Episodi

  • Netacea CISO Andrew Ash welcomes two special guests to the podcast this month to talk about AI adoption and managing third party risk: Thomas Ballin (CTO, Cytix) and Haydn Brooks (CEO, Risk Ledger).

    In 2023 the AI genie is well and truly out of the bottle, gaining mainstream attention and usage across business, academia and in day-to-day life. As a result, AI has become somewhat of a buzzword used to sell solutions or make products appear smart and modern. As mutual advocates of AI to solve problems more efficiently for clients, Andrew and Thomas weigh in on how to define “real AI”, which solutions really benefit from incorporating AI, and how we can validate these claims.

    Meanwhile, CISOs are rightly concerned with gaining as much control as possible over internal systems so that they can be secured against known and novel threats. But businesses are also reliant on their supply chain and third-party systems, which have their own potential vulnerabilities. Haydn has a wealth of experience in this area, and sheds light on the potential risks third party relationships expose and how CISOs can manage them whilst maintaining the value of these relationships.

    Finally, threat researcher extraordinaire Cyril Noel-Tagoe explains why criminals use bots to mass create fake accounts on web services, the other attacks these accounts facilitate, and how businesses can cut off fake accounts before they do their damage.

    Host

    Andrew Ash – CISO, Netacea

    Andy Ash has worked in IT Services and cyber for 21 years. He has been part of Netacea since its inception and is currently CISO, overseeing the operation and security of the technical platform and Netacea Threat and Bot Expert teams.

    https://www.linkedin.com/in/andrew-ash-3963b19/

    Panel

    Haydn Brooks – CEO & co-founder, Risk Ledger

    Originally a big four cyber risk consultant, Haydn found that current supply chain assurance programs were far from frictionless and actively caused clients and their suppliers’ headaches. This led him to found Risk Ledger, a technology platform that combines a security governance platform with a secure social network.

    https://www.linkedin.com/in/haydn-brooks/

    Thomas Ballin – CTO & co-founder, Cytix

    The technical co-founder of Cytix, Thomas is focused on disrupting the UK security testing space. With a background in penetration testing, he has spent the past 10+ years building and innovating service lines to support businesses with their continuous security testing needs.

    https://www.linkedin.com/in/thomasjballin/

    Cyril Noel-Tagoe – Principal Security Researcher, Netacea

    Cyril Noel-Tagoe is an experienced information security professional and Principal Security Researcher at Netacea. He spends his time researching, speaking and writing about malicious bots and other cyber security topics.

    https://www.linkedin.com/in/cybercyril

    https://twitter.com/cyber_cyril

    --- Send in a voice message: https://podcasters.spotify.com/pod/show/netacea/message
  • To start this month’s episode, we once again weigh in on AI – this time considering the privacy implications when feeding prompts into generative AI tools like ChatGPT and Bard. We’ll discuss whether it’s safe to share company IP or your own personal information into such tools, before hearing how we approach this at Netacea from Principal Software Engineer John Beech.

    Next, we’ll look to the news of another major data breach, as it was recently revealed that millions of stolen records from genetics testing site 23andMe were available for sale from an underground forum. The attackers even touted that the data identifies those with Jewish genealogy. 23andMe held customers responsible for reusing their passwords on other sites that had been hacked previously, but where does responsibility for protecting this kind of sensitive information lie and what can each party do to keep data safe? Having spent five years of his career in biotech, Engineering Manager Karol Horosin has plenty to add to this story.

    Finally, our security researcher extraordinaire Cyril returns to tell us about freebie bots – a type of scalping bot that targets discounted goods to resell in bulk at retail prices. Sounds like a “prime” bot attack type to target recent and upcoming sales events…

    Host

    Dani Middleton-Wren – Head of Media, Netacea

    Dani is a cybersecurity writer and marketing specialist, who strives to decipher the mysteries behind complex cybersecurity subjects and deliver them to a wide audience. Since joining Netacea in 2019, Dani has used her experience in journalism and analyst relations to create compelling external communication strategies that effectively articulate the threat of automated attacks.

    https://www.linkedin.com/in/danielle-middleton-wren-95826767/

    Panel

    Cyril Noel-Tagoe – Principal Security Researcher, Netacea

    Cyril Noel-Tagoe is an experienced information security professional and Principal Security Researcher at Netacea. He spends his time researching, speaking and writing about malicious bots and other cyber security topics.

    https://www.linkedin.com/in/cybercyril

    https://twitter.com/cyber_cyril

    Karol Horosin – Engineering Manager, Netacea

    As well as his role as Engineering Manager at Netacea, Karol is the founder of an AI sentiment analysis product sentimatic.io. He is a frequent conference speaker and writes online about programming, product development and startups on his personal blog.

    https://www.linkedin.com/in/horosin/

    https://twitter.com/horosin_

    John Beech – Principal Software Engineer, Netacea

    Currently a team lead for Netacea’s software engineering department, John has been working on highly scalable secure applications platforms over the span of 20 years. He’s enthusiastic about welcoming in a new era of AI and computer intelligence.

    https://www.linkedin.com/in/johnbeech/

    --- Send in a voice message: https://podcasters.spotify.com/pod/show/netacea/message
  • Episodi mancanti?

    Fai clic qui per aggiornare il feed.

  • This month’s episode takes off with a journey into the controversial world of skiplagging, also known as hidden city flying. Airlines and holiday businesses are taking legal action against passengers and websites like Skiplagged that exploit pricing loopholes, leaving empty seats on the second leg of multi-stop itineraries. But with scraper bots at the root of the issue, is there a technical solution to limit the practice?

    On the topic of bots, a recent report from the University of California, Irvine, revealed that bots are now faster and more accurate than humans at solving CAPTCHA challenges. In this episode we discuss whether there is still a place for CAPTCHA in detecting bot traffic, and try to decipher Elon Musk’s comments about the report – Does it spell the end of bot detection, and is his X subscription model the only answer…?

    To conclude, we go more in depth on scraper bots – not only do they facilitate skiplagging, but there are endless uses for scrapers, both well meaning and malicious. How concerned should businesses be about scraper bots, and does their presence often indicate more sinister attacks on the horizon?

    Host

    Dani Middleton-Wren – Head of Media, Netacea

    Dani is a cybersecurity writer and marketing specialist, who strives to decipher the mysteries behind complex cybersecurity subjects and deliver them to a wide audience. Since joining Netacea in 2019, Dani has used her experience in journalism and analyst relations to create compelling external communication strategies that effectively articulate the threat of automated attacks.

    https://www.linkedin.com/in/danielle-middleton-wren-95826767/

    Panel

    Matthew Gracey-McMinn – Head of Threat Research, Netacea

    Matthew is an experienced Cyber Threat Intelligence professional with an MPhil from the University of Oxford. In his current role at Netacea, he researches and investigates the impact of malicious bots on online businesses and their customers.

    https://www.linkedin.com/in/matthewgraceymcminn

    https://twitter.com/mgm_cybersec

    Chris Collier – Head of Solution Engineering, Netacea

    Chris is an experienced technical manager who joined Netacea in 2021. Since this time, he’s helped countless clients onboard with our bot management product, ensuring they get a solution that fits their business needs and integrates with their existing platforms.

    https://www.linkedin.com/in/chris-collier-82588859

    Gary Clarke – Solutions Engineer, Netacea

    Gaz is an experienced Solutions Engineer with 12 years’ experience working in the computer and retail industries. At Netacea Gaz helps businesses implement advanced bot management solutions to work in harmony with their existing systems and prevent automated threats from attacking. Gaz gained his bachelor’s degree focused in Computing; Software and Systems from Edge Hill University.

    https://www.linkedin.com/in/clarkegs/

    --- Send in a voice message: https://podcasters.spotify.com/pod/show/netacea/message
  • This month we begin by examining the 2023 National Risk Register, a public version of the National Security Risk Assessment, which assesses the most serious risks to lives, health, society, critical infrastructure, economy and sovereignty. Cyber-attacks on infrastructure are listed as moderate impact – Our panel discusses how businesses can use the information within the report to prepare for attacks and keep our critical infrastructure as secure as possible.

    Next, our Principal Security Researcher Cyril Noel-Tagoe sheds some light on the murky underworld of illicit Telegram networks, where criminals plot and discuss their attacks, or sell their ill-gotten gains. Netacea CTO Andy Lole weighs in on the Online Safety Bill and its opposition to encrypted messaging apps having no way of sharing messaged with law enforcement, before Engineering Manager Karol Horosin joins the debate to explain the technical obstacles businesses like Meta face when developing such apps.

    Finally, Cyril defines our attack of the month, which is residential proxy networks. He and Karol discuss why residential proxies are becoming such popular tools for criminals, and the difficulties businesses face in blocking malicious traffic that utilizes residential proxy networks to hide behind otherwise trustworthy IP addresses.

    Host

    Dani Middleton-Wren – Head of Media, Netacea

    Dani is a cybersecurity writer and marketing specialist, who strives to decipher the mysteries behind complex cybersecurity subjects and deliver them to a wide audience. Since joining Netacea in 2019, Dani has used her experience in journalism and analyst relations to create compelling external communication strategies that effectively articulate the threat of automated attacks.

    https://www.linkedin.com/in/danielle-middleton-wren-95826767/

    Panel

    Cyril Noel-Tagoe – Principal Security Researcher, Netacea

    Cyril Noel-Tagoe is an experienced information security professional and Principal Security Researcher at Netacea. He spends his time researching, speaking and writing about malicious bots and other cyber security topics.

    https://www.linkedin.com/in/cybercyril

    https://twitter.com/cyber_cyril

    Andy Lole – CTO, Netacea

    An experienced tech and product leader, Andy’s held leadership roles in digital marketplaces across real estate, travel and classifieds marketplaces. He’s developed and operated B2B SaaS tools and services, and core commercial platforms. At Netacea he focuses on expanding product delivery capabilities and customer experience.

    https://www.linkedin.com/in/andylole/

    https://twitter.com/andylole

    Karol Horosin – Engineering Manager, Netacea

    As well as his role as Engineering Manager at Netacea, Karol is the founder of an AI sentiment analysis product sentimatic.io. He is a frequent conference speaker and writes online about programming, product development and startups on his personal blog.

    https://www.linkedin.com/in/horosin/

    https://twitter.com/horosin_

    --- Send in a voice message: https://podcasters.spotify.com/pod/show/netacea/message
  • In this month’s episode, we start by focusing on the real-world impact of bots (scripts used to automate tasks and exploit business logic). In the UK, bots are being used to book up every available driving test before reselling them for profit; meanwhile in the US, gig workers delivering groceries are losing out to bots that hoard the most profitable delivery jobs. Our panel explains how this happens and discusses what can be done to stop it.

    Meanwhile, the social media landscape is shifting rapidly. Free, unlimited access to APIs has become a thing of the past for users and businesses reliant on Twitter and Reddit. Fake accounts are still a looming problem across platforms, forcing the much-hyped IRL to close permanently. Are social media businesses taking the right approach to data scraping, fake account creation and access to their services, and will Meta’s Threads disrupt the industry?

    Finally, we take a fresh look at ticket scalping considering legislative measures taken by the State of Victoria for Taylor Swift’s tour in Australia. Will it be enough to deter the touts?

    Host

    Dani Middleton-Wren – Head of Media, Netacea

    Dani is a cybersecurity writer and marketing specialist, who strives to decipher the mysteries behind complex cybersecurity subjects and deliver them to a wide audience. Since joining Netacea in 2019, Dani has used her experience in journalism and analyst relations to create compelling external communication strategies that effectively articulate the threat of automated attacks.

    Panel

    Matthew Gracey-McMinn – Head of Threat Research, Netacea

    Matthew is an experienced Cyber Threat Intelligence professional with an MPhil from the University of Oxford. In his current role at Netacea, he researches and investigates the impact of malicious bots on online businesses and their customers.

    Chris Collier – Head of Solution Engineering, Netacea

    Chris is an experienced technical manager who joined Netacea in 2021. Since this time, he’s helped countless clients onboard with our bot management product, ensuring they get a solution that fits their business needs and integrates with their existing platforms.

    Paulina Cakalli – Lead Data Analyst, Netacea

    Paulina works closely with Netacea's Data Science and Threat Research teams to develop new models for detecting anomalous web traffic, combining this with machine learning to produce recommendations for clients. She is a rising star in the world of data science, encouraging other women to enter STEM careers via various international speaking opportunities. She is co-founder of BSides Tirana, an international security conference. She received her masters' degree in mathematics and informatics engineering at the University of Tirana, where she was later an assistant lecturer.

    --- Send in a voice message: https://podcasters.spotify.com/pod/show/netacea/message
  • A fresh Netacea panel of cyber experts are on hand once again to discuss the latest developments in security and bot-related news!

    This month, in light of OpenAI CEO Sam Altman standing before US senators and requesting regulation of AI businesses, we give our views on whether one body – or even one nation – can or should regulate this rapidly developing industry.

    Universal Music Group also instigated the removal of 7% of AI-generated tracks added to the service via Boomy, opening a debate about automated music creation, artistic copyrights and privacy, how AI models learn to make music, and how humans are influenced to create and consume music.

    Also, with 69 arrests made by the Spanish police over a scalper bot ring targeting immigration appointments, our panel ponders how the approach to stopping such attacks differs depending on the target and industry.

    Finally, credential stuffing is our attack of the month. As long as people reuse passwords across services, credential stuffing will be a viable attack – is it time the industry moved on and found a better way to authenticate users?

    Host

    Dani Middleton-Wren – Head of Media, Netacea

    Dani is a cybersecurity writer and marketing specialist, who strives to decipher the mysteries behind complex cybersecurity subjects and deliver them to a wide audience. Since joining Netacea in 2019, Dani has used her experience in journalism and analyst relations to create compelling external communication strategies that effectively articulate the threat of automated attacks.

    Panel

    Cyril Noel-Tagoe – Principal Security Researcher, Netacea

    Cyril Noel-Tagoe is an experienced information security professional and Principal Security Researcher at Netacea. He spends his time researching, speaking and writing about malicious bots and other cyber security topics.

    Chris Collier – Solutions Engineering Manager, Netacea

    Chris is an experienced technical manager who joined Netacea in 2021. Since this time, he’s helped countless clients onboard with our bot management product, ensuring they get a solution that fits their business needs and integrates with their existing platforms.

    Andy Lole – CTO, Netacea

    An experienced tech and product leader, Andy’s held leadership roles in digital marketplaces across real estate, travel and classifieds marketplaces. He’s developed and operated B2B SaaS tools and services, and core commercial platforms. At Netacea he focuses on expanding product delivery capabilities and customer experience.

    --- Send in a voice message: https://podcasters.spotify.com/pod/show/netacea/message
  • In part two of our RSA Conference 2023 series, Netacea CPO Andy Still and CISO Andy Ash return from San Francisco to share their insights from the biggest cybersecurity event of the year.

    As part of Netacea’s C-suite, both Andys are always looking ahead at how new threats are developing – “what’s new, scary and worth worrying about?” The rapid advancement of AI, both as an offensive threat to cybersecurity and as part of defensive technologies, was one such topic at RSA 2023, with Bryan Palma’s opening keynote speech grounding this complex issue and setting the tone for the rest of the conference.

    Did their discoveries about AI & ML at RSA validate their own work at Netacea? Did they achieve their goals to explore the future of cybersecurity and confirm the direction of their own product? And did they pick up any useful swag?

    Tune into this special bonus episode of the Cybersecurity Sessions podcast to find out!

    Andy Still, Co-founder & Chief Product Officer at Netacea

    Andy Still is a pioneer of digital performance for online systems, having authored several books on computing and web performance, application development and non-human web traffic. As Chief Product Officer, he leads the technical direction for Netacea’s products, as well as providing consultancy and thought leadership to clients.

    Andy Ash, Chief Information Security Officer at Netacea

    Andy Ash has worked in IT Services and cyber for 21 years. He has been part of Netacea since its inception and is currently CISO, overseeing the operation and security of the technical platform and Netacea Threat and Bot Expert teams.

    --- Send in a voice message: https://podcasters.spotify.com/pod/show/netacea/message
  • Welcome to a new format for the Cybersecurity Sessions! We’ve refocused our podcasts to provide insights into the latest news and trends in cybersecurity, calling on the expertise of Netacea’s threat researchers, bot specialists and business leaders.

    This month, new host Dani Middleton-Wren is joined by Matthew Gracey-McMinn, Chris Pace and Tom Platt. First they discuss the ever-intriguing topic of ethics in AI, with facial recognition tech from Clearview AI and PimEyes coming under legal and moral scrutiny, followed by the practicalities of fighting back against automated ticket scalping.

    The recent Vulcan files leak is next up, calling into question how much we can trust information on social media and how much rhetoric is being generated by Russian bot accounts. Finally, Matthew answers questions from the team about the mechanics and impact of credit card cracking on payment gateways, retailers and consumers.

    Host

    Dani Middleton-Wren – Head of Media, Netacea

    Dani is a cybersecurity writer and marketing specialist, who strives to decipher the mysteries behind complex cybersecurity subjects and deliver them to a wide audience. Since joining Netacea in 2019, Dani has used her experience in journalism and analyst relations to create compelling external communication strategies that effectively articulate the threat of automated attacks.

    Panel

    Matthew Gracey-McMinn – Head of Threat Research, Netacea

    Matthew is an experienced Cyber Threat Intelligence professional with an MPhil from the University of Oxford. In his current role at Netacea, he researches and investigates the impact of malicious bots on online businesses and their customers.

    Chris Pace – SVP Marketing, Netacea

    Chris has more than 15 years of experience in cybersecurity and SaaS at companies including Sophos, Blue Coat, Recorded Future, and Immersive Labs. At Netacea, Chris applies his expertise to telling our company and product story in ways that engage and educate the market on the challenges of protecting businesses against the threat of automated attacks.

    Thomas Platt – Bot Specialist, Netacea

    Tom has been instrumental in the sales growth of Netacea since its inception. He works closely with Netacea's eCommerce customers, Product and Threat Research teams to drive industry research, thought leadership and knowledge sharing. Tom’s focus is to ensure Netacea and our customers stay ahead of emerging bot threats and share this knowledge with the wider community.

    --- Send in a voice message: https://podcasters.spotify.com/pod/show/netacea/message
  • We’re going to San Francisco! Netacea will once again be at the Moscone Center from 24-27 April for the RSA Conference. We’re looking forward to it so much that we decided to compile our top five most anticipated sessions on the Cybersecurity Sessions podcast.

    Special host Danielle Middleton-Wren will be in sunny San Francisco, alongside her two guests for this episode: Netacea co-founder and CPO Andy Still, and Netacea CISO Andy Ash. Andy S was at RSA last year and has some insights and advice for Andy A – an RSA first timer – ahead of their trip to the Golden City.

    Meet Andy Still, Andy Ash and the rest of the Netacea team at RSA Conference 2023 in San Francisco from 24-27 April! Come to booth 1367 to chat about bots, API protection and online fraud prevention, or tell us what sessions you’ve enjoyed. See you there!

    Andy Still, Co-founder & Chief Product Officer at Netacea

    Andy Still is a pioneer of digital performance for online systems, having authored several books on computing and web performance, application development and non-human web traffic. As Chief Product Officer, he leads the technical direction for Netacea’s products, as well as providing consultancy and thought leadership to clients.

    Andy Ash, Chief Information Security Officer at Netacea

    Andy Ash has worked in IT Services and cyber for 21 years. He has been part of Netacea since its inception and is currently CISO, overseeing the operation and security of the technical platform and Netacea Threat and Bot Expert teams.

    Key points

    Andy Still gives his thoughts on RSA 2022 and advice for Andy Ash for his first RSA this year Our top five most anticipated RSA Conference 2023 talks and sessions Where to find us in the Moscone Center for RSA Conference in San Francisco--- Send in a voice message: https://podcasters.spotify.com/pod/show/netacea/message
  • Our reliance on personal mobile devices leaves us vulnerable to attack; not just from anonymous criminal groups, but in some cases, from those closest to us. Stalkerware, a category of apps designed to secretly monitor the unsuspecting victim whose device they’re installed on, are a growing concern for security and privacy advocates, as well as law enforcement agencies.

    This month on the Cybersecurity Sessions podcast, we talk to Martijn Grooten from the Coalition Against StalkerWare to expose how technology has become a tool for abusers to control their victims, and hopefully shed some light on what we can do to stop this from happening.

    If you or someone you know is affected by stalkerware or anything covered in this episode, you may find the following resources useful:

    The Coalition Against Stalkerware: https://stopstalkerware.org National Domestic Abuse Hotline (UK): https://www.nationaldahelpline.org.uk - 0808 2000 247 National Domestic Violence Hotline (USA): https://www.thehotline.org - 1.800.799.7233

    Martijn Grooten - Digital Security Threat Analyst, Internews

    Martijn Grooten, a former mathematician, has been working in IT security for 14 years. He is a Digital Security Threat Analyst at Internews and a fellow at the Civilsphere Lab. He was previously the Editor of Virus Bulletin and currently works as a consultant on several projects, many of which deal with supporting vulnerable people and groups with digital security, including the DeStalk Project and the Coalition Against Stalkerware.

    --- Send in a voice message: https://podcasters.spotify.com/pod/show/netacea/message
  • Not a week goes by without a massive data leak being reported in the news – both in tech publications and across mainstream media. According to Atlas VPN, 5.9 billion credentials were leaked in 2021 alone. But it’s not just credentials under attack; personal data, payment information, sensitive corporate data, and even source code are all at risk of being leaked.

    But how is so much data leaked so often? What do criminals do with this data once they have it? How much risk does this pose to the public, and what can be done about it?

    To find out, we’ve invited Jurgita Lapienytė, Chief Editor of CyberNews, to talk us through some of the most notable data leaks reported in the media in recent years.

    Jurgita Lapienytė – Chief Editor, CyberNews

    Jurgita Lapienytė aims to bring the most complicated cybersecurity topics to a broader audience, hoping that more and more people will find themselves chatting about ransomware over dinner. Before joining CyberNews, Jurgita spent more than a decade in business journalism. Her investigative pieces have brought more justice and transparency to the transport, showbiz, retail, and catering sectors.

    Key points How cyber-warfare has influenced cybercrime in the past 12 months The shift from record-breaking to modest ransomware demands GDPR and how our right to privacy has affected our perception of data leaks--- Send in a voice message: https://podcasters.spotify.com/pod/show/netacea/message
  • If a stranger walked into your workplace and asked you your name and email address, would you co-operate? What if they asked you to open a door for them, or to use your laptop or phone, all whilst wearing a shirt that said “CHALLENGE ME” on it?

    This is the malicious floorwalker, an example of the behavioral interventions staged by the UK Ministry of Defence to educate their workforce about security threats and put their teachings into practice. In this episode, Cyril speaks with Si Pavitt (Head of the Ministry of Defence Cyber Awareness, Behaviours and Culture Team) and Steve Dewsnip (Behavioural Scientist at Atkins) to find out how gamifying psychological theory delivers surprising results across as diverse an organization as the UK’s Ministry of Defence.

    GuestsSi Pavitt

    Si Pavitt is the Head of the Ministry of Defence Cyber Awareness, Behaviours and Culture (CyAB&C) team under the 2* Directorate of Cyber Defence and Risk (CyDR). He is primarily responsible for setting the strategic direction for socio-behavioural change as it relates to cyber-secure behaviour across Defence. He also provides consultancy to Defence human vulnerability and social engineering activities.

    Stephen Dewsnip

    Stephen Dewsnip is a Behavioural Scientist and Organisational Change Consultant from Atkins Global. Working in the highly collaborative MOD Cyber Awareness Behaviours & Culture (CyAB&C) team, Stephen is responsible for the design and delivery of behavioural interventions to promote cyber-secure behaviours.

    Key points Why you should incentivize positive actions rather than police security best practices How to use social engineering to reinforce the need to challenge suspicious behavior The importance of protecting psychological wellbeing during behavioral exercises--- Send in a voice message: https://podcasters.spotify.com/pod/show/netacea/message
  • In a recent Netacea report, 60% of businesses reported a minor financial impact caused by bots skewing their analytics, and with the busiest eCommerce period of the year fast approaching, businesses need to fight back.

    How do bots affect businesses’ data, marketing campaigns and paid media planning? Host and Principal Security Researcher Cyril Noel-Tagoe is joined by Spike’s Head of Paid Media Matt Wilkinson to discuss the effect bots will have on marketing analytics this Black Friday and how to keep your enterprise’s analytics safe from automated threats during periods of peak traffic.

    --- Send in a voice message: https://podcasters.spotify.com/pod/show/netacea/message
  • Illicit forums and dark web marketplaces are so closely guarded that it’s almost impossible to know how many stolen user accounts, digital assets, or data leaks are exposed, let alone who is responsible. But the more we can uncover, the better we can defend against attacks and hold threat actors accountable.

    In this bonus episode, Cyril is joined by his boss and Netacea’s Head of Threat Research, Matthew Gracey-McMinn. They swap stories from the trenches of cyber-threat intelligence gathering, where they infiltrate criminal forums and marketplaces to root out attackers and their tactics in stealing accounts, data and digital resources from businesses and individuals.

    Matthew Gracey-McMinn, Head of Threat Research at Netacea

    Matthew is an experienced cyber threat intelligence professional with an MPhil from the University of Oxford. Matthew leads the Threat Research team at Netacea, which researches and investigates the impact of malicious bots on online businesses and their customers, both augmenting Netacea’s bot management solution and providing distinct threat intelligence services.

    Key points Building an effective threat research team and function How threat researchers gain access to criminal communities The team’s most interesting findings and successful investigations How threat intelligence strengthens other areas of security like bot management--- Send in a voice message: https://podcasters.spotify.com/pod/show/netacea/message
  • Bonus episode: Cybersecurity Sessions host Cyril Noel-Tagoe was recently featured on the Mimecast podcast series Phishy Business. Cyril joined hosts Alice Jeffery and Brian Pinnock, plus fellow guest, Mimecast Senior Product Manager Dr Kiri Addison, for a fascinating conversation about bots and what they are used for (both good and bad).

    About Phishy Business

    Fed up with the same old cybersecurity stories? Come with us on a journey that explores the lesser-known side. Whether it’s social engineering, taking criminals to court or the journalists hunting down hackers — our new podcast series, Phishy Business, looks for new ways to think about cybersecurity. Mimecast’s very own Brian Pinnock and Alice Jeffery are joined by guests from a range of unique security specialisms. Each episode explores tales of risk, reward and just a dash of ridiculousness to learn how we can all improve in the fight to stay safe. For more tales of risk, reward and ridiculousness, subscribe to Phishy Business on iTunes, Spotify, Anchor or wherever you get your podcasts.

    Mimecast.com

    --- Send in a voice message: https://podcasters.spotify.com/pod/show/netacea/message
  • Stress and burnout in cybersecurity is widespread, especially since the pandemic. The cyber skills gap and increasingly aggressive attacks have led to workloads growing massively. This is on top of long-standing worries like workplace bullying, long hours spent in front of screens, and the expectation to be available to work ‘whenever and wherever’.

    Cyril Noel-Tagoe invites security awareness consultant and mental health coach Lisa Ventura to the podcast to offer helpful advice and information to those working in cybersecurity. She also shares her own experiences as a neurodiverse person, which comes with its own challenges and advantages within the industry.

    Lisa Ventura, Founder at Cyber Security Unity

    Lisa Ventura is an award-winning cyber security awareness consultant and is the Founder of Cyber Security Unity, a global community organization that is dedicated to bringing individuals and companies together to help combat growing cyber-threats. She is also a mindset and mental health coach with specific experience supporting those in cybersecurity with their mental health and managing stress and burnout.

    Key points How we can manage the stresses of working in cybersecurity to look after our mental health The harm bullying causes in workplaces and how to approach this issue Challenges and advantages of building a cybersecurity career as a neurodiverse person--- Send in a voice message: https://podcasters.spotify.com/pod/show/netacea/message
  • Cyber-criminals are relentless, and the number of attacks is growing. Businesses are increasingly turning to ethical hackers to find bugs and exploits before attackers do, offering financial incentives for their efforts.

    As a security researcher, our host Cyril Noel-Tagoe is always on the hunt for new vulnerabilities. He’s joined for this episode by ethical hacking enthusiast and Daily Swig reporter Jessica Haworth, who has a finger firmly on the pulse of the latest bug bounty programs and developments.

    Jessica Haworth, Cybersecurity Reporter at The Daily Swig

    Jessica Haworth focuses on technical research papers, bug bounty news, and hacker community stories. Her interest also includes writing about new exploits and covering the ethical side of hacking. Jessica has over 10 years’ experience working in journalism. Before she covered cybersecurity she was at the Mirror and Daily Star on Sunday where she covered breaking news, crime and foreign correspondence.

    Key points Ethical vs non-ethical hacking: Why join the good guys? The benefits for businesses enlisting bug bounty hunters to hack them Mitigating the risks when inviting bug bounty hunters to hack your site How to get into ethical hacking and where to find the best bug bounty programs

    The Cybersecurity Sessions podcast is presented by Netacea - The world's first fully agentless bot management solution.

    --- Send in a voice message: https://podcasters.spotify.com/pod/show/netacea/message
  • Mentoring is essential to closing the cybersecurity skills gap, especially in realizing the potential of people from underrepresented communities. In recent years many newcomers to cyber have been mentored by Gabrielle Botbol. Since teaching herself how to be a pentester, she has become recognized as one of Canada’s top 20 women in cybersecurity.

    Andy Still finds out how Gabrielle entered the world of cybersecurity after leaving another vocation, and how she is helping the next generation of women and underrepresented communities follow her ‘six steps to becoming a pentester’.

    Gabrielle Botbol, Offensive Security Consultant at Desjardins

    Gabrielle Botbol is a penetration tester, cyber security blogger, and podcaster who created a self-study program to become a pentester. She focuses her efforts on democratizing information security for all by offering her time to various communities. Gabrielle has won multiple awards such as Educator of the Year at the Ally of the Year Awards 2022, Top 20 Women in Cybersecurity in Canada in 2020, and Pentest Ninja by Women’s Society of Cyberjutsu in 2021.

    Key points Gabrielle’s journey from actress to penetration tester Her motivation to mentor and help others interested in cybersecurity How organizations can encourage underrepresented people to pursue cyber Six steps to becoming a pentester

    The Cybersecurity Sessions podcast is presented by Netacea - The world's first fully agentless bot management solution.

    --- Send in a voice message: https://podcasters.spotify.com/pod/show/netacea/message
  • Many businesses argue that they need to collect information about customers to verify who they are and secure their accounts. However, this is at odds with online privacy advocates, who say organizations are compromising our security by collecting far too much information about us.

    In this episode, Netacea co-founder Andy Still talks to ZDNet cybersecurity journalist Charlie Osborne about the intrinsic link between security and privacy, how legislation like the GDPR has strengthened both, and where responsibility lies for protecting our privacy online.

    Charlie Osborne, Cybersecurity Journalist at ZDNet

    Charlie Osborne is a cybersecurity and finance reporter for ZDNet and has written about business tech, innovation, and cybersecurity since 2011 for CBS Interactive, Informa, and Mastercard. She is also a freelance journalist for several top-tier security titles including Cybersecurity Venture and The Daily Swig. In addition to her passion for writing Charlie also has a keen interest in photography and occasionally tries her hand at a bug bounty or two.

    Key points How important is privacy to security and vice versa? Where should responsibility lie for protecting our privacy online? Does businesses collecting more information about their customers help or hinder security? Has GDPR changed attitudes to privacy and security, and how does this differ in the EU and the USA?

    The Cybersecurity Sessions podcast is presented by Netacea - The world's first fully agentless bot management solution.

    --- Send in a voice message: https://podcasters.spotify.com/pod/show/netacea/message
  • We’re told that multi-factor authentication is more secure than passwords, but in truth most MFA is susceptible to the same old threats, such as phishing and man-in-the-middle attacks. In fact, the widely championed advice to “use MFA, any MFA” could lead to a false sense of security and even more data breaches.

    In this episode, Andy sits down with Roger Grimes (Data-Driven Defense Evangelist, KnowBe4) to find out why MFA is vulnerable to exploitation, whether some MFAs are better than others, and what the future of secure authentication might look like.

    Roger Grimes, Data-Driven Defense Evangelist at KnowBe4

    Roger is a 34-year computer security consultant, instructor, holder of dozens of computer certifications, and an award-winning author of 13 books and over 1,000 magazine articles on computer security. He was the weekly security columnist for InfoWorld and CSO magazines from 2005-2019.

    Key points What is multi-factor authentication and how has it changed over time? Is MFA more secure than passwords, and how can it be bypassed? Are some forms of MFA more secure than others? What does the future of user authentication look like?

    The Cybersecurity Sessions podcast is presented by Netacea - The world's first fully agentless bot management solution.

    --- Send in a voice message: https://podcasters.spotify.com/pod/show/netacea/message