Caffeinated Risk

Exploring strategies for sourcing and retaining cybersecurity talent in Alberta, transitioning from gear-centric to skill-focused cybersecurity, addressing challenges in hiring and retaining specialists in the public sector, building a strong cyber workforce through comprehensive programs, and discussing collaboration for progress in cybersecurity training.

Exploring cloud risk management challenges, shared accountability in cloud services, evolving attitudes towards cloud services during the pandemic, and the evolution of cybersecurity roles and leadership in organizations

Cara Wolf discusses Canadian tech industry innovation, drawing leadership attention to cyber security. Exploring fraud in airlines, cybersecurity challenges, fostering innovation, embracing diversity in cybersecurity.

Ian Paterson, CEO of Plurilock, discusses continuous authentication, zero trust models, Canadian startups, talent strengths in STEM, behavior-based cybersecurity, defense strategies, risk management dynamics, and the importance of ongoing risk assessment in a coffee-infused dialogue.

Exploring the evolution of network asset management post-2007 and the challenges it brings. Drawing parallels between network management and medieval castles to enhance security and streamline access.

Exploring where security can add value in business operations, preventing value loss, and enhancing competitiveness. Discussing a cyber incident involving thwarting a threat actor selling SCADA app kit, highlighting the importance of collaboration between security and business for success.

Comparing and contrasting risk management in various areas, including beyond cyber threats. Discussing the complexities of navigating through uncertainty and human behavior in security. Offering suggestions on influencing action despite competing agendas within organizations.

Exploring the integration of scientific principles in risk management with Doug Millward, a computer scientist sharing insights on cyber security evolution from the 1970's to current threat landscape. The discussion delves into applying data-driven assessments, biases in product advertising, and transitioning to composable systems in cloud technology. The chapter ends with gratitude for audience support and anticipation for future episodes.

Skilled penetration testers are some of the more specialized people within the information security industry. When it comes to safely testing kinetic systems the pool of talented ethical hackers shrinks again but does include Paul Smith who has written a brand new book on the subject. An ICS security specialist before it was a recognized specialty, Paul Smith has been a field operator, security tester, product manager, ICS vulnerability researcher and more. This episode explores risk consideration when impacts are measured in environmental damage and human life rather than records in a database.  Mr. Smith's new book, "Pentesting Industrial Control Systems: An ethical hacker's guide to analyzing, compromising, mitigating and securing industrial processes" , will be released November 9th 2021.

Explore privacy engineering, challenges of policy implementation, security professionals' practical approach, translating user needs, leadership in regulations, and balancing data collection with privacy concerns in a lively discussion with Michelle Finneran Dennedy on privacy and security.