エピソード
-
Welcome to our first SPECIAL EPISODE where we cover breaking news as it happens. Today we catch up with Joe Uchill, senior reporter at SC Media, to discuss the Colonial Pipeline ransomware attack making headlines this week and why we continue to see escalating attacks in frequency, ransom demands and high value targets such as critical infrastructure. Joe shares insights from his many years reporting from the cyber front lines speaking with government, regulatory, industry and hacking groups on what it would take to decrease the financial incentive and increase the criminal risk to make ransomware an undesirable pursuit. Spoiler alerts….ransomware gangs make mistakes and often hit “accidental” targets, regulating cryptocurrency is just as hard as it sounds, and while ransomware task forces can’t agree on the most effective solution(s) to mitigate ransomware, most agree global cooperation would be at the top of the list! For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e312
-
This week, Rachael Lyon and Vince Spina continue their riveting conversation with Gemma Moore, a renowned expert in pen testing and red teaming and cofounder of Cyberus, a leading cyber consultancy. In this second part of their discussion, Gemma delves deep into the evolving landscape of cybersecurity, touching on the complexities introduced by cloud services, the intricacies of red teaming, and the critical interplay with blue teams.
She even shares a few fascinating anecdotes from her career, including some high-stakes physical infiltration assignments that sound straight out of a spy movie! Don't miss out as we explore the cutting edge of cybersecurity and the ongoing battle to keep our digital world safe. Tune in, subscribe, and let's get to the point!
For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e311
-
エピソードを見逃しましたか?
-
Welcome back to another episode of Forcepoint! In this week's episode, hosts Rachael Lyon and Vince Spina dive deep into the intriguing and often underestimated world of cybersecurity with special guest Gemma Moore, co-founder of Cybers, a renowned cybersecurity consultancy. We’ll kick things off with Vince’s alarming personal story about a scam call that mimicked his wallet company, shedding light on the growing concerns of voice capture and security.
Gemma brings her wealth of expertise to the table, sharing stories from the front lines of ethical hacking. We explore the ins-and-outs of penetration testing, distinguishing between compliance-based and scenario-based tests, and uncover the real vulnerabilities that hide in outdated systems and shared passwords.
For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e310
-
In this episode, hosts Rachael Lyon and Vince Spina delve into the dynamic and evolving landscape of global cybersecurity with their guest, David DiMolfetta, a seasoned cybersecurity reporter at Nextgov FCW and former researcher for The Washington Post’s Tech 202. Together, they unpack the latest National Cybersecurity memo on integrating AI into military and intelligence operations, exploring AI's potential to enhance strategic planning and data analysis while navigating strict regulatory considerations.
We'll dive into the pivotal "cyber trust mark" initiative for IoT devices, the emerging quantum computing threats, and the complex web of regulatory overlap affecting critical infrastructure. Join us as we examine the international ramifications of cybersecurity policies, the ethical quandaries posed by AI, and the multi-faceted challenges of safeguarding national security in the digital age. Additionally, we'll touch on recent espionage attacks and the relentless pursuit of robust, adaptive regulations to counter future cyber threats. Stay tuned for a comprehensive discussion that brings you right to the heart of cybersecurity's most pressing issues.
For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e309
-
This is part 2 of our talk with Marios Savvides
This episode delves into the transformative role of AI in enhancing everyday life and providing security, from alerting homeowners of potential threats to preventing poolside accidents. Dr. Savvides provides insight into the ethical use of AI, the burgeoning future of biometric data, and the rapid pace of technological advancements poised to shape our futures.
For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e308
-
In today's episode, we're thrilled to dive deep into the fascinating world of biometric security with our special guest, Professor Marios Savvides from Carnegie Mellon University. Marios is not only a leading expert in artificial intelligence and biometric technology but also the founder and director of the Biometric Center, and he was named Inventor of the Year in 2022 by the Pittsburgh Intellectual Property Association.
We'll explore a range of intriguing topics, including the exceptional robustness of iris recognition technology, advancements in non-intrusive biometric systems, and the critical role of human-computer interaction in security. Marios will share insights on overcoming challenges in iris and facial recognition, tackling biases in AI, and the ethical implications of AI decision-making, especially in autonomous vehicles. We'll also touch on pressing privacy and security concerns, such as the impact of facial recognition in public spaces and the emerging threat of deep fakes.
For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e307
-
Our hosts Vince Spina and Rachael Lyon are thrilled to welcome Kelly McCracken, Senior Vice President of Detection and Response at Salesforce. With over two decades of experience in cybersecurity and technology, Kelly dives deep into the evolving landscape of AI and its pivotal role in security operations.
We’ll explore how AI enhances detection and response capabilities, especially against phishing threats, and discuss the critical integration of threat intelligence in security programs. Kelly will shed light on the importance of tailored incident response playbooks and the necessity of training stakeholders for effective decision-making during security incidents.
Join us as we navigate key elements like risk reduction strategies, the balance between security and business enablement, and the evolving transparency in reporting security incidents. Kelly also shares insights from her experience in coauthoring a NIST guide, the shift to remote work, and the complexities of managing hybrid cloud environments.
For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e306
-
From the notorious Ticketmaster hack during Taylor Swift's ticket sales to the geopolitical cyber issues involving heavyweights like China and Israel, Maggie provides a comprehensive overview of the current cyber landscape. We'll explore the bipartisan effort needed to safeguard US infrastructure, including the vulnerabilities of our satellite systems, and the intricate dynamics of election security poised to affect the upcoming U.S. presidential election.
Maggie also sheds light on the disinformation campaigns waged by nation-states and the role of AI in shaping public perception. And, with her unique background and serendipitous journey into cybersecurity journalism, we'll get a glimpse into her fascinating career path.
For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e305
-
Today, we're diving deep into the intricate world of compliance and third-party risk management with none other than Alastair Parr, the Senior VP for Global Products and Services at Prevalent. We'll explore the 80/20 Rule in Compliance, the challenges organizations face with DORA reporting, and the pivotal role of data in effective compliance management. Alastair will share insights from his extensive background in auditing, emphasizing the importance of pragmatism and proportionality in risk assessments.
We'll also discuss the growing significance of AI in cybersecurity, including the cautious approach needed to manage data hallucinations and the importance of human validation. Plus, we'll delve into real-world scenarios, like the SolarWinds attack, that reshaped board-level discussions on operational resilience and vendor risk management.
For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e304
-
Welcome back to Forcepoint! In today's episode, hosts Rachael Lyon and Vince Spina dive deep into the ever-evolving world of cybersecurity with special guest Ross Young, CISO in Residence at Team 8.
Drawing on his extensive experience with top companies and intelligence agencies, Ross shares insights on critical issues like flexible work arrangements, AI-induced challenges, and the future of cybersecurity. From the importance of innovative data security solutions to the shifting dynamics of remote work, this conversation is packed with actionable insights and forward-thinking strategies. Stay tuned as we explore the complexities of modern IT environments, the rise of AI, and the strategic role of CISOs in navigating these turbulent waters.
For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e303 -
Welcome to "To The Point Cybersecurity," the podcast where we dive deep into the most pressing issues in global cybersecurity, explore emerging threats, and discuss innovative solutions. In this episode," our hosts Rachael Lyon and Vince Spina welcome Philippe Humeau, CEO of CrowdSec, an expert in adaptive cybersecurity measures.
Philippe brings to light the evolving challenges of managing IP reputations and the complexities cybercriminals face in influencing systems globally. He critiques the traditional use of honeypots and advocates for the richer insights gained from real-world data. Philippe delves into the use of data science and deep learning to detect and block malicious IPs, emphasizing adaptive and dynamic firewall systems over static rules.
Rachael and Vince guide the conversation through various intriguing topics, from the economic and logistical difficulties of mass manipulation by attackers to the importance of crowdsourcing and collaboration in defense strategies. Philippe’s thoughts on AI's escalating role in cybersecurity, the need for shared intelligence, and the impactful concept of multiplayer firewalls are discussed at length.
For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e302
-
Welcome to another episode of Forcepoint! In today's discussion, hosts Vince Spina and Rachael Lyon are joined by Aaron Painter, CEO of Nametag, to delve into the evolving complexities of identity verification and cybersecurity. We'll explore the limitations of current Multi-Factor Authentication (MFA) solutions, with a spotlight on the high-profile MGM attack in 2023, where social engineering compromised IT help desks. Aaron shares insights on alternatives like biometric authentication, the importance of user provisioning and recovery processes, and the balance between security and user experience. We'll also discuss privacy concerns, innovative consent practices, and the daunting challenges posed by deepfakes. Whether you're interested in the intricacies of digital identity, the impact of AI on security, or the future of secure online interactions, this episode is packed with valuable insights. Tune in and stay ahead of the cybersecurity curve!
For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e301
-
Welcome to another insightful episode of "To The Point Cybersecurity," brought to you by Forcepoint! In today's episode, we're diving into the nuances of modern data security with our special guest, Yasir Ali, CEO of Polymer. As networks become increasingly borderless, the challenges for data security are escalating. We'll explore crucial technologies like Data Security Posture Management (DSPM) and Data Loss Prevention (DLP), and discuss the importance of reducing risk profiles and managing access control effectively.
Whether you're grappling with data security in a cloud-based world or curious about the future of AI in cybersecurity, this episode serves as an essential listen. Don't forget to subscribe and leave a review on Apple Podcasts or Google Podcasts. Let's get started!
For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e300
-
This week, Audra is joined by Mark Montgomery, senior director of the FDD’s Center on Cyber and Technology Innovation and director of the CSC 2.0. Today’s discussion focuses on the progress made implementing the recommendations of the Cyberspace Solarium Commission’s 2020 report and securing critical infrastructure more broadly, including insights from Mark on the need for a distinct military force focused exclusively on cybersecurity.
Mark Montgomery serves as senior director of the Center on Cyber and Technology Innovation, where he leads FDD’s efforts to advance U.S. prosperity and security through technology innovation while countering cyber threats that seek to diminish them. Mark also directs CSC 2.0, an initiative that works to implement the recommendations of the congressionally mandated Cyberspace Solarium Commission, where he served as executive director. Previously, Mark served as policy director for the Senate Armed Services Committee under the leadership of Senator John S. McCain, coordinating policy efforts on national security strategy, capabilities and requirements, and cyber policy.
Mark served for 32 years in the U.S. Navy as a nuclear-trained surface warfare officer, retiring as a rear admiral in 2017. He was assigned to the National Security Council from 1998 to 2000, serving as director for transnational threats. Mark has graduate degrees from the University of Pennsylvania and the University of Oxford and completed the U.S. Navy’s nuclear power training program.
For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e277
-
Joining us this week is Peter W. Singer, a New York Times bestselling author of books including Ghost Fleet, LikeWar and the techno-thriller Burn In. He shares details on the New America volunteer, non-profit organization and its awesome #SharetheMicinCyber program helping to bring diversity of thought to the cybersecurity front lines. We also discuss the future of social media, what defines a cyberwar, Ukraine’s leverage of social media to garner global support this year, and the great work Useful Fiction is delivering to organizations to address the age old problem of translating complex themes (such as cyber) into compelling business narratives audiences understand and can learn from. And definitely take a few minutes to learn more about Passing the Mic’s cybersecurity fellowship program this week. Read more here: https://www.newamerica.org/the-thread/passing-the-mic-introducing-new-americas-cybersecurity-fellowship/
Peter Warren Singer is Strategist at New America, a Professor of Practice at Arizona State University, and Founder & Managing Partner at Useful Fiction LLC.
A New York Times Bestselling author, described in the Wall Street Journal as “the premier futurist in the national-security environment” and “all-around smart guy” in the Washington Post, he has been named by the Smithsonian as one of the nation’s 100 leading innovators, by Defense News as one of the 100 most influential people in defense issues, by Foreign Policy to their Top 100 Global Thinkers List, and as an official “Mad Scientist” for the U.S. Army’s Training and Doctrine Command. No author, living or dead, has more books on the professional US military reading lists. His non-fiction books include Corporate Warriors: The Rise of the Privatized Military Industry, Children at War, Wired for War: The Robotics Revolution and Conflict in the 21st Century; Cybersecurity and Cyberwar: What Everyone Needs to Know and most recently LikeWar, which explores how social media has changed war and politics. It was named an Amazon and Foreign Affairs book of the year and reviewed by Booklist as “LikeWar should be required reading for everyone living in a democracy and all who aspire to.” He is also the co-author of a new type of novel, using the format of a technothriller to communicate nonfiction research. Ghost Fleet: A Novel of the Next World War was both a top summer read and led to briefings everywhere from the White House to the Pentagon. His latest is Burn-In: A Novel of the Real Robotic Revolution. It has been described by the creator of Lost and Watchmen as “A visionary new form of storytelling—a rollercoaster ride of science fiction blended with science fact,” and by the head of Army Cyber Command as “I loved Burn-In so much that I’ve already read it twice.”
For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e274
-
Joining the podcast this week is Tony Sager, Senior Vice President and Chief Evangelist for the Center of Internet Security and shares insights from his 45+ years on the security front lines, including 34 years at the NSA. Risk was a big theme of the discussion particularly looking at risk through a similar lens as we view other risky domains, such as the great work being done with the Cyber Safety Review Board. (And he shares color on the power of being okay with the risk of being wrong sometimes.) He also shares perspective on moving to incentive-based cyber models (such as what’s been done in Ohio and Connecticut), and the criticality of translating technology, attacks & attackers into public policy and market incentives. And it can’t be a great cyber discussion without addressing the growing sophistication of cyber criminals and their organizations – really becoming the defacto organized crime success path today.
Tony Sager, Senior Vice President and Chief Evangelist for the Center for Internet Security
Sager is a SVP and Chief Evangelist for CIS. He leads the development of the CIS Critical Security Controls™, a worldwide consensus project to find and support technical best practices in cybersecurity. Sager champions of use of CIS Controls and other solutions gleaned from previous cyber-attacks to improve global cyber defense. He also nurtures CIS’s independent worldwide community of volunteers, encouraging them to make their enterprise, and the connected world, a safer place. In November 2018, he added strategy development and outreach for CIS to his responsibilities.
In addition to his duties for CIS, he is an active volunteer in numerous community service activities: the Board of Directors for the Cybercrime Support Network; and a member of the National Academy of Sciences Cyber Resilience Forum; Advisory Boards for several local schools and colleges; and service on numerous national-level study groups and advisory panels.
Sager retired from the National Security Agency (NSA) after 34 years as an Information Assurance professional. He started his career there in the Communications Security (COMSEC) Intern Program, and worked as a mathematical cryptographer and a software vulnerability analyst. In 2001, Sager led the release of NSA security guidance to the public. He also expanded the NSA’s role in the development of open standards for security. Sager’s awards and commendations at NSA include the Presidential Rank Award at the Meritorious Level, twice, and the NSA Exceptional Civilian Service Award. The groups he led at NSA were also widely recognized for technical and mission excellence with awards from numerous industry sources, including the SANS Institute, SC Magazine, and Government Executive Magazine.
For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e273
-
Joining us this week is Jennifer Cook, Senior Director of Marketing at the National Cybersecurity Alliance and we discuss all the hot and trending online scams facing consumers today including the growing prevalence of romance scams ($1.3B in losses last year!), job seeker scams, tax fraud scams, sextortion, and the latest scam making the rounds – pig butchering scams. Jennifer shares insights on the many free resources available to consumers – and the awesome work being done by the National Cybersecurity Alliance working with partners and champions around the globe – that raise awareness of what to look for and how to avoid online and mobile scams that take advantage of our day-to-day engagement channels including email, social media and, increasingly, mobile text messages.
Jennifer Cook, Senior Director of Marketing at the National Cybersecurity Alliance
Jennifer Cook is the Senior Director of Marketing at the National Cybersecurity Alliance (NCA). Jennifer leads the development and coordination of NCA’s growing suite of campaigns and programs, including Cybersecurity Awareness Month and Data Privacy Week. She joined the National Cyber Security Alliance in 2017 and holds a degree in Marketing from Drexel University.
For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e272
-
This week we dive into the hot topic of cyber insurance with Dr. Josephine Wolff, Associate Professor of Cybersecurity Policy at Tufts University The Fletcher School and author of the book “You’ll See This Message When it is Too Late: The Legal and Economic Aftermath of Cybersecurity Breaches” (MIT Press 2018). We explore the dynamic industry of cyber insurance and key policy areas such as defining cyber war, the impact of the increase of ransomware the last two years (some stats put it at 150% increase!), and how to change security behaviors. She also shares insights on AI and the always looming theme of bias as well as the importance of always keeping a human in the loop. And, be sure to look out for her new book on cyber insurance with MIT Press coming out in August 2022.
Josephine Wolff - Associate Professor of Cybersecurity Policy at Tufts University's The Fletcher School
Josephine Wolff is an associate professor of cybersecurity policy and has been associated with The Fletcher School at Tufts University since 2019. Her research interests include international Internet governance, cyber-insurance, security responsibilities and liability of online intermediaries, government-funded programs for cybersecurity education and workforce development, and the legal, political, and economic consequences of cybersecurity incidents. Her book "You'll See This Message When It Is Too Late: The Legal and Economic Aftermath of Cybersecurity Breaches" was published by MIT Press in 2018. Her writing on cybersecurity has also appeared in Slate, The New York Times, The Washington Post, The Atlantic, and Wired. Prior to joining Fletcher, she was an assistant professor of public policy at the Rochester Institute of Technology and a fellow at the New America Cybersecurity Initiative and Harvard's Berkman Klein Center for Internet & Society. She received received a Ph.D. in Engineering Systems and M.S. in Technology and Policy from MIT, and an A.B. in mathematics from Princeton. As a student, she also spent time at Microsoft, the Center for Democracy and Technology, the White House Office of Science and Technology Policy, and the Department of Defense.
https://www.linkedin.com/in/josephine-wolff-1baa414b/
For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e271
- もっと表示する