Podcasts about Security operations center

Professor Rebecca Katz, Georgetown University, explains the Health Security Operations Center, the remarkable initiative she has spearheaded with others to enhance protection against dangerous outbreaks during the FIFA World Cup June 11-July 19 in the US, Mexico and Canada. She speaks to its genesis, mission, and coalition partners. Give it a listen! 

In this episode of MSP1337, Chris Johnson is joined by Jeff Majka, founder of Security Bulldog, to unpack why MSP‑delivered SOC services are at a breaking point, and how AI and automation are forcing a reset. They explore why traditional tiered SOC models and white‑label thinking no longer scale, how ungoverned AI adoption collides with zero trust, and why speed and decision quality now matter more than raw data or CVE counts. From ticket overload and false positives to exploitability, continuous monitoring, and breach resilience, the conversation underscores a hard truth: MSPs must redesign security operations around automation-first workflows that reduce noise, protect high‑value assets, and preserve human judgment for what truly matters in an AI‑accelerated threat landscape.

No Password Required: No Password Required: Next Gen - Ep. 2 - Tim Kircher From Freshman Stress to Cyber Success:  Formula 1, Pickleball, and hacking in Real life In this episode of No Password Required: Next Gen, Yazzel Corona interviews Tim Kircher, a cybersecurity student at USF and member of the Security Operations Center Apprenticeship Program at Cyber Florida. Tim shares how his fascination with technology first sparked his interest in cybersecurity. From networking advice and navigating the chaos of a cybersecurity education,  Tim keeps it real, giving us all the tips about what it takes to get started successfully in the field. He talks about why communication skills matter just as much as technical ability in the age of AI and automation, and how taking things “one day at a time” helped shape his journey. Outside of cyber mode, Tim is a huge pickleball and Formula 1 fan, leading to fun conversations about cyber pit crews, movie hacking scenes, and why Mercedes would absolutely be his dream team. From defensive cyber operations to teamwork and leadership, Tim's story is all about staying curious, building connections, and finding your path in cybersecurity. Follow Tim on LinkedIn: https://www.linkedin.com/in/tim-kircher/ Chapters:  00:00 — Introduction 00:30 — Discovering Cybersecurity   00:54 — Advice for Freshman Cybersecurity Students   01:47 — Formula 1 & Cybersecurity 02:10 — Which F1 Team Would Be Vulnerable?   02:28 — Building the Ultimate Cybersecurity Pit Crew 03:01 — Hollywood Hacking vs. Real-Life Hacking 03:22 — Final Advice for Future Cybersecurity Professionals 04:01 — Toasting to the Future Follow Tim on LinkedIn: https://www.linkedin.com/in/tim-kircher/ Presented by ThreatLocker

Moin aus Osnabrück und herzlich Willkommen zur Folge 49 vom Update. Ein starkes Security Operations Center entsteht nicht zufällig. Es braucht die richtigen Daten, klare Prozesse, zuverlässiges Monitoring und ein engagiertes Team. Nur so lassen sich Angriffe früh erkennen und schnell abwehren. In unserem SOC-Team fiel kürzlich der Vergleich: „Ein SOC ist wie eine gute Pizza.“ In dieser Folge spricht Ulf mit Squad Lead Onbaorading & Scoping Max Dallmann darüber, was genau dahintersteckt und welche „Zutaten“ ein SOC wirklich braucht, damit es reibungslos funktioniert.

In 2024, reports emerged of a highly sophisticated cyber espionage campaign against US telecoms companies, which some analysts believe went all the way up to the Chinese government.The group behind this campaign would later be codenamed Salt Typhoon, and it is believed to have quietly infiltrated critical US telecoms infrastructure in order to collect private information on influential Americans – including presidential candidates. In the process, it may have also swept up data from millions of ordinary Americans. The Chinese government has denied responsibility for Salt Typhoon.We speak to former Deputy National Security Adviser Anne Neuberger, who was working inside the White House when the attacks were first uncovered. We also speak to BBC cyber correspondent Joe Tidy about how this hack unfolded – and what it reveals about who may be winning the cyber war.Producer: Aron Keller Sound engineer: Travis Evans Executive producer: James Shield Senior news editor: China Collins (Photo: Analysts in the Security Operations Center at the Dell Secure Works office in South Carolina, US. Credit: Stephen Morton/Getty Images)

Guests: Eric Foster, CEO, Tenex.AI Bashar Abouseido, President,  Tenex.AI Topics: "10X SOC" sounds great.  But for an organization stuck in "SIEM 1.0" with poor data quality and manual workflows, is "AI-native MDR" a "leapfrog" opportunity or a recipe for disaster? We've seen the rise of "Decoupled SIEM" and security data lakes. Does a "Modern SIEM" even need to exist if an MDR platform has an agentic layer doing the heavy lifting?  You've argued for AI-native over AI-bolted-on. For an end user, what are the tangible differences of using "AI inside a legacy SIEM" versus using an "AI-native separate product"? What is the one task you thought AI would handle by now that still requires a senior human analyst to step in? If a CISO is using an AI MDR, "Mean Time to Detect" (MTTD) starts to look like a vanity metric because the machine is instant. What is the new golden metric for an AI-powered SOC? Is it "Time to Context," "Reduction in Human Toil," or something else? How do you help a skeptical SOC Manager—who has been burned by false positives for a decade—trust an autonomous agent to perform a "containment" action at 3:00 AM?   Resources: EP227 AI-Native MDR: Betting on the Future of Security Operations? EP10 SIEM Modernization? Is That a Thing? The original "10X" paper "Autonomic Security Operations: 10X Transformation of the Security Operations Center"

Cynthia Wyre —Project Manager at Rapid7 and the Queen of Cyber Media  No Password Required Season 7: Episode 4 - Cynthia Wyre  Cynthia Wyre is a Senior Strategic Engagement Project Manager at Rapid7, where she helps connect academic research and industry. Her path into cybersecurity innovation was untraditional, moving from healthcare and construction project management into vulnerability research and academic partnerships.  Cynthia reflects on how she applied for a role she did not think she was qualified for, why professionals of all backgrounds belong in cyber, and how project management skills can open unexpected doors.  Jack Clabby of Carlton Fields, P.A., and K. Melton of the Cognitive Security Institute welcome Cynthia live from CyberBay 2026 in Tampa for a conversation about research, resilience, and relationship-building in cybersecurity. Cynthia explains Rapid7's partnership with USF and Cyber Florida, including her efforts to support research around SOC analyst training and burnout, and the future of cyber education.  Throughout the conversation, Cynthia highlights the importance of community, mentorship, and helping people see that cybersecurity is not limited to one path or one type of person.  The episode wraps with the Lifestyle Polygraph, where Cynthia reveals how she would work a room full of strangers and how she won a costume contest moments before meeting rapper Young Gravy. She also earns a crown of her own, officially joining the No Password Required fantasy cybersecurity squad as Queen of the Podcast.  Follow Cynthia on LinkedIn: https://www.linkedin.com/in/cynthiawyre/ Presented by ThreatLocker  Follow ThreatLocker on LinkedIn: https://www.linkedin.com/company/threatlockerinc/posts/ Chapters:  00:00 Introduction 02:15 From Aspiring Physical Therapist to Project Manager 03:50 Transitioning from Construction to Cybersecurity 05:12 Applying for the Rapid7 Role and Overcoming Self-Doubt 10:25 Academic Partnerships with USF and Cyber Florida 12:56 Leaning into Discomfort and Personal Growth 20:15 The Role of Marching Band and Education in Cynthia's Life 24:25 A Memorable Encounter with a Music Industry Entertainer Yung Gravy 28:00 Lifestyle Polygraph and Fun Personal Questions 37:40 Crowning Cynthia as Queen of the Podcast

Artificial intelligence is revolutionizing the way we protect our most valuable data, and autonomous agents are now outperforming human analysts in detecting critical vulnerabilities. Discover how virtual security teams are solving the global cybersecurity talent gap and stopping advanced cyber attacks before they can cripple an enterprise.   In this episode of Born in Silicon Valley, we sit down with Ambuj Kumar, the Co-Founder and CEO of Simbian. From growing up in rural India to leading engineering at NVIDIA and building the multi-million dollar company Fortanix, Ambuj shares his incredible journey to the forefront of the AI security frontier.   We dive deep into the massive operational challenges facing modern cybersecurity operations and explore how Simbian is using sophisticated AI agents to act as virtual Security Operations Center analysts. Ambuj reveals the shocking results of a recent threat-hunting competition where their AI agent outperformed 95 percent of human professionals.   Listeners will also learn what it takes to transition from a successful prototype to an enterprise-ready product that deploys seamlessly across top-tier security tools in just two hours. Whether you are an aspiring founder or an industry veteran, this conversation provides an invaluable look at intellectual honesty, startup growth, and the rapidly evolving landscape of digital defense.   Chapters 00:00 Introduction to Ambuj Kumar and Symbian 04:02 Ambuj's Origin Story and Early Influences 08:13 Lessons from NVIDIA and Intellectual Honesty 10:37 Innovating in Cybersecurity with AI 14:22 The Efficacy of AI in Cybersecurity 16:19 AI as a Super Assistant for Security Analysts 19:01 Staying Relevant in a Rapidly Evolving Threat Landscape 21:46 Building and Scaling the Symbian Platform 25:35 Implementation and Integration of Symbian 26:44 Business Model and Pricing Structure 29:19 Responding to Cybersecurity Incidents 32:18 Challenges and Aspirations for Symbian 34:31 Future Roadmap and Upcoming Features 36:48 Lessons for First-Time Founders   Host: Jake Aaron Villarreal leads the top AI recruitment firm in Silicon Valley, www.matchrelevant.com, uncovering stories of funded startups and going behind the scenes to tell their founders' journeys. If you are growing an AI startup or have a great story to tell, email us at: jake.villarreal@matchrelevant.com

The security operations center is under pressure from every direction -- rising alert volumes, fragmented data environments, and a skills gap that no amount of hiring fully closes. At RSAC Conference 2026, Monzy Merza of Crogl sat down with Sean Martin and Marco Ciappelli to talk about what the AI-enabled SOC actually looks like when it is working at enterprise scale. Crogl recently published the State of the AI SOC report, a survey of more than 600 organizations. The headline finding: nearly 40% of alerts go completely unattended. Not triaged. Not escalated. Just missed. The report also found that a large share of respondents rank the security of an AI system above its raw capability -- trust before performance. Merza says the goal of the report was part data, part demystification, and part empathy building -- giving security leaders permission to recognize that everyone is dealing with the same problems. Crogl's knowledge engine is built on a foundational premise: data is fragmented in the enterprise, and that is not going to change. Rather than requiring data normalization before analysis, Crogl builds an enterprise semantic knowledge graph that maps relationships across data lakes, SIEMs, and SOAR platforms, wherever the data lives. Analysts no longer need to navigate schemas or query languages. Crogl handles the investigation and surfaces what matters. Merza describes two compressor effects his customers experience. A competency compressor allows any analyst to draw on multiple data lakes at once. A domain knowledge compressor lets Crogl work across alert types -- phishing, endpoint, and beyond -- rather than routing each to a specialist. The result is a team that operates well above its apparent headcount. One customer example: a CISA advisory that would take hours to manually parse can be uploaded into Crogl and assessed across the enterprise footprint -- IOC mapping and detection coverage -- in sub-hours. The same logic extends to compliance, where audit data calls that once required manual query-by-query execution can now be executed by Crogl against a full 500-query data call at once. On the jobs question, Merza takes a clear position: AI will create more security jobs, not fewer. Every new AI deployment is a new attack surface. Every new footprint needs to be defended. The repetitive tier-one work is going away -- but the volume of meaningful security work is expanding and the entry level is rising. The organizations getting ahead of this are already standing up AI review boards and putting security capability at the center of how they evaluate new AI tools. This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight GUEST Monzy Merza, Co-Founder and CEO, Crogl LinkedIn: https://www.linkedin.com/in/monzymerza RESOURCES State of the AI SOC Report (free download): https://www.crogl.com Crogl: https://www.crogl.com AI SOC Summit: https://aisocsummit.com Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Monzy Merza, Crogl, Sean Martin, Marco Ciappelli, brand spotlight, brand marketing, marketing podcast, brand story, AI SOC, security operations center, SOC automation, AI in cybersecurity, alert fatigue, security data lakes, SIEM integration, enterprise knowledge graph, threat intelligence, CISA advisory, Volt Typhoon, RSAC Conference 2026, RSAC 2026, cybersecurity AI, autonomous investigation, SOC analysts, security workforce, CISO strategy Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Every vendor at RSAC Conference 2026 will have an autonomous SOC story. Subo Guha, Senior Vice President of Product Management at Stellar Cyber, has been building the real thing for over a decade -- and he has one question every buyer should ask at every booth: can your platform explain why it reached its verdict? Stellar Cyber's autonomous SOC provides a full case summary for every true positive, showing the forensic evidence chain, threat intelligence correlations, and specific observables that led to the conclusion. SOC analysts can review, challenge, or override -- and that feedback loop is how the system improves. The threat landscape has shifted in ways that validate Stellar Cyber's original architecture. LLM-generated attacks have collapsed the time to launch a sophisticated phishing campaign from weeks to minutes. Stellar Cyber was built to serve the mid-market and the MSSPs that protect it -- organizations that face identical threats to enterprises but without enterprise resources. A unified, multi-tenant platform means MSSPs onboard new customers in minutes. An open data ingestion engine works with whatever tools are already in place -- no EDR lock-in, no rip-and-replace. At the center of the platform is a correlation engine that transforms thousands of individual alerts into a manageable set of high-confidence cases. An identity compromise driving lateral movement across dozens of alerts becomes one case with a clear recommended action. Subo describes this as the difference between drowning in noise and focusing on decisions that actually require human judgment -- and it is the foundation the autonomous SOC layer is built on. Subo is direct about what the hype gets wrong: the claim that organizations can dramatically cut SOC headcount because AI has it covered is not happening. The realistic version of autonomous SOC is a force multiplier -- digital agents handle the continuous, high-volume triage work that consumes analyst hours, freeing humans for the cases that require context and institutional knowledge. A system that automates without explainability does not reduce risk. It relocates it. Stellar Cyber will be at booth S327 in the South Hall at RSAC Conference 2026, right at the bottom of the escalator. Live autonomous SOC demonstrations will be running throughout the event, with real-world results from customers already in production. The team also has a barista on site -- a detail Subo was particularly keen to mention for Marco Ciappelli. This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight GUEST Subo Guha, Senior Vice President of Product Management, Stellar Cyberhttps://www.linkedin.com/in/suboguha/ RESOURCES Learn more about Stellar Cyber: https://stellarcyber.ai RSAC Conference 2026 Coverage: https://www.itspmagazine.com/rsac-2026-conference-san-francisco-usa-cybersecurity-event-infosec-conference-coverage Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Subo Guha, Stellar Cyber, Sean Martin, brand story, brand marketing, marketing podcast, brand spotlight, autonomous SOC, Open XDR, MSSP security platform, AI-driven security operations, agentic AI cybersecurity, threat detection and response, RSAC Conference 2026, SOC analyst tools, multi-tenant security platform, LLM-generated attacks, security operations center, SIEM NDR unified platform Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Monzy Merza, Co-Founder and CEO of Crogl, sat down with Sean Martin and Marco Ciappelli ahead of RSAC Conference 2026 with a position that cuts against the prevailing AI narrative: there will be more security engineers next year than there are today, not fewer. His reasoning draws on how automation has always worked. The phone contact list eliminated the need to memorize numbers -- and people communicated with far more people as a result. AI in security will expand the surface area practitioners must handle, not shrink the need for them. Crogl was founded in 2023 to make every security practitioner as effective as their entire team. What sets Crogl apart is a refusal to require data normalization before the product becomes useful. Instead, Crogl builds a semantic knowledge graph across an organization's existing data lakes, SIEMs, and SOAR platforms -- however many there are -- so analysts can investigate alerts and threat hunt across their real environment, not an idealized version of it. Monzy Merza applies the same logic to language models as to data: if different data stores serve different purposes, why accept a single LLM for every security scenario? Crogl lets organizations choose their model, swap as needs evolve, and deploy on any footprint -- including fully air-gapped environments. For government agencies, energy utilities, and manufacturers, that is not a feature. It is a deployment prerequisite. Financial services leaders across 15 conversations in New York told Merza the same thing unprompted: Crogl's investment in an enterprise semantic knowledge graph is what they see as genuinely correct. Their argument: you cannot solve enterprise security operations with AI without knowing where data lives without transforming it. These were practitioners speaking, not vendors. The week before RSAC Conference, Crogl hosted the first AI SOC Summit near Washington, DC -- no NDAs, no directed demos. Attendees brought their own laptops, got access tokens, and used Crogl on their own problems, completely unattended. The booth at RSAC Conference will work the same way: walk up, run real scenarios, no one driving the demo. The head of AI, UX designer, and chief architect will all be on the floor to listen and be challenged. Organizations building AI security strategy around eliminating people are making a bet history does not support. The smarter path -- and the one Crogl is built around -- is enabling practitioners with tools that meet them where they are, on the data they have, with the models they trust, in the environments they control. This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlight GUEST Monzy Merza, Co-Founder and CEO, Crogl On LinkedIn: https://www.linkedin.com/in/monzymerza/ RESOURCES Crogl: https://www.crogl.com AI SOC Summit: https://www.aisocsummit.com/ RSAC Conference 2026 Coverage on ITSPmagazine: https://www.itspmagazine.com/rsac-2026-conference-san-francisco-usa-cybersecurity-event-infosec-conference-coverage Are you interested in telling your story? ▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full ▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight ▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlight KEYWORDS Monzy Merza, Crogl, Sean Martin, brand story, brand marketing, marketing podcast, brand spotlight, AI SOC, security operations center, autonomous alert investigation, enterprise semantic knowledge graph, AI security tools, SOC automation, security analyst, threat hunting, data normalization, large language models, agentic AI, RSAC 2026, RSAC Conference Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Send a text

⬥EPISODE NOTES⬥ The security operations center has always been a battleground of volume, velocity, and human endurance. Analysts have long faced the impossible math of too many alerts, too few hours, and too much at stake. For years, the industry promised automation would change that equation -- but the technology was never quite ready to deliver. That moment, according to Richard Stiennon, has now arrived. Stiennon, Chief Research Analyst at IT-Harvest, has spent two decades tracking every corner of the cybersecurity vendor landscape. His data now shows more than 61 net-new SOC automation vendors -- companies that did not exist a few years ago -- built from the ground up to replace the work of tier-one, tier-two, and tier-three analysts. Some of these vendors launched in January 2024 and reached $1 million in ARR by April. By the end of 2025, several were reporting $3 million ARR. These are not incremental improvements. They represent a structural shift in how security operations can be run. What makes this generation of SOC automation different from earlier SIEM and SOAR tooling is scope and autonomy. The value proposition is blunt: 100% alert triage, 24 hours a day, 7 days a week -- with automated case building, threat investigation, and response actions including machine isolation and reimaging. Stiennon points to a CISO he met, speaking under Chatham House rules, who disclosed that a large enterprise had already eliminated its entire human SOC team. He predicts that disclosure will go public before long. The conversation also explores the business context question that security leaders frequently wrestle with: are these AI-driven SOC tools operating with a narrow cyber mandate, potentially optimizing for security metrics at the expense of business continuity? Stiennon pushes back on that concern, arguing that large language models are already trained on the full breadth of human knowledge -- they understand business context at a level that exceeds most organizations' internal documentation. The more pressing risk, he suggests, is not that AI will act outside business intent, but that organizations will move too slowly to benefit. Waiting six months for a proof-of-concept report while spending a million dollars on human SOC operations is not due diligence -- it is opportunity cost. The conversation also touches on data privacy in AI-driven security, the role of federated learning and fully homomorphic encryption for compliance-sensitive environments, and what security leaders can do today to evaluate and accelerate their own adoption timeline. Stiennon will be at RSA Conference 2026 with his new book, Guardians of the Machine Age: Why AI Security Will Define Digital Defense, continuing to make the case for a field that is moving faster than most organizations are prepared to acknowledge. ⬥GUEST⬥ Richard Stiennon, Chief Research Analyst at IT-Harvest | Website: https://it-harvest.com/ On LinkedIn: https://www.linkedin.com/in/stiennon/ ⬥HOST⬥ Sean Martin, Co-Founder at ITSPmagazine, Studio C60, and Host of Redefining CyberSecurity Podcast & Music Evolves Podcast | Website: https://www.seanmartin.com/ ⬥RESOURCES⬥ IT-Harvest | https://it-harvest.com/ Richard Stiennon on LinkedIn | https://www.linkedin.com/in/stiennon/ Guardians of the Machine Age: Why AI Security Will Define Digital Defense (Richard Stiennon) | Available via IT-Harvest and major booksellers RSAC Conference 2026 Coverage on ITSPmagazine | https://www.itspmagazine.com/rsac-2026-conference-san-francisco-usa-cybersecurity-event-infosec-conference-coverage The Future of Cybersecurity Newsletter | https://www.linkedin.com/newsletters/7108625890296614912/ More Redefining CyberSecurity Podcast episodes | https://www.seanmartin.com/redefining-cybersecurity-podcast Redefining CyberSecurity Podcast on YouTube | https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYq ⬥ADDITIONAL INFORMATION⬥ On Podcast: https://www.seanmartin.com/redefining-cybersecurity-podcast On YouTube: https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYq Newsletter: https://itspm.ag/future-of-cybersecurity Contact Sean: https://www.seanmartin.com/ ⬥KEYWORDS⬥ richard stiennon, it-harvest, sean martin, soc automation, ai security, security operations center, threat detection, autonomous response, alert triage, security operations, cybersecurity vendors, ai agents, large language models, federated learning, siem, soar, redefining cybersecurity, cybersecurity podcast, redefining cybersecurity podcast Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Computer Science major and LA Tech feature twirler Tess Gardner has made a college career out of keeping busy. Between her academic and extracurricular commitments, she's discovered a passion for pushing herself and maximizing her potential. In this episode, she shares stories about finding her way to Tech and carving her own path to becoming a feature twirler despite her late start. She talks about working in the University's Security Operations Center, protecting its IT infrastructure from real-time threats. And she reflects on her personal growth and future career goals as she looks to finish her junior year strong. Website: 1894.latech.edu/beyond/ Email: 1894@latech.edu

⬥EPISODE NOTES⬥ The security operations center has always been a battleground of volume, velocity, and human endurance. Analysts have long faced the impossible math of too many alerts, too few hours, and too much at stake. For years, the industry promised automation would change that equation -- but the technology was never quite ready to deliver. That moment, according to Richard Stiennon, has now arrived. Stiennon, Chief Research Analyst at IT-Harvest, has spent two decades tracking every corner of the cybersecurity vendor landscape. His data now shows more than 61 net-new SOC automation vendors -- companies that did not exist a few years ago -- built from the ground up to replace the work of tier-one, tier-two, and tier-three analysts. Some of these vendors launched in January 2024 and reached $1 million in ARR by April. By the end of 2025, several were reporting $3 million ARR. These are not incremental improvements. They represent a structural shift in how security operations can be run. What makes this generation of SOC automation different from earlier SIEM and SOAR tooling is scope and autonomy. The value proposition is blunt: 100% alert triage, 24 hours a day, 7 days a week -- with automated case building, threat investigation, and response actions including machine isolation and reimaging. Stiennon points to a CISO he met, speaking under Chatham House rules, who disclosed that a large enterprise had already eliminated its entire human SOC team. He predicts that disclosure will go public before long. The conversation also explores the business context question that security leaders frequently wrestle with: are these AI-driven SOC tools operating with a narrow cyber mandate, potentially optimizing for security metrics at the expense of business continuity? Stiennon pushes back on that concern, arguing that large language models are already trained on the full breadth of human knowledge -- they understand business context at a level that exceeds most organizations' internal documentation. The more pressing risk, he suggests, is not that AI will act outside business intent, but that organizations will move too slowly to benefit. Waiting six months for a proof-of-concept report while spending a million dollars on human SOC operations is not due diligence -- it is opportunity cost. The conversation also touches on data privacy in AI-driven security, the role of federated learning and fully homomorphic encryption for compliance-sensitive environments, and what security leaders can do today to evaluate and accelerate their own adoption timeline. Stiennon will be at RSA Conference 2026 with his new book, Guardians of the Machine Age: Why AI Security Will Define Digital Defense, continuing to make the case for a field that is moving faster than most organizations are prepared to acknowledge. ⬥GUEST⬥ Richard Stiennon, Chief Research Analyst at IT-Harvest | Website: https://it-harvest.com/ On LinkedIn: https://www.linkedin.com/in/stiennon/ ⬥HOST⬥ Sean Martin, Co-Founder at ITSPmagazine, Studio C60, and Host of Redefining CyberSecurity Podcast & Music Evolves Podcast | Website: https://www.seanmartin.com/ ⬥RESOURCES⬥ IT-Harvest | https://it-harvest.com/ Richard Stiennon on LinkedIn | https://www.linkedin.com/in/stiennon/ Guardians of the Machine Age: Why AI Security Will Define Digital Defense (Richard Stiennon) | Available via IT-Harvest and major booksellers RSAC Conference 2026 Coverage on ITSPmagazine | https://www.itspmagazine.com/rsac-2026-conference-san-francisco-usa-cybersecurity-event-infosec-conference-coverage The Future of Cybersecurity Newsletter | https://www.linkedin.com/newsletters/7108625890296614912/ More Redefining CyberSecurity Podcast episodes | https://www.seanmartin.com/redefining-cybersecurity-podcast Redefining CyberSecurity Podcast on YouTube | https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYq ⬥ADDITIONAL INFORMATION⬥ On Podcast: https://www.seanmartin.com/redefining-cybersecurity-podcast On YouTube: https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYq Newsletter: https://itspm.ag/future-of-cybersecurity Contact Sean: https://www.seanmartin.com/ ⬥KEYWORDS⬥ richard stiennon, it-harvest, sean martin, soc automation, ai security, security operations center, threat detection, autonomous response, alert triage, security operations, cybersecurity vendors, ai agents, large language models, federated learning, siem, soar, redefining cybersecurity, cybersecurity podcast, redefining cybersecurity podcast Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Herzlich Willkommen zur 121. Folge vom IT IST ALLES. Podcast. Julius und Marcel sind endlich zurück aus ihrer Podcast Winterpause und freuen sich auf ein aufregendes Jahr sowie spannende Gäste in ihrer Runde. Den Auftakt machen die beiden in Folge #121 mit Nina Wagner, Mitgründerin von MindBytes und Co-Autorin des Buches “Penetrationstests erfolgreich umsetzen". Julius, Marcel und Nina sprechen über Pentests sowie Red Teaming und wann Unternehmen welches der beiden Instrumente nutzen sollten.

What happens when the security community stops debating whether AI belongs in the SOC and starts figuring out how to make it work? Monzy Merza, Co-Founder and CEO of Crogl, is helping answer that question, both through the autonomous AI SOC agent his company builds and through the inaugural AI SOC Summit, a community event designed to bring practitioners together for honest, no-nonsense conversation about what is real and what is hype in AI-driven security operations.Crogl builds what Merza describes as a "superhero suit" for SOC analysts. The platform investigates every alert in depth, working across multiple data lakes without requiring data normalization, and escalates only the issues that require human judgment. But the conversation here goes beyond any single product. Merza explains that the motivation for creating the AI SOC Summit came directly from community feedback. Security teams across enterprises are trying to determine what to buy, what to build, and how to govern AI in their environments, and they need a transparent, practical space to share those experiences.How are threat actors changing the game with agentic AI? Merza points to two critical shifts. First, adversaries are now conducting campaigns using agentic systems, which means defenders need to operate at the same speed. Second, the barrier to entry for sophisticated attacks has dropped significantly because agentic systems handle much of the technical detail, from crafting convincing phishing emails to automating post-exploitation activity. The implication is clear: security teams that do not adopt AI-driven capabilities risk falling behind attackers who already have.The AI SOC Summit, hosted March 3rd at the Hyatt Regency in Tysons, Virginia, is structured to serve the practitioners who are doing the daily work of security operations. The morning features keynotes from CISOs sharing what is working and what is not, along with perspectives on AI governance and privacy. The afternoon splits into two tracks: talk sessions from startups and established companies, and a five-and-a-half-hour hackathon where attendees get free access to frontier AI models and tools to experiment hands-on with real security data.Who should attend the AI SOC Summit? Merza identifies four key personas. SOC analysts at every tier who are buried in alert triage. Security engineers deploying AI-driven and traditional tools who want to see how other enterprises are rationalizing their investments. Incident responders and threat hunters who need to understand how to track agentic activity rather than just human activity. And builders, the security teams prototyping and testing AI capabilities in-house, who want to learn from what others have tried, what has failed, and what constraints can be overcome.What sets this event apart from the typical conference experience? The AI SOC Summit is intentionally vendor-agnostic. Sponsors range from reseller partners serving government organizations to household names like Splunk and Cribl, but the focus stays on community learning rather than product pitches. Many organizations still restrict employee access to frontier models and agentic systems, and the summit provides a space where attendees can kick the tires on these technologies without worrying about tooling costs or corporate restrictions. The goal is for every participant to leave with something practical they can take back and apply to their work immediately.This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlightGUESTMonzy Merza, Co-Founder and CEO, Crogl [@monzymerza on X]https://www.linkedin.com/in/monzymerzaRESOURCESCrogl: https://www.crogl.comAI SOC Summit: https://www.aisocsummit.com/Are you interested in telling your story?▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlightKEYWORDSMonzy Merza, Crogl, Sean Martin, brand story, brand marketing, marketing podcast, brand spotlight, AI SOC Summit, AI SOC agent, security operations center, agentic AI, autonomous security, threat detection, SOC analyst, incident response, threat hunting, security engineering, AI governance, cybersecurity community, hackathon, frontier AI models, agentic speed, security automation Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

What happens when the security community stops debating whether AI belongs in the SOC and starts figuring out how to make it work? Monzy Merza, Co-Founder and CEO of Crogl, is helping answer that question, both through the autonomous AI SOC agent his company builds and through the inaugural AI SOC Summit, a community event designed to bring practitioners together for honest, no-nonsense conversation about what is real and what is hype in AI-driven security operations.Crogl builds what Merza describes as a "superhero suit" for SOC analysts. The platform investigates every alert in depth, working across multiple data lakes without requiring data normalization, and escalates only the issues that require human judgment. But the conversation here goes beyond any single product. Merza explains that the motivation for creating the AI SOC Summit came directly from community feedback. Security teams across enterprises are trying to determine what to buy, what to build, and how to govern AI in their environments, and they need a transparent, practical space to share those experiences.How are threat actors changing the game with agentic AI? Merza points to two critical shifts. First, adversaries are now conducting campaigns using agentic systems, which means defenders need to operate at the same speed. Second, the barrier to entry for sophisticated attacks has dropped significantly because agentic systems handle much of the technical detail, from crafting convincing phishing emails to automating post-exploitation activity. The implication is clear: security teams that do not adopt AI-driven capabilities risk falling behind attackers who already have.The AI SOC Summit, hosted March 3rd at the Hyatt Regency in Tysons, Virginia, is structured to serve the practitioners who are doing the daily work of security operations. The morning features keynotes from CISOs sharing what is working and what is not, along with perspectives on AI governance and privacy. The afternoon splits into two tracks: talk sessions from startups and established companies, and a five-and-a-half-hour hackathon where attendees get free access to frontier AI models and tools to experiment hands-on with real security data.Who should attend the AI SOC Summit? Merza identifies four key personas. SOC analysts at every tier who are buried in alert triage. Security engineers deploying AI-driven and traditional tools who want to see how other enterprises are rationalizing their investments. Incident responders and threat hunters who need to understand how to track agentic activity rather than just human activity. And builders, the security teams prototyping and testing AI capabilities in-house, who want to learn from what others have tried, what has failed, and what constraints can be overcome.What sets this event apart from the typical conference experience? The AI SOC Summit is intentionally vendor-agnostic. Sponsors range from reseller partners serving government organizations to household names like Splunk and Cribl, but the focus stays on community learning rather than product pitches. Many organizations still restrict employee access to frontier models and agentic systems, and the summit provides a space where attendees can kick the tires on these technologies without worrying about tooling costs or corporate restrictions. The goal is for every participant to leave with something practical they can take back and apply to their work immediately.This is a Brand Spotlight. A Brand Spotlight is a ~15 minute conversation designed to explore the guest, their company, and what makes their approach unique. Learn more: https://www.studioc60.com/creation#spotlightGUESTMonzy Merza, Co-Founder and CEO, Crogl [@monzymerza on X]https://www.linkedin.com/in/monzymerzaRESOURCESCrogl: https://www.crogl.comAI SOC Summit: https://www.aisocsummit.com/Are you interested in telling your story?▶︎ Full Length Brand Story: https://www.studioc60.com/content-creation#full▶︎ Brand Spotlight Story: https://www.studioc60.com/content-creation#spotlight▶︎ Brand Highlight Story: https://www.studioc60.com/content-creation#highlightKEYWORDSMonzy Merza, Crogl, Sean Martin, brand story, brand marketing, marketing podcast, brand spotlight, AI SOC Summit, AI SOC agent, security operations center, agentic AI, autonomous security, threat detection, SOC analyst, incident response, threat hunting, security engineering, AI governance, cybersecurity community, hackathon, frontier AI models, agentic speed, security automation Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Moin aus Osnabrück! Bis Mitte Februar befinden sich Julius und Marcel in ihrer wohlverdienten Podcast Winterpause. Am 19. Februar erwacht der IT IST ALLES. Podcast dann aus dem Winterschlaf und unsere Hosts kredenzen Euch in gewohnter Manier alle zwei Wochen frischen Content rund um IT und Cyber Security. Um Euch das Warten bis dahin zu verkürzen, gibt es auch in diesem Jahr natürlich wieder drei 'Best of' Folgen auf die Ohren: Folgen, die uns 2025 ganz besonders im Kopf geblieben sind und die wir Euch daher ans Herz legen möchten. Unsere dritte und damit letzte 'Best of' Folge ist Folge #107. Mit dabei war Sebastian Chrobak und gemeinsam mit Julius sowie Marcel wurde die Frage beantwortet, wie es gelingt, ein Inhouse SOC aufzubauen. Wie das Team rund um Sebastian dabei vorging, wie das SOC heute aufgestellt ist und was die nächsten Schritte werden, erfährst Du in dieser Podcast Folge. Viel Spaß beim Reinhören.

Rob Hughes — CISO at RSA and Champion of a Passwordless FutureNo Password Required Season 7:  Episode 1 - Rob HughesRob Hughes, the CISO at RSA, has more than 25 years of experience leading security and cloud infrastructure teams. In this episode, he reflects on his unconventional career path, from co-founding the original Geek.com and serving as its Chief Technologist during the early days of the internet, to leading security and systems design at Philips Home Monitoring.Jack Clabby of Carlton Fields, P.A. and Kayley Melton welcome Rob for a wide-ranging conversation on identity, leadership, and the realities of modern cybersecurity. Rob currently leads RSA's Security and Risk Office, overseeing cybersecurity, information security governance, and risk across both RSA's products and corporate environment.Rob explains his dream for a passwordless future. He unpacks why passwords remain one of the largest sources of cyber risk, how real-world incidents and password-spraying attacks have accelerated change, and why phishing-resistant technologies like passkeys may finally be reaching a tipping point.  The episode wraps with the Lifestyle Polygraph, where Rob lightens the conversation with stories about gaming with his kids, underrated horror films, and classic cars.Follow Rob on LinkedIn: https://www.linkedin.com/in/robert-hughes-816067a4/Chapters: 00:00 Introduction to No Password Required01:43 Meet Rob Hughes, CISO at RSA02:05 The Role of a CISO in a Security Company05:09 Transitioning to the CISO Role08:00 The Early Days of Geek.com12:14 Launching a Startup During the Dot Com Boom14:30 The Push for a Passwordless Future18:21 Tipping Point for Passwordless Adoption20:20 Ongoing Learning in Cybersecurity26:09 Managing Stress in High-Pressure Environments33:46 The Lifestyle Polygraph Begins34:15 Career Insights in Cybersecurity36:08 Dream Cars and Personal Preferences39:58 Underrated Horror Films41:19 Creating a Cybersecurity Monster

In deze aflevering van Techzine Talks duiken we diep in de wereld van Managed Detection & Response (MDR). Erik de Jong (Chief Research Officer) en Eric van Gend (CEO) van Tesorion leggen uit hoe MDR is geëvolueerd, wat organisaties kunnen verwachten en waarom basishygiëne nog steeds cruciaal is.Je leert over de verschillen tussen preventie en detectie, hoe MDR-providers omgaan met visibility en coverage, en waarom transparantie over gemiste dreigingen belangrijk is. Ook komen praktische zaken aan bod zoals threat hunting, forensisch onderzoek en de integratie met verschillende security tools.Belangrijkste takeaways:• MDR combineert preventie (baseline checks) met detection en response• Flexibiliteit in technologie-stack biedt klanten meer keuzemogelijkheden• Transparantie over false positives en gemiste dreigingen is essentieel• Eigen engineering-capaciteit zorgt voor workarounds bij leveranciersproblemen• NIS2 wetgeving maakt MDR steeds belangrijker voor organisaties• Een goede MDR-provider helpt je beter worden, niet alleen alerts afhandelenChapters:0:00 - Introductie MDR en gasten van Tesorion3:18 - Wat is MDR en hoe is het geëvolueerd6:28 - Preventie versus detection en response11:25 - Technologie-stack en platformflexibiliteit18:38 - Transparantie en verschillen tussen MDR-providers28:13 - Basishygiëne en patching blijven essentieel38:16 - Visibility en coverage bij klanten43:24 - Risk scores en metrics voor klanten48:55 - Transparantie over gemiste dreigingenKeywords: MDR, Managed Detection and Response, cybersecurity, Tesorion, SOC, threat hunting, NIS2, security monitoring, incident response, visibility

On today's Heavy Networking: the Security Operations Center, or SOC. When I think of a SOC, I picture a miniature version of NASA's mission control: lots of computers, lots of people, some big boards with lines and arrows and telemetry scrolling across the screens. I also think of SOCs as requiring a lot of gear,... Read more »

On today's Heavy Networking: the Security Operations Center, or SOC. When I think of a SOC, I picture a miniature version of NASA's mission control: lots of computers, lots of people, some big boards with lines and arrows and telemetry scrolling across the screens. I also think of SOCs as requiring a lot of gear,... Read more »

On today's Heavy Networking: the Security Operations Center, or SOC. When I think of a SOC, I picture a miniature version of NASA's mission control: lots of computers, lots of people, some big boards with lines and arrows and telemetry scrolling across the screens. I also think of SOCs as requiring a lot of gear,... Read more »

Guest: Jon Oltsik, security researcher, ex-ESG analyst Topics: You invented the concept of SOAPA – Security Operations & Analytics Platform Architecture. As we look towards SOAPA 2025, how do you see the ongoing debate between consolidating security around a single platform versus a more disaggregated, best-of-breed approach playing out?  What are the key drivers for either strategy in today's complex environments? How can we have both “decoupling” and platformization going at the same time? With all the buzz around Generative AI and Agentic AI, how do you envision these technologies changing the future of the Security Operations Center (and SOAPA of course)?  Where do you see AI really work today in the SOC and what is the proof of that actually happening? What does a realistic "AI SOC" look like in the next few years, and what are the practical implications for security teams? “Integration” is always a hot topic in security - and it has been for decades. Within the context of SOAPA and the adoption of advanced analytics, where do you see the most critical integration challenges today – whether it's vendor-centric ecosystems, strategic partnerships, or the push for open standards? Resources: Jon Oltsik “The Cybersecurity Bridge” podcast (Anton on it) EP236 Accelerated SIEM Journey: A SOC Leader's Playbook for Modernization and AI EP242 The AI SOC: Is This The Automation We've Been Waiting For? EP202 Beyond Tiered SOCs: Detection as Code and the Rise of Response Engineering EP180 SOC Crossroads: Optimization vs Transformation - Two Paths for Security Operations Center EP170 Redefining Security Operations: Practical Applications of GenAI in the SOC EP73 Your SOC Is Dead? Evolve to Output-driven Detect and Respond! Daniel Suarez “Daemon” book and its sequel “Delta V”

Flughäfen sind nicht nur physisch hochgesichert – auch digital laufen im Hintergrund hochkomplexe Schutzsysteme. In dieser Folge von Basis 108 nimmt Tech-Journalistin Svea Eckert uns mit hinter die Kulissen des Flughafens Stuttgart. Ihr Gesprächspartner: Florian Frech, Abteilungsleiter IT-Strategie und Steuerung. Er erklärt, wie ein „digitales Nervensystem“ den Betrieb schützt, wie Cyberangriffe erkannt und abgewehrt werden, welche Rolle das Security Operations Center spielt – und wie sich der Flughafen auf Bedrohungen wie Ransomware oder DDoS vorbereitet. Außerdem geht es um das EU-Regelwerk NIS2, das Schwachstellenmanagement und den klimaneutralen Umbau des Flughafens. Florian Frech ermöglicht Einblicke in den Alltag eines „Chief Digital Bodyguards“ – und erklärt, warum Cybersicherheit Chefsache ist.

Join hosts Jeff Steadman and Jim McDonald as they explore the critical intersection of attack surface management (ASM) and digital identity with Dan Lauritzen, Director with RSM Defense - RSM's Managed Security Team. This episode dives deep into how identity has become a key component of your organization's attack surface and why breaking down silos between identity teams and Security Operations Centers is more crucial than ever.Dan brings a unique perspective from his military background as a human intelligence collector to his current role in detection and response. Learn about the cyber kill chain, understand when you might have too much data, and discover practical strategies for treating identities as assets that need continuous protection.Whether you're an identity practitioner looking to expand your security knowledge or a cybersecurity professional wanting to better understand identity's role in attack surface management, this conversation offers valuable insights and actionable takeaways.Key topics include XDR platforms, ITDR tools, the evolution from legacy SIEM to modern detection systems, and why the future of security requires collaboration between traditionally separate teams.Chapter Timestamps00:00 - Introduction and Industry Trends01:00 - AI and Technology Disruption Discussion02:00 - Upcoming Conference Schedule and Discount Codes04:00 - Podcast Milestone - Approaching One Million Downloads06:30 - Introducing Dan Lauritzen and RSM Defense Team09:00 - Dan's Background - From Military to Cybersecurity12:00 - What is Attack Surface Management?14:00 - Treating Identities as Assets16:00 - The Cyber Kill Chain Explained18:00 - Why Identity and SOC Teams Operate in Silos21:00 - The Role of Data in Modern Security Operations23:00 - Continuous Identity Management and Shared Signals Framework26:00 - Can You Have Too Much Data?29:00 - Breaking Down Silos Between Identity and SOC Teams32:00 - Practical Collaboration Strategies34:00 - SIEM vs XDR vs ITDR - Understanding the Tool Landscape41:00 - Pragmatic Security Strategies and Metrics44:00 - Biggest Misconceptions About Attack Surface Management45:00 - Military Background - Human Intelligence Collection48:00 - Communication Tips for Better Information Gathering51:00 - Closing and Contact InformationConnect with Dan: https://www.linkedin.com/in/daniel-lauritzen-67545045/Cyber Kill Chain: https://en.wikipedia.org/wiki/Cyber_kill_chainLearn more about RSM:RSM Defense Managed Security: https://rsmus.com/services/risk-fraud-cybersecurity/managed-security-services.htmlRSM Digital Identity: https://rsmus.com/services/risk-fraud-cybersecurity/cybersecurity-business-vulnerability/identity-and-access.htmlConnect with us on LinkedIn:Jim McDonald: https://www.linkedin.com/in/jimmcdonaldpmp/Jeff Steadman: https://www.linkedin.com/in/jeffsteadman/Visit the show on the web at http://idacpodcast.comKeywordsIDAC, Identity at the Center, Jeff Steadman, Jim McDonald, Dan Lauritzen, RSM, attack surface management, cybersecurity, digital identity, SOC, Security Operations Center, XDR, ITDR, SIEM, cyber kill chain, detection and response, identity security, human intelligence, military cybersecurity, continuous identity management, shared signals framework, UEBA, threat detection, zero trust, privileged access management, identity governance, security metrics, vendor management, cloud security, endpoint security, data correlation, security silos, collaboration strategies, identity assets, orphaned accounts, entitlement creep, attack surface reduction, security automation, AI in security, machine learning security, identity sprawl, security tools, cybersecurity consulting, managed security services, security monitoring, incident response, threat hunting, vulnerability management, risk assessment, compliance, security architecture, defense strategy

Kevin Nikkhoo joins the show to explore Security Operations Center as a Service (SOCaaS) and how it compares to traditional SOC models. He breaks down which organizations benefit most from this approach and how AI is reshaping modern SOC operations. Listeners will gain a clear understanding of how SOCaaS can enhance detection and response capabilities—and why embracing AI is key to the future of security operations. Segment Resources: https://www.xenexsoc.com/ https://www.xenexsoc.com/blog https://www.xenexsoc.com/ebooks This segment is sponsored by Tines. Tines' AI-enabled, secure workflow platform empowers your whole team regardless of their coding abilities, environment complexities, or tech stack. Learn more at https://cisostoriespodcast.com/tines Visit https://cisostoriespodcast.com for all the latest episodes! Show Notes: https://cisostoriespodcast.com/csp-215

Hello listeners! In the 126th episode of "Good Morning BSS World," we connect with Odessa, Ukraine, to explore the dynamic world of cybersecurity with Serhii Yevchuk, CEO of FS Group. This episode, recorded in partnership with the IT Ukraine Association, dives deep into the current state and evolution of Ukraine's IT sector, with a special focus on Odessa - a city recognized globally for both its business and tourism.Serhii shares the journey of FS Group, an IT company established in 2012, now boasting almost 15 years of experience and a strong presence in Ukraine, the US, EU, and Asia. Despite international expansion, 90% of FS Group's revenue still comes from Ukrainian clients. The company's unique approach relies on strategic partnerships abroad, rather than opening foreign offices, allowing them to deliver top-tier cybersecurity expertise globally.We discuss FS Group's core services, including digital forensics, incident response, security assessments, penetration testing, threat intelligence, and continuous monitoring through their Security Operations Center. Their subscription-based model, especially the IRT (Incident Response Team) service, is tailored for both local and international markets.Serhii highlights the increasing threat landscape, with Ukraine facing over 400 critical cyberattacks per month—most driven by social engineering and phishing. He emphasizes the necessity for robust cybersecurity across all industries, noting significant demand from banks, telecoms, retail, and the public sector.  Key points of the podcast:Ukrainian IT companies are expanding internationally, with a strong focus on entering new markets to drive growth.The cybersecurity sector is rapidly growing, with increasing demand for services like digital forensics, incident response, and threat intelligence.FS Group operates primarily on a subscription model, offering continuous cybersecurity support and monitoring to clients across various industries, including finance, telecom, and the public sector.Links:Serhii Yevchuk on Linkedin - https://www.linkedin.com/in/serhiiyevchuk/?utm_source=share&utm_campaign=share_via&utm_content=profile&utm_medium=ios_appFS Group web page - https://group-fs.com/FS Group on Linkedin - https://www.linkedin.com/company/fsgroupinfosec/IT Ukraine Association - https://itukraine.org.ua/en/home/Talk to AI about this episode - https://gmbw.onpodcastai.com/episodes/EwkRnNWCIyl/chat****************************  My name is Wiktor Doktór and on daily basis I run Pro Progressio Club https://klub.proprogressio.pl - it's a community of many private companies and public sector organizations that care about the development of business relations in the B2B model. In the Good Morning BSS World podcast, apart from solo episodes, I share interviews with experts and specialists from global BPO/GBS industry.If you want to learn more about me, please visit my social media channels:YouTube - https://www.youtube.com/c/wiktordoktorHere is also link to the English podcasts Playlist - https://bit.ly/GoodMorningBSSWorldPodcastYTLinkedIn - https://www.linkedin.com/in/wiktordoktorYou can also write to me. My email address is - kontakt(@) wiktordoktor.pl  ****************************  This Podcast is supported by Patrons:Marzena Sawicka https://www.linkedin.com/in/marzena-sawicka-a9644a23/Przemysław Sławiński https://www.linkedin.com/in/przemys%C5%82aw-s%C5%82awi%C5%84ski-155a4426/Damian Ruciński https://www.linkedin.com/in/damian-ruci%C5%84ski/Szymon Kryczka https://www.linkedin.com/in/szymonkryczka/Grzegorz Ludwin https://www.linkedin.com/in/gludwin/Adam Furmańczuk https://www.linkedin.com/in/adam-agilino/Anna Czyż - https://www.linkedin.com/in/anna-czyz-%F0%9F%94%B5%F0%9F%94%B4%F0%9F%9F%A2-68597813/Igor Tkach - https://www.linkedin.com/in/igortkach/  If you like my podcasts you can join Patrons of Good Morning BSS World as well. Here are two links to do so:Patronite - https://patronite.pl/wiktordoktor  Patreon - https://www.patreon.com/wiktordoktor Or if you liked this episode and would like to buy me virtual coffee, you can use this link https://www.buymeacoffee.com/wiktordoktor - by doing so you support the growth and distribution of this podcast.Become a supporter of this podcast: https://www.spreaker.com/podcast/good-morning-bss-world--4131868/support.

Welcome to

Amazon Web Services (AWS) has unveiled the independent European governance structure for the AWS European Sovereign Cloud, the creation of a dedicated Security Operations Center, and the establishment of a new parent company that will be led by European Union (EU) citizens and bound by local legal requirements. Kathrin Renz, who currently serves as vice president of AWS Industries, will serve as the company's first managing director. The AWS European Sovereign Cloud will be the only fully-featured, independently operated sovereign cloud, backed by strong technical controls, sovereign assurances, and legal protections. Customers and partners using the AWS European Sovereign Cloud will benefit from the full power of AWS including the same service portfolio, security, availability, performance, familiar architecture, APIs, and innovations such as the AWS Nitro System. Launching by the end of 2025, the AWS European Sovereign Cloud will combine operational autonomy with expansive AWS services to meet the stringent sovereignty needs of European governments and enterprises. European-based control, governance, and operations AWS will establish a new European organisation and operating model for the AWS European Sovereign Cloud, with a new parent company and three subsidiaries incorporated in Germany. The management team leading this new parent company will include the managing director and a government security and privacy official, who will all be EU citizens residing in the EU. AWS will establish an independent advisory board for the AWS European Sovereign Cloud, legally obligated to act in the best interest of the AWS European Sovereign Cloud. Reinforcing the sovereign control of the AWS European Sovereign Cloud, the advisory board will consist of four members, all EU citizens residing in the EU, including at least one independent board member who is not affiliated with Amazon. The advisory board will act as a source of expertise and provide accountability for AWS European Sovereign Cloud operations, including strong security and access controls and the ability to operate independently in the event of disruption. Building on deep experience running AWS services for the most sensitive workloads around the world, the AWS European Sovereign Cloud is designed with the unmatched operational resilience our customers expect from AWS. The design of the AWS European Sovereign Cloud enables it to continue operations indefinitely, even in the event of a connectivity interruption between the AWS European Sovereign Cloud and the rest of the world. European customers and governments benefit from the resilient AWS architecture that features multiple Availability Zones with independent power, networking, facilities, and security capabilities that make these critical operations possible. To support continuity even under extreme circumstances, authorized AWS employees of the AWS European Sovereign Cloud, who are EU residents, will have independent access to a replica of the source code needed to maintain the AWS European Sovereign Cloud services. Experienced European leadership Kathrin Renz, the first managing director of the AWS European Sovereign Cloud, is a German national who brings deep global and European expertise to the position with more than two decades of experience in the global technology sector, including key roles in European technology and large enterprises. Based in Germany and acting as the most senior leader of the AWS European Sovereign Cloud, Renz will be legally bound to act in the best interest of the AWS European Sovereign Cloud and will be responsible for overseeing decisions related to corporate governance, compliance, and security, while ensuring the AWS European Sovereign Cloud complies with all applicable laws and regulations in Germany and the EU. "We're taking a unique approach with AWS European Sovereign Cloud. Customers tell us they don't want to choose between feature-limited solutions or the full power of AWS, s...

Send us a textNestled along the scenic Southern Oregon coast, Southern Coos Hospital faces a unique set of challenges that many healthcare organizations never encounter. With just 25 beds serving a rural population of about 15,000, this critical access hospital demonstrates remarkable innovation in stretching limited resources while maintaining robust cybersecurity practices.Scott, the hospital's CIO who transitioned from fundraising and marketing into healthcare IT, shares the compelling story of how a ransomware attack just before COVID-19 transformed their approach to cybersecurity. This pivotal moment prompted Southern Coos to increase their cybersecurity budget from a mere 2% to over 12% of their IT spending - a decision that positioned them ahead of many similar-sized facilities in protecting patient data.The conversation delves into practical strategies that resource-constrained healthcare organizations can implement immediately: outsourcing Security Operations Center functions to specialized vendors, prioritizing security awareness training for staff, and making strategic investments in asset management tools. Scott's candid assessment of HIPAA's limitations ("a nice entry point to compliance but in no way updated for the current threat environment") demonstrates the gap between regulatory requirements and actual security needs that healthcare organizations must bridge themselves.Perhaps most transformative for this rural hospital was implementing Epic's electronic health record system, which revolutionized how they transfer patient records during emergencies. What once took 30+ minutes now happens "with the click of a button" - a game-cThis is Encrypted Ambition—a podcast about the builders rewriting the rules. Join Petronella Technology Group as we decode the ideas, challenges, and momentum behind tomorrow's business, technology, and leadership breakthroughs. That's a wrap on this episode of Encrypted Ambition. Subscribe wherever you listen, and if today's guest inspired you—leave us a review or share the show with someone in your circle.To learn more about how we support innovators with AI, cybersecurity, and compliance, head to PetronellaTech.com, YouTube and LinkedInSupport the showNO INVESTMENT ADVICE - The Content is for informational purposes only, you should not construe any such information or other material as legal, tax, investment, financial, or other advice. Nothing contained on our Site or podcast constitutes a solicitation, recommendation, endorsement, or offer by PTG.Support the ShowPlease visit https://compliancearmor.com and https://petronellatech.com for the latest in Cybersecurity and Training and be sure to like, subscribe and visit all of our properties at: YouTube PetronellaTech YouTube Craig Petronella Podcasts Compliance Armor Blockchain Security LinkedIn Call 877-468-2721 or visit https://petronellatech.com

In this episode of the Campus Technology Insider Podcast, Editor-in-Chief Rhea Kelly speaks with Jay James, senior cybersecurity operations lead at Auburn University, and Corey Lee, CTO for Security at Microsoft. They discuss the critical shortage of cybersecurity talent in higher education and explore how Auburn University's Security Operations Center (SOC) is utilizing student workers to bridge this gap. The conversation dives into the unique setup of their SOC, the impact of AI tools like Security Copilot, and the benefits of recruiting students from diverse academic backgrounds. Highlights include the operational and educational advantages of involving students in cybersecurity, and strategies for other institutions looking to implement similar programs. 00:00 Introduction and Guest Welcome 00:40 The Cybersecurity Talent Shortage in Higher Education 02:54 Auburn's Security Operations Center and Student Involvement 07:22 The Role of AI in Cybersecurity Training 19:53 Student Recruitment and Success Stories 30:28 Advice for Institutions Starting a Student SOC 34:14 Conclusion and Podcast Sign-off Resource links: Auburn University Microsoft Security Copilot Music: Mixkit Duration: 35 minutes Transcript (Coming Soon)

"We always listen. Everybody has a story to tell, and sometimes their story and our story align," says Rick Mancinelli, CEO of C3 Complete. In this episode of Technology Reseller News, Rick joins Doug Green to discuss C3's expansion into Pittsburgh, the upcoming launch of their Security Operations Center (SOC), and their ongoing M&A strategy. Strategic Expansion into Pittsburgh C3 Complete has expanded into Pittsburgh through a strategic partnership with IAM Critical, a data center operator. The move positions C3 to support biotech, robotics, AI, and other high-tech industries in the region, reinforcing Pittsburgh's emergence as a technology hub. Why Pittsburgh? “Pittsburgh is reinventing itself as a technology hotspot, and we're excited to be part of that growth.” C3's Role: Operating as the network services provider for IAM Critical's data center. Security Operations Center (SOC) Launching April 1 C3 Complete is set to launch a state-of-the-art SOC in South Florida, enhancing cybersecurity and incident response capabilities for their clients. 24/7 Staffing – All in-house, no outsourcing. Incident Response Room – Equipped with cots, showers, and food storage for staff handling prolonged security events. Customer Benefits – Faster threat response, enhanced security monitoring, and regulatory compliance support. M&A and Partnership Strategy C3 Complete remains open to acquisitions and strategic partnerships, focusing on MSPs, TSPs, and CSPs that align with their culture and customer-first approach. Not Private Equity-Driven – C3 seeks long-term value, not rapid consolidation. Recent Acquisition Success – Their latest acquisition in August 2023 has been fully integrated, bringing new talent and expanded services. Open to Conversations – “We always listen. If there's alignment, we're open to discussing partnerships or M&A.” Where to Learn More C3 Complete Website: www.c3-complete.com Connect with Rick Mancinelli on LinkedIn Meet C3 Complete at upcoming industry events! #CyberSecurity #DataCenters #CloudInfrastructure #BusinessExpansion #C3Complete #MSSP #NetworkServices #TechGrowth

Guest: Or Brokman, Strategic Google Cloud Engineer, Security and Compliance, Google Cloud Topics: Can you tell us about one particular cloud consulting engagement that really sticks out in your memory? Maybe a time when you lifted the hood, so to speak, and were absolutely floored by what you found – good or bad! In your experience, what's that one thing – that common mistake – that just keeps popping up? That thing that makes you say 'Oh no, not this again!' 'Tools over process' mistake is one of the 'oldies.' What do you still think drives people to it, and how to fix it? If you could give just one piece of cloud security advice to every company out there, regardless of their size or industry, what would it be?  Resources: Video (YouTube) “Threat Modeling: Designing for Security” by Adam Shostack EP16 Modern Data Security Approaches: Is Cloud More Secure? EP142 Cloud Security Podcast Ask Me Anything #AMA 2023 “For a successful cloud transformation, change your culture first” (OOT vs TOO blog) https://www.linkedin.com/in/stephrwong/  New Paper: “Autonomic Security Operations — 10X Transformation of the Security Operations Center” (2021)

Send us a textDebbie Reynolds “The Data Diva” talks to Matthew Rosenquist, Mercury Risk's Chief Information Security Officer (CISO), cybersecurity strategist, and LinkedIn Top Voice. With over 35 years of experience, Matthew shares his dynamic career journey, which started with internal investigations, building Intel's first Security Operations Center, and leading crisis response teams. His extensive background includes advising governments, businesses, and academia on emerging threats and cybersecurity best practices.Matthew highlights the critical evolution of cybersecurity from a “nice-to-have” to a mission-critical business necessity while discussing how rising consumer and regulatory expectations are reshaping the cybersecurity landscape. He explains the growing gap between mounting security demands and available resources, emphasizing that cybersecurity leaders must demonstrate value beyond risk prevention. Matthew advocates for evolving cybersecurity's role from compliance-focused operations to strategic business enablers that deliver competitive advantages and even revenue opportunities.The conversation explores the interconnectedness of privacy and cybersecurity, framing both as foundational to digital trust. Matthew emphasizes that privacy failures and cybersecurity breaches undermine trust with customers, regulators, and business partners, making collaboration between cybersecurity and privacy professionals essential. He also illuminates the importance of proactivity in cybersecurity, contrasting it with the reactive “firefighting” mindset often seen in organizations.Matthew goes into the threat of insider risks, distinguishing between malicious insiders and non-malicious actors who unintentionally create vulnerabilities. Drawing from his experience, he underscores the need for strong leadership, clear policies, and an organizational culture where employees feel empowered to report issues without fear. Looking to the future, he stresses the importance of having cybersecurity expertise on boards of directors, enabling organizations to navigate rising risks and better align cybersecurity initiatives with business objectives.As the discussion concludes, Matthew shares his wish for the cybersecurity industry: improved communication, collaboration, and leadership. He calls for greater strategic thinking, proactive risk management, and a collective effort to stay ahead of evolving threats in an increasingly complex digital world. He also highlights his hope for Cybersecurity and Data Privacy in the future.Support the show

Gościem dzisiejszego odcinka jest Paweł Babski, obecnie szef operacji SOC w Vattenfall IT Services Poland, części międzynarodowej grupy Vattenfall, czyli jednego z największych w Europie producentów i sprzedawców energii.Vattenfall IT Services Poland jest od 2011 roku odpowiedzialne za dostarczanie usług IT dla całej Grupy w zakresie m.in: e-Mobility, Asset Software Engineering, Security Operating Center, Monitoring Operating Center, Web Teams, SCADA Wind, Internet of Things, IT International Service Desk. Spółka zatrudnia ponad 430 osób i szuka kolejnych pracowników -- zajrzyj na stronę: https://www.vattenfall.com/pracaDziś rozmawiamy o tym:* Jak samodzielnie rozpocząć budowę SOC dla własnej firmy i jakie narzędzia mogą być przydatne?* Jak różni się praca w "małym" SOC-u od pracy w SOC dla międzynarodowej grupy z lokalizacjami w różnych krajach?* Na czym polega obsługa incydentu na pierwszej, drugiej i kolejnych liniach SOC?* Co zmieniło się po wybuchu wojny?* Ilu pracowników potrzeba, aby zapewnić obsługę przez całą dobę?

Podcast: Hack the Plant (LS 34 · TOP 3% what is this?)Episode: Securing Embedded SystemsPub date: 2024-09-25In this episode, Bryson sits down with MITRE EMB3D co-founder Niyo Little Thunder Pearson. For nearly 20 years, Niyo has been at the forefront of protecting critical infrastructure systems. He previously led incident response for American Express, directing the company's Security Operations Center during the LulzSec and Anonymous attacks, and worked to develop an adversarial cyber defense program for the nation's third largest gas utility at ONE Gas Oklahoma. Now, Niyo has co-founded MITRE EMB3D, a groundbreaking global threat network aimed at enhancing the security of embedded devices. What is MITRE EMB3D? Who is the intended audience? What problems is it trying to solve? “There is such a gap that exists today on what we understand and how risk averse these [embedded] devices are. They do well and they operate well. They're built for what they're doing in a safety context, but the security was never brought forward with it,” Niyo said. Join us for this and more on this episode of Hack the Plan[e]t. Hack the Plant is brought to you by ICS Village and the Institute for Security and Technology. The podcast and artwork embedded on this page are from Bryson Bort, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Guests: Mitchell Rudoll, Specialist Master, Deloitte Alex Glowacki, Senior Consultant, Deloitte Topics: The paper outlines two paths for SOCs: optimization or transformation. Can you elaborate on the key differences between these two approaches and the factors that should influence an organization's decision on which path to pursue?  The paper also mentions that alert overload is still a major challenge for SOCs. What are some of the practices that work in 2024 for reducing alert fatigue and improving the signal-to-noise ratio in security signals? You also discuss the importance of automation for SOCs. What are some of the key areas where automation can be most beneficial, and what are some of the challenges of implementing automation in SOCs? Automation is often easier said than done… What specific skills and knowledge will be most important for SOC analysts in the future that people didn't think of 5-10 years ago? Looking ahead, what are your predictions for the future of SOCs? What emerging technologies do you see having the biggest impact on how SOCs operate?  Resources: “Future of the SOC: Evolution or Optimization —Choose Your Path” paper and highlights blog “Meet the Ghost of SecOps Future” video based on the paper EP58 SOC is Not Dead: How to Grow and Develop Your SOC for Cloud and Beyond The original Autonomic Security Operations (ASO) paper (2021) “New Paper: “Future of the SOC: Forces shaping modern security operations” (Paper 1 of 4)” “New Paper: “Future of the SOC: SOC People — Skills, Not Tiers” (Paper 2 of 4)” “New Paper: “Future Of The SOC: Process Consistency and Creativity: a Delicate Balance” (Paper 3 of 4)”

Cybersecurity: Its Importance & the Impact of AI E51 This episode of AZ TechCast explores cybersecurity’s pivotal role and AI’s transformative impact, hosted by Steve Zylstra and Karen Nowicki. Guests Mark Dallmeier, JR Garcia, and Helen Patton emphasize proactive cybersecurity strategies and the dual nature of AI in enhancing threat detection while posing governance challenges. […]

Cybersecurity: Its Importance & the Impact of AI E51 This episode of AZ TechCast explores cybersecurity’s pivotal role and AI’s transformative impact, hosted by Steve Zylstra and Karen Nowicki. Guests Mark Dallmeier, JR Garcia, and Helen Patton emphasize proactive cybersecurity strategies and the dual nature of AI in enhancing threat detection while posing governance challenges. […] The post Cybersecurity: Its Importance & the Impact of AI E51 appeared first on Business RadioX ®.

On this week's episode of The Microsoft Threat Intelligence Podcast, Sherrod DeGrippo is joined by Emily Yale and Anna Bertiger. The discussion delves into Emily and Anna's daily activities within the security domain. Emily highlights her role in supporting Microsoft's internal Security Operations Center by building detections for potential threats. Anna emphasizes the practical application of research in solving security problems and focuses on anomaly detection in post-breach security. Emily and Anna provide insights into Microsoft's work culture, the intersection of technology and security, the importance of mathematical and data science skills in tech roles, and the practical applications of AI tools in professional and personal contexts.    In this episode you'll learn:       How data scientists support the internal SOC and enhance security  The importance of anomaly detection in post-breach security  Combining security with mathematical skills to create practical solutions     Some questions we ask:         What types of unusual patterns indicate malicious activity?   Is there difficulty in securing AI models compared to traditional code?   Should data science methods be used over complex models?    Resources:   View Emily Yale on LinkedIn   View Anna Bertiger on LinkedIn   View Sherrod DeGrippo on LinkedIn     Related Microsoft Podcasts:                    Afternoon Cyber Tea with Ann Johnson  The BlueHat Podcast  Uncovering Hidden Risks        Discover and follow other Microsoft podcasts at microsoft.com/podcasts     The Microsoft Threat Intelligence Podcast is produced by Microsoft and distributed as part of N2K media network.   

Guest: Christopher Salgado, CEO at All Points Investigations, LLCOn Linkedin | https://www.linkedin.com/in/christophersalgado/____________________________Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martinView This Show's Sponsors___________________________Episode NotesIn this episode of Redefining CyberSecurity Podcast, host Sean Martin converses with Christopher Salgado about the critical yet overlooked aspects of cyber investigations. Salgado's rich experiences, from being an insurance investigator in Chicago to working on Facebook's global investigations division and being a key player amidst the Cambridge Analytica crisis, lay the foundation for this engrossing dialogue.Salgado elaborates on the unique challenges posed by cyber investigations—being analytical, yet organic; thorough, yet flexible—straddling between rigidity of process and fluidity of response. Pragmatism and diligent investigation are pitched alongside the usefulness of AI tools, which, as per Salgado, can be both ally and adversary.Highlighting the importance of operating within established processes, Salgado presses on the need for standardization and streamlining, without compromising on the inherently organic nature of investigative work. He underscores how modifiable Standard Operating Procedures (SOPs) can uphold consistency and enable comprehensive learning, while staying legally sound and economically feasible.Salgado also draws attention to the flip-side of AI-tools—potential data-leaks and the threat of manipulated AI-platforms. Corporations employing AI must weigh their usage against the risks, envisaging issues of data-privacy, information-misuse, and disinformation before rolling out (or permitting vendors to use) AI-based systems.In a nutshell, this enlightening conversation delves into the complexities of cyber investigations, the indispensable role of AI, and the necessity of solid processes, making it a must-listen for cybersecurity enthusiasts and cyber sleuths alike.Top 3 Questions Addressed:What role do processes and standardization play in effective cyber investigations?How do AI tools aid in cyber investigations, and what are the potential risks?What potential risks does modern technology present, especially AI, in the context of cybersecurity?___________________________Watch this and other videos on ITSPmagazine's YouTube ChannelRedefining CyberSecurity Podcast with Sean Martin, CISSP playlist:

Secure Operations Centers (SOC's) were designed in the early 1970 with an attempt to thwart minor malicious codes. Well, things have changed slightly in the past 50 years! Today's SOC provides 24 hour a day, year-round protection for key government organizations. Somehow, this initial design has not kept up with the profusion of threat vectors and many need to be upgraded to manage today's threats. This is an interview with several leaders who have decades of experience in optimizing the performance of a SOC. We have experts from the Cybersecurity and Infrastructure Agency (CISA), a couple of major research laboratories, and a subject matter expert from Palo Alto Networks. During the interview they discussed topics like tool management, the importance of standards in automation, and some help that is offered by CISA. Humans tend to be attracted to bright, shiny things. Companies like to dangle innovation in front of commercial and federal leaders, and they tend to jump on them. Some studies show that many only use 20% of a tool's capability. Robert Roser suggests reviewing the capabilities of existing tools before adding tolls to mange threats. Several participants indicated that every incident may not be a threat; one should prioritize where to go next. That concept is nice in theory, but in practicality, it needs standards that lead to automation to allow the threats to be prioritized. A SOC can get hit with thousands of alerts a day, causing operators to misidentify threats due to alert fatigue. Michael Duffy from CISA understands and lists ways that CISA can assist. He refers to the Binding Operational Directive CISA  22-01 that is designed to cut down on alert fatigue. The threat to federal SOCs is real and the response can help everyone involved make federal systems more secure.  

Join TAPE3 for a tale where Mrs. Claus engages in an epic cyber showdown against the Grinch, as they duel with 'Grinch Bots' and 'Gift Ghost Bots' in a whimsical, festive cyber battle. Witness this unique old-school, stop-motion styled confrontation, where holiday spirit meets digital defense at the North Pole.________This fictional story represents the results of an interactive collaboration between Human Cognition and Artificial Intelligence.Enjoy, think, share with others, and subscribe to "The Future of Cybersecurity" newsletter on LinkedIn.Sincerely, Sean Martin and TAPE3________Sean Martin is the host of the Redefining CyberSecurity Podcast, part of the ITSPmagazine Podcast Network—which he co-founded with his good friend Marco Ciappelli—where you may just find some of these topics being discussed. Visit Sean on his personal website.TAPE3 is the Artificial Intelligence for ITSPmagazine, created to function as a guide, writing assistant, researcher, and brainstorming partner to those who adventure at and beyond the Intersection Of Technology, Cybersecurity, And Society. Visit TAPE3 on ITSPmagazine.

Yoav Nathaniel, CEO of Silk Security, joins us to discuss the transformative role of AI-driven solutions in cybersecurity risk management. Exploring how to leverage AI to enhance security operations and streamline risk assessment processes. Yoav offers unique insights into tackling the overwhelming challenge of managing security alerts. We delve into the importance of effective cybersecurity strategies in today's complex IT environments and the benefits of AI in making security operations more efficient and less overwhelming for teams.

In this episode of CISO Tradecraft, host G Mark Hardy talks to Kevin O'Connor, the Director of Threat Research at Adlumin. They discuss the importance of comprehensive cybersecurity for Small to Medium-sized Businesses (SMBs), including law firms and mid-sized banks. The conversation explores the complexities of managing security infrastructures, the role of managed security service providers, and the usefulness of managed detection and response systems. The discussion also delves into the increasing threat of ransomware and the critical importance of managing data vulnerabilities and providing security awareness training. Big Thanks to our Sponsor: Adlumin - https://adlumin.com/ Transcripts: https://docs.google.com/document/d/1V_qkMFdGC4NRLCG-80gcsiSA8ikT8SwP Youtube: https://youtu.be/diCZfWWB3z8   Chapters 00:12 Introduction and Sponsor Message 01:42 Guest Introduction: Kevin O'Connor 02:29 Discussion on Cybersecurity Roles and Challenges 03:20 The Importance of Defense in Cybersecurity 04:23 The Role of Managed Security Services for SMBs 07:26 The Cost and Staffing Challenges of In-House SOCs 14:41 The Value of Managed Security Services for Legal Firms 16:30 The Threat Landscape for Small and Mid-Sized Banks 18:19 The Difference Between Compliance and Security 20:08 Understanding the Reality of Cybersecurity 20:45 The Challenges of Building IT Infrastructure 21:08 Outsourcing vs In-house Security Management 21:55 The Importance of Understanding Your Data 22:43 Security Operations Center vs Security Operations Platform 24:21 The Role of Managed Detection and Response 24:54 The Importance of Quick Response in Security 28:07 The Threat of Ransomware and Data Breaches 34:31 The Role of Pen Testing in Cybersecurity 36:33 The Growing Threat of Ransomware 38:28 The Importance of Security Awareness Training 40:42 The Role of Incident Response and Forensics 42:11 Final Thoughts on Cybersecurity

In this episode of CISO Tradecraft, host G Mark Hardy talks to Kevin O'Connor, the Director of Threat Research at Adlumin. They discuss the importance of comprehensive cybersecurity for Small to Medium-sized Businesses (SMBs), including law firms and mid-sized banks. The conversation explores the complexities of managing security infrastructures, the role of managed security service providers, and the usefulness of managed detection and response systems. The discussion also delves into the increasing threat of ransomware and the critical importance of managing data vulnerabilities and providing security awareness training. Big Thanks to our Sponsor: Adlumin - https://adlumin.com/ Transcripts: https://docs.google.com/document/d/1V_qkMFdGC4NRLCG-80gcsiSA8ikT8SwP Youtube: https://youtu.be/diCZfWWB3z8 Chapters 00:12 Introduction and Sponsor Message 01:42 Guest Introduction: Kevin O'Connor 02:29 Discussion on Cybersecurity Roles and Challenges 03:20 The Importance of Defense in Cybersecurity 04:23 The Role of Managed Security Services for SMBs 07:26 The Cost and Staffing Challenges of In-House SOCs 14:41 The Value of Managed Security Services for Legal Firms 16:30 The Threat Landscape for Small and Mid-Sized Banks 18:19 The Difference Between Compliance and Security 20:08 Understanding the Reality of Cybersecurity 20:45 The Challenges of Building IT Infrastructure 21:08 Outsourcing vs In-house Security Management 21:55 The Importance of Understanding Your Data 22:43 Security Operations Center vs Security Operations Platform 24:21 The Role of Managed Detection and Response 24:54 The Importance of Quick Response in Security 28:07 The Threat of Ransomware and Data Breaches 34:31 The Role of Pen Testing in Cybersecurity 36:33 The Growing Threat of Ransomware 38:28 The Importance of Security Awareness Training 40:42 The Role of Incident Response and Forensics 42:11 Final Thoughts on Cybersecurity

Guest: Kayla Williams, CISO of Devo Inc. [@devo_Inc] and co-host of the Locked Down Podcast [@LockedDownKT]On Linkedin | https://www.linkedin.com/in/kaylamwilliams1/On Twitter | https://twitter.com/kayla_obviouslyOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/kayla-williams____________________________Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesIn this episode, hosts Marco and Sean are joined by Kayla Williams, CISO for Devo Technology, to discuss the upcoming SOC Analyst Appreciation Day. The conversation covers various sessions that will be part of the event, including topics such as mental health, a day in the life of a SOC analyst, and the impact of AI and automation. They emphasize the need for empathy and understanding when it comes to mental health, highlighting the importance of recognizing signs of distress and offering support. They also discuss the challenges faced by SOC analysts, such as burnout and the lack of recognition, and stress the need for better communication and collaboration within the industry.The CISO panel that will be part of the event, titled "CISOs in the Hot Seat," sparks curiosity about the discussion topics, with hopes that people management and understanding the mental health of teams will be addressed. The session on AI and automation raises questions about whether it will make the life of SOC analysts easier or increase the threat landscape. There is tons of excitement from Sean and Marco about hosting the "Day in the Life of a SOC Analyst" panel, where they aim to explore the daily struggles and experiences of analysts. They underscore the importance of appreciation and recognition within the industry, as indicated by statistics showing that many analysts are seeking a way out of their roles.____________________________Watch this and other videos on ITSPmagazine's YouTube ChannelRedefining CyberSecurity Podcast with Sean Martin, CISSP playlist:

A centralized facility or team responsible for monitoring, detecting, analyzing, and responding to cybersecurity incidents within an organization. CyberWire Glossary link: https://thecyberwire.com/glossary/security-operations-center Audio reference link: AT&T Tech Channel, 2012. A tour of AT&T's Network Operations Center (1979) [Video]. YouTube. URL www.youtube.com/watch?v=cigc3hvMyWw.