By EM360
The podcast currently has 130 episodes available.
Hackers today rely on sophisticated techniques to collect information about their targets, combining digital stealth, social engineering, and data mining to get ahead. From scouring social media profiles to exploiting publicly available data, attackers gather intelligence that helps them pinpoint vulnerabilities and personalise attacks. Every detail—personal photos, company affiliations, online connections—can provide valuable clues for hackers, helping them craft realistic phishing attempts, exploit system weaknesses, or impersonate trusted contacts.
Understanding how hackers operate is the first line of defence in protecting your personal and business information. By exploring the methods hackers use, such as network reconnaissance, dark web monitoring, and social profiling, individuals and companies can recognise potential threats before they escalate. Awareness is power, and by knowing how hackers collect intelligence, you can adopt strategies to reduce your digital footprint, secure sensitive data, and stay one step ahead.
In this episode, Alejandro Leal, Analyst at KuppingerCole speaks to Arik Atar, Senior Threat Intelligence Researcher at Radware, about the increasing sophistication of attacks, especially during the holiday season.
Key Takeaways:
Chapters:
00:00 - Understanding Threat Actors' Motivations
02:27 - The Role of Social Media in Cybersecurity
05:44 - Evolution of Threat Actor Behavior
09:32 - Anticipating Holiday Season Cyber Threats
12:52 - Future-Proofing Your Digital Security
As Chinese electric vehicles (EVs) rapidly gain market share across Europe, cybersecurity has become a key focus for regulators, manufacturers, and consumers alike. These advanced vehicles, packed with digital features and data-driven capabilities, also bring new cybersecurity challenges. With sophisticated connectivity features, onboard software, and data collection systems, the risk of cyber vulnerabilities is heightened, raising questions about data privacy, vehicle security, and the integrity of critical infrastructure.
The intersection of cybersecurity and the influx of Chinese EVs requires strict data protection standards, secure software protocols, and collaboration across the automotive and tech industries. European markets increasingly prioritise transparency and rigorous testing to ensure these vehicles meet robust cybersecurity standards. By addressing these challenges, Europe can continue to embrace the electric future with confidence, ensuring that cutting-edge technology goes hand-in-hand with safety and security for all.
In this episode, Paulina Rios Maya, Head of Industry Relations, speaks to Gianni Cuozzo, founder and CEO of Exein, about the evolution of the automotive industry, the competitive landscape shaped by Chinese manufacturers, and the cybersecurity risks associated with connected technologies in EVs
Key Takeaways:
Chapters:
00:00 - Introduction to Cybersecurity and EVs
02:58 - The Evolution of the Automotive Industry
05:52 - Impact of Chinese EVs on European Market
09:06 - Cybersecurity Risks of Connected EVs
12:52 - The Cyber Resilience Act and Its Implications
17:03 - Navigating Innovation and Security in EVs
With cloud attacks rising, Cloud Detection and Response (CDR) is becoming a crucial focus in modern security operations. But what exactly is CDR, and how does it fit alongside other advanced security solutions like XDR? Just as Security Operations Centers (SOCs) defend the enterprise network, they now must extend their defences to the cloud, ensuring threats are detected and addressed in real time.
However, many organisations still rely heavily on Posture Management and "Shift Left" strategies to secure their cloud. While effective, these approaches leave gaps in protection, especially against modern attack methods. There's often an assumption that cloud security is entirely handled by the Cloud Service Provider (CSP), which leads to critical oversights.
Recent research reveals that traditional security measures often miss threats like runtime attacks and identity mismanagement. In this episode, Chris Steffen, EMA's Vice President of Research, speaks to Nathaniel "Q" Quist, Palo Alto's Cloud Threat Intelligence Manager, to discuss CDR and its benefits.
Key Takeaways:
Chapters
00:00 - Introduction to Cloud Detection and Response
02:56 - Understanding the Shared Responsibility Model
05:47 - Cloud Security Posture Management and Its Importance
09:07 - Real-World Scenarios in Cloud Security
11:53 - The Evolution of Cybersecurity Technologies
15:13 - Key Security Gaps in Cloud Environment
When it comes to decision-making, courage is paramount. Cybersecurity professionals must navigate high-stakes environments where swift, bold decisions can mean the difference between safeguarding critical assets and exposing vulnerabilities. This requires a willingness to act decisively, even under uncertainty, and to take calculated risks for the greater good of organizational security. Courage in this field isn’t just about individual bravery—it’s about fostering a culture where team members feel empowered to make tough calls, share unconventional insights, and drive proactive security measures.
Equally important in cybersecurity is the value of followership and resilience. Effective followership involves supporting leadership and strategic decisions, embracing a shared sense of responsibility, and prioritising team goals over individual recognition. With a combination of courageous leadership, strong followership, and resilience, organizations can build a cybersecurity posture that not only withstands attacks but continuously improves in the face of emerging threats.
In this episode, Paulina Rios Maya, Head of Industry Relations, speaks with Miguel Clark, a retired FBI special agent, about the nuances of leadership, particularly in high-pressure environments like law enforcement and the tech industry.
Key Takeaways:
Chapters:
00:00 - Introduction to Leadership and Followership
02:45 - The Transition from FBI to Tech Industry Leadership
06:36 - Understanding Followership in Leadership
09:59 - Courage and Fear in Decision Making
13:34 - Learning from Mistakes and Accountability
17:52 - Long-term Health of Organizations
21:39 - Communication and Understanding in Leadership
25:56 - Preparing for Cybersecurity Breaches
30:07 - Building a Culture of Trust
33:51 - Conclusion: Resilience in Cybersecurity
Ransomware attacks increasingly force organisations to pay ransom due to the significant impact on operations, data loss, and the fear of reputational damage. Semperis’s Ransomware Risk Report explores the reasons behind the high percentage of businesses making payments, which inadvertently encourages attackers to strike again. By giving in to demands, many companies fall into a dangerous cycle of repeated attacks, becoming easy targets for cybercriminals.
To mitigate this risk, it is critical to adopt an "assume breach" mindset. Organisations must be prepared for potential breaches by investing in robust recovery plans and strengthening cybersecurity measures, ensuring they can respond effectively without succumbing to ransom demands.
In this episode, Paulina Rios Maya, Head of Industry Relations, speaks to Simon Hodgkinson about the reasons behind the high percentage of organisations paying ransoms, the cycle of repeated attacks, and the critical importance of having robust recovery plans.
Key Takeaways:
Purple Knight is highlighted in the report as a key tool in detecting vulnerabilities before attackers can strike. With Purple Knight, organisations can proactively assess their defences, identify weak points, and strengthen recovery plans—helping to break the costly cycle of ransomware payments.
Chapters:
00:00 - Introduction to Ransomware and Its Impact
02:50 - Understanding the Ransom Payment Dilemma
06:03 - The Cycle of Repeated Attacks
08:55 - The Importance of Recovery Plans
12:05 - Identity Recovery and Its Challenges
14:51 - Best Practices for Ransomware Resilience
17:50 - Tools for Active Directory Recovery
21:03 - Conclusion and Key Takeaways
Companies are constantly pushing for innovation to stay competitive. Whether adopting new technologies or streamlining processes, innovation is key to growth. However, as businesses embrace digital transformation, they open themselves to new security vulnerabilities. These advancements can quickly become liabilities without proper protection, exposing companies to cyberattacks, data breaches, and other security threats.
Striking the right balance between innovation and security is essential for long-term success. Companies must prioritise cybersecurity alongside growth initiatives, ensuring that strong defences back every new technology or system.
In this episode, Richard Stiennon, Chief Research Analyst at IT-Harvest, speaks to Adeel Ahmad, Director of Technical Field Strategy at HashiCorp, and Grant Webb, Cloud Technologist, about the innovation paradox.
Key Takeaways:
Chapters:
00:00 - The Innovation Paradox: An Introduction
02:53 - Balancing Innovation and Security
05:49 - Regulatory Challenges in Innovation
09:14 - Embedding Security in Organizational Culture
12:07 - Lessons from HashiCorp's Experience
14:58 - Building Relationships Between Security and Development
17:52 - Creative Approaches to Security and Productivity
Ransomware has become a pervasive threat, targeting organisations of all sizes and industries. The complexities of recovery after an attack are enormous, often involving extensive data restoration, system reconfiguration, and potential business disruptions. The financial toll, reputational damage, and operational downtime can be devastating.
AI can be a powerful tool in this battle that allows organisations to spot and prevent threats more effectively, analyse vast datasets for anomalies, and automate critical security tasks.
In this episode, Paulina Rios Maya, Head of Industry Relations, speaks to Jim McGann, VP of Strategic Partnerships at Index Engine, about Ransomware and its consequences.
Key Takeaways:
Chapters:
00:00 Introduction to Ransomware Challenges
01:28 Understanding the Persistence of Ransomware
05:17 Complexities of Recovery After an Attack
10:57 The Role of AI in Cybersecurity
15:31 Real-World Applications of AI in Recovery
In this episode, Luke Dash, CEO of ISMS.online, speaks to Paulina Rios Maya, Head of Industry Relations, about the current state of information security, drawing on key findings from their latest report. The discussion emphasises the growing importance of compliance in the face of rising data breaches and supply chain vulnerabilities.
They explore artificial intelligence's dual role in cybersecurity, highlighting its potential to enhance defences and the increasing threat posed by AI-driven attacks like deep fakes. Luke stresses the need for businesses, especially in sensitive industries, to foster a culture of compliance and continuous improvement in cybersecurity measures to stay ahead of evolving risks.
Key Takeaways:
Chapters:
00:00 Introduction to Information Security and Compliance
01:21 Key Findings from the State of Information Security Report
03:10 Addressing Supply Chain Security Risks
05:57 The Role of AI in Cybersecurity
08:19 The Rise of Deepfakes and Their Impact
10:39 Building a Culture of Compliance in Organizations
12:36 Best Practices for Compliance in Sensitive Industries
15:27 Continuous Improvement in Cybersecurity Practices
Ethical hacking, or penetration testing, plays a key role in protecting businesses from cyber threats by identifying vulnerabilities before malicious hackers can exploit them. As AI becomes more embedded in critical operations, it becomes a prime target for cybercriminals. Ethical hackers are stepping up to defend these systems, using their skills to protect sensitive data, safeguard privacy, and ensure businesses stay secure and operational.
With the rise of AI-powered security tools, ethical hackers can analyse and respond to threats faster and more accurately than ever. However, the rapid advancement of AI also raises new challenges—automated systems can sometimes behave unpredictably, and new vulnerabilities may emerge.
In this episode, Paulina Rios Maya, Head of Industry Relations, speaks to Joseph Carson, Chief Security Scientist & Advisory CISO at Delinea, about the differences between superhero hackers, who use their skills for good, and villain hackers, who exploit vulnerabilities for malicious purposes.
Key Takeaways:
Chapters:
00:00 - Introduction to Ethical Hacking and AI's Impact
03:14 - The Dual Nature of Hackers: Heroes vs. Villains
06:33 - AI's Role in Cybersecurity: Opportunities and Threats
11:18 - Balancing User Privacy and Security
14:35 - The Role of Ethical Hackers in Cybersecurity
17:13 - Overlooked Vulnerabilities: The Human Element in Cybersecurity
Traditional security models are no longer enough. Identity and Zero Trust have become essential pillars of modern information security strategies. By focusing on “never trust, always verify,” Zero Trust ensures that no user or device is trusted by default—whether inside or outside the network—identity management, meanwhile, safeguards access by verifying who is accessing your systems and data.
Together, these approaches offer a more robust, adaptive defence against cyber threats, helping organisations protect sensitive information and mitigate risk.
In this episode of the EM360 Podcast, Chris Steffen, EMA's vice president of research, speaks to Ran Lampert, CEO and co-founder of Infinipoint, about the importance of identity when building your Zero Trust journey.
Key Takeaways:
Chapters:
00:00 - Introduction to Identity and Zero Trust
02:46 - The Evolving Landscape of Identity and Access Management
06:09 - Understanding Attack Vectors and Security Gaps
09:00 - Compliance and Regulatory Requirements
11:47 - Quick Wins in Identity and Access Management
The podcast currently has 130 episodes available.
2,319 Listeners
111,425 Listeners