Sign up to save your podcasts
Or
Share Incident Ready: Dr. Kevin Tham's Strategies for Cryptography in Cybersecurity Response
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
Incident Ready: Dr. Kevin Tham's Strategies for Cryptography in Cybersecurity Response
This episode features an interview with Dr. Kevin Tham. Kevin is a CISO leader in the Australian Digital Banking sector and a seasoned information security veteran in the financial services industry. Most recently, he served as CISO at etika, a purpose-driven lender. And on this episode, Kevin and host Tim Chase discuss cryptography including how it’s changed over the last 25 years, and how quantum computing and AI will affect it. They also discuss handling cybersecurity incidents from first steps to when to notify the board.
Key Quotes
*”I think a lot of people focus on who's the nation status [in the event of an incident.] For me, I just need to know enough; what the motivation is for this particular attacker. Then it actually very quickly tells you what that next step is or what that one step plus one is so that you can actually hit them off and cut it off from a containment perspective.”
*”If you have an open source intelligence platform that is based on an LLM on a backend, for example, and it starts taking all this information that's on the internet and understanding cipher systems on websites and stuff. Then it becomes a very interesting sort of platform to go, ‘Okay. awesome platform, tell me which website has the TLS 1. 1 that's still running, etc. And it becomes really interesting because ‘someone's’ doing the job for you.”
*”If [an incident] hits a certain severity, absolutely, the CEO needs to come in. And the comms team needs to be part of that team so that you can shorten communication between the decision maker. and the action that needs to be taken. So it's a bit fluid in the sense, in that sense, but, you know, for me, it's more about how do I shorten any communications about decisions made versus what needs to be done.”
Time Stamps
[0:44] Introducing CISO leader Dr. Kevin Tham
[5:01] Kevin on cryptography
[7:21] How has cryptography changed over the years?
[10:27] How does quantum computing affect cryptography?
[15:44] How will AI affect cryptography?
[19:09] What’s Kevin’s action plan in the event of a security incident?
[26:21] Who’s in the response team?
[28:21] At what point do you need to notify the board of a security incident?
Links
Connect with Kevin on LinkedIn
Learn more about Lacework
This podcast is brought to you by Lacework, the leading data-driven cloud-native application protection platform. Lacework is trusted by nearly 1,000 global innovators to secure the cloud from build to run. Lacework delivers true end-to-end protection, empowering customers to prioritize risks, find known and unknown threats faster, achieve continuous cloud compliance, and work smarter–not harder–all from one unified platform. Learn more at Lacework.com.
View all episodes
By Lacework
5
3939 ratings
This episode features an interview with Dr. Kevin Tham. Kevin is a CISO leader in the Australian Digital Banking sector and a seasoned information security veteran in the financial services industry. Most recently, he served as CISO at etika, a purpose-driven lender. And on this episode, Kevin and host Tim Chase discuss cryptography including how it’s changed over the last 25 years, and how quantum computing and AI will affect it. They also discuss handling cybersecurity incidents from first steps to when to notify the board.
Key Quotes
*”I think a lot of people focus on who's the nation status [in the event of an incident.] For me, I just need to know enough; what the motivation is for this particular attacker. Then it actually very quickly tells you what that next step is or what that one step plus one is so that you can actually hit them off and cut it off from a containment perspective.”
*”If you have an open source intelligence platform that is based on an LLM on a backend, for example, and it starts taking all this information that's on the internet and understanding cipher systems on websites and stuff. Then it becomes a very interesting sort of platform to go, ‘Okay. awesome platform, tell me which website has the TLS 1. 1 that's still running, etc. And it becomes really interesting because ‘someone's’ doing the job for you.”
*”If [an incident] hits a certain severity, absolutely, the CEO needs to come in. And the comms team needs to be part of that team so that you can shorten communication between the decision maker. and the action that needs to be taken. So it's a bit fluid in the sense, in that sense, but, you know, for me, it's more about how do I shorten any communications about decisions made versus what needs to be done.”
Time Stamps
[0:44] Introducing CISO leader Dr. Kevin Tham
[5:01] Kevin on cryptography
[7:21] How has cryptography changed over the years?
[10:27] How does quantum computing affect cryptography?
[15:44] How will AI affect cryptography?
[19:09] What’s Kevin’s action plan in the event of a security incident?
[26:21] Who’s in the response team?
[28:21] At what point do you need to notify the board of a security incident?
Links
Connect with Kevin on LinkedIn
Learn more about Lacework
This podcast is brought to you by Lacework, the leading data-driven cloud-native application protection platform. Lacework is trusted by nearly 1,000 global innovators to secure the cloud from build to run. Lacework delivers true end-to-end protection, empowering customers to prioritize risks, find known and unknown threats faster, achieve continuous cloud compliance, and work smarter–not harder–all from one unified platform. Learn more at Lacework.com.