Shows
Bare Knuckles and Brass TacksLIVE from SecureWorld Denver: Radical Transparency - Closing KeynoteRecorded LIVE: The Bare Knuckles and Brass Tacks closing keynote at SecureWorld Denver!Titled, "Radical Transparency," George K and George A took on the holy trinity in cyber: people, process, and technology. For each part they break down where we need radical transparency to build trust, on both the buying and selling sides of the industry.They also ask something new of the audience...2024-10-1447 min
Colorado = Security Podcast252 - 9/29 - SecureWorld Closing KeynoteThis is a special episode. On September 19th Alex and Robb participated in the closing keynote at SecureWorld Denver. This panel was recorded and is being shared here, for you to enjoy, share and mock. Have fun!
Support us on Patreon! Fun swag available - all proceeds will directly support the Colorado = Security infrastructure. Come join us on the new Colorado = Security Slack channel to meet old and new friends.
Sign up for our mailing list on the main site to receive weekly updates - https://www.colorado-security.com/. If you have any questions or comments, or any organizations or e...2023-09-2856 min
The SecureWorld SessionsBEC: Real Stories, Real DefenseBusiness Email Compromise (BEC) remains rampant, with annual losses in the billions of dollars. Every type of organization is at risk. During this episode, we discuss key things your organization and people should know about this cybercrime, plus the most effective way to respond in hopes of recovering some of the losses. Our two guests are with the United States Secret Service: • Stephen Dougherty, Financial Fraud Investigator, Global Investigative Operations Center • Michael Johns, Assistant Special Agent in Charge Thank you to Trend Micro, a global leader in cloud and XDR security, for being our premie...2021-12-0733 minThe SecureWorld SessionsA Cyber Mercenary InvestigationWhat is a cyber mercenary group and who are they attacking through cyberspace? In this episode, Feike Hacquebord, Sr. Threat Researcher at Trend Micro, reveals extensive details of a cyber mercenary group he has been tracking for more than a year, which he calls Void Balaur. "They target a lot of doctors… they are sending phishing emails to target senior engineers working for phone companies, they are targeting banks, as well. And all of these targets have one thing in common: they have a lot of personal data on people," Hacquebord says. The group is also going aft...2021-11-1836 minThe SecureWorld SessionsThe Cybersecurity Talent Pipeline ProblemThis discussion on the cybersecurity talent pipeline problem is unlike any other you have heard before. And you and your organization could play a part in growing the future of the cybersecurity workforce. We're talking with the founders of the Last Mile Education Fund: • Rian Walker, Information Security Analyst, Financial Sector • Sarah Lee, Director, School of Computing Sciences and Computer Engineering, University of Southern Mississippi • Ruthe Farmer, CEO & Founder, Last Mile Education Fund Thank you to Trend Micro, a global leader in cloud and XDR security, for being our premier podcast partner.2021-11-0440 minThe SecureWorld SessionsCybersecurity Brain Hacks and Big IdeasCan brain hacks and cybersecurity habits improve the security posture at your organization? CISO George Finney of Southern Methodist University believes the answer is yes and he makes his case in this episode. Also, here's a big idea: cybersecurity doesn't slow down digital transformation, it speeds it up. Gigamon CTO Shehzad Merchant explains how and looks at Big Data and its underpinning technologies. Thank you to Trend Micro, a global leader in cloud and XDR security, for being our premier podcast partner. Resource Links: • Take George Finney's cybersecurity personality test: https://wellawaresecurity.com/cyb...2021-10-2742 minThe SecureWorld SessionsEmergency Response Lessons for CybersecurityAndrew "AJ" Jarrett is Applied Cybersecurity Program Manager at the Cyber Readiness Center (CRC) and Texas A&M Engineering Extension Service (TEEX). He's been a wildland firefighter for more than a decade and believes Emergency Response frameworks that save lives can apply to cyber incident response and IT security to help protect organizations. He believes this can help make information security better. Thank you to Trend Micro, a global leader in cloud and XDR security, for being our premier podcast partner. Resource Links: • Trend Micro's "Linux Threat Report 2021": https://www.trendmicro.com/vinfo/us...2021-10-2238 minThe SecureWorld SessionsCybersecurity Inflection Point?Ed Cabrera is the former CISO of the United States Secret Service and current Chief Cybersecurity Officer at Trend Micro. He believes we are at an inflection point in cybersecurity and is cautiously optimistic. During this conversation with SecureWorld, Cabrera also discusses ransomware, cryptocurrency, threat intelligence, cyber insurance, and more. Thank you to Trend Micro, a global leader in cloud and XDR security, for being our premier podcast partner. Resource Links: • Trend Micro "Vision One": https://www.trendmicro.com/en_us/business.html • Follow Ed Cabrera on Twitter: https://twitter.com/ed_e_c...2021-10-1335 minThe SecureWorld SessionsCyber Resilience, the Game ShowIn this SecureWorld Sessions podcast bonus episode, three Chief Information Security Officers play a game show around modern cyber resilience. What is cyber resiliency, how do you align it with business objectives, and is it possible a unicorn won this battle of the CISOs? Contestants include Ricardo Lafosse, CISO, The Kraft Heinz Company; Michael Boucher, Americas CISO, JLL; and Glenn Kapetansky, Interim CISO, University of Chicago Medical Center, and CSO, Trexin Group. Thank you to Trend Micro, a global leader in cloud and XDR security, for being our premier podcast partner and providing new research...2021-10-0740 minThe SecureWorld SessionsRansomware and the Secret ServiceOur guest on this episode is Jeremy C. Sheridan, Assistant Director, Office of Investigations, at the United States Secret Service. We discuss the evolution of ransomware in cybercrime, including: advances in technology, cyber insurance, the cryptocurrency challenge, the sophistication of ransomware actors, and much more. Also, thank you to Trend Micro, a global leader in cloud and XDR security, for being our premier podcast partner and providing new research for this episode. Resource Links: • Trend Micro report, "A Roadmap to Secure Connected Cars": https://www.trendmicro.com/vinfo/us/security/news/internet-of-things/a-roadmap-to-secure-connected-cars...2021-09-2851 minThe SecureWorld SessionsCreating a Security CulturePrinceton University implemented a multi-year program to create a culture of cybersecurity throughout campus. It has already made an impact on the organizational security mindset, including risk reduction, implementing new technologies, broadening security knowledge, and strengthening campus partnerships. In this episode, listen to David Sherry, CISO of Princeton University, and Tara Schaufler, Information Security Awareness and Training Program Manager. They share ideas, inspiration, and lessons learned that can help your organization. Also, thank you to Trend Micro, a global leader in cloud and XDR security, for being our premier podcast partner and providing new research...2021-09-0949 minThe SecureWorld SessionsNation-State Cyber Threats: What Now?What can organizations, the U.S. government, and everyday citizens do to stop the surge of ransomware and cyber threats hitting us from overseas? In this episode, we hear from retired Air Force Colonel Cedric Leighton. Leighton is a CNN military analyst who held cyber leadership positions while serving in the Air Force and currently runs the Cedric Leighton International Strategies consultancy. He explains the threats and motives of America's top nation-state cyber enemies. Plus, how we're thinking about the ransomware problem in the wrong way. Thank you to Trend Micro, a global leader in cloud and...2021-09-0150 minThe SecureWorld SessionsSuing the CISOAre CISOs getting sued? Yes. Investors filed a lawsuit that specifically names the CISO of SolarWinds as a defendant. Is this the beginning of a trend to sue the Chief Information Security Officer after a cyber incident? #InfoSec twitter reacts, and so do the experts on today's podcast: Rebecca Rakoski is co-founder and Managing Partner of XPAN Law Partners, and Glenn Kapetansky is Interim CISO at the University of Chicago Medical School and CSO at Trexin. Thank you to Trend Micro, a global leader in cloud and XDR security, for being our premier podcast partner...2021-08-2433 minThe SecureWorld SessionsSeason of Cybercrime: The Insider ThreatIn this true cybercrime episode, we uncover the case of an insider threat scheme at an AT&T Wireless call center. Court documents reveal how rogue employees collected approximately $1 million in bribes. Plus, Dr. Larry Ponemon discusses the Insider Threat risk, and John Grimm discusses Insider Threat best practices. Resource Links: • Trend Micro report, Risks in Telecommunications IT: https://www.trendmicro.com/en_us/research/21/g/risks-in-telecommunications-IT.html • SecureWorld conferences: https://www.secureworldexpo.com/events The SecureWorld Sessions podcast gives you access to people and ideas that impact your cybers...2021-08-1122 minThe SecureWorld SessionsSeason of Cybercrime: Exploring the Dark WebIn this true cybercrime episode, we interview Myra Rosario-Fuentes, Senior Threat Researcher at Trend Micro, who just completed an in-depth, two-year research project on Dark Web markets, especially those selling exploits that hackers use to take advantage of security holes in networks and devices. How much is a Zero Day exploit worth on the Dark Web? How did COVID-19 impact cybercriminals on the Dark Web? Also, we discuss access-as-a-service on the Dark Web, the latest on ransomware operators and affiliate programs, and more. Resource Links: • New Trend Micro Report, "The Rise and Fall of...2021-08-0332 minThe SecureWorld SessionsSeason of Cybercrime: W.H.O. CyberattackIn this true cybercrime podcast episode, we interview Alexander Urbelis, cyber attorney and threat intelligence expert, who uncovered a cyberattack against the World Health Organization at the start of the coronavirus pandemic. Resource Links: • Trend Micro phishing and ransomware white paper: https://resources.trendmicro.com/rs/945-CXD-062/images/Reduce-Phishing-Ransomware_Trend-Micro.pdf • Alexander Urbelis on LinkedIn: https://www.linkedin.com/in/alex-urbelis-25aaab1/ • SecureWorld conferences: https://www.secureworldexpo.com/events The SecureWorld Sessions podcast gives you access to people and ideas that impact your cybersecurity career and help you secure your orga...2021-07-2037 minThe SecureWorld SessionsSeason of Cybercrime: SeaWorld CyberattackIn this true cybercrime episode, we interview Cam, who was arrested for hacking when he was 14 years old. One of his focused cyberattacks was against SeaWorld San Diego. Now, he works as a cybersecurity professional. How did he get into cybercrime and then into a role defending against it? It all started with gaming. Resource Links: • Trend Micro's Close the Gap program: https://www.trendmicro.com/closethegap • Trend Micro's Zero Day Initiative: https://www.zerodayinitiative.com • SecureWorld conferences: https://www.secureworldexpo.com/events The SecureWorld Sessions podcast gives you access to...2021-07-1321 minThe SecureWorld SessionsCybersecurity Workforce Development at ScaleHow can we scale up the development of our collective cybersecurity talent pipeline, and what role can you play in this? How can your organization help develop talent? How can your alma mater or current university play a part in this? Hear about a model for this kind of work underway through partnerships at New York University Tandon School of Engineering. Our expert panelists: 1. Geoff Brown, CISO, City of New York, and Head of NYC Cyber Command 2. Liat Krawczyk, Assistant Vice President of the New York City Economic Development Corporation 3. Nasir Memon, Vice...2021-06-2952 minThe SecureWorld SessionsState CISO Discussion: Future of SecurityListen in as U.S. state cybersecurity leaders discuss key topics: • coming year priority projects • the ransomware surge and preparing for security incidents • their organization's security culture and training to deal with issues • innovative, special projects they are most excited about moving forward Featured presenters on this podcast panel: • Vinod Brahmapuram, CISO, State of Washington • Deborah Blyth, CISO, State of Colorado • Maria Thompson, former Chief Risk Officer, State of North Carolina • Moderated by Dan Lohrmann, CSO, Security Mentor, and former CSO, State of Michigan Resource Links: • Trend M...2021-06-2251 minThe SecureWorld SessionsRansomware Incident Response LessonsNancy Rainosek is the Chief Information Security Officer (CISO) for the State of Texas. She knows all about ransomware incident response. Her team played a key role in remediation after a coordinated ransomware attack hit 22 state agencies in Texas in a single day. 1. What was that ransomware day like for Rainosek and her team? 2. Was there a common vulnerability among the attacked agencies? 3. What did Texas learn during the ransomware attack that can help your organization now? Resource Links: • Trend Micro special report on ransomware: https://www.trendmicro.com/vinfo/us/sec...2021-06-1539 minThe SecureWorld SessionsAI and Our FutureJosh Jackson is Founder and Executive Director of the AI Association, which advocates for the furtherance of artificial intelligence and automation in the United States. In this wide-ranging discussion about AI, Jackson unpacks the following: 1. How should we define artificial intelligence? 2. Where is the intersection of cybersecurity and AI? 3. What does the AI arms race look like, and what about AI ethics? 4. What if your organization does not have an AI strategy? Resource Links: • Trend Micro report on ICS Security: https://www.trendmicro.com/vinfo/us/security/news/internet-of-things/keeping-cyber-risk-under-control-spotting-and-thwarting-ics-threats 2021-05-2531 minThe SecureWorld SessionsOutlaw Ransomware Payments?Shawn Tuma is a nationally known "breach quarterback" or "incident response coach" who walks victimized companies through the fallout of a ransomware attack. In this episode, he discusses the following: 1. What stages do organizations and security teams experience during a ransomware attack? 2. Would making ransomware payments illegal disrupt this cybercrime business model? 3. Is the Colonial Pipeline cyberattack a watershed moment for security? Tuma is Co-Chair of the Cybersecurity & Data Privacy Practice Group at Spencer Fane LLP. Resource Links: • Trend Micro special report, "What We Know About the Dar...2021-05-1833 minThe SecureWorld SessionsOperationalizing Your Cybersecurity KnowledgeJoin a CISO panel for a fast-moving discussion around the following questions: 1. The state of cybersecurity: what can we understand from security's rise and the rise of the CISO? 2. What does the business need more of from security teams? And what about from security leaders? 3. Are InfoSec job postings way out of line with reality? 4. What is something you've learned from a mentor or experience? Featuring these thought leaders: • Britney Hommertzheim, Director, Cyber Operations, Cardinal Health • Kevin Hardcastle, Associate CISO, Washington University in St. Louis • Cindi Carter, CISO, IntSights...2021-05-1134 minThe SecureWorld SessionsRefocusing on the Privacy and Security Landscape2020 was a "blender" year, during which data privacy and cybersecurity seemingly took a backseat to the other major, pressing health and social issues. As more and more people are getting vaccinated and we reemerge into a world that looks a lot different (i.e. new laws and regulations, new threats, etc.), we need to consider and refocus on the important data privacy and cybersecurity issues facing organizations. In this episode, join Rebecca Rakoski, co-founder of cyber law firm XPAN Law Partners, and Glenn Kapetansky, Chief Security Officer at Trexin Group, as they discuss: the new threat landscape...2021-05-0438 minThe SecureWorld SessionsAchieving Your Cybersecurity Career GoalsAre you "stuck" somewhere along your cybersecurity career path? Are you planning to pursue your InfoSec career goals "someday" down the road? Belinda Enoma has a cybersecurity and privacy background, and she's a Certified Information Privacy Professional (CIPP) in the U.S. She is also a career advice expert and the Founder of Activate & Implement LLC. In this episode, Belinda shares strategies for overcoming career obstacles. She says: "What did you leave on the back burner? Pick it up and launch. There's no time like now. Utilize the gift of now, of today, do what...2021-04-2736 minThe SecureWorld SessionsMyth Busting: IAM in Multi-CloudIn this episode, Michael Meyer, Chief Risk Officer and Chief Innovation Officer at MRS BPO, exposes three crucial myths around IAM in cloud, especially a multi-cloud environment. Are you believing the myths that stand in the way of properly implementing IAM (Identity and Access Management) in your cloud environments? Also, today's Trend Micro Top 3 is built around the Trend Micro Cloud One platform. Resource Links: • How Trend Micro Cloud One works for organizations: https://www.trendmicro.com/en_us/business/products/hybrid-cloud/cloud-one-workload-security.html • Connect with Michael Meyer on LinkedIn: https://www.lin...2021-04-2040 minThe SecureWorld SessionsResilience in CybersecurityIn this episode, Mark Eggleston, Vice President and CISO/CPO of Health Partners Plans, speaks with security leaders about cyber resiliency, the return to the workplace, combatting nation-state cyber threats, pandemic lessons that can fuel digital innovation, and mental health in cybersecurity. Panelists include: • Anahi Santiago, CISO, ChristianaCare Health System • Joshua Cloud, Director of Information Security, NFI • Nick Falcone, CISO, University of Pennsylvania • Todd Bearman, VP & CISO, Global Infrastructure and Security Solutions, TE Connectivity Resource Links: • Trend Micro publication, Preventing Ransomware While Working from Home • SecureWorld virtual conferences: https://www.securew...2021-04-1351 minThe SecureWorld SessionsSocial Engineering: Hacking HumansIn this episode, social engineering professor, entrepreneur, and author Christopher Hadnagy shares social engineering case studies and explains how these attacks are evolving and how you can protect yourself and your end-users. Hadnagy draws from decades of human behavioral research and his time as "Chief Human Hacker" at Social-Engineer, LLC. Resource Links: • Christopher Hadnagy's author page: https://www.amazon.com/Christopher-Hadnagy/e/B004D1T9F4 • Trend Micro on the evolution of social engineering attacks: https://www.trendmicro.com/vinfo/us/security/definition/social-engineering/ • SecureWorld virtual conferences: https://www.secureworldexpo.com/events...2021-04-0648 minThe SecureWorld SessionsBattle Tested BCP: What Security LearnedIn this episode, we are discussing lessons learned from a CISO who led the way on her organization's business continuity plan (BCP) and pandemic plan. Milinda Rambel Stone is VP and CISO at Provation Medical. She shares a first-hand account of the planning, implementation, and takeaways from her company's BCP. And buckle up: security teams face more changes ahead as we emerge from the pandemic. Resource Links: • Milinda Rambel Stone on LinkedIn: https://www.linkedin.com/in/milindastone/ • Trend Micro paper: Security 101: Virtual Patching and Virtual Shielding • SecureWorld virtual conferences: https://www.secur...2021-03-3048 minThe SecureWorld SessionsBest in Breed vs. All in OneIn this episode, we are discussing a hotly debated topic in cybersecurity: best in breed point solutions versus an all in one type of security platform. Which is the best approach for your organization? And how is this part of the security landscape changing? Our guest is Greg Young, Vice President of Cybersecurity and Corporate Development at Trend Micro, who has watched this information security debate play out within organizations for the last three decades. He also served integral roles in Gartner's Magic Quadrant development over the years. Resource Links: • Connect with Greg You...2021-03-1648 minThe SecureWorld SessionsAre We Doing It Wrong? Aligning Security and the BusinessWe are talking about how to align information security with the business. And our guest, ISSA International President Candy Alexander, says we may be thinking about this strategy in the wrong way. She is not afraid to be controversial, and in this episode she shares what security and business alignment should look like. Candy is also Chief Information Security Officer at NeuEon. Resource Links: • Candy Alexander on LinkedIn: https://www.linkedin.com/in/candyalexander/ • Trend Micro's Cloud App Security Threat Report 2020: http://bit.ly/TM_Cloud_AppSec • SecureWorld virtual conferences: https://www.secure...2021-03-0948 minThe SecureWorld SessionsThe Ransomware Attack LifecycleIn this episode, we start with a dramatization of a ransomware attack, which leads us to the ransomware lifecycle in real life. What is a ransomware attack incident response really like? How should you respond in the first hours? What does a 72-hour ransomware response look like? What should you do in the weeks and months following? Hear real-life examples and learn best practices from attorney Shawn Tuma, Co-Chair of the Data Privacy and Cybersecurity Practice at Spencer Fane. Also, don't miss Trend Micro's 2020 State of Ransomware report, available for free download, below. ...2021-03-0248 minThe SecureWorld SessionsPentesters Arrested on the JobWhen an Iowa Sheriff arrested Coalfire pentesters Gary DeMercurio and Justin Wynn on the job, it sent shockwaves through the cybersecurity community. The two InfoSec professionals faced felony charges, jail time, and the possibility of a criminal record for doing what they were hired to do. And information security professionals faced a possible chilling effect around a common strategy for testing defenses. Now, Gary and Justin tell their story to the SecureWorld audience during a candid interview. They will take us through what happened to them and share what they learned in the process. Resource...2021-02-2348 minThe SecureWorld SessionsSolarWinds Data Breach Impact: Part 2We are asking questions about the SolarWinds data breach fallout. How did the SolarWinds breach impact everything related to legal and compliance? And how does it change the way you should look at Vendor Risk Management? We get answers from Glenn Kapetansky, CSO and Technology Capability Lead, at Trexin Group; and Rebecca Rakoski, Co-Founder and Managing Partner, at XPAN Law Partners, a cybersecurity law firm. Also, don't miss Trend Micro's Incident Response Playbook, available for free download, below. Resource Links: • Glenn Kapetansky on LinkedIn: https://www.linkedin.com/in/kapetansky • Rebecca Rakosk...2021-02-0931 minThe SecureWorld SessionsSolarWinds Data Breach Impact: Part 1"We were not prepared for a SolarWinds type of supply chain attack," says Cedric Leighton, CNN Analyst and U.S. Air Force Colonel (Ret.). In this podcast episode, Leighton examines how wide the impact of the SolarWinds cyberattack might be, possible collateral damage from the attack, and the most likely nation-state behind it all. Plus, Leighton explains the top nation-state cyber threats during 2021. Resource Links: • Cedric Leighton on LinkedIn: https://www.linkedin.com/in/cedricleighton • Trend Micro report, "Turning the Tide: Security Predictions for 2021": https://www.trendmicro.com/vinfo/us/security/rese...2021-02-0250 minThe SecureWorld SessionsProject 2030: Cybersecurity, AI, and Technology PredictionsLong-term predictions are risky, but Rik Ferguson likes to predict things a decade into the future. Rik is Vice President of Security Research at Trend Micro. Building off his Project 2020, Rik is now working on Project 2030. In our interview, we get a glimpse of the future of AI, the future of malware, the future of wearables, the future of ransomware, and more. Also, we discuss implications of the 2020 SolarWinds data breach. If predictions are your thing, do not miss this episode! Resource Links: • Rik Ferguson on LinkedIn: https://www.linkedin.com/in/rikferguson/...2020-12-2237 minThe SecureWorld SessionsFuture of Cyber Law and Big Data ManagementWhat does the 2021 cyber law and privacy law landscape look like? Our first guest is attorney Jordan Fischer of Beckage Law. And how can you ensure total data discovery and then manage that big data with security and compliance in mind? Our second guest is Arun Gandhi, Vice President at 1touch.io, which specializes in this area. Also, we have new research from Trend Micro about 2021 cyber threat trends. Resource Links: • Jordan Fischer on LinkedIn: https://www.linkedin.com/in/jordan-fischer-cipp-e-cipp-us-cipm-706b4147 • Trend Micro report, "Turning the Tide: Security Predictions for 2021": https...2020-12-1543 minThe SecureWorld SessionsThe Resilient and Secure OrganizationWhat does a resilient and secure organization look like? What are key strategies and technologies these organizations should have? How does a resilient organization empower its employees? In this episode, we glean insights from Adam Leisring, Chief Information Security Officer at Paycor. Also, we have new research from Trend Micro. The latest report is called "Inside the Bulletproof Hosting Business: Cybercriminal Methods and OpSec," and it's a fascinating read. See the link below to download. Thanks to Trend Micro for being our Premiere Podcast Partner. Resource Links: • Adam Leisring on LinkedIn: https://www.link...2020-12-0139 minThe SecureWorld SessionsModern Cybersecurity LeadershipIn this episode, we are learning about modern cybersecurity leadership. We hear from Yaron Levi, CISO of Blue Cross and Blue Shield of Kansas City. Levi shares about what security professionals need to do now to lead. And he helps us consider the following questions: Why is information security mainly reactive instead of proactive? Why do most organizations view security as a technology problem instead of a business risk problem? How come so many organizations lack a clear security strategy? And why do security leaders fall back on "silver bullet" solutions? There are reasons for all of...2020-11-1733 minThe SecureWorld SessionsThe Future of Cloud SecurityIn this episode, we talk to Mark Nunnikhoven, Vice President of Cloud Research at Trend Micro. 2020 was the cloud's biggest year, and we're talking about securing the cloud into the future. How do we make cloud security usable? How do we make cloud security stable? What does building in this environment look like right now, and what is the state of DevSecOps? What can we do about misconfigurations in the cloud? What are cloud security opportunities and challenges? And are cloud platform security tools enough to secure your data? Resource Links: • Mark Nunnikhoven on...2020-11-1031 minThe SecureWorld SessionsOil and Natural Gas Cyber ThreatsIn this episode, we talk to cybersecurity leaders in the oil and natural gas industry. Experts from the ONG-ISAC (Oil and Natural Gas Information Sharing and Analysis Center) answer the following questions: • What does the cyber threat landscape look like for the petroleum industry, and what are the potential impacts? • What are barriers to sharing threat intelligence and benefits of doing so? • How do you see cyber threats evolving in 2021 and beyond for the energy sector? Also, details on Trend Micro's white paper on the vulnerabilities for the water and energy sectors. Links...2020-10-2729 minThe SecureWorld SessionsThe CMMC ExplainedIn this episode, we talk to James Goepel about the Cybersecurity Maturity Model Certification (CMMC). He discusses this important new certification for supply chain security within the U.S. Department of Defense (DoD) system, addressing the following: • Why was the CMMC created? • Who needs the CMMC? • How will the CMMC work? • Will the CMMC spread beyond the DoD? James is a former member of the Board of Directors for the CMMC Accreditation Body, and is now CEO of Fathom Cyber. Also, Trend Micro shares details of its Midyear Security Roundup. Resour...2020-10-2042 minThe SecureWorld SessionsNew National Cyber Power IndexIn this episode, we talk to Julia Voo, one of the authors of the newly published National Cyber Power Index 2020. Which country is the most powerful in cyberspace? The NCPI takes a "whole of country" approach to measuring cyber power, ranking 30 countries in the context of seven national objectives. Voo is a Cyber Fellow at the Belfer Center for Science and International Affairs at the Harvard Kennedy School. She was the closing keynote at the SecureWorld Detroit-Toronto-Cincinnati virtual conference, and this is an excerpt from her presentation and fireside chat. Resource Links: • Julia Voo...2020-10-1339 minThe SecureWorld SessionsCulture in Information SecurityIn this episode, we hear from Don McKeown, Information Security Manager at Wolters Kluwer Health. He talks about the various levels of culture within an organization, and the culture of security. Plus, approaches to security: blocking and tackling programs, compliance-based information security programs, and risk-based InfoSec programs. McKeown spoke at the 2020 SecureWorld Boston virtual conference, and this is a part of his presentation. Resource Links: • Don McKeown on LinkedIn: https://www.linkedin.com/in/donspage/ • Trend Micro ransomware best practices: https://cybersecurityminute.com/security-blogs/ransom-from-home-how-to-close-the-cyber-front-door-to-remote-working-ransomware-attacks/ • SecureWorld VIRTUAL conferences: https://www.secur...2020-10-0625 minThe SecureWorld SessionsRansomware and Digital Extortion: Should You Pay?In this episode, we hear from Dan Pepper, Partner on BakerHostetler's Privacy and Data Protection team. He frequently handles security incidents, interacting with federal and state agencies and forensic service providers, and has overseen investigations including many cases of ransomware. How are attackers launching their ransomware attacks? Should you pay the ransom or not? Is it legal to pay a hacker's ransom demand? He answers these questions and more. Pepper spoke at the virtual SecureWorld Philadelphia New York and this is a part of his presentation. Resource Links: • Daniel Pepper on LinkedIn: https://www...2020-09-2228 minThe SecureWorld SessionsYouth and CybercrimeIn this episode, we are partnering with the non-profit Cybercrime Support Network (CSN) to raise awareness as part of their Youth and Cybercrime Week. We interview Cam, who was arrested for cyberattacks when he was 14 years old and now works as a cybersecurity professional. How did he get into cybercrime and then into a role defending against it? What advice does he have for young people? Also, we speak with Kristin Judge, CEO of Cybercrime Support Network, about how we can help direct kids to use their hacking and cyber skills for good. She also...2020-09-1545 minThe SecureWorld SessionsInformation Security and Digital TransformationIn this episode, we share part of a SecureWorld presentation by Sandy Silk, Director of Information Security Education and Consulting at Harvard University. In her presentation, titled "Hey, InfoSec: Be Part of the Digital Transformation or Be Left Behind!," Silk discusses how security teams need to evolve to deliver the same digital transformation (Dx) value and benefits as other technology and data initiatives within their organizations. Resource Links: • Trend Micro's Close the Gap initiative: https://www.trendmicro.com/closethegap • Trend Micro security blog: https://www.trendmicro.com/vinfo/us/security/news • Sandy Sil...2020-08-2532 minThe SecureWorld SessionsBusiness Continuity Planning During a PandemicCISO Milinda Rambel Stone and Human Resources VP Susan Hanson, both of Provation Medical, worked together on a pandemic plan completed just as the COVID-19 pandemic hit the U.S. They discuss these questions: How does a pandemic plan fit with a Business Continuity Plan (BCP)? How did the business, including information security, communicate during this time? How was the plan communicated to executive leadership? How has the BCP helped cybersecurity and other parts of the business work together? And what if your BCP needs some work or you don't have one yet? Resource Links:2020-08-1830 minThe SecureWorld SessionsWhat Does AI and Machine Learning Mean for Cybersecurity?In this episode, we are speaking with Joshua Cloud, Director of Information Security at NFI, as he answers three important questions for us: 1. What is Artificial Intelligence (AI)? 2. What is Machine Learning (ML)? 3. How can we use AI and ML in cybersecurity and cyber defense? Also, new research, just published by Trend Micro, our premiere podcast partner, on unveiling critical security flaws in programmable industrial machines. Resource Links: • Research: Trend Micro report, "Hidden Risks of Industrial Automation Programming." https://www.trendmicro.com/vinfo/us/security/news/internet-of-things/unveiling-the-hidden-risks-of-industrial-automation-programming •...2020-08-1129 minThe SecureWorld SessionsEmerging Cybersecurity TechnologiesIn this episode, we are speaking with cybersecurity and technology influencer Chuck Brooks about emerging technologies that can help you defend your organization in cyberspace. Brooks covers everything from the future of quantum computing and the encryption debate to China in tech, election cybersecurity, 5G concerns, and low-hanging cybersecurity fruit companies should address now. Also, new research on device and supply chain security in healthcare from Trend Micro, our premiere podcast partner. RESOURCE LINKS: • Trend Micro research, "Exposed Devices and Supply Chain Attacks: Overlooked Risks in Healthcare Networks" https://www.trendmicro.com/vinfo/us...2020-08-0443 minThe SecureWorld SessionsIdentity and Access Management: The JourneyIn this episode, we hear from Joe Zurba, Chief Information Security Officer at Harvard Medical School. He details the challenging Identity and Access Management landscape the school faces and how it navigates IAM. Zurba was a keynote speaker at the 2020 SecureWorld Boston virtual conference. Also, updates on ThiefQuest (EvilQuest), the quickly-evolving macOS malware. We’re sharing new research from Trend Micro, our premiere podcast partner. Resource Links: • Research: Trend Micro's updates on ThiefQuest malware: https://blog.trendmicro.com/trendlabs-security-intelligence/updates-on-thiefquest-the-quickly-evolving-macos-malware/ • New SecureWorld VIRTUAL conferences: https://www.secureworldexpo.com/events • SecureWorld...2020-07-2832 minThe SecureWorld SessionsHunting The Dark OverlordIn this episode, we are speaking with cybersecurity researcher, pentester, and author Vinny Troia. His new book is "Hunting Cyber Criminals: A Hacker's Guide to Online Intelligence Gathering Tools and Techniques." He explains how he tracked down the alleged hackers behind Gnostic Plays, Shiny Hunters, NSFW, and the The Dark Overlord groups. And it turns out, there are some very tight connections between these groups. Troia reveals the identities of two teenage hackers that he says are responsible for a whopping 42% of all non-payment card data breaches from 2017 to mid-2020. Also, new hacker infrastructure and underground hosting 101...2020-07-2136 minThe SecureWorld SessionsThe Future of Cybersecurity ConferencesWhat does cybersecurity collaboration look like in the digital realm? What about the future of physical events and conferences for the cybersecurity industry? In this episode, we are speaking with conference creator Brad Graver, Vice President of SecureWorld. Brad and his team have overseen more than 120 cybersecurity conferences across North America over the past 19 years, and have experienced the shift from in-person to online events in the wake of COVID-19. Also, we look at new cloud security resources from Trend Micro, our premiere podcast partner. RESOURCE LINKS: • Trend Micro's Cloud Security and...2020-07-1421 minThe SecureWorld SessionsCloud Security Gaps and MisconfigurationsIn this episode, we are speaking with Aaron Ansari, Vice President of Cloud One - Conformity at Trend Micro. What are the remote work security gaps exposed by the COVID-19 shift to the cloud? What are common factors in cloud security misconfigurations? With cybersecurity features built into many cloud platforms, do you need a third-party or external cloud security solution? We explore these questions and more. Says Ansari: "Cloud providers have an enormous, robust, complex set of services that are available for organizations and people to build infrastructure and environment in their cloud. It's fantastic; it's very r...2020-07-0721 minThe SecureWorld SessionsNo Dummy: An Interview with Author Joseph SteinbergIn this episode, we are speaking with noted author Joseph Steinberg. His works on cybersecurity have been read by millions of people, including a security certification exam study guide and recently the "Cybersecurity for Dummies" book. We cover a variety of topics: AI in cybersecurity; the rise of the insider threat risk; translating risk to executives or end-users; IoT security; and more. RESOURCE LINKS: • Trend Micro's Incident Response Guidebook: https://www.trendmicro.com/vinfo/us/security/news/managed-detection-and-response/cyberattacks-from-the-frontlines-incident-response-playbook-for-beginners • Joseph Steinberg's official website: https://josephsteinberg.com • SecureWorld Remote Sessions...2020-06-3040 minThe SecureWorld SessionsInsider Threat RiskIn this episode, we discuss in depth the cybersecurity risks that come from insiders. What does a malicious insider threat look like? How about the accidental insider threat? How can executives become accidental insider threats? And more. Hear insights from these experts: • Dr. Larry Ponemon of the Ponemon Institute • Sudeep Venkatesh, Chief Product Officer, Egress • John Grim, Head of Research, Development, and Innovation, Verizon Threat Research Advisory Center • Dr. Chris Pierson, Founder & CEO, BlackCloak Also, Trend Micro shares mitigation techniques for PowerShell-based malware and attacks. Links from the show: 2020-06-1644 minThe SecureWorld SessionsNew Cybersecurity Lessons from the PandemicIn this episode, we are speaking with Rob Morgus, Director of Research and Analysis at the U.S. Cyberspace Solarium Commission. He is the lead author on a new white paper which uncovers the parallels between the COVID-19 pandemic and the cyber threat landscape. He also explains new cybersecurity priorities the Commission published as a result of lessons from the coronavirus response. Says Morgus: "The bottom line is that the United States on cybersecurity—and now we're experiencing something similar—has experienced a number of wake up calls over the last decade, decade and a half. In 2014, hack...2020-06-0933 minThe SecureWorld SessionsCOVID-19 Contact Tracing: Privacy and Cybersecurity ProblemsIn this episode, we are speaking to "The Privacy Professor" Rebecca Herold, one of the authors of the new NIST Privacy Framework and host of her own privacy and cybersecurity podcast. She unpacks the privacy and security challenges of coronavirus contact tracing, which relies on massive amounts of personal data to work. "I mean, you can't preserve privacy if you can't control the data," Herold says. "And to control the data, you have to have security applied to it in many different ways and layers, making sure only those who need access can get access, protecting the...2020-06-0244 minThe SecureWorld SessionsThe Link: Cyber Insurance and Incident ResponseIn this episode, we are speaking to Shawn Tuma, cybersecurity and data privacy attorney with Spencer Fane LLP. He says the two key elements of cyber resilience are an incident response plan and cyber insurance. But do you know what your cyber insurance policy covers? Tuma says cyber insurance policies can lead to unpleasant surprises during an incident if you do not understand your policy. @ 14:30 Tuma says: "You're just tuned up and ready to go on a moment's notice. You get alerted you have an incident. And while you're not exactly excited about that, you're glad that...2020-05-1925 minThe SecureWorld SessionsCybersecurity, Geopolitics, and the Threat LandscapeIn this episode, we are speaking to CNN Analyst and retired U.S. Air Force Col. Cedric Leighton. The real world and the cyber world are converging. Criminal elements are increasingly turning to cybercrime. And nation-state hackers continue to look for what is next. @ 34:49 Leighton says: "We will know that the Chinese, the Russians, the North Koreans, even the Iranians are going to continue to be active in cyberspace. They will take advantage of new work modes that may outlast the coronavirus pandemic. And those new work modes lead to new vulnerabilities. There's new vulnerabilities will lead...2020-05-1257 minThe SecureWorld SessionsCybersecurity Burnout SolutionsIn this episode, we are speaking to CISO and Holistic Health practitioner Jothi Dugar about the impact of cybersecurity stress on mental health. @9:04 Dugar says: “You kind of have to be connected 24 by 7 because you have to know what’s going on. You have to do incident response, you’re on call, you’re probably working more than 40 hours a week. And you have to be on top of it with your A game on at all times to deal with cyber incidents or outages or breaches at any time in the day or night.” She explains how mindse...2020-05-0533 minThe SecureWorld SessionsCybersecurity Burnout and Mental HealthThe SecureWorld Sessions is a cybersecurity podcast that gives you access to people and ideas that impact your career and help you secure your organization. In this episode, we are speaking to Neal O'Farrell, Founder of the PsyberResilience Project. He started a movement to develop a mental health baseline among cybersecurity professionals and to tackle the issues of cybersecurity stress and burnout. He says burnout hurts your organizational security posture and is causing us to lose important people and widen the talent gap. Also, what are the top causes of cybersecurity burnout? @7:55: “One thing that's co...2020-04-2830 minThe SecureWorld SessionsZoom, Remote Tools, Privacy, and CybersecurityIn this episode, we speak to attorney Michael Simon of cybersecurity and data privacy law firm XPAN Law Group. We cover the historic move to Zoom and other remote work tools. What are the privacy, legal, and security risks of this new digital workforce? How can you avoid certain lawsuits against your organization by optimizing remote work tools? @6:26 Simon says: "This is not the death knell for privacy. I see people write up that privacy's done, it's over with. I've got friends in the government who would tell me, 'Oh, it's all over.' No, it's not...2020-04-2137 minThe SecureWorld SessionsTracking COVID-19 Cyber ThreatsMany cyber threats are taking on a COVID-19 theme. In this episode, we are speaking to Myla Pilao of Trend Micro, where the Threat Research Team tracks more than 5 billion threats, daily. @7:20 Pilao says: "So every day, we collect terabytes of threat data coming in from honey pots, from submissions from our partners, from customers, from feedback loops, from a lot of our crawling technologies. So we are attempting to combine all this collection of data from many, many sources. This gives us one big thing: the visibility of the nature and even the geolocation...2020-04-1430 minThe SecureWorld SessionsThe Justice League in CyberspaceThe SecureWorld Sessions is a cybersecurity podcast that gives you access to people and ideas that impact your career and help you secure your organization. They call themselves the COVID-19 CTI League. Some have labeled them superheroes in cyberspace, like the Justice League. The mission of this volunteer organization: defend hospitals and healthcare facilities against cyber attacks so that medical professionals can focus on caring for COVID-19 cases and saving lives. In this episode, we interview CTI League Co-Founder Ohad Zaidenberg. Plus, new findings from Trend Micro reveal how big the COVID-19 cybercrime problem has...2020-04-0724 minThe SecureWorld SessionsCoronavirus Cyberattack at the World Health OrganizationThe SecureWorld Sessions is a cybersecurity podcast that gives you access to people and ideas that impact your career and help you secure your organization. Who would launch a cyberattack against the World Health Organization as it responds to the coronavirus pandemic? In this episode, we’re interviewing the man who uncovered a live cyberattack against the WHO, the potential value (the why?) of such an attack, and the wave of cybercrime and fraud coming from coronavirus and COVID-19 related websites. Also, how can organizations and the enterprise safeguard against cyberattacks during the pandemic? Plus, te...2020-03-3140 minThe SecureWorld SessionsCybersecurity Pandemic Plans, Remote Work Privacy PitfallsIn this episode, we’re doing something new. We are sharing key learnings from our first week of daily online briefings. Called the SecureWorld Remote Sessions, this is our way of bringing security professionals together in the face of the coronavirus (COVID-19) pandemic. Featured interviews are with: Stephen Head, Director, IT Risk Advisory Services, Experis Finance; Chris Shull, vCISO, Salem Medical Center; Jordan Fischer, Managing Partner, XPAN Law Group; and James Goepel, Board of Directors, CMMC Accreditation Body. Plus, the latest on Microsoft Office 365 related phishing attacks from Trend Micro and its 2019 Security Roundup Report....2020-03-2429 minThe SecureWorld SessionsCybersecurity Red Team vs. Blue Team — Miniseries, Part 2The SecureWorld Sessions is a cybersecurity podcast that gives you access to people and ideas that impact your career and help you secure your organization. In this episode, we talk to Ryan Mostiller, Senior Security Engineer at Penske Automotive Group, about how Blue Teams can help secure the organization and get credit for doing it. Plus, details on a new initiative in response to the coronavirus (COVID-19): announcing the SecureWorld Remote Sessions. RESOURCE LINKS: NEW SecureWorld Remote Sessions: https://www.secureworldexpo.com/resources?cat=remote-sessions Trend Micro 2019 Security Roundup Report : https://www...2020-03-1714 minThe SecureWorld SessionsCybersecurity Red Team vs. Blue Team — Miniseries, Part 1The SecureWorld Sessions is a cybersecurity podcast that gives you access to people and ideas that impact your career and help you secure your organization. In this episode, we talk to Austin Rappeport, head of threat defense and blue team member, and Chris Carlis, red team coordinator, both of Zurich Insurance Group. We look at cybersecurity through a blue team versus red team lens and how the two work together on purple team exercises to find security vulnerabilities. Plus, Trend Micro's 2019 annual security roundup report, "The Sprawling Reach of Complex Threats." RESOURCE LINKS:2020-03-1023 minThe SecureWorld SessionsCybersecurity FrustrationsThe SecureWorld Sessions is a cybersecurity podcast that gives you access to people and ideas that impact your career and help you secure your organization. In this episode: InfoSec professionals are frustrated by the amount of time they spend evaluating third-party risk. David Barton of UHY Advisors says this should actually be someone else’s job. He explains steps to overcome this cybersecurity frustration. Plus, in our interview with Matt Clapham, Director of Cybersecurity at GE Healthcare, he talks about finding the rarest of the rare in cybersecurity talent and a few easy steps to uncovering potential se...2020-03-0317 minThe SecureWorld SessionsDeveloping Cybersecurity AdvocatesThe SecureWorld Sessions is a cybersecurity podcast that gives you access to people and ideas that impact your career and help you secure your organization. In this episode: How do you develop cybersecurity advocates across the organization? Featured interviews with: Deneen DeFiore, VP & CISO, United Airlines; Zaki Abbas, VP & CISO, Brookfield Asset Management; Milinda Rambel Stone, VP & CISO, Provation Medical; Brent Lassi, CISO, Bluecore; Mike Muha, Chief Security and Privacy Officer, Workforce Software. Also, Trend Micro shares about Dynamic Challenges to Threat Detection and Endpoint Security—and how to overcome them. RESOURCE LINKS:2020-02-2515 minThe SecureWorld SessionsChinese Hackers and the Equifax Data BreachThe SecureWorld Sessions is a cybersecurity podcast that gives you access to people and ideas that impact your career and help you secure your organization. In this episode, we’re sharing new revelations about how the Equifax data breach happened. From newly unsealed court documents in the US DOJ case, we look at 10 steps Chinese nation-state hackers are accused of taking in the attack. We also interview Graeme Payne who worked for Equifax and was fired after being blamed for human error that led to the breach. What did he learn that can benefit security teams? ...2020-02-1818 minThe SecureWorld SessionsThe Two Faces of AIThe SecureWorld Sessions is a cybersecurity podcast that gives you access to people and ideas that impact your career and help you secure your organization. In this episode, we share a new definition of artificial intelligence, discuss the upheaval AI will cause, and look at the dark side of AI. Interviews with Annie Searle of University of Washington; Craig Spiezle of the Online Trust Alliance and AgeLight; Steve Brown, the Bald Futurist; and Dr. Raj Sachdev, Dean of Columbia College School of Business. Also, Trend Micro shares about “counter-AI and ML,” which could work against us a...2020-02-1121 minThe SecureWorld SessionsHacking Cars and CybersecurityThe SecureWorld Sessions is a cybersecurity podcast that gives you access to people and ideas that impact your career and help you secure your organization. In this episode, we’re talking with Kristie Pfosi, Sr. Manager of Automotive Cybersecurity at Mitsubishi Electric. Kristie and her team asked drivers: What kind of alert would you want if your smart car gets hacked? What should happen after your car is hacked? The team put drivers through simulated cyberattacks behind the wheel to see what makes sense. Also, Trend Micro and the Zero Day Initiative’s latest Pwn2Own...2020-02-0419 minThe SecureWorld SessionsCybersecurity Career: Technologist to CISOThe SecureWorld Sessions is a cybersecurity podcast that gives you access to people and ideas that impact your career and help you secure your organization. In this episode, we’re talking with Randy Raw, Vice President of Information Security at Veterans United Home Loans. He’s sharing about his career track: from a cybersecurity technologist to his role in executive leadership. Which skills can help you rise into leadership? Which alliances do you need to help your career develop? Also, we reveal new research from Trend Micro. It used a smart factory honeypot setup to attr...2020-01-2822 minThe SecureWorld SessionsBeing a Young Woman in Security: What It's Like'The SecureWorld Sessions' podcast gives you access to people and ideas that impact your cybersecurity career and help you secure your organization. In this episode, we're talking with Alexis Womble, Sr. Threat Intelligence Analyst at BAE Systems, about being a young woman in the field of InfoSec. What is it like? She shares her experiences and career journey. Related Links: SecureWorld 2020 conference schedule: https://www.secureworldexpo.com/events SecureWorld Web Conferences: https://www.secureworldexpo.com/resources?cat=web-conferences 2020-01-2113 minThe SecureWorld SessionsNation-State Cyber ThreatsIn this episode of The SecureWorld Sessions, we're talking with Cedric Leighton, CNN military analyst and retired U.S. Air Force colonel, about the "Big Four" nation-state bad actors and the cyber attacks they are capable of. Also, we cover the top 10 cyber attack methods used by Iran and its hacking groups. RESOURCE LINKS: • Iran’s Top 10 Cyber Attack Methods, Detection, and Mitigation: https://www.secureworldexpo.com/industry-news/10-top-ways-iran-launches-cyber-attacks-how-to-detect-them • SecureWorld 2020 conference schedule: https://www.secureworldexpo.com/events • SecureWorld web conferences: https://www.secureworldexpo.com/resources?cat=web-conferences2020-01-1417 minThe SecureWorld SessionsZero Trust in Cybersecurity"The SecureWorld Sessions" is a podcast that gives you access to people and ideas that impact your cybersecurity career and help you secure your organization. In this episode, we’re talking with Christopher Frenz, AVP of Information Security at Interfaith Medical Center in Brooklyn. He explains the cyber threat landscape for hospitals, discusses a simulated mass malware outbreak, and details the medical center’s Zero Trust journey and how it is improving the cybersecurity posture of the organization. Related Resources: Trend Micro Zero Trust blog: https://blog.trendmicro.com/decrypting-what-zero-trust-is-and-what-it-likely-isnt/ Collaborate with your peers; Secu...2020-01-0718 minThe SecureWorld SessionsCybersecurity Careers [Miniseries, Part 2]"The SecureWorld Sessions" is a new cybersecurity podcast that gives you access to people and ideas that impact your career and help you secure your organization. In this episode, we’re talking with Mark Aiello, president of talent placement firm CyberSN. He discusses cybersecurity certifications, finding out what the market is paying for your role, and finding more cybersecurity help. Also, Bluecore CISO Brent Lassi shares how a CISO Stop List can help your career. Here are things security can—and should—stop doing now! RESOURCE LINKS: How Trend Micro helps people get into and st...2019-12-1721 minThe SecureWorld SessionsCybersecurity Careers [Miniseries, Part 1]In this episode, we’re talking with Mary Haynes, VP of Network Security for Charter Communications; Aleta Jeffress, Chief Information and Digital Officer for the City of Aurora, Colorado; and Cindi Carter, VP and CSO for MedeAnalytics. They share Aha! moments from their careers, as well as the advice they would give their younger selves. Also, we interview Steven Fox, Sr. Manager of Compliance at Workforce Software, who offers tips on managing global teams. RESOURCE LINKS: Trend Micro Doubles Its Investment in Under-Represented Technologists: https://newsroom.trendmicro.com/press-release/alliances/trend-micro-more-doubles-commitment-underrepresented-persons-cybersecurity Hofstede’s Cultural Lead...2019-12-1023 minThe SecureWorld SessionsCybersecurity & Privacy Law: The StrategyIndividual U.S. states are creating new cybersecurity and privacy laws all the time. Cyber attorney Jordan Fischer explains how to think about this challenge, how to start tackling it, and the legal exposure for companies who ignore it. Also, Trend Micro’s 2020 cyberthreat predictions. "The SecureWorld Sessions" is a new cybersecurity podcast that gives you access to people and ideas that impact your career and help you secure your organization. RESOURCE LINKS: Trend Micro Cybersecurity Predictions for 2020: https://www.trendmicro.com/vinfo/us/security/research-and-analysis/predictions/2020 Jordan Fischer and XPAN Law Group: https://xp...2019-12-0322 minThe SecureWorld SessionsCan You Trust Huawei?Can Huawei be trusted? Should Huawei be allowed to build 5G networks in the U.S. and other parts of the world? Huawei’s Chief Security Officer answers questions about trust, verification, cybersecurity, and supply chain security. 'The SecureWorld Sessions' is a new cybersecurity podcast that gives you access to people and ideas that impact your career and help you secure your organization. LINKS: • Trend Micro on 5G security threats: http://bit.ly/TM_5Gthreats • SecureWorld 2020 conference schedule: https://www.secureworldexpo.com/events2019-11-2628 minThe SecureWorld SessionsTalking to Hackers (Thru an Alias)'The SecureWorld Sessions' is a new cybersecurity podcast that gives you access to people and ideas that impact your career and help you secure your organization. Brian Krebs criticized our podcast guest for the way he connects with hackers. Vinny Troia is a cybersecurity researcher and author of the book "Hunting Cyber Criminals." Troia uses aliases on the Dark Web to communicate with hackers such as Gnostic Players, The Dark Overlord, and NSFW. He explains what motivates them and how they get caught, and shares about the hacker who claims he’s smarter than the NSA and CI...2019-11-1917 minThe SecureWorld SessionsThe Enterprise Business Model of CybercrimeThe SecureWorld Sessions is a new cybersecurity podcast that gives you access to people and ideas that impact your career and help you secure your organization. Our featured interview is with Special Agent Chris McMahon of the United States Secret Service. He is one of the nation’s key investigators of Business Email Compromise. Topics include: BEC fraud, CEO fraud, hackers, cybercriminals, and money mules. Plus, what hackers are doing in successful attacks and cybercrime warning signs. LINKS: • Trend Micro & INTERPOL BEC partnership: http://bit.ly/TM_BEC • Trend Micro PhishInsight tool: http://bit.ly...2019-11-1224 minThe SecureWorld SessionsCybersecurity Stories to Get Buy-In and BudgetIn this episode of The SecureWorld Sessions, we discuss storytelling in cybersecurity and getting security buy-in from executive leadership. Our featured interview is with Rebecca Harness, AVP and Chief Information Security Officer at St. Louis University. We also hear from Mike Muha, Chief Security & Privacy Officer at Workforce Software, on business and security alignment to get budget. Plus, we cover Trend Micro research on "Evasive Threats, Pervasive Effects." LINKS: Trend Micro research: https://www.trendmicro.com/vinfo/us/security/research-and-analysis/threat-reports/roundup/evasive-threats-pervasive-effects SecureWorld Conference calendar: https://www.secureworldexpo.com/events...2019-11-0522 min
Colorado = Security Podcast140 - 11/4 - Dale Drew from the SecureWorld StageDale Drew, CSO at Zayo, was our feature interview from the SecureWorld keynote stage this week. News from: Molson Coors, Ping Identity, Coalfire and a little bit more!
Brewed from the waters of Lake Michigan?
Alex is away, so Robb will play. And Molson Coors will leave town. Colorado will introduce digital state IDs. And Coalfire is seriously not happy with a sheriff in Iowa.
Support us on Patreon! Fun swag available - all proceeds will directly support the Colorado = Security infrastructure. Come join us on the new Colorado = Security Slack channel to meet old and new friends.
Sign up f...2019-11-031h 05The SecureWorld SessionsDr. Larry Ponemon InterviewThe SecureWorld Sessions is a new cybersecurity podcast that gives you access to people and ideas that impact your career and help you secure your organization. Our featured interview is with Dr. Larry Ponemon, Founder and Chairman of the Ponemon Institute, which does IT and cybersecurity research around the globe. Topics include: AI in security, cost of a data breach, burnout, insider threat, security awareness, and code breaking! LINKS: • Ponemon Institute: https://www.ponemon.org • Free training - SecureWorld web conferences: https://www.secureworldexpo.com/resources?cat=web-conferences • Trend Micro research on the Ri...2019-10-2939 minThe SecureWorld SessionsBug Bountie$ = Patches (How?)The SecureWorld Sessions is a new cybersecurity podcast that gives you access to people and ideas that impact your career and help you secure your organization. The featured interview is with Brian Gorenc who runs the Zero Day Initiative (ZDI), which is the largest vendor agnostic bug bounty program in the world. Why do white hats hack? How does a newly discovered security vulnerability become a patch? Has the bug bounty concept peaked? And more. Trend Micro is our exclusive podcast partner. LINKS: Zero Day Initiative: https://www.zerodayinitiative.com/ Brian Gorenc...2019-10-2217 minThe SecureWorld SessionsPrinceton’s Cybersecurity JourneyThe SecureWorld Sessions is a new cybersecurity podcast that gives you access to people and ideas that will impact your cybersecurity career and help you secure your organization. Featured interviews are with David Sherry, CISO at Princeton University, and Tara Schaufler, Security Awareness and Training Program Manager at Princeton. Also, discover free resources for security presentations. Plus, the "Trend Micro Top 3," findings from research into the risks of Complex IoT Environments (CIEs). Links: Trend Micro research: http://bit.ly/2MHnEj3 SecureWorld conference calendar: http://bit.ly/2IQxYEu 7 Live Cyberattack Maps: http://bit.ly/2...2019-10-1523 minThe SecureWorld SessionsWhat is “reasonable” cybersecurity? The SecureWorld Sessions is a new cybersecurity podcast that gives you access to people and ideas to impact your cybersecurity career and help you secure your organization. The featured interview in this episode is with Shawn Tuma, Co-Chair, Data Privacy & Cybersecurity Practice, Spencer Fane, LLP. During the interview, conducted at a SecureWorld conference, we asked Tuma to explain how courts and counsel are defining “reasonable cybersecurity.” Plus, the #1 factor to incident response success and why a national privacy / security policy is needed. We also feature the “Trend Micro Top 3,” where we unpack three top findings from Tre...2019-10-0815 minThe SecureWorld SessionsIdentity Centric Security w/GSK’s Dawn-Marie Hutchinson The SecureWorld Sessions is a new cybersecurity podcast that gives you access to people and ideas that can impact your cybersecurity career and help you secure your organization. The featured interview in this episode is with Dawn-Marie Hutchinson, CISO of Pharmaceuticals and R&D at GlaxoSmithKline (GSK). The interview, conducted at a SecureWorld conference following Dawn-Marie’s keynote, covers several security topics. How do you define and explain identity centric security? What does it look like when security enables the business as an organization goes through digital transformation? Where are many organizations failing in data go...2019-10-0114 minThe SecureWorld SessionsBruce Schneier: The Market = (In)securityThe SecureWorld Sessions is a new cybersecurity podcast. This interview with security thought leader and author Bruce Schneier reveals his strong views on the state of cybersecurity. The interview, conducted at a SecureWorld conference between his book signing and keynote, hits on a number of topics. Government and the encryption debate, the need for greater cybersecurity regulation, what he sees as a failed security paradigm (which is something every organization does!), class breaks, IoT, cybersecurity collaboration and more.2019-09-2417 minThe SecureWorld SessionsFrom Bombs to Cybersecurity! Aflac Global CSO Tim Callahan on SecurityThe SecureWorld Sessions is a new cybersecurity podcast. This interview with Aflac SVP and Chief Security Officer Tim Callahan reveals a lot of surprising things, including his bomb busting past! The interview at a SecureWorld conference is like a mini-course in crucial cybersecurity practices. Tim shares insights on the following topics: threat intelligence, the NIST Cybersecurity Framework, security automation, cybersecurity controls, asset management, and communicating security to the business. Plus, he shares a great example of cybersecurity and business enablement. Links related to the episode: SecureWorld conference map & calendar: https://www.secureworldexpo.com/eve...2019-09-1724 minThe SecureWorld SessionsWhy SecureWorld is Starting a Cybersecurity PodcastThe SecureWorld Sessions is a new podcast. In this episode, show host Bruce Sussman interviews SecureWorld Vice President Brad Graver on why the company created the podcast and how it will benefit professionals working in the InfoSec industry. Links related to the episode: SecureWorld conference map & calendar: https://www.secureworldexpo.com/events Complimentary cybersecurity learning: https://www.secureworldexpo.com/resources?cat=web-conferences Cybersecurity insights from our news site: https://www.secureworldexpo.com/industry-news2019-09-1204 minThe SecureWorld SessionsThe SecureWorld Sessions – TrailerThis trailer introduces The SecureWorld Sessions cybersecurity podcast and gives you an idea of what you can expect if you subscribe to and listen to each session. Subscribe to our podcast! Learn more about SecureWorld: https://www.secureworldexpo.com/2019-08-3002 min
Business Security Weekly (Video)Bruce Sussman, SecureWorld - Business Security Weekly #119Bruce Sussman is the Media-Development Director at SecureWorld. Bruce will give us a preview of SecureWorld Boston 2019 and the upcoming events. Full Show Notes: https://wiki.securityweekly.com/BSWEpisode1192019-02-2627 min
Paul's Security WeeklyTea & Crumpets - Business Security Weekly #119This week, we interview DJ Sampath, Co-Founder and Chief Executive Officer at Armorblox! DJ comes on the show to discuss "Securing the Human Layer"! In our second interview, we welcome Bruce Sussman, the Media-Development Director at SecureWorld! Bruce will give us a preview of SecureWorld Boston 2019 and the upcoming events! Full Show Notes: https://wiki.securityweekly.com/BSWEpisode119 Visit https://www.securityweekly.com/bsw for all the latest episodes! SecureWorld Boston is hosting their 15th annual conference March 27-28 @ the Hynes Convention Center. Security Weekly Listeners save $100 off a full conference pass by visiting https://secureworldexpo.com and using the c...2019-02-2658 min
Business Security Weekly (Audio)Tea & Crumpets - Business Security Weekly #119This week, we interview DJ Sampath, Co-Founder and Chief Executive Officer at Armorblox! DJ comes on the show to discuss "Securing the Human Layer"! In our second interview, we welcome Bruce Sussman, the Media-Development Director at SecureWorld! Bruce will give us a preview of SecureWorld Boston 2019 and the upcoming events! Full Show Notes: https://wiki.securityweekly.com/BSWEpisode119 Visit https://www.securityweekly.com/bsw for all the latest episodes! SecureWorld Boston is hosting their 15th annual conference March 27-28 @ the Hynes Convention Center. Security Weekly Listeners save $100 off a full conference p...2019-02-2658 min
Paul's Security Weekly (Video)Steve Brown, SecureWorld Keynote - Paul's Security Weekly #595Steve Brown, Keynote Speaker at SecureWorld Boston 2019 to discuss his talk about Building Your Strategic Roadmap for the Next Wave of Digital Transformation! Full Show Notes: https://wiki.securityweekly.com/Episode595 Follow us on Twitter: https://www.twitter.com/securityweekly2019-02-2454 min
Bring Your Own Security RadioBYOS - SecureWorld Expo and much moreWe're talking about SecureWorld regional Expos and other topics2018-10-0558 min