The recent breach of the Change Healthcare platform serves as a strong reminder that the healthcare sector remains extremely vulnerable to different types of attacks. In late February, a ransomware gang known as Black Cat claimed responsibility

Quantum Computing and Cybersecurity – Examining Trends and Implications

Jun 5th, 2024 39m 31s

The fast-evolving quantum computing phenomenon represents a paradigm shift in how computers process data. Due to its ability to process vast amounts of data and solve complex problems at an unprecedented speed, quantum computing holds great pro

Creating a Security-Minded Culture

May 22nd, 2024 39m 50s

In this podcast, I enjoyed talking with Chirag Shah, Model N's Global Information Security Officer and Data Privacy Officer, about creating a security-minded culture. Infusing a security culture within organizations starts with leadership buy-i

Securing the Future: Inside Student-Led Cybersecurity Clinics

May 5th, 2024 28m 13s

Student-led cybersecurity clinics are increasingly playing an essential role in strengthening the digital defenses of nonprofits, hospitals, municipalities, small businesses, and other under-resourced organizations in our communities while also

Developing Resilient and Secure Mission Critical Facilities (Data Centers)

Apr 24th, 2024 33m 59s

Developing and maintaining resilient and secure data centers is a huge part of cybersecurity readiness. Spiros Liolis, Chief Technologist and Managing Consultant, EYP Mission Critical Facilities, Part of Ramboll, joins me to discuss the challen

Securing Application Programming Interfaces (APIs)

Apr 10th, 2024 38m 44s

Application Programming Interfaces (APIs) play a vital role in modern software development, enabling the integration of services and facilitating the exchange of information. The ubiquity of APIs is a testament to their success in supporting ma

The Last Line of Defense Against a Ransomware Attack

Mar 27th, 2024 34m 57s

Attackers have started increasingly targeting victims' backups to prevent organizations from restoring their data. Veeam's "2023 Ransomware Trends Report" found more than 93% of ransomware attacks specifically targeted backup data. My discussio

Overcoming the Stale Nature of Tabletop Exercises

Mar 13th, 2024 38m 36s

While tabletop exercises (TTX) are considered a proven tool for finding gaps in an organization’s security posture, they can be painstakingly challenging to plan and implement effectively. In a time where information security teams are understa

Securing Artificial Intelligence (AI) Applications

Feb 28th, 2024 31m 5s

As artificial intelligence (AI) technologies continue to evolve and be leveraged, organizations need to make a concerted effort to safeguard their AI models and related data from different types of cyber-attacks and threats. Chris Sestito (Tito

Building a Resilient Disaster Recovery Infrastructure

Feb 14th, 2024 26m 24s

The latest disaster recovery statistics reveal that modern businesses still face costly interruptions due to a variety of threats, ranging from ransomware attacks to sudden hardware failures. The monetary costs of disasters and outages can be s

Unraveling the Positive and Negative Impacts of Generative AI

Nov 22nd, 2023 41m 56s

In a very thought provoking discussion, Artificial Intelligence (AI) expert, Tony Hoang, Ph.D., traced the evolution of Gen AI, highlighted the many benefits, and also shared his concerns about the irresponsible and abusive use of this technolo

Best Practices for Overcoming Troublesome Vulnerability Management Trends

Nov 1st, 2023 48m 58s

A 2023 State of Vulnerability Management Report finds that only half of the surveyed organizations (51%) have, at best, a moderate level of visibility into vulnerabilities. Several other vulnerability management metrics, such as maturity levels

Streamlining and Improving Security by Standardizing Identity Management

Oct 18th, 2023 32m 6s

While cloud computing has become a great digitization enabler to enterprises, multiple clouds—especially when intersecting with on-premises systems and one another—can produce some challenges. Many organizations can end up with an "identity gri

How Informed is the Board of Directors on Cybersecurity Risks?

Oct 3rd, 2023 52m 18s

With the global cost of cybercrime expected to reach $10.5 trillion by 2025, cybersecurity has become a board-level imperative. According to the Diligent Institute survey 'What Directors Think,' board members ranked cybersecurity as the most ch

Enhancing Incident Response Effectiveness

Sep 6th, 2023 55m 1s

According to a 2023 IBM report, companies take 197 days to identify a breach and 69 days to contain one on average. The delay between infection, detection, and containment can cost businesses millions of dollars. Only 45% of the companies polle

Cybersecurity in the Age of AI

Jul 12th, 2023 38m 36s

While large language models such as ChatGPT can be used to write malicious code, AI tools are increasingly used to proactively detect and thwart cyber-attacks. There is growing recognition of AI’s potential to fight cybercrime. Ian L. Paterson,

Identity Orchestration Strategies and Best Practices

Jun 28th, 2023 42m 39s

Cloud migration and remote work requirements are forcing organizations to modernize their applications and identity systems. Making the transition is both time-consuming and expensive using traditional software development practices. By decoupl

Creating a Diverse Cybersecurity Workforce and Solving the Talent Shortage

Jun 14th, 2023 56m 51s

Recent cybersecurity workforce study reports reveal that a) there’s still a global shortage of 3.4 million workers in this field, and b) only 25% of the global cybersecurity workforce are women. In this episode, I had an engaging discussion wit

Countering Insider Threats: Seven Science-Based Commandments

Apr 26th, 2023 45m 55s

Research finds that there was a 44% increase in insider threat incidents across all types of organizations, and 56% of the reported incidents were due to negligence. Equally alarming is that the average annual cost to remediate a negligence inc

Mitigating Risks from Unmonitored Communication Channels

Apr 14th, 2023 56m 39s

Significant fines in excess of $2 billion have been levied on organizations in the financial services sector for failing to capture, retain and supervise communications. This crackdown on non-compliant communications is the clearest indicator

Implementing Secure and Fast Authentication Processes

Mar 30th, 2023 41m 51s

Traditional authentication methods are outdated and need many layers of code, which can take time and resources away from developer teams. If developments like FIDO2, WebAuthn, and passkeys are to be the cornerstones of a passwordless future,

Proactive Resilient Approach to Cybersecurity

Mar 15th, 2023 49m 40s

It is well known that a proactive intelligence-driven approach to cyber governance is the way to go. But it is easier said than done. Embracing and sustaining such an approach requires high commitment, preparedness, and discipline. Kriti Arora,

The Challenges and Best Practices of Cyber Security in Emerging Markets

Mar 1st, 2023 48m 44s

“While developed markets may today bear the brunt of cyber breaches, emerging markets are no less vulnerable. Their risks arise from weak processes and governance, the complexity of global supply chains, the need to remain low cost to attract i

Cybersecurity Perspectives of a Community College President

Feb 15th, 2023 44m 14s

In this episode, Pamela Senegal, President, Piedmont Community College, shares several best practices, including having an information technology presence in each of the college-wide committees. I had the pleasure of meeting Pamela at a cyberse

From Law Enforcement Officer to Chief Information Security Officer

Feb 1st, 2023 33m 59s

In this episode, Brian Penders, Chief Information Security Officer, at the University of North Carolina Chapel Hill Medical School, shares his exciting but challenging journey from working as an engineering lab technician in the US nuclear subm