Data Security Decoded

Welcome to the ⁠Data Security Decoded⁠ podcast by Rubrik Zero Labs. In this episode, our host ⁠Caleb Tolin⁠ speaks with ⁠Joe Hladik⁠, a veteran security expert with two decades of experience, to explore the evolving landscape of cybersecurity, incident response, and the critical challenges of data security in today's distributed environments. What You'll Learn: How the cybersecurity landscape has evolved from traditional nation-state threats to modern ransomware operations Why data sprawl creates complex security challenges as sensitive information moves across platforms and users The real-world challenges organizations face when managing vulnerability patches and business continuity How identity management has become more complex than just "the new perimeter" in cloud environments Why data security posture management is crucial for protecting sensitive information across distributed systems The ways modern threat actors combine financial and political motivations in sophisticated attack campaigns The conversation draws from "The State of Data Security: A Distributed Crisis," a new report from Rubrik Zero Labs, and provides practical insights into how organizations can better manage their data security posture while addressing emerging threats in an increasingly complex digital landscape. Episode Highlights: [20:05] Understanding Data Sprawl and Security Posture Management [27:05] Identity Management as a Dynamic Security Challenge  [08:40] The Evolution of Cyber Threats and Motivations [32:28] The Future of Security Research and Response Episode Resources: Caleb Tolin on LinkedIn Joe Hladik on LinkedIn The State of Data Security: A Distributed Crisis, Rubrik Zero Labs Report

Welcome to the ⁠Data Security Decoded⁠ podcast by Rubrik Zero Labs. In this episode, our host ⁠Caleb Tolin⁠ speaks with ⁠Pavlina Pavlova⁠, a researcher and cybersecurity advocate focusing on data weaponization and its disproportionate impact on vulnerable populations. Pavlina defines data weaponization as using data to manipulate, deceive, coerce, or attack someone to inflict harm. Her research investigates why cyber attacks and their impacts often have gendered dimensions, with certain populations experiencing more severe consequences. The conversation explores how attacks on critical infrastructure, particularly healthcare, create immediate impacts. While cyber attacks aren't becoming more sophisticated, they're growing more vicious. Ransomware attacks against healthcare facilities disproportionately affect women, who often serve as caregivers and rely more heavily on healthcare services. Pavlina examines the geopolitical dimensions of cybercrime, noting how certain nations harbor cybercriminals aligned with their foreign policy goals. These sanctuary jurisdictions make accountability difficult and contribute to attacks aimed at disrupting societal resilience. Join Caleb and Pavlina as they discuss policy frameworks addressing gender dimensions of data weaponization, explore international cooperation efforts, and share practical advice for under-resourced organizations to improve their cyber resilience despite limited funding. They also examine the critical role of responsible data collection and the importance of donors specifically allocating cybersecurity funding when supporting vulnerable organizations. Episode Highlights: [01:02] Defining Data Weaponization [04:11] Critical Infrastructure Targeting [09:29] Geopolitical Dimensions of Cybercrime [13:24] Policy Frameworks and International Cooperation [19:31] Resources for Under-resourced Organizations Episode Resources: Caleb Tolin on LinkedIn Pavlina Pavlova on LinkedIn New America report by Pavlina Pavlova Cyber Peace Institute United Nations Cybercrime Convention

Welcome to the ⁠Data Security Decoded⁠ podcast by Rubrik Zero Labs. In this episode, our host, ⁠Caleb Tolin⁠, is joined by ⁠Michael Razeeq⁠, a cybersecurity policy researcher specializing in advocating for Civilian Cyber Corps (C3s). Michael shares insights into how these volunteer forces, C3s, are transforming community cyber defense, addressing workforce shortages, and providing both preventive and reactive cybersecurity services to underfunded organizations. Michael's research provides a unique perspective on the emergence of the Civilian Cyber Corps across various models, from university cyber clinics to state-level programs. These task forces address gaps in cybersecurity defense where resource constraints leave organizations vulnerable. As a ⁠2024 #ShareTheMicInCyber Fellow at New America⁠ and 2025 Fellow at UC Berkeley ⁠CLTC⁠, he advocates for a "whole society" approach to cybersecurity, highlighting successful implementations in states like Ohio and drawing inspiration from Estonia's cyber defense unit. Join Caleb and Michael as they explore the operational frameworks of C3s, discuss the challenges of recruiting and vetting volunteers, examine legal considerations for establishing programs, and share insights on measuring both quantitative and qualitative impacts of these initiatives. They also look at the future of C3s through increased collaboration and partnerships like the Cyber Resilience Core. Episode Highlights: [01:30] The Rise of Civilian Cyber Corps (C3s) [13:11] Pathways to Establishing C3 Programs [19:47] Left of Boom vs Right of Boom Services [26:49] Addressing C3 Implementation Challenges Episode Resources: Caleb Tolin on LinkedIn Michael Razeeq on LinkedIn “Civilian Cyber Corps: A Model Law for States” by Michael Razeeq for New America  New America’s #ShareTheMicInCyber Fellowship Program UC Berkeley Center for Long-Term Cybersecurity Program CISA Cybersecurity Resources for High-Risk Communities

Welcome to the Data Security Decoded podcast. In this episode, our host, ⁠Richard Cassidy⁠, is joined by ⁠Carolin Desirée Toepfer⁠, founder of ⁠Cyttraction⁠ and CISO as a Service for multiple organizations across Europe and North America. Carolin shares her journey from building websites and online communities to becoming a cybersecurity leader, offering insights into the unique challenges of European cybersecurity, AI security frameworks, and transforming cybersecurity training into data integrity training that better aligns with business needs. Carolin's unique position as a CISO for multiple organizations gives her exceptional perspective on cybersecurity challenges across different industries and company sizes. Her approach focuses on addressing gaps in the European cybersecurity landscape where, according to Cisco studies, only 2% of companies are well-prepared. As founder of Cyttraction, an edtech company focused on cybersecurity training, she advocates for reframing security training to emphasize data integrity and digital identity protection, making it more relevant to business stakeholders. Join Richard and Carolin as they explore the evolution of the CISO role in Europe, discuss the global skills shortage in cybersecurity, examine cultural differences in security awareness between North America and Europe, and share insights on effective training strategies that accommodate modern attention spans and learning preferences. Episode Highlights: 00:02 - Introduction and CISO as a Service Role 01:57 - European Cybersecurity Landscape and Challenges 03:26 - Path to Becoming a CISO 06:17 - Regional Differences in Cybersecurity Approaches 09:53 - AI Governance and Business Impact 14:39 - Reframing Security Training for Business Alignment 19:20 - Measuring Training Effectiveness 24:01 - Future Outlook for Cybersecurity Episode Resources: Richard Cassidy on LinkedIn Carolin Desirée Toepfer on LinkedIn Cyttraction Learning Platform The State of Data Security: The New Rules Breaking the Banks report from Rubrik Zero Labs

Welcome to the ⁠Data Security Decoded⁠ podcast, brought to you by ⁠Rubrik Zero Labs⁠. In each episode, we discuss cybersecurity with thought leaders and industry experts and get their take on trends, themes, and how they see data security evolving. This is a must-listen for security and IT leaders looking to better understand trends shaping data security and how they can achieve cyber resilience.  In this episode, our host, ⁠Ghazal Asif⁠, Global VP of Channels, Alliances, and Inside Sales at Rubrik, is joined by ⁠Kris Lovejoy⁠, Global Security and Resilience Practice Leader at ⁠Kyndryl⁠. With over two decades of leadership experience, Kris has built a career focused on advancing technology ecosystems that drive human progress. At Kyndryl, she leads initiatives to design, manage, and safeguard the world's most reliable technology infrastructure. Previously, Kris served as EY’s Global Cybersecurity Leader, where she worked with diverse teams across 150+ countries to solve complex cybersecurity challenges. She has also held leadership roles at IBM, including VP of IT Risk and Chief Information Security Officer (CISO), and served as CEO of BluVector, a Comcast company. Kris also sits on the board of Dominion Energy, where she supports efforts to achieve Net Zero emissions by 2050. Join Ghazal and Kris as they explore actionable strategies for integrating cyber resilience into business operations, the importance of regulatory readiness for global organizations navigating new compliance frameworks, and how diverse teams drive innovative problem-solving in cybersecurity. Episode Highlights:  00:00 - Intro 03:45 - Evolving Perspectives on Compliance and Regulation 07:25 - Why Diversity in IT and Security Teams Drives Better Solutions 09:59 - Cybersecurity vs. Cyber Resilience 14:25 - Practical Strategies for Building Cyber Resilience 17:40 - Communicating Security Strategies to Non-Technical Leaders 20:25 - The Paradox of Per Capita Spend 26:09 - Regulatory Readiness in a Complex Global Landscape 28:09 - Preparing for Cyber Threats: The Critical Role of Basic Hygiene 30:18 - Looking Forward: Optimism for the Future of Cybersecurity Episode Resources Rubrik Zero Labs The State of Data Security: Measuring Your Data's Risk report Ghazal Asif on LinkedIn Kris Lovejoy on LinkedIn

Welcome to the ⁠Data Security Decoded⁠ podcast, brought to you by Rubrik Zero Labs⁠. In each episode, we discuss cybersecurity with thought leaders and industry experts, getting their take on trends, themes, and how they see data security evolving. This is a must-listen for security and IT leaders looking to better understand trends shaping data security and how they can achieve cyber resilience.  In this episode, our host, ⁠Travis Rosiek⁠, Public Sector CTO at Rubrik, is joined by ⁠Nicole Tisdale⁠, Founder of Advocacy Blueprints, former Director of Legislative Affairs for the National Security Council, and author of ⁠Right to Petition⁠. Nicole shares her journey from rural Mississippi to national security leadership, offering insights into cybersecurity equity, workforce development, and public policy's critical role in addressing underserved communities' unique challenges. Nicole’s leadership has been instrumental in shaping transformative policies, including spearheading The White House’s advocacy that secured a $1 billion cybersecurity grant program and the nation’s first cyber incident reporting law. Representing the United States in global policy dialogues across 30 nations, she has been a prominent voice in advancing security and equity on the international stage. Now as the Founder of Advocacy Blueprints, Nicole continues to champion cybersecurity and civic engagement, equipping organizations and individuals with the tools to influence policy effectively. She is also the author of Right to Petition, a practical guide for empowering citizens in advocacy. Join Travis and Nicole as they delve into the challenges of bridging policy gaps for underserved communities and her vision for equitable cybersecurity policies that prepare, respond, and recover in today’s digital landscape. Episode Highlights:  00:00 - Intro 02:57 - Advocacy for Underserved Communities 06:21 - Addressing Cybersecurity Gaps in Rural and Low-Income Communities 07:17 - Defensive vs. Offensive Cybersecurity Policy 12:10 - The Role of Proactive Policy in Cyber Resilience 18:35 - The Importance of Cybersecurity Workforce Development 21:41 - Regional Nodes for Workforce Growth and Local Cybersecurity Defense 25:48 - Connecting Workforce Development to Community Economic Stability 30:05 - The Ripple Effects of Cyberattacks on Healthcare Systems 34:57 - Cybersecurity as Critical Infrastructure Protection: The Rural Perspective 38:39 - Advocacy Blueprints: Empowering Communities to Influence Policy 45:15 - Effective Advocacy: Known Information and Resource Alignment in Cyber Policy 48:03 - Advice for Government Leaders During Leadership Transitions 55:59 - Optimism About Cybersecurity’s Future Episode Resources: Rubrik Zero Labs The State of Data Security: Measuring Your Data's Risk report Travis Rosiek on LinkedIn Nicole Tisdale on LinkedIn Right to Petition by Nicole Tisdale

Welcome to the ⁠Data Security Decoded⁠ podcast, brought to you by ⁠Rubrik Zero Labs⁠. In each episode, we discuss cybersecurity with thought leaders and industry experts, and get their take on trends, themes, and how they see data security evolving. This is a must-listen for security and IT leaders looking to better understand trends shaping data security and how they can achieve cyber resilience.  In this episode, our host, ⁠Mike Tornincasa⁠, Chief Business Officer at Rubrik, is joined by ⁠Marcela Escobar-Alava⁠, CIO of the Social Security Administration⁠, and ⁠Joe Stenaka⁠, SSA’s CISO for an insightful conversation on IT and cybersecurity collaboration. Marcela Escobar-Alava is a seasoned technology executive with deep expertise in building high-performing teams and aligning technology solutions with business objectives. Known for her ability to innovate under tight deadlines, Marcela brings years of experience in managing global application development, transforming organizational operations, and driving impactful business outcomes. Her strategic leadership and problem-solving approach have made her a trusted leader in rapidly evolving environments. Joe Stenaka, the Associate Commissioner and CISO at SSA, has spent decades protecting critical information systems across government agencies, including the Department of Veterans Affairs and the National Security Agency. With a pragmatic leadership style, Joe emphasizes collaboration and enabling secure IT solutions while minimizing risks. As an educator and industry thought leader, he is committed to fostering the next generation of cybersecurity professionals. Together, Marcela and Joe share how their unique partnership ensures operational efficiency and robust security for one of the largest independent government agencies, serving over 64 million Americans. Episode Highlights:  00:00 - Intro 00:58 - Marcela’s role as CIO: Bridging strategic and operational objectives 02:59 - Joe’s leadership in advancing SSA’s cybersecurity framework 05:12 - Establishing lockstep collaboration between IT and security 10:30 - Balancing the speed of IT innovation with robust security measures 18:14 - Lessons from Marcela’s past: Ransomware scars and fostering vigilance 24:15 - The rise of AI: Ethical considerations, security risks, and opportunities 29:27 - Reflections on leadership: From cryptology to servant leadership 32:12 - The future of cybersecurity: Opportunities and challenges Episode Resources: Rubrik Zero Labs The State of Data Security: Measuring Your Data's Risk report Marcela Escobar-Alava on LinkedIn  Joe Stenaka on LinkedIn Mike Tornincasa on LinkedIn

Welcome to the ⁠Data Security Decoded⁠ podcast, brought to you by ⁠Rubrik Zero Labs⁠. In each episode, we discuss cybersecurity with thought leaders and industry experts, and get their take on trends, themes, and how they see data security evolving. This is a must-listen for security and IT leaders looking to better understand trends shaping data security and how they can achieve cyber resilience. In this episode, our host, ⁠Travis Rosiek⁠, Public Sector CTO at Rubrik, is joined by Maria Roat⁠, former Deputy Federal CIO of the United States, and a seasoned Information Technology and Cybersecurity Executive with over three decades of experience. Maria has led transformative initiatives across federal agencies, including launching the FedRAMP program, which standardized cloud security protocols across government, and helping government agencies remain resilient through administration changes. Maria’s leadership during the COVID-19 pandemic was instrumental in enabling a large-scale remote workforce and deploying resilient platforms that supported the rapid distribution of $300 billion in relief funds. Her efforts modernized outdated systems, reduced technical debt, and streamlined operations across the Small Business Administration, transforming it into an agile organization prepared to address emerging challenges. Join Travis and Maria as they explore her extraordinary journey in cybersecurity and technology leadership, the evolution of FedRAMP, and her insights on aligning innovation with mission-driven goals. Episode Highlights:  00:00 - Intro 04:00 - Navigating Large-Scale Federal Technology Transformation 05:30 - Insights on Leadership in Technology from the Navy to Federal CIO 10:00 - Leadership Challenges as a Woman in Tech 18:16 - The Evolution of FedRAMP and Cloud Security Standards 34:05 - Addressing Cyber Threats in Transition Periods 37:19 - Building a Culture of Zero Trust and Cyber Resilience 42:00 - Cybersecurity Lessons for Healthcare Organizations Episode Resources: Rubrik Zero Labs The State of Data Security: Measuring Your Data's Risk report Travis Rosiek on LinkedIn Maria Roat on LinkedIn

Welcome to the ⁠Data Security Decoded⁠ podcast, brought to you by ⁠Rubrik Zero Labs⁠. In each episode, we discuss cybersecurity with thought leaders and industry experts, and get their take on trends, themes, and how they see data security evolving. This is a must-listen for security and IT leaders looking to better understand trends shaping data security and how they can achieve cyber resilience.  In this episode, our host, ⁠John Murphy⁠, Global Field Chief Security Officer at Rubrik, is joined by ⁠Aysha Khan⁠, CIO and CISO at ⁠Treasure Data⁠, a customer data platform (CDP) that combines batch and real-time data to personalize journeys with Al. She has over 20 years of experience managing Information Technology and Security at Fortune 500 companies. She is passionate about aligning strategy with agile execution to drive business results and customer satisfaction. She has successfully built and led technology, security, compliance, risk, and operations functions from scratch, as well as transformed disjointed organizations into cohesive and collaborative teams. Aysha is also an advisor with Silicon Valley CISOs Investments, a Clear Ventures CXO council member, an investor in many early-stage startups, a DEIB (diversity, equity, inclusion, and belonging) executive, a speaker, and a life coach who strongly believes in connecting people, purpose, and performance to bring the best out of others and achieve sustained and predictable results. Join John and Aysha as they discuss the dual challenges of enabling innovation while maintaining security and navigating the rapidly evolving landscape of AI. Episode Highlights:  00:00 - Intro 00:20 - Integrating Conscious Leadership into Cybersecurity Strategy 05:19 - Navigating AI Integration and Innovation 08:05 - Understanding Organizational Context and Building Relationships 21:25 - Balancing Business Risks and IT Security Alignment 29:54 - Developing Security Practices in SaaS Organizations 32:19 - Building Teams and Fostering Growth Mindsets 35:58 - Empowering Business Leaders to Be the Example 38:17 - Optimistic Outlook on the Future of AI and Cybersecurity Episode Resources: Rubrik Zero Labs The State of Data Security: Measuring Your Data's Risk report Aysha Khan on LinkedIn  John Murphy on LinkedIn

Welcome to the ⁠Data Security Decoded⁠ podcast, brought to you by ⁠Rubrik Zero Labs⁠. In each installment, we discuss cybersecurity with thought leaders and industry experts to get their take on trends, themes, and how they see data security evolving. This is a must-listen for security and IT leaders looking to better understand trends shaping data security and how they can achieve cyber resilience.  In this special episode, we wrap up Cybersecurity Awareness Month and look back on some of the most illuminating conversations from previous episodes. Tune in to hear ⁠Candy Alexander⁠, CISO & Security Practice Lead at ⁠NeuEon⁠, on navigating the complexities of data governance, and ⁠Sue Bergamo⁠, CISO and CIO at ⁠BTE Partners⁠, delve into the world of senior leadership in global cybersecurity. ⁠Renata Spinks⁠, Former SES - Deputy CIO IC4, US Marine Corps, and current CEO at CyberSec International explores the major changes in cyber threats over the last 20 years, while ⁠Anahi Santiago⁠, Chief Information Security Officer at ⁠ChristianaCare⁠, highlights the challenges facing healthcare cybersecurity, and ⁠Wendi Whitmore⁠, Senior Vice President, Unit 42 at ⁠Palo Alto Networks⁠, considers various types of cyber threats, including ransomware, cryptocurrency theft, and underreported nation-state attacks. Additionally, ⁠Sandra Joyce⁠, VP of Google Threat Intelligence at Google, discusses the importance of well-being among cybersecurity professionals, and ⁠Marene Allison⁠, former CISO at Johnson & Johnson, notes the tendency for organizations to overqualify candidates, highlighting the value of giving individuals a chance to grow into their roles.  Episode Highlights:  00:00 - Intro  06:32 - Marene Allison on hiring for potential, not perfection 07:26 - Wendi Whitmore on overcoming institutional challenges  08:09 - Renata Spinks on diversity in the workplace 08:32 - Sandra Joyce on why ‘crew rest’ is essential for mission-driven professionals 08:57 - Sue Bergamo on balancing operational needs of IT and the demands of cybersecurity 11:41 - Anahi Santiago on fostering a culture of cybersecurity awareness in healthcare organizations  14:39 - Candy Alexander on why security is everyone’s responsibility  20:32 - Candy Alexander on advice for organizations  Episode Resources: Rubrik Zero Labs The State of Data Security: Measuring Your Data's Risk report Candy Alexander on LinkedIn  Sue Bergamo on LinkedIn Renata Spinks on LinkedIn Anahi Santiago on LinkedIn Wendi Whitmore on LinkedIn Marene Allison on LinkedIn Sandra Joyce on LinkedIn