
ISF Podcast
The ISF Podcast brings you cutting-edge conversation, tailored to CISOs, CTOs, CROs, and other global security pros. In every episode of the ISF Podcast, Chief Executive, Steve Durbin speaks with rule-breakers, collaborators, culture builders, and business creatives who manage their enterprise with vision, transparency, authenticity, and integrity. From the Information Security Forum, the leading authority on cyber, information security, and risk management.
Latest episodes

Apr 15, 2025 • 25min
S33 Ep6: The Human Advantage: Thriving in Times of Technological Uncertainty
In today’s episode, Steve speaks with Tavia about how AI and other emerging technology are reshaping society, and how we as humans should react to it.
Key Takeaways:
AI and other emerging tech can help society, but guardrails are needed.
The world is becoming more fragmented when it comes to how it views AI and tech.
With AI and new technology, we have to be increasingly cautious in our interactions in cyberspace.
Tune in to hear more about:
Why it’s unlikely there will be international rules around AI (4:32)
How technology is changing how we interact – and what that means (7:12)
What people 50 years from now might say about how we’re currently handling emerging tech (22:28)
Standout Quotes:
“We need to be putting in place guardrails, particularly when it comes to AI, around how it's going to be used, because we are playing with a technology, the power of which we don't fully understand yet.” - Steve Durbin
“I think it is about how we get the balance right. I think that it isn't about shutting down some of the technological advances that we're seeing, it is about just being a little bit more realistic about their fallibility and trying to get equilibrium back between people and tools.” - Steve Durbin
“I suspect that what they will do is take a look back and go, why on earth did they do that? Why on earth didn't somebody see that there was a better way? Because that's with the benefit of hindsight, isn't it? And we've got 20-20 vision when it comes to hindsight. And so I think that we are in the here and now and we need to find a way of muddling through. And I think that everybody has a responsibility to do that.” - Steve Durbin
Read the transcript of this episode
Subscribe to the ISF Podcast wherever you listen to podcasts
Connect with us on LinkedIn and Twitter
From the Information Security Forum, the leading authority on cyber, information security, and risk management.

Apr 8, 2025 • 27min
S33 Ep5: Bonus Episode: Ellie Pavlick - Balancing the Risk and Reward of AI
In this bonus episode, Steve speaks with Dr. Ellie Pavlick, a professor of computer science at Brown University. Dr. Pavlick’s research focuses on computational models of semantics and pragmatics which emulate human inferences in artificial intelligence. Steve and Ellie discuss generative AI, developing a pipeline of talent to work with it, and perspectives on its developing uses for organisations.
Related Resources from ISF:
ISF Podcast: The AI-Quantum Revolution: Today, tomorrow and the future
ISF Podcast: Steve Durbin & Nicholas Witchell - The Case for Social Responsibility in AI
ISF Podcast: Boosting Business Success: Unleashing the potential of human and AI collaboration
Navigating Boardroom Concerns: Top 9 Cybersecurity Risks and Challenges
Mentioned in this episode:
ISF Analyst Insight Podcast
Read the transcript of this episode
Subscribe to the ISF Podcast wherever you listen to podcasts
Connect with us on LinkedIn and Twitter

Apr 1, 2025 • 25min
S33 Ep4: Bonus Episode: Federico Varese - Organised Crime Goes Digital
Tune in to this bonus episode where Steve is speaking with Prof. Federico Varese, a professor of criminology and head of the sociology department at Nuffield College at Oxford University. Prof. Varese talks with Steve about the history of organised crime in Russia and around the world, the mafia’s movement into cybercrime, and what the future may hold for these criminal organisations.
Related Resources from ISF:
ISF Podcast, Alexander Seger — How Global Law Enforcement Fight Cybercrime
ISF Podcast, Inside the Mind of Today’s Cybercriminals, Brett Johnson Part 1
ISF Podcast, The Life of a Cybercriminal, Brett Johnson Part 2
ISF Podcast - The Democratisation of Cybercrime
Misha Glenny: The Evolution of Cybercrime with Misha Glenny, author of McMafia
Read the transcript of this episode
Subscribe to the ISF Podcast wherever you listen to podcasts
Connect with us on LinkedIn and Twitter
From the Information Security Forum, the leading authority on cyber, information security, and risk management

Mar 25, 2025 • 39min
S33 Ep3: The Drop In CEO - Steve Durbin’s Journey and Advice to Leaders
An interview with Steve Durbin, Chief Executive, ISF, hosted by CEO and Founder of The Drop In CEO Podcast, Deborah A. Coviello. Originally published by The Drop in CEO Podcast.
In this episode, Steve shares his unique journey from literature to cybersecurity, emphasising the importance of curiosity, learning, and fresh perspectives in leadership. The discussion delves into the evolving landscape of cybersecurity, the necessity for business leaders to adopt a resilient and informed approach to technology and risk management, and the value of continuous education and networking. Steve offers practical advice for business leaders on safeguarding against cyber threats and highlights the dynamic interplay between technology, business strategy, and security.
Episode Highlights:
01:57 Steve's Journey: From Literature to Cybersecurity
05:12 The Importance of Reading and Continuous Learning
08:02 Transitioning Careers: Embracing Technology
16:58 Information Security Forum: Mission and Impact
29:12 Practical Advice for Leaders on Cybersecurity
Discover more about the Information Security Forum (ISF), and tune in to our engaging podcasts.

Mar 18, 2025 • 28min
S33 Ep2: Neil Coole - Building Trust and Transparency in your Supply Chain
Today, Steve sits down with supply chain expert Neil Coole, who currently serves as Enterprise Partnership Director at BSI. He emphasizes the need to know your organization’s supply chain story in order to stay secure and protect your brand. He and Steve talk about how regulation can go beyond a checklist and add value for companies.
Key Takeaways:
1 The covid-19 pandemic and recent conflicts have highlighted the vulnerability of today’s supply chains.
2 Standards exist as frameworks to help companies live up to responsibilities set upon them by law or consumers.
3 A harmonized assessment framework can help industries secure their supply chains and save organizations time and money.
Tune in to hear more about:
1 How standards are created and what their purpose is (8:57)
2 Protecting critical infrastructure in the US (14:09)
3 The Supplier Compliance Audit Network, a community of US-based retailers and brand owners who’s created a harmonized assessment framework for its industry (23:23)
Standout Quotes:
1 “The expectation now is on more trust, transparency and also traceability, especially things like tech-enabled traceability. What kind of tech-enabled traceability solutions is that client using to determine where the goods are coming from? What route are they taking? Who's opening up the cargo containers and possibly adulterating goods, stealing in transit, all those other things – that's a real concern today for these organizations who are moving hundreds of thousands of freight containers on an annual basis. It's a real risk that they have to live with. The solutions are there. It's just helping those organizations understand the role that standards, shall we say – a standard is a best-practice framework – can play in helping to reduce, or, in some cases, even mitigate some of those risks.” - Neil Coole
2 “There's opportunities for improvement everywhere, but from a maturity standpoint, we do view parts of the critical infrastructure sectors like energy and finance to be on the more mature end. And then there's a few in the middle that are learning some important lessons. And then there's those who are actively being targeted we read about all the time. They are the ones that I feel would benefit more from some of the guidance and support and information that's available for them to be less of an attractive target.” Neil Coole
3 “So, if you're a single supplier working for the top 10 biggest brands, the top 10 are sending out some form of assessment of you. You're getting that 300-page assessment document, not just from one supplier, you're getting it from all the suppliers. But if those suppliers become part of the same community and they agree to accept a single assessment outcome, no matter who has instigated it, everyone benefits. The supplier benefits – minimizes their disruption, they get to work with more brands in an open and trusted environment – and it just saves that complete disruption and unnecessary costs of delivering an assessment by multiple brands.” - Neil Coole
Mentioned in this episode:
• Dear Infosec
Read the transcript of this episode
Subscribe to the ISF Podcast wherever you listen to podcasts
Connect with us on LinkedIn and Twitter
From the Information Security Forum, the leading authority on cyber, information security, and risk management.

Mar 11, 2025 • 29min
S33 Ep1: Kailyn Johnson - C-Suite Guide to Navigating Cyber and Geopolitical Risks
Today, Steve speaks with Kailyn Johnson, cyber intelligence and geopolitical risk lead at UK consulting firm Sibylline. Kailyn and Steve discuss the current threat landscape, focusing on areas where cyber and geopolitics overlap, and she offers some practical advice on how to contextualize security for your organization’s C-suite.
Key Takeaways:
1 The dark web is becoming more democratized, opening up the door for low-skilled threat actors to cause harm.
2 Open and frequent communication between security teams and other branches of the organization, in particular those in charge of the budget, is crucial for cyber resilience operations to receive sufficient support.
3 Staying up to date on patching, knowing your supply chains, and understanding how threats to critical infrastructure can affect you, will be key for organizations in 2025.
Tune in to hear more about:
1 How the dark web is becoming more democratized, and what means for businesses
2 Why showing the worth of the cyber team is tricky but critical for long-term success
3 What organizations can do better in 2025
Standout Quotes:
1 “So we're seeing just ransomware continuing to be a consistent risk to business operations, financial risk, reputational risk, security risks, operational risks. But alongside that, we're also then seeing the influx of a lot more low-skilled threat actors having now the capabilities to conduct sophisticated operations with the democratization of the dark web.” - Kailyn Johnson
2 “Showing off the value that these teams have to the people with budget, sometimes might help unlock a bit of that budget. If you're seeing the benefit of those teams, you're more likely to give them the budget that they might need for it, and whether that's internally or sometimes externally, if you've produced really good work, or if you've created all these detections that have helped improve the network security for your organization, how could we maybe publish that, whether it's internally to the stakeholders, or if it's for everyone, so people are seeing, actually, they're doing a really good job.” - Kailyn Johnson
3 “But sometimes you're so focused on the impact of the regulations that you sometimes then forget, actually the processes that we're doing are working. Then should we just maybe let things play out and see how they're going? I think there's always a bit of a worry of, are we always in compliance? And it's good that we have that worry, but it's also sometimes the case of, just keep doing what you're doing, and you've got your compliance teams to tell you when you're not.” - Kailyn Johnson
Mentioned in this episode:
• ISF Analyst Insight Podcast
Read the transcript of this episode
Subscribe to the ISF Podcast wherever you listen to podcasts
Connect with us on LinkedIn and Twitter
From the Information Security Forum, the leading authority on cyber, information security, and risk management.

Feb 25, 2025 • 24min
S32 Ep7: Dr. Kate Darling - Robot Ethics and the Future of Human-Robot Interaction
Today, Steve is in conversation with Dr. Kate Darling, Research Scientist at the MIT Media Lab and Research Lead at the Boston Dynamics AI Institute. Kate has spent years studying human-robot interaction, and she speaks with Steve about the fascinating impact such interactions can have on us as people, and what that means for businesses trying to incorporate robots and AI into their customer experience.
Key Takeaways:
1. It is natural for humans to project human behavior onto non-humans.
2. Using robots to help humans do their work better is smarter than replacing them.
3. More technical expertise is needed for policymaking to keep pace with new technologies.
Tune in to hear more about:
1. Why humans form emotional connections with robots
2. How a grocery store robot is scaring customers
3. Pitfalls of commercializing robotics
Standout Quotes:
1. “That's part of the reason that we do this, that we create these strong emotional connections, even with non-living things like robots, is because we have this drive, and especially in these emotionally difficult situations, it may even be something that helps people survive. So I don't think it's as black and white as just: we need to prevent this anymore, but it is something that we need to be extremely aware of and acknowledge that it's happening, so that we can address it appropriately where possible.” - Dr. Kate Darling
2. “So I think it's important that we're making the right choices. It's not that technology determines what happens. It really is us as a society choosing to set the right incentives for companies and invest in the right kinds of technology. And I do think that there's much more promise in that path, the path of trying to partner with these technologies and what we're trying to achieve, rather than trying to replace people or recreate something we already have.” - Dr. Kate Darling
3. “We've used most animals like tools and products, and some of them have been our companions, and my prediction for the future is that we're going to do the exact same thing with robots and AI, that most of them will be tools and products and some of them will be companions.” - Dr. Kate Darling
Mentioned in this episode:
• ISF Analyst Insight Podcast
Read the transcript of this episode
Subscribe to the ISF Podcast wherever you listen to podcasts
Connect with us on LinkedIn and Twitter
From the Information Security Forum, the leading authority on cyber, information security, and risk management.

Feb 18, 2025 • 20min
S32 Ep6: Paul McKenna - Harnessing the Power of Positivity
In this episode, Steve speaks with best-selling author and hypnotist Paul McKenna about something that affects all of us — stress at work. Paul talks about the impact stress can have on workers and gives practical tips to care for yourself and the employees you lead, even in the fast-paced, “always-on” security industry.
Key Takeaways:
1 It’s important to be mindful of signs of stress before it gets to burnout.
2 Mindfulness, hypnosis, and other types of self-care can significantly reduce stress.
3 For long-term success, employers should look to balance output and productivity with their employees’ mental and physical well-being.
Tune in to hear more about:
1 Why we’re more stressed than ever (1:10)
2 How to identify signs that may lead to burnout (3:26)
3 How companies and leaders can support their employees well-being (12:32)
Standout Quotes:
1 “It's right now a massive issue, anxiety, stress, fear, worry, because if you think about it, you turn on the TV, or you open a newspaper, you're under attack. It's the war, it's the virus, it's the economy, it's something or other. And so understandably, post the pandemic, we were out of the biological pandemic, but we're sort of in a psychological pandemic.” - Paul McKenna
2 “ Now the thing is, addiction is about changing your state of mind and body, so drinking, drug taking, gambling, sex, shopping, television and food, particularly sugar food, are the world's drugs of choice. And everybody in the world at some point feels too much stress. They feel overwhelmed, and so they resort to something to change how they feel, some of the things I just mentioned. And in a sense, some people, they form an addiction to their work because they can, you know, forget about everything else that's going on in their life. They might not have to think about their relationship or, you know, some other stress, from their family or something. So they immerse themselves in work.” - Paul McKenna
3 “Years ago, when I started corporate training, one of my colleagues, I asked him, ‘Why is it corporations pay so much money to have their staff trained?’ He said, ‘Well, I can show you,’ because look, they see that ‘days sick' goes down, the productivity goes up. So basically, by staying in the zone of balance – you've got enough output getting things done, versus balance, which is recovery time, in my mind. You get that mix right, then you're going to be more productive in the end.” - Paul McKenna
Mentioned in this episode:
• Dear Infosec
Read the transcript of this episode
Subscribe to the ISF Podcast wherever you listen to podcasts
Connect with us on LinkedIn and Twitter
From the Information Security Forum, the leading authority on cyber, information security, and risk management.

Feb 11, 2025 • 27min
S32 Ep5: Duncan Wardle - Embedding a Culture of Innovation into Everyone's DNA
Today, Steve sits down with Duncan Wardle, the former head of innovation and creativity at Disney. Duncan talks to Steve about his current work teaching leaders to embrace creativity and inspire innovation in their teams. He suggests practical ways that leaders can create a more collaborative and fun work culture that will lead to more successful outcomes and enhance their teams’ job fulfillment.
Key Takeaways:
We’re all born with creativity, and a great leader can unlock it within people who may have lost it along the way.
Creativity is the ability to have an idea; innovation is the ability to get that idea done.
With AI, we have the opportunity to hand off mundane tasks and give ourselves time to think, be creative, and innovate.
Tune in to hear more about:
Why it matters to say “yes, and…” instead of “no, because…”
The impact of AI on creativity and innovation
Actions leaders can take to spark more creativity within their organizations
Standout Quotes:
“I define creativity as the ability to have an idea, and I think we can all do that every day. I define innovation as the ability to get that done. That's the hard part.” - Duncan Wardle
“As leaders, we have responsibilities, we've got quarterly results, we've got bosses, we've got – but if the first two words out of our mouth are ‘no, because,’ they're the first two words when somebody comes at us with a new idea, they're not coming back in the door again, and they may have genius next week or next-. Just remind ourselves as leaders, we're not green lighting this idea for execution today. We're merely green housing it together, using ‘Yes, and.’ As leaders, if we can use ‘Yes, and’ before ‘No, because’ you can completely and utterly change your culture.” - Duncan Wardle
“Algorithms, and everything that AI will bring to the table, will merge with the human race, creativity, intuition, empathy, imagination, etc, we will merge to become a superhuman race.” - Duncan Wardle
Mentioned in this episode:
ISF Analyst Insight Podcast
Read the transcript of this episode
Subscribe to the ISF Podcast wherever you listen to podcasts
Connect with us on LinkedIn and Twitter
From the Information Security Forum, the leading authority on cyber, information security, and risk management.

Feb 4, 2025 • 30min
S32 Ep4: Sylvie de Giusto - The Power of Choice
In this episode, Steve sits down with author and leadership expert Sylvie di Giusto. Sylvie delineates five areas for everyone to consider in order to enhance their emotional intelligence. She and Steve also discuss how self-awareness and authenticity relate to situational awareness, and how improving in these areas can support career mobility.
Key Takeaways:
The subconscious takes up 95% of the brain – use that to your advantage to gain the trust of the people you interact with.
Situational awareness is more important than one-size-fits-all ideas of “always smiling” or “maintaining eye contact.
Your appearance, behavior, communication, digital footprint, and environment all matter for how people see you.
Tune in to hear more about:
How the meaning of emotional intelligence in business has changed over the years (01:48)
Sylvie di Giusto’s A.B.C.D.E. (Appearance, Behavior, Communication, Digital footprint, Environment) framework (07:50)
The four levels of visibility (20:05)
Standout Quotes:
“The subconscious mind of a human takes up 95% of your brain. And 95% of your brain is where emotions live, where feelings live, where your gut feelings live. And only 5% of our brain actually transmits data, facts, figures, information. That is where your contracts are, where your proposals are, where all the facts and figures are that you deliver to your clients. [...] So, I always say, why don't you use this to your advantage, that behavior, and actually use the 95% of the brain and instantly imprint that feeling of trust in them and use it to your advantage. And before they buy into your solution, into your technical solution, let them buy into you.” - Sylvie di Giusto
“You have to learn to read the moment, [...] and then adjust your behavior and make more intentional choices. I think one of the biggest challenges that we have nowadays, also driven by technology because we are constantly distracted by technology, is that we run on autopilot most of the day. Most of the day, we are so in our habits, in our patterns, that we do things, say things, that we are not even aware of, and they have a macro impact on our relationships. And we have to step back and sometimes turn that autopilot off, read the room, and be more intentional with the tools that we already have.” - Sylvie di Giusto
“I think that authenticity means that we all play a role, but different roles, and in those roles, we are true to ourselves. [...] And in all those roles, I promise you, I'm truly authentic. But if I would try to talk with my husband the way I talk with my clients, we wouldn't have made it to 23 years, I promise you. Or if I would treat my clients like I treat my children, or if I look at home like I would on stage, and vice versa. So, yes, we are all authentic in those roles, but I think we have to accept that you just do you, no matter the circumstances – which brings us back to situational awareness – I think it's a lie that this is possible.” - Sylvie di Giusto
Mentioned in this episode:
Dear InfoSec
Read the transcript of this episode
Subscribe to the ISF Podcast wherever you listen to podcasts
Connect with us on LinkedIn and Twitter
From the Information Security Forum, the leading authority on cyber, information security, and risk management.
Remember Everything You Learn from Podcasts
Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.