Эпизоды
-
In today’s episode, Steve speaks with Steve Satterwhite, the founder and CEO of Entelligence, and author of "Above the Line: How the Golden Rule Rules the Bottom Line." He shares some simple but fresh ideas about how to find the right person for the right role, how to overcome the skills shortage, and why putting people first is the key to successful cybersecurity.
Key Takeaways:
1. Successful companies can upskill employees in technology, using positive experiences and promising opportunities.
2. Satterwhite reflects on fatherhood, emphasizing the importance of helping children discover their purpose and identity.
3. Satterwhite believes that the organisation’s role is to provide tools and systems for team members to thrive, while also acknowledging the reality of short-term employment.
4. Open-minded technology leaders who integrate technical skills with emotional intelligence thrive.
Tune in to hear more about:
1. Attracting and retaining talent in the cybersecurity industry (2:40)
2. Cybersecurity talent shortage and skills gap in enterprises (10:00)
3. Finding and upskilling cybersecurity professionals for new technologies (16:44)
4. Prioritising people in business to boost revenue and profits (21:58)
5. Prioritising emotional intelligence in technology leadership (27:06)
Standout Quotes:
1. “I believe that that culture attracts the kind of folks that are ambitious, that are hungry to learn, that are eager to move up in whatever way that they define moving up in their lives. And I think it's our job, really, as leaders, and especially here in our organisation. It’s to create that environment so that people can thrive.” - Steve Satterwhite
2. “Here’s a stupid analogy, but I like to use it because it's how I think about the business. It's really just to simplify it. Let's say that you're a new airline, or you have a new airline route that you want to go from Houston to Paris, and you're short of pilots to fly the big Dreamliner or the big Airbus from here to there. It's a different operation. So what we do is we go look for people that have been flying 737s most of their career. They're deeply passionate about flying, and they're really good at it, and all we need to do is just kind of upskill them in a short period of time just to fly a different airplane. It's still piloting, it’s still flying. That's what we do. So if you think about just the evolution of technology and the things that we're doing, all we're doing, constantly, at Entelligence is just upskilling people in the shortest possible time.” - Steve Satterwhite
Mentioned in this episode:
ISF Analyst Insight Podcast
Read the transcript of this episode
Subscribe to the ISF Podcast wherever you listen to podcasts
Connect with us on LinkedIn and Twitter
From the Information Security Forum, the leading authority on cyber, information security, and risk management. -
Today, Steve sits down with Dr. Andrew Newell, Chief Scientific Officer at the British biometrics firm iProov, for a conversation about deep fakes. As technology improves, it’s becoming ever more difficult to determine what’s real and what’s fake. Steve and Andrew discuss what this will mean going forward for security, social media platforms, and everyday technology users.
Key Takeaways:
1. Technology is the key to mitigating the threat of deep fakes, which are synthetic images or videos created to deceive.
2. Deep fakes are becoming increasingly sophisticated, making them hard to spot.
3. Newell breaks down the problem into two parts: secure identity verification and detecting synthetic images.
4. Incentives for verifying imagery will radically shift as deep fakes become more prevalent.
Tune in to hear more about:
1. Deep fake technology and its potential impact on identity verification processes (5:57)
2. Preventing deep fake images and videos using technology and algorithmic systems (9:57)
3. Deep fakes and their potential uses, including filmmaking and education (13:11)
4. Deep fakes and their impact on society, with a focus on technology’s role in verifying authenticity (18:43)
Standout Quotes:
1. “I think the urgency here — and this is the absolutely key part — is that we need to get the technology in place to make sure that the processes that rely on the genuineness of the person in imagery, that we can have something in place that we know works, that we know that we can trust, and is something that is very easy to use.” - Andrew Newell
2. “I think on the protection of identity proofing systems against the threat from deep fakes, we have a technology solution now. And the urgency is to make sure that this technology is used wherever that we need to actually guard against that threat.” - Andrew Newell
3. “And one of the most important things, if not the most important thing, is: when we think about a way to mitigate these threats, it has to be something that works for everybody. We cannot end up with a system that only works for certain groups in a society.” - Andrew Newell
Mentioned in this episode:Dear InfosecRead the transcript of this episode
Subscribe to the ISF Podcast wherever you listen to podcasts
Connect with us on LinkedIn and Twitter
From the Information Security Forum, the leading authority on cyber, information security, and risk management. -
Пропущенные эпизоды?
-
Today we bring you the second conversation with ISF CEO Steve Durbin around the increasing impact of technology on society and business. Societies have always been divided, but how future divisions may manifest feels more uncertain than ever right now. In this episode, Steve and producer Tavia Gilbert offer an analysis of potential future scenarios, as well as practical tips for what organisations can do now to prepare.
Key Takeaways:
1. The future will be defined by technology and social media, leading to a shift away from traditional divisions and towards a more complex world where data and information are highly instantaneous and influential.
2. Leadership will need strong empathy, consolidation skills, and the ability to challenge/be challenged.
3. Leaders should assume imperfection and constantly update their situational awareness to make informed decisions. They also ought to prioritize simplicity and clear communication to build trust and drive success.
Tune in to hear more about:
1. Leadership and organisation in a rapidly changing world (4:44)
2. The role of businesses in society, including their potential to fill the void left by declining trust in traditional leadership models (9:58)
3. Information security and the importance of skepticism in the digital age (14:33)
4. Technology’s impact on information sharing and nationalism (18:33)
5. Trust and verification in social media and supply chains (22:35)
6. Leadership, adapting to change, and the importance of soft skills in a rapidly changing world (28:23)
Standout Quotes:
1. “Businesses have a new responsibility in the modern era … provide guidelines and stability in a time of deep division.” - Steve Durbin
2. “The one thing that is going to be so important that will differentiate the winners from the losers in the organisational stakes is: those organisations that are able to consolidate this overall sense of corporate purpose with purpose of the individual, whatever that looks like. And if we can do that, then I think that we'll create something that's particularly special and magic.” - Steve Durbin
Mentioned in this episode:Dear InfosecRead the transcript of this episode
Subscribe to the ISF Podcast wherever you listen to podcasts
Connect with us on LinkedIn and Twitter
From the Information Security Forum, the leading authority on cyber, information security, and risk management. -
Today’s episode is the first of three conversations with ISF CEO Steve Durbin around the coming impact of technological development on society and business. We know that new technologies have always tested organisations, and technological innovation and integration into our lives and enterprises — it’s only accelerating. We offer an analysis of potential future scenarios, as well as practical tips for what organisations can do now to prepare.
Key Takeaways:
1. Organisations must prioritise supporting smaller entities in keeping up with the fast pace of technological change.
2. Security can deliver competitive advantage, but implementation challenges persist, and security risks can become low priority in a fast-paced tech landscape.
3. Organisations face pressure to modernise technology while managing legacy systems and regulatory demands.
4. CEOs must balance competing priorities, including ESG initiatives, employee expectations, and shareholder demands.
5. Political developments may force organisations to respect local restrictions on technologies.
6. Organisations are advised to protect crown jewels, ensure data protection, and monitor supply chain partners.
7. Organisations must prepare for quantum-proof encryption and socialise policies for AI use.
Tune in to hear more about:
1. The impact of technological innovation on business and society, with a focus on adoption challenges and timing (0:00)
2. Security risks in technology innovation and adoption (1:29)
3. The impact of quantum computing on cybersecurity and the need for organizations to prioritize legacy technology updates (6:59)
4. Volatility, uncertainty, and technological change in the security industry (12:45)
5. How technology innovations can disrupt and improve organizations (18:22)
6. Managing innovation in a rapidly challenging digital landscape (20:40)
7. Limitations of accessing powerful technologies due to restrictions, threats, and security concerns (26:12)
8. Emerging threats and risks in technology, including quantum computing, AI, and legacy systems (32:18)
Standout Quotes:
1. “Organisations could certainly find themselves cut off from the supercharged processing power, because it may be developed by a government for its own ends and restricted, expensive, all of those sorts of things, so that it effectively becomes unavailable. And I think organisations, despite all of that, are going to have to operate in the shadow of this massive computing power shift when it comes about as the pace of change accelerates, innovations proliferate, traditional life cycles of technology shorten.” - Steve Durbin
2. “If we're going to have smaller organisations within our overall ecosystem, we need to be just sparing a bit of a thought for how they might be keeping up with such a fast pace of change and how we're going to support them in continuing to meet some of the standards and bars that were setting, so that everybody benefits, frankly.” - Steve Durbin
3. “So the world is also reshaping, as we're introducing AI into what we're doing. And so again, I think that the challenge from the business perspective, from the security perspective, from the technology perspective, is really about: how do you focus on what is important for your organisation, for your people, for your customers, in a world that is constantly now changing? And the speed of that change is only going to get faster. And we haven't seen that before.” - Steve Durbin
4. “So you're in a much better position, if you can control your innovations irrespective of what's going on. But you're never going to be able, I think, to divorce yourself completely from the market, because you operate in the market. And so the speed at which the market is evolving is going to, I think, determine — to a certain extent, anyway — your success in managing your own innovation, so you may need to be innovating more quickly than you're comfortable, just in order to try to keep up.” - Steve Durbin
Mentioned in this episode:
ISF Analyst Insight PodcastISF Podcast: Data Dilemmas: Outsmarting the perils of AI
Read the transcript of this episode
Subscribe to the ISF Podcast wherever you listen to podcasts
Connect with us on LinkedIn and Twitter
From the Information Security Forum, the leading authority on cyber, information security, and risk management. -
Today, BBC journalist Nick Witchell interviews Steve about the threat landscape in light of a number of damaging hacks that have recently been made public. They consider the challenges regulators face given the current geopolitical situation and discuss how organisations can create a thorough cyber defense and response plan.
Key Takeaways:
1. Organisations cannot abdicate responsibility for data security, even when outsourcing to third parties. They need strong incident response plans and ongoing assessment of third-party security capabilities.
2. In terms of any country’s political agenda on cybersecurity, AI regulation is often overshadowed by other issues.
3. Few parliamentarians and ministers come from a security background, which is one reason why it’s critical to provide guidance and insight to them.
4. A more thoughtful and funded approach to security would benefit society, considering the potential impact on people’s lives and the need for effective incident response.
Tune in to hear more about:
1. Accountability and responsibility in cybersecurity (1:59)
2. Role of cybersecurity centers and national institutions (5:13)
3. Government and political involvement in cybersecurity (8:29)
4. Public awareness and the ISF’s role (12:21)
5. Risk management and security investment (16:32)
6. Concerns about technology implementation (20:14)
Standout Quotes:
1. “We (at the ISF) don't want to be one of those organisations that's constantly barracking people and complaining. We want to be holding true to some of our founding principles, which is about providing best advice, providing some of the best tools, providing some of the best insights that we gather from our own team and also from our member community. But we do need to make more noise about that, because people desperately need to understand some of the implications, and indeed, very much more importantly, what they can actually practically do about it.” - Steve Durbin
2. “There is no one size fits all. That's the other thing about this. You have to have it in line with your business direction, your size, your maturity, all of those sorts of things. Very often people ask me for blueprints or, what does good look like? And my answer is always the same: it varies depending on your stage of maturity and your willingness to spend, and how important your data is to you.” - Steve Durbin
Mentioned in this episode:
ISF Analyst Insight Podcast
Read the transcript of this episode
Subscribe to the ISF Podcast wherever you listen to podcasts
Connect with us on LinkedIn and Twitter
From the Information Security Forum, the leading authority on cyber, information security, and risk management. -
Today’s conversation is a fascinating discussion on the nature of data with Jannis Kallinikos, professor of Information Systems at the London School of Economics. Jannis co-wrote the recently published book Data Rules: Reinventing the Market Economy, in which he and co-author Cristina Alaimo posit that data are a fluid cultural record, rather than a static statistical entity. He and Steve discuss the implications of this understanding of data for the security industry, from how it could change regulatory approaches to how we understand ourselves as humans in relation to data.
Key Takeaways:
1. Kallinikos argues that data are not just statistical entities, but cultural entities that convey aspects of our world and reality.
2. Data are cultural records, not just statistical entities, and are fundamental to economic and social transformation.
2. Durbin and Kallinikos discuss concerns about data-driven perspectives reinforcing narrow worldviews.
3. Data regulation needs to reflect data’s interactive and morphing nature and serves to protect society from greedy companies.
4. Kallinikos warns that politics has become instinct-based, with little time for reflection.
Tune in to hear more about:
1. Data’s role in society, economy, and transformation (0:00)
2. Data’s impact on society, culture, and individual perspectives, with a focus on regulation and balance (7:10)
3. Data as a living entity, challenges for security professionals, and need for education (18:01)
4. Data’s impact on society and politics, with a focus on education and government’s role in protecting data (23:15)
Standout Quotes:
1. “Data are cultural elements and not statistical entities. It makes a whole lot of difference. By cultural entities, we mean that they are records by which we represent our world. and we act upon the world. We use them to produce, we use them to interact, we use them to communicate. In this respect, data are cultural records, once again, and not statistical entities or entities like those ones that contemporary data science debates.“ - Jannis Kallinikos
2. “Think how many things we can do that were out of reach before these beasts and these technologies and the data we produce in the facilities that they prepare for us, how many things we can do that were not virtually possible before. So there is a positive side to it. But as you English say, there is no free lunch in life. And this applies here. We win a lot. But there are also important things that we lose.“ - Jannis Kallinikos
3. “But these are difficult discussions to have in politics. Because they require a little bit of reflection, a step back, a little bit of time. Politics, for good or bad, has become very instinct based over the last three or four decades. Instinct based, more to react, target, and produce reactions of a particular type that are mostly emotional or instinctual.“ - Jannis Kallinikos
Mentioned in this episode:Times Higher Education: We need a social science of data by Cristina Alaimo and Jannis KallinikosISF Analyst Insight Podcast
Read the transcript of this episode
Subscribe to the ISF Podcast wherever you listen to podcasts
Connect with us on LinkedIn and Twitter
From the Information Security Forum, the leading authority on cyber, information security, and risk management. -
For our special Summer Listening series, we revisit some favorite listens: episodes that cover some of the most important, and current, issues in cyber.
In today’s episode, Steve speaks with actress, voice coach, leadership consultant, and expert in core energetics, or body-led psychotherapy, Kate Montague. Kate discusses the effectiveness in taking time to reset, what happens when you stay connected to your body and your breath, how to take the temperature of the room when the rooms are remote, and more.
Learn more about Kate Montague.
Mentioned in this episode:Royal Central School of Speech and DramaRead the transcript of this episodeSubscribe to the ISF Podcast wherever you listen to podcastsConnect with us on LinkedIn and TwitterFrom the Information Security Forum, the leading authority on cyber, information security, and risk management -
For our special Summer Listening series, we revisit some favorite listens: episodes that cover some of the most important, and current, issues in cyber.
Today, ISF CEO Steve Durbin is in conversation with Dr. Brian Cox, professor of Particle Physics at the University of Manchester. Dr. Cox worked on the ATLAS experiment at the Large Hadron Collider at CERN in Switzerland and has co-written several books on physics, including Why does E=mc2? and The Quantum Universe. He’s also known for appearances in many science programmes for BBC radio and television, including In Einstein's Shadow and the BBC Horizon series. Dr. Cox and Steve discuss how to translate a complex message to a lay audience, the need for intellectual honesty, and the value of play even in serious endeavors.
Read the transcript of this episode
Subscribe to the ISF Podcast wherever you listen to podcasts
Connect with us on LinkedIn and Twitter
From the Information Security Forum, the leading authority on cyber, information security, and risk management -
For our special Summer Listening series, we revisit some favorite listens: episodes that cover some of the most important, and current, issues in cyber.
In this episode, ISF CEO Steve Durbin speaks with computer programmer, philanthropist, and co-founder of Apple, Steve Wozniak. Woz reminisces about the past and looks into the future of Big Tech, and considers what both could mean for the future of security.
Read the transcript of this episode
Subscribe to the ISF Podcast wherever you listen to podcasts
Connect with us on LinkedIn and Twitter
From the Information Security Forum, the leading authority on cyber, information security, and risk management -
For our special Summer Listening series, we revisit some favorite listens: episodes that cover some of the most important, and current, issues in cyber.
In this episode, Steve speaks with a guest whose focus includes human culture, behavior, and storytelling: singer/songwriter and activist Sir Bob Geldof, lead singer of the Boomtown Rats and founding member of Band Aid, famous for raising money for Ethiopian famine relief. Steve and Sir Bob discuss the effect of the Covid19 pandemic on creativity, the political turmoil facilitated by rapidly advancing digital technology, Sir Bob’s hope for fresh ideas, the courage to embrace change, and more.
Learn more about Sir Bob Geldof and the Boomtown Rats.
Mentioned in this episode:Pete BriquetteSimon CroweGarry RobertsVladimir PutinXi JinpingRecep Tayyip ErdoganBoris JohnsonDonald TrumpCharles DarwinSigmund FreudKarl MarxLive AidLive 8QAnonThomas PikettyShoshana ZuboffMarshall McLuhanNovacene: The Coming Age of Hyperintelligence by James LovelockRichard BransonBill GatesSteve JobsMark ZuckerbergJack MaLarry PageSergey BrinWinston ChurchillAlan BrookeGeorge Bernard ShawTim Berners-LeeJohannes GutenbergColin WilsonThe Rolling StonesMick JaggerKeith RichardsBillie HolidayJohn LennonPaul McCartneyPaul AllenSteve WozniakGaia Theory
Read the transcript of this episodeSubscribe to the ISF Podcast wherever you listen to podcastsConnect with us on LinkedInFrom the Information Security Forum, the leading authority on cyber, information security, and risk management. -
For our special Summer Listening series, we revisit some favorite listens: episodes that cover some of the most important, and current, issues in cyber.
In this evergreen episode, Steve and Tavia discuss the constantly changing world of risk, what security can do to prepare for and mitigate risk, the role of the business leader, and the impact of risk management on strategy and business direction.
Mentioned in this episode:ISF Analyst Insight PodcastRead the transcript of this episode
Subscribe to the ISF Podcast wherever you listen to podcasts
Connect with us on LinkedIn and Twitter
From the Information Security Forum, the leading authority on cyber, information security, and risk management -
Steve recently sat for an interview with veteran journalist Julie MacDonald for a feature with The European. Last week, we listened to the first part of that conversation, and today, we’re hearing the second. Julie and Steve talk about scenario planning, transparency within industries, and what good leadership looks like in this complex moment in history.
Key Takeaways:
1. Durbin emphasizes AI’s dependence on data integrity and the importance of starting with good data.
2. Durbin discusses the challenges of geopolitical threats and market flux, and how organizations must prepare for an uncertain future.
3. Durbin notes increased use of ISF’s supplier assessment tools to mitigate risks due to geopolitical tensions and COVID-19.
Tune in to hear more about:
1. Cyber security, AI, and data integrity (0:00)
2. Cyber security threats, vulnerabilities, and supply chain risks (3:40)
3. Risk management, leadership priorities, and the importance of collaboration (9:28)
Standout Quotes:
1. “Bear in mind that when it all comes crashing down, there isn't a piece of technology in the world that will get your systems back up and running. And so don't forget the role that people have to play. So look after the people, make sure that they understand the important role that they have, because I think all too often, we talk about them being the weakest link. Actually, they're the strongest link.“ - Steve Durbin
2. “You have to focus on the crown jewels. That's your starting point. Very often, people will say to me, well, how much should we be spending? And my answer to that is, it depends. It depends on your risk profile, depends how nervous you are, it depends if you're going to enter new markets, it depends if you're coming out of markets. So you have to, as the leader of an organization, I think, juggle all of those things. And you have to do it in a very sort of swanlike way.“ - Steve Durbin
3. “You will make mistakes. And the mistake itself isn't important. What is important is how you recover from that, and how you learn from it going forward. And how you share that with other people in your organization. And how you become very much more agile to take advantage of some of the opportunities that that might open up.“ - Steve Durbin
Mentioned in this episode:
ISF Analyst Insight Podcast
Read the transcript of this episode
Subscribe to the ISF Podcast wherever you listen to podcasts
Connect with us on LinkedIn and Twitter
From the Information Security Forum, the leading authority on cyber, information security, and risk management. -
Steve recently sat for an interview with veteran journalist Julie MacDonald for a feature with The European. For the next two weeks, we’ll be presenting that conversation in two parts. In the first part, Julie and Steve discuss the regulatory landscape, improving communication across the business, and how enterprises can successfully marry technology with the human element of work.
Key Takeaways:
1. Durbin emphasizes the importance of alignment in creating a culture that supports risk management and growth.
2. MacDonald emphasizes the need for transparency beyond organizational borders, including collaboration with competitors and regulators.
3. Large organizations have resources to keep up with supply chain risks, while midsize and small enterprises struggle.
4. Durbin stresses the need for basic security practices and security awareness training, providing feedback in real-time to help individuals remember what they should have done.
Tune in to hear more about:
1. Cybersecurity risks and how businesses can manage them effectively (0:00)
2. Cybersecurity transparency, regulation, and communication (5:13)
Standout Quotes:
1. “I think for security people, what they have to be better at is understanding the role that security plays in achieving the business objectives, the business strategy, because if they can do that, then suddenly they have the ear of the business. On the other side, from the business perspective, they need to understand the role that technology plays in achieving what they're trying to do. Because technology equals security equals risk.“ - Steve Durbin
2. “If you look at the way in which now, technology is all pervasive, we use different elements of technology to do our jobs. So we may be doing something on our own mobile phone, for instance, which we wouldn't have been doing before. So the importance of security awareness has actually increased significantly. “ - Steve Durbin
Mentioned in this episode:
ISF Analyst Insight Podcast
Read the transcript of this episode
Subscribe to the ISF Podcast wherever you listen to podcasts
Connect with us on LinkedIn and Twitter
From the Information Security Forum, the leading authority on cyber, information security, and risk management. -
Today, author and disability diversity expert Ruth Rathblott offers a fresh perspective on how we understand and approach diversity in the workplace. She and Steve discuss how DEI can benefit both your culture and your business, and they give practical tips for leaders looking to build a more inclusive environment.
Key Takeaways:
1. Leaders need to go first in being vulnerable and trustworthy.
2. Hiding is universal and exhausting, and people fear judgement and rejection for keeping secrets.
3. Unhiding can increase staff retention and engagement.
4. Leaders who adopt unhiding can be more innovative and creative, and better connect with millennials and Gen Z employees.
5. Unhiding is the key to connection, and it will make leaders stronger and drive business results in today’s pandemic of loneliness.
Tune in to hear more about:
1. Diversity, equity, and inclusion with a focus on disability inclusion (0:00)
2. Hiding and sharing personal aspects of one’s identity in the workplace, with a focus on disability and diversity (5:08)
3. Leadership vulnerability and creating a safe space for teams to thrive (10:26)
4. The benefits of “unhiding” in the workplace, leading to increased trust, retention, and innovation (14:41)
5. Uncovering hidden potential through self-awareness and connection (18:49)
Standout Quotes:
1. It's funny, I was talking to a woman recently. And she said, I love this concept of hiding, I love the work that you're doing, Ruth, and as a leader, I will never unhide to my team. And I said, okay, why? And she said, because I don't trust them. And it got me into the space of thinking, Steve, that either she has the wrong team, or she's the wrong leader. Because if we can't trust our teams, why are we in this business? Because that's our job is to build teams that trust us, that work with us, that get us to our next level in terms of a company. And so how do we create those spaces? And it's by leaders going first, and being vulnerable. - Ruth Rathblott
2. “There is a privilege in being able to unhide. I recognize that. In terms of being able, whether you're in the securities industry or in a different industry, because there are still in 2024 reasons that people would be fearful, and for good reason be fearful, of sharing parts of themselves, for retaliation, et cetera. I think where I've seen the benefit and the other side is the retention increases. People feel better about the place that they work, because they don't feel like they have to hide that part of themselves. They feel like this is a company who understands me, I'm going to stay longer. They feel more engaged with their peers, because they're not hiding.” - Ruth Rathblott
3. “I use the methods of therapy. I use the methods of journaling. I use the methods of meditation, to just take a pause in our lives to say, what is holding me back? Where am I hiding part of myself to fit in for fear of judgment and fear of rejection? Take that inventory or that audit on yourself. Acknowledge it.” - Ruth Rathblott
Mentioned in this episode:
ISF Analyst Insight Podcast
Read the transcript of this episode
Subscribe to the ISF Podcast wherever you listen to podcasts
Connect with us on LinkedIn and Twitter
From the Information Security Forum, the leading authority on cyber, information security, and risk management. -
Today is the second in a two-part conversation centered on cultural fluency with global leadership strategist and corporate coach Jane Hyun. Jane is the author of Leadership Toolkit for Asians: The Definitive Resource Guide for Breaking the Bamboo Ceiling and Breaking the Bamboo Ceiling: Career Strategies for Asians, and co-author of Flex: The New Playbook for Managing Across Differences. In this episode, Steve and Jane define cultural fluency and give more tips on fostering cohesion and innovation in global teams.
Key Takeaways:
1. To be effective in a global team with diverse languages and continents, leaders must recognize and attend to cultural differences.
2. Mergers and acquisitions can fail due to cultural differences.
3. In the security industry, retention is a significant issue, and creating a fun and thriving work environment can help address it.
Tune in to hear more about:
1. Cultural fluency and its importance in leadership, particularly when working with people from different backgrounds and cultures (0:00)
2. Cultural fluency in the workplace (6:17)
Standout Quotes:
1. “It's actually about building leadership capacity to work across difference. And it's not just for one cultural group or another; it’s actually for everyone. To build that cultural self awareness and to create an environment where we can ask questions, thoughtfully, that we give some room to each other.” - Jane Hyun
2. “If the leader can be attuned to those little things and show that kind of empathy that engages someone who feels, perhaps, kind of in the margins, or their voice is not always heard, I think that can make a tremendous difference in how they connect to your company, how loyal they are to you, and how much output you will get from their productivity as well.” - Jane Hyun
Mentioned in this episode:Flex: The New Playbook for Managing Across DifferencesBreaking the Bamboo Ceiling: Career Strategies for AsiansLeadership Toolkit for Asians: The Definitive Resource Guide for Breaking the Bamboo CeilingISF Analyst Insight Podcast
Read the transcript of this episode
Subscribe to the ISF Podcast wherever you listen to podcasts
Connect with us on LinkedIn and Twitter
From the Information Security Forum, the leading authority on cyber, information security, and risk management. -
Today is the first in a two-part conversation centered on cultural fluency with global leadership strategist and corporate coach Jane Hyun. Jane is the author of Leadership Toolkit for Asians: The Definitive Resource Guide for Breaking the Bamboo Ceiling and Breaking the Bamboo Ceiling: Career Strategies for Asians, and the co-author of Flex: The New Playbook for Managing Across Differences. In this episode, Steve and Jane discuss how leaders can get the best out of their workers in a remote work environment and discuss practical ways leaders can facilitate productive meetings with teams spread out all over the world.
Key Takeaways:
1. Leaders must cultivate self-awareness and recognition of areas for improvement in personal and professional growth.
2. Innovation can be driven by bringing different cultural norms and views together virtually.
3. Culturally adaptive facilitation can lead to more innovative ideas in remote settings.
Tune in to hear more about:
1. Navigating cultural differences in business leadership (0:00)
2. Self-awareness and cultural understanding in business leadership (3:18)
3. Remote work, cultural perspectives, and effective meeting strategies (6:51)
Standout Quotes:
1. “There's no way we can keep doing things the same way. Because if we do, we're gonna get nothing different, right? We’re not going to get the innovation that we want.” - Jane Hyun
2. “I just wanted to be accepted. I just wanted to be like everybody else. But then I realized, as I matured, there's nothing wrong with my cultural background, and really, I had to lean into who I was. The values that my parents and the things that I learned from my Korean community are really interesting and good and helpful, and could be a driver for innovation for the work that we do. And until I got to that point, I don't think my work was able to truly flourish in the way I could.” - Jane Hyun
Mentioned in this episode:
Flex: The New Playbook for Managing Across DifferencesBreaking the Bamboo Ceiling: Career Strategies for AsiansLeadership Toolkit for Asians: The Definitive Resource Guide for Breaking the Bamboo CeilingISF Analyst Insight Podcast
Read the transcript of this episode
Subscribe to the ISF Podcast wherever you listen to podcasts
Connect with us on LinkedIn and Twitter
From the Information Security Forum, the leading authority on cyber, information security, and risk management. -
In this episode, Steve speaks with Amanda Fennell, a security professional with over two decades in the industry who currently serves as CISO and CIO of Prove and adjunct professor of cybersecurity at Tulane University. She talks to Steve about why a CISO must be an educator at heart, how to embrace feedback in order to grow, and how young professionals can shape their careers in security as the role of the CISO evolves.
Key Takeaways:
1. Important foundational principles in security include least privilege, risk mitigation, and vulnerability management.
2. Amanda Fennell suggests that new CISOs befriend their legal officers, in order to better understand security and risk.
3. Handing change can be a key indicator of high performance in security, with those who thrive in change being more likely to be high performers.
Tune in to hear more about:
1. Teaching technical skills and emotional intelligence in a technical field (2:25)
2. Security leaders’ communication and education strategies (4:35)
3. Security fundamentals and vulnerability management (10:37)
4. Evolving role of CISOs, career progression, and coping with stress in security leadership positions (13:21)
5. Managing stress and mental health in leadership roles (18:57)
Standout Quotes:
1. “It was a long, long time ago. My boss sat me down for a performance review and said, you have a reputation for not taking feedback well, because you're really sure that you're right. And I took that to heart. And for a long time, I did have to fake that feedback coming to me, like, ‘Thank you for the feedback. I'll think about this. That’s so …’ You know, whatever, and just freeze your face into a smile. Now, I love it. I invite it.” -Amanda Fennel.
2. I think that probably, my other big advice for people who are first-time CISOs who are new in their role: become good friends with your legal officer.That’s going to be your best friend on the team. They understand, especially if they have compliance and audit — those people, and I say this as someone who worked at a legal tech company, software for five years — but your legal officers understand security and risk really well. And they're going to help you to interpret and translate things often. And that has been one of my biggest helps in my career. -Amanda Fennell
Mentioned in this episode:
ISF Analyst Insight Podcast
Read the transcript of this episode
Subscribe to the ISF Podcast wherever you listen to podcasts
Connect with us on LinkedIn and Twitter
From the Information Security Forum, the leading authority on cyber, information security, and risk management. -
Today, Steve is speaking with investigative tech journalist Geoff White, who has been covering tech and financial crime for more than 20 years. Listeners may be familiar with his popular podcast The Lazarus Heist for the BBC World Service, and now his new book, Rinsed: From Cartels to Crypto: How the Tech Industry Washes Money for the World's Deadliest Crooks, will be available from Penguin Random House next week. Steve and Geoff discuss current trends in organized cybercrime, how these criminals are—or maybe aren’t—adopting AI, and the difficulties law enforcement still faces in helping the victims of these crimes.
Key Takeaways:
1. Nation states and government agencies have been known to adopt tactics from organized crime gangs and activists – a sort of trickle-up effect.
2. As technological advancements are presenting criminals with new avenues for money laundering, law enforcement is not always able to keep up and instead is having to prioritize high level crimes.
3. The law enforcement landscape is a fast changing world, as agencies adapt and gain more awareness of cybercrime tactics relating to AI and cryptocurrencies.
Tune in to hear more about:
1. Cybercrime evolution, nation-state involvement, and tactics (3:31)
2. AI use in cybercrime, potential for innovation and defense (8:29)
3. Cybercrime and money laundering, with a focus on the role of technology and law enforcement (11:45)
4. Cybercrime, crypto, and organized crime evolution (15:59)
Standout Quotes:
1. “Sometimes the tools of organized cybercrime, gangs, nation states have also learned from hacktivists. From leaks from people like WikiLeaks or from Anonymous, they've learned the damage that a leak can do a leak of information can do. And that's fed into that disinformation piece nation states now extremely astute at getting in stealing information and then weaponizing that information to change elections, to change people's attitudes, to influence world events, the nation states have got both feet in to this cybercrime game.” -Geoff White
2. “I think maybe it's worth thinking like a criminal and understanding how thinking like a criminal is different to thinking like a different type of enterprise. The reason I enjoy thinking about organized crime and covering organized crime is because it's organized. These are networks, as you say, of professional, organized people. But they're not out to win customers. They're not like Microsoft and Google who wants to come out with innovation and innovative new products to win customers in their competition. No. They want to make money from victims. And frankly, as long as you're making enough money from your victims month in month out, you don't change. There's no reason to innovate. Crime gangs innovate when law enforcement and the force of authority stop them from making the money they usually make. That's when you innovate.” -Geoff White
3. “I think there was a time when, frankly, explaining Bitcoin to sort of rank and file police officers was a struggle. I think those days are gone … There's been this realization that things like cryptocurrency is something that law enforcement needs to be on top of.” -Geoff White
4. “As cryptocurrency gets larger, as more financial institutions get behind it, as governments get behind it, yes, it can make it more legitimate, it can expand the legitimacy of it. But it also creates more noise, if you like, for the criminals to hide.” -Geoff White
Mentioned in this episode:
ISF Analyst Insight Podcast
Read the transcript of this episode
Subscribe to the ISF Podcast wherever you listen to podcasts
Connect with us on LinkedIn and Twitter
From the Information Security Forum, the leading authority on cyber, information security, and risk management. -
Recently, British journalist Juliette Foster interviewed Steve for a feature in The European, and today we’re listening to that conversation. Steve and Juliette explore a range of topics, including how to get buy-in to your security strategy at all levels of the organization, how much security should cost, navigating the regulatory landscape, and which industries and enterprises Steve believes could be templates for security.
Key Takeaways:
1. Good cyber strategy aligns with business strategy, is quantifiable, and involves all employees.
2. Durbin suggests involving security in project planning to avoid retrofitting security measures.
3. Durbin suggests that security teams need to spend more time explaining security implications to business leaders in a way they can understand.
4. Durbin suggests that leaders must create a personal investment in security by providing feedback and justifying costs in a way that resonates with each individual’s role and responsibilities.
5. Durbin highlights the evolving regulatory landscape, with a shift from standardization to protectionism and complexity for organizations.
6. Durbin highlights the evolving threat landscape, including malware, ransomware, and phishing attacks.
Tune in to hear more about:
1. Aligning cybersecurity strategy with business goals and outcomes (1:36)
2. Cybersecurity strategies, testing, and budgeting (10:42)
3. Regulation complexity and its impact on businesses (18:00)
4. Cybersecurity investment, risk management, and emerging threats (22:44)
5. Evolving cyber threats and the importance of resilience (26:58)
Standout Quotes:
1. “What is important for organizations is not to become over fixated on the threats — that’s necessary, obviously, to have a good defense — but also to figure out this whole notion of resilience. How quickly could we get our systems back up and running? How quickly could we get our organization functioning again? How are we going to recover our data? Where are we storing it? Those sorts of things.” - Steve Durbin
2. “... the crux of good cyber strategy is having an alignment with a business strategy happening in alignment with what it is that the organization is looking to do on a daily basis, which in the majority of cases is: increase revenue, increase shareholder value, deliver back to employees, customers, and to further the ideals of the organization.” - Steve Durbin
3. “So the role of the security leader in any budget cycle is to try to align whatever spend she or he wishes to have with the future direction of travel of that organization. And if you can start to do that, then the whole conversation becomes very much easier. But I'm not a huge fan of setting fairly random percentages, because I think it sends entirely the wrong message. You run the risk of overspend or underspend. And what you actually want to be doing is spending appropriately to deliver the right level of protection for your critical assets, for your company, for your employees, for your shareholders, so that you can continue to provide a thriving environment.” - Steve Durbin
Mentioned in this episode:
ISF Analyst Insight Podcast
Read the transcript of this episode
Subscribe to the ISF Podcast wherever you listen to podcasts
Connect with us on LinkedIn and Twitter
From the Information Security Forum, the leading authority on cyber, information security, and risk management. -
Today, Steve is speaking about security leadership with executive coach and CEO and Founder of Serenity in Leadership Thom Dennis. Thom brings his expertise in psychology to bear in their discussion of the role of leaders in culture change, how to let go and trust your workforce, and practical tips for embracing the challenges leaders face day to day.
Key Takeaways:
1. Fast-paced change and unease about people being away from work for extended periods of time are impacting leadership development.
2. Trust and clarity are key to successful remote work, letting go of control and setting clear objectives.
3. Incorporating breaks into work schedules serves to avoid burnout and increase productivity.
4. Thom Dennis predicts a shift in leadership thinking, where society’s demands will be prioritized over corporate standards.
Tune in to hear more about:
1. Trust, fear, and delegation in leadership (3:56)
2. Creating space for focus, trust, and organizational leadership evolution (11:29)
3. Leadership evolution, prioritizing people over analysis, and fostering trust and community in organizations (17:22)
Standout Quotes:
1. Let people go. Tell them what you want them to achieve, tell them what the objectives are, and then let them get on with it. There's this sort of sense of fear that one isn't going to be in control. So I think people have got to learn to trust, and to be very clear about what it is that they're looking for. And then letting go. And I think often, you will get a far better result from that. Above anything else, I think, in forcing the briefer to be absolutely clear about what they want to achieve, that can save an awful lot of time and money in and of itself. -Thom Dennis
2. Some people who write and have incredibly busy jobs, they're up at five o'clock, or even four o'clock, and they’re writing for an hour, and then they go to the gym, and then they … and so on. Whatever your routine is. But if they're doing that, they're probably in bed at eight o'clock in the evening. So look, a part of this is self discipline, isn't it? It’s deciding on your routine, and then doing whatever it is that you can do to keep yourself to it. -Thom Dennis
3. I think we need to create quiet spaces for ourselves so that we can actually hear our inner knowing. They say that there's more signals that go from the heart to the brain than the other way around. And they've identified that there are brain type cells in the heart, and also in the gut. So all these things people have been talking about oh, well, I just go by my gut feelings, well, that's not as silly as it sounds. And I think that leaders of the future have got to become just a little bit less — not totally, but a little bit less cerebral, and more in touch with their inner knowing. — Thom Dennis
Mentioned in this episode:
ISF Analyst Insight Podcast
Read the transcript of this episode
Subscribe to the ISF Podcast wherever you listen to podcasts
Connect with us on LinkedIn and Twitter
From the Information Security Forum, the leading authority on cyber, information security, and risk management. - Показать больше
