV, ..) architectures have no effect on the outcome. In this session I will take you from first principles to a full exploitation framework. At the end of the session you'll learn how build on this unidirectional file transfer and augment the solution into a full duplex communications channel (a virtual serial link) and then a native PPP link, from an user owned device, through the remote enterprise-controlled screen and keyboard, to the most sensitive infrastructure in the enterprise. In this special DEF CON presentation I will also be releasing the new high-speed data exfiltration tool, hsTGXf. This is an exciting and cross-discipline presentation that picks up the story in the DEC VT220 terminal era and will take you on a journey to exploiting modern enterprise security architectures. So join me, whatever your knowledge or skill-set and learn something interesting! A 20 year veteran of the IT industry, Ian has spent 15 years working in security in a number of positions including Penetration Tester, Security Architect and most recently, a Security Governance role at a blue chip corporate. Ian teaches the Practical Threat Intelligence course at Black Hat and has spoken at key international hacking and security conferences including COSAC (Ireland), Ruxcon (Australia), and Kiwicon (New Zealand). If he had spare time, Ian would be pursuing a number of private software and robotics projects, including the Barbie Car that he promised his daughter (wiser friends have advised that I finish this project before she's old enough to ask for a real Corvette).
On the day before Black Hat 2014 kicked off, I was able to sit with Jonathan Carter to talk about his work and the projects he participates on in OWASP. The audio recording is a bit raw because the sound was cranked up in a conference full of people. What Jonathan has to say should more than compensate. About Jonathan Carter Jonathan Carter is an application security professional with over 15 years of security expertise within Canada, United States, Australia, and England. As a Software Engineer, Jonathan produced software for online gaming systems, payment gateways, SMS messaging gateways, and other solutions requiring a high degree of application security. Jonathan’s technical background in artificial intelligence and static code analysis has lead him to a diverse number of security roles: Enterprise Security Architect, Web Application Penetration Tester, Fortify Security Researcher, and Security Governance lead. He is currently Arxan’s Technical Director.
If you experience any technical difficulties with this video or would like to make an accessibility-related request, please send a message to digicomm@uchicago.edu. In the fifth and final program of the UChicago Center for International Studies series "Food (In)Security: Access, Equity, Frameworks," held on May 22, 2012, two speakers examine the results of initiatives pledged at both the 2009 L'Aquila G8 Summit and the 2012 G8 Summit at Camp David and determine whether progress has been made in further ensuring global food security: "From L'Aquila to Camp David: Feed the Future and the US Commitment to Global Food Security," Julie Howard, Chief Scientist, USAID Bureau for Food Security; former coordinator "Feed the Future Transparency and Accountability: Have the G8 achieved it?" Emily Alpert, Senior Policy Manager for Agriculture & Food Security, ONE The event was cosponsored by the Center for International Studies, the Global Health Initiative, and University Communications. For more information about the Food (In)Security series, visit: http://cis.uchicago.edu/events/2011-2012/food-insecurity-series
Information Security: governance, emerging trends, security and privacy
Enterprise security governance is not just a vague idea - it can be achieved by implementing a defined, repeatable process with specific activities. Related Courses Managing Enterprise Information Security: A Practical Approach for Achieving Defense-in-Depth Listen on Apple Podcasts.
The trafficking of women and girls for the purpose of sexual exploitation has reportedly been booming in Europe since the 1990s. Governments, international organizations, and private actors have addressed the causes and consequences of sex trafficking in various ways. This article shows that the concept of security governance helps to understand efforts against human trafficking and their shortcomings. The anti-trafficking security governance system consists of five approaches: legal measures, prosecution, protection, prevention in countries of origin, and prevention in countries of destination. Although progress has been made, the security governance system is marked by several pathologies, especially a lack of programs that prevent trafficking in countries of origin and destination, insufficient protection for trafficked persons, and deficient networks bringing together the various actors involved in anti-trafficking. To make governance against human trafficking more effective, efficient, and just, the security governance system must be better balanced and networked.