Episoder
-
In this episode i'm joined by Julie Dolleris. She's our security culture expert in CyberPilot.
She's been measuring the security cultures in a bunch of companies. This has created quite a few learnings that we thought would be interesting to share with you all.
Because what are learnings worth if not shared?
She dives into:
What it is that we've measured.What the learnings are across all companiesWhat surprised us and the companiesHow you can get started building a strong security cultureHope you enjoy.
If you are interested in learning more about security cultures, you can read more right here:
https://www.cyberpilot.io/security-culture
-
What are the social engineering methods and tricks scammers use in their phishing emails?
It might be easy to spot a phishy URL or a badly spoofed email address. But what if these things look legit?
Then what are the tells you and your colleague should look for?
Benjamin Pomerleau joins the podcast to discuss about the 8 tells he sees all the time in phishing emails.
If you and your colleague can spot these tells, then you have a great chance of spotting the phishing emails before they do any harm.
-
Manglende episoder?
-
In this episode, we are joined by Bjarke Petersen, the founder of CyberSales and CyberMinds. Rumour has it that he has a third startup coming up.
Bjarke talks with many companies about cyber security, which makes him the perfect one to ask about the challenges many companies face and what they can do about them.
Two of the biggest challenges he talks about are:
- Budget
- Overview and prioritization
He also mentions a few tools that might be worth diving into.
These are:
- Passbol
- Bitwarden
- Wazuh
We hope you enjoy the episode.
-
In today's episode, I've invited my dear colleague, Jonas Klærke Hejlskov, into the studio. He's here to talk about 5 misconceptions about security awareness training we see all the time.
The misconceptions are:
1. A Few Big Events Are Enough for your security training
2. Grouping Training Topics By Category
3. Training Alone Makes You Secure
4. Training is a "Set It and Forget It" Process
5. Over-Customizing Training for Every Employee
I hope you enjoy.
PS: You can also read about the misconceptions right here:
https://www.cyberpilot.io/cyberpilot-blog/5-misconceptions-about-effective-security-awareness-training
-
We already talked with Kim Theilgaard once. And the response was, that you all want more.
In the first episode (episode 12 of the podcast), Kim mentioned the 20-50 questions they ask all companies to determine whether they are ready for cyber insurance.
In this episode, we dive a bit deeper into these questions which are focused on five different areas.
We don't have time to go through all questions but we do give an introduction to what is in those five areas.
Do you want to know what all the questions are, feel free to write Kim and he will send them to you.
His email is: [email protected]
-------
Besides the questions we couldn't help it but to quickly go through a breakdown like Crowdstrike - If a breakdown like that affects your business, does cyber insurances cover it? Well... It depends.... Listen how, in the episode.
-
Anthropology and cyber security might not be the first two words you would connect in an association game. But maybe they should.
We've invited Laura Lynggard Nielsen who works at Alexandra Instituttet as a Senior Security Anthropologist.
She uses methods from anthropology to uncover how organizations can create stronger cyber security.
You can learn a lot from looking at the social aspects of cyber security, as all your initiatives are impacted by and impact your organization's culture. In this episode, Laura talks about how to use anthropology and gives us a few examples of useful cases.
-
We've invited Kim Theilgaard on to our podcast.
Kim is partner at fairside. fairside help and advise companies in insurances. One of these insurances is cyber insurances which is becoming more and more popular.
In the episode Kim tells me about:
What a cyber insurance isWhat it covers and what it doesn't coverWhat you need to have in place to get oneWhat to consider before getting oneCyber insurances is not a replacement for good cyber security but it can be... Yeah, an insurance. Just like your house, you still need to lock it.
We hope you enjoy the episode. If you want to check out Kim and fairside, you can find his LinkedIn right here: https://www.linkedin.com/in/kim-theilgaard/
-
In this episode, I'm joined by Sarah Aalborg - CISO at Tivoli, Keynote speaker, and soon-to-be author.
She's a cyber security expert and a behavioral science expert.
Which makes her the perfect guest for this podcast.
In the podcast, we talk about:
Why Security Awareness might be dead as a termWhy you need to think about behavior when you think about cybersecurity3 things you can do to create stronger cybersecurity amongst your colleaguesI hope you enjoy the episode and make sure to follow Sarah on LinkedIn to make sure you don't miss all her wisdom:
https://www.linkedin.com/in/sarah-aalborg-bb348a1/
-
NIS2 is coming, but many people and companies don't know what it means for them.
Therefore, we've invited Sarah Hofmann into the studio to talk about:
What NIS2 isWho it apply toWhat happens if you don't complyHow you can get started working with the NIS2 requirementsIn the episode we also mention a blog post, you can find it right here:
https://www.cyberpilot.io/cyberpilot-blog/what-is-the-nis2-and-how-will-it-impact-your-organisation
We also mention that we are creating a FREE course on NIS2 for management, the board, and IT. You can sign up to get access when it goes live here:
https://www.cyberpilot.io/early-bird-signup-nis2-course
We hope you enjoy the episode.
-
Why is a security culture important?
And how do you create one?
Julie has gone through a lot of research to answer those questions. And as she says at the beginning of the episode: "It's a cool topic".
In this episode, Julie will tell us all:
Why aware employees are not enough to drive secure cyber behavior in your companyWhy you need to convince leadership before trying to change cultureWhy you need feedback from your co-workers to create the best cultureIt's an important topic. And once again, it's not only up to IT.
You need your leaders and HR on board to create a strong cyber security -> so maybe pass on this episode to whoever needs to hear it ;)
Hope you enjoy. If you do, please rate the show in your streaming app and subscribe.
-
In this episode, I've invited Benjamin Pomerleau to talk about phishing!
He's our product owner of our service: Phishing Training.
This means, he's getting paid to phish our customers and teach them how to spot them, which makes him perfect to talk about phishing.
Benjamin talks about why technical solutions are not enough despite spam filters, two-factor and anti-virus systems probably can guard you against 99,9999% of all attacks.
He talks about how creating a general interest in social engineering might be the way to go.
He talks about why phishing-reporting and helping each other is key.
And much more.
So tune in, and I hope you enjoy it.
And remember to subscribe if you don't want to miss another episode!
-
In this episode of Coffee and Cyber Security, we've invited our own Head of People and Culture: Line Hansen.
She's here to talk about psychological safety and how it relates to cyber security.
She tells:
- What psychological safety is
- How it relates to cyber security
- How you can get started working with psychological safety as an IT Department
Join us in the talk and click subscribe if you don't want to miss the next episode.
-
In this episode Sarah is here to talk about 11 concrete and actionable tips on how to succeed with security awareness training. It sounds simple, but at the same time it takes work.
The 11 tips are:
Get your employees on boardGet leadership buying and make them endorse the trainingCreate both personal and organizational awarenessKeep it simpleGive it in small piecesOnly relevant contentMake it interactiveConvenience is keyUse varied learning methodsDo it continuouslyFollow up with your employeesListen to Sarah talk about all 11 tips and why they are important in the episode.
-
There's a bunch of way you can create awareness in your company.
Some are better than others, but none of them are bad. All PR is good PR, you know.
In this episode we'll talk about pro's and con's from different awareness methods, and what you should focus on.
Again, i've invited Sarah to talk with me about it, as she is an expert on this matter.
-
In this episode, I'm talking about why aware employees are so damn important to your cyber security.
To do that, I've invited Sarah Hofmann who is our product and policy expert at CyberPilot.
She knows quite a bit about this topic.
We'll touch upon, why you can't see cyber security as something that doesn't include employees.
8 out of 10 security breaches include a human element.
Employees are CRUCIAL.
-
For the third time in a row, Rasmus is in the studio.
This time, he's here to talk about why an IT Security Policy is crucial for your security work.
We'll also talk about how you can actually do one, and what's important to be aware of.
In the podcast, we mention a template to do one.
You can find it right here: https://www.cyberpilot.io/it-security-policy-download
-
Once again, I've been joined by Rasmus.
This time to talk about how to run cyber security projects and make sure, that they work.
To do this we use the Plan-Do-Check-Act Cycle framework.
This framework is straight forward in theory, but can be difficult to remember in everyday life.
But it's important, that we do.
-
In this episode, I've been joined by Rasmus, the CEO of CyberPilot.
Rasmus has a lot of experience when it comes to implementing a risk based approach to cyber security.
Therefore, he is here to talk about, what a risk analysis is and how it can be used.
We take you through the 4 steps of how to do one and hopefully you'll be ready working with a risk based approach in your organization.
In the podcast, we mention a template. It can be found right here:
https://www.cyberpilot.io/risk-analysis-download
-
Welcome to our podcast.
The goal of this podcast is to help you with your cyber security work.
We'll talk about
how to run security projects how to make people cyber awarehow to get leadership buyingAnd much much moreSo, pour some coffee in your cup and join us for a small listen.