Redefining CyberSecurity

Guest: Julie Haney, Computer scientist and Human-Centered Cybersecurity Program Lead at National Institute of Standards and Technology [@NISTcyber]On Linkedin | https://www.linkedin.com/in/julie-haney-037449119/On Twitter | https://x.com/jmhaney8?s=21&t=f6qJjVoRYdIJhkm3pOngHQ____________________________Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martin____________________________This Episode’s SponsorsImperva | https://itspm.ag/imperva277117988Pentera | https://itspm.ag/penteri67a___________________________Episode NotesIn this episode of the Redefining CyberSecurity podcast, host Sean Martin engages in an insightful conversation with Julie Haney, the leader of the human-centered cybersecurity program at NIST. The discussion revolves around the challenges organizations face in implementing security awareness and other information security training programs, products, and operations.During the conversation, Julie introduces the NIST phish scale, a tool that helps training coordinators contextualize phishing click rates. It considers user context and alignment with individual roles, allowing organizations to tailor their phishing simulation exercises to engage employees effectively. This approach goes beyond numbers and focuses on the human factor in cybersecurity.Sean and Julie discuss the various challenges organizations encounter when implementing security awareness programs. These challenges include obtaining leadership support, allocating sufficient resources, and finding engaging approaches for a diverse workforce. They emphasize the importance of collecting user-generated security incidents and gathering feedback to identify areas for improvement and enhance awareness programs. Throughout the conversation, Sean and Julie highlight the significance of understanding and addressing human factors in cybersecurity. They stress that effective security awareness and training programs should go beyond compliance and consider the individual's mindset, attitudes, and behaviors. Additionally, they discuss the lack of effective metrics to measure program success and impact, emphasizing the need for organizations to gather data and feedback to continuously improve their programs. Overall, this episode offers practical insights and advice for organizations seeking to enhance their security awareness and training initiatives. It emphasizes the importance of a human-centric approach and provides valuable tools, such as the NIST phish scale, to help organizations tailor their programs to engage employees effectively.So, tune in to this episode as Sean and Julie take a journey into the challenges and solutions surrounding security awareness in the ever-evolving world of cybersecurity.____________________________Watch this and other videos on ITSPmagazine's YouTube ChannelRedefining CyberSecurity Podcast with Sean Martin, CISSP playlist:📺 https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYqITSPmagazine YouTube Channel:📺 https://www.youtube.com/@itspmagazineBe sure to share and subscribe!____________________________ResourcesHuman-Centered Cybersecurity: https://csrc.nist.gov/projects/human-centered-cybersecurityNIST Unveils Newly Named Human-Centered Cybersecurity Program: https://www.nist.gov/blogs/cybersecurity-insights/nist-unveils-newly-named-human-centered-cybersecurity-programJulie's LinkedIn post about NIST Unveils Newly Named Human-Centered Cybersecurity Program: https://www.linkedin.com/feed/update/urn:li:activity:7113240410604363778/____________________________To see and hear more Redefining CyberSecurity content on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-cybersecurity-podcastAre you interested in sponsoring an ITSPmagazine Channel?👉 https://www.itspmagazine.com/sponsor-the-itspmagazine-podcast-network

This story represents the results of an interactive collaboration between Human Cognition and Artificial Intelligence.Enjoy, think, share with others, and subscribe to the "Musing On Society & Technology" newsletter on LinkedIn.Sincerely, Marco Ciappelli and TAPE3________Marco Ciappelli is the host of the Redefining Society Podcast, part of the ITSPmagazine Podcast Network—which he co-founded with his good friend Sean Martin—where you may just find some of these topics being discussed. Visit Marco on his personal website.TAPE3 is the Artificial Intelligence for ITSPmagazine, created to function as a guide, writing assistant, researcher, and brainstorming partner to those who adventure at and beyond the Intersection Of Technology, Cybersecurity, And Society. Visit TAPE3 on ITSPmagazine.

In this Brand Story episode, Sean Martin, along with Gabi Stapel and Erez Hasson from Imperva, explores the complex landscape of retail web and mobile security and the increasing role of AI-enabled bots (both good and bad) in e-commerce and the potential threats they pose.Gabi and Erez highlight how these bots can exploit business logic and application capabilities, leading to new account fraud, account takeover, and price manipulation. They emphasize the importance of layered security and anomaly detection as key strategies to counter these threats.The discussion also explores the need for businesses to differentiate between human and bot traffic. Gabi and Erez point out the potential backlash from legitimate users when bots buy and deplete inventory, and the subsequent impact on customer experience and the company's reputation. They also touch on the importance of monitoring the total value of the cart, as bots tend to purchase single items, resulting in net losses for the retailer.The conversation further delves into the global and local aspects of commerce, including regulatory considerations like PCI DSS. Gabi and Erez discuss the upcoming changes in PCI DSS v4, which requires retailers to focus on managing scripts and changes to payment pages to prevent data breaches.The episode also offers valuable insights for both large-scale and smaller retailers. Gabi and Erez underscore the importance of staying on top of security and vulnerabilities, regardless of the size of the business. They provide practical advice for retailers, such as implementing a waiting room web page or a raffle system for big sales events, and auditing purchases for limited product drops.This episode is a must-listen for anyone involved in e-commerce and cybersecurity, providing a comprehensive understanding of the evolving landscape of cyber threats in the retail industry.Note: This story contains promotional content. Learn more.Guests: Gabi Stapel, Cybersecurity Threat Research Content Manager at Imperva [@Imperva]On LinkedIn | https://www.linkedin.com/in/gabriella-stapel/On Twitter | https://twitter.com/GabiStapelErez Hasson, Product Marketing Manager at Imperva [@Imperva]On LinkedIn | https://www.linkedin.com/in/erezh/ResourcesLearn more about Imperva and their offering: https://itspm.ag/imperva277117988Catch more stories from Imperva at https://www.itspmagazine.com/directory/impervaBlog | Online Retailers: Five Threats Targeting Your Business This Holiday Shopping Season: https://itspm.ag/impervkb2gAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story

Guest: J. David Grossman, Vice President, Regulatory Affairs, Consumer Technology AssociationOn LinkedIn | https://www.linkedin.com/in/jdgrossman/At CES | https://www.ces.tech/sessions-events/speaker-directory/david-grossman.aspx____________________________Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesIn this episode of the ITSPmagazine On Location Event Coverage series, hosts Marco and Sean discuss the highlights and trends for CES 2024 with J. David Grossman, VP, Regulatory Affairs, Consumer Technology Association (CTA). The trio explores topics such as IoT, food tech, health tech, cybersecurity, autonomous vehicles, privacy, diversity and inclusion, human security, AI, and the over role technology plays in solving global challenges.Together, they emphasize the importance of improving the cybersecurity of consumer connected devices and providing consumers with more information about the security measures in place. They also discuss the need for a national privacy bill to create a consistent privacy framework for protecting consumer data.The conversation delves into the role of AI in the technology landscape and the ethical considerations surrounding AI, as well as the intertwining of AI, data privacy, and consumer protection. It is an exciting innovations in fitness, wearables, gaming, esports, Web3, metaverse, sports technology, and space. The trio highlight the role of technology in addressing global challenges, such as food security, healthcare access, environmental protection, and economic security.Throughout the conversation, there is a focus on the impact of technology on society and the need for a balanced approach to regulating AI while protecting consumer data. The hosts and guest stress the importance of using technology for positive change and fostering societal improvement.____________________________Catch all of our CES 2024 event coverage: https://www.itspmagazine.com/ces-2024-las-vegas-usa-event-coverageWatch this and other videos on ITSPmagazine's YouTube ChannelCES 2024 Las Vegas playlist: 📺 https://www.youtube.com/playlist?list=PLnYu0psdcllTcuvjsP6zvFyZkL7z2D8WZRedefining CyberSecurity Podcast with Sean Martin, CISSP playlist: 📺 https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYqRedefining Society Podcast with Marco Ciappelli playlist: 📺 https://www.youtube.com/playlist?list=PLnYu0psdcllTUoWMGGQHlGVZA575VtGr9ITSPmagazine YouTube Channel: 📺 https://www.youtube.com/@itspmagazineBe sure to share and subscribe!____________________________Resources"Conversation with a Commissioner" CES Edition: https://www.ces.tech/sessions-events/ips/ips04.aspxCan a Public-Private IoT Device Certification Process Better Protect Consumers?: https://www.ces.tech/sessions-events/ips/ips02.aspxUnlicensed Innovation - The Impact of Wi-Fi & Beyond on Daily Life: https://www.ces.tech/sessions-events/ips/ips10.aspxLearn more about CES 2024: https://www.ces.tech/____________________________For more CES 2024 Event Coverage visit: https://www.itspmagazine.com/ces-2024-las-vegas-usa-event-coverageTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-cybersecurity-podcastTo see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcastAre you interested in sponsoring an ITSPmagazine Channel?👉 https://www.itspmagazine.com/sponsor-the-itspmagazine-podcast-network

In this series, ‘Cyber Shadows Over Serenity,’ we unravel the tales of three emblematic small businesses that stand as pillars in the peaceful community, each facing the dark storm of a ransomware attack that sought to shroud their digital realms in chaos. As we revisit the serene streets of our digital saga in 'Cyber Shadows Over Serenity,' we prepare to witness the concluding chapter of Clay Creationz's ordeal and the profound lessons learned by the entire town. Join us in this final narrative as resilience, recovery, and newfound digital wisdom emerge from the shadows.________This fictional story represents the results of an interactive collaboration between Human Cognition and Artificial Intelligence.Enjoy, think, share with others, and subscribe to "The Future of Cybersecurity" newsletter on LinkedIn.Sincerely, Sean Martin and TAPE3________Sean Martin is the host of the Redefining CyberSecurity Podcast, part of the ITSPmagazine Podcast Network—which he co-founded with his good friend Marco Ciappelli—where you may just find some of these topics being discussed. Visit Sean on his personal website.TAPE3 is the Artificial Intelligence for ITSPmagazine, created to function as a guide, writing assistant, researcher, and brainstorming partner to those who adventure at and beyond the Intersection Of Technology, Cybersecurity, And Society. Visit TAPE3 on ITSPmagazine.

Guest: Malcolm Harkins, Chief Security & Trust Officer at HiddenLayer [@hiddenlayersec]On Linkedin | https://www.linkedin.com/in/malcolmharkins/On Twitter | https://twitter.com/ProtectToEnable____________________________Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martin____________________________This Episode’s SponsorsImperva | https://itspm.ag/imperva277117988Pentera | https://itspm.ag/penteri67a___________________________Episode NotesIn this episode of Redefining CyberSecurity, host Sean Martin engages in a thought-provoking conversation with guest Malcolm Harkins about the challenges and failures of the CISO role. They discuss the importance of setting clear design goals and standards to determine success or failure. The conversation delves into risk management and the complexities of goal-setting, highlighting the role of integrity in the CISO's decision-making process.They explore the gray areas and potential conflicts that arise when balancing risk perspectives within an organization. Sean also touches on the idea of having multiple specialized CISOs and the inflation of job titles in the industry. They examine where breakdowns occur and whether they stem from lack of clear design or succumbing to company pressure or vendor hype.The episode also take a turn to exploration the CISO's role in ensuring the cybersecurity integrity of a company, drawing parallels to the roles of general counsel and CFO in maintaining legal and financial integrity.Throughout the conversation, Sean and Malcolm provide insights and anecdotes from their own experiences, offering valuable perspectives on redefining the CISO role and addressing the challenges faced in the cybersecurity industry. The discussion encourages listeners to consider the ethical implications of their decision-making and the importance of designing control environments that prioritize true protection over profiting from insecurity.If you're interested in gaining a deeper understanding of the complexities and failures of the CISO role, as well as exploring the gray areas and conflicts that arise in risk management, this episode is a must-listen.____________________________Watch this and other videos on ITSPmagazine's YouTube ChannelRedefining CyberSecurity Podcast with Sean Martin, CISSP playlist:📺 https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYqITSPmagazine YouTube Channel:📺 https://www.youtube.com/@itspmagazineBe sure to share and subscribe!____________________________ResourcesMateriality Matters: https://www.icitech.org/post/materiality-mattersIntegrity Matters: https://www.uscybersecurity.net/csmag/integrity-matters/Integrity Matters (RSAC): https://www.rsaconference.com/library/blog/integrity-matters-lets-keep-the-conversation-going____________________________To see and hear more Redefining CyberSecurity content on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-cybersecurity-podcastAre you interested in sponsoring an ITSPmagazine Channel?👉 https://www.itspmagazine.com/sponsor-the-itspmagazine-podcast-network

In this series, ‘Cyber Shadows Over Serenity,’ we unravel the tales of three emblematic small businesses that stand as pillars in the peaceful community, each facing the dark storm of a ransomware attack that sought to shroud their digital realms in chaos. In Part 3, witness the Baker family's battle against a crippling ransomware attack at The Sweet Retreet and discover how Clay Creationz, a haven of creativity, navigates the uncharted waters of the digital world. This juxtaposition of resilience and naivety presents a striking narrative on the importance of digital vigilance in today's interconnected age. Join us as we unfold these compelling stories, each offering unique insights and lessons on cybersecurity. Subscribe now to follow the continuing journey of "Cyber Shadows Over Serenity" and learn how even the most tranquil towns are not immune to digital shadows.________This fictional story represents the results of an interactive collaboration between Human Cognition and Artificial Intelligence.Enjoy, think, share with others, and subscribe to "The Future of Cybersecurity" newsletter on LinkedIn.Sincerely, Sean Martin and TAPE3________Sean Martin is the host of the Redefining CyberSecurity Podcast, part of the ITSPmagazine Podcast Network—which he co-founded with his good friend Marco Ciappelli—where you may just find some of these topics being discussed. Visit Sean on his personal website.TAPE3 is the Artificial Intelligence for ITSPmagazine, created to function as a guide, writing assistant, researcher, and brainstorming partner to those who adventure at and beyond the Intersection Of Technology, Cybersecurity, And Society. Visit TAPE3 on ITSPmagazine.

In this series, ‘Cyber Shadows Over Serenity,’ we unravel the tales of three emblematic small businesses that stand as pillars in the peaceful community, each facing the dark storm of a ransomware attack that sought to shroud their digital realms in chaos. In Part 2, we pick up where we left off in Chapter 1 last time to re-enter the realm of Lexicon Hayven. Here, we find ourselves amidst Eleanor's meticulous preparations to guard against cyber malevolence. When we last visited, we discovered a well-scripted disaster recovery plan, a narrative etched with diligence and foresight, awaiting its execution.________This fictional story represents the results of an interactive collaboration between Human Cognition and Artificial Intelligence.Enjoy, think, share with others, and subscribe to "The Future of Cybersecurity" newsletter on LinkedIn.Sincerely, Sean Martin and TAPE3________Sean Martin is the host of the Redefining CyberSecurity Podcast, part of the ITSPmagazine Podcast Network—which he co-founded with his good friend Marco Ciappelli—where you may just find some of these topics being discussed. Visit Sean on his personal website.TAPE3 is the Artificial Intelligence for ITSPmagazine, created to function as a guide, writing assistant, researcher, and brainstorming partner to those who adventure at and beyond the Intersection Of Technology, Cybersecurity, And Society. Visit TAPE3 on ITSPmagazine.

Guest: Jeff Reich, Executive Director of Identity Defined Security Alliance [@idsalliance]On Linkedin | https://www.linkedin.com/in/jreich/On Twitter | https://twitter.com/JeffReichCSOOn YouTube | https://www.youtube.com/channel/UC8yfa2vRYDjS7TUWKAHIrwg____________________________Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martin____________________________This Episode’s SponsorsImperva | https://itspm.ag/imperva277117988Pentera | https://itspm.ag/penteri67a___________________________Episode NotesIn this episode of Redefining CybersSecurity, host Sean Martin connects with Jeff Reich to dive deep into the world of digital identities and identity management. Through their lively and thought-provoking conversation, they explore various aspects of identities, from multiple personas in apps to the challenges and risks associated with identity sharing.They discuss the impact of cloud adoption and remote work on identity security, emphasizing the need for organizations to prioritize securing digital identities. They also touch on the role of artificial identities in smart devices and cars, and how AI and machine learning can be utilized in identity use cases.Throughout the episode, Sean and Jeff bring a philosophical and science fiction perspective to the topic, using metaphors and engaging storytelling techniques to captivate listeners. They highlight the importance of policy and control in identity management, and the need for organizations to take proactive measures in securing digital identities. They also provide valuable insights from a research survey, revealing that identity security is a top priority for a significant percentage of organizations.They emphasize the complexities of identity management and the evolving nature of identities in today's digital landscape. Overall, this episode offers a captivating and informative discussion on digital identities, leaving listeners with valuable takeaways and a deeper understanding of the importance of identity security in the modern world.____________________________Watch this and other videos on ITSPmagazine's YouTube ChannelRedefining CyberSecurity Podcast with Sean Martin, CISSP playlist:📺 https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYqITSPmagazine YouTube Channel:📺 https://www.youtube.com/@itspmagazineBe sure to share and subscribe!____________________________ResourcesIDSA: https://www.idsalliance.org/2023 Trends In Securing Digital Identities (White Paper): https://www.idsalliance.org/white-paper/2023-trends-in-securing-digital-identities/2023 Trends In Securing Digital Identities (Infographic): https://www.idsalliance.org/wp-content/uploads/2023/08/IDSA-2023Trends-Infographic.pdf____________________________To see and hear more Redefining CyberSecurity content on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-cybersecurity-podcastAre you interested in sponsoring an ITSPmagazine Channel?👉 https://www.itspmagazine.com/sponsor-the-itspmagazine-podcast-network

In this series, ‘Cyber Shadows Over Serenity,’ we unravel the tales of three emblematic small businesses that stand as pillars in the peaceful community, each facing the dark storm of a ransomware attack that sought to shroud their digital realms in chaos. We begin with Chapter 1: Tales from a Tranquil Town.________This fictional story represents the results of an interactive collaboration between Human Cognition and Artificial Intelligence.Enjoy, think, share with others, and subscribe to "The Future of Cybersecurity" newsletter on LinkedIn.Sincerely, Sean Martin and TAPE3________Sean Martin is the host of the Redefining CyberSecurity Podcast, part of the ITSPmagazine Podcast Network—which he co-founded with his good friend Marco Ciappelli—where you may just find some of these topics being discussed. Visit Sean on his personal website.TAPE3 is the Artificial Intelligence for ITSPmagazine, created to function as a guide, writing assistant, researcher, and brainstorming partner to those who adventure at and beyond the Intersection Of Technology, Cybersecurity, And Society. Visit TAPE3 on ITSPmagazine.