The monthly podcast for security professionals, by security professionals.Two self proclaimed grumpy security professionals talk security risk, how they’ve managed it in the past and forward looking discussions with guests working in information security and risk management.
…
continue reading
Cyber Risk Management Podcasts
Welcome to Risk Management: Brick by Brick! Join Jason Reichl on his journey to discover the crucial role technology plays in risk management in the construction sector. Accompanied by industry-leading risk managers, this podcast will deep-dive into the people who are helping to build and maintain the physical world around us.
…
continue reading
The "Risk Intel" Podcast was developed to share our collective insights and knowledge working within the Financial Services industry and invite other risk enthusiasts to the show to educate and promote proactive risk management. The show is hosted by Ed Vincent, CEO of SRA Watchtower, a leading SaaS provider of innovative risk management solutions, serving the financial services industry and beyond. Our suite of proprietary technology solutions and methodologies was built “by risk pros for r ...
…
continue reading
1
Reduce Cyber Risk Podcast - Cyber Security Made Simple
Shon Gerber, vCISO, CISSP, Cyber Security Consultant, Author and Entrepreneur
1
189
Shon Gerber from the Reduce Cyber Risk podcast provides valuable insights, guidance, and training to you each week that only a senior cyber security expert and vCISO can perform. Shon has over 23+ years of experience in cyber security from large corporations, government, and as a college professor. Shon provides you the information, knowledge, and training needed to help protect your company from cyber security threats. Shon weekly provides cyber security training topics covering: Insider Th ...
…
continue reading
Welcome to the PRMA Risk Ready podcast, the show for Risk Management Professionals in the High Net Worth Space.
…
continue reading
Host Unknown is the unholy alliance of the old, the new and the rockstars of the infosec industry in an internet-based show that tries to care about issues in our industry. It regularly fails. With presenters that have an inflated opinion of their own worth and a production team with a pathological dislike of them (or “meat puppets” as it often refers to them), it is with a combination of luck and utter lack of good judgement that a show is ever produced and released. Host Unknown is availab ...
…
continue reading
Welcome to Perimeter Perspective, the podcast where we explore the strategies, challenges, and innovations shaping the future of cybersecurity and IT management. Hosted by the experts at Next Perimeter, this show dives into zero trust principles, cloud-first solutions, and the evolving role of technology in modern businesses. Whether you’re an IT leader, business owner, or tech enthusiast, Perimeter Perspective offers actionable insights and engaging discussions to help you secure your digit ...
…
continue reading
Confused about the latest cybercrime in the news? Overwhelmed by trying to figure out if an incident applies to you? Want to learn simple, actionable steps to keep you and your family safe online? Introducing Bee Cyber Fit, a podcast for the Yale University community and beyond. We’ll cut through the cyber mumbo jumbo and make cybersecurity awareness easy to digest. Every two weeks we’ll share compelling cyber stories, make sense of buzzwords and share a simple call to action. Scammers are e ...
…
continue reading
Welcome to the GRCISO podcast, where Chief Information Security Officers (CISOs) gain indispensable insights into the dynamic world of Cyber Governance, Risk, and Compliance (GRC). Each episode delves into expert analysis and industry perspectives, designed to empower CISOs with the knowledge needed to make informed decisions in today’s complex cybersecurity landscape. Tune in for in-depth discussions, practical advice, and the latest trends to stay ahead in your role. Whether you’re a seaso ...
…
continue reading
Experiments in Risk Science
…
continue reading
Helping clients embrace risk and achieve peak business performance for over 150 years.
…
continue reading
Cyber Insurance Leaders is a bi-weekly podcast dedicated to helping Cyber Security and Insurance professionals hear about the latest developments, best practices and thought leadership from leaders in the market. If you’re looking to hear and learn from cyber insurance and security experts, this show is for you. Each episode features an interview with an executive or thought leader, discussing topics like: the cyber insurance industry as a whole, international growth, cyber claims, and more.
…
continue reading
Cyber Security, data breaches, Hackers, Chief Information Security Officers, Talking Cyber Security (formerly 'The Australian CISO') is a podcast for anyone interested in Cyber Security. Hear about data breaches, cyber news, how security personnel 'tick', how to answer questions at an interview, lessons learnt while doing the security role, how security people network, how they succeed etc. Use the email address [email protected] to make comments, pose questions or even ask to be on ...
…
continue reading
Welcome to Resilience: Voices in Cyber Security. The cyber threat landscape constantly evolves, and attacker's capabilities are growing in variety, volume, and sophistication. This podcast will provide the latest strategies and trends to ensure cyber resilience. I’m Yonatan Lipschitz, Director of Client Leadership at a leading cyber security consulting and incident response company. In each episode, a thought leader in the cyber sector will join me, sharing their insights, thoughts, and expe ...
…
continue reading
Sponsored by Netswitch Technology Management - https://www.netswitch.net/
…
continue reading
Cyber Security for Small Businesses doesn't need to be complicated or expensive. Most of the time it comes down to planning, procedures and good Systems Administration. Learn the techniques that you can use to increase Cyber Resilience in your Small Business. The podcast covers auditing tools like the ACSC Essential 8, NIST and ISO 27001. It will look at ways that you can identify, protect, detect, respond and recovery to a cyber incident. You will learn about: Malware Denial of Service Man ...
…
continue reading
Mayo Clinic Ophthalmology Podcast, hosted by Dr. Erick Bothun and Dr. Andrea Tooley, takes us through the latest and greatest in ophthalmology from the lens of an academic institution, Mayo Clinic. We look forward to bringing guests from across the globe to discuss ophthalmology and various subsets of medicine.
…
continue reading
מפגשים עם האנשים בחזית הגנת הסייבר לתעשייה ותשתיות קריטיות Meetings with the people at the forefront of cyber defense for industry and critical infrastructure ICS SCADA OT IoT
…
continue reading
"Securing Our Place In The Industry" The podcast dedicated to removing roadblocks and adding diversity to the cybersecurity industry.
…
continue reading
The Dark Dive podcast is designed to demystify the dark web - arming you with everything you need to know about what the dark web is and how it is used. Join us for a deep dive into dark web markets, hacking forums, and ransomware leak sites. Listen to real life stories from experts that feature criminals buying and selling stolen data, trading exploits, and planning cyberattacks from the dark web. Most importantly, find out how the cybersecurity and law enforcement community can do somethin ...
…
continue reading
The daily cybersecurity news and analysis industry leaders depend on. Published each weekday, the program also includes interviews with a wide spectrum of experts from industry, academia, and research organizations all over the world.
…
continue reading
Kitecast features interviews with security, IT, compliance, and risk management leaders and influencers, highlighting best practices, trends, and strategic analysis and insights.
…
continue reading
The ISF Podcast brings you cutting-edge conversation, tailored to CISOs, CTOs, CROs, and other global security pros. In every episode of the ISF Podcast, Chief Executive, Steve Durbin speaks with rule-breakers, collaborators, culture builders, and business creatives who manage their enterprise with vision, transparency, authenticity, and integrity. From the Information Security Forum, the leading authority on cyber, information security, and risk management.
…
continue reading
The Mazars Tech for Leaders podcast delves into the latest technology developments and how business leaders can tackle challenges whilst ensuring they are protected from a risk, security and compliance perspective. Join Mazars Technology and Digital experts as they speak with industry guests, specialist speakers and subject matter experts on all things tech.
…
continue reading
Each episode, Angela and Vince dig into the key issues facing organizations when it comes to cybersecurity and CPS (Cyber-Physical Systems). Sponsored by Viakoo, the leader in CPS vulnerability remediation.
…
continue reading
🔊 The Defuse Podcast: Personal Threat Management for High-Risk Lives When the threats are real, the stakes are high — so what actually works?" Hosted by Philip Grindell — former Scotland Yard detective, behavioural threat specialist, and author of Personal Threat Management — this podcast lifts the lid on the proven methods used to keep prominent individuals, executives, and private clients safer. Each episode features straight-talking conversations with trusted experts on: Stalking, fixated ...
…
continue reading
Daily cybersecurity news for practitioners. Vulnerabilities, defenses, threats, network security insight, research and more to make you sound smarter as you get to the office in the morning. New each weekday.
…
continue reading
"On Aon" offers conversations between Risk Capital and Human Capital experts and guests about the Risk and People issues impacting businesses around the world. Each episode provides unique insights to help industry experts make better decisions across Trade, Technology, Weather and Workforce.
…
continue reading
The CYBER5 is hosted by Landon Winkelvoss, Co-Founder at Nisos, and features cybersecurity and investigations industry leaders' thoughts and answers to five questions on one topic on actionable intelligence to enterprise revolving around third-party risk management, adversary research and attribution, digital executive protection, merger and acquisition diligence, brand protection, disinformation, and cyber threat intelligence.
…
continue reading
Our goal for this series is to bring to listeners the latest insights on trending topics, delivered by specialists from Guy Carpenter and other organizations on the forefront of thought leadership.
…
continue reading
Conversations with Thailand is a bi-monthly podcast series by Deloitte Thailand. Listeners can expect to hear insights from subject matter experts across the different business domains that will benefit both organisations and individuals navigate through complexities of today's VUCA world.
…
continue reading
Safeguarding Your Business in the Digital Age Welcome to The Cyberdap Podcast, your go-to resource for navigating the complex world of cybersecurity tailored specifically for small and medium business owners. In an era where digital threats lurk around every corner, staying ahead of cyber attacks is paramount to the success and security of your business. Join us as we delve deep into the ever-evolving landscape of cybersecurity, shedding light on the latest threats, vulnerabilities, and atta ...
…
continue reading
Security Ledger is an independent security news website that explores the intersection of cyber security with business, commerce, politics and everyday life. Security Ledger provides well-reported and context-rich news and opinion about computer security topics that matter in our IP-enabled homes, workplaces and daily lives.
…
continue reading
CISO Insights: The Cybersecurity Leadership Podcast Where Security Leaders Shape Tomorrow’s Defenses Join us for CISO Insights, the definitive podcast for cybersecurity executives navigating today’s evolving threat landscape. Each episode delivers exclusive conversations with industry pioneers and practical frameworks from security leaders. CISO Insights provides actionable intelligence for executives building resilient security programs. We cover everything from board-level risk communicati ...
…
continue reading
CISOs insiders is open conversations I’m having with leading CISOs in the industry. We’ll be talking about what makes them ticks, their biggest accomplishments and flagrant failures, their favorite drinks and what it is they like in vendors as well as dislike in vendors. We’ll try to tap into the mind of the person behind the role and hopefully have some fun while doing so. Join us for a light talk.
…
continue reading
Breaking Cyber Barriers dives deep into the world of Cybersecurity, uncovering trends and exploring its limitless potential. Join host Liz Vagenas as she speaks with top leaders about the current challenges and opportunities within the industry, as well as strategies for success.
…
continue reading
The CISO's Gambit podcast is a pragmatic cyber risk dialogue between cyber security leaders from leading organizations, like Zscaler. Topics span technical and non-technical aspects of cyber risk, cybersecurity, privacy, transformational change management, and the evolving role of the CISO as a thought leader and change agent. The podcast covers current risks, what's on horizon, and how CISOs can help deliver business value that lowers risks, flattens the total cost of controls, and reduces ...
…
continue reading
Barry Kirby explores aspects of Human Factors, from practitioners in the field, through Processes and Tools that are useful (or not) and other Information and News that may be beneficial. For HF people to keep in touch and non-HF people to hear what we do.
…
continue reading
Strategy. Execution. Results. Offering consulting, training & software solutions for companies building complex, highly regulated systems. Learn more @ www.321gang.com
…
continue reading
SaaS is seen as one of the best things that have ever happened in the world of software in terms of costs and ease of usage. But it’s not enough to embrace its advantages alone. There are two sides to a coin, and even SaaS has a lesser-known side that can harm businesses if left unattended. The dark side of SaaS involves shadow IT, security and compliance risks, and SaaS wastage. We’ve started this podcast series, “SaaS Whispers,” to focus on the inefficiencies and cost overruns posed by inc ...
…
continue reading
The Abstract Forward Cyber Strategy Podcast is a show where we interview security, technology, and business leaders. Our goal is to shine a light on the tactics, tools, and strategy that will improve organizational security and operational efficiency – this includes breaking the corporate bureaucratic status quo which plagues organizations. Disclaimer: This podcast does not represent the views of former or current employers and/or clients. This podcast will make every reasonable effort to ve ...
…
continue reading
🔒 Cybersecurity is evolving — and so should you. Razorwire brings the open conversations that give you the edge. Welcome to the Razorwire podcast — your resource for practical advice, expert insights, and real-world conversations on cybersecurity, information security (InfoSec), risk management, governance, security leadership, human factors, and industry trends. Our mission is to help you build a stronger cybersecurity career while supporting a dynamic, agile community of professionals comm ...
…
continue reading
Hosted by Accenture CISO Kris Burkhardt, the InfoSec Beat podcast is intended for cybersecurity and information security executives, and dives into current trends and tactics. In each episode, Kris and Accenture colleagues from InfoSec, IT and go-to-market teams discuss what it takes to keep client, business partner and enterprise data secure.
…
continue reading
Beer is one of the oldest and most widely consumed alcoholic drinks in the world, and the third most popular drink overall after water and tea. Cybersecurity is required today for businesses to protect themselves from the persistent threat of malware and ransomware. Hosts Chris Jordan, CEO of Fluency Security, and Jeremy Murtishaw, CEO of Fortify 24x7 discuss cybersecurity, information technology, and hockey with their guests while enjoying some of their favorite beers. Grab your favorite be ...
…
continue reading
Interviewing industry leaders about technology in the insurance industry, showcasing business innovation and new technology. Sharing views on topics including Blueprint II and the future landscape of the London Market.
…
continue reading
1
Moody's Talks - Focus on Finance
Moody's Investors Service, Ana Arsov, Danielle Reed, Mark Wasden, Bruno Baretta, Donald Robertson
23138
Hosted by Danielle Reed of Moody's Financial Institutions team, Focus on Finance helps you keep on top of developments within the banking, insurance and asset management sectors — from the impact of tech disrupters and cyber risk to the ongoing effects of ESG and lower-for-longer interest rates. Published by Moody's Investors Service..
…
continue reading
Preparing Organizations for Managing Crisis
…
continue reading
Join Ryan Whybrow, an experienced insurance broker, as he chats with industry experts and local business owners in East Anglia and across the UK. Each episode dives into the world of general insurance, offering insights, advice, and real-world experiences to help you protect your business. Discover how to safeguard your assets, navigate insurance complexities, and ensure peace of mind for your enterprise. Tune in to stay informed, stay secure, and learn from the best in East Anglia! 📧 For mo ...
…
continue reading
At Outcomes Rocket, we are the shared knowledge hub for healthcare's toughest problems. Our goal is twofold and clear. To help inspire and guide our listeners to 1. Improve patient outcomes and 2. Experience business success in healthcare. Tune in to learn more!
…
continue reading
1
AI Risk Management: Navigating the Complex Landscape with Michael Crowthers, Managing Director of Life Sciences Digital Quality & Compliance, and Chris Knackstedt, Managing Director of Cyber and Strategic ...
20:51
20:51
Play later
Play later
Lists
Like
Liked
20:51
This podcast is brought to you by Outcomes Rocket, your exclusive healthcare marketing agency. Learn how to accelerate your growth by going to outcomesrocket.com Organizations must recognize that AI risk management is a shared responsibility across the entire organization, not solely confined to cybersecurity, legal, or compliance teams. In this ep…
…
continue reading
1
PRMA Insurance Thought Leaders Insight Series- Kareen Boyadjian, VP of UW at Tokio Marine HCC – Cyber & Professional Lines Group
26:57
26:57
Play later
Play later
Lists
Like
Liked
26:57
The PRMA Insurance Thought Leaders Insight Series with Spencer Houldin, alongside leading thought leaders in the industry, aims to examine the insurance terrain, identify solutions to navigating the bumpy roads, and provide a roadmap that guides risk management professionals in the right direction. In this episode our host, Spencer Houldin, Managin…
…
continue reading
Patches, patches and more patches.A patient death has been linked to the 2023 ransomware attack on an NHS IT provider. U.S. authorities indict the man known online as “IntelBroker”. A suspected cyberattack disrupts Columbia University’s computer systems. A major license plate reader company restricts cross-state data access after reports revealed m…
…
continue reading
1
Multi-Cloud Fortress: Securing Your Distributed Digital Frontier
21:09
21:09
Play later
Play later
Lists
Like
Liked
21:09
Multi-cloud environments offer immense flexibility but introduce complex security challenges, from fragmented identities and inconsistent policies to critical visibility gaps across diverse platforms. This podcast delves into the most impactful practices, including unified identity and access management, advanced AI-driven automation, and centraliz…
…
continue reading
1
A New Healthcare Economy Is Emerging Outside Carrier Networks
25:43
25:43
Play later
Play later
Lists
Like
Liked
25:43
This podcast is brought to you by Outcomes Rocket, your exclusive healthcare marketing agency. Learn how to accelerate your growth by going to outcomesrocket.com Open-sourcing healthcare contracting and data infrastructure can unlock massive cost savings while improving outcomes. In this episode, Dave Chase, board president of Nautilus Health Inst…
…
continue reading
1
SANS Stormcast Thursday, June 26th, 2025: Another Netscaler Vuln; CentOS Web Panel Vuln; IP Based Certs
5:53
5:53
Play later
Play later
Lists
Like
Liked
5:53
NetScaler ADC and NetScaler Gateway Security Bulletin for CVE-2025-6543 Citrix patched a memory overflow vulnerability leading to unintended control flow and denial of service. https://support.citrix.com/support-home/kbsearch/article?articleNumber=CTX694788 Remote code execution in CentOS Web Panel - CVE-2025-48703 An arbitrary file upload vulnerab…
…
continue reading
Cybercriminals target financial institutions across Africa using open-source tools. Threat actors are using a technique called Authenticode stuffing to abuse ConnectWise remote access software. A fake version of SonicWall’s NetExtender VPN app steals users’ credentials. CISA and the NSA publish a guide urging the adoption of Memory Safe Languages. …
…
continue reading
1
Why Risk Management Software Fails—And How Acclaimit's CEO Kathy Burns Built a Better Solution
23:28
23:28
Play later
Play later
Lists
Like
Liked
23:28
We're coming to you LIVE from Riskworld 2025! In this episode of Risk Management: Brick by Brick, Jason Reichl sits down with Kathy Burns, CEO of Acclaimant, to explore her remarkable journey from Aon's technology pioneer in the 1990s to leading one of the most innovative risk management information systems companies today. Kathy shares how she bro…
…
continue reading
1
The CISO Crucible: Navigating Cyber's New Frontier
17:05
17:05
Play later
Play later
Lists
Like
Liked
17:05
Today's cybersecurity leaders face immense pressure from a persistent talent shortage, escalating cyber threats, and dynamic economic and regulatory landscapes. Their roles are rapidly evolving from purely technical oversight to strategic business risk management, encompassing areas like AI strategy and comprehensive talent development. This podcas…
…
continue reading
1
What are the global footprints of Lions Clubs International with Past President Brian Sheehan -Part 2
27:07
27:07
Play later
Play later
Lists
Like
Liked
27:07
Brian Sheehan, Past International President of Lions Clubs International joins Dr. Erick Bothun to discuss his leadership journey and experiences with the Lions. You will leave with a greater appreciation for his involvement in leading this organization, trying to make each day “a great day” for others. We hope you’ll be inspired by how the Lions C…
…
continue reading
1
Inside the Early Lessons of DORA Compliance: What Works, What Fails, What’s Next?
56:22
56:22
Play later
Play later
Lists
Like
Liked
56:22
Six months into DORA's implementation, what's actually happening in financial services organisations? Welcome back to Razorwire, where we tackle cybersecurity's toughest challenges with honesty and expert insight. In this episode, I'm joined by returning experts Jonathan Care and Richard Cassidy and also a new guest to the podcast, Romain Deslorieu…
…
continue reading
1
SANS Stormcast Tuesday, June 24th, 2025: Telnet/SSH Scan Evolution; Fake Sonicwall Software; File-Fix vs Click-Fix
4:03
4:03
Play later
Play later
Lists
Like
Liked
4:03
Quick Password Brute Forcing Evolution Statistics After collecting usernames and passwords from our ssh and telnet honeypots for about a decade, I took a look back at how scans changed. Attackers are attempting more passwords in each scans than they used to, but the average length of passwords did not change. https://isc.sans.edu/diary/Quick%20Pass…
…
continue reading
1
Iran’s digital threat after U.S. strikes.
31:35
31:35
Play later
Play later
Lists
Like
Liked
31:35
Cybersecurity warnings about possible Iranian retaliation have surged. A potential act of sabotage disrupts the NATO Summit in The Hague. Canadian cybersecurity officials discover Salt Typhoon breached a major telecom provider. The U.S. House bans WhatsApp from all government devices. APT28 uses Signal chats in phishing campaigns targeting Ukrainia…
…
continue reading
This month's episode of The Dark Dive revisits the topic of Attack Surface Management. In particular, how it relates to a relatively new cybersecurity term, CTEM: Continuous Threat Exposure Management. In a lively discussion, guests Michael Gianarakis and Ben Jones help define CTEM, a security process that has quickly gained traction thanks to bein…
…
continue reading
1
S3 | E19: Cyber Risk in Focus: The Regulatory Shift and What It Means for You
29:04
29:04
Play later
Play later
Lists
Like
Liked
29:04
The Risk Intel podcast welcomed back Josh Magri, CEO of the Cyber Risk Institute (CRI), for a timely Part 2 conversation focused on the evolving cybersecurity regulatory landscape and what it means for community financial institutions. As the FFIEC Cybersecurity Assessment Tool (CAT) is scheduled to sunset on August 31, 2025, Josh offers a roadmap …
…
continue reading
1
Mind the Gap: The Psychology of Security Risk
21:22
21:22
Play later
Play later
Lists
Like
Liked
21:22
Explore the fascinating disconnect between how we feel about security and the actual risks we face, a phenomenon rooted in deep-seated human psychological biases. This podcast delves into why our brains are ill-equipped for modern threats, often leading to irrational decisions and the prevalence of "security theater" over genuine protection. We exa…
…
continue reading
“On Aon” - Episode 90: Title: Navigating the Future of Total Rewards The right Total Rewards strategy is crucial for an organization to reward, recruit and retain talent. In this episode of On Aon, we examine how people leaders are playing a vital role in bridging the gap between employee needs and organizational goals. Our hosts, Heidi Burnett and…
…
continue reading
1
S35 Ep4: Yolanda Williams - Cyber on the Ground: Building Resilience in a Fragmented Landscape
20:42
20:42
Play later
Play later
Lists
Like
Liked
20:42
Today’s episode will focus on the challenges of the cyber landscape in the United States, as Steve sits down with Yolanda Williams, who is the Cybersecurity and Infrastructure Security Agency’s cyber security coordinator in the state of Florida. Steve and Yolanda dive deep into her work communicating cyber in a region where it for many isn’t top-of…
…
continue reading
1
SANS Stormcast Tuesday, June 24th, 2025: Ichano ATHome IP Camera Scans; Netscaler Vulnerability; WinRar Vulnerability
5:04
5:04
Play later
Play later
Lists
Like
Liked
5:04
Scans for Ichano AtHome IP Cameras A couple days ago, a few sources started scanning for the username super_yg and the password 123. This is associated with Ichano IP Camera software. https://isc.sans.edu/diary/Scans%20for%20Ichano%20AtHome%20IP%20Cameras/32062 Critical Netscaler Security Update CVE-2025-5777 CVE 2025-5777 is a critical severity vu…
…
continue reading
US warns of heightened risk of Iranian cyberattacks. Cyber warfare has become central to Israel and Iran’s strategies. Oxford City Council discloses data breach. Europe aiming for digital sovereignty. Michigan hospital network says data belonging to 740,000 was stolen by ransomware gang. RapperBot pivoting to attack DVRs. A picture worth a thousand…
…
continue reading
1
Decoding the Quantum Threat: Navigating Post-Quantum Cybersecurity
53:57
53:57
Play later
Play later
Lists
Like
Liked
53:57
Quantum computing is on the horizon, poised to break today's standard encryption and enable "harvest now, decrypt later" attacks, threatening sensitive data worldwide. This episode explores the critical technical and financial hurdles organizations face in migrating to post-quantum cryptography (PQC), from pervasive system integration and interoper…
…
continue reading
1
SANS Stormcast Monday, June 23rd, 2025: ADS and Python; More Secure Cloud PCs; Zend.to Path Traversal; Parser Differentials
5:36
5:36
Play later
Play later
Lists
Like
Liked
5:36
ADS & Python Tools Didier explains how to use his tools cut-bytes.py and filescanner to extract information from alternate data streams. https://isc.sans.edu/diary/ADS%20%26%20Python%20Tools/32058 Enhanced security defaults for Windows 365 Cloud PCs Microsoft announced more secure default configurations for its Windows 365 Cloud PC offerings. https…
…
continue reading
1
The Security Sweet Spot: Navigating Protection & Productivity
19:16
19:16
Play later
Play later
Lists
Like
Liked
19:16
Achieving robust cybersecurity often clashes with the demands of user productivity and organizational efficiency, leading employees to bypass critical safeguards for convenience or due to security fatigue. This podcast explores how businesses can overcome this inherent tension by understanding human factors and the risks posed by imbalanced securit…
…
continue reading
1
Zero Trust Unleashed: Fortifying Data and Navigating Compliance in the AI Era
18:56
18:56
Play later
Play later
Lists
Like
Liked
18:56
This episode delves into how Zero Trust principles revolutionize an organization's data protection strategy by adopting a "never trust, always verify" approach, continuously authenticating every user, device, and connection to minimize the attack surface and limit lateral movement. We explore key design components such as robust data security contr…
…
continue reading
1
Jadee Hanson: Cybersecurity is a team effort. [CISO] [Career Notes]
10:09
10:09
Play later
Play later
Lists
Like
Liked
10:09
Please enjoy this encore of Career Notes. Jadee Hanson, CIO and CISO at Code 42, started her technology journey thanks to the help of a teacher in high school. She began college studying computer science and ended with a degree in computer information systems as it had more of the business side. Working in the private sector for companies such as D…
…
continue reading
1
How DORA Reshapes Third-Party Risk Management
15:39
15:39
Play later
Play later
Lists
Like
Liked
15:39
The modern digital supply chain is an intricate web, where risks often extend far beyond your direct third-party vendors to hidden fourth, fifth, and Nth parties. This episode dives into the critical demands of the Digital Operational Resilience Act (DORA), emphasizing why understanding and managing these multi-layered relationships is paramount fo…
…
continue reading
1
Signed, sealed, exploitable. [Research Saturday]
19:22
19:22
Play later
Play later
Lists
Like
Liked
19:22
Dustin Childs, Head of Threat Awareness at Trend Micro Zero Day Initiative, joins to discuss their work on "ZDI-23-1527 and ZDI-23-1528: The Potential Impact of Overly Permissive SAS Tokens on PC Manager Supply Chains." The research explores two critical vulnerabilities (ZDI-23-1527 and ZDI-23-1528) that could have enabled attackers to hijack the M…
…
continue reading
An historic data breach that wasn’t. Aflac says it stopped a ransomware attack. Cloudflare thwarts a record breaking DDoS attack. Mocha Manakin combines clever social engineering with custom-built malware. The Godfather Android trojan uses a sophisticated virtualization technique to hijack banking and crypto apps. A British expert on Russian inform…
…
continue reading
1
Digital Fortunes, Reputations at Risk: The Cyber Crisis Playbook
14:16
14:16
Play later
Play later
Lists
Like
Liked
14:16
In today's interconnected landscape, a cybersecurity breach is not merely a technical incident but a profound test of an organization's resilience and public trust. This podcast delves into the intricate art of navigating the public aftermath of cyberattacks, examining how timely, transparent communication, strong leadership, and adherence to legal…
…
continue reading
1
SANS Stormcast Friday, June 20th, 2025: New Employee Phishing; Malicious Tech Support Links; Social Engineering App Sepecific Passwords
5:46
5:46
Play later
Play later
Lists
Like
Liked
5:46
How Long Until the Phishing Starts? About Two Weeks After setting up a Google Workspace and adding a new user, it took only two weeks for the new employee to receive somewhat targeted phishing emails. https://isc.sans.edu/diary/How%20Long%20Until%20the%20Phishing%20Starts%3F%20About%20Two%20Weeks/32052 Scammers hijack websites of Bank of America, N…
…
continue reading
1
Episode 223: The never-ending train journey episode
43:40
43:40
Play later
Play later
Lists
Like
Liked
43:40
11th June 1986: Ferris Bueller's Day Off was released. https://x.com/todayininfosec/status/1932838235102716317 13th June 1994: A Russian hacker group led by Vladimir Levin stole $10.7 million from Citibank via X.25, in what was the first international bank robbery over a network to be made public. Levin was caught in London in 1995 and sentenced in…
…
continue reading
1
InfoSec Beat: Careers in Information Security – Client Data Protection
25:59
25:59
Play later
Play later
Lists
Like
Liked
25:59
This episode of the InfoSec Beat podcast focuses on careers in information security. Accenture CISO Kris Burkhardt talks with Kyle Friedman, who leads Security Contracting and Request for Proposal Support for our Information Security Client Data Protection team. She ensures that we have the right provisions in our proposal responses and contracts t…
…
continue reading
1
Fortifying the Deal: M&A Cybersecurity with Experts & AI
35:14
35:14
Play later
Play later
Lists
Like
Liked
35:14
Mergers and acquisitions, while promising growth, expose organizations to complex cybersecurity risks including hidden breaches, compliance gaps, and significant technical debt. This episode explores why comprehensive cybersecurity due diligence is paramount, moving beyond self-disclosures to uncover the target's true security posture and potential…
…
continue reading
1
Juneteenth: Reflecting, belonging, and owning your seat at the table. [Special Edition]
35:26
35:26
Play later
Play later
Lists
Like
Liked
35:26
We put together an open conversation between our podcast hosts, CyberWire Daily's Dave Bittner, T-Minus Space Daily’s Maria Varmazis, and CISO Perspectives podcast’s Kim Jones. Their conversation goes deeper than just the historical significance of Juneteenth, diving into candid conversations on allyship, representation, and the enduring value of d…
…
continue reading
1
Global Risk Management as Strategic Advantage with Dominic Bowen
35:50
35:50
Play later
Play later
Lists
Like
Liked
35:50
The Caffeinated Risk hosts navigate time zones and catch up with Dominic Bowen traveling between meetings to discuss risk management with an international expert on the subject. Mr. Bowen is a partner and Head of Strategic Advisory at 2Secure, one of Europe's leading risk management consulting firms, as well as the host of the International Risk Po…
…
continue reading
Viasat confirms it was breached by Salt Typhoon. Microsoft’s June 2025 security update giveth, and Microsoft’s June 2025 security update taketh away. Local privilege escalation flaws grant root access on major Linux distributions. BeyondTrust patches a critical remote code execution flaw. SMS low cost routing exposes users to serious risks. Erie In…
…
continue reading
1
Beyond the Alarm: Why Cybersecurity Automation Empowers Analysts
24:36
24:36
Play later
Play later
Lists
Like
Liked
24:36
This episode confronts the common fear among SOC analysts that automation will lead to job elimination, illustrating how, historically, technology transforms and improves roles rather than eradicating them. We delve into how automation liberates security professionals from tedious, repetitive tasks like alert investigation and false positive handli…
…
continue reading
A House oversight committee requests DOGE documents from Microsoft. Predatory Sparrow claims a cyberattack on an Iranian bank. Microsoft says data that happens in Europe will stay in Europe. A complex malware campaign is using heavily obfuscated Visual Basic files to deploy RATs. A widely used CMS platform suffers potential RCE bugs. North Korea’s …
…
continue reading
1
S3 | E18: Cyber Risk in Focus Evolving Threats and the Sunset of the CAT Tool
27:07
27:07
Play later
Play later
Lists
Like
Liked
27:07
The cybersecurity landscape is changing fast. And for financial institutions, one of the biggest shifts on the horizon is the sunsetting of the FFIEC Cybersecurity Assessment Tool (CAT) in August 2025. In this episode of the Risk Intel podcast, Josh Magri, President and CEO of the Cyber Risk Institute (CRI), joined host Edward Vincent to unpack wha…
…
continue reading
1
The Geopolitics of Data: Navigating Compliance and Cyber Threats
38:01
38:01
Play later
Play later
Lists
Like
Liked
38:01
In an increasingly interconnected world, organizations face the dual imperative of adhering to complex and evolving data protection laws while simultaneously fortifying their defenses against escalating cyber threats driven by geopolitical tensions. This podcast explores the critical role of Chief Information Security Officers (CISOs) in bridging t…
…
continue reading
1
S35 Ep3: The Silent Risk in M&A: Cyber Security Oversights That Cost Millions
34:04
34:04
Play later
Play later
Lists
Like
Liked
34:04
Financial due diligence is common practice when companies merge or one business acquires another. Cyber security due diligence, however, is not quite as common. Yet, in a world where the threat landscape changes by the day and risk is growing increasingly complex, solid cyber security practices are more important than ever. Today, Steve and Tavia d…
…
continue reading
1
SANS Stormcast Monday, June 16th, 2025: Extracting Data from JPEG; Windows Recall Export; Anubis Wiper; Mitel Vuln and PoC
5:46
5:46
Play later
Play later
Lists
Like
Liked
5:46
Extracting Data From JPEGs Didier shows how to efficiently extract data from JPEGs using his tool jpegdump.py https://isc.sans.edu/diary/A%20JPEG%20With%20A%20Payload/32048 Windows Recall Export in Europe In its latest insider build for Windows 11, Microsoft is testing an export feature for data stored by Recall. The feature is limited to European …
…
continue reading
1
Forget Your Firewalls: One Shocking Truth About Your Cyber Risk
58:25
58:25
Play later
Play later
Lists
Like
Liked
58:25
On the latest episode, hear a discussion about cyber risk management needing to look beyond IT. The hosts, Stanley Lee and Sean Mahoney, explore the complexities of cybersecurity, emphasizing the importance of understanding cyber risks that extend beyond traditional IT frameworks. They highlight the critical role of employee awareness and the need …
…
continue reading
1
Darknet drug marketplace closed for business.
37:24
37:24
Play later
Play later
Lists
Like
Liked
37:24
International law enforcement takes down a darknet drug marketplace. The Washington Post is investigating a cyberattack targeting several journalists' email accounts. Anubis ransomware adds destructive capabilities. The GrayAlpha threat group uses fake browser update pages to deliver advanced malware. Researchers uncover a stealthy malware campaign…
…
continue reading
1
Digital Defenders: Unmasking AI's Malicious Uses
23:14
23:14
Play later
Play later
Lists
Like
Liked
23:14
Explore the critical challenges of securing artificial intelligence as we delve into a series of real-world malicious operations leveraging AI for deceptive employment schemes, cyber threats, social engineering, and covert influence. This episode uncovers how threat actors from various countries are exploiting AI capabilities, while also highlighti…
…
continue reading
1
SANS Stormcast Monday, June 16th, 2025: Katz Stealer in JPG; JavaScript Attacks; Reviving expired Discord Invites for Evil
6:44
6:44
Play later
Play later
Lists
Like
Liked
6:44
Katz Stealer in JPG Xavier found some multistage malware that uses an Excel Spreadsheet and an HTA file to load an image that includes embeded a copy of Katz stealer. https://isc.sans.edu/diary/More+Steganography/32044 https://unit42.paloaltonetworks.com/malicious-javascript-using-jsfiretruck-as-obfuscation/ JavaScript obfuscated with JSF*CK is bei…
…
continue reading
1
Beyond Honeypots: AI & Advanced Frameworks in Cyber Deception's Evolution
54:34
54:34
Play later
Play later
Lists
Like
Liked
54:34
Cyber deception is undergoing a significant transformation, moving beyond static honeypots to become a dynamic and proactive defense strategy against sophisticated threats. This episode explores how artificial intelligence and advanced frameworks are revolutionizing deception, enabling adaptive defenses, and enhancing threat intelligence gathering.…
…
continue reading
1
Mark Nunnikhoven: Providing clarity about security. [Cloud strategy]
8:53
8:53
Play later
Play later
Lists
Like
Liked
8:53
Please enjoy this encore of Career Notes. Distinguished Cloud Strategist at Lacework, Mark Nunnikhoven, has gone from taking technology to its limits for his own understanding to providing clarity about security for others. Mark fell in love with his Commodore 128 and once he realized he could bend the machine to his will, it set him on the path to…
…
continue reading
