SecurityWeek podcast series. Hear from cybersecurity industry experts and visionaries. Easy listening, great insights..
…
continue reading
Where CISOs share tales from the trenches and unpack leadership lessons learned along the way. Hosted by Jessica Hoffman.
…
continue reading
Welcome to the Security Weekly Podcast Network, your all-in-one source for the latest in cybersecurity! This feed features a diverse lineup of shows, including Application Security Weekly, Business Security Weekly, Paul's Security Weekly, Enterprise Security Weekly, and Security Weekly News. Whether you're a cybersecurity professional, business leader, or tech enthusiast, we cover all angles of the cybersecurity landscape. Tune in for in-depth panel discussions, expert guest interviews, and ...
…
continue reading
It’s the show, that bridges the requirements of regulations, compliance, and privacy with those of security. Your trusted source for complying with various mandates, building effective programs, and current compliance news. It’s time for Security and Compliance Weekly.
…
continue reading
It’s the show, that bridges the requirements of regulations, compliance, and privacy with those of security. Your trusted source for complying with various mandates, building effective programs, and current compliance news. It’s time for Security and Compliance Weekly.
…
continue reading
The Future of Cybercrime is dedicated to helping security practitioners defend their organizations by distilling insights, best practices, and actionable tips from the world’s leading cyber crime experts. This show is brought you by KELA Cyber Threat Intelligence. For more information, visit www.kelacyber.com
…
continue reading
1
Fireside Chat With Phil Venables, CISO at Google Cloud
34:05
34:05
Play later
Play later
Lists
Like
Liked
34:05
In this fireside chat, we speak with Phil Venables, Chief Information Security Officer of Google Cloud. Venables leads the risk, security, compliance, and privacy teams for Google Cloud. Before joining Google, he was a Partner at Goldman Sachs where he held multiple roles over a long career, initially as their first Chief Information Security Offic…
…
continue reading
1
Cybersecurity best practices are the worst, AI indegestion, real time doxxing - ESW #378
1:07:22
1:07:22
Play later
Play later
Lists
Like
Liked
1:07:22
This week in the enterprise security news, we've got: Torq, Tamnoon, and Defect Dojo raise funding Checkmarx acquires ZAP Commvault acquires Clumio Would you believe San Francisco is NOT the most funded metro area for cybersecurity? Auto-doxxing Smart glasses are now possible Meta gets fined $100M for storing plaintext passwords AI coding assistant…
…
continue reading
1
Perfctl, Pig Butchering, Ivanti, Zimbra, BabyLockerKZ, AI gone Wild, Aaran Leyland... - SWN #419
32:36
32:36
Play later
Play later
Lists
Like
Liked
32:36
Perfctl, Warm Cookie, Pig Butchering, Ivanti, Zimbra, BabyLockerKZ, AI gone Wild, Aaran Leyland, and More, on this edition of the Security Weekly News. Show Notes: https://securityweekly.com/swn-419
…
continue reading
Automated tank gauges are leaking more than just fuel, while CUPS is serving up a steaming hot brew of vulnerabilities. Meanwhile, Supermicro's BMC firmware is giving away root access like it's going out of style. If you thought your Kia was safe, think again - all it takes is a license plate and 30 seconds to turn your car into a hacker's joyride.…
…
continue reading
1
Cybersecurity Career Paths: from touring musician to purple teaming at Meta - Jayson Grace - ESW #378
35:32
35:32
Play later
Play later
Lists
Like
Liked
35:32
Our latest in a series of interviews discussing cybersecurity career paths, today we talk to Jayson Grace his path into cybersecurity and his experience building red teams at national labs and purple teams at Meta. We also talk about his community impact, giving talks and building open source tools. Jayson just left Meta for an AI safety startup na…
…
continue reading
1
Analyzing Malware at Scale - John Hammond - PSW #845
1:03:12
1:03:12
Play later
Play later
Lists
Like
Liked
1:03:12
Segment description coming soon! Segment Resources: - https://www.huntress.com/blog/the-hackers-in-the-arena-the-huntress-ctf-retrospective - https://www.huntress.com/blog/fake-browser-updates-lead-to-boinc-volunteer-computing-software Show Notes: https://securityweekly.com/psw-845
…
continue reading
1
Death Stars, Recall, Microsoft, Brocade, AI, Josh Marpet, and more... - SWN #418
29:24
29:24
Play later
Play later
Lists
Like
Liked
29:24
Death Stars are not real or are they?, Recall, Microsoft, Brocade, AI and More and More AI, Josh Marpet, and more on the Cyber Security News. Show Notes: https://securityweekly.com/swn-418
…
continue reading
1
What are your pet peeves when it comes to tool selection? - Timothy Ball - CSP #194
39:58
39:58
Play later
Play later
Lists
Like
Liked
39:58
Hear from expert TimBall, CISO for NGO-ISAC, on his experiences in the industry and how he advises his members on finding the right tool. Especially when it comes to making sure the tool isn’t a ‘shiny object’ purchase but actually addressing your organizations underlying issues and bringing value! Bonus, let’s talk about election security! Segment…
…
continue reading
1
Underfunding and Leadership Gaps, as AI Replaces CEO and Senate Eyes Healthcare - BSW #366
26:02
26:02
Play later
Play later
Lists
Like
Liked
26:02
In the leadership and communications segment, Underfunding And Leadership Gaps Weaken Cybersecurity Defenses, A Self-Care Checklist for Leaders, Senate bill eyes minimum cybersecurity standards for health care industry, and more! Show Notes: https://securityweekly.com/bsw-366
…
continue reading
1
How to Attain Zero Trust - Rob Allen - BSW #366
32:06
32:06
Play later
Play later
Lists
Like
Liked
32:06
The zero-trust security model has been billed as an ultra-safe defense against emerging, unrecognized and well-known threats. Unlike perimeter security, it doesn't assume people inside an organization are automatically safe. Instead, it requires every user and device -- inside and out -- to be authorized before any access is granted. Sounds enticin…
…
continue reading
1
Quantum threats, SOC automation, funding trends - ESW #377
44:10
44:10
Play later
Play later
Lists
Like
Liked
44:10
In the Enterprise News, the hosts discuss various trends and challenges in the cybersecurity landscape, including the evolution of terminology, funding trends, the emergence of new startups, and the impact of AI on security practices. They also explore the challenges faced by CISOs, the importance of humor in the industry, and the future of quantum…
…
continue reading
1
Oh the Places You'll Go (in Cybersecurity) - Jason Shockey - ESW #377
33:20
33:20
Play later
Play later
Lists
Like
Liked
33:20
We've been hearing a lot lately about how the talent gap in cybersecurity is much more complex than some folks have been making it out to be. While making six figures after going through a six week boot camp might be overselling the cybersecurity job market a bit, it is definitely a complex space with lots of opportunities. Fortunately, we have fol…
…
continue reading
1
Passwords, CUPS, KIA, Gilbert Gottfried, Salt Typhoon, Rob Allen from ThreatLocker... - SWN #417
33:04
33:04
Play later
Play later
Lists
Like
Liked
33:04
Passwords, CUPS, KIA, Gilbert Gottfried, Salt Typhoon, Rob Allen from ThreatLocker, and More on the Security Weekly News. Segment Resources: https://www.bleepingcomputer.com/news/security/hackers-deploy-ai-written-malware-in-targeted-attacks/ This segment is sponsored by ThreatLocker. Visit https://securityweekly.com/threatlocker to learn more abou…
…
continue reading
1
SIEM: Shakeup in Event Management - What's Happening in the SIEM market today? - Seth Goldhammer - ESW #377
42:42
42:42
Play later
Play later
Lists
Like
Liked
42:42
The SIEM market has undergone some significant changes this summer. This is a great opportunity to talk about the current state of SIEM! In this conversation, we'll discuss: market changes and terminology: security analytics, data lakes, SIEM what is SOAR's role in the current SIEM market? machine learning and generative AI's role strategies for im…
…
continue reading
1
AI in Cyber & Addressing Analyst Burnout - Kayla Williams - PSW #844
55:31
55:31
Play later
Play later
Lists
Like
Liked
55:31
Kayla Williams, Chief Security Information Officer at Devo, discussed the role of AI in cybersecurity and the ongoing issue of burnout for SOC analysts. Working with Wakefield Research, Devo discovered that 83% of IT professionals feel burnt out due to stress, lack of sleep, and anxiety. Many also report that their burnout leads to breaches. This s…
…
continue reading
This week in the security news, Dr. Doug and Larry explore various technological advancements and their implications with a healthy dose of nostalgia, particularly focusing on health monitoring through Wi-Fi signals, the misconceptions surrounding 5G connectivity, the importance of understanding internet speed needs, and the cybersecurity threats f…
…
continue reading
1
Fuzzing for Vulns, GitLab Auth Bypass, JPEG Vulns, Programming Language Ranks - ASW #300
32:45
32:45
Play later
Play later
Lists
Like
Liked
32:45
Fuzzing network traffic in OpenWRT, parsing problems lead to GitLab auth bypass, more fuzzing finds vulns in a JPEG parser, and more! Show Notes: https://securityweekly.com/asw-300
…
continue reading
1
C3pbot, Kaspersky, Octo2 , Honkai: Star Rail, ServiceNow, LinkedIn... - SWN #416
29:32
29:32
Play later
Play later
Lists
Like
Liked
29:32
C3pbot, Kaspersky, Octo2 Electric Boogaloo, Honkai: Star Rail, ServiceNow, LinkedIn, IoT, Josh Marpet, and more on the Cyber Security News. Show Notes: https://securityweekly.com/swn-416
…
continue reading
1
Vulnerable APIs and Bot Attacks: Two Interconnected, Growing Security Threats - David Holmes - ASW #300
35:07
35:07
Play later
Play later
Lists
Like
Liked
35:07
APIs are essential to modern application architectures, driving rapid development, seamless integration, and improved user experiences. However, their widespread use has made them prime targets for attackers, especially those deploying sophisticated bots. When these bots exploit business logic, they can cause considerable financial and reputational…
…
continue reading
1
Tried and True. Going back to basics with Incident Response - Levone Campbell - CSP #193
36:13
36:13
Play later
Play later
Lists
Like
Liked
36:13
Let’s talk about how regardless of your organizations data footprint being in the cloud or on prem, or if you’re a billion dollar organization or smaller, if the adversaries want in, they will find a way. Don’t fall victim because of bad cyber hygiene but instead work your experiences, your leadership, and train your people to limit exposure. Hear …
…
continue reading
1
Authentication and Authorization in the AI Era - Shiven Ramji - BSW #365
30:30
30:30
Play later
Play later
Lists
Like
Liked
30:30
AI is bringing productivity gains like we’ve never seen before -- with users, security teams and developers already reaping the benefits. However, AI is also bolstering existing threats to application security and user identity -- even enabling new, personalized attacks to emerge. Shiven Ramji, President of Customer Identity at Okta, joins Business…
…
continue reading
1
Answering the Board's Questions While UnitedHealth Group 'Starts Over' - BSW #365
36:38
36:38
Play later
Play later
Lists
Like
Liked
36:38
In the leadership and communications segment, CISA Releases Cyber Defense Alignment Plan for Federal Agencies, UnitedHealth Group CISO: We had to ‘start over’ after Change Healthcare attack, 20 Essential Strategies for Leadership Development Success, and more! Show Notes: https://securityweekly.com/bsw-365…
…
continue reading
1
Cybersecurity: is the talent gap a myth? Is the industry delusional? - ESW #376
45:24
45:24
Play later
Play later
Lists
Like
Liked
45:24
This week, the cybersecurity industry's most basic assumptions under scrutiny. Following up our conversation with Wolfgang Goerlich, where he questions the value of phishing simulations, we discuss essays that call into question: the maturity of the industry the supposed "talent gap" with millions of open jobs despite complaints that this industry …
…
continue reading
1
Speed, Flexibility, and AI: The Case for Migrating from Legacy SOAR Systems - Whitney Young - ESW #376
33:06
33:06
Play later
Play later
Lists
Like
Liked
33:06
In this episode, we explore some compelling reasons for transitioning from traditional SOAR tools to next-generation SOAR platforms. Discover how workflow automation and orchestration offers unparalleled speed and flexibility, allowing organizations to stay ahead of evolving security threats. We also delve into how advancements in AI are driving th…
…
continue reading
1
Shroombots, pagers, Tor, Raptor Train, GRU, Blue Light, Aaran Leyland, and More... - SWN #415
34:59
34:59
Play later
Play later
Lists
Like
Liked
34:59
Shroombots, pagers, Tor, Raptor Train, GRU, Blue Light, Aaran Leyland, and More on the Security Weekly News. Show Notes: https://securityweekly.com/swn-415
…
continue reading
1
Back to the office, Void Banshee, ServiceNow, Taiwan, Dlink, C++, Aaran Leyland... - SWN #414
34:40
34:40
Play later
Play later
Lists
Like
Liked
34:40
Back to the office serfs, Void Banshee, ServiceNow, Taiwan, Dlink, C++, Aaran Leyland, and more on this Edition of the Security Weekly News. Show Notes: https://securityweekly.com/swn-414
…
continue reading
1
Do phishing tests do more harm than good? - Wolfgang Goerlich - ESW #376
34:21
34:21
Play later
Play later
Lists
Like
Liked
34:21
A month ago, my friend Wolfgang Goerlich posted a hot take on LinkedIn that is less and less of a hot take these days. He posted, "our industry needs to kill the phish test",and I knew we needed to have a chat, ideally captured here on the podcast. I've been on the fence when it comes to phishing simulation, partly because I used to phish people as…
…
continue reading
1
The Known Exploited Vulnerability catalogue, aka the KEV - Tod Beardsley - PSW #843
56:07
56:07
Play later
Play later
Lists
Like
Liked
56:07
Gain insights into the CISA KEV straight from one of the folks at CISA, Tod Beardsley, in this episode of Below the Surface. Learn how KEV was created, where the data comes from, and how you should use it in your environment. This segment is sponsored by Eclypsium. Visit https://securityweekly.com/eclypsium to learn more about them! Show Notes: htt…
…
continue reading