CISO Series Podcast

How Can We Apply Our Shadow IT Failings to Botch Our AI Policy? (LIVE in Clearwater)

Feb 6, 2024

Mical Solomon, CISO at Port Authority of NY and NJ, discusses the challenges of securing generative AI tools and how they compare to SaaS and shadow IT. The episode delves into strategies to prevent falling victim to AI scam calls and the importance of analyzing successful phishing emails. The hosts also discuss serious IT failings, cybersecurity predictions, and the changes being made to policies and security concerns.

42:26

Creator website

Episode guests

Mical Solomon

AI Summary

AI Chapters

Episode notes

Podcast summary created with Snipd AI

Quick takeaways

Monitoring and reporting are crucial in cybersecurity, enabling faster incident response and risk reduction.

Security awareness training should focus on creating a positive culture, with ongoing engagement and measurable metrics.

Deep dives

Importance of Monitoring and Reporting

A key point discussed in the podcast is the importance of monitoring and reporting in cybersecurity. Both speakers highlight the significance of having robust monitoring systems in place to detect and respond to potential threats. They also emphasize the need for timely reporting, whether it's sharing information with industry peers or complying with regulatory requirements. The speakers note that monitoring and reporting can help reduce risk and enable faster response to incidents.

Introduction

3min

AI Scam Calls and Security Risks

10min

Understanding Motivation behind Clicking on Phishing Emails and Fun Cybersecurity Education

5min

IT Failings and the Impact on a Business

10min

Scam phone call, sponsorship mention, and cybersecurity predictions

4min

Changes to Policies and Security Concerns

7min

Sharing Information, Regulatory Reporting, and the Role of Humans

4min

All links and images for this episode can be found on CISO Series.

This week’s episode is hosted by me, David Spark (@dspark), producer of CISO Series and Brett Conlon, CISO, American Century Investments. Joining me is our guest, Mical Solomon, CISO, Port Authority of NY and NJ.

In this episode:

Does the hype around generative AI tools make it seem like these are a totally new technological challenge for cybersecurity?
Are many of the challenges with securing them the same that we've seen from the rise of SaaS and proliferation of shadow IT?
What lessons from that transition can we apply to AI?

Thanks to our podcast sponsors, Living Security & KnowBe4

Living Security is the global leader in human risk management. Our HRM platform Unify transforms human risk into proactive defense by quantifying human risk and engaging the workforce with relevant training and communications proven to change human behavior. Living Security is trusted by security-minded organizations, including Mastercard, Verizon, Biogen, AmerisourceBergen, and Hewlett-Packard. Learn more at www.livingsecurity.com.

KnowBe4's SecurityCoach enables real-time security coaching of your users in response to risky behavior. Based on the rules in your existing security software stack, you can configure your real-time coaching campaign to determine the frequency and type of SecurityTip that is sent to users at the moment risky behavior is detected.

Remember Everything You Learn from Podcasts

Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.

CISO Series Podcast

How Can We Apply Our Shadow IT Failings to Botch Our AI Policy? (LIVE in Clearwater)

Episode guests

Podcast summary created with Snipd AI

Quick takeaways

Deep dives

Importance of Monitoring and Reporting

The Role of Security Awareness Training

Adapting Security Policies to New Technologies

Promoting Employee Accountability

Remember Everything You Learn from Podcasts