Formerly named CISO/Security Vendor Relationship Podcast. Discussions, tips, and debates from security practitioners and vendors on how to work better together to improve security for themselves and everyone else.
Daily stories from the world of information security. To delve into any daily story, head to CISOseries.com.
Welcome to CISO Tradecraft. A podcast designed to take you through the adventure of becoming a Chief Information Security Officer (CISO) and learning about cyber security. This podcast was started because G Mark Hardy and Ross Young felt impressed to help others take their Information Security Skills to an executive level. We are thrilled to be your guides to lead you through the various domains of becoming a competent and effective CISO.
The Cybersecurity Collaborative is proud to present CISO Stories. Each week CISO Stories takes a deep dive on security leadership with one of the contributors to my latest book, the best-selling CISO COMPASS: Navigating Cybersecurity Leadership Challenges with Insights from Pioneers. The Cybersecurity Collaborative is a unique membership community enabling cybersecurity leaders to work together in a trusted environment. To learn more, visit: https://www.securityweekly.com/csc.
A podcast about security for developers, covering tools and best practices.
Defense in Depth promises clear talk on cybersecurity’s most controversial and confusing debates. Once a week we choose one controversial and popular cybersecurity debate and use the InfoSec community’s insights to lead our discussion.
The Virtual CISO Moment with Greg Schaffer dives into the stories of information security, information technology, and risk management pros; what drives them and what makes them successful wile helping small and midsized business (SMB) security needs. No frills, no glamour, no transparent whiteboard text, no catchy music, no complex graphics, and no script - just honest discussion of SMB information security risk issues. Quick strike and wrap up bonus information and opinion audio-only episo ...
The New CISO is hosted by Exabeam Chief Security Strategist, Steve Moore. A former IT security leader himself, Steve sits down with Chief Information Security Officers to get their take on cybersecurity trends, what it takes to lead security teams and how things are changing in today’s world.
From the CISO who won the UK financial Services Cyber Security Team of the Year. The CEO of Zeroday360.com ”David Edwards” talks through the essential steps on how to build a winning strategy and explores the Top of Mind issue.
The Virtual CISO Podcast is a frank discussion that provides the very best information security advice and insights for Security, IT and Business leaders. If you’re looking for the latest strategies, tips, and trends from seasoned information security practitioners, want no-B.S. answers to your biggest security questions, need a perspective on how your peers are addressing the same issues, or just simply want to stay informed and proactive, welcome to the show.Our moderator, John Verry, chat ...
Conversations with CISOs and other important thought leaders offering advice for those wanting to enter the field, grow in the field.
Security Conversations covers the business of cybersecurity, from the lens of veteran journalist and storyteller Ryan Naraine. Thoughtful conversations with security practitioners on threat intelligence, zero trust, securing cloud deployments, penetration testing, bug bounties, advancements in offensive research and targeted malware espionage activity. Connect with Ryan on Twitter (Open DMs).
Candid conversations with leading CIOs.
The CISO's Gambit podcast is a pragmatic cyber risk dialogue between cyber security leaders from leading organizations, like Zscaler. Topics span technical and non-technical aspects of cyber risk, cybersecurity, privacy, transformational change management, and the evolving role of the CISO as a thought leader and change agent. The podcast covers current risks, what's on horizon, and how CISOs can help deliver business value that lowers risks, flattens the total cost of controls, and reduces ...
The path to cybersecurity leadership is not a direct route and it's those divergent routes that create the amazing stories and histories of leaders who are driving security to keep businesses and people safe. We’re Leah McLean and Syya Yasotornrat and we intend to give CISOs and cybersecurity professionals a place to be their authentic selves. These are the unedited stories told of how they got into cybersecurity, the real struggles they’ve persevered through, personal anecdotes that make th ...
Bite-sized information about cybersecurity for not-for-profit boards and leaders. In each episode we help leaders of not-for-profits to understand the information security risks to their organisations and they leave with at least one actionable insight that they can put into practice. It also features interviews with not-for-profit leaders sharing their cybersecurity journey, insights and lessons learned.
Ride the cyber trails with one CISO (Allan Alford) and a diverse group of friends and experts who bring a human perspective to cybersecurity.
Podcast by Chad Hayden
Discover the unique, inspiring, and often amusing stories behind what it takes to lead cybersecurity efforts in an organization. The Security Stories podcast features interviews with a diverse range of guests, each sharing their leadership experiences for the benefit of others in the cybersecurity industry. Discover more at https://www.cisco.com/c/en/us/products/security/securitystories.html
The CISO Dojo podcast looks at various security leader topics and guests discuss their paths in information security that lead them to where they are at today.
A podcast for digital transformation leaders. Network security experts Pam Kubiatowski and Lisa Lorenzin discuss the latest cyber-attack issues, enterprise security strategies, and current security events so that you can successfully accelerate network and security transformation. You can subscribe to the podcast feed on Apple Podcasts and Spotify.
The official EC-Council CISO Forum podcast.
Cybercrime Magazine's CISO Minute Podcast: One minute of wisdom every week for CISOs and from CISOs!
Each week on pm73media, Matt Stephenson chats with people who secure the things, hack the things or write about securing and hacking the things that surround us in everyday life. From voting machines to social engineering to the critical infrastructure, if it can be secured, it can be hacked. On pm73media, we meet the people who do one or the other… and sometimes both.
The Hub of the Infosec Community. A daily podcast with host and CISO James Azar delivering the latest in risk, impact, and mitigation for cybersecurity practitioners globally. The show is live at 9 AM EST Monday through Thursday and tune in each Friday for a special Tech Corner with some of the industry's brightest minds to discuss the latest challenges, innovations, and technologies. Our mission is to provide substantive and quality content that’s more than headlines or sales pitches. We wa ...
One of the most challenging positions within an org is the Chief Information Security Officer. In this podcast CISO and Host James Azar interviews his peers in the CISO role on how the role has developed, how the cybersecurity pracyitioners handle the various challenges and leadership qualities. In this podcast you will hear about the latest best practices, solving complex challenges and building a secure enterprise. Tune in for new episodes. This podcast is part of the CyberHub Podcast Medi ...
CyberTalk With Mike Shelah is a podcast focused on IT, Cyber, Compliance & technology strategy. Mike Interviews CIO’s CISO’s and other IT leaders to share their experiences and best practices in the cyber world. The show is sponsored by Advantage Industries. Go to www.getadvantage.com to learn more about their cybersecurity focused IT strategy to support your business.
“CISO's Secrets” promises clear talk on cybersecurity’s burning topics, but not only; A series of 40 minutes weekly podcast hosting Telco industry CIOs and CISO’s, from global and leading companies. Podcast will share true stories, reveal real-life scenarios, and more. The host will lead discussions about Security trends, best practices, cloud, networks, data, employees, habits, and secrets while drifting between personal and professional life. Earn your CISO's Secrets membership badge at ht ...
S
Security Unlocked: CISO Series with Bret Arsenault


Microsoft’s Chief Information Security Officer (CISO), Bret Arsenault, chats with his CISO peers and industry leaders about the biggest challenges in cybersecurity today, plus practical guidance for security practitioners. Be sure to listen in and follow us! Security Unlocked: CISO Series with Bret Arsenault is produced by Microsoft and distributed as part of The CyberWire Network.
T
The CyberPHIx: Meditology Services Podcast


1
The CyberPHIx: Meditology Services Podcast
Brian Selfridge: Healthcare IT Thought Leader
The CyberPHIx is a regular audio podcast series that reports and presents expert viewpoints on data security strategy for organizations handling patient health or personal information in the delivery of health-related services. These timely programs cover trends and data security management issues such as cybersecurity risk management, HIPAA and OCR compliance strategy and vendor risk management. Meditology Services, the healthcare industry's leading security and compliance firm, moderates t ...
Welcome to the Cybrary Studios, home to Cybrarys three podcast series, including the award-winning 401 Access Denied voted Best Cybersecurity Podcast for NORTH AMERICA by the 2021 Cybersecurity Excellence Awards.The Cybrary Podcast -In this show, we will be speaking with current leaders and experts in the IT and Cybersecurity fields. Discussing topics ranging from DevSecOps and Ransomware attacks to diversity and the retention of talent the Cybrary Podcast covers it all. Stay up to date with ...
Smarter CISOs — the cybersecurity podcast designed to help you manage smarter, reduce your organization’s cyber risk, and learn best practices from cyber experts. "Smarter CISOs" is made possible by Aware Force. Aware Force engages employees in cybersecurity with newsletters and multimedia content, all branded and customized for your organization. Employees stay alert to cyber threats, protecting their families and keeping your organization safer throughout the year. Aware Force can dramatic ...
T
The CISO Platform Security Show In Association With FireCompass


CISO Platform is the world's first online community solely dedicated to information senior security executives (CISO/CIO/CSO/CTO/Directors etc). The vision of the platform is to enable the senior security executives to share, learn, and network with other peers.
Want to learn what it takes to start, develop and build a successful career in the Information Technology industry? The IT Career Energizer podcast enables you to find out how. More than 300 IT and tech professionals, consultants and experts have shared their career experiences and insights to help you to succeed. Previous guests have included Jeff Atwood (Stack Overflow), Troy Hunt (Have I Been Pwned), Nicole Archambault (La Vie en Code), April Wensel (Compassionate Coding), Kent Beck (Agil ...
The daily cybersecurity news and analysis industry leaders depend on. Published each weekday, the program also includes interviews with a wide spectrum of experts from industry, academia, and research organizations all over the world.
The CIO exchange podcast features technology and business leaders from around the world, discussing what's working, what's not, and what's next. Through stories of failure, success, passion, and struggle, we explore the ways in which these tech executives have moved both their companies and their careers forward. Each episode is a conversation focusing on a unique topic intended to provide the insight and perspective needed to help others make progress. This podcast is produced by VMware, a ...
Cybersecurity and data privacy is a requirement for any good business. So how can a CISO, CTO or compliance manager stay on top of where the industry is heading? Infosec veterans and former lead auditors, Arti Lalwani and Blaise Wabo discuss the intersection of security, privacy and compliance. Topics will include: Guest interviews with industry experts, framework updates, the business implications of compliance (and non-compliance), and discussions about compliance challenges, tips and tricks.
C
Craig Peterson - America's Leading CyberSecurity Strategist


1
Craig Peterson - America's Leading CyberSecurity Strategist
Craig Peterson
America’s Leading Fractional Chief Information Security Officer. My team and I usually start with a scan of all devices on your network to determine what needs to be secured. Then we work with you to develop a complete plan to secure what needs to be secured on your networks. In certain cases, my team and I will help businesses source, monitor, and run their cybersecurity. I've been providing Cybersecurity to enterprises of all sizes, and Federal and State agencies since 1991.
G
Groovers Talk Tech - Breaking IT down with Mobius Partners


1
Groovers Talk Tech - Breaking IT down with Mobius Partners
Mobius Partners
Our experts are excited to share insights, experience, and advice on all things IT. We are here to break down IT concepts and share best practices. We hope you find these episodes informative and helpful. If you would like to learn more about our company or see how we can help your business, visit us at mobiuspartners.com. Want to be a guest or have ideas for topics for us to cover? Please send to info@mobiuspartners.com. #GrooversTalkTech Möbius Partners is a relationship driven IT solution ...
T
The InspireCIO Podcast


1
The InspireCIO Podcast
InspireCIO | The Preeminent Peer Leadership Network of CIOs
Welcome to the InspireCIO Podcast. We exist to highlight the Chief Information Officers that are a part of the InspireCIO Leadership Network. We give these technology leaders the platform to take us through their leadership journey – diving deep into their philosophies, professional struggles and greatest triumphs. The topic is always leadership and the goal is always to inspire CIOs to achieve their leadership potential. InspireCIO brings together leading technology leaders in major cities ...
Your hosts, Tom Meehan, CIO and CISO at CONTROLTEK and Shaun Ferrari, Global Cash Product Director at Currency Research share the latest information on the issues affecting the world of cash today. Featuring interviews with top industry experts and thought leaders, you’ll have a close look at trends, strategies, and technology influencing the world of cash. Stay informed on topics like cash security, payments technology, risks, the cash supply chain, and learn about strategies to support bet ...
The Business Security (BizSec) Podcast. Hosts Beau Woods and Dave Kennedy analyze and discuss the latest business news in the information and technology security world, as well as a bigger picture theme each episode. Follow us @bizsecpodcast
healthsystemCIO.com is the sole online-only publication dedicated to exclusively and comprehensively serving the information needs of healthcare CIOs.
Beards in Security is a podcast featuring Matt Berry and Anthony Mannarino who cover IT security news, security program development, vulnerabilities, research, and related topics of interest for the information security community.
Humans are the key to solving our cybersecurity challenges…but first we need them to be Well Aware. The Well Aware Security Show is hosted by George Finney, CISO for SMU and author of the award winning book, Well Aware: Master the Nine Cybersecurity Habits to Protect Your Future. Security is in your DNA…so be Well Aware!
Podcast by Alex Wood & Robb Reck
Security Confidential provides weekly interviews and insights into the world of cybersecurity. Produced entirely in-house by MSSP & global risk management firm Dark Rhino Security.
The podcast that brings you the very best in all things, cybersecurity, taking an in-depth look at the most pressing issues and trends across the industry
S
Security Stories


1
49: Moving toward security resilience, with Liz Waddell, Accidental CISO, and Christos Syngelakis
1:00:03
1:00:03
Play later
Play later
Lists
Like
Liked
1:00:03
Today's episode features a chat between Hazel and three security leaders - Accidental CISO (yes, the anonymity intrigues us too!), Liz Waddell, Incident Response Practice Lead for Cisco Talos, and Christos Syngelakis, CISO and Data Privacy Officer at Motor Oil Group. They talk about their experiences of building security resilience – so we got into…
S
Security Confidential


1
SC S6 E3 Tim Chase - Field CISO, Professional Speaker, Ethical Hacker
42:27
42:27
Play later
Play later
Lists
Like
Liked
42:27
#SecurityConfidential #DarkRhinoSecurity Tim Chase joins host Manoj Tandon on this episode of Security Confidential. Tim Chase is a Field CISO, Professional Speaker, Author, Ethical Hacker, Certified Application Security Engineer, etc. He is also a LinkedIn Learning Instructor who writes training modules about DevOps and DevSecOp. Tim is an expert …
C
CISO Stories Podcast


1
Using Security Metrics as a Shared Goal With Developers - Caroline Wong - CSP #68
25:11
25:11
Play later
Play later
Lists
Like
Liked
25:11
Security metrics are often a struggle to establish by security departments. These metrics may be taking too narrow of a view, whereby metrics visible and embraced by other areas can improve the security program success. Join us as we discuss these metrics. Additionally, Caroline is graciously offering her Linkedin metrics course focused on establis…
T
The Virtual CISO Moment


1
The Virtual CISO Moment Wrap Up for Friday, May 20, 2022
10:38
10:38
Play later
Play later
Lists
Like
Liked
10:38
Remote work, IT and infosec staff stress and ransomware - a canary in the coal mine? https://www.helpnetsecurity.com/2022/05/17/state-of-security/ https://www.helpnetsecurity.com/2022/05/18/it-help-desk-stress/ https://www.techtarget.com/searchsecurity/news/252518151/Iranian-APT-Cobalt-Illusion-launching-ransomware-attacks https://thehackernews.com…
C
CISO Series Podcast


1
A Look Back at Foolish Security Policies of Past and Present
39:57
39:57
Play later
Play later
Lists
Like
Liked
39:57
All links and images for this episode can be found on CISO Series Are bad security policies of yesteryear just because we didn't know any better at the time, or were they some bozos idea of legitimate security yet the rest of us knew it was just security theater? This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series an…
T
The Virtual CISO Podcast


1
The Convergence of Physical & Cyber Security and the Impact to Cyber Security Professionals
25:26
25:26
Play later
Play later
Lists
Like
Liked
25:26
As technology advances, there will always be new threats from malicious actors seeking to exploit these advancements — whether that be in the digital realm or physical. With technologies increasingly blurring the lines between the two, today’s security professionals must adapt as the sectors of physical security and cyber security converge into one…
C
CISO Tradecraft


1
CISO Tradecraft: 3 Business Objectives & 5 CISO Archetypes (with Christian Hyatt)
45:16
45:16
Play later
Play later
Lists
Like
Liked
45:16
On this episode of CISO Tradecraft, Christian Hyatt from risk3sixty stops by to discuss the 3 major Business Objectives for CISOs: Risk Management Cost Reduction Revenue Generation He also discusses the five CISO Archetypes. The Executive The Engineer The GRC Guru The Technician The Builder References:The 5 CISO Archetypes Book Link Designing the C…
C
CyberWire Daily


1
War crimes in cyberspace? Iranian cyberespionage (and a possible APT side-hustle). A backdoor for Roblox. Darkweb C2C trader sentenced. eBay newsletter conspirator pleads guilty. CIA gets a CISO.
24:39
24:39
Play later
Play later
Lists
Like
Liked
24:39
Ukraine holds its first war crimes trial. Are there war crimes in cyberspace? Iranian cyberespionage (and a possible APT side-hustle). Roblox seems to have been used to introduce a backdoor. CISA issues ICS advisories. Darkweb C2C trader sentenced. The last conspirator in the strange case of the eBay newsletter takes a guilty plea. Carole Theriault…
T
The CISO Diaries


1
Anu Kukar - Cybersecurity Career Transitioner; Founded Global Campaign Switch2Cyber™
42:49
42:49
Play later
Play later
Lists
Like
Liked
42:49
Anu Kukar is an industry award winner, international keynote speaker and diverse executive with 20 years of experience in both consulting and industry. She has spoken 60+ events, published articles and been a guest on podcasts globally across 9 countries. She shares insights and provides practical tips through her unique storytelling whilst taking …
G
Groovers Talk Tech - Breaking IT down with Mobius Partners


1
Planning an Effective Cybersecurity Incident Response: Creating and Building For Success with CISO at HRSD
1:00:14
1:00:14
Play later
Play later
Lists
Like
Liked
1:00:14
Detect and stop attacks, minimize damage, and prevent future attacks of the same type – can your cybersecurity incident response achieve these goals? How can we ensure that we have the right process in incident response and the right documentation should we need it? Today our guest is Roger Caslow, a CISO at HRSD – a regional utility in Virginia th…
h
healthsystemCIO.com


1
Q&A With Methodist Le Bonheur Healthcare CISO Steve Crocker: IT Security Should “Assist Owners With How They Can Manage Risks on Their Assets”
32:17
32:17
Play later
Play later
Lists
Like
Liked
32:17
Steve Crocker, CISO at Methodist Le Bonheur Healthcare, says after receiving a full briefing from IT security, business leaders should make the final decision on how much risk they want to accept. Source: Q&A With Methodist Le Bonheur Healthcare CISO Steve Crocker: IT Security Should “Assist Owners With How They Can Manage Risks on Their Assets” on…
C
CyberTalk With Mike Shelah


1
CyberTalk With Mike Shelah Episode One: Sundhar Rajan CIO & CISO of Casepoint LLC
29:56
29:56
Play later
Play later
Lists
Like
Liked
29:56
In episode one, Mike interviews Sundhar Rajan the CIO & CISO of Casepoint LLC a software company focused on the legal industry. Sundhar share his thoughts on the best compliance framework for software companies to evaluate and then how to build a consensus among leadership to implement a cybersecurity strategy. To learn more, go to www.casepoint.co…
T
The CISO's Gambit


1
Heng Mok, Zscaler CISO - APJ, unplugged: a deep examination of today's toughest security job
38:43
38:43
Play later
Play later
Lists
Like
Liked
38:43
There is no one path to the top security role, but once there, the challenges for newbie CIOS are familiar. What are the keys to success? What kind of background and skill set is best? How do you pick up an inherited tech stack and budget and run with it? What is the right organizational structure given how infrastructure and risk management have e…
C
CyberWire Daily


1
Charity Wright: Pursue what you love [Threat intelligence] [Career Notes]
9:20
9:20
Play later
Play later
Lists
Like
Liked
9:20
Threat intelligence analyst at Recorded Future, Charity Wright, shares her story from the army to her career today. Transitioning from the army to cybersecurity was an exciting change for her. During college she was recruited by the U.S army where she started her journey and learned new skills paving her pathway to threat intelligence where she is …
C
CyberWire Daily


1
AutoWarp bug leads to Automation headaches. [Research Saturday]
19:26
19:26
Play later
Play later
Lists
Like
Liked
19:26
Yanir Tsarimi from Orca Security, joins Dave to discuss how researchers have discovered a critical Azure Automation service vulnerability called AutoWarp. The security flaw was discovered this past March causing Yanir to leap into action announcing the issue to Microsoft who helped to swiftly resolve the cross-account vulnerability. The research sh…
C
Craig Peterson - America's Leading CyberSecurity Strategist


1
Do You Know How Crypto's Nose-dive Will Even Hurt Your 401K?
1:23:25
1:23:25
Play later
Play later
Lists
Like
Liked
1:23:25
Do You Know How Crypto's Nose-dive Will Even Hurt Your 401K? Hey, it looks like if you did not invest in "Crypto," you were making a smart move! Wow. We got a lot to talk about here. Crypto has dived big time. It's incredible. What's happened? We get into that and more. [Following is an automated transcript] Hi everybody. Craig Peterson here. Appre…
Link to Blog Post This week’s Cyber Security Headlines – Week in Review, May 16-20, is hosted by Rich Stroffolino with our guest, Jerich Beason, CISO, Commercial Bank, CapitalOne Thanks to today's episode sponsor, Torq All links and the video of this episode can be found on CISO Series.com
C
CyberWire Daily


1
Is Conti rebranding? Commercial spyware scrutinized. Notes from the cyber phases of a hybrid war. Notes on the underworld. Software supply chain attack. Canada will exclude Huawei from 5G.
30:59
30:59
Play later
Play later
Lists
Like
Liked
30:59
Was Conti’s digital insurrection in Costa Rica misdirection? Google assesses a commercial spyware threat “with high confidence.” Continuing expectations of escalation in cyberspace. The limitations of an alliance of convenience. Fronton botnet shows versatility. Russian hacktivists hit Italian targets, again. Lazarus Group undertakes new SolarWinds…
C
CyberWire Daily


1
CISA Alert AA22-138B – Threat actors chaining unpatched VMware vulnerabilities for full system control. [CISA Alerts]
3:14
3:14
Play later
Play later
Lists
Like
Liked
3:14
CISA is releasing this cybersecurity advisory to warn organizations that malicious cyber actors are exploiting CVE-2022-22954 and CVE-2022-22960. These vulnerabilities affect versions of VMware products. Successful exploitation permits malicious actors to trigger a server-side template injection that may result in remote code execution or escalatio…
Greenland health services limited from cyberattacks Phishing attacks surge in Q1 Google details 2021 zero-days And now let’s thank today’s sponsor, Torq Myth 5: You Should Automate All Security Processes False. You should automate routine, repetitive tasks that are not subject to much conditional variance. But workflows that can’t be reliably manag…
C
CyberWire Daily


1
Information operations and the invasion of Ukraine. VMware patches vulnerabilities. F5 BIG-IP vulnerabilities atively exploited. TDI clarifies data incident. Robo-calling the Kremlin.
30:49
30:49
Play later
Play later
Lists
Like
Liked
30:49
Russian information operations surrounding the invasion of Ukraine. VMware patches vulnerabilities. F5 BIG-IP vulnerabilities undergoing active exploitation. Texas Department of Insurance clarifies facts surrounding its data incident. Robert M. Lee from Dragos is heading to Davos to talk ICS. Rick Howard speaks with author Chase Cunningham on his b…
C
Cybility Savvy


1
E17- IG and DP in healthcare- In Conversation with Barry Moult
43:00
43:00
Play later
Play later
Lists
Like
Liked
43:00
📝Show notes: What does an 'Information Governance' professional do anyway? In this episode Michala Liavaag and Barry Moult explore several aspects of information governance and data protection in the healthcare sector. They also present the newly created Data Protection & Information Governance level 4 apprenticeship. Barry is an award-winning Info…
All links and images for this episode can be found on CISO Series Cyber professionals, who is responsible on your team for investigating new solutions? Check out this post and this post for the discussion that are the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Steve Zale…
VMware bugs abused to deliver Mirai malware Microsoft to debut of zero trust GDAP tool Bank of Zambia refuses to pay ransom to cyberattack group Hive And now let’s thank today’s sponsor, Torq Myth 4: Automation Will Replace Skilled Security Professionals Not true. Any business that attempts to automate security will quickly find that most high-stak…
C
CyberWire Daily


1
CISA Alert AA22-138A – Threat Actors Exploiting F5 BIG-IP CVE-2022-1388.
3:20
3:20
Play later
Play later
Lists
Like
Liked
3:20
CISA and the Multi-State Information Sharing & Analysis Center (MS-ISAC), are releasing this joint Cybersecurity Advisory in response to active exploitation of CVE-2022-1388. This vulnerability is a critical iControl REST authentication bypass vulnerability affecting multiple versions of F5 Networks BIG-IP. AA22-138A Alert, Technical Details, and M…
C
CyberWire Daily


1
Privateering goes fully political. Compromised robots? Conti’s campaign against Costa Rica. Cyberconflict along the Nile. A reset in the cyber insurance market.
25:33
25:33
Play later
Play later
Lists
Like
Liked
25:33
Chaos ransomware group declares for Russia. Hacktivists claim to have compromised Russian-manufactured ground surveillance robots. Conti's ongoing campaign against Costa Rica. The claimed "international" cyberattack against Nile dam was stopped. Rick Howard speaks with author Caroline Wong on her book “Security Metrics, a Beginner's Guide”. Our gue…
p
pm73media


1
Mike Fraser: Developers... Adapt or DIE!
1:12:59
1:12:59
Play later
Play later
Lists
Like
Liked
1:12:59
How can we make a better mousetrap if the designers of and the materials that go into the contemporary mousetraps aren’t good enough to keep pace with the current mouse? Adapt or perish… now as ever, is nature’s inexorable imperative --HG Wells It is not the strongest species that survie, nor the most intelligent… but the ones most responsive to ch…
e
eXecutive Security


1
In InfoSec Change is the Only Constant with Patricia Titus of Markel
32:57
32:57
Play later
Play later
Lists
Like
Liked
32:57
Patti Titus is the Chief Privacy and Information Security Officer at Markel Corporation. She also serves on the Board of Directors for Black Kite and the Girl Scouts of the Commonwealth of Virginia. She was recognized as a 'Woman of Influence' by the Executive Women’s Forum in 2009 and the Silicon Valley Business Journal in 2013. Patti has held num…
How do you identify the problems before looking for solutions? Today, we go to the InspireCIO vault to revisit a conversation with NewYorkCIO member Harry Moseley, Global CIO of Zoom and AlabamaCIO member Neil Brinson, Chief Information Security Officer of Core & Main. Neil had the pleasure of sitting down with Harry discussed handling massive grow…
T
The CyberHub Podcast


1
Kubernetes API Servers, Top Initial Access Attack Vectors, Conti & North Korea
9:32
9:32
Play later
Play later
Lists
Like
Liked
9:32
Kubernetes API Servers, Top Initial Access Attack Vectors, Conti & North Korea Cybersecurity News CyberHub Podcast May 18th, 2022 Today's Headlines and the latest #cybernews from the desk of the #CISO: 380,000 Kubernetes API Servers Exposed to Internet Cybersecurity agencies reveal top initial access attack vectorsNVIDIA Patches Code Execution Vuln…
C
CIO Classified


1
Defining Data Intensity and How to Apply It with Jay Upchurch, EVP and CIO at SAS, and Oliver Schabenberger, Chief Innovation Officer at SingleStore
37:49
37:49
Play later
Play later
Lists
Like
Liked
37:49
Data is everywhere, in everything, but how do you know if your company is optimized for a data-driven future? A new term is emerging that might be the best way to tell: data intensity. You’ll hear from Jay Upchurch, EVP and CIO at SAS, and Oliver Schabenberger, Chief Innovation Officer at SingleStore, as they define data intensity, share advice to …
T
The Cyber Ranch Podcast


1
Getting a Seat at “The Table” w/ Brent Deterding
32:28
32:28
Play later
Play later
Lists
Like
Liked
32:28
“Having a seat at the table doesn’t mean getting your way all the time. It means having a seat and I think that is very important to understand.” - Brent Deterding In this episode, Allan is joined by the CISO at Afni, Brent Deterding, to explore how CISOs can earn and keep their seat at the executive table. Brent was a fan of the Learned Helplessne…
Buffalo massacre suspect signaled plans on Discord for months Google faces litigation for unauthorised use of medical records Venezuelan doctor accused of developing and distributing ransomware And now let’s thank today’s sponsor, Torq Myth 3: Only Enterprises Need Security Automation Debunked. While enterprises with thousands of endpoints and spra…
T
The Cybrary Podcast


1
401 Access Denied Podcast Ep. 54 | Creativity, Community, and Bug Bounties with STÖK
57:47
57:47
Play later
Play later
Lists
Like
Liked
57:47
How does the hacker of all trades, Fredrik Alexandersson (aka STÖK), take the time to learn new things, design sustainable fashion, and connect with a growing social media community? Hear how you can satisfy your curiosity with the ultimate work-life balance. Follow STÖK down the bug bounty career path that influenced his cybersecurity career journ…
C
CyberWire Daily


1
CISA Alert AA22-137A – Weak security controls and practices routinely exploited for initial access. [CISA Alerts]
2:49
2:49
Play later
Play later
Lists
Like
Liked
2:49
This joint cybersecurity advisory was coauthored by the cybersecurity authorities of the US, Canada, New Zealand, the Netherlands, and the UK. Cyber actors routinely exploit poor security configurations, weak controls, and other poor cyber hygiene practices to gain initial access or as part of other tactics to compromise a victim’s system. This joi…
C
CyberWire Daily


1
Russian cyber threats and NATO’s Article 5. Conti says it’s going to bring Cost Rica to its knees. BLE proof-of-concept hack. CISA warns of initial access methods. Thanos proprietor indicted.
28:38
28:38
Play later
Play later
Lists
Like
Liked
28:38
An assessment of the Russian cyber threat. NATO's Article 5 in cyberspace. Conti's ransomware attack against Costa Rica spreads, in scope and effect. Bluetooth vulnerabilities demonstrated in proof-of-concept. CISA and its international partners urge following best practices to prevent threat actors from gaining initial access. Joe Carrigan looks a…
h
healthsystemCIO.com


1
Q&A with CIO Scott Maclean, Part 2: “I consider it a real privilege to build relationships.”
10:40
10:40
Play later
Play later
Lists
Like
Liked
10:40
In this podcast interview, Scott MacLean talks about “the fundamental infrastructure” that enables MedStar to deliver quality care, why he sought a position on CHIME’s Board of Trustees, and the enormous impact individuals can have by taking community walks. Source: Q&A with CIO Scott Maclean, Part 2: “I consider it a real privilege to build relati…
C
Cloudy With a Chance of Trust


1
Firewalls: the good, the bad, and the ugly
20:09
20:09
Play later
Play later
Lists
Like
Liked
20:09
When it comes to firewalls, things are...complicated. In this episode, Pam interviews Lisa to get at the heart of the dangers and drawbacks of using these legacy network protection tools. Traditional firewalls can't do zero trust, but they can coexist with your modernized infrastructure as you begin your journey. Listen now to learn more.…
C
CISO Stories Podcast


1
CSP #70 - Establishing and Selling The Cost of Cybersecurity - Devon Bryan
27:43
27:43
Play later
Play later
Lists
Like
Liked
27:43
The security spend is increasing year over year as hackers become more sophisticated, organized, and opportunistic. Join us as we discuss ways to determine and evaluate the cost of cybersecurity to ensure the organization is spending the appropriate amount to reduce the risk to an acceptable level. To view the article from the CISO COMPASS Book tha…
T
The Virtual CISO Moment


1
The Virtual CISO Moment S4E20 - A Conversation with Clark Cummings
26:11
26:11
Play later
Play later
Lists
Like
Liked
26:11
Clark Cummings joins us to discuss enterprise risk management, how to recognize "risk collisions", and provide practical risk management advice for small and midsized businesses. --- Send in a voice message: https://anchor.fm/vcisoservices/messageSupport this podcast: https://anchor.fm/vcisoservices/support…
Costa Rican ransomware rhetoric somehow gets uglier DOJ files its first criminal cryptocurrency sanctions case Trying to fix open source supply chain security And now let’s thank today’s sponsor, Torq Myth 2: Security Automation Is Just a New Term for Automated Security Testing Wrong. While scanning and testing may be one example of a security auto…
C
CyberWire Daily


1
Users advised to patch actively exploited Zyxel vulnerability. Hacktivism and influence ops in Russia’s hybrid war. Ransomware notes. Indiscriminate hacktivism? Alt-coin sanctions case will proceed.
25:17
25:17
Play later
Play later
Lists
Like
Liked
25:17
Users are advised to patch Zyxel firewalls. Battlefield failure and popular morale in Russia’s hybrid war. Nuisance-level hacktivism in the hybrid war. Sweden and Finland move closer to NATO membership; concern over possible Russian cyberattacks rises. Intelligence, disinformation, or wishful thinking? Conti calls for rebellion in Costa Rica. PayOr…
T
The Secure Developer


1
Ep. 115, Security Ownership and Culture with Peter Oehlert
44:13
44:13
Play later
Play later
Lists
Like
Liked
44:13
Thanks for tuning in to a brand new episode of the Secure Developer! Joining us in conversation today is Peter Oehlert, Chief Security Officer at Highspot. We hear about Peter’s journey with Facebook, Smartsheet, and Microsoft, learn the difference between establishing a new security practice when there is an existing security culture and when ther…
What is the secret to security (or any business) success? Listen to find out. --- This episode is sponsored by · Anchor: The easiest way to make a podcast. https://anchor.fm/app--- Send in a voice message: https://anchor.fm/vcisoservices/messageSupport this podcast: https://anchor.fm/vcisoservices/support…
S
Security Masterminds


1
On the Front Lines, Protecting Critical Infrastructure
33:11
33:11
Play later
Play later
Lists
Like
Liked
33:11
With current events, there is a strong focus on the critical infrastructure sector that provide fuel, water and electricity to our homes and office buildings. In today's episode we hear from Spencer Wilcox, who is a cybersecurity leader at a large power utility working to ensure that power is always available and protected against cybercriminals. H…
T
The CyberHub Podcast


1
Zyxel Firewall Exploit, SonicWall urges Patch, Iran OilRig & US Signs Cybercrime treaty
8:25
8:25
Play later
Play later
Lists
Like
Liked
8:25
Zyxel Firewall Exploit, SonicWall urges Patch, Iran OilRig & US Signs Cybercrime treaty Cybersecurity News CyberHub Podcast May 16th, 2022 Today's Headlines and the latest #cybernews from the desk of the #CISO: CISA Removes Windows Vulnerability From 'Must-Patch' List Due to Buggy Update SonicWall ‘strongly urges’ admins to patch SSLVPN SMA1000 bug…
Ukraine CERT-UA warns of new attacks launched by Russia-linked Armageddon APT Microsoft fixes new PetitPotam Windows NTLM relay attack vector Hackers are exploiting critical bug in Zyxel firewalls and VPNs And now let’s thank today’s sponsor, Torq Myth 1: Automation Is Only a Reactive Part of SecOps Incorrect. Proactive management of security incid…
C
CyberWire Daily


1
The current state of zero trust. [CyberWire-X]
31:51
31:51
Play later
Play later
Lists
Like
Liked
31:51
According to the zero trust philosophy, we all assume that our networks are already compromised and try to design them to limit the damage if it turns out to be so. In this episode of CyberWire-X, we’ve invited subject matter experts, Amanda Fennell, the Chief Information Officer and Chief Security Officer of Relativity, and Galeal Zino, CEO of epi…
C
CyberWire Daily


1
Eric Escobar: Collaboration is key. [Pen tester] [Career Notes]
8:12
8:12
Play later
Play later
Lists
Like
Liked
8:12
Principal consultant and pen tester at Secureworks, Eric Escobar, shares his career path translating his childhood favorite Legos to civil engineering and pivoting to cybersecurity. Eric was always headed toward engineering and got both his bachelor and master degrees in civil engineering. Upon breaking into a network with a friend, he was bitten b…