Podcasts about securityscorecard

All images and links can be found on CISO Series. This week's episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), partner, YL Ventures. Joining us is Alexandra Landegger, global head of cyber strategy & transformation, RTX. In this episode: A cybersecurity fast-track? When Ambition Becomes a Liability Giving the CVE Program the Credit It Deserves Elevating human cyber talent with AI Huge thanks to our sponsors, Nudge Security, SecurityScorecard, and Vanta Take control of SaaS security and AI governance with Nudge Security. Start a free trial today and get a full inventory of all SaaS and GenAI accounts in minutes along with risk insights and automation to help you quickly improve your security posture. Get started here: nudgesecurity.com/cisoseries   Third-party risk doesn't stop at monitoring. SecurityScorecard delivers real-time detection and response across your supply chain—helping you fix vulnerabilities before they become breaches. Empower your team with expert-driven remediation, continuous vendor oversight, and board-ready insights that drive results.   Automate, centralize, & scale your GRC program with Vanta Vanta's Trust Management Platform automates key areas of your GRC program—including compliance, internal and third-party risk, and customer trust—and streamlines the way you gather and manage information. And the impact is real: A recent IDC analysis found that compliance teams using Vanta are 129% more productive. Get started at Vanta.com/ciso.

In the leadership and communications section, The C-suite gap that's putting your company at risk, CISOs band together to urge world governments to harmonize cyber rules, Cybersecurity is Not Working: Time to Try Something Else, and more! Organizations are increasingly threatened by cyberattacks originating from their suppliers. Existing tools (like EDR, MDR, and XDR) effectively handle threats within an organization, but leave a gap regarding third-party risk. SecurityScorecard created the Supply Chain Detection and Response category to empower organizations to shift from being reactive and uncertain to confidently and proactively protecting their entire supply chain. What is Supply Chain Detection and Response (SCDR)?: https://securityscorecard.com/blog/what-is-supply-chain-detection-and-response/ Learn more about continuous supply chain cyber risk detection and response: https://securityscorecard.com/why-securityscorecard/supply-chain-detection-response/ Claim Your Free SCDR Assessment: https://securityscorecard.com/get-started-scdr/#form This segment is sponsored by Security Scorecard. Visit https://securityweekly.com/securityscorecardrsac for more information on how SecurityScorecard MAX and Supply Chain Detection and Response can help your organization identify and resolve supply chain risks. In this interview, Axonius CISO Lenny Zeltser shares the vision behind Axonius Exposures, the company's latest innovation in unified risk management. Launched ahead of RSA Conference 2025, Exposures tackles one of the most persistent challenges in cybersecurity today: making sense of fragmented risk signals to drive confident, actionable decision-making. Lenny will discuss how Exposures unifies security findings, asset intelligence, and business context in a single platform — giving security teams the clarity and automation they need to prioritize what truly matters. He'll also explore what this launch means for Axonius' mission, the evolution of cyber asset management, and how organizations can move from reactive security postures to proactive, risk-based strategies. Want to see how Axonius Exposures gives you the clarity to take action on your most critical risks? Visit https://securityweekly.com/axoniusrsac to learn more and schedule a personalized demo. Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-394

In the leadership and communications section, The C-suite gap that's putting your company at risk, CISOs band together to urge world governments to harmonize cyber rules, Cybersecurity is Not Working: Time to Try Something Else, and more! Organizations are increasingly threatened by cyberattacks originating from their suppliers. Existing tools (like EDR, MDR, and XDR) effectively handle threats within an organization, but leave a gap regarding third-party risk. SecurityScorecard created the Supply Chain Detection and Response category to empower organizations to shift from being reactive and uncertain to confidently and proactively protecting their entire supply chain. What is Supply Chain Detection and Response (SCDR)?: https://securityscorecard.com/blog/what-is-supply-chain-detection-and-response/ Learn more about continuous supply chain cyber risk detection and response: https://securityscorecard.com/why-securityscorecard/supply-chain-detection-response/ Claim Your Free SCDR Assessment: https://securityscorecard.com/get-started-scdr/#form This segment is sponsored by Security Scorecard. Visit https://securityweekly.com/securityscorecardrsac for more information on how SecurityScorecard MAX and Supply Chain Detection and Response can help your organization identify and resolve supply chain risks. In this interview, Axonius CISO Lenny Zeltser shares the vision behind Axonius Exposures, the company's latest innovation in unified risk management. Launched ahead of RSA Conference 2025, Exposures tackles one of the most persistent challenges in cybersecurity today: making sense of fragmented risk signals to drive confident, actionable decision-making. Lenny will discuss how Exposures unifies security findings, asset intelligence, and business context in a single platform — giving security teams the clarity and automation they need to prioritize what truly matters. He'll also explore what this launch means for Axonius' mission, the evolution of cyber asset management, and how organizations can move from reactive security postures to proactive, risk-based strategies. Want to see how Axonius Exposures gives you the clarity to take action on your most critical risks? Visit https://securityweekly.com/axoniusrsac to learn more and schedule a personalized demo. Visit https://www.securityweekly.com/bsw for all the latest episodes! Show Notes: https://securityweekly.com/bsw-394

In the leadership and communications section, The C-suite gap that's putting your company at risk, CISOs band together to urge world governments to harmonize cyber rules, Cybersecurity is Not Working: Time to Try Something Else, and more! Organizations are increasingly threatened by cyberattacks originating from their suppliers. Existing tools (like EDR, MDR, and XDR) effectively handle threats within an organization, but leave a gap regarding third-party risk. SecurityScorecard created the Supply Chain Detection and Response category to empower organizations to shift from being reactive and uncertain to confidently and proactively protecting their entire supply chain. What is Supply Chain Detection and Response (SCDR)?: https://securityscorecard.com/blog/what-is-supply-chain-detection-and-response/ Learn more about continuous supply chain cyber risk detection and response: https://securityscorecard.com/why-securityscorecard/supply-chain-detection-response/ Claim Your Free SCDR Assessment: https://securityscorecard.com/get-started-scdr/#form This segment is sponsored by Security Scorecard. Visit https://securityweekly.com/securityscorecardrsac for more information on how SecurityScorecard MAX and Supply Chain Detection and Response can help your organization identify and resolve supply chain risks. In this interview, Axonius CISO Lenny Zeltser shares the vision behind Axonius Exposures, the company's latest innovation in unified risk management. Launched ahead of RSA Conference 2025, Exposures tackles one of the most persistent challenges in cybersecurity today: making sense of fragmented risk signals to drive confident, actionable decision-making. Lenny will discuss how Exposures unifies security findings, asset intelligence, and business context in a single platform — giving security teams the clarity and automation they need to prioritize what truly matters. He'll also explore what this launch means for Axonius' mission, the evolution of cyber asset management, and how organizations can move from reactive security postures to proactive, risk-based strategies. Want to see how Axonius Exposures gives you the clarity to take action on your most critical risks? Visit https://securityweekly.com/axoniusrsac to learn more and schedule a personalized demo. Show Notes: https://securityweekly.com/bsw-394

Scammers are getting smarter, understanding the psychology behind social engineering and the challenges companies face every day can help keep networks secure. This episode will show how to anticipate these threats and secure networks against ever-changing vulnerabilities. We'll focus on practical, real-world solutions to protect data and trust. Dr. Jared Smith joins us to share his insights from his role leading research and development at SecurityScorecard. He also co-founded UnCat, a B2B accounting technology company serving thousands of customers and teaches as an adjunct professor at the University of Tennessee, Knoxville and NYU. His experience shows why social engineering is so effective and how companies can adapt to a world where attackers are always refining their techniques. This episode shows how even small oversights or minor issues can lead to big breaches. Dr. Smith shares concrete steps to strengthen defenses, and why we need both technical solutions and employee awareness. By looking at the psychology behind the attacks, he'll show that staying one step ahead depends on using smart security tools and a culture that recognizes vigilance at every level. Show Notes: [01:19] Jared is a distinguished thought researcher at SecurityScorecard. He's built systems and helps vendors monitor and secure their networks. He also has a PHD in computer science. He focuses on Border Gateway Protocol or BGP.  [02:16] He was also a high clearance government national security researcher. [03:02] Jared shares a story about how sophisticated phishing scams are becoming. [08:43] How large language models are making more sophisticated social engineering possible. [10:26] The importance of thinking about cybersecurity needed in the next 10 years. [11:02] BGP is like the plumbing of the internet. BGP poisoning breaks the typical internet traffic route. It's very nuanced traffic engineering that uses the Border Gateway Protocol. [13:34] BGP is also useful when you have multiple internet connections and one goes down. [14:20] The most sophisticated DDoS works are called link flooding attacks, where they identify links that have a certain amount of bandwidth, and they flood that specific border gateway protocol link, effectively segmenting the internet in those places. [15:39] Managing DDOS attacks and where the traffic comes from. [16:02] Being aware of botnets, because they are what's rented out or being used for these attacks. [17:32] Lizard Squad launched DDoS as a service.  [21:00] Attackers try to get the actual IP addresses from behind a CDN. [23:41] How AWS has the ability to manage large amounts of traffic. [25:24] There are some DDoS that just require sending enough traffic to fill up the buffers on the other side of the application. [28:15] The size of a botnet for DDoS to take down a big network like X. We explore potential paths for these attacks. [32:21] We talk about the uptick on attacks during tax season. A large accounting firm with a lot of clients could be spoofed. [36:50] The predominant attacks are coming from organized cybercrime groups and ransomware groups. [45:40] The vast majority of large networks taken out are usually a result of user error. Thanks for joining us on Easy Prey. Be sure to subscribe to our podcast on iTunes and leave a nice review.  Links and Resources: Podcast Web Page Facebook Page whatismyipaddress.com Easy Prey on Instagram Easy Prey on Twitter Easy Prey on LinkedIn Easy Prey on YouTube Easy Prey on Pinterest Jared M. Smith Dr. Jared Smith - SecurityScorecard Dr. Jared Smith - LinkedIn Uncat Evasive AI Jared Smith - X

Rinki Sethi is the VP & CISO at BILL. In this episode, she joins host Scott Schober to discuss the topic of CISOs and cyber risk, including how the core responsibilities of a CISO have shifted over the years, what security leaders should be doing to build resilience against the many growing risks, and more. SecurityScorecard is the leading security rating company, used by more than 2,500 top companies. To learn more about our sponsor, visit https://securityscorecard.com

Andrew Correll, senior Director of cyber insurability at SecurityScorecard, discusses key findings from a recent report on cybersecurity vulnerabilities in the insurance industry's supply chain, highlighting the alarming rate of third-party breaches and the urgent need for stronger risk management

　いったいどういう理由で SecurityScorecard は「ワイは ASM や」と名乗りをあげないんですか、その方が絶対売れるでしょうに、と以前から疑問に思っていた質問を記者が投げかけると、藤本は SecurityScorecard と ASM の共通点と違いについて簡潔に説明してくれた。

Tenable acquiring Israel's Vulcan Cyber in $150 million deal Tenable, a Nasdaq-listed cybersecurity company valued at $5.3 billion, is acquiring Israeli cybersecurity firm Vulcan Cyber for approximately $150 million, with the deal expected to close in Q1 of this year. The acquisition aims to enhance Tenable's security exposure management platform by integrating Vulcan Cyber's capabilities, unifying security visibility and risk mitigation. Vulcan Cyber was founded in 2018 and has raised $55 million and employs 100 people, though it is unclear how many will remain post-acquisition. (CalCalistech) Chinese and Iranian Hackers Are Using U.S. AI Products to Bolster Cyberattacks Hackers linked to China, Iran, Russia, and North Korea are using AI, including Google's Gemini chatbot, to enhance cyberattacks, according to U.S. officials and Google security research. These groups utilize AI for tasks like writing malicious code, identifying vulnerabilities, and researching targets rather than developing advanced hacking techniques. Meanwhile, China's DeepSeek AI has raised global concerns about Beijing's progress in the AI arms race, adding uncertainty to the technology's impact on security and warfare. (Wall Street Journal)   U.S. Navy bans use of DeepSeek due to ‘security and ethical concerns' The U.S. Navy has warned its members to avoid using China's DeepSeek AI due to security and ethical concerns, instructing them not to use it for work or personal tasks. DeepSeek's newly released AI model, R1, has drawn global attention for its capabilities, sparking concerns over China's AI advancements and impacting tech markets, with AI chipmakers like Nvidia and Broadcom losing $800 billion in market value. The warning comes amid growing U.S.-China AI competition, with figures like Trump and industry leaders emphasizing the urgency of maintaining American leadership in AI. (CNBC) South Africa's government-run weather service knocked offline by cyberattack A cyberattack has taken the South African Weather Service (SAWS) offline, disrupting critical services for aviation, marine, and agriculture, while forcing SAWS to share weather updates via social media. The breach, the second attempted attack in two days, has also impacted regional allies like Mozambique and Zambia, with efforts underway to restore systems. While no ransomware group has claimed responsibility, South Africa has faced a wave of cyberattacks in recent years, targeting public institutions, including its defense department, pension organization, and national lab service. (The Record) FBI seizes major cybercrime forums in coordinated domain takedown The FBI and international law enforcement have seized multiple cybercrime-linked platforms, including Cracked[.]io, Nulled[.]to, SellIX, and StarkRDP, in a major crackdown on digital marketplaces for stolen credentials and hacking tools. These sites have been criticized for enabling password theft, software piracy, and credential-stuffing attacks, but now redirect to FBI-controlled servers, effectively shutting them down. The operation, involving agencies from Australia, France, Germany, and others, marks another step in global efforts to dismantle cybercriminal networks.   (CyberScoop) North Koreans clone open source projects to plant backdoors, steal credentials North Korea's Lazarus Group carried out a large-scale supply chain attack, dubbed Phantom Circuit, compromising hundreds of victims by embedding backdoors in cloned open-source software, according to SecurityScorecard's latest report. The campaign began in late 2024 and targeted cryptocurrency developers and tech professionals by distributing malware-laced repositories on platforms like GitLab. Stolen data included credentials, authentication tokens, and system information, with the attackers using obfuscation techniques and VPNs.  (The Register)   Oasis Security Research Team Discovers Microsoft Azure MFA Bypass Oasis Security discovered a critical vulnerability in Microsoft's Multi-Factor Authentication (MFA), allowing attackers to bypass it and gain unauthorized access to Office 365 accounts, including Outlook, OneDrive, and Azure. The flaw exploited session creation and TOTP code tolerance, enabling attackers to brute-force MFA codes undetected within 70 minutes. Oasis reported the issue to Microsoft, which implemented a stricter rate limit, permanently fixing the vulnerability by October 2024. The research highlights the importance of strong MFA implementations and improved alerting mechanisms for failed second-factor attempts. (Cloud Security Alliance) SLAP and FLOP security flaws affect all current Apple devices, and many older ones Security researchers from The Georgia Institute of Technology have discovered two vulnerabilities, SLAP and FLOP, affecting all iPhones, iPads, and Macs with A15 and M2 chips or later. These flaws exploit speculative execution to access data from open web tabs, with SLAP affecting Safari and FLOP impacting both Safari and Chrome. While there's no evidence of exploitation in the wild, Apple has been working on fixes since mid-2024, stating there is no immediate risk to users. Until a patch is released, the best precaution is to be cautious of the websites you visit. (9to5Mac)   Security faces many problems. Asset inventory, patching automation, config management, and device administration are all perennial challenges. But how many of them are related to security specifically? That what we dig into on our latest episode of Defense in Depth. Look for “The Hardest Problems in Security Aren't “Security Problems”” wherever you get your podcasts. Huge thanks to our sponsor, Conveyor Ever wish you had a teammate that could handle the most annoying parts of customer security reviews? You know, chasing down SMEs for answers, updating systems, coordinating across teams—all the grunt work nobody wants to do. Plus, having to finish the dang questionnaire itself. Well. That teammate exists—Conveyor just launched Sue, the first AI Agent for Customer Trust. Sue really is the dream teammate. She never misses a deadline, answers every customer request from sales, completes every questionnaire and knocks out all the coordination in-between.  Sue handles it all so you don't have to. Learn more at www.conveyor.com.

Anton Chuvakin, Senior Security Staff at Office of the CISO at Google, joins host David Braue on this episode to discuss generative AI's impact on security, including how it affects those in the CISO role, its impact on the way Google thinks about the security of its customer data and interactions, and more. SecurityScorecard is the leading security rating company, used by more than 2,500 top companies. To learn more about our sponsor, visit https://securityscorecard.com

Kirsten Davies is the founder and CEO of the Institute for Cyber Civics and the former CISO of many well-known organizations, including Unilever and The Estée Lauder Companies Inc. In this episode, she joins host Charlie Osborne to discuss responsibilities of the CISO and how technology's evolution is impacting the role. SecurityScorecard is the leading security rating company, used by more than 2,500 top companies. To learn more about our sponsor, visit https://securityscorecard.com

　SecurityScorecard株式会社は12月17日、「サイバーセキュリティ侵害に関するレポート2024」を発表した。

Tim Brown is the CISO at Solarwinds. In this episode, he joins host David Braue to discuss how the role of the CISO is evolving, including the importance of global cyber regulations, the 2020 Solarwinds breach, how that experience impacted his role, and more. SecurityScorecard is the leading security rating company, used by more than 2,500 top companies. To learn more about our sponsor, visit https://securityscorecard.com

Adeel Saeed was a CISO in his last 2 roles and is now the CTO at Kyndryl. In this episode, he joins host Paul John Spaulding to discuss the relationship between CISOs and the board of directors at various organizations, including how important it is for CISOs to have face time with board members, how risk can be communicated, and more. SecurityScorecard is the leading security rating company, used by more than 2,500 top companies. To learn more about our sponsor, visit https://securityscorecard.com

　SecurityScorecard株式会社は9月2日、SecurityScorecardとCyentia Instituteの最新調査「Global 2000_ 業界の巨人がサプライチェーンのサイバーリスクという脅威と闘う（英語版）」を発表した。

Adam Keown is the CISO at Eastman. In this episode, he joins host Heather Engel to discuss the state of software supply chain security, including how recent attacks – including those on ChangeHealthcare and Snowflake – play a role, and more. SecurityScorecard is the leading security rating company, used by more than 2,500 top companies. To learn more about our sponsor, visit https://securityscorecard.com

Cassie Crossley, author of the book “Software Supply Chain Security: Securing the End-to-end Supply Chain for Software, Firmware, and Hardware,” is the VP, Supply Chain Security, Cybersecurity & Product Security Office at Schneider Electric. In this episode, she joins host Scott Schober to discuss software supply chain attacks. SecurityScorecard is the leading security rating company, used by more than 2,500 top companies. To learn more about our sponsor, visit https://securityscorecard.com

In this episode, host Sylvie Legere and guest Jennifer-Ruth Green dive deep into the art of effective leadership and team management. Sylvie and Jennifer explore the crucial strategies for developing organizational values, clear communication, and empowering individuals to thrive within their roles. They also unravel the importance of recognizing individual preferences, instilling leadership values from a young age, and balancing affirmation with direction and correction in guiding future leaders.  Jennifer, a military veteran and author, shares practical insights from her extensive experience, emphasizing the profound impact leaders have on their teams' well-being. From discussing her book "People Don't Quit Their Jobs. They Quit Their Bosses" to touching on her company, Battle Proven Leadership, Jennifer reveals the key characteristics of respected leaders and the foundational principles every leader should embody.  This episode promises actionable advice for both new and experienced leaders and is a must-listen for anyone dedicated to improving their organizational impact.       Guest bio Jennifer-Ruth Green served in the U.S. Air Force and the California Air National Guard, and serves in the Indiana Air National Guard. Green earned a B.S. in foreign area studies (Asia) from the United States Air Force Academy in 2005, a master's degree in ministry from Golden State Baptist College in 2013, and a B.S. in aeronautics/aviation/aerospace science and technology from Liberty University in 2021. Her career experience includes working as the chief information officer with the Indiana Air National Guard, an AFVentures fellow with SecurityScorecard, and the director of the Student Employment Resource Center of Hyles-Anderson College. Green founded and serves as the director of MissionAero Pipeline.    Amazon: People Don't Quit Their Jobs, They Quit Their Bosses  Visit the Battle-Proven Leadership website

Steve Cobb is the CISO at SecurityScorecard. In this episode, he joins host Paul John Spaulding to discuss cybersecurity metrics and KPIs, as well as how companies can determine security posture and reduce risk, and more. SecurityScorecard is the leading security rating company, used by more than 2,500 top companies. To learn more about our sponsor, visit https://securityscorecard.com

Joe Sullivan is the former CISO at Uber and an advisor to SecurityScorecard. In this episode, he joins host Paul John Spaulding to discuss cybersecurity metrics and KPIs, as well as how companies can determine security posture and reduce risk, and more. SecurityScorecard is the leading security rating company, used by more than 2,500 top companies. To learn more about our sponsor, visit https://securityscorecard.com

Partho Ghosh is a customer-centered, data-informed product executive and GM who specializes in B2B SaaS, MarTech, product-led growth, and creating measurable product processes that lead to efficient growth and market fit. He is the VP and Product & General Manager at SecurityScoreCard, the global leader in cybersecurity ratings, response, and resilience. He also serves as an advisor for OpenView, through which he advises on product-led growth. Before working at SecurityScoreCard, Partho served as a general manager for Hootsuite. Partho holds a Bachelor's of Business Administration, Business Management from British Columbia Institute of Technology. Partho joins me today to explore the “feature factory” trap and how having a clear product management lifecycle can help avoid it. He emphasizes the importance of future thinking in product management decisions, even when dealing with short-term revenue goals. He outlines his philosophy on product management and the “Build, Measure, Learn” principle. Partho also highlights the value of having a data-informed mindset and offers advice to product managers seeking leadership support.   “I've always used ‘feature factory' in a negative connotation, but that might be unfair if you're a scaling start-up. Founders need revenue growth, profitability, and to make ends meet.” - Partho Ghosh This week on Innovation Talks: ●     Partho's background as a business analyst, his transition into product management, and diving into B2B SaaS ●     The challenges of testing and validating the effectiveness of a free-to-sales motion in the self-serve space ●     The importance of future-thinking in product management decisions ●     Navigating organizational changes and cultural shifts ●     Careers as marathons and the evolving nature of the professional journey ●     The need for continuous learning in product management ●     Embracing generative AI and how customer expectations around AI have changed ●     The transformative nature of technological advancements ●     Partho's product development process and lifecycle ●     The “Build, Measure, and Learn” philosophy ●     The value of rooting decisions in data and why companies need to invest in analytics capabilities ●     Experimentation beyond split testing ●     Overcoming challenges in measurement and learning ●     Allocating resources to data analysis and promoting a data-informed mindset ●     The crucial role and challenges of collaboration within a product team Resources Mentioned: ●     Miro (https://miro.com/) ●     Figma (https://www.figma.com/downloads/) ●     Book: Testing Business Ideas: A Field Guide for Rapid Experimentation (The Strategyzer Series) (https://www.amazon.com/Rapid-Testing-Business-Ideas-Customer/dp/1119551447/ref=sr_1_2?crid=32ZCY4ZR9BKM4&keywords=Testing+Business+Ideas&qid=1700008593&sprefix=testing+business+ideas%2Caps%2C261&sr=8-2) by David J. Bland and Alexander Osterwalder Connect with Partho Ghosh: ●     SecurityScorecard (https://securityscorecard.com/) ●     SecurityScorecard on LinkedIn (https://www.linkedin.com/company/security-scorecard/) ●     SecurityScorecard on Instagram (https://www.instagram.com/securityscorecard) ●     SecurityScorecard on Facebook (https://www.facebook.com/SecScorecard/) ●     SecurityScorecard on Twitter (https://twitter.com/security_score) ●     Partho Ghosh on LinkedIn (https://www.linkedin.com/in/productpartho/) This Podcast is brought to you by Sopheon   Thanks for tuning into this week's episode of Innovation Talks. If you enjoyed this episode, please subscribe and leave a review wherever you get your podcasts.   Apple Podcasts (https://podcasts.apple.com/us/podcast/innovation-talks/id1555857396) | TuneIn (https://tunein.com/podcasts/Technology-Podcasts/Innovation-Talks-p1412337/) | GooglePlay (https://www.google.com/podcasts?feed=aHR0cHM6Ly9mZWVkcy5ibHVicnJ5LmNvbS9mZWVkcy8xNDY1ODg1LnhtbA) | Stitcher (https://www.stitcher.com/s?fid=614195) | Spotify (https://open.spotify.com/show/1dX5b8tWI29YbgeMwZF5Uh) | iHeart (https://www.iheart.com/podcast/263-innovation-talks-82985745/) | Amazon (https://music.amazon.com/podcasts/6e12f112-fdc6-499e-be27-bcdd18505859/innovation-talks)   Be sure to connect with us on Facebook (https://www.facebook.com/SopheonCorp/) , Twitter (https://twitter.com/sopheon) , and LinkedIn (https://www.linkedin.com/company/sopheon/) , and share your favorite episodes on social media to help us reach more listeners, like you.   For additional information around new product development or corporate innovation, sign up for Sopheon's newsletter where we share news and industry best practices monthly! The fastest way to do this is to go to sopheon.com (https://www.sopheon.com/) and click here (https://info.sopheon.com/subscribe) .

Evolution Equity Partners today announced the final closing of Evolution Technology Fund III, LP and total capital commitments of $ 1.1 Billion to back visionary entrepreneurs building next generation cybersecurity companies that safeguard the digital world. The fund raise was oversubscribed by existing and new limited partners representing a diversified mix of leading institutions, sovereign investors, insurance companies, endowments, foundations, fund of funds, family offices, and high-net-worth individuals. The capital committed gives Evolution Equity Partners a dedicated pool of capital to pursue opportunities for investment ranging from $20 million to $150 million in cybersecurity and in companies utilizing machine learning and AI to build market leading platforms. Significant investments made to date by Evolution include SecurityScorecard, Arctic Wolf, Protect AI, Talon Cyber, Torq, Snyk, Sweet Security, Aqua Security, Oleria, Halcyon, Cybsafe, Phosphorus, DefinedAI, Carbon Black, Panaseer, AVG Technologies, OpenDNS, Pentera, and Quantexa amongst 60 portfolio companies the firm has backed. Read the Press Release: https://www.prnewswire.com/news-releases/evolution-equity-partners-closes-on-1-1-billion-for-cybersecurity-investment-in-oversubscribed-fund-raise-302117459.html

Owen Denby is the General Counsel of SecurityScorecard, a late stage VC backed cybersecurity company. He is a veteran of SaaS technology startups and a corporate M&A lawyer by training. Additionally, he is a Charter Member of TechGC — an independent, invitation-only, peer community for general counsels. In this episode… Every organization and business wants to increase their security, but how do you quantify the change? Security is a complex, multi-faceted topic where almost anything can go wrong. Many companies do their best, but have no clear measurement for how safe they and their customers truly are. For this reason, security experts can run thorough tests, and even simplify that analysis into a digestible and familiar medium. SecurityScorecard lives up to its name by providing a scorecard and offering risk management options. This approach can expose weaknesses and lead to a better understanding of your security needs. In this episode of She Said Privacy/He Said Security, Jodi and Justin Daniels invite Owen Denby, General Counsel at SecurityScorecard, onto the show to learn more about quantifying cybersecurity. They discuss how the software measures risks, how new SEC regulations enter the equation, and regular pitfalls that companies face.

Jim Routh, Advisory Board Member at SecurityScorecard, is a former CISO with over 30 years of leading experience at Fortune 500 companies, including American Express, Aetna, CVS Health, JPMorgan Chase, and MassMutual. In this episode, he joins host Steve Morgan to discuss cybersecurity metrics and KPIs, as well as how companies can determine security posture and reduce risk, and more. SecurityScorecard is the leading security rating company, used by more than 2,500 top companies. To learn more about our sponsor, visit https://securityscorecard.com

Andrew Jaquith, former CISO at Covington & Burling LLP, is a Board Advisor at SecurityScorecard. In this episode, he joins host Steve Morgan to discuss cybersecurity metrics and KPIs, as well as how companies can determine security posture and reduce risk, and more. SecurityScorecard is the leading security rating company, used by more than 2,500 top companies. To learn more about our sponsor, visit https://securityscorecard.com

The World Economic Forum has kicked off in Davos, bringing together nearly 3,000 global leaders including some 60 heads of state and government, corporate bosses and prominent figures in public institutions. This year's theme is "Rebuilding Trust" as wars, climate change and a slowing economy continue to erode global cooperation. France 24's Yuka Royer spoke to Aleksandr Yampolskiy, CEO of SecurityScorecard, about major players behind increasing cyberattacks as well as growing digital inequality.

Mark Weatherford, Chief Strategy Officer at the National Cybersecurity Center, is an Advisory Board Member at SecurityScorecard. In this episode, he joins host Steve Morgan to discuss cybersecurity metrics and KPIs, as well as how companies can determine security posture and reduce risk, and more. SecurityScorecard is the leading security rating company, used by more than 2,500 top companies. To learn more about our sponsor, visit https://securityscorecard.com

Everyone wants to claim data-driven success these days and knows that data is important to building and executing successful strategies- but how do we successfully incorporate data into planning and execution?In this episode, Will Ritchings, Director of Revenue Strategy and Operations at SecurityScorecard, joins Joe and Jonathan to dissect the challenges of data management, share his insights on effective dashboard design, and unravel the key elements for building a successful data strategy.Join us as they get deep into:The crucial interplay of context in data analysis, preventing misinterpretations and fostering informed decision-making.Strategies for effective dashboard creation, emphasizing the need for balance and tailored approaches based on diverse audience needs.Insights into building a successful data strategy, from prioritizing goals to communicating the time and effort involved.

SecurityScorecard's product assesses cyberthreats by homing in on key risk factors including the health of network domain name systems, or DNS, and network and endpoint security. In this Tech Disruptors podcast episode, CEO Aleksandr Yampolskiy sits down with Bloomberg Intelligence analyst Mandeep Singh to discuss how his company is leveraging AI to improve its data-driven rankings. Yampolskiy also examines recent developments in cybersecurity and how organizations are adapting to stay ahead of malicious actors that are using generative AI.

Tom Doughty, Advisory Board Member at SecurityScorecard, is the former VP & CISO at Prudential, as well as the former Captain, Military Intelligence with the US Army. In this episode, he joins host Steve Morgan to discuss cybersecurity metrics and KPIs, as well as how companies can determine security posture and reduce risk, and more. SecurityScorecard is the leading security rating company, used by more than 2,500 top companies. To learn more about our sponsor, visit https://securityscorecard.com

Partho Ghosh is a customer-centered, data-informed product executive and GM who specializes in B2B SaaS, MarTech, product-led growth, and creating measurable product processes that lead to efficient growth and market fit. He is the VP and Product & General Manager at SecurityScoreCard, the global leader in cybersecurity ratings, response, and resilience. He also serves as an advisor for OpenView, through which he advises on product-led growth. Before working at SecurityScoreCard, Partho served as a general manager for Hootsuite. Partho holds a Bachelor's of Business Administration, Business Management from British Columbia Institute of Technology.Partho joins me today to explore the “feature factory” trap and how having a clear product management lifecycle can help avoid it. He emphasizes the importance of future thinking in product management decisions, even when dealing with short-term revenue goals. He outlines his philosophy on product management and the “Build, Measure, Learn” principle. Partho also highlights the value of having a data-informed mindset and offers advice to product managers seeking leadership support. “I've always used ‘feature factory' in a negative connotation, but that might be unfair if you're a scaling start-up. Founders need revenue growth, profitability, and to make ends meet.” - Partho Ghosh This week on Innovation Talks:●     Partho's background as a business analyst, his transition into product management, and diving into B2B SaaS●     The challenges of testing and validating the effectiveness of a free-to-sales motion in the self-serve space●     The importance of future-thinking in product management decisions●     Navigating organizational changes and cultural shifts●     Careers as marathons and the evolving nature of the professional journey●     The need for continuous learning in product management●     Embracing generative AI and how customer expectations around AI have changed●     The transformative nature of technological advancements●     Partho's product development process and lifecycle●     The “Build, Measure, and Learn” philosophy●     The value of rooting decisions in data and why companies need to invest in analytics capabilities●     Experimentation beyond split testing●     Overcoming challenges in measurement and learning●     Allocating resources to data analysis and promoting a data-informed mindset●     The crucial role and challenges of collaboration within a product team Resources Mentioned:●     Miro●     Figma●     Book: Testing Business Ideas: A Field Guide for Rapid Experimentation (The Strategyzer Series) by David J. Bland and Alexander Osterwalder Connect with Partho Ghosh:●     SecurityScorecard●     SecurityScorecard on LinkedIn●     SecurityScorecard on Instagram●     SecurityScorecard on Facebook●     SecurityScorecard on Twitter●     Partho Ghosh on LinkedIn This Podcast is brought to you by Sopheon Thanks for tuning into this week's episode of Innovation Talks. If you enjoyed this episode, please subscribe and leave a review wherever you get your podcasts. Apple Podcasts | TuneIn | GooglePlay | Stitcher | Spotify | iHeart | Amazon Be sure to connect with us on Facebook, Twitter, and LinkedIn, and share your favorite episodes on social media to help us reach more listeners, like you. For additional information around new product development or corporate innovation, sign up for Sopheon's newsletter where we share news and industry best practices monthly! The fastest way to do this is to go to sopheon.com and click here.

Christian Noske is a Partner at NGP Capital. They back early-stage B2B companies from Series A onwards in Europe, the US, Israel, and China within enterprise software, industrial tech, cybersecurity, and infrastructure. Their current portfolio includes Coda, DataLoop, Clue, Nova Labs, Scandit, Shippeo, & SecurityScorecard, while their exits include Deliveroo, Xiaomi, Moovit, Kaltura, and many more.Christian joins James Pringle to talk about investment process fundamentals, market changes, company expectations for Series A funding, & so much more. Don't forget to like, subscribe, and follow The Riding Unicorns Podcast on our socials and your chosen podcast platform to stay up to date!

J. Michael Daniel is the President & CEO of Cyber Threat Alliance. In this episode, he joins host Steve Morgan to discuss cybersecurity metrics and KPIs, as well as how companies can determine security posture and reduce risk, and more. SecurityScorecard is the leading security rating company, used by more than 2,500 top companies. To learn more about our sponsor, visit https://securityscorecard.com

Philip Reitinger is the President and CEO at the Global Threat Alliance. In this episode, he joins host Steve Morgan to discuss cybersecurity metrics and KPIs, as well as how companies can determine security posture and reduce risk, and more. SecurityScorecard is the leading security rating company, used by more than 2,500 top companies. To learn more about our sponsor, visit https://securityscorecard.com

Meg Anderson is the VP - CISO at Principal Financial Group. In this episode, she joins host Melissa O'Leary to discuss cybersecurity metrics and KPIs, as well as how companies can determine security posture and reduce risk, and more. SecurityScorecard is the leading security rating company, used by more than 2,500 top companies. To learn more about our sponsor, visit https://securityscorecard.com

Moriah Hara is the Chief Information Security Officer & Executive Advisor at Vigilance Cyber Security. In this episode, she joins host Steve Morgan to discuss cybersecurity metrics and KPIs, as well as how companies can determine security posture and reduce risk, and more. SecurityScorecard is the leading security rating company, used by more than 2,500 top companies. To learn more about our sponsor, visit https://securityscorecard.com

This week's guest is a repeat guest on the 20% Podcast when he appeared on Episode 117 back in November of last year. After studying Natural Resources and Conversation, he held multiple roles across the GTM space, from Account Manager, Sales Agent, Store Managing, District Training Store Manager, to making a jump into SaaS, followed by a recent stint as an Account Manager at SecurityScorecard.  Recently, he has taken the jump to full-time entrepreneurship, as a co-founder of The Practice Lab.  Please join me in welcoming Jonathan Mahan back to the 20% podcast.  In this week's episode, we discussed: Optimizing For Impact Making The Most of Unfortunate Situations Controlling Emotions Deliberate Practice  Why Teams Need To Train Sales Skills Much More!  Please enjoy this week's episode of The 20% Podcast. ____________________________________________________________________________ I am now in the early stages of writing my first book! In this book, I will be telling my story of getting into sales and the lessons I have learned so far, and intertwine stories, tips, and advice from the Top Sales Professionals In The World! As a first time author, I want to share these interviews with you all, and take you on this book writing journey with me!  Like the show? Subscribe to the email: https://mailchi.mp/a71e58dacffb/welcome-to-the-20-podcast-community I want your feedback! Reach out to 20percentpodcastquestions@gmail.com, or find me on LinkedIn.

Cyber Trust & Transparency is a Cybercrime Magazine Podcast series brought to you by SecurityScorecard. In this episode, host Steve Morgan is joined by Aleksandr Yampolskiy, CEO and Co-Founder of SecurityScorecard. Together, they discuss how a security team's performance is measured, the security ratings industry, and more. SecurityScorecard is the leading security rating company, used by more than 2,500 top companies. To learn more about our sponsor, visit https://securityscorecard.com

This week on DisrupTV, we interviewed Alex Yampolskiy, CEO of SecurityScorecard, Dr. Anastasia Volkova, co-founder and CEO of Regrow and Adam Bryant, Author of The Leap to Leader: How Ambitious Managers Make the Jump to Leadership. DisrupTV is a weekly Web series with hosts R “Ray” Wang and Vala Afshar. The show airs live at 11:00 a.m. PT/ 2:00 p.m. ET every Friday. Brought to you by Constellation Executive Network: constellationr.com/CEN.

ChatGPT takes an unexpectedly human turn in having its own version of hallucinations. Updates on Cl0p's ransom note, background, and recent promises. Researchers look at Instagram's role in promoting CSAM. A look at KillNet's reboot. Andrea Little Limbago from Interos shares insight on cyber's human element. Our guest is Aleksandr Yampolskiy from SecurityScorecard on how CISOs can effectively communicate cyber risk to their board. And a hacktivist auxiliary's stellar advice for protecting your data. For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/110 Selected reading. Can you trust ChatGPT's package recommendations? (Vulcan) Ransomware group Clop issues extortion notice to ‘hundreds' of victims (The Record) MOVEit cyber attack: Cl0p sparks speculation that it's lost control of hack (ITpro) Responding to the Critical MOVEit Transfer Vulnerability (CVE-2023-34362) (Kroll) MOVEit Transfer Critical Vulnerability (May 2023) (Progress) Cybergang behind N.S. breach says it erased stolen data, but experts urge caution (CBC Canada) Most SMBs admit to paying ransomware demands - here's why (TechRadar) Instagram Connects Vast Pedophile Network (Wall Street Journal) Addressing the distribution of illicit sexual content by minors online (Stanford University) Rebooting Killnet, a New World Order and the End of the Tesla Botnet (Radware)

Using intelligence-led threat scenarios to perform a simulated, real-life cyberattack, SecurityScorecard's red team can identify the critical weaknesses in any organization's security posture that need to be addressed. By emulating the tactics, techniques, and procedures of known malicious groups, the Red Team leaves no stone unturned, examining systems, networks, applications, physical security, and even personnel to uncover compromising vulnerabilities. For more information, visit https://securityscorecard.com

Life's A Breach is a Cybercrime Magazine Podcast series brought to you by SecurityScorecard. In this episode, host Hillarie McClure is joined by Larry Slusser, Senior Director for Professional Services at SecurityScorecard. Together, they discuss how best to avoid a cyber incident and save your company millions, including the threat the industry faces today, why it's crucial to set a budget, and more. SecurityScorecard is the global leader in cybersecurity ratings and the only service with millions of organizations continuously rated. To learn more about our sponsor, visit https://securityscorecard.com

Life's A Breach is a Cybercrime Magazine Podcast series brought to you by SecurityScorecard. In this episode, host Hillarie McClure is joined by Aleksandr Yampolskiy, CEO and Co-Founder of SecurityScorecard. Together, they discuss how countries can bolster their resilience against cyber incidents, how best to protect critical infrastructure from these attacks, and more. SecurityScorecard is the global leader in cybersecurity ratings and the only service with millions of organizations continuously rated. To learn more about our sponsor, visit https://securityscorecard.com

This is the story of Zhadnost, of how an IoT-based botnet was conscripted into an online war in the days immediately before the kinetic Ukraine invasion. Ryan Slaney of SecurityScorecard walks us through the timeline of these attacks and the evidence of attribution he found linking it to Russia's GRU.

Life's A Breach is a Cybercrime Magazine Podcast series brought to you by SecurityScorecard. In this episode, Mike Wilkes, Advisor for SecurityScorecard, joins host Hillarie McClure to discuss digital empathy and being authentic, including the difference between sympathy and empathy, why nurturing trust is so important in cybersecurity, and more. SecurityScorecard is the global leader in cybersecurity ratings and the only service with millions of organizations continuously rated. Through a customer-centric, solution-based commitment to their partners, SecurityScorecard is transforming the digital landscape by building a path toward resilience. To learn more about our sponsor, visit https://securityscorecard.com

Cybersecurity CMO is a Cybercrime Magazine podcast series where we are joined by some of the top Chief Marketing Officers in cyber to discuss how they got to where they are, how they help differentiate the companies they work for, how they help those organizations grow, and more. Joining host Hillarie McClure on today's episode is Cindy Zhou, Chief Marketing Officer at SecurityScorecard. • For more on cybersecurity, visit us at https://cybersecurityventures.com/

The “Hacker's Movie Guide” 2022–2023 Edition, published by Cybersecurity Ventures, is available on Amazon and you can order a printed or Kindle edition of the book. If you're a CISO or security leader going to the RSA Conference 2023 in San Francisco, then stop by the SecurityScorecard booth and ask for a free copy of the Hacker's Movie Guide. For more information, visit https://hackersmovieguide.com

Life's A Breach is a Cybercrime Magazine Podcast series brought to you by SecurityScorecard. In this episode, Katherine Ledesma, Head of Government Affairs at SecurityScorecard, joins host Hillarie McClure to chat about the importance of a risk-based approach to oversight and measuring cyber risk. SecurityScorecard is the global leader in cybersecurity ratings and the only service with millions of organizations continuously rated. Through a customer-centric, solution-based commitment to their partners, SecurityScorecard is transforming the digital landscape by building a path toward resilience. To learn more about our sponsor, visit https://securityscorecard.com

Streaming real-time data at scale and processing it efficiently is critical to cybersecurity organizations like SecurityScorecard. Jared Smith, Senior Director of Threat Intelligence, and Brandon Brown, Senior Staff Software Engineer, Data Platform at SecurityScorecard, discuss their journey from using RabbitMQ to open-source Apache Kafka® for stream processing. As well as why turning to fully-managed Kafka on Confluent Cloud is the right choice for building real-time data pipelines at scale. SecurityScorecard mines data from dozens of digital sources to discover security risks and flaws with the potential to expose their client' data. This includes scanning and ingesting data from a large number of ports to identify suspicious IP addresses, exposed servers, out-of-date endpoints, malware-infected devices, and other potential cyber threats for more than 12 million companies worldwide.To allow real-time stream processing for the organization, the team moved away from using RabbitMQ to open-source Kafka for processing a massive amount of data in a matter of milliseconds, instead of weeks or months. This makes the detection of a website's security posture risk happen quickly for constantly evolving security threats. The team relied on batch pipelines to push data to and from Amazon S3 as well as expensive REST API based communication carrying data between systems. They also spent significant time and resources on open-source Kafka upgrades on Amazon MSK.Self-maintaining the Kafka infrastructure increased operational overhead with escalating costs. In order to scale faster, govern data better, and ultimately lower the total cost of ownership (TOC), Brandon, lead of the organization's Pipeline team, pivoted towards a fully-managed, cloud-native approach for more scalable streaming data pipelines, and for the development of a new Automatic Vendor Detection (AVD) product. Jared and Brandon continue to leverage the Cloud for use cases including using PostgreSQL and pushing data to downstream systems using CSC connectors, increasing data governance and security for streaming scalability, and more.EPISODE LINKSSecurityScorecard Case StudyBuilding Data Pipelines with Apache Kafka and ConfluentWatch the video version of this podcastKris Jenkins' TwitterStreaming Audio Playlist Join the Confluent CommunityLearn more with Kafka tutorials, resources, and guides at Confluent DeveloperLive demo: Intro to Event-Driven Microservices with ConfluentUse PODCAST100 to get an additional $100 of free Confluent Cloud usage (details)