Cracking Cyber Security Podcast From Teiss

Here we are - at the end of 2018 – and what a year it’s been in the world of cyber security. Barely a week went by without a story of another major breach hitting the headlines. It was the year of GDPR, when businesses jostled to understand and implement the required privacy regulations. Was it also Facebook’s annus horribilis? The Cambridge Analytica scandal, Russian fake news, and the failure to remove child pornography were just a few of the problems that plagued Facebook founder, Mark Zuckerburg, in recent months. So what lessons have we learned in 2018? Has the long anticipated GDPR delivered? And what sort of trends can we expect in 2019? Former CISO and Founder and CEO of Cyber Risk Aware, Stephen Burke, shared some of his thoughts on the year that was, and the year to come. 

This is Part Two of our focus on cyber extortion with Tim Lambon, Director of NYA, the Global Response Team. The episode explores the stigma attached to admitting your business has been a victim of ransomware, the emotional trauma some victims go through, how GDPR has empowered the criminals, as well as Tim’s top tips for dealing with cyber extortion.

Cyber extortion is our theme this week; the crime involving an attack or threat of an attack coupled with a demand for money or some other response in return for stopping or remediating the attack. This is the first part of a 2 part cyber extortion special where Tim Lambon, Director of the Global Response Team at NYA, discusses the different types of cyber extortion the criminals are exploiting, when to pay the ransom and when not, the negotiation process itself, how the perception of the value of data changes throughout the negotiation process and what’s the psychology behind it all…

This week we are talking about security awareness with Martin Smith MBE, Chairman of both SASIG and The Security Company. On the podcast Martin discusses the importance of humour and humanity, what is needed to inspire security culture behaviour change within an organisation, and why the security industry needs to stop isolating itself from other industries. 

TEISS speaks with Tanium’s Chief Security Officer, David Damato, at CONVERGE18 in Washington DC. On the podcast, we explore how he thinks the cyber skills gap could be bridged, how WannaCry could have been avoided, lessons he’s learnt along his career path, as well as how to talk to the board effectively.New research from Tanium suggests that UK firms have a long way to go in building the business resilience required to withstand modern cyber threats and other major disruptions. Tanium's latest Business Resilience study reveals that 96% of business decision makers claim business resilience should be core to company strategy, however only 54% say that it definitely is…so why are they struggling to take action?

This week we talk hackers vs defenders, how to convince the board to invest in the unknown and the future of cybersecurity with Juraj Malcho, CTO at ESET. Also, why a dose of health paranoia could be good for us...

This week we talk with  Chris Day, Cyxtera’s Chief Cybersecurity Officer, about the importance of studying geopolitical events in this cyber sensitive world, IoT security and how to build a cyber resilient network.  

This week we are exploring the somewhat complex relationship between social media and democracy and asking the question: what if Hitler had access to my Facebook data? It’s said that today’s secret services and Big Data companies possess much more data about us than were needed to run totalitarian states in the past. So, with this in mind, what would happen to our personal data were it to end up in the wrong hands? What would the consequences be for us as individuals and for society were it to be misused?  In fact, China has already started ranking citizens with a 'social credit' system or Citizen Score – to be fully implemented by 2020 - which would penalize or reward citizens for their actions, both on and offline. This raises alarm bells and begs the question: can democracy, as we know it, survive Big Data and Artificial Intelligence?  With us to explore these issues is Mark Johnson, Founder and CEO of the Risk Management Group. 

 On this episode we are commemorating Ada Lovelace Day, which happens on the second Tuesday of every October to celebrate the achievements of women in STEM careers (science, technology, engineering and mathematics), and was created in memory of Ada Lovelace, the first computer programmer. However, it’s also at these moments in time when we should take note that women make up just 23 per cent of the stem industries workforce. What’s more, just last week, a leading male scientist presented a talk at CERN, the European Organisation for Nuclear Research in Geneva claiming that “physics was invented and built by men, it’s not by invitation”. Proof that there’s still a way to go to achieve equality in the work place and to change certain attitudes. So what can be done about this? How can we encourage more girls to consider STEM careers? Do organisations need to change the way they recruit? If so, how? To discuss these questions on the podcast we are joined by Sarah Atkinson, Vice President at CA Technologies. 

As a security decision maker, you might be suffering from conference fatigue. You know, that all too familiar din as you attempt to traverse the never-ending conference floor only to be stalled in your tracks by yet another vendor touting the latest “silver bullet” for EVERY cyber vulnerability. And yet, relationship building, networking and discussion with peers are invaluable to CISOs. So how can CISOs gain value from events and forums without having to trawl through the claptrap? Mark Walmsley, CISO of global law firm Freshfields Bruckhaus Deringer LLP, shares his perspectives on our podcast about the importance of getting maximum return from your time at conferences and how to do so.

As the US mid-term elections approach, we thought we’d take a close look at “elections and hacking” with chief security scientist at Thycotic, Joseph Carson. On the podcast, Joe explains why information wars pose the greatest risk to democracy, how manipulating the mind works through misinformation, and what changes to the voting system he’d like to see put in place.

What does it take to build a cyber resilient organisation? What’s the best way to educate staff? Is a revolution needed or can cyber resiliency evolve over time? What does cyber resiliency even mean? This week we are talking about “cyber resiliency” with Chief Security Officer of Bacs and Faster Payments, Craig Rice.

This week we are talking about mental health in cyber security and what businesses should be doing to help their employees deal with the stresses of the job. Long hours and high stress levels, the cyber security profession is not for everyone and with data breaches on the rise - is it right that cyber security professionals carry all that pressure on their shoulders, from the board down? Furthermore, what’s the impact on their mental health? With us to explore this topic is Trustwave’s Chris Schueler, Senior Vice President of Managed Security Services, who has a background in the military and has seen the effects of poor mental health first hand.

45% of businesses claim to have a shortage of cybersecurity skills and 67% of cybersecurity professionals say they’re too busy with their jobs to keep up with skills development and training. And yet there is an obvious and massively untapped resource – veterans – of which only 4% are working in tech and cyber. TEISS speaks with Peter Connolly, CEO of TechVets, on why veterans are the perfect candidates to solve the cyber security skills shortage problem.

As supply chains grow in size and complexity, so does the technology, data, transactions, users, and therefore the cyber security risk. According to the 2016 Security Breaches Survey, very few UK businesses set minimum security standards for their suppliers….So, how can organisations gain an improved awareness of supply chain security and how can they work better with their suppliers? TEISS talks with Martin Smith, MBE, Chairman and Founder of SASIG, The Security Awareness Special Interest Group, which aims to improve trust in the online environment.

Should we trust bitcoin? Can we really maintain anonymity using the currency? Questions covered on this week's podcast! As part of our Summer Special Podcast Series, this week we have an interview with Tod Beardsley, Rapid7’s research director who discusses how he thinks the internet should be managed and whether he believes bitcoin will be the currency of our future. Nick Bilogorskiy, former chief malware expert at Facebook and cyber security strategist at Juniper Networks also features and talks about how businesses can use automation wisely to stay ahead of threats, as well as how to tackle the cyber skills' shortage and what data analysts should be learning now to best prepare for the future.

Welcome to our Cyber Summer Series. Slightly different to our usual podcast format – we’re featuring interviews recorded earlier this year at InfoSec 2018. First up is Andrew Lloyd, President and Executive Vice President Sales and Marketing at Corero who discusses the current trends in DDoS attacks and the smokescreens criminals use to distract investigators. Following this is Technical Director at Tenable, Gavin Millard, who advises on the vulnerabilities worth prioritising and gives us insight on the attackers' advantage. Anna Delaney La bruja, Semilla, América Afroindigena Vol 1

In part II of the TEISS Cyber Summer Series, we feature an interview with Daniel Moscovici, co-founder of Cy-oT, about Internet of Things, connected devices and wireless attacks. This will be followed by Bill Keeler, director at Cybereason, who discusses nation state hacking and the new cyber weapons deployed by nation states. Both interviews were recorded earlier this year at InfoSec 2018.

Welcome to our Special Cyber Summer Series. Over the next 4 weeks we are taking a break from our usual podcast format and featuring interviews recorded earlier this year at InfoSec 2018. This episode features an interview with Dr Anton Grashion, managing director, security practice at Cylance who talks about how organisations can leverage the power of Artificial Intelligence. This will be followed by Staffan Truvé, CTO and Co-Founder of Recorded Future who discusses recently released research which found how North Korea uses Western software and hardware on their networks.

Estonia's e-revolution began in the 1990s, not long after independence from the Soviet Union. However the massive cyber breach of 2007 was a wake-up call for the country, helping Estonians become experts in cyber defence today. With us this week is Joseph Carson, Chief Security Scientist at Thycotic, to discuss what other nations can learn from Estonia, particularly through developing a digital identity program for all citizens. Originally from Belfast, Joseph has been based in Estonia since 2003.