In Episode S4E10, our guest is Paul Nicholson, Senior Director of Product Marketing for A10 Networks. Paul gives us insight into the new 2022 A10 Networks DDoS Threat Report. We talk about what you can expect to learn from the report, the methodology used, and critical findings. Paul explains A10’s ability to precisely track the origins of DDoS weapons activity as we discuss some of the activities A10 discovered leading up to the war in Ukraine.  About our Guest Paul Nicholson brings 25 years of experience working with Internet and security companies in the U.S. and U.K. In his current position, Paul is responsible for global product marketing, technical marketing, and analyst relations at San Jose, Calif.-based security, cloud, and application services leader A10 Networks. Don't miss this informative look into what the 2022 A10 Networks DDoS Threat Report offers.

In Episode S4E9, our guest is Ben Rowe, Cloud & Security Architect for Arcules. We discuss System and Organization Controls (SOC) level 2 type 2 certification in video-as-a-service (VaaS) and other cloud-based security systems providers. Ben gives us a high-level overview of what the SOC audit covers, and we dive into why physical security SaaS providers need to pursue SOC 2 attestation. He explains the process for achieving SOC 2 Type 2.  About our Guest Ben Rowe serves as the Cloud & Security Architect for Arcules, where he is instrumental in guiding the design and security of the Arcules suite of services. He has a vast amount of experience with a wide range of systems within entertainment, industrial automation, and IT. This is an important topic, so don't miss this discussion about System and Organization Controls for cloud-based security platforms. 

In Episode S4E8 Steve Bowcut, Editor at Brilliance Security Magazine, and John Rezzonico, CEO at Edge 360, discuss what it means to build a Video Management System using modern IT processes and solutions. They examine why VMS solutions have historically been slow to adopt advanced IT practices. John provides an explanation of the benefits of containerization and why physical security video system users should look for a fully containerized VMS. About our Guest As CEO at Edge360, John is responsible for the global operations of the company. He brings more than 30 years of security innovation and mission-critical military leadership to the organization, and his experience and leadership are focused on developing and delivering technology-driven business services and solutions, providing outstanding client service, and driving profitable revenue growth.  A Marine Corps Veteran, John served as an Intelligence Chief. He supervised, trained, and managed a diverse group of Intelligence Marines and produced various intelligence products for combat operations during Operation Iraqi Freedom. He served as the Battalion surveillance and reconnaissance asset manager, successfully implementing multiple surveillance systems in a combat environment. To better understand how a modern VMS can provide improved security and a better user experience, don't miss this episode of the Brilliance Security Magazine Podcast. 

Our topic for Episode S4E7 is Understanding and Communicating Cyber Risk. Our guest is Greg Spicer, CRO and Co-Founder of Ostrich Cyber-Risk.  BSM's editor, Steve Bowcut, asks Greg to: Discuss the importance of prioritizing mitigation and remediation efforts. Explain some crucial elements of risk scoring; what should be considered in the scoring process? Explain how the concept of “proximity-blindness” impacts risk analysis. Discuss some of the challenges security teams face when communicating with organizational leaders, and how can they be overcome? And more. About our Guest Greg Spicer has several years of experience in cybersecurity, working with organizations to provide solutions to their cybersecurity challenges.  He has worked in many sectors, including Legal, Finance, Insurance, Manufacturing, and Healthcare.  He was most recently CRO of Braintrace, a Salt Lake City MDR provider, before their successful sale to Sophos in July 2021.   Greg is now the CRO and Co-Founder of Ostrich Cyber-Risk, a leading Cybersecurity Performance Management Provider that offers organizations a simple-to-use but comprehensive cybersecurity risk assessment and reporting application that allows you to manage a security program within a single view.  Their methodology drives action and communication among the critical stakeholders to quickly identify and address cyber business risk within an organization. Don't miss this informative discussion about how to understand and communicate cyber risk.

The topic for Episode S4E6 is supply chain security and what to expect in the next year. Our guest is Farshad Abasi, Founder and Chief Security Officer of Forward Security. In a fun and interesting conversation, Farshad and Steve Bowcut cover: What supply chain attacks are and how they happen, including some examples Why supply chain attacks are such a serious threat What the industry can expect regarding supply chain attacks in the next year What preventative measures organizations should take to protect against supply chain attacks And more About our guest: Farshad Abasi is an innovative technologist with over twenty-four years of experience in software design and development, network and system architecture, cybersecurity, management, and technical instruction. With a keen interest in security from the start, he has become an expert in that aspect of computing and communication over the last twenty years. He started Forward Security in 2018, with a mission to provide world-class information security services, particularly in the Application and Cloud security domains. Don't miss this fascinating conversation about an important topic: Supply chain security.

In Episode S4E5, we have as our guests two individuals who are distinguished by their work with the Industry IoT Consortium (IIC). Bassam Zarkout—Executive Vice President IGnPower Inc. and the Chief Editor of the Industrial IoT Artificial Intelligence Framework (IIAIF). Wael Diab—Chair IIC Industrial AI Task Group and Secretary IIC Steering Committee. About the IIC Since its founding in 2014, the IIC has helped build a technical foundation for the Industrial IoT. They work to help organizations take advantage of IoT technology and achieve positive outcomes. They are focused on driving technology innovation that fosters business transformation. Their services are targeted toward helping members drive business value in the core verticals of IT, Networks, Academia & Research, Manufacturing, Energy & Utilities, and Healthcare. They provide best-practice frameworks and liaisons with Standards Development Organizations. Topics we cover: The purpose of the  Industrial IoT Artificial Intelligence Framework Examples of some applications for AI in IIoT The value proposition AI can enable in next-generation industrial IoT (IIoT) systems Perceptions regarding ethics, confidence, trustworthiness of AI About our guests: Bassam Zarkout is the Chair of the Digital Transformation working group at the Industry IoT Consortium. He is an Ottawa-based technology executive with 30+ years of experience in technology organizations in Canada, the US, and Europe, including 8 years in executive C-positions, mainly as CTO. Bassam is the founder of IGnPower, an IIoT and AI strategy consulting practice. He has authored and contributed to multiple peer-reviewed papers and frameworks covering Digital Transformation, Industrial AI, Trustworthiness, Data Protection, and IoT Security. He is also a veteran of the Information Assets Governance space, including Electronic Records Management, RegTech, Content Management, and Electronic Discovery, and has led research with US DoD in the area of assisted security and privacy classifications of content. Wael Diab is a business and technology strategist with over 885 patents to his name in the fields of networking and ICT. Wael has BS and MS degrees in EE and BA in Economics from Stanford, and an MBA with honors from Wharton. He is a published author, having authored the book Ethernet in the First Mile: Access for Everyone. In 2011, Wael was recognized by the David Packard Medal of Achievement and Innovator Award for his leadership in Green Technology. He has been active in standardization and related activities for two decades. He chairs ISO/IEC JTC 1/SC 42, the international standardization committee on artificial intelligence (AI). Wael is also chairing the AI track of the 22nd Global Standards Collaboration meeting (GSC-22). Don't miss this opportunity to learn more about AI in security and IIoT applications.

In Episode S4E4, we have two guests. We talk with Jonatan Altszul, CEO at BitTrap and Ariel Futoransky, BitTrap’s CTO. Our topic is A Novel Approach to Security Bug Bounties. BitTrap helps companies find breaches faster by installing wallets with risk-adjusted bounties. When an attacker cashes a wallet, they notify the company of the breach so they can take remediation actions to patch it. Some of the topics we cover include: Why bug bounties are necessary What works and what can be improved BitTrap's novel approach to bug bounties A little about our guests: Jonatan Altszul has been building companies in the Cybersecurity Industry for over 30 years. In the past, as a founder of Core Security Technologies, Jony developed the first automated penetration testing software product, earning the loyalty of clients such as Apple, Cisco, Department of Homeland Security, NSA, NASA, Lockheed Martin, and DARPA. As a founder of Disarmista, Jony developed some of the most popular cybersecurity products for the largest companies in the Industry. As co-founder and CEO, Jony now leads BitTrap, where he combines his many years of experience in Cybersecurity, leveraging his expertise in Attacker Behavior with his passion for building companies and defining product new categories. Ariel Futoransky is curious about science & technology, its future, and how it will continue to impact society. A founder of Core Security Technologies, Disarmista, and BitTrap. He is a researcher, programmer, entrepreneur and has made contributions to cryptography, Cybersecurity, and blockchain. Don't miss this opportunity to learn more about a new way to use security bug bounties.

In this episode, our guest is Slava Bronfman, CEO and Co-founder at Cybellum and we talk about product supply chain security. Cybellum provides a product security platform, enabling teams to manage security across the entire product lifecycle - from highly detailed SBOMs to automatic vulnerability management, ongoing incident response, and continuous monitoring. We touch on:  Cybersecurity risks, such as open-source or supply chain software Some things product manufacturers can do to detect and remediate vulnerabilities The future for product supply chain security A little about our guest: Slava Bronfman is an experienced cybersecurity entrepreneur. As CEO and Co-founder at Cybellum, he is responsible for the business, sales, and marketing operations, working with manufacturers and asset owners worldwide on implementing risk assessment solutions. As part of founding Cybellum’s development of a novel cybersecurity risk assessment technology, Slava is also the official representative of the Standards Institution of Israel in the ISO 21434 standard technical committee. He served as an officer in Israel’s elite intelligence corps unit 8153 in a leading product management position and holds an M.Sc. in Computer Science and a B.Sc. in Information Systems, both Cum Laude. Don't miss this insight into the world of product supply chain security.

In Episode S4E2 our guest is David Vincent, VP of Product Strategy and the chief security evangelist at Appsian Security. Our topic is Automated Controls for Compliance - How and Why. Appsian provides ERP security below the network layer. David shares his insights about: Challenges associated with manually maintaining compliance. How automated controls can affect compliance. Leading practices for effective Data Security & Privacy Compliance. And more. David Vincent has over twenty-five years of experience delivering Security, Audit, Risk, & Compliance services while employed with some of the largest professional service-providing firms in the world – Arthur Andersen, KPMG, PwC, and IBM. He has delivered hundreds of ERP Security Risk & Compliance Assessments & Remediation services, and over 100 GRC (governance, risk, and compliance) technology solution implementations. Additionally, he was the North America GRC Practice Leader for IBM, PwC, and Corporater. Be sure to listen to this informative discussion about automated controls and compliance.

In Episode S4E1 our guest is Purandar Das, CEO and Co-Founder at Sotero. We discuss the future of ransomware and explore some recent trends in data security.  We touch on topics such as: Anomaly detection at the data level Machine-learning in ransomware protection Possible future trends for ransomware Sotero offers the first field-level, universal data protection platform allowing you to consolidate all your data instances, applications, and security products into one easy-to-manage environment. Purandar Das is an experienced executive with a demonstrated history of success in the information technology and services space. He is skilled in Technology & Business Development as well as Enterprise Software, Enterprise Architecture, Agile Methodologies, and Customer Relationship Management (CRM).  He was formerly the CTO at Infogroup, MobileMessenger, and Epsilon. Purandar gives us his thoughts on REvil and sheds some light on what we can do to protect sensitive data and curtail ransomware attacks.  Be sure and listen to this important data protection discussion.