Episodios

  • Breaking the Password Barrier: An Expert Guide to Multi-Factor Authentication and the Rise of Passwordless Security | A Conversation with Theodore Heiman | Redefining CyberSecurity with Sean Martin

    Breaking the Password Barrier: An Expert Guide to Multi-Factor Authentication and the Rise of Passwordless Security | A Conversation with Theodore Heiman | Redefining CyberSecurity with Sean Martin
    Jul 27 2024
    Guest: Theodore Heiman, CEO, CISO GuruOn LinkedIn | https://www.linkedin.com/in/tedheimanOn Twitter | https://x.com/tedrheiman____________________________Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinView This Show's Sponsors___________________________Episode NotesIn this episode of the Redefining CyberSecurity Podcast, host Sean Martin engages with Ted Heiman, CEO of the cybersecurity practice CISO Guru, in an insightful conversation about the complexities and evolving landscape of password management and multi-factor authentication (MFA). Sean Martin introduces the session by highlighting the challenges practitioners and leaders face in building security programs that enable organizations to achieve their objectives securely.The discussion quickly steers towards the main topic - the evolution of passwords, the role of password managers, and the critical implementation of MFA. Ted Heiman shares his extensive experience from over 25 years in the cybersecurity industry, observing that passwords are a relic from a time when networks were isolated and less complex. As organizations have grown and interconnected, the weaknesses of static passwords have become more apparent. Heiman notes a striking statistic: 75 to 80 percent of breaches occur due to compromised static passwords.The conversation examines the history of passwords, starting as simple, memorable phrases and evolving into complex strings with mandatory special characters, numbers, and capitalization. This complexity, while intended to increase security, often leads users to write down passwords or repeat them across multiple platforms, introducing significant security risks. Solutions like password managers arose to mitigate these issues, but as Heiman highlights, they tend to centralize risk, making a single point of failure an attractive target for attackers.The discussion shifts to MFA, which Heiman regards as a substantial improvement over static passwords. He illustrates the concept by comparing it to ATM use, which combines something you have (a bank card) and something you know (a PIN). Applying this to cybersecurity, MFA typically involves an additional step, such as an SMS code or biometric verification, significantly reducing the possibility of unauthorized access.Looking forward, both Heiman and Martin consider the promise of passwordless systems and continuous authentication. These technologies utilize a combination of biometrics and behavioral analysis to constantly verify user identity without the need for repetitive password entries. This approach aligns with the principles of zero-trust architecture, which assumes that no entity, inside or outside the organization, can be inherently trusted. Heiman stresses that transitioning to these advanced authentication methods should be a priority for organizations seeking to enhance their security posture. However, he acknowledges the challenges, especially concerning legacy systems and human behaviors, emphasizing the importance of a phased and managed risk approach.For listeners involved in cybersecurity, Heiman’s insights provide valuable guidance on navigating the intricate dynamics of password management and embracing more secure, advanced authentication mechanisms.___________________________Watch this and other videos on ITSPmagazine's YouTube ChannelRedefining CyberSecurity Podcast with Sean Martin, CISSP playlist:📺 https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYqITSPmagazine YouTube Channel:📺 https://www.youtube.com/@itspmagazineBe sure to share and subscribe!___________________________Resources___________________________To see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastAre you interested in sponsoring this show with an ad placement in the podcast?Learn More 👉 https://itspm.ag/podadplc
    Más Menos
    38 m
  • Book | "In Search of Achilles" | A Conversation about Humanity, Society, Technology, and Moral Values with Author Marco Van Den Berg Scholten | Audio Signals Podcast With Marco Ciappelli

    Book | "In Search of Achilles" | A Conversation about Humanity, Society, Technology, and Moral Values with Author Marco Van Den Berg Scholten | Audio Signals Podcast With Marco Ciappelli
    Jul 27 2024
    Guest: Marco Van Den Berg Scholten, AuthorOn LinkedIn | https://www.linkedin.com/in/marco-van-den-berg-scholten-679220261/_____________________________Host: Marco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast & Audio Signals PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli_____________________________This Episode’s SponsorsAre you interested in sponsoring an ITSPmagazine Channel?👉 https://www.itspmagazine.com/sponsor-the-itspmagazine-podcast-network_____________________________Episode IntroductionNavigating the New World Through Stories: In an engaging episode of the Audio Signal Podcast, host Marco Ciappelli welcomes a unique guest who shares his first name and a deep passion for storytelling and technology. Marco Van Den Berg Scholten, a basketball coach and author, joins the conversation from the Netherlands to discuss his insights on technology's role in our lives, his latest book, In Search of Achilles, and the value of preserving human stories.The Intersection of Two Marcos: Marco Ciappelli introduces Marco Van Den Berg Scholten, highlighting their first encounter and the shared fascination with storytelling. Although Van Den Berg Scholten is Dutch, the two share the same first name, which serves as a bridge in their dialogue about technology and its impact on society.A Journey Through Time: Van Den Berg Scholten takes listeners on a journey through his life, beginning with his upbringing as a member of Generation X. His narrative is filled with twists and turns, from his love for basketball and its untimely interruption due to an injury, to his eventual role as a coach in the Netherlands' top league. Scholten outlines the process that led him to put his long-thought-of novel to paper, detailing the discipline required to balance writing and coaching.The Struggle for Moral Foundations: Central to the discussion is a shared concern over what Van Den Berg Scholten describes as humanity's increasingly tenuous grasp on moral values in the face of rapid technological advancement. Both Marcos explore the conflicts between old-world values and the capitalist-driven landscape that emerged post-Berlin Wall. Scholten likens the modern dilemma to the philosophical struggles depicted by Nietzsche and Heidegger, reiterating the essential need for a solid moral foundation amid changing times and technologies.Balancing Tradition with Change: The conversation transitions to how humanity can balance the undeniable benefits of technology with the risk of losing connection to deeper, time-tested values. Van Den Berg Scholten emphasizes the role of storytelling in ensuring that these moral values are passed on to future generations. He asserts that while technology like social media can unite us, it also has the potential to exploit and distort reality, especially among younger populations.Stories as a Medium of Connection: Ciappelli and Van Den Berg Scholten both agree on the enduring power of narrative to bind communities and convey essential truths. Ciappelli shares his own experiences of writing magical and morally-inclined stories for children with his mother, reflecting a shared conviction in the importance of instilling values through storytelling.Looking Ahead: Wrapping up the podcast, they touch upon the future of artificial intelligence and its potential impact on storytelling and human behavior. Both emphasize the need for combining technology with a moral compass to navigate these advancements responsibly. The episode concludes on a hopeful note, with Van Den Berg Scholten revealing that he is already working on his second book, focusing on the theme of freedom.Conclusion: This episode of the Audio Signal Podcast brings forth a compelling dialogue on the blend of technology and humanity, led by two individuals deeply invested in storytelling and moral integrity. Marco Van Den Berg Scholten's journey from coach to author serves as an inspiring testament to the power of stories in navigating our ever-evolving world. Listeners are encouraged to read his book, In Search of Achilles, and reflect on the profound insights shared during this episode.About the BookSummer 1990. The Berlin Wall has fallen. In Europe, society is about to spiral upward toward more prosperity and freedom for all. The free market provides the lone blueprint for a life of purpose. But does it? As the sun of plenty shines brighter, the shadows grow darker. And while his professors teach postmodernist dogmas, Johan van Geesteren, a young aristocrat on the threshold of society, is searching for meaning. Where have all the virtues gone? Where are the good people?When his friends embark on a dangerous hedonic roller coaster, Johan is forced into their stream of destruction and needs all the discipline from his upbringing to remain standing. Will he be able to hold on to his ideals? Is there any truth left out there? Or is the ...
    Más Menos
    43 m
  • A Deep Dive into SquareX | A Short Brand Story from Black Hat USA 2024 | A SquareX Story with Chief Architect Jeswin Mathai | On Location Coverage with Sean Martin and Marco Ciappelli

    A Deep Dive into SquareX | A Short Brand Story from Black Hat USA 2024 | A SquareX Story with Chief Architect Jeswin Mathai | On Location Coverage with Sean Martin and Marco Ciappelli
    Jul 26 2024
    Welcome to another edition of Brand Stories, part of our On Location coverage of Black Hat Conference 2024 in Las Vegas. In this episode, Sean Martin and Marco Ciappelli chat with Jeswin Mathai, Chief Architect at SquareX, one of our esteemed sponsors for this year’s coverage. Jeswin brings his in-depth knowledge and experience in cybersecurity to discuss the innovative solutions SquareX is bringing to the table and what to expect at this year’s event.Getting Ready for Black Hat 2024The conversation kicks off with Marco and Sean sharing their excitement about the upcoming Black Hat USA 2024 in Las Vegas. They fondly recall their past experiences and the anticipation that comes with one of the most significant cybersecurity events of the year. Both hosts highlight the significance of the event for ITSP Magazine, marking ten years since its inception at Black Hat.Introducing Jeswin Mathai and SquareXJeswin Mathai introduces himself as the Chief Architect at SquareX. He oversees managing the backend infrastructure and ensuring the product’s efficiency and security, particularly as a browser extension designed to be non-intrusive and highly effective. With six years of experience in the security industry, Jeswin has made significant contributions through his work published at various conferences and the development of open-source tools like AWS Goat and Azure Goat.The Birth of SquareXSean and Marco delve deeper into the origins of SquareX. Jeswin shares the story of how SquareX was founded by Vivek Ramachandran, who previously founded Pentester Academy, a cybersecurity education company. Seeing the persistent issues in consumer security and the inefficacy of existing antivirus solutions, Vivek decided to shift focus to consumer security, particularly the visibility gap in browser-level security.Addressing Security GapsJeswin explains how traditional security solutions, like endpoint security and secure web gateways, often lack visibility at the browser level. Attacks originating from browsers go unnoticed, creating significant vulnerabilities. SquareX aims to fill this gap by providing comprehensive browser security, detecting and mitigating threats in real time without hampering user productivity.Innovative Security SolutionsSquareX started as a consumer-based product and later expanded to enterprise solutions. The core principles are privacy, productivity, and scalability. Jeswin elaborates on how SquareX leverages advanced web technologies like WebAssembly to perform extensive computations directly on the browser, ensuring minimal dependency on cloud resources and optimizing user experience.A Scalable and Privacy-Safe SolutionMarco raises the question of data privacy regulations like GDPR in Europe and the California Consumer Privacy Act (CCPA). Jeswin reassures that SquareX is designed to be highly configurable, allowing administrators to adjust data privacy settings based on regional regulations. This flexibility ensures that user data remains secure and compliant with local laws.Real-World Use CasesTo illustrate SquareX’s capabilities, Jeswin discusses common use cases like phishing attacks and how SquareX protects users. Attackers often exploit legitimate platforms like SharePoint and GitHub to bypass traditional security measures. With SquareX, administrators can enforce policies to block unauthorized credential entry, perform live analysis, and categorize content to prevent phishing scams and other threats.Looking Ahead to Black Hat and DEF CONThe discussion wraps up with a look at what attendees can expect from SquareX at Black Hat and DEF CON. SquareX will have a booth at both events, and Jeswin previews some of the talks on breaking secure web gateways and the dangers of malicious browser extensions. He encourages everyone to visit their booths and attend the talks to gain deeper insights into today’s cybersecurity challenges and solutions.ConclusionIn conclusion, the conversation with Jeswin Mathai offers a comprehensive look at how SquareX is revolutionizing browser security. Their innovative solutions address critical gaps in traditional security measures, ensuring both consumer and enterprise users are protected against sophisticated threats. Join us at Black Hat Conference 2024 to learn more and engage with the experts at SquareX.Learn more about SquareX: https://itspm.ag/sqrx-l91Note: This story contains promotional content. Learn more.Guest: Jeswin Mathai, Chief Architect, SquareX [@getsquarex]On LinkedIn | https://www.linkedin.com/in/jeswinmathai/ResourcesLearn more and catch more stories from SquareX: https://www.itspmagazine.com/directory/squarexView all of our Black Hat USA 2024 coverage: https://www.itspmagazine.com/black-hat-usa-2024-hacker-summer-camp-2024-event-coverage-in-las-vegasAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story
    Más Menos
    23 m
  • Is Defense Winning? | A Black Hat USA 2024 Conversation with Jason Healey | On Location Coverage with Sean Martin and Marco Ciappelli

    Is Defense Winning? | A Black Hat USA 2024 Conversation with Jason Healey | On Location Coverage with Sean Martin and Marco Ciappelli
    Jul 26 2024
    Guest: Jason Healey, Senior Research Scholar, Cyber Conflict Studies, SIPA at Columbia University [@Columbia]On LinkedIn | https://www.linkedin.com/in/jasonhealey/At BlackHat: https://www.blackhat.com/us-24/briefings/schedule/speakers.html#jason-healey-31682____________________________Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesOpening Remarks:Sean Martin and Marco Ciappelli set the stage with their signature banter, creating an inviting atmosphere for a deep dive into cybersecurity. Marco introduces a philosophical question about measuring success and improvement in the field, leading seamlessly into their conversation with Jason Healey.Meet the Expert:Sean introduces Jason Healey, a senior research scholar at Columbia University and a former military cybersecurity leader with extensive experience, including roles at the Pentagon and the White House. Jason shares his excitement for Black Hat 2024 and the anniversary celebrations of ITSPmagazine, expressing anticipation for the discussions ahead.The Role of Defense in Cybersecurity:Jason previews his journey from military service to academia, posing the critical question, “Is defense winning?” He provides a historical perspective, noting that cybersecurity challenges have been present for decades. Despite significant investments and efforts, attackers often seem to maintain an edge. This preview sets the stage for a deeper exploration of how to measure success in defense, which he plans to address in detail at the conference.Shifting the Balance:Jason highlights the need for a comprehensive framework to evaluate the effectiveness of defense mechanisms. He introduces the concept of metrics like “mean time to detect,” suggesting that these can help gauge progress over time. Jason plans to discuss the importance of understanding system-wide dynamics at Black Hat, emphasizing that cybersecurity is about continual improvement rather than quick fixes.Economic Costs and Broader Impacts:Sean shifts the discussion to the economic aspects of cybersecurity, a topic Jason is set to explore further at the event. Jason notes that while financial implications are substantial, other indicators, such as the frequency of states declaring emergencies due to cyber incidents, provide a broader view of the impact. He underscores the need to address disparities in cybersecurity protection, pointing out that not everyone has access to the same level of defense capabilities.Community and Collaboration:Marco and Jason discuss the importance of community involvement in improving cybersecurity. Jason stresses the value of shared metrics and continuous data analysis, calling for collective efforts to build a robust defense against evolving threats. This theme of collaboration will be a key focus in his upcoming session.Looking Forward:As they wrap up, Sean and Marco express their anticipation for Jason’s session at Black Hat 2024. They encourage the audience to join in, engage with the topics discussed, and contribute to the ongoing conversation on cybersecurity.Conclusion:Sean concludes by thanking Jason for his insights and highlighting the importance of the upcoming Black Hat sessions. He invites listeners to follow ITSPmagazine's coverage for more expert discussions and insights into the field of cybersecurity.For more insightful sessions and expert talks on cybersecurity, make sure to follow ITSPmagazine's Black Hat coverage. Stay safe and stay informed!Be sure to follow our Coverage Journey and subscribe to our podcasts!____________________________This Episode’s SponsorsLevelBlue: https://itspm.ag/levelblue266f6cCoro: https://itspm.ag/coronet-30deSquareX: https://itspm.ag/sqrx-l91____________________________Follow our Black Hat USA 2024 coverage: https://www.itspmagazine.com/black-hat-usa-2024-hacker-summer-camp-2024-event-coverage-in-las-vegasOn YouTube: 📺 https://www.youtube.com/playlist?list=PLnYu0psdcllRo9DcHmre_45ha-ru7cZMQBe sure to share and subscribe!____________________________ResourcesIs Defense Winning? (Session): https://www.blackhat.com/us-24/briefings/schedule/index.html#is-defense-winning-40663Learn more about Black Hat USA 2024: https://www.blackhat.com/us-24/____________________________Catch all of our event coverage: https://www.itspmagazine.com/technology-cybersecurity-society-humanity-conference-and-event-coverageTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastTo see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/...
    Más Menos
    25 m
  • From Signatures to Behavior: RAD Security's Recognized Innovations for Cloud Threat Detection and Response | A Brand Story Conversation From Black Hat USA 2024 | A RAD Security Story with Brooke Motta

    From Signatures to Behavior: RAD Security's Recognized Innovations for Cloud Threat Detection and Response | A Brand Story Conversation From Black Hat USA 2024 | A RAD Security Story with Brooke Motta
    Jul 26 2024
    In this Brand Story conversation, Sean Martin sat down with Brooke Motta, CEO and co-founder of RAD Security, to discuss a game-changing shift in cloud security: moving from signature-based to behavioral-based detection and response within the Cloud Workload Protection Platform (CWPP).The What: RAD Security is pioneering the future of cloud security with its state-of-the-art behavioral cloud detection and response (CDR) solution. Unlike traditional CWPP and container detection systems that depend on signatures, RAD Security employs advanced techniques to create behavioral fingerprints based on unique good behavior patterns. This innovative approach aims to eliminate the risks associated with zero-day attacks and apply zero trust principles while ensuring real-time posture verification.The How: RAD Security's approach stands out in multiple ways. By setting behavioral baselines reflecting a system's normal operations, the platform can detect deviations that indicate potential threats earlier in the attack lifecycle. Integrated real-time identity and infrastructure context further sharpens its threat detection capabilities. This not only allows for proactive defenses but also enhances shift-left strategies and posture management, making cloud environments more resilient against emerging threats.Key Points Discussed:Behavioral Detection vs. Signature-Based Methods:Brooke emphasized the limitations of signature-based detection in addressing modern cloud security challenges. RAD Security's shift to behavioral detection ensures early identification of zero-day attacks, addressing both runtime and software supply chain vulnerabilities.Enhanced Capabilities for Real-Time Response:The platform provides automated response actions such as quarantining malicious workloads, labeling suspicious activities, and terminating threats. It leverages machine learning and large language models to classify detections accurately, aiding security operations centers (SOC) in quicker and more effective remediation.Recognition and Impact:RAD Security’s innovative approach has earned it a finalist spot in the prestigious Black Hat Startup Spotlight Competition, signifying industry acknowledgment of the need to move beyond traditional, reactive signatures to a proactive, behavioral security approach. They were also recognized during RSA Conference, one of the only startups to garner such a position.Supply Chain Security:Brooke highlighted the importance of analyzing third-party services and APIs at runtime to get a comprehensive threat picture. RAD Security’s verified runtime fingerprints ensure a defense-ready posture against supply chain attacks, exemplified by its response to the recent XZ Backdoor vulnerability.Future of Cloud Security:As security teams navigate increasingly complex cloud environments, the legacy method of relying on signatures is no longer viable. RAD Security's behavioral approach represents the future of cloud detection and response, offering a robust, resilient solution against novel and evolving threats.RAD Security is leading the charge in transforming cloud security through its innovative, signatureless behavioral detection and response platform. By integrating real-time identity and infrastructure context, RAD Security ensures swift and accurate threat response, laying the groundwork for a new standard in cloud native protection.For more insights and to learn how RAD Security can help enhance your organization's cloud security resilience, tune into the full conversation.Learn more about RAD Security: https://itspm.ag/radsec-l33tzNote: This story contains promotional content. Learn more.Guest: Brooke Motta, CEO & Co-Founder, RAD Security [@RADSecurity_]On LinkedIn | https://www.linkedin.com/in/brookemotta/On Twitter | https://x.com/brookelynz1ResourcesA Brief History of Signature-Based Threat Detection in Cloud Security: https://itsprad.io/radsec-4biOpen Source Cloud Workload Fingerprint Catalog: https://itsprad.io/radsec-kroLearn more and catch more stories from RAD Security: https://www.itspmagazine.com/directory/rad-securityView all of our Black Hat USA 2024 coverage: https://www.itspmagazine.com/black-hat-usa-2024-hacker-summer-camp-2024-event-coverage-in-las-vegasAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story
    Más Menos
    7 m
  • Bringing Biodiversity to the Innovation Ecosystem | A conversation with Ben Soltoff | What If Instead? Podcast with Alejandro Juárez Crawford and Miriam Plavin-Masterman

    Bringing Biodiversity to the Innovation Ecosystem | A conversation with Ben Soltoff | What If Instead? Podcast with Alejandro Juárez Crawford and Miriam Plavin-Masterman
    Jul 26 2024

    Guest: Ben Soltoff, Entrepreneur in Residence (EIR) and the Ecosystem-Builder in Residence at the Martin Trust Center for MIT Entrepreneurship [@EshipMIT]

    On LinkedIn | https://www.linkedin.com/in/ben-soltoff/

    On Twitter | https://twitter.com/bensoltoff

    Hosts:

    Alejandro Juárez Crawford

    On ITSPmagazine 👉 https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/alejandro-juarez-crawford

    Miriam Plavin-Masterman

    On ITSPmagazine 👉 https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/miriam-plavin-masterman

    ______________________

    Episode Introduction

    In this episode, cohosts Alejandro Juárez Crawford and Mim Plavin-Masterman are joined by Ben Saltoff, the ecosystem builder-in-residence at the Martin Trust Center for MIT Entrepreneurship. With a focus on transforming academic technology into real-world applications, his role involves guiding students through the complexities of entrepreneurship, particularly in the context of climate technology.

    ______________________

    Special Note: We have not been able to contact our producer or the students at the BRAC University Social Impact Lab who contribute vitally to this podcast. Our thoughts are with these students and everyone in Bangladesh. We respectfully ask listeners who appreciate the podcast to please make people aware of events there.

    ______________________

    Resources

    Ben's book on climate entrepreneurship. More info will be available here starting next week: https://climateandenergystartups.org/

    Martin Trust Center for MIT Entrepreneurship: https://entrepreneurship.mit.edu/

    ______________________

    Episode Sponsors

    Are you interested in sponsoring an ITSPmagazine Channel?

    👉 https://www.itspmagazine.com/sponsor-the-itspmagazine-podcast-network

    ______________________

    For more podcast stories from What If Instead? Podcast with Alejandro Juárez Crawford and Miriam Plavin-Masterman, visit: https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/alejandro-juarez-crawford and https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/miriam-plavin-masterman
    Más Menos
    41 m
  • Achieving Cybersecurity Velocity: The Role of Culture and Leadership for Operational Excellence | A Conversation with Kim Jones | Redefining CyberSecurity with Sean Martin

    Achieving Cybersecurity Velocity: The Role of Culture and Leadership for Operational Excellence | A Conversation with Kim Jones | Redefining CyberSecurity with Sean Martin
    Jul 26 2024
    Guest: Kim Jones, Director, Intuit [@Intuit]On LinkedIn | https://www.linkedin.com/in/kimjones-cism/____________________________Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinView This Show's Sponsors___________________________Episode NotesIn the latest episode of the Redefining CyberSecurity Podcast, host Sean Martin explores the importance of achieving velocity in cybersecurity operations with Kim Jones, a seasoned leader with nearly four decades of experience in intelligence, security, and risk.Jones, who has served in various roles such as Army Intel Officer, CISO, and most recently, in Performance Acceleration at Intuit, brings a wealth of knowledge to the table. Jones stresses that cultural alignment is crucial for cybersecurity teams to move faster without compromising security. He highlights the importance of leaders setting clear priorities and fostering an environment where team members feel comfortable raising conflicts and collaborating to find solutions. “A good leader is going to push the organization 5 percent beyond what it thinks it can do,” says Jones, emphasizing the necessity of pushing teams beyond their perceived limits while ensuring they work cohesively.One of the key takeaways from the discussion is Jones' analogy of velocity: “Velocity implies taking that motion in a given appropriate direction,” he explains. For Jones, mere motion is insufficient if it lacks direction. He believes that enterprises must align their resources toward a common goal to achieve true velocity, minimizing internal friction and inefficiencies along the way. Effective leadership, according to Jones, plays a pivotal role in this alignment. He argues that leaders need to create a culture where collaboration and conflict resolution are normalized practices. “Not every leader has to be charismatic, but every leader has to lead and set the tone,” Jones notes, adding that consistent and principled leadership is more impactful than charisma alone. Jones also touches on the real-world repercussions of failing to balance velocity with cultural alignment.Drawing from his extensive career, he shares that misalignment often leads to burnout and inefficiencies. He underscores the importance of leaders making time for their peers and team members, noting, “Inaction is as reckless as acting without thought.” Jones advises that prioritizing responses and maintaining open communication channels can significantly enhance team effectiveness. For organizations aiming to boost their cybersecurity operations, Jones' insights offer a valuable roadmap. By focusing on cultural alignment, setting clear priorities, and encouraging effective leadership, businesses can achieve the velocity needed to thrive. Jones' approach underscores that achieving velocity isn't about making things move faster in disarray but rather about coordinated and purposeful acceleration toward shared goals.Top Questions AddressedHow can organizations achieve velocity in their cybersecurity operations?Why is cultural alignment important for achieving velocity?What role does effective leadership play in achieving cybersecurity velocity?___________________________Watch this and other videos on ITSPmagazine's YouTube ChannelRedefining CyberSecurity Podcast with Sean Martin, CISSP playlist:📺 https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYqITSPmagazine YouTube Channel:📺 https://www.youtube.com/@itspmagazineBe sure to share and subscribe!___________________________ResourcesInspiring Resource: https://www.linkedin.com/posts/kimjones-cism_velocity-simplified-activity-7201763704848175104-sprZ/Velocity, Simplified (Blog Post): https://www.security2cents.com/post/velocity-simplified___________________________To see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastAre you interested in sponsoring this show with an ad placement in the podcast?Learn More 👉 https://itspm.ag/podadplc
    Más Menos
    43 m
  • Subversion in the Digital Age | A Conversation with Lennart Maschmeyer | Redefining Society with Marco Ciappelli

    Subversion in the Digital Age | A Conversation with Lennart Maschmeyer | Redefining Society with Marco Ciappelli
    Jul 25 2024
    Guest: ✨ Lennart Maschmeyer, Senior Researcher at Center for Security Studies (CSS) at ETH Zurich [@CSS_ETHZurich]On LinkedIn | https://www.linkedin.com/in/lennartmaschmeyer/____________________________Host: Marco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli_____________________________This Episode’s SponsorsBlackCloak 👉 https://itspm.ag/itspbcwebBugcrowd 👉 https://itspm.ag/itspbgcweb_____________________________Episode IntroductionWelcome to another thought-provoking episode of the Redefining Society Podcast! I'm Marco Ciappelli, and today, we're diving deep into the intricacies of subversion, cyber warfare, and manipulation techniques with our special guest, Lennart Maschmeyer. As a Senior Researcher at the Center for Security Studies at ETH Zurich, Lennart brings a nuanced perspective on how technology intersects with international politics and conflict.Setting the SceneThis episode begins with an introduction highlighting the excitement of being in the same time zone as Lennart Maschmeyer, an expert in subversion and cyber conflicts, joining us from Zurich. The picturesque setting of ETH Zurich serves as a backdrop for our exploration of complex topics such as cyber warfare and manipulation techniques.The Path to CybersecurityLennart shares his unconventional journey into cybersecurity and international relations. Originally a photographer with aspirations of becoming a surgeon, Lennart eventually found his passion in political science and cybersecurity. He holds a PhD in Political Science from the University of Toronto and an MPhil in International Relations from the University of Oxford. His research focuses on the subversive nature of cyber power, particularly its operational challenges and strategic limitations.Subversion and Cyber Warfare: Historical and Modern PerspectivesA key discussion in this episode revolves around the concept of subversion. Lennart emphasizes that while the mechanisms of subversion aren't entirely new, the technology involved has evolved. Subversion involves finding and exploiting vulnerabilities within systems to manipulate them. Lennart argues that this method, though theoretically powerful, faces practical challenges.Drawing comparisons between historical subversion techniques during the Cold War and modern-day cyber operations, Lennart notes that both forms of subversion rely on similar mechanisms, despite differences in technology. Whether it was Cold War-era spies infiltrating societies or modern-day hackers manipulating computer systems, the essence of subversion remains the same: exploiting vulnerabilities to achieve political goals without overt violence.Notable Cyber Operations and Their ImpactThroughout the discussion, Lennart references several notable cyber operations, such as attempts to disable power grids in Ukraine and large-scale disinformation campaigns. Despite the initial hype surrounding these operations, their practical impact often fell short of strategic goals. Operations like NotPetya spread uncontrollably, sometimes causing collateral damage, highlighting the inherent unpredictability and limitations of such cyber initiatives.The Future of Cyber Warfare and Traditional SubversionAs Lennart delves deeper into his research findings, he underscores that while cyber operations can have significant local and temporary effects, they often lack the capacity to decisively change political outcomes on a larger scale. Traditional subversion techniques, though less flashy, often prove more effective.Moving forward, Lennart suggests that we must remain vigilant against both traditional and modern subversive threats. The focus should not just be on sophisticated cyber attacks but also on more traditional forms of espionage and subversion. The orchestration of various tactics, including cyber operations, disinformation, and direct sabotage, represents the real threat—a nuanced blend of old and new.ConclusionIn closing, Lennart and I reflect on the importance of understanding the broader context in which these technologies operate. We emphasize that technology alone doesn't change the world; it's how people use it that matters. Recognizing the potential and limitations of both cyber and traditional subversion is crucial for navigating the evolving landscape of international conflict and security.This episode of the Redefining Society Podcast sheds light on the complexities of subversion in the digital age. For a detailed exploration of these themes and more, be sure to tune into the full conversation.Stay connected for more insightful discussions on how technology is shaping—and being shaped by—our society._____________________________Resources ____________________________To see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcastWatch...
    Más Menos
    42 m