Episodes

In this podcast, I enjoyed talking with Chirag Shah, Model N's Global Information Security Officer and Data Privacy Officer , about creating a security-minded culture. Infusing a security culture within organizations starts w...

Student-led cybersecurity clinics are increasingly playing an essential role in strengthening the digital defenses of nonprofits, hospitals, municipalities, small businesses, and other under-resourced organizations in our com...

Developing and maintaining resilient and secure data centers is a huge part of cybersecurity readiness. Spiros Liolis, Chief Technologist and Managing Consultant, EYP Mission Critical Facilities, Part of Ramboll , joins me to...

Application Programming Interfaces (APIs) play a vital role in modern software development, enabling the integration of services and facilitating the exchange of information. The ubiquity of APIs is a testament to their succe...

Attackers have started increasingly targeting victims' backups to prevent organizations from restoring their data. Veeam's "2023 Ransomware Trends Report" found more than 93% of ransomware attacks specifically targeted backup...

While tabletop exercises (TTX) are considered a proven tool for finding gaps in an organization’s security posture, they can be painstakingly challenging to plan and implement effectively. In a time where information security...

As artificial intelligence (AI) technologies continue to evolve and be leveraged, organizations need to make a concerted effort to safeguard their AI models and related data from different types of cyber-attacks and threats. ...

The latest disaster recovery statistics reveal that modern businesses still face costly interruptions due to a variety of threats, ranging from ransomware attacks to sudden hardware failures. The monetary costs of disasters a...

In a very thought-provoking discussion, Artificial Intelligence (AI) expert Tony Hoang, Ph.D ., traced the evolution of Gen AI, highlighted the many benefits, and also shared his concerns about the irresponsible and abusive u...

A 2023 State of Vulnerability Management Report finds that only half of the surveyed organizations (51%) have, at best, a moderate level of visibility into vulnerabilities. Several other vulnerability management metrics, such...

While cloud computing has become a great digitization enabler to enterprises, multiple clouds—especially when intersecting with on-premises systems and one another—can produce some challenges. Many organizations can end up wi...

With the global cost of cybercrime expected to reach $10.5 trillion by 2025, cybersecurity has become a board-level imperative. According to the Diligent Institute survey 'What Directors Think ,' board members ranked cybersec...

According to a 2023 IBM report, companies take 197 days to identify a breach and 69 days to contain one on average. The delay between infection, detection, and containment can cost businesses millions of dollars. Only 45% of ...

While large language models such as ChatGPT can be used to write malicious code, AI tools are increasingly used to proactively detect and thwart cyber-attacks. There is growing recognition of AI’s potential to fight cybercrim...

Cloud migration and remote work requirements are forcing organizations to modernize their applications and identity systems. Making the transition is both time-consuming and expensive using traditional software development pr...

Recent cybersecurity workforce study reports reveal that a) there’s still a global shortage of 3.4 million workers in this field, and b) only 25% of the global cybersecurity workforce are women. In this episode, I had an enga...

Research finds that there was a 44% increase in insider threat incidents across all types of organizations, and 56% of the reported incidents were due to negligence. Equally alarming is that the average annual cost to remedia...

Significant fines in excess of $2 billion have been levied on organizations in the financial services sector for failing to capture, retain and supervise communications. This crackdown on non-compliant communications is the ...

Traditional authentication methods are outdated and need many layers of code, which can take time and resources away from developer teams. If developments like FIDO2, WebAuthn, and passkeys are to be the cornerstones of a pa...

It is well known that a proactive intelligence-driven approach to cyber governance is the way to go. But it is easier said than done. Embracing and sustaining such an approach requires high commitment, preparedness, and disci...

“While developed markets may today bear the brunt of cyber breaches, emerging markets are no less vulnerable. Their risks arise from weak processes and governance, the complexity of global supply chains, the need to remain lo...

In this episode, Pamela Senegal, President, Piedmont Community College , shares several best practices, including having an information technology presence in each of the college-wide committees. I had the pleasure of meeting...

In this episode, Brian Penders, Chief Information Security Officer, at the University of North Carolina Chapel Hill Medical School , shares his exciting but challenging journey from working as an engineering lab technician in...

Clinical psychologist Beatrice Cadet, Scientist Integrator at Netherland's Organization for Applied Scientific Research (TNO) , draws upon multiple concepts such as 'learned helplessness' to explain why people still fall for ...