エピソード
-
The shift to cloud computing has transformed how businesses operate, offering unmatched flexibility, scalability, and cost efficiency. However, as organisations increasingly rely on the cloud, the attack surface for cyber threats has expanded significantly.
Traditional security tools often struggle to keep up with the unique challenges of cloud environments, such as dynamic workloads, distributed systems, and multi-cloud configurations. This is where Cloud Detection and Response (CDR) becomes essential. CDR solutions are specifically designed to monitor cloud environments in real-time, identify potential threats, and provide swift responses to mitigate risks.
The importance of CDR extends beyond just preventing breaches—it’s about safeguarding critical data, maintaining business continuity, and building trust with customers and stakeholders. With the rise of sophisticated attacks like ransomware and supply chain compromises targeting cloud infrastructure, having a comprehensive CDR strategy is no longer optional but a necessity.
In this episode, Aparna Sundararajan speaks to Mohit Bhasin, Senior Product Marketing Manager at Palo Alto Networks, about the importance of CDR and the need for a holistic approach to cybersecurity.
Key Takeaways:
Cloud security is essential for organisational success.Real-time protection is crucial to prevent attacks.Organisations need a unified approach to cloud security.Visibility and context are critical in security solutions.Proactive risk management is necessary in cloud environments.Security should be integrated into the development process.Automation can enhance security team efficiency.Security is an enabler of innovation, not a blocker.Chapters:
00:00 - Introduction to Cloud Detection and Response
02:55 - Understanding Cloud Detection and Response
05:46 - Real-Time Protection and Customer Insights
09:00 - The Future of Cloud Security
11:52 - Overrated and Underrated Aspects of CDR
14:46 - Final Thoughts on Cloud Security Strategy
-
Effective supply chain risk management is no longer optional—it is essential for long-term business success. Disruptions from natural disasters, geopolitical tensions, or unexpected global events like pandemics can ripple through even the most carefully planned supply chains.
Companies that fail to anticipate and mitigate these risks can face costly delays, increased operational costs, and damaged reputations. By prioritising risk management, businesses can identify vulnerabilities, strengthen their supply chain resilience, and ensure that they can respond swiftly to unforeseen challenges.
Proactively managing supply chain risk offers a competitive edge in an increasingly unpredictable marketplace. It allows businesses to build stronger relationships with suppliers, improve operational efficiency, and ensure continuity of service, even in times of crisis. Implementing strategies such as diversifying suppliers, leveraging technology for better visibility, and adopting flexible logistical models can help organisations stay agile and minimise potential disruptions.
In this episode, Paulina Rios Maya, Head of Industry Relations, speaks to Haydn Brooks, CEO and Co-Founder of Risk Ledger, about third-party risk management and the best practices for organisations to enhance their security posture.
Key Takeaways:
Supply chains have become more interconnected, increasing exposure to cyber risks.Hackers target corporate supply chains for financial gain and geopolitical reasons.The attack surface has expanded significantly without corresponding security measures.Supply chain attacks can be untargeted or targeted, with different motivations.Developing security tools for supply chains is challenging due to complexity and the need for more visibility.Real-world examples like Target and SolarWinds illustrate the consequences of supply chain breaches.Neglecting third-party risk management can lead to reputational and operational impacts.Collaboration with suppliers is essential for a unified defence against cyber threats.Chapters:
00:00 - Introduction to Supply Chain Risk Management
01:51 - Understanding the Motivation Behind Supply Chain Attacks
04:39 - Challenges in Developing Security Tools for Supply Chains
06:37 - Real-World Consequences of Supply Chain Breaches
09:23 - The Importance of Third-Party Risk Management
11:18 - Best Practices for Enhancing Third-Party Risk Management
13:37 - The Role of Automation in Risk Management
15:04 - Creating a Unified Defense Strategy with Suppliers
-
エピソードを見逃しましたか?
-
Today, organisations face relentless cybersecurity threats, with phishing attacks and poor password management leading the charge. These vulnerabilities can result in data breaches, financial losses, and reputational damage, making them a top concern for businesses of all sizes. Despite technological advances, many organisations struggle to keep up with increasingly sophisticated phishing techniques and the risks of weak or reused passwords.
Addressing these challenges requires more than cookie-cutter solutions—it demands a holistic approach to cybersecurity that encompasses technology, employee education, and robust policy enforcement.
The stakes are exceptionally high for small and medium-sized enterprises (SMEs). Cybercriminals often target SMEs, perceiving them as less prepared to fend off attacks. Implementing effective cybersecurity measures doesn’t have to be overwhelming or costly, but it does require understanding the risks and taking proactive steps to mitigate them.
In this episode, Paulina Rios Maya, Head of Industry Relations, speaks to Steven Furnell, IEEE senior member and professor of cybersecurity at the University of Nottingham.
Key Takeaways:
Cybersecurity posture shows little improvement year over year.Phishing remains the most reported cybersecurity threat.Community support is vital for SMEs in cybersecurity.Transitioning to passwordless solutions is underway but not complete.Biometric data should be stored securely on user devices.Usability must be balanced with security in technology development.Deepfake technology presents new challenges for biometric systems.Chapters:
00:00 - Introduction to Cybersecurity Insights
01:27 - Current Cybersecurity Posture and Challenges
03:23 - Phishing and Common Cybersecurity Threats
07:09 - Supporting Small and Medium Enterprises
10:56 - Transitioning to a Passwordless Future
17:16 - Biometric Security and Its Challenges
-
Governments and institutions face unprecedented cyber threats challenging national infrastructure, sensitive data security, and public services. To stay ahead in emerging risks, organisations must adopt cutting-edge tools that enable proactive preparation and robust defence strategies against these risks.
Cyber ranges and digital twins are revolutionising cybersecurity by offering highly effective methods for simulating real-world attacks, testing security protocols, and providing predictive insights into potential vulnerabilities. These tools provide a safe, controlled environment for teams to practice and refine their response strategies, ensuring they can confidently tackle sophisticated cyber threats.
Cyber ranges create realistic virtual environments that mimic complex network infrastructures, enabling security teams to engage in hands-on training exercises and test their systems under simulated attack scenarios. Meanwhile, digital twins—virtual replicas of physical systems—allow for continuous monitoring and real-time analysis of critical infrastructure.
In this episode, Paulina Rios Maya, Head of Industry Relations, speaks to Aare Reintam, COO of CybExer Technologies, about their NATO-award-winning cyber ranges.
Key Takeaways:
Cyber ranges are essential for simulating real-world cyber attacks.Digital twins provide a safe environment for testing and learning.AI can enhance both offensive and defensive cybersecurity strategies.Regular participation in cyber ranges improves team readiness.Understanding interdependencies in critical infrastructure is vital.Proactive measures are necessary to address cybersecurity weaknesses.Chapters:
00:00 - Introduction to Cyber Ranges and Digital Twins
02:50 - The Role of Cyber Ranges in Cybersecurity Training
05:45 - Digital Twins: Enhancing Cybersecurity Simulations
09:06 - Adapting to Evolving Cyber Threats
12:01 - AI and Machine Learning in Cyber Ranges
14:57 - Long-term Implications of Cyber Ranges for Organizations
17:52 - Best Practices for Cyber Range Participation
21:04 - The Importance of Continuous Training for Governments
23:57 - Conclusion and Resources
-
Digital risk protection has become a cornerstone of organisational security. Proactive measures are essential to defend against cyber risks, from safeguarding sensitive data to mitigating external threats. Businesses must move beyond traditional cybersecurity approaches, embracing holistic digital risk strategies that protect their reputation, assets, and customers. Organisations can create resilient systems that adapt to today’s complexities by anticipating risks rather than merely reacting to them.
However, adequate digital risk protection isn’t just about technology—it requires a cultural shift. Fostering a security-first mindset means embedding security practices into every level of an organisation, from executive leadership to front-line employees. This cultural evolution goes hand in hand with compliance, as businesses align their strategies with ever-changing regulations.
In this episode, Paulina Rios Maya, Head of Industry Relations, speaks to Scott Walker, Cyber Security Incident Response Team manager at Orange Cyberdefense, about the continuous nature of cybersecurity efforts, highlighting the thrill and challenges of incident response.
Key Takeaways:
Digital risk protection is essential for organisations.Cultural shifts are necessary for effective cybersecurity compliance.Honesty in reporting incidents is crucial for effective response.Real-time metrics are vital for measuring cybersecurity effectiveness.Community support can help smaller businesses improve security.Incident response is a dynamic and exciting field.Understanding past threats helps in preparing for future ones.Chapters:
00:00 - From Military to Cybersecurity: Scott Walker's Journey
01:24 - The Importance of Digital Risk Protection
05:41 - Cultural Shifts in Cybersecurity Compliance
09:00 - Building a Culture of Honesty in Cybersecurity
10:54 - The Role of Real-Time Metrics in Cyber Defense
13:41 - Community Support in Cybersecurity
15:34 - Emerging Threats: AI and Cybersecurity Resilience
19:35 - The Thrill of Incident Response
-
Understanding human behaviour is critical in creating secure environments, as human actions, decisions, and vulnerabilities often determine the effectiveness of security measures. By prioritising behavioural insights, organisations can anticipate potential threats and design systems that align with how people naturally act and interact.
Discussing the psychological drivers behind employee behaviour helps uncover why individuals may unknowingly bypass security protocols, highlighting the importance of addressing root causes rather than merely enforcing rules.
Security isn’t just about preventing incidents; it’s about cultivating a culture where individuals are empowered to make informed decisions. This involves fostering a "just culture," where employees feel safe reporting mistakes without fear of punishment, enabling continuous improvement. By focusing on trust, transparency, and education, organisations can instil a security-first mindset across their workforce.
In this episode, Paulina Rios Maya, Head of Industry Relations, speaks to John Scott, Lead Cyber Security Researcher at CultureAI, about building trust and responsibility within security culture to mitigate cyber risks effectively.
Key Takeaways:
Understanding human behaviour is crucial for security.Human errors are inevitable; organisations must accept this.A ‘just culture’ is essential for a secure environment.Leadership must model security behaviours.Security should be seen as everyone's responsibility.Simplifying reporting processes encourages engagement.Fostering secure behaviour at home enhances workplace security.Chapters:
00:00 - Understanding Human Behavior in Security
05:15 - The Role of Psychological Drivers
10:55 - Fostering a Security-First Mindset
17:32 - Bridging the Generational Gap in Security Awareness
25:30 - Building Trust and Responsibility in Security Culture
-
Hackers today rely on sophisticated techniques to collect information about their targets, combining digital stealth, social engineering, and data mining to get ahead. From scouring social media profiles to exploiting publicly available data, attackers gather intelligence that helps them pinpoint vulnerabilities and personalise attacks. Every detail—personal photos, company affiliations, online connections—can provide valuable clues for hackers, helping them craft realistic phishing attempts, exploit system weaknesses, or impersonate trusted contacts.
Understanding how hackers operate is the first line of defence in protecting your personal and business information. By exploring the methods hackers use, such as network reconnaissance, dark web monitoring, and social profiling, individuals and companies can recognise potential threats before they escalate. Awareness is power, and by knowing how hackers collect intelligence, you can adopt strategies to reduce your digital footprint, secure sensitive data, and stay one step ahead.
In this episode, Alejandro Leal, Analyst at KuppingerCole speaks to Arik Atar, Senior Threat Intelligence Researcher at Radware, about the increasing sophistication of attacks, especially during the holiday season.
Key Takeaways:
Threat actors are opportunists, targeting based on available information.Social media is a significant source of personal information for attackers.Holiday seasons see a spike in cyber attacks due to increased online activity.Using separate emails for different services can minimise risk.Regularly check privacy settings on social media and apps.Avoid saving passwords in web browsers for better security.Be cautious of seemingly legitimate offers that may involve stolen accounts.Chapters:
00:00 - Understanding Threat Actors' Motivations
02:27 - The Role of Social Media in Cybersecurity
05:44 - Evolution of Threat Actor Behavior
09:32 - Anticipating Holiday Season Cyber Threats
12:52 - Future-Proofing Your Digital Security
-
As Chinese electric vehicles (EVs) rapidly gain market share across Europe, cybersecurity has become a key focus for regulators, manufacturers, and consumers alike. These advanced vehicles, packed with digital features and data-driven capabilities, also bring new cybersecurity challenges. With sophisticated connectivity features, onboard software, and data collection systems, the risk of cyber vulnerabilities is heightened, raising questions about data privacy, vehicle security, and the integrity of critical infrastructure.
The intersection of cybersecurity and the influx of Chinese EVs requires strict data protection standards, secure software protocols, and collaboration across the automotive and tech industries. European markets increasingly prioritise transparency and rigorous testing to ensure these vehicles meet robust cybersecurity standards. By addressing these challenges, Europe can continue to embrace the electric future with confidence, ensuring that cutting-edge technology goes hand-in-hand with safety and security for all.
In this episode, Paulina Rios Maya, Head of Industry Relations, speaks to Gianni Cuozzo, founder and CEO of Exein, about the evolution of the automotive industry, the competitive landscape shaped by Chinese manufacturers, and the cybersecurity risks associated with connected technologies in EVs
Key Takeaways:
EVs are fundamentally IoT systems on wheels.The automotive industry has evolved from mechanical to digital to connected vehicles.Chinese EVs are reshaping the competitive landscape in Europe.The Cyber Resilience Act aims to enforce security standards for manufacturers.Firmware updates can introduce new vulnerabilities post-certification.The automotive supply chain must adhere to new security regulations.Innovation in EVs must be balanced with robust security measures.Chapters:
00:00 - Introduction to Cybersecurity and EVs
02:58 - The Evolution of the Automotive Industry
05:52 - Impact of Chinese EVs on European Market
09:06 - Cybersecurity Risks of Connected EVs
12:52 - The Cyber Resilience Act and Its Implications
17:03 - Navigating Innovation and Security in EVs
-
With cloud attacks rising, Cloud Detection and Response (CDR) is becoming a crucial focus in modern security operations. But what exactly is CDR, and how does it fit alongside other advanced security solutions like XDR? Just as Security Operations Centers (SOCs) defend the enterprise network, they now must extend their defences to the cloud, ensuring threats are detected and addressed in real time.
However, many organisations still rely heavily on Posture Management and "Shift Left" strategies to secure their cloud. While effective, these approaches leave gaps in protection, especially against modern attack methods. There's often an assumption that cloud security is entirely handled by the Cloud Service Provider (CSP), which leads to critical oversights.
Recent research reveals that traditional security measures often miss threats like runtime attacks and identity mismanagement. In this episode, Chris Steffen, EMA's Vice President of Research, speaks to Nathaniel "Q" Quist, Palo Alto's Cloud Threat Intelligence Manager, to discuss CDR and its benefits.
Key Takeaways:
Understanding the shared responsibility model is crucial for organisations.Misconfigurations are a leading cause of cloud security breaches.Ransomware attacks in the cloud behave differently than on-premises.Identity access management is a primary target for attackers.Visibility and telemetry are essential to effective security operations.Hard-coded credentials pose significant risks in cloud environments.Chapters
00:00 - Introduction to Cloud Detection and Response
02:56 - Understanding the Shared Responsibility Model
05:47 - Cloud Security Posture Management and Its Importance
09:07 - Real-World Scenarios in Cloud Security
11:53 - The Evolution of Cybersecurity Technologies
15:13 - Key Security Gaps in Cloud Environment
-
When it comes to decision-making, courage is paramount. Cybersecurity professionals must navigate high-stakes environments where swift, bold decisions can mean the difference between safeguarding critical assets and exposing vulnerabilities. This requires a willingness to act decisively, even under uncertainty, and to take calculated risks for the greater good of organizational security. Courage in this field isn’t just about individual bravery—it’s about fostering a culture where team members feel empowered to make tough calls, share unconventional insights, and drive proactive security measures.
Equally important in cybersecurity is the value of followership and resilience. Effective followership involves supporting leadership and strategic decisions, embracing a shared sense of responsibility, and prioritising team goals over individual recognition. With a combination of courageous leadership, strong followership, and resilience, organizations can build a cybersecurity posture that not only withstands attacks but continuously improves in the face of emerging threats.
In this episode, Paulina Rios Maya, Head of Industry Relations, speaks with Miguel Clark, a retired FBI special agent, about the nuances of leadership, particularly in high-pressure environments like law enforcement and the tech industry.
Key Takeaways:
Leadership is about placing others' needs above your own.Followership is crucial for effective leadership.Courage is developed by confronting fears.Mistakes are opportunities for learning and growth.Long-term organizational health requires valuing team contributions.Effective communication is essential for leadership success.Preparation for crises is key to resilience.Building a culture of trust encourages open communication.Perfectionism can hinder decision-making and progress.Chapters:
00:00 - Introduction to Leadership and Followership
02:45 - The Transition from FBI to Tech Industry Leadership
06:36 - Understanding Followership in Leadership
09:59 - Courage and Fear in Decision Making
13:34 - Learning from Mistakes and Accountability
17:52 - Long-term Health of Organizations
21:39 - Communication and Understanding in Leadership
25:56 - Preparing for Cybersecurity Breaches
30:07 - Building a Culture of Trust
33:51 - Conclusion: Resilience in Cybersecurity
-
Ransomware attacks increasingly force organisations to pay ransom due to the significant impact on operations, data loss, and the fear of reputational damage. Semperis’s Ransomware Risk Report explores the reasons behind the high percentage of businesses making payments, which inadvertently encourages attackers to strike again. By giving in to demands, many companies fall into a dangerous cycle of repeated attacks, becoming easy targets for cybercriminals.
To mitigate this risk, it is critical to adopt an "assume breach" mindset. Organisations must be prepared for potential breaches by investing in robust recovery plans and strengthening cybersecurity measures, ensuring they can respond effectively without succumbing to ransom demands.
In this episode, Paulina Rios Maya, Head of Industry Relations, speaks to Simon Hodgkinson about the reasons behind the high percentage of organisations paying ransoms, the cycle of repeated attacks, and the critical importance of having robust recovery plans.
Key Takeaways:
Paying ransom does not guarantee recovery.Business resilience is crucial during recovery.Recovery plans must be robust and well-tested.Identity management is a critical vulnerability.Dedicated tools are necessary for identity recovery.Recovery time objectives (RTO) need improvement.Purple Knight is highlighted in the report as a key tool in detecting vulnerabilities before attackers can strike. With Purple Knight, organisations can proactively assess their defences, identify weak points, and strengthen recovery plans—helping to break the costly cycle of ransomware payments.
Chapters:
00:00 - Introduction to Ransomware and Its Impact
02:50 - Understanding the Ransom Payment Dilemma
06:03 - The Cycle of Repeated Attacks
08:55 - The Importance of Recovery Plans
12:05 - Identity Recovery and Its Challenges
14:51 - Best Practices for Ransomware Resilience
17:50 - Tools for Active Directory Recovery
21:03 - Conclusion and Key Takeaways
-
Ransomware has become a pervasive threat, targeting organisations of all sizes and industries. The complexities of recovery after an attack are enormous, often involving extensive data restoration, system reconfiguration, and potential business disruptions. The financial toll, reputational damage, and operational downtime can be devastating.
AI can be a powerful tool in this battle that allows organisations to spot and prevent threats more effectively, analyse vast datasets for anomalies, and automate critical security tasks.
In this episode, Paulina Rios Maya, Head of Industry Relations, speaks to Jim McGann, VP of Strategic Partnerships at Index Engine, about Ransomware and its consequences.
Key Takeaways:
Ransomware continues to be a significant threat to organisations.The complexity of IT infrastructure contributes to ransomware vulnerabilities.User training is crucial in preventing ransomware attacks.Recovery from ransomware can take months and cost billions.Organisations often confuse disaster recovery with cyber recovery.AI can help identify patterns of bad actor behaviour.Validating data integrity is essential for effective recovery.Many organisations lack a cyber resiliency strategy.Ransomware actors often return to organisations that have paid ransoms.A proactive recovery strategy is necessary for minimising impact.Chapters:
00:00 Introduction to Ransomware Challenges
01:28 Understanding the Persistence of Ransomware
05:17 Complexities of Recovery After an Attack
10:57 The Role of AI in Cybersecurity
15:31 Real-World Applications of AI in Recovery
-
Companies are constantly pushing for innovation to stay competitive. Whether adopting new technologies or streamlining processes, innovation is key to growth. However, as businesses embrace digital transformation, they open themselves to new security vulnerabilities. These advancements can quickly become liabilities without proper protection, exposing companies to cyberattacks, data breaches, and other security threats.
Striking the right balance between innovation and security is essential for long-term success. Companies must prioritise cybersecurity alongside growth initiatives, ensuring that strong defences back every new technology or system.
In this episode, Richard Stiennon, Chief Research Analyst at IT-Harvest, speaks to Adeel Ahmad, Director of Technical Field Strategy at HashiCorp, and Grant Webb, Cloud Technologist, about the innovation paradox.
Key Takeaways:
The balance between innovation and securityHow digital transformation introduces new vulnerabilitiesStrategies for prioritizing cybersecurity alongside growthInnovation is about change, while security is about safety.Security should not be seen as a hindrance to innovation.Embedding security in design can reduce friction.Regulatory compliance can complicate the innovation process.Shared objectives can align security and innovation efforts.Building relationships between security and development teams is crucial.CISOs should be integrated into the innovation process.Chapters:
00:00 - The Innovation Paradox: An Introduction
02:53 - Balancing Innovation and Security
05:49 - Regulatory Challenges in Innovation
09:14 - Embedding Security in Organizational Culture
12:07 - Lessons from HashiCorp's Experience
14:58 - Building Relationships Between Security and Development
17:52 - Creative Approaches to Security and Productivity
-
In this episode, Luke Dash, CEO of ISMS.online, speaks to Paulina Rios Maya, Head of Industry Relations, about the current state of information security, drawing on key findings from their latest report. The discussion emphasises the growing importance of compliance in the face of rising data breaches and supply chain vulnerabilities.
They explore artificial intelligence's dual role in cybersecurity, highlighting its potential to enhance defences and the increasing threat posed by AI-driven attacks like deep fakes. Luke stresses the need for businesses, especially in sensitive industries, to foster a culture of compliance and continuous improvement in cybersecurity measures to stay ahead of evolving risks.
Key Takeaways:
99% of businesses faced fines for data breaches.Supply chain attacks have increased by 22%.Deepfakes are now a significant security threat.A culture of compliance is essential for organisations.ISO 27001 is crucial for information security management.Cybersecurity should be part of daily business operations.Continuous improvement is critical to effective security practices.Chapters:
00:00 Introduction to Information Security and Compliance
01:21 Key Findings from the State of Information Security Report
03:10 Addressing Supply Chain Security Risks
05:57 The Role of AI in Cybersecurity
08:19 The Rise of Deepfakes and Their Impact
10:39 Building a Culture of Compliance in Organizations
12:36 Best Practices for Compliance in Sensitive Industries
15:27 Continuous Improvement in Cybersecurity Practices
-
Ethical hacking, or penetration testing, plays a key role in protecting businesses from cyber threats by identifying vulnerabilities before malicious hackers can exploit them. As AI becomes more embedded in critical operations, it becomes a prime target for cybercriminals. Ethical hackers are stepping up to defend these systems, using their skills to protect sensitive data, safeguard privacy, and ensure businesses stay secure and operational.
With the rise of AI-powered security tools, ethical hackers can analyse and respond to threats faster and more accurately than ever. However, the rapid advancement of AI also raises new challenges—automated systems can sometimes behave unpredictably, and new vulnerabilities may emerge.
In this episode, Paulina Rios Maya, Head of Industry Relations, speaks to Joseph Carson, Chief Security Scientist & Advisory CISO at Delinea, about the differences between superhero hackers, who use their skills for good, and villain hackers, who exploit vulnerabilities for malicious purposes.
Key Takeaways:
Hacking is a skillset and mindset, not inherently criminal.There are two types of hackers: superheroes and villains.AI is primarily used for defensive purposes in cybersecurity.Data minimisation is essential for protecting user privacy.Attackers are increasingly targeting individuals rather than systems.Identity protection is a top priority in cybersecurity.User-friendly security measures are necessary to enhance protection.Chapters:
00:00 - Introduction to Ethical Hacking and AI's Impact
03:14 - The Dual Nature of Hackers: Heroes vs. Villains
06:33 - AI's Role in Cybersecurity: Opportunities and Threats
11:18 - Balancing User Privacy and Security
14:35 - The Role of Ethical Hackers in Cybersecurity
17:13 - Overlooked Vulnerabilities: The Human Element in Cybersecurity
-
Traditional security models are no longer enough. Identity and Zero Trust have become essential pillars of modern information security strategies. By focusing on “never trust, always verify,” Zero Trust ensures that no user or device is trusted by default—whether inside or outside the network—identity management, meanwhile, safeguards access by verifying who is accessing your systems and data.
Together, these approaches offer a more robust, adaptive defence against cyber threats, helping organisations protect sensitive information and mitigate risk.
In this episode of the EM360 Podcast, Chris Steffen, EMA's vice president of research, speaks to Ran Lampert, CEO and co-founder of Infinipoint, about the importance of identity when building your Zero Trust journey.
Key Takeaways:
Identity and device authentication are equally important in Zero Trust.Compliance requirements increasingly demand device verification.Quick wins in identity management can lead to immediate improvements.Gradual implementation of security solutions is key to success.Zero Trust is a continuous journey, not a one-time fix.Integrating user and device authentication can reduce security risks.The landscape of identity management is evolving rapidly.Chapters:
00:00 - Introduction to Identity and Zero Trust
02:46 - The Evolving Landscape of Identity and Access Management
06:09 - Understanding Attack Vectors and Security Gaps
09:00 - Compliance and Regulatory Requirements
11:47 - Quick Wins in Identity and Access Management
-
Red teaming is a proactive cybersecurity approach where ethical hackers simulate real-world attacks to test an organisation’s defences. Unlike traditional testing, red teaming mimics sophisticated threats to expose vulnerabilities in networks, systems, and even human factors. This process helps organisations identify weaknesses, strengthen their security posture, and improve their incident response plans to stay ahead of evolving cyber threats.
An important aspect of red teaming is the interpersonal dynamics between the red team and the organisation’s internal teams. Collaboration and transparent communication are crucial to ensuring the exercise remains productive. Maintaining positive relationships during and after the tests fosters trust and encourages constructive feedback, essential for implementing security improvements without creating internal friction.
In this episode, Paulina Rios Maya, Head of Industry Relations, speaks to Gemma Moore, Co-founder and Director of Cyberis about the role of red teaming in developing detection and response capabilities.
Key Takeaways:
Red teaming involves testing people, processes, and technology.Maintaining positive relationships is crucial during red team exercises.Non-security stakeholders need actionable insights from red team outputs.Informed consent is essential for ethical red team operations.Respecting personal boundaries is important in red teaming.Building relationships with blue teams fosters a collaborative environment.Chapters:
00:00 - Introduction to Red Teaming and Cybersecurity
01:20 - Understanding Red Teams: Definition and Purpose
03:38 - Interpersonal Dynamics in Red Team Exercises
05:58 - Engaging Non-Security Stakeholders
08:43 - The Importance of Informed Consent
12:34 - Ethical Considerations in Red Teaming
17:44 - Developing Detection and Response Capabilities
20:53 - Conclusion and Resources for Further Learning
-
Protecting sensitive data requires a robust approach, with Data Security Posture Management (DSPM) and Data Loss Prevention (DLP) at the forefront. DSPM aligns security policies with data architecture, while DLP prevents unauthorised access and leaks.
Understanding data classification and custodianship is key to this, as it ensures that sensitive data is prioritised. Integrating AI further strengthens these strategies, offering real-time threat detection and automated protection.
In this episode, Chris Steffen VP of Research at EMA speaks to Shannon Murphy, Global Security & Risk Strategist at Trend Micro, to discuss data security management.
Key Takeaways:
Data Security Posture Management (DSPM) is essential for visibility.Data classification is crucial for effective data security.AI can enhance data discovery and classification processes.Data custodianship should involve those who understand the data.Continuous monitoring is necessary for effective data protection.A layered defense approach is necessary against emerging threats.Data security is an ongoing process, not a one-time fix.Chapters:
00:00 - Introduction to Data Security Management
02:55 - Understanding DSPM vs DLP
06:12 - The Role of AI in Data Security
08:57 - Data Classification and Metadata
11:48 - Data Custodianship and Responsibility
15:11 - Creating a Culture of Security
17:57 - The Future of Data Security Strategies
-
Fraud networks are becoming more sophisticated, posing a significant threat to the financial, iGaming and crypto sectors. As fraudsters’ tactics evolve, these industries face growing challenges in identifying, disrupting, and preventing their activities.
According to Sumsub internal research, every 100th user was involved in fraudulent networks in 2023. The need for robust fraud detection and prevention, from financial institutions to crypto exchanges and online gaming platforms, has never been greater. Understanding the inner workings of fraud networks and how they evolve, is not just crucial but empowering for protecting assets and customers.
In this episode, Alvaro Garcia, Transaction Monitoring Technical Manager at Sumsub, speaks to Paulina Rios Maya, Head of Industry Relations at EM360, about how to Outsmart the Bad Guys.
Key Takeaways:
Fraud networks, or fraud rings, can vary in size and complexity.Money mules are often unaware they are part of fraudulent schemes.The iGaming industry is particularly vulnerable to bonus abuse.A multi-layered approach is essential for effective fraud prevention.Ongoing monitoring is crucial to catch fraud after onboarding.
Chapters00:00 - Understanding Fraud Networks
05:17 - Money Muling and Its Impact
09:58 - Proactive Measures in Financial Sector
13:43 - Navigating Risks in the Crypto Sector
17:00 - Creative Tactics of Fraudsters
19:50 - The Role of AI in Fraud Detection
23:38 - Implementing a Multi-Layered Approach
-
New cybersecurity risks threaten critical data and systems as organisations increasingly adopt AI-driven technologies, particularly neural networks and Gen-AI. These advanced AI models, while powerful, are vulnerable to a range of attacks, including adversarial manipulation, data poisoning, and model inversion, where attackers can reverse-engineer sensitive data from the AI’s output. The complexity of neural networks often makes detecting and mitigating these risks difficult, leaving organisations exposed to potential breaches.
In this episode, Paulina Rios Maya, Head of Industry Relations, speaks to Peter Garraghan, co-founder and CEO (and CTO) of Mindgard, about the importance of understanding these risks, the hidden vulnerabilities in AI systems, and the best practices organisations should implement to ensure security hygiene.
Key Takeaways:
AI and generative AI introduce new and evolving cyber threats.Understanding AI vulnerabilities is crucial for security teams.AI risks manifest in ways that are different but not new.Security teams must adapt their strategies to AI's opaqueness.AI can be used as a vector for launching attacks.Data leakage is a significant risk with AI systems.Chapters
00:00 Introduction to Cybersecurity and AI Risks
05:13 Understanding AI Vulnerabilities and Cyber Threats
10:55 Industry-Specific Risks and Threats from AI
15:54 Best Practices for AI Security Hygiene
- もっと表示する