Phishy Business

In this episode of Phishy Business, we talk about the improper mindset of not thinking about security until after you have been breached, and some of the major problems this can cause. We do this through the lens of SIEM, ethical hacking, and a focus on the need for leadership in teaching organizations how to be secure. We also discuss how some IT leaders try to keep the results of pen testing quiet. Our special guest is Dez Rock, CEO of SIEMonster. After dropping out of law school, Dez became an entrepreneur and has run businesses for the last 20 years. Dez has spent a good deal of time in ethical hacking, building great experiences and great stories over the years with both physical and virtual security. She also has plenty of great insights about being a female CEO with ADHD in the cybersecurity industry. In ‘Exposing Shortcomings in Cybersecurity Leadership and why we need more Dana Scullys’, we discuss:

In this episode of Phishy Business, we talk about various important discussions around AI, including the concerning issue of built-in bias and stereotypes. Imagine AI thinking that all doctors must be male, and all nurses must be female? Well, according to ChatGPT, they are. Our special guest is Ivana Bartoletti, Global Privacy Officer at Wipro. Ivana has a human rights background and is an internationally recognized thought leader in privacy, data protection, and responsible technology. She’s a fellow at Virginia Tech, a published author, and the founder of the Women Leading in AI Network. Ivana says that she works at the intersection of technology and law and focuses on privacy advocacy. Ivana concentrates her efforts on the collection of data and how that data is used in technology such as AI. In ‘Built-In Bias: Existing Real-World Inequality in AI and Other Technology’, we discuss:

In this episode of Phishy Business, we talk about how today's cybersecurity strategy needs to focus on risk while still allowing smooth operation of the business. We also discuss how cybersecurity must involve the board so that business goals and cyber strategy align. Our special guest is Theo Botha, Global Information Security Officer at Dr. Martens. Theo is responsible for protecting the Dr. Martens brand, one of the most iconic in the world. Theo began his career in physical security which evolved into a more technology-based approach. That led Theo to information security, and then, to cybersecurity and risk management. Today, Theo ensures Dr. Martens’ cybersecurity strategy protects the business while not hindering its ability to operate successfully. In ‘Protecting Shoes: Balancing Cybersecurity Strategy and Business Success at Dr Martens’, we discuss:

In this episode of Phishy Business, we feature a roundtable discussion with three members from the Center for Internet Security. Mimecast CMO Norman Guadagno hosts this wide-ranging discussion that covers many topics including cybersecurity trends in the public sector and why information sharing is essential to keeping our connected world safe. Our special guests are Sean Atkinson, CISO, Randy Rose, CIS Sr. Director of Security Operations and Intelligence & Karen Sorady, VP of MS-ISAC Member Engagement (and former NY State CISO). The trio shares the mission and background of CIS. Plus, their experiences and learnings from years working with the public sector. In ‘CIS Roundtable – Keeping the Public Sector Secure’ we discuss:

In this episode of Phishy Business, we talk about environmental, social, and governance, commonly known throughout the corporate world as ESG, and how cybersecurity fits into corporate sustainability. Our special guest is Garyn Rapson who is a partner and the head of ESG at African law firm Webber Wentzel. Garyn manages a team of nine lawyers that advise clients on how to be more sustainable organizations. While ESG is complicated and always evolving, Garyn helps clients break through the complexity to manage risks and threats, and uncover the opportunities to protect their organization and make them more resilient. Garyn says that ESG is an understanding as a business that there are certain external issues that must be taken seriously. In ‘What has ESG got to do with Cybersecurity?’, we discuss:

In this episode of Phishy Business, we talk about some of the cybersecurity trends and worries facing today’s global CIOs. Our special guest is Martin Wallgren who is the CIO of global logistics and shipping company, Gulf Agency Company, headquartered in Dubai. Martin says he is an entrepreneurial tech nerd with a business mindset who does business development with a touch of technology. He likes to emphasize the CIO’s business role even though he is passionate about both business and technology. Martin also discusses how impactful cybersecurity has become on the role of the CIO, and how much AI is changing the cybersecurity game. In ‘CIOs Should think like Entrepreneurs on Dragon’s Den’, we discuss:

In this episode of Phishy Business, we talk about the psychology behind crime, particularly cybercrime and white-collar crime. We delve into the reasons why most cybercriminals are roaming free and don’t get caught, yet deep down, really want to tell their story. Our special guest is Mark T. Hoffmann, a crime and intelligence analyst and business psychologist. Mark specializes in behavioral and cyber profiling and has conducted interviews with criminals, psychopaths, and hackers to understand their internal perspective. Mark is well-known for providing his expertise during international television and streaming appearances and numerous keynote speeches. Mark is sincerely interested in other people and wants to learn about them, which has led to a fascinating career. After obtaining his degree in business psychology, Mark quickly became interested in the dark side of business and crime which led to his role as a crime analyst, which naturally led him to an interest in cybercrime. In ‘Proud Hackers: Understanding Criminal Minds’, we discuss:

In this episode of Phishy Business, we bring you a special recording from the show floor at RSA Conference. Hosted by Mimecast’s CMO Norman Guadagno, this episode delves into cyber insurance and how managing risk has had to adapt to the modern digital economy. You’ll learn exactly what cyber insurance is, why it’s important and how insurers should be trusted partners to organizations looking to better protect themselves from cyberattacks. Our special guests are Tara Bodden, Head of Claims and General Counsel, and Thom Dekens, Chief Business Officer & GM at At-Bay Cyber Insurance. Tara works to ensure a seamless customer experience for At-Bay clients who have filed a claim. She also works to unlock data insights that can protect clients, and heads up At-Bay’s legal department which is charged with making sure At-Bay can deliver on its aspirations without doing harm. Thom heads up the cybersecurity side of At-Bay, ensuring the company and its clients are as secure as possible. Tara and Thom use their expertise to provide a look into the importance of cyber insurance in today’s high-risk security environment. They explain how every company is a technology company and how a cyber insurance company can educate organizations on how they can protect themselves. They also provide insight on how a cyber insurance company can help when something goes wrong. In ‘Keeping Threats ‘At-Bay’ – Normalizing Cyber Insurance as Part of Business’, we discuss: Ranking Email Security Solutions report

In part two of this special RSA episode Mimecast CMO, Norman Guadagno, interviews another four guests live from the conference show floor. We talk about how cybersecurity has changed over the years, bringing more diversity to the industry and how exactly one becomes a CISO. Our guests for part two: Julian Waits, SVP business development at Rapid7 (:54 – 11:44), Kayla Williams, CISO at Devo (12:02 – 23:22), Tyler Warren, deputy CISO at Prologis (23:39 – 33:52) and Josh Copeland, cybersecurity director at AT&T (34:16 – 43:14). In ‘RSAC Part 2: CISO trends + thinking differently about tradeshows’ we discuss:

In this episode of Phishy Business, Mimecast CMO and guest host Norman Guadagno, chats to four different people at this year’s RSA Conference in San Francisco. Our guests were interviewed in our very own podcast recording studio at the Mimecast booth. In part one of this two-part episode, we learn more about our guests' roles, their companies, and the cool things they're working on. We also discuss what was trending at this year’s show and how the conference has evolved over the years. Did we mention ChatGPT? That was brought up once or twice too! Our guests for part one: Adrian Sanabria, podcast host of Enterprise Security Weekly, (1:14 – 13:30) Pam Cyr, vice president of technical partnerships at Palo Alto Networks (14:00 – 25:23), Michael Smith, CISO at HKS, Inc. (25:41 – 38:35) and Michiel Prins, co-founder and head of professional services at HackerOne (39:17 – 51:27). In ‘ChatGPT buzz + much more from the RSAC show floor’ we discuss:

In this episode of Phishy Business, we discuss social engineering, the professional con game of burglary for hire, and different aspects of how this very specialized skill can impact organizations and individuals. Our special guest is Jenny Radcliffe, who was our very first interview on the podcast and made a return appearance in our episode on job hacking. Jenny is well known for being able to get in anywhere and past anyone. She has turned a schooling in the art of breaking and entering during her childhood, into a celebrated career as an expert in social engineering, where she exploits the flaws and weaknesses in top-grade security operations. Now, Jenny has returned for a third visit to tell us all about her new book, People Hacker. It’s a memoir about her unusual career as an ethical burglar and as you can imagine, it’s filled with fascinating stories. In ‘Using Criminal Skills for Good - a Memoir of a Burglar for Hire’, we discuss:

In this episode of Phishy Business, we discuss some important ways to think about and look at risk and how its more about making decisions than assessing threats. Our special guest is Stefan Gershater, Director of Risk at Burberry. Stefan is a risk management expert, a biochemist, and a navy veteran. Stefan says that as a risk expert, he tries to make sense of uncertainty, which means he thinks a lot about how everyday decisions impact people and organizations. Stefan feels that when defining “risk”, it should be disassociated from the word “threat”, and simply be about making better decisions to improve outcomes. In ‘It’s Time to Retire the Risk Management Profession’, we discuss: About Phishy Business Fed up with the same old cybersecurity stories? Come with us on a journey that explores the lesser-known side. Whether it’s social engineering, taking criminals to court or the journalists hunting down hackers — our new podcast series, Phishy Business, looks for new ways to think about cybersecurity. Mimecast’s very own Brian Pinnock and Alice Jeffery are joined by guests from a range of unique security specialisms. Each episode explores tales of risk, reward and just a dash of ridiculousness to learn how we can all improve in the fight to stay safe. For more tales of risk, reward and ridiculousness, subscribe to Phishy Business on iTunes, Spotify, Anchor or wherever you get your podcasts. www.mimecast.com

In this episode of Phishy Business, we discuss career coaching, looking at what it is, and how it can benefit all professionals, including those in the cybersecurity space. We delve into the differences between coaching and mentoring and discuss what to expect when working with a career coach. Our special guests are executive coach and mentor Fiona Anderson, and Dr. Kiri Addison, Senior Product Manager at Mimecast. Fiona is a change catalyst who works with professionals from all sectors with a particular focus on culture change. Fiona loves working with people to help them become the best versions of themselves. Kiri is a senior product manager and all-around cybersecurity expert who recently won a Most Inspiring Women in Cyber award and worked with Fiona on her own career development. In ‘Understanding More About Career Coaching’, we discuss: About Phishy Business Fed up with the same old cybersecurity stories? Come with us on a journey that explores the lesser-known side. Whether it’s social engineering, taking criminals to court or the journalists hunting down hackers — our new podcast series, Phishy Business, looks for new ways to think about cybersecurity. Mimecast’s very own Brian Pinnock and Alice Jeffery are joined by guests from a range of unique security specialisms. Each episode explores tales of risk, reward and just a dash of ridiculousness to learn how we can all improve in the fight to stay safe. For more tales of risk, reward and ridiculousness, subscribe to Phishy Business on iTunes, Spotify, Anchor or wherever you get your podcasts. www.mimecast.com

In this episode of Phishy Business, we discuss what can be a very scary side of AI – when bots start thinking for themselves. We delve into some examples of this actually happening, but also look at the good AI is providing humankind. Our special guest is Mo Gawdat, former chief business officer at Google X and bestselling author of the books Solve for Happy and Scary Smart. Mo describes himself as having two lives – a first life as a “maker” who coded, built robots, and developed technology, and a second life following a personal tragedy, as an author, podcaster, and “thinker” who analyzes things that tend to be overlooked by others. Mo spends much of his time championing the importance of happiness and acceptance of events we cannot change. Mo also has a lot to say about the similarity between developing AI and raising children. Mo believes that one day AI will become more intelligent than humans and that we need to prepare now to coexist with AI. In ‘Scary Smart AI? Or the Potential to Be a Force for Good?’, we discuss: Solve for Happy About Phishy Business Fed up with the same old cybersecurity stories? Come with us on a journey that explores the lesser-known side. Whether it’s social engineering, taking criminals to court or the journalists hunting down hackers — our new podcast series, Phishy Business, looks for new ways to think about cybersecurity. Mimecast’s very own Brian Pinnock and Alice Jeffery are joined by guests from a range of unique security specialisms. Each episode explores tales of risk, reward and just a dash of ridiculousness to learn how we can all improve in the fight to stay safe. For more tales of risk, reward and ridiculousness, subscribe to Phishy Business on iTunes, Spotify, Anchor or wherever you get your podcasts. www.mimecast.com

In this episode of Phishy Business, we discuss the idea of Work Inspired, a corporate culture where employees all love to work because it turns out that happy employees are very good for business. Our special guest is Aron Ain, award-winning, retired CEO of UKG, formerly known as Kronos. Aron now serves as Executive Chair of the UKG Board of Directors and is also the author of Work Inspired, a book that depicts an inspiring example of what’s possible in shaping corporate culture. Aron transformed his company’s culture at Kronos, building a billion-dollar business. Aron truly believes that great organizations are powered by great people and that great people build better products, services, and outcomes. He also believes the biggest challenge in building such an organization is creating an engaging environment where people feel wanted and valued. We also discuss how Aron’s leadership style and authenticity were key weapons when his organization fell victim to a cyberattack. In ‘Work Inspired – What’s Possible in Shaping Corporate Culture’, we discuss: · How employees are a powerful strategic weapon in any organization. About Phishy Business Fed up with the same old cybersecurity stories? Come with us on a journey that explores the lesser-known side. Whether it’s social engineering, taking criminals to court or the journalists hunting down hackers — our new podcast series, Phishy Business, looks for new ways to think about cybersecurity. Mimecast’s very own Brian Pinnock and Alice Jeffery are joined by guests from a range of unique security specialisms. Each episode explores tales of risk, reward and just a dash of ridiculousness to learn how we can all improve in the fight to stay safe. For more tales of risk, reward and ridiculousness, subscribe to Phishy Business on iTunes, Spotify, Anchor or wherever you get your podcasts. www.mimecast.com

In this episode of Phishy Business, we discuss the very definition of ransomware and how it can be an overused and underdefined concept. We also take a closer look at the world of threat research. Our special guest is former professional hacker Charl van der Walt, Head of Security Research at Orange CyberDefense, who now spends his time asking and answering the important questions around cybersecurity, specifically those that pertain to ransomware. Charl believes we need to move beyond the term ransomware and look more at the concept of cyber extortion because the days of one-off ransomware attacks have given way to a massive, highly profitable, well-organized cyber-crime industry. Charl is working to ensure cybersecurity professionals look at ransomware more in terms as being part of a series of crimes in which security is breached and then something of value is taken and held for ransom. This is because ransom attacks are moving beyond just denial of access to data and are more frequently including confidential data exposure and denial of service in some form. In ‘Cyber Extortion – The Next Evolution of Ransomware’, we discuss: About Phishy Business Fed up with the same old cybersecurity stories? Come with us on a journey that explores the lesser-known side. Whether it’s social engineering, taking criminals to court or the journalists hunting down hackers — our new podcast series, Phishy Business, looks for new ways to think about cybersecurity. Mimecast’s very own Brian Pinnock and Alice Jeffery are joined by guests from a range of unique security specialisms. Each episode explores tales of risk, reward and just a dash of ridiculousness to learn how we can all improve in the fight to stay safe. For more tales of risk, reward and ridiculousness, subscribe to Phishy Business on iTunes, Spotify, Anchor or wherever you get your podcasts. www.mimecast.com

In this episode of Phishy Business, we discuss how cybersecurity marketing, sales, and support are for the most part inadequate, and how there can be a big disconnect between how marketers market and how technology professionals buy. We talk more about how marketing should consider the customer experience and how marketing departments should not only market their products and services but should also be active listeners and understand what their buyers need and want. Our special guest is cybersecurity marketing expert and podcaster Dani Woolf, who spent the past decade running high impact marketing departments for technology startups. She has since started Audience 1st to help cybersecurity vendors understand what CIOs and CISOs really want from them. Dani helps cybersecurity marketers better understand their buyers so they can sell more. In ‘Marketing as Customer Experience – Be an Active Listener’, we discuss: About Phishy Business Fed up with the same old cybersecurity stories? Come with us on a journey that explores the lesser-known side. Whether it’s social engineering, taking criminals to court or the journalists hunting down hackers — our new podcast series, Phishy Business, looks for new ways to think about cybersecurity. Mimecast’s very own Brian Pinnock and Alice Jeffery are joined by guests from a range of unique security specialisms. Each episode explores tales of risk, reward and just a dash of ridiculousness to learn how we can all improve in the fight to stay safe. For more tales of risk, reward and ridiculousness, subscribe to Phishy Business on iTunes, Spotify, Anchor or wherever you get your podcasts. www.mimecast.com

In this bonus episode of Phishy Business, we continue to recognize the value of the work of cybersecurity professionals. Join us as Peter Coroneos, Founder and Executive Chairman of Cybermindz.org, takes us through a 10-minute meditation aimed at lowering stress. This is a just a taste of the whole Cybermindz protocol, and worth a try!

In this episode of Phishy Business, we honor and recognize the value of the work of those professionals who spend their days defending people and organizations from cyberattacks by taking a close look at one of the biggest problems the industry faces today: worker burnout and the associated mental health issues. Join us as we discuss how while many of us say we are simply “fine” when someone asks how we are, we may, in fact, actually be suffering silently from stress and burn out. Our special guest is cybersecurity expert Peter Coroneos, Founder and Executive Chairman of Cybermindz.org, an organization that recognizes that many cybersecurity professionals are themselves under sustained and increasing stress and sets out to provide direct support to restore and rebuild emotional and cognitive health. Peter has worked in cybersecurity for a long time and was once head of the Internet Industry Association in Australia which gave him special and early insight into how cybersecurity workers can suffer from on-the-job stress. With cybersecurity professionals suffering more and more from stress and burnout, Peter is working to develop and deploy programs that are designed to help. In ‘Cybermindz – Hope in a Burnt-Out Sector’, we discuss how: About Phishy Business Fed up with the same old cybersecurity stories? Come with us on a journey that explores the lesser-known side. Whether it’s social engineering, taking criminals to court or the journalists hunting down hackers — our new podcast series, Phishy Business, looks for new ways to think about cybersecurity. Mimecast’s very own Brian Pinnock and Alice Jeffery are joined by guests from a range of unique security specialisms. Each episode explores tales of risk, reward and just a dash of ridiculousness to learn how we can all improve in the fight to stay safe. For more tales of risk, reward and ridiculousness, subscribe to Phishy Business on iTunes, Spotify, Anchor or wherever you get your podcasts. www.mimecast.com

In this episode of Phishy Business, we discuss how criminals are like water because of how they flow, and adapt around obstacles and security measures, always looking for a way in no matter what security professionals put in their way. You’ll learn more about how well-thought-out cybersecurity strategies, tools, and responses can be, especially in the military vs. the private sector, and, why this needs to be the case when protecting users from very fluid criminals. Our special guest is threat intelligence expert Jason Rivera, who is currently serving as a senior director in the Strategic Threat Advisory Group at CrowdStrike. He provides threat intelligence thought leadership to commercial and government organizations across the globe. Jason is an Army veteran who worked in cyber roles for the military, built cyber intelligence programs for civilian organizations, and today combines both of those elements of his experience into helping advise CrowdStrike and its customers on cybersecurity strategy. In ‘Criminals Are Like Water, Adapting to New Circumstances’, we discuss: About Phishy Business Fed up with the same old cybersecurity stories? Come with us on a journey that explores the lesser-known side. Whether it’s social engineering, taking criminals to court or the journalists hunting down hackers — our new podcast series, Phishy Business, looks for new ways to think about cybersecurity. Mimecast’s very own Brian Pinnock and Alice Jeffery are joined by guests from a range of unique security specialisms. Each episode explores tales of risk, reward and just a dash of ridiculousness to learn how we can all improve in the fight to stay safe. For more tales of risk, reward and ridiculousness, subscribe to Phishy Business on iTunes, Spotify, Anchor or wherever you get your podcasts. www.mimecast.com