Tue, 31 January 2023
All links and images for this episode can be found on CISO Series. Tabletop exercises are critical procedures to learn how everyone will react during an actual attack. Panic is usually the first response, so why don't we do that when we're playing our pretend game of getting our business compromised by a nefarious hacker? This week's episode of CISO Series Podcast was recorded in front of a live audience in Clearwater, Florida for the Convene conference produced by the National Cybersecurity Alliance (AKA StaySafeOnline.org). Joining me on stage for the recording was my guest co-host, Hadas Cassorla, CISO, M1 and our guest, Kathleen Mullin (@kate944032), CISO, Cancer Treatment Centers of America. Thanks to our podcast sponsors, Cofense, KnowBe4 & Terranova Cofense is the only company to combine a global network of 32 million people reporting phish with advanced AI-based automation to stop phishing attacks. Our global phishing defense centers work 24/7 to support more than 2,000 enterprise customers, providing the technology and insights needed to identify & block threats. KnowBe4 is the world’s largest integrated Security Awareness Training and Simulated Phishing platform. KnowBe4 helps organizations manage the ongoing problem of social engineering through a comprehensive new-school awareness training approach. Tens of thousands of organizations worldwide use KnowBe4’s platform to mobilize their end users as a last line of defense. Get free phishing benchmarking data to drive effective behavior change and grow your organization's security-aware culture with the latest edition of the Phishing Benchmark Global Report! Taken from this year's Gone Phishing Tournament, this report gives security and risk management leaders the insight they need to strengthen data protection. More at terranovasecurity.com. In this episode:
|
Tue, 24 January 2023
All links and images for this episode can be found on CISO Series. Everyone's favorite meeting is a short meeting. But does anyone want a fun or entertaining meeting? Or is that a bad idea? This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Mike Johnson. Our guest is Jeremy Embalabala, CISO, HUB International. Thanks to our podcast sponsor, SlashNext With today’s transition to hybrid working, phishing attacks are becoming more prevalent than ever. Mobile phishing and credential harvesting are exploding and affecting business reputations, finances and most importantly, data loss. With new methods of phishing attacks appearing year over year, enterprises need more robust phishing protection to better protect this expanding attack surface and companies’ most valuable assets. Check out the report. In this episode:
|
Tue, 17 January 2023
All links and images for this episode can be found on CISO Series. What happens when you want to adhere to more secure behavior, but the tool you're using forces you to be less secure, solely because they didn't architect in more stringent security when they created the program. This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Mike Johnson. Our guest is Terrance Cooley, CISO, Air Force JADC2 R&D Center. Thanks to our podcast sponsor, Varonis Everyday, your employees share thousands of sensitive files with too many people, exposing data to the entire organization – or even the entire internet. Varonis monitors sharing link activity and intelligently eliminates links that aren’t needed – reducing your risk on a continual basis. Discover more at www.varonis.com/cisoseries. In this episode:
|
Tue, 10 January 2023
All links and images for this episode can be found on CISO Series. There is a lot unknown before, during, and after a merger and that can make employees very susceptible to phishing attacks. But, at the same time, the due diligence that goes into an M&A can often open up signs of previous or active compromise, noted Rich Mason of Critical Infrastructure.
What does a proposed merger do to a security program?" This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Our guest is Nicole Ford (@nicoledgray), global vp and CISO, Rockwell Automation. Thanks to our podcast sponsor, Pentera Pentera is the category leader for Automated Security Validation, allowing every organization to test with ease the integrity of all cybersecurity layers including their ransomware readiness, unfolding true, current security exposures at any moment, at any scale. In this episode:
|
Tue, 3 January 2023
All links and images for this episode can be found on CISO Series. "Does anyone else feel like the security field is attracting a lot of low-quality people and hurting our reputation," asked a redditor on the cybersecurity subreddit who remembers a time when security personnel were seen as highly experienced technologists. But now they believe people view cybersecurity as an easy tech job to break into for easy money. This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Our guest is Stephen Cicirelli, CISO, American Bureau of Shipping. Thanks to our podcast sponsor, Stairwell The standard cybersecurity blueprint is a roadmap for attackers to test and engineer attacks. With Inception, organizations can operate out of sight, out of band, and out of time. Collect, search, and analyze every file in your environment – from malware and supply chain vulnerabilities to unique, low-prevalence files and beyond. Learn about Inception. In this episode:
|