Podcasts about Security operations center

Hallo da draußen an den Empfangsgeräten. In Folge 107 begrüßen Julius und Marcel dieses Mal Sebastian Chrobak, Teamleiter IT-Security bei GOLDBECK in ihrer Podcast Runde. Und dieses Mal wird es richtig spannend und Sebastian plaudert aus dem Nähkästchen: Denn während viele Unternehmen am Markt gerne ein SOC aufbauen würden, ihnen es dafür aber an Personal und Know-how fehlt, hat das Unternehmen GOLDBECK erfolgreich ein eigenes SOC aufgebaut. Wie das Team rund um Sebastian dabei vorging, wie das SOC heute aufgestellt ist und was die nächsten Schritte werden, erfährst Du in dieser Podcast Folge.

Hello listeners! In the 126th episode of "Good Morning BSS World," we connect with Odessa, Ukraine, to explore the dynamic world of cybersecurity with Serhii Yevchuk, CEO of FS Group. This episode, recorded in partnership with the IT Ukraine Association, dives deep into the current state and evolution of Ukraine's IT sector, with a special focus on Odessa - a city recognized globally for both its business and tourism.Serhii shares the journey of FS Group, an IT company established in 2012, now boasting almost 15 years of experience and a strong presence in Ukraine, the US, EU, and Asia. Despite international expansion, 90% of FS Group's revenue still comes from Ukrainian clients. The company's unique approach relies on strategic partnerships abroad, rather than opening foreign offices, allowing them to deliver top-tier cybersecurity expertise globally.We discuss FS Group's core services, including digital forensics, incident response, security assessments, penetration testing, threat intelligence, and continuous monitoring through their Security Operations Center. Their subscription-based model, especially the IRT (Incident Response Team) service, is tailored for both local and international markets.Serhii highlights the increasing threat landscape, with Ukraine facing over 400 critical cyberattacks per month—most driven by social engineering and phishing. He emphasizes the necessity for robust cybersecurity across all industries, noting significant demand from banks, telecoms, retail, and the public sector.  Key points of the podcast:Ukrainian IT companies are expanding internationally, with a strong focus on entering new markets to drive growth.The cybersecurity sector is rapidly growing, with increasing demand for services like digital forensics, incident response, and threat intelligence.FS Group operates primarily on a subscription model, offering continuous cybersecurity support and monitoring to clients across various industries, including finance, telecom, and the public sector.Links:Serhii Yevchuk on Linkedin - https://www.linkedin.com/in/serhiiyevchuk/?utm_source=share&utm_campaign=share_via&utm_content=profile&utm_medium=ios_appFS Group web page - https://group-fs.com/FS Group on Linkedin - https://www.linkedin.com/company/fsgroupinfosec/IT Ukraine Association - https://itukraine.org.ua/en/home/Talk to AI about this episode - https://gmbw.onpodcastai.com/episodes/EwkRnNWCIyl/chat****************************  My name is Wiktor Doktór and on daily basis I run Pro Progressio Club https://klub.proprogressio.pl - it's a community of many private companies and public sector organizations that care about the development of business relations in the B2B model. In the Good Morning BSS World podcast, apart from solo episodes, I share interviews with experts and specialists from global BPO/GBS industry.If you want to learn more about me, please visit my social media channels:YouTube - https://www.youtube.com/c/wiktordoktorHere is also link to the English podcasts Playlist - https://bit.ly/GoodMorningBSSWorldPodcastYTLinkedIn - https://www.linkedin.com/in/wiktordoktorYou can also write to me. My email address is - kontakt(@) wiktordoktor.pl  ****************************  This Podcast is supported by Patrons:Marzena Sawicka https://www.linkedin.com/in/marzena-sawicka-a9644a23/Przemysław Sławiński https://www.linkedin.com/in/przemys%C5%82aw-s%C5%82awi%C5%84ski-155a4426/Damian Ruciński https://www.linkedin.com/in/damian-ruci%C5%84ski/Szymon Kryczka https://www.linkedin.com/in/szymonkryczka/Grzegorz Ludwin https://www.linkedin.com/in/gludwin/Adam Furmańczuk https://www.linkedin.com/in/adam-agilino/Anna Czyż - https://www.linkedin.com/in/anna-czyz-%F0%9F%94%B5%F0%9F%94%B4%F0%9F%9F%A2-68597813/Igor Tkach - https://www.linkedin.com/in/igortkach/  If you like my podcasts you can join Patrons of Good Morning BSS World as well. Here are two links to do so:Patronite - https://patronite.pl/wiktordoktor  Patreon - https://www.patreon.com/wiktordoktor Or if you liked this episode and would like to buy me virtual coffee, you can use this link https://www.buymeacoffee.com/wiktordoktor - by doing so you support the growth and distribution of this podcast.Become a supporter of this podcast: https://www.spreaker.com/podcast/good-morning-bss-world--4131868/support.

Welcome to

Amazon Web Services (AWS) has unveiled the independent European governance structure for the AWS European Sovereign Cloud, the creation of a dedicated Security Operations Center, and the establishment of a new parent company that will be led by European Union (EU) citizens and bound by local legal requirements. Kathrin Renz, who currently serves as vice president of AWS Industries, will serve as the company's first managing director. The AWS European Sovereign Cloud will be the only fully-featured, independently operated sovereign cloud, backed by strong technical controls, sovereign assurances, and legal protections. Customers and partners using the AWS European Sovereign Cloud will benefit from the full power of AWS including the same service portfolio, security, availability, performance, familiar architecture, APIs, and innovations such as the AWS Nitro System. Launching by the end of 2025, the AWS European Sovereign Cloud will combine operational autonomy with expansive AWS services to meet the stringent sovereignty needs of European governments and enterprises. European-based control, governance, and operations AWS will establish a new European organisation and operating model for the AWS European Sovereign Cloud, with a new parent company and three subsidiaries incorporated in Germany. The management team leading this new parent company will include the managing director and a government security and privacy official, who will all be EU citizens residing in the EU. AWS will establish an independent advisory board for the AWS European Sovereign Cloud, legally obligated to act in the best interest of the AWS European Sovereign Cloud. Reinforcing the sovereign control of the AWS European Sovereign Cloud, the advisory board will consist of four members, all EU citizens residing in the EU, including at least one independent board member who is not affiliated with Amazon. The advisory board will act as a source of expertise and provide accountability for AWS European Sovereign Cloud operations, including strong security and access controls and the ability to operate independently in the event of disruption. Building on deep experience running AWS services for the most sensitive workloads around the world, the AWS European Sovereign Cloud is designed with the unmatched operational resilience our customers expect from AWS. The design of the AWS European Sovereign Cloud enables it to continue operations indefinitely, even in the event of a connectivity interruption between the AWS European Sovereign Cloud and the rest of the world. European customers and governments benefit from the resilient AWS architecture that features multiple Availability Zones with independent power, networking, facilities, and security capabilities that make these critical operations possible. To support continuity even under extreme circumstances, authorized AWS employees of the AWS European Sovereign Cloud, who are EU residents, will have independent access to a replica of the source code needed to maintain the AWS European Sovereign Cloud services. Experienced European leadership Kathrin Renz, the first managing director of the AWS European Sovereign Cloud, is a German national who brings deep global and European expertise to the position with more than two decades of experience in the global technology sector, including key roles in European technology and large enterprises. Based in Germany and acting as the most senior leader of the AWS European Sovereign Cloud, Renz will be legally bound to act in the best interest of the AWS European Sovereign Cloud and will be responsible for overseeing decisions related to corporate governance, compliance, and security, while ensuring the AWS European Sovereign Cloud complies with all applicable laws and regulations in Germany and the EU. "We're taking a unique approach with AWS European Sovereign Cloud. Customers tell us they don't want to choose between feature-limited solutions or the full power of AWS, s...

Send us a textNestled along the scenic Southern Oregon coast, Southern Coos Hospital faces a unique set of challenges that many healthcare organizations never encounter. With just 25 beds serving a rural population of about 15,000, this critical access hospital demonstrates remarkable innovation in stretching limited resources while maintaining robust cybersecurity practices.Scott, the hospital's CIO who transitioned from fundraising and marketing into healthcare IT, shares the compelling story of how a ransomware attack just before COVID-19 transformed their approach to cybersecurity. This pivotal moment prompted Southern Coos to increase their cybersecurity budget from a mere 2% to over 12% of their IT spending - a decision that positioned them ahead of many similar-sized facilities in protecting patient data.The conversation delves into practical strategies that resource-constrained healthcare organizations can implement immediately: outsourcing Security Operations Center functions to specialized vendors, prioritizing security awareness training for staff, and making strategic investments in asset management tools. Scott's candid assessment of HIPAA's limitations ("a nice entry point to compliance but in no way updated for the current threat environment") demonstrates the gap between regulatory requirements and actual security needs that healthcare organizations must bridge themselves.Perhaps most transformative for this rural hospital was implementing Epic's electronic health record system, which revolutionized how they transfer patient records during emergencies. What once took 30+ minutes now happens "with the click of a button" - a game-cThis is Encrypted Ambition—a podcast about the builders rewriting the rules. Join Petronella Technology Group as we decode the ideas, challenges, and momentum behind tomorrow's business, technology, and leadership breakthroughs. That's a wrap on this episode of Encrypted Ambition. Subscribe wherever you listen, and if today's guest inspired you—leave us a review or share the show with someone in your circle.To learn more about how we support innovators with AI, cybersecurity, and compliance, head to PetronellaTech.com, YouTube and LinkedInSupport the showNO INVESTMENT ADVICE - The Content is for informational purposes only, you should not construe any such information or other material as legal, tax, investment, financial, or other advice. Nothing contained on our Site or podcast constitutes a solicitation, recommendation, endorsement, or offer by PTG.Support the ShowPlease visit https://compliancearmor.com and https://petronellatech.com for the latest in Cybersecurity and Training and be sure to like, subscribe and visit all of our properties at: YouTube PetronellaTech YouTube Craig Petronella Podcasts Compliance Armor Blockchain Security LinkedIn Call 877-468-2721 or visit https://petronellatech.com

Welcome back to The Cyber Revolution Podcast!This week on The Cyber Revolution Podcast, Adam Hewitt, CEO of Cyber Revolution, is joined by Caleb, a former student who successfully transitioned from window fabrication to cybersecurity.Caleb shares his journey from spending seven years in window fabrication to landing his dream role as a Level 1 SOC Analyst at Triskel Labs. He discusses the challenges of changing careers, the intense training process, and how his previous leadership experience has helped him adapt to his new role in a 24/7 Security Operations Center.If you're considering a career change into cybersecurity without a traditional IT background, Caleb's story provides valuable insights and encouragement for your journey.What You'll Learn:Why Caleb decided to leave the window fabrication industry after seven years to pursue a career in cybersecurityThe day-to-day responsibilities of a SOC Analyst and what the first month of training looks likeHow shift work operates in a 24/7 Security Operations Center (morning, afternoon, and night shifts)Why Caleb chose Cyber Revolution's program over traditional university pathwaysHow transferable skills from previous careers can be valuable in cybersecurity rolesThe importance of industry certifications as "tickets to the interview" that demonstrate commitmentThe value of self-paced learning for career changers who are working full-timeHow to overcome exam anxiety when pursuing cybersecurity certificationsCaleb's experience demonstrates that with determination and the right training, you can successfully transition into cybersecurity without a traditional IT background or university degree.Chapters:00:00 - Welcome to the Cyber Revolution Podcast02:15 - From Window Fabrication to Cybersecurity05:03 - Finding Motivation for Career Change07:20 - Landing a SOC Analyst Position10:05 - Daily Life in Security Operations12:48 - Navigating Shift Work in Cybersecurity15:26 - Career Goals and Technical Pathways17:11 - Why Choose Self-Paced Cyber Training19:18 - Overcoming Exam Nervousness20:35 - Final Thoughts and Future OutlookConnect with Adam:Website: ⁠⁠⁠⁠https://cyberrevolution.com.au⁠⁠⁠⁠Follow us on Facebook: https://www.facebook.com/cyberrevolutionaus⁠⁠⁠⁠Subscribe to our YouTube channel: ⁠⁠⁠⁠https://www.youtube.com/@cyberrevolutionaus⁠⁠⁠⁠Follow us on Instagram: ⁠⁠⁠⁠https://www.instagram.com/cybrevolution_aus/

Hallo da draußen an den Empfangsgeräten. In dieser Podcast Folge dürfen Julius und Marcel ein sehr bekanntes Gesicht in ihrer Runde begrüßen: Christian Gäbel ist Geschäftsführer bei pco und mit der heutigen Folge bereits das vierte Mal zu Gast im Podcast.  Julius, Marcel und Christian sprechen über eine Cyber City auf Mauritius und auch über unseren zweiten Standort im Süden Deutschlands. Außerdem geht es um die steigende Relevanz von Security Operations Centern. Abschließend sprechen die drei natürlich auch über den 6. Deutschen IT-Security Kongress, der am 25. September in Osnabrück stattfinden wird. 

„Ich entwickle selbst nicht – das will auch keiner. Besser so. Aber ich bringe die Leute zusammen, damit Software wirklich funktioniert.“ – Martin, Business Architect bei x-cellentIn dieser Folge geben dir Martin und Niklas Einblicke in ihren Berufsalltag als Business Architekten bei x-cellent. Sie zeigen, wie wichtig die Rolle an der Schnittstelle zwischen Fachbereich und IT ist – von der Anforderungsaufnahme über Spezifikationen bis hin zur Umsetzung im agilen Projektteam.Außerdem erfährst du, was es heißt, Softwarelösungen mit Produktansatz zu entwickeln, wie komplexe Security-Projekte unter EZB-Aufsicht ablaufen und warum eine offene Unternehmenskultur den entscheidenden Unterschied macht.✅ Business Architektur in der Praxis – Schnittstellen-Management, Spezifikation & Umsetzung✅ Projekte mit Verantwortung – u. a. Security Operations Center bei einem Bankendienstleister✅ Cloud-Plattform & Produktansatz – agile Softwareentwicklung mit Strategie✅ Kommunikation auf Augenhöhe – Austausch mit Geschäftsführung & Teamkultur✅ IT-Security & Bankenregulierung – reale Use Cases mit Zeitdruck & hoher Verantwortung

In this episode of the Campus Technology Insider Podcast, Editor-in-Chief Rhea Kelly speaks with Jay James, senior cybersecurity operations lead at Auburn University, and Corey Lee, CTO for Security at Microsoft. They discuss the critical shortage of cybersecurity talent in higher education and explore how Auburn University's Security Operations Center (SOC) is utilizing student workers to bridge this gap. The conversation dives into the unique setup of their SOC, the impact of AI tools like Security Copilot, and the benefits of recruiting students from diverse academic backgrounds. Highlights include the operational and educational advantages of involving students in cybersecurity, and strategies for other institutions looking to implement similar programs. 00:00 Introduction and Guest Welcome 00:40 The Cybersecurity Talent Shortage in Higher Education 02:54 Auburn's Security Operations Center and Student Involvement 07:22 The Role of AI in Cybersecurity Training 19:53 Student Recruitment and Success Stories 30:28 Advice for Institutions Starting a Student SOC 34:14 Conclusion and Podcast Sign-off Resource links: Auburn University Microsoft Security Copilot Music: Mixkit Duration: 35 minutes Transcript (Coming Soon)

Moin aus Osnabrück und herzlich willkommen zur 25. Folge vom Update. Dieses Mal begrüßt Ulf Maximilian Dallmann am Podcast Mikrofon. Ulf und Max sprechen in dieser Update Folge über die gefährlichsten Hackergruppen der Welt. Wie arbeiten diese Gruppen? Was macht sie so gefährlich? Worin unterscheiden sie sich? Max und Ulf geben Antworten.

How Approach Cyber helps fintech companies navigate cybersecurity challenges from integrated security development to regulatory compliance. Dorian Pacquet shares insights on evolving cyber threats, the role of AI in security, and the importance of managing data protection in the fintech ecosystem.• Approach is a pure-play cybersecurity and privacy partner with over 100 professionals across Belgium and Switzerland offering 360° cyber resilience services• Modern software development requires security integration at all stages, not just end-of-process testing• Supply chain vulnerabilities are a growing concern as all software now relies on external libraries and dependencies• Fintechs face increasing regulatory pressure not just directly but through their regulated customers• AI is becoming integral to security tools including code generation, vulnerability scanning, and remediation• Data protection compliance is equally challenging for organizations of all sizes with limited exceptions for SMEs• Approach offers multidisciplinary expertise spanning technical, strategic, and legal domains to help navigate complex regulations• 24/7 managed security services from their in-house Security Operations Center provide continuous protectionFor more information about Approach Cyber's services, contact Dorian at dorian.pacquet@approach-cyber.com or visit their website at www.approach-cyber.com.Thank you for tuning into our podcast about global trends in the FinTech industry.Check out our podcast channel.Learn more about The Connector. Follow us on LinkedIn.CheersKoen Vanderhoydonkkoen.vanderhoydonk@jointheconnector.com#FinTech #RegTech #Scaleup #WealthTech

In IT IST ALLES #99 geht es um das kühles Nass. Genauer gesagt um die Absicherung unserer Wasserversorgung, dessen Entsorgung und welche Rolle ein Security Operations Center dabei spielt. Julius und Marcel haben sich für einen Deep-Dive zu diesen Fragen Ronald Derler und Dominik Wagner als Podcast Gäste eingeladen. Ronald ist Geschäftsführer des Kompetenzzentrums Digitale Wasserwirtschaft und Dominik stellvertretender Leiter des Security Operations Centers der digitalen Wasserwirtschaft. Viel Spaß beim Reinhören.

"We always listen. Everybody has a story to tell, and sometimes their story and our story align," says Rick Mancinelli, CEO of C3 Complete. In this episode of Technology Reseller News, Rick joins Doug Green to discuss C3's expansion into Pittsburgh, the upcoming launch of their Security Operations Center (SOC), and their ongoing M&A strategy. Strategic Expansion into Pittsburgh C3 Complete has expanded into Pittsburgh through a strategic partnership with IAM Critical, a data center operator. The move positions C3 to support biotech, robotics, AI, and other high-tech industries in the region, reinforcing Pittsburgh's emergence as a technology hub. Why Pittsburgh? “Pittsburgh is reinventing itself as a technology hotspot, and we're excited to be part of that growth.” C3's Role: Operating as the network services provider for IAM Critical's data center. Security Operations Center (SOC) Launching April 1 C3 Complete is set to launch a state-of-the-art SOC in South Florida, enhancing cybersecurity and incident response capabilities for their clients. 24/7 Staffing – All in-house, no outsourcing. Incident Response Room – Equipped with cots, showers, and food storage for staff handling prolonged security events. Customer Benefits – Faster threat response, enhanced security monitoring, and regulatory compliance support. M&A and Partnership Strategy C3 Complete remains open to acquisitions and strategic partnerships, focusing on MSPs, TSPs, and CSPs that align with their culture and customer-first approach. Not Private Equity-Driven – C3 seeks long-term value, not rapid consolidation. Recent Acquisition Success – Their latest acquisition in August 2023 has been fully integrated, bringing new talent and expanded services. Open to Conversations – “We always listen. If there's alignment, we're open to discussing partnerships or M&A.” Where to Learn More C3 Complete Website: www.c3-complete.com Connect with Rick Mancinelli on LinkedIn Meet C3 Complete at upcoming industry events! #CyberSecurity #DataCenters #CloudInfrastructure #BusinessExpansion #C3Complete #MSSP #NetworkServices #TechGrowth

Michael Korff und Prof. Dr. Ulrich Schäfermeier von der Hochschule Bielefeld sprechen mit uns über ihr Security Operations Center. Außerdem beleuchten wir die Umsetzung der Krankenhausreform und kommentieren die Forderung nach einem Bundesdigitalministerium.

Guest: Or Brokman, Strategic Google Cloud Engineer, Security and Compliance, Google Cloud Topics: Can you tell us about one particular cloud consulting engagement that really sticks out in your memory? Maybe a time when you lifted the hood, so to speak, and were absolutely floored by what you found – good or bad! In your experience, what's that one thing – that common mistake – that just keeps popping up? That thing that makes you say 'Oh no, not this again!' 'Tools over process' mistake is one of the 'oldies.' What do you still think drives people to it, and how to fix it? If you could give just one piece of cloud security advice to every company out there, regardless of their size or industry, what would it be?  Resources: Video (YouTube) “Threat Modeling: Designing for Security” by Adam Shostack EP16 Modern Data Security Approaches: Is Cloud More Secure? EP142 Cloud Security Podcast Ask Me Anything #AMA 2023 “For a successful cloud transformation, change your culture first” (OOT vs TOO blog) https://www.linkedin.com/in/stephrwong/  New Paper: “Autonomic Security Operations — 10X Transformation of the Security Operations Center” (2021)

Send us a textDebbie Reynolds “The Data Diva” talks to Matthew Rosenquist, Mercury Risk's Chief Information Security Officer (CISO), cybersecurity strategist, and LinkedIn Top Voice. With over 35 years of experience, Matthew shares his dynamic career journey, which started with internal investigations, building Intel's first Security Operations Center, and leading crisis response teams. His extensive background includes advising governments, businesses, and academia on emerging threats and cybersecurity best practices.Matthew highlights the critical evolution of cybersecurity from a “nice-to-have” to a mission-critical business necessity while discussing how rising consumer and regulatory expectations are reshaping the cybersecurity landscape. He explains the growing gap between mounting security demands and available resources, emphasizing that cybersecurity leaders must demonstrate value beyond risk prevention. Matthew advocates for evolving cybersecurity's role from compliance-focused operations to strategic business enablers that deliver competitive advantages and even revenue opportunities.The conversation explores the interconnectedness of privacy and cybersecurity, framing both as foundational to digital trust. Matthew emphasizes that privacy failures and cybersecurity breaches undermine trust with customers, regulators, and business partners, making collaboration between cybersecurity and privacy professionals essential. He also illuminates the importance of proactivity in cybersecurity, contrasting it with the reactive “firefighting” mindset often seen in organizations.Matthew goes into the threat of insider risks, distinguishing between malicious insiders and non-malicious actors who unintentionally create vulnerabilities. Drawing from his experience, he underscores the need for strong leadership, clear policies, and an organizational culture where employees feel empowered to report issues without fear. Looking to the future, he stresses the importance of having cybersecurity expertise on boards of directors, enabling organizations to navigate rising risks and better align cybersecurity initiatives with business objectives.As the discussion concludes, Matthew shares his wish for the cybersecurity industry: improved communication, collaboration, and leadership. He calls for greater strategic thinking, proactive risk management, and a collective effort to stay ahead of evolving threats in an increasingly complex digital world. He also highlights his hope for Cybersecurity and Data Privacy in the future.Support the show

Gościem dzisiejszego odcinka jest Paweł Babski, obecnie szef operacji SOC w Vattenfall IT Services Poland, części międzynarodowej grupy Vattenfall, czyli jednego z największych w Europie producentów i sprzedawców energii.Vattenfall IT Services Poland jest od 2011 roku odpowiedzialne za dostarczanie usług IT dla całej Grupy w zakresie m.in: e-Mobility, Asset Software Engineering, Security Operating Center, Monitoring Operating Center, Web Teams, SCADA Wind, Internet of Things, IT International Service Desk. Spółka zatrudnia ponad 430 osób i szuka kolejnych pracowników -- zajrzyj na stronę: https://www.vattenfall.com/pracaDziś rozmawiamy o tym:* Jak samodzielnie rozpocząć budowę SOC dla własnej firmy i jakie narzędzia mogą być przydatne?* Jak różni się praca w "małym" SOC-u od pracy w SOC dla międzynarodowej grupy z lokalizacjami w różnych krajach?* Na czym polega obsługa incydentu na pierwszej, drugiej i kolejnych liniach SOC?* Co zmieniło się po wybuchu wojny?* Ilu pracowników potrzeba, aby zapewnić obsługę przez całą dobę?

In this Episode, InfosecTrain's experts dive deep into the importance of SOC, its role in safeguarding your business, and how it helps manage security incidents effectively. Whether you're a cybersecurity professional or simply interested in understanding how organizations protect their digital assets, this Episode will provide you with a comprehensive overview of SOC. Learn from the best and equip yourself with essential cybersecurity knowledge to stay ahead of potential threats. Don't miss out on this crucial information that could help secure your business's future!

Podcast: Hack the Plant (LS 34 · TOP 3% what is this?)Episode: Securing Embedded SystemsPub date: 2024-09-25In this episode, Bryson sits down with MITRE EMB3D co-founder Niyo Little Thunder Pearson. For nearly 20 years, Niyo has been at the forefront of protecting critical infrastructure systems. He previously led incident response for American Express, directing the company's Security Operations Center during the LulzSec and Anonymous attacks, and worked to develop an adversarial cyber defense program for the nation's third largest gas utility at ONE Gas Oklahoma. Now, Niyo has co-founded MITRE EMB3D, a groundbreaking global threat network aimed at enhancing the security of embedded devices. What is MITRE EMB3D? Who is the intended audience? What problems is it trying to solve? “There is such a gap that exists today on what we understand and how risk averse these [embedded] devices are. They do well and they operate well. They're built for what they're doing in a safety context, but the security was never brought forward with it,” Niyo said. Join us for this and more on this episode of Hack the Plan[e]t. Hack the Plant is brought to you by ICS Village and the Institute for Security and Technology. The podcast and artwork embedded on this page are from Bryson Bort, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Guests: Mitchell Rudoll, Specialist Master, Deloitte Alex Glowacki, Senior Consultant, Deloitte Topics: The paper outlines two paths for SOCs: optimization or transformation. Can you elaborate on the key differences between these two approaches and the factors that should influence an organization's decision on which path to pursue?  The paper also mentions that alert overload is still a major challenge for SOCs. What are some of the practices that work in 2024 for reducing alert fatigue and improving the signal-to-noise ratio in security signals? You also discuss the importance of automation for SOCs. What are some of the key areas where automation can be most beneficial, and what are some of the challenges of implementing automation in SOCs? Automation is often easier said than done… What specific skills and knowledge will be most important for SOC analysts in the future that people didn't think of 5-10 years ago? Looking ahead, what are your predictions for the future of SOCs? What emerging technologies do you see having the biggest impact on how SOCs operate?  Resources: “Future of the SOC: Evolution or Optimization —Choose Your Path” paper and highlights blog “Meet the Ghost of SecOps Future” video based on the paper EP58 SOC is Not Dead: How to Grow and Develop Your SOC for Cloud and Beyond The original Autonomic Security Operations (ASO) paper (2021) “New Paper: “Future of the SOC: Forces shaping modern security operations” (Paper 1 of 4)” “New Paper: “Future of the SOC: SOC People — Skills, Not Tiers” (Paper 2 of 4)” “New Paper: “Future Of The SOC: Process Consistency and Creativity: a Delicate Balance” (Paper 3 of 4)”

Cybersecurity: Its Importance & the Impact of AI E51 This episode of AZ TechCast explores cybersecurity’s pivotal role and AI’s transformative impact, hosted by Steve Zylstra and Karen Nowicki. Guests Mark Dallmeier, JR Garcia, and Helen Patton emphasize proactive cybersecurity strategies and the dual nature of AI in enhancing threat detection while posing governance challenges. […]

Cybersecurity: Its Importance & the Impact of AI E51 This episode of AZ TechCast explores cybersecurity’s pivotal role and AI’s transformative impact, hosted by Steve Zylstra and Karen Nowicki. Guests Mark Dallmeier, JR Garcia, and Helen Patton emphasize proactive cybersecurity strategies and the dual nature of AI in enhancing threat detection while posing governance challenges. […] The post Cybersecurity: Its Importance & the Impact of AI E51 appeared first on Business RadioX ®.

On this week's episode of The Microsoft Threat Intelligence Podcast, Sherrod DeGrippo is joined by Emily Yale and Anna Bertiger. The discussion delves into Emily and Anna's daily activities within the security domain. Emily highlights her role in supporting Microsoft's internal Security Operations Center by building detections for potential threats. Anna emphasizes the practical application of research in solving security problems and focuses on anomaly detection in post-breach security. Emily and Anna provide insights into Microsoft's work culture, the intersection of technology and security, the importance of mathematical and data science skills in tech roles, and the practical applications of AI tools in professional and personal contexts.    In this episode you'll learn:       How data scientists support the internal SOC and enhance security  The importance of anomaly detection in post-breach security  Combining security with mathematical skills to create practical solutions     Some questions we ask:         What types of unusual patterns indicate malicious activity?   Is there difficulty in securing AI models compared to traditional code?   Should data science methods be used over complex models?    Resources:   View Emily Yale on LinkedIn   View Anna Bertiger on LinkedIn   View Sherrod DeGrippo on LinkedIn     Related Microsoft Podcasts:                    Afternoon Cyber Tea with Ann Johnson  The BlueHat Podcast  Uncovering Hidden Risks        Discover and follow other Microsoft podcasts at microsoft.com/podcasts     The Microsoft Threat Intelligence Podcast is produced by Microsoft and distributed as part of N2K media network.   

Guest: Christopher Salgado, CEO at All Points Investigations, LLCOn Linkedin | https://www.linkedin.com/in/christophersalgado/____________________________Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martinView This Show's Sponsors___________________________Episode NotesIn this episode of Redefining CyberSecurity Podcast, host Sean Martin converses with Christopher Salgado about the critical yet overlooked aspects of cyber investigations. Salgado's rich experiences, from being an insurance investigator in Chicago to working on Facebook's global investigations division and being a key player amidst the Cambridge Analytica crisis, lay the foundation for this engrossing dialogue.Salgado elaborates on the unique challenges posed by cyber investigations—being analytical, yet organic; thorough, yet flexible—straddling between rigidity of process and fluidity of response. Pragmatism and diligent investigation are pitched alongside the usefulness of AI tools, which, as per Salgado, can be both ally and adversary.Highlighting the importance of operating within established processes, Salgado presses on the need for standardization and streamlining, without compromising on the inherently organic nature of investigative work. He underscores how modifiable Standard Operating Procedures (SOPs) can uphold consistency and enable comprehensive learning, while staying legally sound and economically feasible.Salgado also draws attention to the flip-side of AI-tools—potential data-leaks and the threat of manipulated AI-platforms. Corporations employing AI must weigh their usage against the risks, envisaging issues of data-privacy, information-misuse, and disinformation before rolling out (or permitting vendors to use) AI-based systems.In a nutshell, this enlightening conversation delves into the complexities of cyber investigations, the indispensable role of AI, and the necessity of solid processes, making it a must-listen for cybersecurity enthusiasts and cyber sleuths alike.Top 3 Questions Addressed:What role do processes and standardization play in effective cyber investigations?How do AI tools aid in cyber investigations, and what are the potential risks?What potential risks does modern technology present, especially AI, in the context of cybersecurity?___________________________Watch this and other videos on ITSPmagazine's YouTube ChannelRedefining CyberSecurity Podcast with Sean Martin, CISSP playlist:

Guest: Christopher Salgado, CEO at All Points Investigations, LLCOn Linkedin | https://www.linkedin.com/in/christophersalgado/____________________________Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martinView This Show's Sponsors___________________________Episode NotesIn this episode of Redefining CyberSecurity Podcast, host Sean Martin converses with Christopher Salgado about the critical yet overlooked aspects of cyber investigations. Salgado's rich experiences, from being an insurance investigator in Chicago to working on Facebook's global investigations division and being a key player amidst the Cambridge Analytica crisis, lay the foundation for this engrossing dialogue.Salgado elaborates on the unique challenges posed by cyber investigations—being analytical, yet organic; thorough, yet flexible—straddling between rigidity of process and fluidity of response. Pragmatism and diligent investigation are pitched alongside the usefulness of AI tools, which, as per Salgado, can be both ally and adversary.Highlighting the importance of operating within established processes, Salgado presses on the need for standardization and streamlining, without compromising on the inherently organic nature of investigative work. He underscores how modifiable Standard Operating Procedures (SOPs) can uphold consistency and enable comprehensive learning, while staying legally sound and economically feasible.Salgado also draws attention to the flip-side of AI-tools—potential data-leaks and the threat of manipulated AI-platforms. Corporations employing AI must weigh their usage against the risks, envisaging issues of data-privacy, information-misuse, and disinformation before rolling out (or permitting vendors to use) AI-based systems.In a nutshell, this enlightening conversation delves into the complexities of cyber investigations, the indispensable role of AI, and the necessity of solid processes, making it a must-listen for cybersecurity enthusiasts and cyber sleuths alike.Top 3 Questions Addressed:What role do processes and standardization play in effective cyber investigations?How do AI tools aid in cyber investigations, and what are the potential risks?What potential risks does modern technology present, especially AI, in the context of cybersecurity?___________________________Watch this and other videos on ITSPmagazine's YouTube ChannelRedefining CyberSecurity Podcast with Sean Martin, CISSP playlist:

The Secret Service operates a broad range of applications for its diverse missions. The most well-known are guarding executive federal personnel and the integrity of U.S. currency. But it also has its own cybersecurity requirements, for which it has its own SOC or Security Operations Center. For the details, Federal Drive Host Tom Temin went in-depth with Roy Luongo, the Secret Service's Chief Information Security Officer. Learn more about your ad choices. Visit megaphone.fm/adchoices

The Secret Service operates a broad range of applications for its diverse missions. The most well-known are guarding executive federal personnel and the integrity of U.S. currency. But it also has its own cybersecurity requirements, for which it has its own SOC or Security Operations Center. For the details, Federal Drive Host Tom Temin went in-depth with Roy Luongo, the Secret Service's Chief Information Security Officer. Learn more about your ad choices. Visit podcastchoices.com/adchoicesSee Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

An American poet once wrote about reaching a fork in the road and he considered which path to take.    When one attempts to consider branching logic and automation in complex technical systems, there is a lot of consideration given to which path to take. There may be lessons to be learned from Robert Frost's 25-line masterpiece.     Today's discussion is with Thomas Kinsella, Chief Customer Officer and Co-founder of a company that focuses on improving automation.  It is appropriately called Tines.  Thomas Kinsella was asked to discuss a typical day in the life of a person working in a Security Operations Center, or SOC.  He describes it as a plethora of alerts, new data, and disjointed tools.  His description of the SOC was kind of like One Day in the Life of Ivan Denisovich by Aleksandr Solzhenitsyn. The story is almost as monotonous as a Soviet era gulag, although the remuneration may be slightly higher. Thomas Kinsella describes issues with alert fatigue, difficulty of finding good staff, and incompatible systems that make duplicative works. He and his co-founder decided to come up with a better solution, they founded Tines. During the interview Thomas Kinsella describes how they have been able to use technology to assemble data from a variety of sources. This was to address the idea of alert fatigue, if an incident was possibly confirmed, then it should be pursued. Secondly, the way to address staff shortage was to design a visually based system so that an untrained individual could drag and drop actions into a sequence.  In fact, Tines provides playbooks for many scenarios in a secure environment, he calls them playbooks.  The result is a system that can produce a Secure Orchestration Automation and Response system that is easy to use, scalable, and doesn't need the expertise of a PhD. in computer science. For more on Tines, please read the blog “Cybersecurity in 2024: Five Predictions from our co-founders”  = = = What's your score? Take the Podcast Appearance Scorecard www.podscorecard.com Connect to John Gilroy on LinkedIn https://www.linkedin.com/in/john-gilroy/ Got goin' to Mars on your bucket list? Listen to Constellations Podcast https://www.kratosdefense.com/constellations/podcasts Want to listen to other technology podcasts? www.Federaltechpodcast.com              

Als je nu het nieuws aan zet, zie je helaas veel beelden van oorlog. Maar wat je niet ziet, als je naar de beelden van alle slachtoffers en verwoeste gebouwen kijkt, is de digitale kant van deze oorlogen. Die worden al lang niet meer alleen op het slagveld uitgevochten, maar ook vanachter de computer. Door overheden en schimmige collectieven, maar ook door doodnormale burgers als jij en ik, die zich als hacktivist mengen in de strijd. In de oorlog van Rusland met Oekraïne speelde dat voor het eerst een grote rol. Daarom duiken we in deze aflevering in het digitale aspect van die oorlog. Ook Nederlandse netwerken hebben te maken met cyberdreigingen. Onze partner KPN doet er alles aan om aanvallen af te wenden en de netwerken veilig te houden. In het Security Operations Center checken medewerkers dag en nacht potentiële dreigingen. De kennis die ze daarbij opdoen draagt ook weer bij aan de ontwikkeling van een sterk beveiligingsnetwerk. Lees er hier meer over.

In this episode of LevelUp Cyber, we will delve into the dynamic world of Security Operations Center (SOC) jobs. Join us and special guest, Mark Manglicmot, Senior Vice President of Security Services at Arctic Wolf on a journey through the digital realm as we explore the challenges, triumphs, and expertise required to level up your skills in cybersecurity.Whether you're an aspiring cybersecurity professional, a seasoned IT veteran, or someone intrigued by the ever-evolving landscape of cybersecurity this is the episode for you.Key Highlights:1. Skill Advancement Strategies: Discover the essential skills and certifications needed to thrive in the world of cybersecurity, with a focus on leveling up your expertise within the Security Operations Center.2. Behind the Scenes of Cyber Defense: Gain exclusive access to the day-to-day operations of cybersecurity professionals as they tackle real-world threats. Learn about the tools, tactics, and procedures that keep organizations secure.3. Guest Interviews and Industry Insights: Engage with thought-provoking interviews featuring SOC managers, threat hunters, incident responders, and cybersecurity influencers. Stay informed about emerging trends, technologies, and best practices in the cybersecurity space.4. Career Leveling Strategies: Whether you're a cybersecurity novice or a seasoned professional, this episode guides navigating different SOC roles, advancing your career, and staying relevant in an ever-changing industry.Subscribe now to LevelUp Cyber and embark on a transformative journey through the realms of cybersecurity. Level up your knowledge, skills, and confidence as we explore the exciting and critical world of cybersecurity jobs together. Are you ready to take your cybersecurity game to the next level? Let's LevelUp Cyber!

Secure Operations Centers (SOC's) were designed in the early 1970 with an attempt to thwart minor malicious codes. Well, things have changed slightly in the past 50 years! Today's SOC provides 24 hour a day, year-round protection for key government organizations. Somehow, this initial design has not kept up with the profusion of threat vectors and many need to be upgraded to manage today's threats. This is an interview with several leaders who have decades of experience in optimizing the performance of a SOC. We have experts from the Cybersecurity and Infrastructure Agency (CISA), a couple of major research laboratories, and a subject matter expert from Palo Alto Networks. During the interview they discussed topics like tool management, the importance of standards in automation, and some help that is offered by CISA. Humans tend to be attracted to bright, shiny things. Companies like to dangle innovation in front of commercial and federal leaders, and they tend to jump on them. Some studies show that many only use 20% of a tool's capability. Robert Roser suggests reviewing the capabilities of existing tools before adding tolls to mange threats. Several participants indicated that every incident may not be a threat; one should prioritize where to go next. That concept is nice in theory, but in practicality, it needs standards that lead to automation to allow the threats to be prioritized. A SOC can get hit with thousands of alerts a day, causing operators to misidentify threats due to alert fatigue. Michael Duffy from CISA understands and lists ways that CISA can assist. He refers to the Binding Operational Directive CISA  22-01 that is designed to cut down on alert fatigue. The threat to federal SOCs is real and the response can help everyone involved make federal systems more secure.  

Join TAPE3 for a tale where Mrs. Claus engages in an epic cyber showdown against the Grinch, as they duel with 'Grinch Bots' and 'Gift Ghost Bots' in a whimsical, festive cyber battle. Witness this unique old-school, stop-motion styled confrontation, where holiday spirit meets digital defense at the North Pole.________This fictional story represents the results of an interactive collaboration between Human Cognition and Artificial Intelligence.Enjoy, think, share with others, and subscribe to "The Future of Cybersecurity" newsletter on LinkedIn.Sincerely, Sean Martin and TAPE3________Sean Martin is the host of the Redefining CyberSecurity Podcast, part of the ITSPmagazine Podcast Network—which he co-founded with his good friend Marco Ciappelli—where you may just find some of these topics being discussed. Visit Sean on his personal website.TAPE3 is the Artificial Intelligence for ITSPmagazine, created to function as a guide, writing assistant, researcher, and brainstorming partner to those who adventure at and beyond the Intersection Of Technology, Cybersecurity, And Society. Visit TAPE3 on ITSPmagazine.

Join TAPE3 for a tale where Mrs. Claus engages in an epic cyber showdown against the Grinch, as they duel with 'Grinch Bots' and 'Gift Ghost Bots' in a whimsical, festive cyber battle. Witness this unique old-school, stop-motion styled confrontation, where holiday spirit meets digital defense at the North Pole.________This fictional story represents the results of an interactive collaboration between Human Cognition and Artificial Intelligence.Enjoy, think, share with others, and subscribe to "The Future of Cybersecurity" newsletter on LinkedIn.Sincerely, Sean Martin and TAPE3________Sean Martin is the host of the Redefining CyberSecurity Podcast, part of the ITSPmagazine Podcast Network—which he co-founded with his good friend Marco Ciappelli—where you may just find some of these topics being discussed. Visit Sean on his personal website.TAPE3 is the Artificial Intelligence for ITSPmagazine, created to function as a guide, writing assistant, researcher, and brainstorming partner to those who adventure at and beyond the Intersection Of Technology, Cybersecurity, And Society. Visit TAPE3 on ITSPmagazine.

Yoav Nathaniel, CEO of Silk Security, joins us to discuss the transformative role of AI-driven solutions in cybersecurity risk management. Exploring how to leverage AI to enhance security operations and streamline risk assessment processes. Yoav offers unique insights into tackling the overwhelming challenge of managing security alerts. We delve into the importance of effective cybersecurity strategies in today's complex IT environments and the benefits of AI in making security operations more efficient and less overwhelming for teams.

In this episode of CISO Tradecraft, host G Mark Hardy talks to Kevin O'Connor, the Director of Threat Research at Adlumin. They discuss the importance of comprehensive cybersecurity for Small to Medium-sized Businesses (SMBs), including law firms and mid-sized banks. The conversation explores the complexities of managing security infrastructures, the role of managed security service providers, and the usefulness of managed detection and response systems. The discussion also delves into the increasing threat of ransomware and the critical importance of managing data vulnerabilities and providing security awareness training. Big Thanks to our Sponsor: Adlumin - https://adlumin.com/ Transcripts: https://docs.google.com/document/d/1V_qkMFdGC4NRLCG-80gcsiSA8ikT8SwP Youtube: https://youtu.be/diCZfWWB3z8   Chapters 00:12 Introduction and Sponsor Message 01:42 Guest Introduction: Kevin O'Connor 02:29 Discussion on Cybersecurity Roles and Challenges 03:20 The Importance of Defense in Cybersecurity 04:23 The Role of Managed Security Services for SMBs 07:26 The Cost and Staffing Challenges of In-House SOCs 14:41 The Value of Managed Security Services for Legal Firms 16:30 The Threat Landscape for Small and Mid-Sized Banks 18:19 The Difference Between Compliance and Security 20:08 Understanding the Reality of Cybersecurity 20:45 The Challenges of Building IT Infrastructure 21:08 Outsourcing vs In-house Security Management 21:55 The Importance of Understanding Your Data 22:43 Security Operations Center vs Security Operations Platform 24:21 The Role of Managed Detection and Response 24:54 The Importance of Quick Response in Security 28:07 The Threat of Ransomware and Data Breaches 34:31 The Role of Pen Testing in Cybersecurity 36:33 The Growing Threat of Ransomware 38:28 The Importance of Security Awareness Training 40:42 The Role of Incident Response and Forensics 42:11 Final Thoughts on Cybersecurity

Jonathan Cassar, the Chief Technology Officer and Head of Information Security at the Malta Information Technology Agency (MITA), provides insights into global cybersecurity trends and their implications for the public sector. He discusses strategies to bolster cybersecurity in government and critical infrastructure, approaches to tackling the cybersecurity talent shortage, the integration of human expertise with technology to combat threats effectively, and best practices for automating security operations in government. Olivia Neal [host] | LinkedIn   Alvaro Vitta | LinkedIn Jonathan Cassar | LinkedIn MITA Microsoft Public Sector Center of Expertise for more information and transcripts of all episodes  Discover and follow other Microsoft podcasts at aka.ms/microsoft/podcasts   

Happy National Cybersecurity Awareness Month! Well, we hope it's a happy occasion. This week on Connected, Greg sits down with Ken Wolf, the supervisor of Reynolds' Security Operations Center. While thinking about cyber incidents can be intimidating, Ken was able to talk through some things that can help you protect yourself and your dealership. Things like: -Where you have control when it comes to your data. -The impact of ransomware and cyberattacks. -What you can be doing to keep your data safe.

Tom Casey, senior vice president of products and technology at Splunk joins Bloomberg Intelligence Senior Analysts Mandeep Singh and Sunil Rajgopal to discuss the company's efforts to build an enterprise security operations center (SOC). The episode was recorded after the company announced its takeover by Cisco.

In this episode, Ryan and Shannon discuss the NSA's plans to create a state-of-the-art AI Security Operations Center to bolster U.S. defense and intelligence. Please

Guest: Kayla Williams, CISO of Devo Inc. [@devo_Inc] and co-host of the Locked Down Podcast [@LockedDownKT]On Linkedin | https://www.linkedin.com/in/kaylamwilliams1/On Twitter | https://twitter.com/kayla_obviouslyOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/kayla-williams____________________________Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesIn this episode, hosts Marco and Sean are joined by Kayla Williams, CISO for Devo Technology, to discuss the upcoming SOC Analyst Appreciation Day. The conversation covers various sessions that will be part of the event, including topics such as mental health, a day in the life of a SOC analyst, and the impact of AI and automation. They emphasize the need for empathy and understanding when it comes to mental health, highlighting the importance of recognizing signs of distress and offering support. They also discuss the challenges faced by SOC analysts, such as burnout and the lack of recognition, and stress the need for better communication and collaboration within the industry.The CISO panel that will be part of the event, titled "CISOs in the Hot Seat," sparks curiosity about the discussion topics, with hopes that people management and understanding the mental health of teams will be addressed. The session on AI and automation raises questions about whether it will make the life of SOC analysts easier or increase the threat landscape. There is tons of excitement from Sean and Marco about hosting the "Day in the Life of a SOC Analyst" panel, where they aim to explore the daily struggles and experiences of analysts. They underscore the importance of appreciation and recognition within the industry, as indicated by statistics showing that many analysts are seeking a way out of their roles.____________________________Watch this and other videos on ITSPmagazine's YouTube ChannelRedefining CyberSecurity Podcast with Sean Martin, CISSP playlist:

Guest: Kayla Williams, CISO of Devo Inc. [@devo_Inc] and co-host of the Locked Down Podcast [@LockedDownKT]On Linkedin | https://www.linkedin.com/in/kaylamwilliams1/On Twitter | https://twitter.com/kayla_obviouslyOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/kayla-williams____________________________Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesIn this episode, hosts Marco and Sean are joined by Kayla Williams, CISO for Devo Technology, to discuss the upcoming SOC Analyst Appreciation Day. The conversation covers various sessions that will be part of the event, including topics such as mental health, a day in the life of a SOC analyst, and the impact of AI and automation. They emphasize the need for empathy and understanding when it comes to mental health, highlighting the importance of recognizing signs of distress and offering support. They also discuss the challenges faced by SOC analysts, such as burnout and the lack of recognition, and stress the need for better communication and collaboration within the industry.The CISO panel that will be part of the event, titled "CISOs in the Hot Seat," sparks curiosity about the discussion topics, with hopes that people management and understanding the mental health of teams will be addressed. The session on AI and automation raises questions about whether it will make the life of SOC analysts easier or increase the threat landscape. There is tons of excitement from Sean and Marco about hosting the "Day in the Life of a SOC Analyst" panel, where they aim to explore the daily struggles and experiences of analysts. They underscore the importance of appreciation and recognition within the industry, as indicated by statistics showing that many analysts are seeking a way out of their roles.____________________________Watch this and other videos on ITSPmagazine's YouTube ChannelRedefining CyberSecurity Podcast with Sean Martin, CISSP playlist:

While large language models such as ChatGPT can be used to write malicious code, AI tools are increasingly used to proactively detect and thwart cyber-attacks. There is growing recognition of AI's potential to fight cybercrime. Ian L. Paterson, CEO, Plurilock, sheds light on how AI has impacted the cybersecurity industry, especially how Generative AI is changing the industry. Describing the role of the AI as a co-pilot, he says, "The way I think about leveraging AI is typically having a human do the first 10%, and the last 10%, an AI is really good at doing the 80% in the middle. So it's not a replacement for the human, but it's an enabler for that human and allows them to do more with less."Time Stamps00:02 -- Introduction02:26 -- Ian L. Paterson's professional highlights04:56 -- What is generative AI and how does it work?10:34 -- How can we protect ourselves from phishing attacks?16:12 -- Leveraging AI for behavioral biometrics21:21 -- What is generative AI? How are these tools being used to thwart cyber attacks?24:45 -- How do we speed up detection and remediation?28:20 -- Cybersecurity is a team sport and it is a team game32:29 -- Guidance and recommendations36:19 -- Final thoughtsMemorable Ian Paterson Quotes/Statements"What we see today is that large language models can appear as if they are themselves intelligent.""One of the chief dangers of this new (AI) type of technology is that you can now author convincing text at scale.""What we are seeing today is both an increase in the volume of attacks and an increase in the severity and the convincingness of some of these attacks. I call them multimodal attacks because you're using not only the modality of text but you can also use the modality of video or audio. I think we're going to have to deal with these types of attacks, with these problems, for many years to come.""You're not going to have a ransomware attack on Monday at 10 am when everybody's refreshed from the weekend; it's going to be Friday afternoon, it's going to be on Christmas Day, it's going to be when you don't want to deal with those types of situations.""You can certainly use large language models to accelerate or help cut down on some of the minutiae when writing code.""Large language models are being used as co-pilot in Security Operations Center, to do log analysis, to speed up monitoring, identification, and notification of potential threats.""We've always had this need in cybersecurity to increase productivity because there are not enough people to do the work needed to stay safe. So, AI will help, it will be a productivity boon.""The way I think about leveraging AI is you typically have a human do the first 10% and the last 10%, an AI is really good at doing the 80% in the middle. It's not a replacement for the human, but it's an enabler for that human and allows them to do more with less, and hopefully, highlight the area they need to focus on.""The reality is that cybersecurity is a team sport, and you need a host of products and solutions working in harmony to adequately address the threats out there and reduce the attack surface.""In summation, AI is good, we're certainly going to see cybersecurity-related innovations, but it's not going to replace the people it takes to deploy and leverage those solutions.""It's really about having that defense-in-depth strategy. I think that makes a difference between somebody with pretty good security and somebody with great security."Connect with Host Dr. Dave Chatterjee and Subscribe to the PodcastPlease subscribe to...

Growth in the cybersecurity industry is quickly outpacing the number of skilled workers available to fill the need, with estimates putting the global cybersecurity workforce gap at more than 3 million people. That shortage of IT talent is particularly acute in higher education, where salaries and benefits often can't compete with the corporate sector. In light of those issues, the University of South Carolina Aiken recently found a creative way to staff a new security operations center — and give students hands-on cybersecurity training at the same time. We spoke with Ernest Pringle, vice chancellor for Information Technology and CIO at USC Aiken, about creating a student-led SOC, helping students put cybersecurity theory into practice, forging regional cybersecurity partnerships, and more. Resource links: How USC Aiken's CIO Used Regional Cybersecurity 'Buzz' to Launch a Student-Staffed Security Operations Center Music: Mixkit Duration: 29 minutes Transcript

Guest: Aunshul Rege, Director at The CARE Lab at Temple University [@TU_CARE]On Linkedin | https://www.linkedin.com/in/aunshul-rege-26526b59/On Twitter | https://twitter.com/Prof_Rege____________________________Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martin____________________________This Episode's SponsorsPentera | https://itspm.ag/penteri67aCrowdSec | https://itspm.ag/crowdsec-b1vp___________________________Episode NotesWelcome to a riveting new episode of the Redefining Cybersecurity Podcast, hosted by Sean Martin! Today, we're diving into the fascinating world of social engineering and the crucial role of education in understanding cybersecurity. Join us in this engaging conversation with Aunshul Rege from Temple University, who does amazing work in helping students comprehend the importance of cybersecurity and how social engineering plays a vital part in it.Imagine a world where computer science students and liberal arts students come together to tackle cybersecurity challenges from different angles. Aunshul Rege is an associate professor at the Department of Criminal Justice at Temple University, who has a unique journey starting as a software engineer and eventually realizing that computer science wasn't enough to answer the who, why, and how of cyber attacks. Her passion for understanding human behavior, sociology, and cybersecurity led her to explore the liberal arts side of cybersecurity.In this episode, Aunshul talks about her innovative teaching methods, where she pushes her students to collaborate across disciplines and explore the importance of social engineering in cyber attacks. From shoulder surfing activities to discussing ethics and multidisciplinary teamwork, her students learn to appreciate the different skill sets and perspectives they bring to the table.But it's not just about the technical aspect of cybersecurity. Aunshul's approach to teaching focuses on building students' understanding of human behavior and psychology in cyber attacks, emphasizing the value of social engineering in both the attack and defense aspects of cybersecurity.As you listen to this fascinating conversation, you'll discover the powerful impact of merging computer science and liberal arts perspectives, the importance of ethics in cybersecurity, and how Aunshul's unique teaching methods help students appreciate their role in the ever-evolving world of cybersecurity.So, get ready to be inspired by Aunshul's story and her innovative approach to cybersecurity education. You won't want to miss this captivating episode that challenges our understanding of cybersecurity and the critical role of social engineering in it. And don't forget to share this episode, subscribe to the podcast, and join us for more insightful conversations on Redefining Cybersecurity.____________________________Watch this and other videos on ITSPmagazine's YouTube ChannelRedefining CyberSecurity Podcast with Sean Martin, CISSP playlist

Welcome to a brand new season of Blueprint! In this intro episode we discuss "Fundamentals" chapter of the "11 Strategies of a World Class Cybersecurity Operations Center" with the authors. We get into the motivation behind updating the book and why its lessons are more important than ever in 2023. This chapter includes discussion of the functions of a SOC, basics of workflow, CTI and contextual data sources, and why ops tempo and speed is a critical factor in SOC success.This special season of the Blueprint Podcast is taking a deep dive into MITRE's 11 Strategies of a World-Class Cyber Security Operations Center. Each episode John will break down a chapter of the book with the book's authors Kathryn Knerler, Ingrid Parker, and Carson Zimmerman.Visit this Mitre page to find more information.-----------Support for the Blueprint podcast comes from the SANS Institute.If you like the topics covered in this podcast and would like to learn more about blue team fundamentals such as host and network data collection, threat detection, alert triage, incident management, threat intelligence, and more, check out my new course SEC450: Blue Team Fundamentals.This course is designed to bring attendees the information that every SOC analyst and blue team member needs to know to hit the ground running, including 15 labs that get you hands on with tools for threat intel, SIEM, incident management, automation and much more, this course has everything you need to launch your blue team career.Check out the details at sansurl.com/450 Hope to see you in class!Follow SANS Cyber Defense: Twitter | LinkedIn | YouTubeFollow John Hubbard: Twitter | LinkedIn

Mayuresh Ektare, an expert in risk management and SVP of Product Management at Brinqa, joins Sean Martin for a quick dive into the world of centralizing risk management frameworks. Ektare explains that the magic sauce isn't just bringing the data together, but stitching it together to create a unified understanding of an organization's attack surface. By overlaying business context, customers can prioritize and act upon the right set of findings in a timely fashion. Martin and Ektare discuss the challenges faced by customers in finding a centralized repository for business context, with many relying on tribal knowledge or CMDB records.Ektare introduces the concept of a Risk Operations Center (ROC), which allows organizations to orchestrate the risk lifecycle and proactively reduce exposure. Comparing it to a Security Operations Center (SOC), he highlights the importance of extending vulnerability management programs to encompass cloud infrastructure and application security posture management. The conversation also touches on the challenges of managing false positives and distilling a vast amount of findings into actionable items. By overlaying business context and understanding the impact of vulnerabilities on their organization, customers can fine-tune security scores, prioritize effectively, and respond accordingly.Note: This story contains promotional content. Learn more: https://www.itspmagazine.com/their-infosec-storyGuest:Mayuresh Ektare, SVP of Product Management at Brinqa [@brinqa]On Linkedin | https://www.linkedin.com/in/mektare/ResourcesLearn more about Brinqa and their offering: https://itspm.ag/brinqa-pmdpFor more RSAC Conference Coverage podcast and video episodes visit: https://www.itspmagazine.com/rsa-conference-usa-2023-rsac-san-francisco-usa-cybersecurity-event-coverageAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story

A centralized facility or team responsible for monitoring, detecting, analyzing, and responding to cybersecurity incidents within an organization. CyberWire Glossary link: https://thecyberwire.com/glossary/security-operations-center Audio reference link: AT&T Tech Channel, 2012. A tour of AT&T's Network Operations Center (1979) [Video]. YouTube. URL www.youtube.com/watch?v=cigc3hvMyWw.

A centralized facility or team responsible for monitoring, detecting, analyzing, and responding to cybersecurity incidents within an organization. CyberWire Glossary link: https://thecyberwire.com/glossary/security-operations-center Audio reference link: AT&T Tech Channel, 2012. A tour of AT&T's Network Operations Center (1979) [Video]. YouTube. URL www.youtube.com/watch?v=cigc3hvMyWw. Learn more about your ad choices. Visit megaphone.fm/adchoices

How do you build a Security Operations Center from the ground up? On this episode of Secure AF, Gharrett Workun and Wade VanDeburgh met with us to discuss how they lead the development of a SOC, as well as strategized creative ways to keep their team engaged. Watch the full video at youtube.com/@aliasinfosec.Catch the whole episode now at secureafpodcast.comListen on Apple Podcasts, Spotify and anywhere you get you're podcasts.

Many organizations recognize the need for “always on” security, but few know how to achieve or sustain it. Grant Hayes, Owner of Childers, Hayes and Richards, has more than 20 years' experience in physical security, from protecting U.S. Presidents as a Secret Service Agent to leading security operations at major organizations like BP and Magnolia.  In this episode, Grant shares the basic building blocks of launching a SOC and provides actionable advice on how to uplevel your security program. Listen in to learn: The benefits of a modern SOC Expected costs Common roles and responsibilities of SOC personnel How to fully integrate a security team into your organization Tips on choosing the right vendors and contractors  The Employee Safety Podcast is hosted by Peter Steinfeld, SVP of Safety Solutions at AlertMedia. You can find this interview and many more by following The Employee Safety Podcast on Apple Podcasts, Spotify, or subscribing here. Listening on a desktop and can't see the links? Just search for The Employee Safety Podcast on your favorite podcast player.