November 11, 2025

S36 Ep11: S36 Ep11: Why Cybersecurity Should Be a Boardroom Conversation

32 minutes

Today’s special episode features Steve’s recent Business Matters broadcast interview with Juliette Foster, featuring conversation about critical cybersecurity challenges facing organizations today. Steve and Juliette discuss targeted phishing, the growing threat of Crime-as-a-Service, the increase in AI-driven cybercrime, and more.

Key Takeaways:

Cyber attacks will continue to increase, and businesses must adjust.

Regulators must strike a balance to have clear guidelines without stifling businesses.

To take advantage of new technologies like AI, businesses must invest in upskilling their employees.

Tune in to hear more about:

Why cyber crime is on the rise (2:17)

How cyber criminals target their victims (4:00)

Solving the cyber skills shortage (29:02)

Standout Quotes:

“The bad guys only need to get lucky once and they can cause havoc. And so the sorts of numbers you are seeing are them plugging away at it, trying to break down defenses, trying to find a way through. And on the defensive side, of course, we have to be at the top of our game 24/7, and that's just impossible.” - Steve Durbin

“We also have very complex supply chains now that obviously are made up of small to mid-size companies. [...] So an easier way of accessing some of this high value information is often via the third party. So you don't necessarily need to be attacking the larger enterprise. You can target a smaller to mid-size, which probably doesn't have the same level of defense, maybe not the same level of awareness. And because it's in the supply chain and sharing information, you can then access through to the larger enterprise.” Steve Durbin

“You have to invest in actually looking at the skill sets that you need within your organization and making some hard calls, I think, as to whether or not you do have the right capabilities within your organization. That doesn't necessarily mean that you have to get rid of a lot of people. It means you probably do need to invest significantly in upskilling and training and thinking very hard about how you're going to use some of that new technology.” - Steve Durbin

Read the transcript of this episode

Subscribe to the ISF Podcast wherever you listen to podcasts

Connect with us on LinkedIn and Twitter

From the Information Security Forum, the leading authority on cyber, information security, and risk management.

...more