The SecureWorld Sessions-logo

The SecureWorld Sessions

Technology Podcasts

Cybersecurity weekly podcast series featuring industry thought leaders discussing security solutions, best practices, threat intel, and more. Our primary topics within InfoSec include: Application Security; Artificial Intelligence; Blockchain; Career Development; Cloud Security; Encryption / DLP; Endpoint / Mobile / IoT Security; GRC; Incident Response / SIEM; Identity and Access Management; Network Security; Privacy; Ransomware / Malware; and Security Awareness.

Cybersecurity weekly podcast series featuring industry thought leaders discussing security solutions, best practices, threat intel, and more. Our primary topics within InfoSec include: Application Security; Artificial Intelligence; Blockchain; Career Development; Cloud Security; Encryption / DLP; Endpoint / Mobile / IoT Security; GRC; Incident Response / SIEM; Identity and Access Management; Network Security; Privacy; Ransomware / Malware; and Security Awareness.

Location:

United States

Description:

Cybersecurity weekly podcast series featuring industry thought leaders discussing security solutions, best practices, threat intel, and more. Our primary topics within InfoSec include: Application Security; Artificial Intelligence; Blockchain; Career Development; Cloud Security; Encryption / DLP; Endpoint / Mobile / IoT Security; GRC; Incident Response / SIEM; Identity and Access Management; Network Security; Privacy; Ransomware / Malware; and Security Awareness.

Twitter:

@SecureWorld

Language:

English


Episodes

Resilience in Cybersecurity

4/13/2021
In this episode, Mark Eggleston, Vice President and CISO/CPO of Health Partners Plans, speaks with security leaders about cyber resiliency, the return to the workplace, combatting nation-state cyber threats, pandemic lessons that can fuel digital innovation, and mental health in cybersecurity. Panelists include: • Anahi Santiago, CISO, ChristianaCare Health System • Joshua Cloud, Director of Information Security, NFI • Nick Falcone, CISO, University of Pennsylvania • Todd Bearman, VP &...

Duration:00:51:16

Social Engineering: Hacking Humans

4/6/2021
In this episode, social engineering professor, entrepreneur, and author Christopher Hadnagy shares social engineering case studies and explains how these attacks are evolving and how you can protect yourself and your end-users. Hadnagy draws from decades of human behavioral research and his time as "Chief Human Hacker" at Social-Engineer, LLC. Resource Links: • Christopher Hadnagy's author page: https://www.amazon.com/Christopher-Hadnagy/e/B004D1T9F4 • Trend Micro on the evolution of...

Duration:00:48:25

Battle Tested BCP: What Security Learned

3/30/2021
In this episode, we are discussing lessons learned from a CISO who led the way on her organization's business continuity plan (BCP) and pandemic plan. Milinda Rambel Stone is VP and CISO at Provation Medical. She shares a first-hand account of the planning, implementation, and takeaways from her company's BCP. And buckle up: security teams face more changes ahead as we emerge from the pandemic. Resource Links: • Milinda Rambel Stone on LinkedIn: https://www.linkedin.com/in/milindastone/ •...

Duration:00:48:25

Best in Breed vs. All in One

3/16/2021
In this episode, we are discussing a hotly debated topic in cybersecurity: best in breed point solutions versus an all in one type of security platform. Which is the best approach for your organization? And how is this part of the security landscape changing? Our guest is Greg Young, Vice President of Cybersecurity and Corporate Development at Trend Micro, who has watched this information security debate play out within organizations for the last three decades. He also served integral roles...

Duration:00:48:25

Are We Doing It Wrong? Aligning Security and the Business

3/9/2021
We are talking about how to align information security with the business. And our guest, ISSA International President Candy Alexander, says we may be thinking about this strategy in the wrong way. She is not afraid to be controversial, and in this episode she shares what security and business alignment should look like. Candy is also Chief Information Security Officer at NeuEon. Resource Links: • Candy Alexander on LinkedIn: https://www.linkedin.com/in/candyalexander/ • Trend Micro's...

Duration:00:48:25

The Ransomware Attack Lifecycle

3/2/2021
In this episode, we start with a dramatization of a ransomware attack, which leads us to the ransomware lifecycle in real life. What is a ransomware attack incident response really like? How should you respond in the first hours? What does a 72-hour ransomware response look like? What should you do in the weeks and months following? Hear real-life examples and learn best practices from attorney Shawn Tuma, Co-Chair of the Data Privacy and Cybersecurity Practice at Spencer Fane. Also, don't...

Duration:00:48:25

Pentesters Arrested on the Job

2/23/2021
When an Iowa Sheriff arrested Coalfire pentesters Gary DeMercurio and Justin Wynn on the job, it sent shockwaves through the cybersecurity community. The two InfoSec professionals faced felony charges, jail time, and the possibility of a criminal record for doing what they were hired to do. And information security professionals faced a possible chilling effect around a common strategy for testing defenses. Now, Gary and Justin tell their story to the SecureWorld audience during a candid...

Duration:00:48:25

SolarWinds Data Breach Impact: Part 2

2/9/2021
We are asking questions about the SolarWinds data breach fallout. How did the SolarWinds breach impact everything related to legal and compliance? And how does it change the way you should look at Vendor Risk Management? We get answers from Glenn Kapetansky, CSO and Technology Capability Lead, at Trexin Group; and Rebecca Rakoski, Co-Founder and Managing Partner, at XPAN Law Partners, a cybersecurity law firm. Also, don't miss Trend Micro's Incident Response Playbook, available for free...

Duration:00:31:48

SolarWinds Data Breach Impact: Part 1

2/2/2021
"We were not prepared for a SolarWinds type of supply chain attack," says Cedric Leighton, CNN Analyst and U.S. Air Force Colonel (Ret.). In this podcast episode, Leighton examines how wide the impact of the SolarWinds cyberattack might be, possible collateral damage from the attack, and the most likely nation-state behind it all. Plus, Leighton explains the top nation-state cyber threats during 2021. Resource Links: • Cedric Leighton on LinkedIn:...

Duration:00:50:50

Project 2030: Cybersecurity, AI, and Technology Predictions

12/22/2020
Long-term predictions are risky, but Rik Ferguson likes to predict things a decade into the future. Rik is Vice President of Security Research at Trend Micro. Building off his Project 2020, Rik is now working on Project 2030. In our interview, we get a glimpse of the future of AI, the future of malware, the future of wearables, the future of ransomware, and more. Also, we discuss implications of the 2020 SolarWinds data breach. If predictions are your thing, do not miss this...

Duration:00:37:14

Future of Cyber Law and Big Data Management

12/15/2020
What does the 2021 cyber law and privacy law landscape look like? Our first guest is attorney Jordan Fischer of Beckage Law. And how can you ensure total data discovery and then manage that big data with security and compliance in mind? Our second guest is Arun Gandhi, Vice President at 1touch.io, which specializes in this area. Also, we have new research from Trend Micro about 2021 cyber threat trends. Resource Links: • Jordan Fischer on LinkedIn:...

Duration:00:43:18

The Resilient and Secure Organization

12/1/2020
What does a resilient and secure organization look like? What are key strategies and technologies these organizations should have? How does a resilient organization empower its employees? In this episode, we glean insights from Adam Leisring, Chief Information Security Officer at Paycor. Also, we have new research from Trend Micro. The latest report is called "Inside the Bulletproof Hosting Business: Cybercriminal Methods and OpSec," and it's a fascinating read. See the link below to...

Duration:00:39:46

Modern Cybersecurity Leadership

11/17/2020
In this episode, we are learning about modern cybersecurity leadership. We hear from Yaron Levi, CISO of Blue Cross and Blue Shield of Kansas City. Levi shares about what security professionals need to do now to lead. And he helps us consider the following questions: Why is information security mainly reactive instead of proactive? Why do most organizations view security as a technology problem instead of a business risk problem? How come so many organizations lack a clear security...

Duration:00:33:40

The Future of Cloud Security

11/10/2020
In this episode, we talk to Mark Nunnikhoven, Vice President of Cloud Research at Trend Micro. 2020 was the cloud's biggest year, and we're talking about securing the cloud into the future. How do we make cloud security usable? How do we make cloud security stable? What does building in this environment look like right now, and what is the state of DevSecOps? What can we do about misconfigurations in the cloud? What are cloud security opportunities and challenges? And are cloud platform...

Duration:00:31:23

Oil and Natural Gas Cyber Threats

10/27/2020
In this episode, we talk to cybersecurity leaders in the oil and natural gas industry. Experts from the ONG-ISAC (Oil and Natural Gas Information Sharing and Analysis Center) answer the following questions: • What does the cyber threat landscape look like for the petroleum industry, and what are the potential impacts? • What are barriers to sharing threat intelligence and benefits of doing so? • How do you see cyber threats evolving in 2021 and beyond for the energy sector? Also, details...

Duration:00:29:02

The CMMC Explained

10/20/2020
In this episode, we talk to James Goepel about the Cybersecurity Maturity Model Certification (CMMC). He discusses this important new certification for supply chain security within the U.S. Department of Defense (DoD) system, addressing the following: • Why was the CMMC created? • Who needs the CMMC? • How will the CMMC work? • Will the CMMC spread beyond the DoD? James is a former member of the Board of Directors for the CMMC Accreditation Body, and is now CEO of Fathom Cyber. Also,...

Duration:00:42:55

New National Cyber Power Index

10/13/2020
In this episode, we talk to Julia Voo, one of the authors of the newly published National Cyber Power Index 2020. Which country is the most powerful in cyberspace? The NCPI takes a "whole of country" approach to measuring cyber power, ranking 30 countries in the context of seven national objectives. Voo is a Cyber Fellow at the Belfer Center for Science and International Affairs at the Harvard Kennedy School. She was the closing keynote at the SecureWorld Detroit-Toronto-Cincinnati virtual...

Duration:00:39:21

Culture in Information Security

10/6/2020
In this episode, we hear from Don McKeown, Information Security Manager at Wolters Kluwer Health. He talks about the various levels of culture within an organization, and the culture of security. Plus, approaches to security: blocking and tackling programs, compliance-based information security programs, and risk-based InfoSec programs. McKeown spoke at the 2020 SecureWorld Boston virtual conference, and this is a part of his presentation. Resource Links: • Don McKeown on LinkedIn:...

Duration:00:25:41

Ransomware and Digital Extortion: Should You Pay?

9/22/2020
In this episode, we hear from Dan Pepper, Partner on BakerHostetler's Privacy and Data Protection team. He frequently handles security incidents, interacting with federal and state agencies and forensic service providers, and has overseen investigations including many cases of ransomware. How are attackers launching their ransomware attacks? Should you pay the ransom or not? Is it legal to pay a hacker's ransom demand? He answers these questions and more. Pepper spoke at the virtual...

Duration:00:28:04

Youth and Cybercrime

9/15/2020
In this episode, we are partnering with the non-profit Cybercrime Support Network (CSN) to raise awareness as part of their Youth and Cybercrime Week. We interview Cam, who was arrested for cyberattacks when he was 14 years old and now works as a cybersecurity professional. How did he get into cybercrime and then into a role defending against it? What advice does he have for young people? Also, we speak with Kristin Judge, CEO of Cybercrime Support Network, about how we can help direct...

Duration:00:45:03