Student-led cybersecurity clinics are increasingly playing an essential role in strengthening the digital defenses of nonprofits, hospitals, municipalities, small businesses, and other under-resourced organizations in our communities while also developing a talent pipeline for cyber-civil defense. Sarah Powazek, Program Director - Public Interest Cybersecurity at the University of California, Berkeley Center for Long Term Cybersecurity (CLTC), sheds light on this important development. One of the highlights of the discussion was the recognition that the cybersecurity field is such a melting po ..read more

Hello, everyone, I'm delighted to welcome you to this episode of the Cybersecurity Readiness Podcast Series! Developing and maintaining resilient and secure data centers is a huge part of cybersecurity readiness. I am honored to have Spiros Liolis, Chief Technologist and Managing Consultant, EYP Mission Critical Facilities, Part of Ramboll, to discuss the challenges and best practices of creating and maintaining state-of-the-art data centers. Spiros, welcome! Time Stamps  00:02 -- Introduction 00:49 -- Setting the Stage and Context for the Discussion 01:54 -- Guest's Professional Highlights ..read more

Application Programming Interfaces (APIs) play a vital role in modern software development, enabling the integration of services and facilitating the exchange of information. The ubiquity of APIs is a testament to their success in supporting many functions. However, their prominence has also made APIs a target for cyberattacks. Jeremy Snyder, Founder & CEO of Firetail.io, joins me in discussing how to secure APIs effectively. Our discussion revolves around the following questions: What do we need APIs for? Why do we need API security? What are the consequences of lax API security? What are ..read more

Attackers have started increasingly targeting victims' backups to prevent organizations from restoring their data. Veeam's "2023 Ransomware Trends Report" found more than 93% of ransomware attacks specifically targeted backup data. My discussion with Gabe Gambill, VP of Product and Technical Operations at Quorum, revolves around the following questions: • What vulnerabilities of data backups do ransomware hackers exploit? • What are the common mistakes and barriers when recovering against a ransomware attack? • How to successfully recover from a ransomware attack? Time Stamps  00:02 -- Intr ..read more

While tabletop exercises (TTX) are considered a proven tool for finding gaps in an organization’s security posture, they can be painstakingly challenging to plan and implement effectively. In a time where information security teams are understaffed and overworked, are TTX still worth the time and resources? Or are there other ways of ensuring incident response readiness? Navroop Mitter, the CEO of ArmorText, a mobile security and privacy startup, sheds light on the various aspects of tabletop exercises and their effectiveness as a preparedness tool. Time Stamps  00:02 -- Introduction 00:49 ..read more

As artificial intelligence (AI) technologies continue to evolve and be leveraged, organizations need to make a concerted effort to safeguard their AI models and related data from different types of cyber-attacks and threats. Chris Sestito (Tito), Co-Founder and CEO of Hidden Layer, shares his thoughts and insights on the vulnerabilities of AI technologies and how best to secure AI applications. Time Stamps  00:02 -- Introduction 01:48 -- Guest's Professional Highlights 03:55 -- AI is both a cure and a disease 04:49 -- Vulnerabilities of AI 07:01 -- Hallucination Abuse 10:27 -- Recommendation ..read more

The latest disaster recovery statistics reveal that modern businesses still face costly interruptions due to a variety of threats, ranging from ransomware attacks to sudden hardware failures. The monetary costs of disasters and outages can be significant. According to results from Uptime Institute's "Annual Outage Analysis 2023" survey, 25% of respondents reported that their latest outage incurred more than $1 million in direct and indirect costs. In addition, 45% reported that the cost of their most recent outage ranged between $100,000 and $1 million. Another research rep ..read more

"Cybersecurity is patient safety and patient safety is cybersecurity," is how Stoddard Manikin, Chief Information Security Officer, Children's Healthcare of Atlanta, described the significance of cybersecurity readiness in the healthcare sector. Speaking with exceptional clarity and eloquence, Stoddard traced the evolution of the cybersecurity threat landscape and governance approaches, before discussing in detail what it takes to succeed as a modern CISO. Time Stamps 01:35 How would you describe the evolution of the cybersecurity phenomenon and what has stayed with you by way of lessons learn ..read more

From the standpoint of cybersecurity governance, how does an organization stay on the right side of the law? Rois Ni Thuama, Ph.D. (Doctor of Law), Head of Cyber Governance, Red Sift, spoke with great clarity and eloquence in explaining what it means to practice good and sensible cyber governance. She emphasized the importance of looking to expert sources and established security frameworks for guidance, addressing foreseeable and avoidable threats, and making cybersecurity investments that would be deemed (by the courts) proportionate and affordable. Highlighting the importance of strong gove ..read more

"If you can plan for the zombie apocalypse, you can probably face just about anything," said Tim Callahan, Senior Vice President, and Global Chief Information Security Officer, Aflac during a talk in my Master's level class on cybersecurity readiness at Duke University. In this podcast, Tim describes the key elements of an effective crisis management framework and shares several best practices. Some of the highlights of a robust business resiliency and recovery posture include -- a) well thought-out and rehearsed plan that takes into consideration different scenarios; b) world-class forensics ..read more