Shows
The Cybersecurity Defenders Podcast#144 - How to think about IR with Lee Sult, Chief Investigator at BinalyzeOn this episode of The Cybersecurity Defenders Podcast we sit down with Lee Sult, Chief Investigator at Binalyze, and talk about incident response (IR).Lee is a seasoned cybersecurity expert and investigator with extensive experience in digital forensics and incident response. He is the Chief Investigator at Binalyze and has a strong track record at prestigious organizations like Trustwave-SpiderLabs and Palantir. Lee has supported the US Secret Service and managed complex cybersecurity incidents for Fortune 50 companies.As the co-founder and former CTO of Horangi Cyber Security, Singapore's first cybersecurity startup, Lee's leadership and collaboration skills...
2024-07-2632 min
Ask A CISOCyber Threats & EvolutionJoin host Jeremy Snyder, Founder & CEO of Firetail, in conversation with cybersecurity expert Christine Bejerasco, CISO, WithSecure. Delve into Christine's 20-year journey defending against cyber threats, exploring the evolution of cloud security, instilling a security-first culture, navigating SaaS data security, balancing built-in vs. bolt-on security, and anticipating future threats. Gain insights into technology selection, stakeholder buy-in, dispelling cloud security myths, staying ahead, and forging a successful career in this dynamic field.
More information about the Ask A CISO podcast:
About Horangi Cyber Security: https://www.horangi.com
2023-08-1044 min
Ask A CISOHow AI is Disrupting and Transforming Cybersecurity LandscapeArtificial intelligence (AI) is changing the game for cybersecurity by analyzing massive quantities of risk data to speed up response times and augment under-resourced security operations. However, as all technology before AI, aside from advantages, they always come with a downside as well. AI tools often require access to large amounts of data in order to analyze and detect patterns; thus, data that it processes can be sensitive or personally identifiable, and there is a risk that it could be exposed or stolen through a cyber attack. AI-powered security systems also require skilled professionals who can develop, implement, and...
2023-08-0334 min
Ask A CISOCybersecurity : Tantangan dan Peluang Karir Masa Depan
Semakin masif adanya insiden cyber attack yang terjadi di Indonesia menjadikan kebutuhan akan talenta digital yang menguasai skill di bidang cyber security menjadi semakin mendesak bagi sektor publik maupun bisnis. Saat ini sudah banyak perusahaan di Indonesia membuka lowongan kerja di bidang ini dan tentunya permintaan talenta cybersecurity ke depannya akan semakin bertambah.
Bagaimana kesiapan Indonesia menciptakan sumber daya manusia dan talenta cybersecurity yang memenuhi kriteria dan siap bekerja di masa depan, dan bagaimana seluruh pihak dapat bersinergi untuk mendukung program tersebut.
Di episode Ask a CISO kali ini Manggala Eka Adideswar...
2023-06-2128 min
Ask A CISOCareer in CybersecurityIn this episode of the Ask A CISO Podcast, hosted by Paul Hadjy, Co-founder & CEO of Horangi, we have the pleasure of welcoming Vikas Yadav, a highly experienced Information Security professional and the current CISO at an Indian e-commerce company. With a background in military service, Vikas shares his fascinating journey of transitioning from a military career to cybersecurity. Join us as we delve into misconceptions about the field, the evolving role of a CISO, key skills for aspiring professionals, daily responsibilities, critical cybersecurity threats, the importance of mentorship, and advice for those starting a career in cybersecurity. Don't...
2023-06-1428 min
Ask A CISOStrategi Keamanan Siber Nasional untuk Melindungi Ekosistem DigitalKeamanan siber di tengah maraknya era digitalisasi saat ini menjadi perhatian utama para pemimpin organisasi dan perusahaan di seluruh dunia. Hal tersebut seiring dengan semakin meningkatnya kejadian insiden keamanan siber yang tidak sedikit mengakibatkan kerugian dengan nilai yang signifikan setiap tahunnya.
Di sepanjang tahun 2022, sejumlah kasus serangan siber di Indonesia meningkat dan target serangan siber pun semakin meluas, bukan hanya berdampak pada Perusahaan besar dan Pemerintah saja, namun juga sudah merambah kepada pengusaha/bisnis kecil. Dampak ekonomi dan kerugian secara finansial akibat serangan siber ini menjadi kekhawatiran tersendiri, sehingga memerlukan kerjasama dari segenap pihak guna melakukan pencegahan ter...
2023-06-0727 min
Ask A CISOCybersecurity in EnterpriseOn this week's Ask A CISO Podcast, we are joined by Steve Orrin, Federal CTO of Intel, with host Jeremy Snyder, founder and CEO at Firetail and advisory board member at Horangi, to talk about cybersecurity in enterprise. Steve offers 30 years of success in a series of high-level roles at top tier companies and talks about the biggest cybersecurity challenges faced by organizations, particularly in the enterprise and federal government sectors: ransomware, data breaches, and supply chain threats. Tune in below to listen to the episode!
- About Horangi Cybersecurity --
More information about the Ask A...
2023-06-0240 min
Ask A CISOHorangi Anniversary SpecialIn this week's Ask A CISO podcast, we are celebrating Horangi's anniversary! Host and Horangi CEO Paul Hajdy along with Niko, VP of Internal Security, Ivan, VP of Engineering, Lance, Senior Manager of Customer Success, and Bo Si, Director of Solutions Architecture, reflect on their journey at the company and share their insights on the future for cybersecurity. With over 30 years of combined experience between them at Horangi, the guests emphasize the increasing complexity and pace of technological advancements, the need to filter out noise and focus on critical issues, the growing demand for cybersecurity experts, and a shift...
2023-05-2540 min
Ask A CISOUnderstanding Password Vulnerabilities to Stay Safer OnlineOn this week's Ask A CISO Podcast, we are joined by Patrick Hynds, CEO and Founder of DTS and Pulsar Security, and Duane Laflotte, Chief Technology Officer of Pulsar Security over a conversation about everything passwords! Patrick and Duane have 50+ years of combined experience in cybersecurity and technology and have provided security services to Disney, the US Military, the Bank of America, the NHL, and more. With host Raphaël Peyret, Vice President, Product, Horangi, they talk about the different types of cyberattacks, how to protect yourself, and uncommon methods of breaking into networks, including the use of deceptive U...
2023-05-1941 min
Ask A CISODecoupling Authorization From Your ApplicationsOn this week's Ask A CISO Podcast, we are joined by Alex Olivier, Product Lead at Cerbos, who talks with host Raphaél Peyret, Vice President, Product, Horangi, about authorization vs authentication, how authorization fits into business logic, and how there are a lot of ways of approaching it for your cloud security.
- About Horangi Cybersecurity --
More information about the Ask A CISO podcast: https://www.horangi.com/resources/ask-a-ciso-podcast
About Horangi Cyber Security: https://www.horangi.com
- About the Guests --
2023-04-2742 min
Ask A CISOCloud Control MatrixThis week on Ask A CISO Podcast, Dr. Lee Hing Yan, Executive Vice President at Cloud Security Alliance Government Affairs joins host Jonar Marzan, Cyber Strategy Consultant at Horangi, to talk about the cloud control matrix (CCM), Cloud Security Alliance and what it does, and how they seek to educate users to use the cloud securely.
- About Horangi Cybersecurity --
More information about the Ask A CISO podcast: https://www.horangi.com/resources/ask-a-ciso-podcast
About Horangi Cyber Security: https://www.horangi.com
- About...
2023-04-1831 min
Ask A CISOThreat ModelingJoin us on this week's Ask A CISO podcast where we sit with Adam Shostack, a leading threat modeling expert, consultant, entrepreneur, technologist, author, and game designer with host Jeremy Snyder, Founder and CEO of FireTail.io and Horangi Advisory Board member. They discuss dealing with threats in a comprehensive way, the core of threat modeling, and why everyone can and should threat model - and Adam's latest book 'Threats: What Every Engineer Should Learn From Star Wars' that was published earlier in January.
- About Horangi Cybersecurity --
More information about th...
2023-04-1339 min
Ask A CISOQuantifying DefenceJoin us on this episode of the Ask A CISO podcast as we discuss how to quantify defence with Anant Shrivastava, an information security professional with over 15 yrs of corporate experience and expertise in Network, Mobile, Application, and Linux Security. Along with host Mark Fuentes, he discusses looking at the big picture, why DevSecOps as a term should not exist, and the value of investing in cybersecurity.
- About Horangi Cybersecurity --
More information about the Ask A CISO podcast: https://www.horangi.com/resources/ask-a-ciso-podcast
About Horangi Cyber Security...
2023-04-0651 min
Ask A CISOCybersecurity Outlook 2023 dan Peran Komunitas dalam Membangun Ketahanan Siber NasionalInsiden kebocoran data masih menduduki kasus serangan siber tertinggi nomor satu di Indonesia di awal tahun 2023, diikuti oleh ransomware dan kasus data breach di sejumlah sektor .
Pandemik beberapa tahun silam telah memaksa sejumlah perusahaan untuk melakukan transformasi digital dan perubahan pola bekerja bagi karyawannya, sehingga digital transformasi dipercepat dengan banyaknya teknologi baru yang diadopsi namun mereka melupakan masalah keamanan siber yang akan mengancam.
Edukasi terhadap kesadaran keamanan informasi atau security awareness penting untuk dilakukan, sehingga memerlukan support dari semua pihak untuk saling berkolaborasi salah satunya melalui peran komunitas yang dapat menjangkau banyak para praktisi keamanan sib...
2023-03-2333 min
Ask A CISOExploring the Challenges of Application SecurityIn this episode, we talk about application security with guest Tanya Janca. Hear our discussion on the tension between authentication and authorization, the prevalence of API security flaws, the upcoming open comment period for the new version of the OWASP Top Ten, and the inadequacy of API security measures. We also discussed the importance of designing an effective security program for different industry companies, the differences between CSPM and CASB, the use of tools, and the importance of keeping up with updates.
Read the associated short blog on Application Security: https://www.horangi.com/blog/exploring-the-challenges-of-application-security
2023-03-1551 min
Ask A CISOThe Benefits of Threat ModelingWe are really excited about this episode because it's the first time this season that we are taking a deep dive into Threat Modeling with our esteemed guests, Izar Tarandach and Matthew J. Coles.
If you're curious about threat modeling, join host Jeremy Snyder and our esteemed guests to learn of its benefits as they discuss their motivations for writing the book Threat Modeling: A Practical Guide for Development Teams and explain why it is essential to involve developers and other team members in the process.
We also cover “shift left” security and discuss the valu...
2023-03-0840 min
Ask A CISOAI and ML in CybersecurityJoin us on this episode of the Ask A CISO podcast as we discuss AI and ML in cybersecurity with Diana Kelley, CISO and co-founder of Cyberize. With International Women's Day in a week, we also look at the challenges of recruiting women and diversity in the tech sphere.
Plus, there's a giveaway! So make sure you stay tuned to the entire episode and take part on LinkedIn to stand a chance of winning an autographed copy of the book "Practical Cybersecurity Architecture!"
Host Jeremy Snyder and Diana started by discussing the organization WiCyS, short...
2023-03-0149 min
Ask A CISOAI and the Future of Mobile SecurityOn this podcast's fourth episode, we learn about mobile security from Amit Modi, the Chief Technology Officer (CTO) and CISO of Movius Interactive Corporation, a leading global provider of cloud-based secure mobile communications software. The company helps enterprises deliver better engagement for their clients., and connect with their customers in more convenient, cost-effective, and compliant ways.
Host Jeremy Snyder and Amit also chat about cloud security, how you can secure your mobile devices, the primary attack vector against secured mobile communication, and what you should know about mobile communications.
Read the associated short blog on w...
2023-02-2231 min
Ask A CISOMengenal Sanksi Bagi Penyalahgunaan Data PribadiMuhammad Rezafajri, S.H. (atau biasa disapa Reza atau Edja) adalah seorang advokat yang fokus pada Hukum Perusahaan dengan spesialisasi transaksi merger dan akuisisi perusahaan nasional dan multinasional.
Reza juga berpengalaman menangani implementasi investasi asing di Indonesia seperti pengurusan pendirian perusahaan, waralaba asing, produksi, keagenan dan distributor obat-obatan dan alat kesehatan. Reza merupakan lulusan Fakultas Hukum Universitas Indonesia, sempat bekerja pada salah satu kantor hukum ternama di Indonesia dan dipercaya menduduki posisi Senior Associate sampai akhir tahun 2021, sebelum akhirnya sekarang membuka praktik hukumnya sendiri dan sekaligus menjabat sebagai Group General Counsel di Hukum Online.
Setelah me...
2023-02-1542 min
Ask A CISOUnderstanding DSPM & CSPM for Optimal Data SecurityOn this episode, we had the opportunity to speak to Tyler Young, the CISO at BigID, a leading modern data security vendor that helps organizations with their data security, privacy, compliance, and governance.
Find out what key lessons Tyler learned as a newly-appointed CISO, how you can protect your data, and what he, as a CISO, thinks is the best way to implement and communicate security needs to various departments and people in an organization.
You'll also learn more about Data Security Posture Management or DSPM and how and why Identity Management is closely tied t...
2023-02-0825 min
Ask A CISOCybersecurity Risks and Business ContextHappy New Year!
We are back with Season 3 of the Ask A CISO podcast, following a brief two-month hiatus!
So, a new year + new season = new things, like new opening and closing themes, new guests, and a new blog related to a topic discussed in (almost) every episode!
On our first episode for the new season, we had the pleasure of sitting down with the Co-Founder and Chief Customer Officer of Secberus, Fausto Lendeborg to talk about how he got into cybersecurity, data privacy, DDoS attacks, managing alert fatigue and understanding what IaC, S...
2023-02-0132 min
Ask A CISOLooking back with the Hosts (The Last Episode)It's our 44th episode and also the LAST for Season 2.
Thank you for your amazing support of the Ask A CISO podcast since Season 2 started in February 2022.
We've thoroughly enjoyed the opportunity to talk to cybersecurity experts from all over the world over these 9 months, and hope you enjoyed their insights too.
In this last episode, we speak to our CEO, Paul Hadjy, Natasha, and Adi from our Indonesia office, Raphael Peyret, Vice-President of Product, and our US host, Jeremy Snyder, about their experience hosting the podcast.
Once again, thank you for su...
2022-12-0623 min
Ask A CISOAPI SecurityVeteran cybersecurity professional and our U.S.-based host Jeremy Snyder sits in the guest seat this week to talk about his new startup, FireTail.io, a company that offers simple yet effective API security. In this episode, we explore a topic that we have not featured before in the previous 40+ episodes -- API Security and its relation to cloud security.
The Ask A CISO podcast is a production of Horangi Cyber Security, Asia's leading cloud security provider. The show is hosted weekly by cofounder and CEO, Paul Hadjy.
-- Show Notes and Transcript --
2022-11-2335 min
Ask A CISOLinux and the EnterpriseFabrice Marie, a successful French serial technology entrepreneur who was previously CISO at giants like Lazada and Air Asia joins us this week to talk about cybersecurity and how the Linux-based OS from his new startup helps organizations.
The Ask A CISO podcast is a production of Horangi Cyber Security, Asia's leading cloud security provider. The show is hosted weekly by cofounder and CEO, Paul Hadjy.
-- Show Notes and Transcript --
https://www.horangi.com/blog/linux-and-the-enterprise
-- About Horangi Cybersecurity --
More information about the Ask A CISO podcast...
2022-11-1630 min
Ask A CISOThe Cyber Defense MatrixSounil Yu, author of The Cyber Defense Matrix, joins host Jeremy Snyder this week to talk about his bestselling book, and what we could all learn from it. We also held our first-ever giveaway, a copy of Sounil's book. If you participated in it, tune in to find out what Sounil's answer to your question was and if you've won!
The Ask A CISO podcast is a production of Horangi Cyber Security, Asia's leading cloud security provider. The show is hosted weekly by cofounder and CEO, Paul Hadjy.
-- Show Notes and Transcript --
...
2022-11-0940 min
Ask A CISOHypponen’s Law: If it’s Smart, It’s VulnerableMikko Hypponen, bestselling author of If It’s Smart, It’s Vulnerable, joins us this week to talk about the Hypponen Law, the future of the internet, the worrying trend that he foresees in the future with respect to cybercriminal gangs, and how he thinks we can best combat the new developments when they come to fruition. He also laments the loss of privacy in the internet age and gives us a few tips to secure our environments and regain some of our privacy.
Learn about:
👉 The Hypponen Law: If It’s Smart, It’s Vulnerable
2022-11-0238 min
Ask A CISOThe Importance of Good Cyber HygieneSo you’ve made the transition to the cloud, but you’re wondering how it is that your cloud costs are so high. Is it supposed to be that way when the cloud promises competitive advantages and cost savings? It’s all down to cloud sprawl and practicing good cyber hygiene, according to Nick Lumsden, our guest this week.
Join host Jeremy Snyder as he speaks with Nick Lumsden, co-founder, and CTO at Tenacity Cloud to understand how cyber hygiene is key to reducing cloud sprawl, cloud costs, and perhaps even more importantly, reducing your attack surfaces.
...
2022-10-2628 min
Ask A CISOProject Zero TrustThe old mantra that humans are the weakest link in cybersecurity should be discarded, according to George Finney. Listen in as we talk to him about why he thinks so, and why he chose to draw from sciences like psychology, neuroscience, history, and economics for his first book Well Aware. We also had George define Zero Trust and talk about his new book Project Zero Trust, which he co-authored with John Kindervag, the “father” of Zero Trust.
Learn about:
👉 Drawing from the sciences for cybersecurity
👉 The research on social engineering for the book Well Aware
...
2022-10-1925 min
Ask A CISOMengenal Insider Threat - Deteksi, Monitor dan PencegahannyaMaraknya berbagai bentuk serangan siber mulai dari kebocoran data, serangan malware, pencurian identitas, social engineering dan kasus serangan siber lainnya menjadi perhatian seluruh pihak khususnya penggiat bisnis dan Organisasi.
Namun bagaimana apabila serangan tersebut nyatanya berasal dari orang-orang di dalam organisasi yang memiliki akses terhadap sejumlah informasi, data dan sistem keamanan perusahaan, yang berasal dari karyawan, mantan karyawan, atau rekan bisnis.
Di episode Ask a CISO kali ini Natasha Amadea bersama dengan Yohanes Syailendra - Cyber Security Lead sebuah Bank Digital terkemuka di Indonesia membahas mengenai Insider Threat dengan topik pembahasan:
👉 Definisi Insider Thr...
2022-10-1140 min
Ask A CISOModern Security Awareness Programs and People-Centric CybersecurityCybersecurity awareness training can be long and boring. With shorter attention spans and work at the back of your mind, sitting through a training session may seem like a waste of time. How should cybersecurity awareness training be conducted in this landscape? We speak to Theo Nasser, Founder, and CEO of RIght-Hand Cybersecurity, to learn about modern cybersecurity awareness training and people-centric cybersecurity.
Learn about:
👉 What is the Modern Security Awareness Program?
👉 How Theo started in the cybersecurity industry
👉 The inspiration behind Right-Hand Cybersecurity
👉 Differences between the US and Asia-Pacific cybersecurity markets
👉 People...
2022-10-0536 min
Ask A CISOThreat Hunting and Incident ResponseWe speak to Harlan Carvey, Senior Incident Responder in R&D at Huntress, to understand what threat hunting is, and even learn how surprisingly easy it is to tell if an account has been compromised! Harlan and host Jeremy also explore the claim that there's a lack of cybersecurity talents and whether organizations should have an organic incident response, outsource the function to managed service providers, or adopt an approach that combines both choices.
Learn about:
👉 What is threat hunting?
👉 How to tell the difference between legitimate vs illegitimate access?
👉 Differences between Digital Forensics...
2022-09-2837 min
Ask A CISOCrowdSec, Meshed Security that Leverages Numbers for StrengthIt seems like the adversaries have all the advantages stacked in their favor. They can attack any time, and only need to get lucky once to breach our cloud investments. On the other hand, we have to ensure that our cloud infrastructure is always secure. So what can we do about this complicated problem?
We speak with Philippe Humeau of CrowdSec to understand how we can leverage our numbers as a countermeasure. Along the way, we also discuss social engineering, and how we can safeguard against phishing attacks.
Tune in to this episode to also h...
2022-09-2142 min
The Backup Wrap-UpTop 5 security mistakes you're making in the cloudCyber security attacks are everywhere, and they're definitely going after what you have running in your favorite hyperscaler. Today we are joined by Paul Hadgy, CEO of Horangi Security, a cyber security company specializing in securing your cloud infrastructure. We talk about a number of things, but at one point, Mr. Backup asked him what the thought was the five biggest security mistakes people make when building out their cloud infrastructure. He gave us a pretty good list, and then talked about how they're able to secure it AND make sure you're properly utilizing it. (They can tell you...
2022-09-1943 min
Ask A CISOISACs, Information Sharing, and Building Cyber ResilienceOur ancestors shared information on threats with their communities to ensure survival. The same is necessary for today's digital landscape. Businesses need to share information pertinent to their verticals to remain resilient against threats, but how can we do that in a diverse business environment while encouraging sharing?
We speak to John Lee, Managing Director at Global Resilience Federation Asia Pacific to learn the important roles ISACs play and how they help organizations like yours build cyber resilience.
Tune in to this episode to also hear:
👉 ISACs, the genesis of Global Resilience Federation (GRF...
2022-09-1435 min
Ask A CISOReady, Game, Train, GO!Think back to when you first studied cybersecurity. Was it not only dry but also hard to learn? Now, if only you had a game like World of Haiku to help make learning fun and help you make sense of what you’ve learned and choose the right path to take for your cybersecurity career, things might have been so much easier!
We sit down with Eric Basu, CEO at Haiku, Inc., the brains behind the game World of Haiku to help us learn about the genesis and inspiration behind the game, how it has been received so...
2022-09-0640 min
Ask A CISOOpen Source and the EnterpriseHow familiar are you with Open Source software and projects? Are they viable? Are they even safe to use? Host Mark Fuentes helps us get the answers to these questions in this episode of the Ask A CISO podcast, and also learn why some proprietary software companies choose to go the Open Source route from Harish Pillay, Head of Community Architecture and Leadership at Red Hat Asia Pacific.
Tune in to this episode of the Ask A CISO podcast to hear:
👉 Is Red Hat Enterprise Linux (RHEL) Open Source? Why then is it called Enterprise Lin...
2022-08-3043 min
Ask A CISOThe Local Startup Ecosystem, Going Digital, and Microsoft for StartupsAre startups still viable today? Where are they in the digital ecosystem and what does Microsoft have to do with startups? We speak to Michael Smith Jr., the newly-appointed APAC GM of Microsoft Startups, to get his insights and opinions on the startup ecosystem in Singapore, and how Microsoft is positioned to facilitate the growth of startups.
Tune in to this episode of Ask A CISO to hear:
👉 The startup ecosystem, then and now
👉 Why startups are still necessary and will be here to stay
👉 Why do organizations need to adapt and go digital...
2022-08-2443 min
Ask A CISOMempersiapkan Talenta Keamanan Siber Masa Depan IndonesiaPermintaan akan tenaga ahli di bidang keamanan siber terus mengalami peningkatan, bahkan diprediksi menjadi salah satu profesi yang akan banyak dicari. Karir di bidang keamanan siber sendiri cukup beragam dan dapat ditemukan pada berbagai sektor industri. Akan tetapi untuk bisa terjun ke bidang profesional yang satu ini, diperlukan beberapa kemampuan atau skills yang wajib dimiliki oleh setiap ahli keamanan siber.
Di episode Ask a CISO kali ini kami menghadirkan Bapak Yudistira Asnar, ST., PhD - Ketua Jurusan Studi Sistem dan Teknologi Informasi di Institut Teknologi Bandung, bagaimana pandangan seorang Akademis mengenai pentingnya mempersiapkan talenta keamanan Siber yang k...
2022-08-1633 min
Ask A CISOCyber Mayday and the Day AfterDan Lohrmann, award-winning CISO, keynote speaker, mentor, columnist, and bestselling co-author of the book Cyber Mayday and the Day After joins us this week to talk about cybersecurity roles in the public and private sectors, checklists for dealing with disruptions to your business, what organizations can learn from breaches, and much more including a lesson from a blackout on how tabletop exercises should be conducted.
Tune in to this episode of Ask A CISO to hear:
👉 Cybersecurity jobs in the public and private sectors
👉 What has been neglected in the transition to the cloud?
👉...
2022-08-1030 min
Ask A CISOCII, Supply Chain Risks, and Zero TrustThis is an episode you should not miss.
It's not often that you get to sit down with a renowned CISO one-to-one for 45 minutes and just take in all the knowledge and wisdom he has to impart. This week, we had a chance to sit down with Steven Sim, one of Singapore's most renowned and decorated CISOs to get his advice and insights on a variety of contemporary cybersecurity topics like Critical Information Infrastructure, Zero Trust, etc.
Tune in to this episode of Ask A CISO to hear:
👉 How Steven manages to do all...
2022-08-0341 min
Ask A CISOZero Trust and Cyber WarfareDr. Chase Cunningham, a well-renowned expert on Zero Trust, sits down with us this week to talk about zero trust, VPNs, SASE, WAFs, and how the IS and security team can still be the department of "no" and still accommodate the demands of DevOps and contribute to an organization's growth.
Tune in to this episode of Ask A CISO to hear:
👉 What is Zero Trust
👉 Are VPNs still viable today and are they part of a Zero Trust strategy
👉 Can Zero Trust be realistically realized?
👉 Cyber warfare, and how even small organizations can be at ri...
2022-07-2726 min
Ask A CISOCryptocurrencies, DeFi Hacks & the Future of the Crypto MarketWe may be experiencing a "crypto winter" now, but the technology is definitely here to stay. Pasi Koistinen, CISO of Coinhako, a Singapore-based crypto exchange, joins us this week to talk about crypto, DeFi hacks and how you as an investor can protect your crypto investments.
Tune in to this episode of Ask A CISO to hear:
👉 If there are similarities and differences between cybersecurity in general and in the crypto industry
👉 What is Coinhako and what makes it unique as an exchange
👉 Crypto and DeFi hacks, and how nefarious actors have carried out attac...
2022-07-2026 min
Ask A CISOInsights from InfoSecurity Europe 2022Physical tradeshows are back, and our guest and host were both at the recently-concluded InfoSecurity Europe 2022. Hear their insights on tradeshows and learn their main takeaways from conversations with industry peers in panels on a variety of cybersecurity topics like public-private partnerships, and incident reporting and response.
Tune in to this episode of Ask A CISO to hear:
👉 If tradeshows are still worth attending
👉 What InfoSec Europe 2022 was all about
👉 How tradeshows are a great opportunity to network, and how to do just that
👉 Who you should deploy at your booths and how to appro...
2022-07-1330 min
Ask A CISOWeb3, The Metaverse, and Cyber Risk ManagementWhat are the unique challenges that Web3, the Metaverse, and in particular, crypto and NFTs present with regards to trust? Michael Lew, CEO of Rajah and Tann Technologies and Chairman of the Cyber Risk sub-committee of the Singapore Fintech Association, sits down with host Paul Hadjy to discuss this and how companies should approach cyber risk management.
Tune in to this episode of Ask A CISO to hear:
👉 What is e-Discovery?
👉 Cyber Risk Management and building trust in Web3, the Metaverse, and decentralized spaces like cryptocurrency and NFTs
👉 What drives and decides the value of...
2022-07-0622 min
Ask A CISOPeople, Process, and TechnologyHow do you balance people, process, and technology, the three pillars of information security, to achieve a balanced security program? What can you do to bolster each pillar? Johannes Wiklund, the Head of Information Security at Jotforms, shares his experience on this, why he thinks a systematic approach to troubleshooting is important, and his key takeaways from the recent RSA conference.
Tune in to this episode of Ask A CISO to hear:
👉 What his first steps were after joining Jofform as the Head of Internal Security
👉 His experience trying to acquire new hires to streng...
2022-06-2926 min
Ask A CISOLearning about Huawei CloudDespite being a latecomer to the space, Huawei Cloud is today the 5th largest Infrastructure-as-a-Service (IaaS) provider in the world, according to a report released by Gartner in June 2021. Hear from representatives from Huawei Singapore on their journey to compliance with the Singapore authorities, and how their unique offerings are helping their customers.
Tune in to this episode of Ask A CISO to hear:
👉 How Huawei leverages strategic partnerships to ensure compliance with international and territorial compliance standards for their cloud platform and their customers
👉 Huawei's best practices
👉 What the five business units at Huawei...
2022-06-2240 min
Ask A CISOOperational Technology - Origins, Challenges and the FutureMel Migriño, Vice-President and Group CISO at Meralco, the largest power distribution conglomerate in the Philippines, joins us this week to talk about Operational Technology (OT).
Tune in to this episode of Ask A CISO to hear:
👉 The origins of the OT/IT convergence
👉 Zero Trust and the OT/IT convergence
👉 People, Process, and Technology challenges for an OT/IT environment
👉 Advantages and Disadvantages of OT/IT convergence
👉 Zero Trust and the OT/IT convergence
👉 The future of OT/IT convergence - will the lines between OT and IT be erased down the...
2022-06-1533 min
Ask A CISOFuture Tech and Cybersecurity: A Conversation with Chuck BrooksChuck Brooks is a world-renowned cybersecurity expert and an Adjunct Professor at Georgetown University where he teaches courses on risk management, homeland security, and cybersecurity.
Chuck is also a two-time Presidential appointee and Forbes contributor. LinkedIn named him one of “The Top 5 Tech People to Follow on LinkedIn”. He was named by Thompson Reuters as a “Top 50 Global Influencer in Risk, Compliance,” and by IFSEC as the “#2 Global Cybersecurity Influencer” in 2018. He has served as Senior Legislative Staff (Defense, Security) to Senator Arlen Specter, U.S. Senate, and was also the former Technology Partner Advisor at the Bill and Mel...
2022-06-0828 min
Ask A CISOThe Cybersecurity Landscape in Hong KongSingapore and Hong Kong were acknowledged as having rather similar economies at one time, with the two countries going head-to-head in many industries, especially financial services and shipping. How different or similar is the cybersecurity landscape in Hong Kong then? Are there similarities or significant differences from Singapore's?
Tune in to this episode of Ask A CISO to hear:
👉 What the Russian invasion of Ukraine tells us of the global cybersecurity landscape
👉 Why Samuel sees phishing as a "good thing"
👉 Samuel's recommendation for solving the manpower crunch in cybersecurity
👉 How the Hong Kong governm...
2022-05-3130 min
Ask A CISOThe Human Defense LayerMost cybersecurity programs work against human nature instead of with our innate behaviors, resulting in breaches even though your organizations may already have spent large amounts of money on security technologies. Perry Carpenter, our guest this week, helps you understand your end-users and build an effective Human Defense Layer to bolster your cybersecurity posture.
Tune in to this episode of Ask A CISO to hear:
👉 How Perry defines the Human Defense Layer
👉 What inspired Perry to focus on the Human Defense Layer
👉 Are Security Awareness exercises and programs effective?
👉 How current approaches to managing...
2022-05-2537 min
Ask A CISOA CISO's Take On the Gartner Magic QuadrantMany security leaders refer to Gartner's Magic Quadrant to decide on which security tool to purchase and deploy to secure their environments. The question then is whether it's good enough to just look at the quadrant the tool is in to guide your decision. What other factors should you consider?
Tune in to this episode of Ask A CISO to hear:
👉 What the Gartner Magic Quadrant is and what the quadrants represent.
👉 How the Magic Quadrant helps CISOs decide on a security tool to purchase and deploy.
👉 Other considerations besides the tool's position on the Qu...
2022-05-1823 min
Ask A CISOCybersecurity Sales and Diversity in the IndustryWith so many cybersecurity tools on the market today, what can help CISOs choose which ones to purchase and implement to secure their organizations? We put this question to Alexandra Jorissen, a veteran tech sales professional who spent 10 years at Google, in this episode of the Ask A CISO podcast.
Tune in to this episode of Ask A CISO to hear:
👉 How is APAC different from EMEA and North America in terms of the cybersecurity market?
👉 What working at Google is really like
👉 Is it easy to transition from tech sales to selling cybersecu...
2022-05-1138 min
Ask A CISOCloud Transformation and the Cybersecurity Landscape in the Middle EastHow do you convince senior management to stop seeing cybersecurity as an afterthought, but rather as a business enabler? We also get a look at cybersecurity practices in the Middle East, a region most of us have never been to or worked in.
Tune in to this episode of Ask A CISO to also hear:
👉 Varun's strategy on getting management buy-in at organizations where cybersecurity is an afterthought
👉 What is cybersecurity transformation, and why is it so important?
👉 The cybersecurity landscape in the Middle East, and where it's headed.
👉 How he approaches management t...
2022-05-0433 min
Ask A CISOTop 5 Qualities For Succeeding In Tomorrow's Cybersecurity IndustrySurprise, surprise! A passion for cybersecurity is not on the list of top 5 qualities for success in tomorrow's cybersecurity industry. Find out what employers are actually looking for today from Emil Tan, COO at Red Alpha and Founder of Infosec In The City.
Tune in to this episode of Ask A CISO to hear:
👉 The three different generations of cybersecurity professionals and the challenges facing each cohort
👉 Emil's observations about the new versus previous generations of cybersecurity professionals
👉 How previous generations of cybersecurity professionals overcame the lack of resources and challenges of being pioneers...
2022-04-2734 min
Ask A CISODevSecOps, AppSecOps, and What is Application Security Posture Management with Lawrence Crowther (Snyk)Attackers will always target the weakest link on a software supply chain, as in the case with SolarWinds. How can you secure your software supply chain? On this week's Ask A CISO podcast, we go developer-first and talk about all things DevSecOps and AppSec, and find out more about Application Security Posture Management.
Tune in to this episode of Ask A CISO to hear:
👉 How to actually pronounce "Snyk", in case you don't already know
👉 What Snyk is and how it works
👉 What being developer-first is all about
👉 What is one major cause of sup...
2022-04-2038 min
Ask A CISOBackups, Ransomware, and the Killer App for the CloudThe evolution of backup systems moving from tapes to disks exposed backups to cyber threats, including ransomware, according to Mr. Backup, our guest this week.
The job of making backups is usually given to the most junior IT staff because not many want to do the job. As a result, the function and importance of backups are often not given enough attention or totally overlooked. That can no longer be the case as backups are increasingly exposed to cyber threats, and have become your last line of defense against ransomware.
Tune in to this episode...
2022-04-1347 min
Ask A CISOHow Startups Can Overcome Limitations To Secure Their BusinessStartups should deem having a healthy, business-enabling cybersecurity posture as a priority, not an afterthought. In this snippet, Anand Nirgudkar, CTO of CardUp and guest on the latest episode of the Ask A CISO podcast, explains why CEOs and founders of startups should think differently about cybersecurity given the changing threat landscape.
Tune in to the full episode to hear:
What misconceptions most startups have about cybersecurity
How Startups like yours can have a healthy cybersecurity posture from the get-go without expending limited resources
Why you should, and how you can inculcate a safety culture within...
2022-04-0637 min
Ask A CISOAdvantages of Moving to the Cloud and Predictions on the Future of BankingWhat is Cloud Fluency and why is it important to have that in an organization when moving from on-premise to cloud?
In this snippet from Episode 9 of the Ask A CiSO podcast, Ned Lowe, Head of Engineering at Singlife with Aviva, joins host Paul Hadjy to talk about how cloud fluency is incredibly important for organizations moving to the cloud, how that can be achieved, and the one major advantage of migrating to the cloud.
Tune in to the full podcast to also hear:
what he learned from founding a startup
what he thinks...
2022-03-3035 min
Ask A CISOUsing Warden IAM, Jumpcloud, BambooHR for Smooth OnboardingIdentity is the thing that ties everything together. Lose control of that, and on the one hand, you see IT help desks and security teams inundated by requests; on the other, you worry about getting hit by attacks from account takeovers.
So what exactly is the balance? In Episode 8 of the Ask A CISO #podcast, Gill Langston, Senior Product Manager, MSP at JumpCloud talks about access control security automation and his take on why there are organizations on both sides of the spectrum of Identity and Access Management.
If you are interested in learning more...
2022-03-2339 min
Ask A CISOS3 Buckets and IAM Audits50 percent of all corporate data is stored in the cloud, according to Statista.
That's a lot of data in the cloud, given how much data is collected and produced daily. Most of this data is stored in Amazon S3 buckets, Google Cloud Storage, Azure Blob, and a host of different storage options available on cloud platforms.
The question then, is how do we secure the data stored in these storage options, and in particular, how do we secure the data stored in Amazon S3 buckets?
Vinoo, who oversees critical data pipelines as Head o...
2022-03-1632 min
Ask A CISOWomen in Cybersecurity, and Support for Cybersecurity Entrepreneurship in AsiaWe celebrate International Women's Day with our first female guest on the show - Linda Nguyen Schindler, Program Head at Innovation Cybersecurity Ecosystem (ICE71).
More women are needed in cybersecurity, but where are the opportunities, and what factors will attract more women to join the cybersecurity industry?
In this special episode of the Ask A CISO podcast, Linda shares her insights into where opportunities are for women keen to join the cybersecurity industry, and what more can be done to attract women to join the industry.
Tune in to this episode of Ask A C...
2022-03-0834 min
Ask A CISOSeberapa Aman Industri Blockchain di Indonesia?Industri blockchain, yang identik dengan mata uang crypto, sangat berkembang di Indonesia. Banyak perusahaan baru yang bermain di industri ini muncul, begitu juga dengan penggunanya. Perkembangan yang begitu pesat tentu menimbulkan ancaman yang juga terus tumbuh.
Di episode ini, Asih Karnengsih, Ketua Asosiasi Blockchain Indonesia akan berbagi cerita soal perkembangan industri blockchain di Indonesia dan bagaimana komunitas ini bahu membahu menjamin keamanan seluruh ekosistemnya.
The Ask A CISO podcast is a production of Horangi Cyber Security, Asia's leading cloud security provider. The show is hosted weekly by cofounder and CEO, Paul Hadjy.
...
2022-03-0244 min
Ask A CISOShocking Cybersecurity War Stories And The Lessons We Can Learn From ThemAesop's Fables are a favorite through generations - we love learning valuable lessons from stories.
Sometimes, you may even have that lightbulb moment before the story ends. On this new episode of the podcast, we hope to give you at least two lightbulb moments as cybersecurity veteran Jeremy Snyder relates a shocking war story and one that's humorous (on hindsight of course).
He also shares his thoughts about the Log4J vulnerability and looks at the future trends in cloud security, such as API security, you need to take notice of.
The Ask A...
2022-02-2335 min
Ask A CISOThe CISO Evolution: Why Today's Security Leaders Need To Combine Technical Expertise With Business SavvyMany Security Leaders today are burned out from having to overcome challenges like the misalignment of cybersecurity programs with organizational strategy and answering the question of where cyber really lies within the organization. What can you do to get buy-in from the Board for your security programs?
Mathew Sharp and Kyriakos “Rock” Lambros had very different starting points to their cybersecurity careers, but there is one thing they agree on: there is a dire need for CISOs to gain business knowledge to understand the business they operate in and therefore be equipped to effectively communicate security needs to t...
2022-02-1637 min
Ask A CISOThe Evolution of Ransomware, How Ransomware Gangs Work, And How You Can Prevent An AttackGreg Edwards, the CEO of CryptoStopper, walks us through the history of ransomware, what accelerated the use of ransomware by cybercriminals, how Ransomware-as-a-Service and ransomware gangs work, and how you can protect yourself and your organization from an attack.
About The Guest: Greg Edwards
Greg Edwards is the founder and CEO of CryptoStopper, a company offering ransomware detection software to stop actively running ransomware infections on Windows workstations and servers.
Greg has been a technology entrepreneur since 1998.
Before Greg founded CryptoStopper, he started Axis Backup, a backup and disaster recovery company...
2022-02-0932 min
Ask A CISOPractical Advice For A Career In CybersecurityNo Experience? No Problem. Dr. Gerald Auger, the co-author of Cybersecurity Career Master Plan and Host of Simply Cyber, walks us through some things you can start doing today to improve your chances of starting on or making a switch to a career in Information Security, and how employers can retain good cybersecurity staff.
About The Guest: Dr. Gerald Auger
Dr. Gerald Auger is the host and chief content creator of Simply Cyber, an information security YouTube channel designed to help individuals go further, faster in the Information Security field.
He is also...
2022-02-0344 min
Ask A CISOA Good Cloud Security Posture Is Not Unattainable, But Within REA&H (Ask A CISO Ep. 12)Cloud Technology Makes Life Easier for Cloud Security People In Reality. How? Listen in as Lucas Kauffman, Security Consultant with AWS Singapore chats with CEO and Co-Founder of Horangi, Paul Hadjy, about his experience in Asia and how improving your cloud security posture is not that difficult, but within REA&H.
2021-12-0926 min
Ask A CISOAsk A CISO Ep. 11: The Evolution Of Cloud Security, Its Future, And 3 Tips For Your Cloud Security JourneyOn this episode of Ask A CISO, Raphaël Peyret, Horangi's VP of Product, took the opportunity to ask Jeremy Snyder, a veteran cloud security practitioner, about the evolution of cloud security - how it became what we have today from its early, simpler days. Jeremy also gives us a glimpse of where cloud security is heading and three practical tips on how you can get started on your cloud security journey.
2021-11-2427 min
Ask A CISOAsk A CISO Ep. 10: Starting On Your ISO 27001 Certification Journey, And A Protip On Getting Certified!Ask A CISO host Mark Fuentes sits down with Manggala Eka Adideswar (Adi), Senior Head of Cyber Operations, Indonesia, to talk about ISO 27001, what it is, and the misconceptions surrounding achieving certification. They even include a protip for organizations looking to start on the certification journey!
Click here to get more information about how you can start on your journey to ISO 27001 certification.
2021-10-2730 min
Ask A CISOAsk A CISO Ep. 09: Is MAS TRM Mandatory For Your Organization?In this podcast, Horangi Principal Cybersecurity Consultant and resident MAS TRM expert Vincent Lim speaks to Director of Cyber Operations Mark Fuentes about the ins and outs of the Singapore regulation, plus the ways in which Horangi has helped many customers meet these regulatory requirements.
2021-03-1519 min
Ask A CISOAsk A CISO Ep. 08: Sheran Gunasekera On His New Book: Android Apps SecurityIn this episode of Ask A CISO, Paul Hadjy interviews author of Android Apps Security Sheran Gunasekera to find out more about his new book that shows you how to best design and develop Android apps with security in mind.
2020-11-3030 min
Ask A CISOAsk A CISO Ep. 07: Ransomware — To Pay Or Not To PayIn this podcast, Horangi CTO and Co-Founder Lee Sult joins Yang Teo to talk about recent ransomware attacks and ransomware strains, evaluating how organizations hit by ransomware ought to respond to attackers.
2020-09-2818 min
Ask A CISOAsk A CISO Ep. 06: What’s New In Insider Threats?In this podcast, special guest Gregory Barbaccia joins Paul Hadjy to talk about the new reality for organizations, the evolving risk of insider threat, and general cyber hygiene.
2020-07-2121 min
Ask A CISOAsk A CISO Ep. 05: Compliance In The Big Durian: Indonesia's 2020 Regulatory LandscapeIn this episode, Horangi Customer Success Manager Cherie Sim along with Cyber Operations Consultant Natasha Amadea talk about a changing compliance landscape in Indonesia, including OJK and Data Protection Law.
2020-06-0519 min
Ask A CISOAsk A CISO Ep. 04: Hard Truths In Cloud SecurityIn Episode #4 of Ask A CISO, Horangi Director of Cloud Security Engineering Steve Teo joins Horangi Deputy Director of Cyber Operations Mark Fuentes to delve into the nature of cloud data breaches today and how organizations in the cloud can adapt to this growing risk.
2019-12-2023 min
Ask A CISOAsk A CISO Ep. 03: An Interview With George Do, Gojek CISOWe welcome former NASA engineer George Do, CISO of one of our top partners Gojek! Tune in as Horangi CEO and Co-Founder Paul Hadjy reaches into George’s 23-year security career to debunk the biggest security myths today.
2019-11-2123 min
Ask A CISOAsk A CISO Ep. 02: Bend Your Security Tools To Your Business GoalsFrom disparate data to managing data discrepancies, the inundation of poorly managed security tools is a common problem. So how can organizations take a different approach?
2019-10-1513 min
Ask A CISOAsk A CISO Ep. 01: Security & Privacy Compliance: Better Together!Join Horangi in our pilot episode of Ask A CISO! Mark Fuentes looks at the typical data privacy challenges and then shows how a security-first approach helps organizations achieve their compliance goals efficiently.
2019-09-1208 min