In the last few years, the cybersecurity field has been growing rapidly as a result of constant and dynamic threats to our digital lives and assets. However, business and security leaders continue to struggle to fill key cybersecurity positions.

In this episode of the InSecurity Podcast, host Shaun Walsh is joined by special guest Stuart Coulson of the Cyber Security Challenge, which oversees a series of national competitions, learning programs, and networking initiatives designed to identify, inspire, and enable future cyber defenders.

Despite a plethora of training programs on ‘security awareness,’ people are often the weakest link for organizations. Often overlooked, security culture is an important and efficient mechanism to influence employee behavior.

In this episode of the InSecurity Podcast, host Shaun Walsh is joined by special guest Kai Roer, who is a pioneer in creating robust and holistic security awareness programs that bring together policies, technology, and people to create a strong and dynamic security culture.

Bitcoin has facilitated a new business model for ransomware by making it easier for threat actors to collect money after an attack, and by keeping them anonymous with blockchain technology. Most people in the security industry would reason you should never pay a ransom demand, but many organizations are holding bitcoin wallets as part of their ransomware contingency plan.

In this episode of the InSecurity podcast, host Shaun Walsh is joined by special guest Michael Gough as they discuss how organizations are planning for ransomware attacks and what happens behind the scenes of a ransomware incident.

When an intrusion or attack happens, it’s hard to resist asking the question: who is the threat actor responsible and why did they do it? However, it’s challenging to gather concrete proof and these questions only provide psychological comfort.

Instead of asking who is behind the attack, our efforts towards attribution should be directed towards the controls that failed and HOW the the threat actors were successful.

In this episode of the InSecurity podcast, host Shaun Walsh is joined by special guest Jesus Oquendo as they discuss problems with attribution in cybersecurity.

 

The testy talk of testing at the endpoint has been a polarizing topic for the security industry. Ironically, many of the people and companies in this heated debate share the same goal: real-world testing that is useful and trustworthy.

CISOs want to make sound business and security decisions, vendors want to demonstrate the value of their products, and testing houses want to sell testing services. So if this is true, why is it so hard for us to agree?

In this episode of the InSecurity Podcast, host Shaun Walsh is joined by Matt Stephenson and special guest Simon Edwards as they discuss third-party testing and AMTSO’s Standards project.

Due diligence is right up there with getting your teeth drilled or having a colonoscopy, but forgoing the proper cybersecurity checks during the M&A process can leave the purchasing company responsible for penalties, charges, and loss of reputation.

Cybersecurity has become one of the hottest items on the boardroom’s agenda, and for good reason. Initiatives such as the Cybersecurity Disclosure Act of 2017 highlight the need for board-level responsibility, holding the board legally and transparently responsible for cybersecurity.

 In this episode of the InSecurity Podcast, host Shaun Walsh is joined by special guest Brian Pennington as they discuss high-profile M&A deals that were impacted by security breaches, and the role cybersecurity will play in the boardroom.

A robust security control architecture can improve business agility and overcome the “drag coefficient” on business velocity created by users and/or business processes being impeded by high-friction security controls, which in the tong-term can result in systemic business risk.

In this episode of the InSecurity Podcast, host Shaun Walsh is joined by special guest Robb Reck (@robbreck) as they delve into the subject of security friction within organizations and how to overcome obstacles to success.

 

We’re now in a two-year transition period before the General Data Protection Regulation (GDPR) begins to be enforced by the European Union in 2018. What is truly significant about the GDPR is its global scope: wherever you are in the world, if you process the personal data of Europeans, then you must comply or face enormous fines.

In this episode of the InSecurity Podcast, host Shaun Walsh is joined by special guest Carl Gottlieb (@CarlGottlieb) as they delve into the potential quagmire that is GDPR compliance and what it means for organizations doing business in the EU.

We live in a world where attacks and compromises are daily front-page news, and we know both intellectually and emotionally that protection is ultimately an illusion. The only hope we really have is to move to prevention, which is an idea that runs counter to the popular “detect and respond” mantra.

In this debut episode of the InSecurity Podcast, host Shaun Walsh is joined by special guest Javvad Malik, as they delve into one of the more subtle yet pervasive issues in security: The Illusion of Protection.