Daily stories from the world of information security. To delve into any daily story, head to CISOseries.com.
…
continue reading
Discussions, tips, and debates from security practitioners and vendors on how to work better together to improve security for themselves and everyone else.
…
continue reading
Shaping Cybersecurity Leadership: Today, Tomorrow, Together.
…
continue reading
Microsoft’s Chief Information Security Officer (CISO), Bret Arsenault, chats with his CISO peers and industry leaders about the biggest challenges in cybersecurity today, plus practical guidance for security practitioners. Be sure to listen in and follow us!Security Unlocked: CISO Series with Bret Arsenault is produced by Microsoft and distributed as part of The CyberWire Network. Hosted on Acast. See acast.com/privacy for more information.
…
continue reading
SecurityWeek podcast series. Hear from cybersecurity industry experts and visionaries. Easy listening, great insights..
…
continue reading
The Virtual CISO Moment dives into the stories of information security, information technology, and risk management pros; what drives them and what makes them successful while helping small and midsized business (SMB) security needs. No frills, no glamour, no transparent whiteboard text, no complex graphics, and no script - just honest discussion of SMB information security risk issues. Email greg.schaffer@secondchancebook.org. A Second Chance Publishing, LLC podcast.
…
continue reading
Without trust, society stagnates, economies decline, and businesses fail. This podcast series keeps abreast of the latest trends and challenges in cyber and physical security with interviews, event updates, industry suppliers & government initiatives.
…
continue reading
🎙️ Dive into the world of cybersecurity with Cubic Lighthouse Podcast - your expert companion in navigating the latest developments and crucial topics in the field. We dissect complexities, provide strategic insights, and ensure you stay abreast of cutting-edge trends. Whether you're a seasoned professional or a cybersecurity enthusiast, join us for concise expertise and actionable intelligence to enhance your security posture. 🌐🔐
…
continue reading
1
… And the Business Listened to the CISO and Everyone Lived Happily Ever After
36:45
36:45
Play later
Play later
Lists
Like
Liked
36:45
All links and images for this episode can be found on CISO Series. This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Mike Johnson, CISO, Rivian. Joining us is Stephen Harrison, CISO, MGM Resorts International. In this episode: Understanding the AI attack surface Low code, low security? Chief information storyte…
…
continue reading
Mark Burnette is the Chief Growth officer for LBMC and the author of Risky Business: Cybersecurity Leadership the Right Way. Driving growth (increased revenue) has been an important part of his career. During his 30+ years in the professional world, he has helped start and build service lines for three major professional service firms, led a boutiq…
…
continue reading
1
Fireside Chat With Phil Venables, CISO at Google Cloud
34:05
34:05
Play later
Play later
Lists
Like
Liked
34:05
In this fireside chat, we speak with Phil Venables, Chief Information Security Officer of Google Cloud. Venables leads the risk, security, compliance, and privacy teams for Google Cloud. Before joining Google, he was a Partner at Goldman Sachs where he held multiple roles over a long career, initially as their first Chief Information Security Offic…
…
continue reading
In this episode of The Professional CISO Show, David Malicoat tackles a bold question: Is it time to break apart Governance, Risk, and Compliance (GRC) into separate, specialized functions? Join us as we explore how unbundling GRC could transform your cybersecurity program from a checkbox exercise into a powerful tool for business alignment and ris…
…
continue reading
1
Kansas water targeted, CrowdStrike apology, MoneyGram goes dark
8:16
8:16
Play later
Play later
Lists
Like
Liked
8:16
Kansas water plant pivots to analog after cyber event CrowdStrike exec apologizes in Congress for global IT outage MoneyGram goes offline after cyber incident Thanks to today's episode sponsor, Vanta As third-party breaches continue to rise, companies are increasingly vigilant, which means more time spent on manual security reviews. With Vanta Ques…
…
continue reading
1
Episode 414 - Winning the OT Security Battle
28:09
28:09
Play later
Play later
Lists
Like
Liked
28:09
We sat down with Tim Conway and Robert Lee, two leading cybersecurity experts, to discuss pressing issues in OT cybersecurity. CrowdStrike Lessons Learned Tim and Robert began by examining the CrowdStrike incident from July 2024. They highlighted the dangers of over-relying on trusted technology without sufficient testing and verification, and the …
…
continue reading
1
S6E47 - A Conversation with Matthew Quammen
25:57
25:57
Play later
Play later
Lists
Like
Liked
25:57
Matthew Quammen's journey in cyber security dates to dial-up internet and AOL accounts. He has seen first hand the disastrous effects of Data Loss. His father was a blue-collar business owner who lost a significant portion of the value of his life's work due to a Data Loss Event. He is passionate about working with the right partners to help compan…
…
continue reading
1
Proposed ban on autonomous vehicles, updated Telegram policy, Necro infects Android devices
9:01
9:01
Play later
Play later
Lists
Like
Liked
9:01
U.S. proposes ban on Chinese, Russian tech in autonomous vehicles Telegram updates policies to expose ‘bad actors’ Necro Trojan infects 11 million android devices through Google Play apps Thanks to today's episode sponsor, Vanta As third-party breaches continue to rise, companies are increasingly vigilant, which means more time spent on manual secu…
…
continue reading
1
LinkedIn halts AI training, Ukraine bans Telegram, hack-for-hire lawsuit
8:24
8:24
Play later
Play later
Lists
Like
Liked
8:24
LinkedIn halts AI data processing in UK due to privacy concerns, Ukraine bans Telegram Use for government and military, Dismissed German cyber chief falsely accused of associating with Russian spies Thanks to today's episode sponsor, Vanta As third-party breaches continue to rise, companies are increasingly vigilant, which means more time spent on …
…
continue reading
1
Episode 413 - Operational Technology (OT) Cybersecurity - Episode 4
1:00:06
1:00:06
Play later
Play later
Lists
Like
Liked
1:00:06
This episode dives into OT Cybersecurity and discusses: SCADA, ICS & IIoT Cybersecurity How do we define an OT-related cyber incident? What are the leading standards and guidelines for managing OT Cybersecurity and resilience? Threat intelligence and suitable ISAC models Vendor platform insights and cyber maturity landscape Speakers include: Daniel…
…
continue reading
1
Week in Review: LinkedIn’s AI chicanery, AT&T FCC settlement, Craigslist defense network
23:04
23:04
Play later
Play later
Lists
Like
Liked
23:04
Link to blog post This week’s Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Mike Rosen, CISO, ZwillGen, advisor to NightDragon and Villager at Team8, whose favorite story of the week was Starlink’s ability to detect stealth aircraft. Check it out. Thanks to our show sponsor, Conveyor Why do teams choose Conveyor…
…
continue reading
1
INC targets healthcare, Providence schools cyberattack, Apple iPads bricked
7:55
7:55
Play later
Play later
Lists
Like
Liked
7:55
New INC ransomware targets U.S. healthcare sector Providence public schools deal with irregular internet activity Apple pulls iPadOS 18 update that was bricking M4 iPad Pro devices Thanks to today's episode sponsor, Conveyor It’s Friday and Conveyor hopes you don’t have a meaty security questionnaire waiting for you on the other side of this podcas…
…
continue reading
1
Derailing Raptor Train, Volunteer Civil Cyber Defense, US AI safety summit
7:10
7:10
Play later
Play later
Lists
Like
Liked
7:10
Feds derail Raptor Train Newmark creates Volunteer Network for Civil Cyber Defense US to host global AI safety summit Thanks to today's episode sponsor, Conveyor Does the next security questionnaire that hits your inbox make you want to throw your laptop out the window? If so, don’t do it. You should check out Conveyor first. Conveyor is the market…
…
continue reading
1
Building Teams vs. Buying Talent: Insights from CISO Joey Rachid
35:41
35:41
Play later
Play later
Lists
Like
Liked
35:41
Episode 30: Joey Rachid – Professionalizing the CISO Role & Building Strong Cyber Teams In this episode of The Professional CISO Show, host David Malicoat interviews Joey Rachid, Chief Information Security Officer (CISO) at UST. Joey takes us on a fascinating journey from his early days in the U.S. Marine Corps, where he first got involved with tec…
…
continue reading
1
Exploding pager analysis, construction company vulnerability, cyberattack job loss
7:00
7:00
Play later
Play later
Lists
Like
Liked
7:00
Exploding pager tragedy experts look towards supply chain sabotage Construction companies potentially vulnerable through accounting software Cyberattacks result in job losses Thanks to today's episode sponsor, Conveyor Are customer security reviews constantly interrupting your day? You should check out Conveyor. With an enterprise-grade trust cente…
…
continue reading
Since the very first days of the Internet, Warner Moore has been part of tech. His love for technology and for building things, for easily and effectively sharing information, and for communicating with people across the world are why he is dedicated to helping companies improve their tech. As the founder of Gamma Force, a large part of what he doe…
…
continue reading
1
Our Guardrails Only Fail When You Try To Go Around Them (LIVE in Seattle)
44:36
44:36
Play later
Play later
Lists
Like
Liked
44:36
All links and images for this episode can be found on CISO Series. This week’s episode was recorded in front of a live audience in Seattle as part of the National Cybersecurity Alliance’s event Convene. Recording is hosted by me, David Spark (@dspark), producer of CISO Series and Nicole Ford, SVP and CISO, Nordstrom. Joining us is guest, Varsha Agr…
…
continue reading
1
Intellexa faces new sanctions, London hospitals impact, Apple releases update
8:15
8:15
Play later
Play later
Lists
Like
Liked
8:15
Spyware giant Intellexa faces new U.S. sanctions Nearly 1 million impacted by ransomware attack on London hospitals Apple releases long-awaited update Thanks to today's episode sponsor, Conveyor Why do teams choose Conveyor over the competition for customer security reviews? A few reasons. One. Market-leading AI accuracy for any format of security …
…
continue reading
1
Fortinet confirms breach, RansomHub extorts Kawasaki, Update: TfL password resets
7:55
7:55
Play later
Play later
Lists
Like
Liked
7:55
Fortinet confirms customer data breach RansomHub threatens to leak stolen Kawasaki data Update: Transport for London requires in-person password resets after hack Thanks to today's episode sponsor, Conveyor Ever feel like completing security questionnaires has become your full time side hustle you’re not even getting paid extra for? If so, you shou…
…
continue reading
1
Week in Review: Wisconsin Medicare MOVEit, cop sues data broker, WHOIS vulnerability
28:09
28:09
Play later
Play later
Lists
Like
Liked
28:09
Link to blog post This week’s Cyber Security Headlines – Week in Review is hosted by David Spark with guest Patrick Heim, co-founder and partner, SYN Ventures Huge thanks to our sponsor, Vanta Whether you’re starting or scaling your security program, Vanta helps you automate compliance across frameworks like SOC 2, ISO 27001, and more. With Vanta, …
…
continue reading
1
Lazarus spoofs CapitalOne, Mastercard buys RecordedFuture, WordPress imposes 2FA
8:10
8:10
Play later
Play later
Lists
Like
Liked
8:10
Lazarus Group’s VMConnect campaign spoofs CapitalOne Mastercard buys security firm Recorded Future WordPress to require two-factor authentication for plugin developers Huge thanks to our sponsor, Vanta Whether you’re starting or scaling your security program, Vanta helps you automate compliance across frameworks like SOC 2, ISO 27001, and more. Wit…
…
continue reading
1
$20 WHOIS vulnerability, India's Cyber Commandos, Word hits drone makers
7:25
7:25
Play later
Play later
Lists
Like
Liked
7:25
The $20 WHOIS vulnerability India training thousands of “cyber commandos” A Word of warnings for Taiwanese drone makers Huge thanks to our sponsor, Vanta When it comes to ensuring your company has top-notch security practices, things can get complicated, fast. Vanta automates compliance for SOC 2, ISO 27001, and more, saving you time and money. Wit…
…
continue reading
1
The Challenge of Selling Cybersecurity: Insights from Matt Walker
37:50
37:50
Play later
Play later
Lists
Like
Liked
37:50
In this episode of The Professional CISO Show, host David Malicoat is joined by Matt Walker, Managing Director of Security and Compliance at Goosehead Insurance. Matt shares his unique journey from a career in commercial art to becoming a cybersecurity leader. Together, they explore the evolving role of the CISO and the importance of professionaliz…
…
continue reading
1
Slim CD data breach, International sextortion bust, TfL mixed messages
8:13
8:13
Play later
Play later
Lists
Like
Liked
8:13
Slim CD notifies 1.7M customers of data breach Delaware men charged in international sextortion scheme London transit agency drops claim it has ‘no evidence’ of customer data theft Huge thanks to our sponsor, Vanta Whether you’re starting or scaling your security program, Vanta helps you automate compliance across frameworks like SOC 2, ISO 27001, …
…
continue reading
1
Our Cybersecurity Journey Starts With a Single Overworked Staffer
41:18
41:18
Play later
Play later
Lists
Like
Liked
41:18
All links and images for this episode can be found on CISO Series. This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Joining us is Kush Sharma, Director Municipal Modernization & Partnerships, Municipal Information Systems Association, Ontario (MISA Ontario…
…
continue reading
1
Payment processing breach, dark web admins charged, Predator spyware resurges
7:41
7:41
Play later
Play later
Lists
Like
Liked
7:41
1.7 million impacted in payment processing breach Dark web administrators charged in U.S. Resurgence of Predator Spyware sparks privacy concerns Huge thanks to our sponsor, Vanta When it comes to ensuring your company has top-notch security practices, things can get complicated, fast. Vanta automates compliance for SOC 2, ISO 27001, and more, savin…
…
continue reading
1
Avis rentals breach, Microsoft disables ActiveX, Wisconsin Medicare breach
7:32
7:32
Play later
Play later
Lists
Like
Liked
7:32
Car rental company Avis discloses data breach Microsoft Office 2024 to disable ActiveX controls by default Wisconsin Medicare users had information leaked in MOVEit breach Huge thanks to our sponsor, Vanta Whether you’re starting or scaling your security program, Vanta helps you automate compliance across frameworks like SOC 2, ISO 27001, and more.…
…
continue reading
1
Episode 412 - AI, ML & Automation | Aligning Safety & Cybersecurity - Episode 6
1:02:41
1:02:41
Play later
Play later
Lists
Like
Liked
1:02:41
In March 2024, the Australian Senate resolved that the Select Committee on Adopting Artificial Intelligence (AI) be established to inquire into and report on the opportunities and impacts for Australia arising out of the uptake of AI technologies in Australia. The committee intends to report to the Parliament on or before 19 September 2024. More th…
…
continue reading
1
Week in Review: MFA bypass bust, Airport security SQL, GitHub help malware
24:53
24:53
Play later
Play later
Lists
Like
Liked
24:53
Link to blog post This week’s Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Justin Somaini, partner, YL Ventures Thanks to our show sponsor, Scrut Automation Scrut Automation allows compliance and risk teams of any size to establish enterprise-grade security programs. Their best-in-class features like process au…
…
continue reading
1
Fireside Chat: Bennett Pursell on the OpenSSF Siren Threat Intel Project
30:37
30:37
Play later
Play later
Lists
Like
Liked
30:37
In this session SecurityWeek speaks to Bennett Pursell, Ecosystem Strategist at the Open Source Security Foundation (OpenSSF) about OpenSSF Siren, a community data-sharing initiative aimed at bolstering the defenses of open source projects worldwide. In this fireside chat, Pursell discusses the origins and goals of OpenSSF Siren, exploring transpar…
…
continue reading
1
Planned Parenthood cyberattack, DoJ propaganda takedown, Microchip Technology theft
7:44
7:44
Play later
Play later
Lists
Like
Liked
7:44
Planned Parenthood suffers cyberattack DoJ propaganda domains takedown Microchip Technology confirms data theft Thanks to today's episode sponsor, Scrut Automation Scrut Automation allows compliance and risk teams of any size to establish enterprise-grade security programs. Their best-in-class features like process automation, AI, and over 75 nativ…
…
continue reading
1
Spyware research, Cicada rebrand, MacroPack malware
7:05
7:05
Play later
Play later
Lists
Like
Liked
7:05
Spyware research report They found a way to make Cicadas more annoying MacroPack red teaming tool used for malware Thanks to today's episode sponsor, Scrut Automation Scrut Automation allows compliance and risk teams of any size to establish enterprise-grade security programs. Their best-in-class features like process automation, AI, and over 75 na…
…
continue reading
1
The Women of Cyber: Beyond the Panel and Into the Trenches - A Professional CISO Show Special
35:12
35:12
Play later
Play later
Lists
Like
Liked
35:12
In this special episode of The Professional CISO Show, host David Malicoat brings together three influential women leaders in cybersecurity: Sailaja Kotra-Turner (VP & CISO, Brown-Forman), Sonya Hammond (CISO & VP of IT Architecture and Engineering, National Veterinary Associates), and Jessica Nemmers (Field CISO, Flair Data Systems). The panel exp…
…
continue reading
1
Halliburton data stolen, Columbus sues researcher, White House protects internet
8:30
8:30
Play later
Play later
Lists
Like
Liked
8:30
Halliburton confirms data stolen in cyberattack City of Columbus sues researcher after ransomware attack White House publishes plan to protect a key component of the internet Thanks to today's episode sponsor, Scrut Automation Scrut Automation allows compliance and risk teams of any size to establish enterprise-grade security programs. Their best-i…
…
continue reading
1
S6E44 - A Conversation with Shane Simmons
24:43
24:43
Play later
Play later
Lists
Like
Liked
24:43
Shane Simmons is the Senior Director IT Security, Global Lending Services LLC. As a seasoned IT executive with over a decade of experience, he specializes in driving cybersecurity and information technology strategies that transform organizations. His expertise as both a Chief Information Officer (CIO) and Chief Information Security Officer (CISO) …
…
continue reading
1
Red Flag? My Vendor Just Asked for My Mother’s Maiden Name
37:50
37:50
Play later
Play later
Lists
Like
Liked
37:50
All links and images for this episode can be found on CISO Series. This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Joining us is Bethany De Lude, CISO, the Carlyle Group. In this episode: CISOs as storytellers Grinding a CISO’s gears An evolving role Earn…
…
continue reading
1
London transport cyberattack, German ATC attack, Sweden’s heightened risk
7:36
7:36
Play later
Play later
Lists
Like
Liked
7:36
Transport for London suffers cyberattack German air traffic control agency confirms cyberattack Sweden warns of heightened risk of Russian sabotage Thanks to today's episode sponsor, Scrut Automation Scrut Automation allows compliance and risk teams of any size to establish enterprise-grade security programs. Their best-in-class features like proce…
…
continue reading
1
Seattle airport woes, aircraft cockpit SQL, North Korea’s FudModule
8:07
8:07
Play later
Play later
Lists
Like
Liked
8:07
Seattle Airport issues travelers’ advisory for Labor Day travel SQL injection able to bypass airport TSA security checks North Korea uses FudModule Rootkit in Chrome zero-day exploit Thanks to today's episode sponsor, Scrut Automation Scrut Automation allows compliance and risk teams of any size to establish enterprise-grade security programs. Thei…
…
continue reading
1
DICK’S Sporting Goods cyberattack, Brain Cipher hacked Paris
8:13
8:13
Play later
Play later
Lists
Like
Liked
8:13
DICK’S Sporting Goods suffers cyberattack Brain Cipher claims attack on Paris museums, promises data leak Play ransomware hackers claim attack on Microchip Technology Thanks to today's episode sponsor, Scrut Automation Scrut Automation allows compliance and risk teams of any size to establish enterprise-grade security programs. Their best-in-class …
…
continue reading
1
Iran hacking, Labour Party backlog, more Telegram warrants
7:40
7:40
Play later
Play later
Lists
Like
Liked
7:40
Iran targeting presidential administration officials Iran working with ransomware gangs UK Labour Party chided over cyberattack backlog Thanks to today's episode sponsor, Scrut Automation Scrut Automation allows compliance and risk teams of any size to establish enterprise-grade security programs. Their best-in-class features like process automatio…
…
continue reading
1
Mentors, Risks, and Rewards: Insights From Sailaja Kotra-Turner
33:42
33:42
Play later
Play later
Lists
Like
Liked
33:42
In this episode of The Professional CISO Show, host David Malicoat interviews Sailaja Kotra-Turner, CISO and Director of Global Infrastructure and Operations at Brown-Forman. Sailaja shares her remarkable journey from IT automation to cybersecurity leadership, offering invaluable insights into the evolving role of the CISO, the importance of mentor…
…
continue reading
1
Another MOVEit incident, U.S. Marshals disputes breach, Park’N Fly data swiped
8:06
8:06
Play later
Play later
Lists
Like
Liked
8:06
Texas credit union user data exposed in another MOVEit breach US Marshals Service disputes ransomware gang's breach claims Park’N Fly notifies 1 million customers of data breach Thanks to today's episode sponsor, Scrut Automation Scrut Automation allows compliance and risk teams of any size to establish enterprise-grade security programs. Their bes…
…
continue reading
1
S6E43 - A Conversation with Pius Emmanuel Papka
27:00
27:00
Play later
Play later
Lists
Like
Liked
27:00
Pius Emmanuel Papka is a Malware Engineer (Internship) with the Army War College, Abuja, Federal Capital Territory, Nigeria. We discuss his reasons for entering the cybersecurity field, serving his country, and his desired career growth path. He also provided some tips to me about Football (Soccer to Americans). Finally, he provides the answer to t…
…
continue reading
1
Well, I Think My Relationship With the CIO Improved When I Took Their Job
37:21
37:21
Play later
Play later
Lists
Like
Liked
37:21
All links and images for this episode can be found on CISO Series. This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Andy Ellis (@csoandy), operating partner, YL Ventures. Joining us is Ty Sbano, CISO, Vercel. In this episode: Perception is the reality for insider threats Coaching rather than shaming Working to…
…
continue reading
1
SonicWall access flaw, Microsoft security summit, Telegram details
7:05
7:05
Play later
Play later
Lists
Like
Liked
7:05
SonicWall warns of critical access control flaw Microsoft to host security summit More details on Telegram CEO’s arrest Thanks to today's episode sponsor, Scrut Automation Scrut Automation allows compliance and risk teams of any size to establish enterprise-grade security programs. Their best-in-class features like process automation, AI, and over …
…
continue reading
1
Halliburton suffers cyberattack, Telegram CEO arrested, Georgia Tech lawsuit
7:20
7:20
Play later
Play later
Lists
Like
Liked
7:20
Halliburton takes systems offline following cyberattack French police arrest Telegram CEO Pavel Durov DOJ joins suit against Georgia Tech over Defense Department cybersecurity failures Thanks to today's episode sponsor, Scrut Automation Scrut Automation allows compliance and risk teams of any size to establish enterprise-grade security programs. Th…
…
continue reading
1
Week in Review: NPD breach update, Hawaii hacker sentenced, Poisoned LLM coders
31:12
31:12
Play later
Play later
Lists
Like
Liked
31:12
Link to blog post This week’s Cyber Security Headlines – Week in Review is hosted by Rich Stroffolino with guest Bethany De Lude, CISO, The Carlyle Group Thanks to today’s episode sponsor, Nudge Security When your CEO asks “Hey, are we using that SaaS app that was just breached?”, how quickly and confidently can you answer? Stop guessing with Nudge…
…
continue reading