Udi Mokady, Founder and Executive Chairman of CyberArk, shares his journey from startup to a global identity security leader. He reflects on the evolving threat landscape and the importance of innovation in cybersecurity. Udi emphasizes the cultural values of humility, intelligence, and boldness that shape CyberArk's collaborative environment. He discusses the impact of AI on security strategies and the company’s resilience during crises like COVID-19. Plus, there's a fun nod to Mark Knopfler's new album, which Udi describes as perfect for driving!

In this episode of Trust Issues, host David Puner interviews Eric Hussey, SVP, Chief Information Security Officer (CISO) at Finastra, a leading provider of financial software solutions and services. Hussey shares his insights on the evolving role of the CISO, the challenges of keeping up with new and evolving cybersecurity regulations, and the importance of balancing innovation with security in the fintech space. He also discusses how identity factors into the equation, mentioning the importance of identity security in the future of fintech and banking, and the need for frictionless enhancements in identity security. Hussey also talks about his career path, AI’s emerging and evolving role in cybersecurity, and the importance of good governance and risk management in prioritizing security concerns. 

In this episode, Justin Hutchens discusses the potential misuse of generative AI for social engineering and hacking. They cover AI's ability to learn human emotions and manipulate people for compromising security. The conversation also touches on the role of identity in threat monitoring and the challenges and opportunities AI presents for organizations in defending against evolving threats.

Shay Nahari, VP of CyberArk Red Team Services, discusses session-based threats and secure browsing. Topics include cookie theft dangers, expanding attack surfaces, and CyberArk Secure Browser's end-to-end identity control. Importance of least privilege, assume breach mindset, and protecting organizations from session-based attacks.

In this episode of the Trust Issues podcast, Kaivan Karimi, Global Partner Strategy and OT Cybersecurity Lead – Automotive Mobility and Transportation at Microsoft, discusses with host David Puner the complexities of the automotive cybersecurity ecosystem, and they explore the challenges and considerations facing the industry. Karimi shares his insights on the role of identity security in automotive cybersecurity and how it helps ensure that only authenticated entities have the privilege to engage in the high-speed exchange of information. He also talks about the importance of data sovereignty, data privacy and compliance in the automotive industry. This episode provides a fascinating look into the present and future world of automotive cybersecurity and the measures being taken to protect against cyber threats. Take the audio ride!  

Global Digital Identity Leader at Deloitte Belgium, Jan Vanhaecht, discusses digital trust and risk management with host David Puner. Topics range from the impact of regulations on cybersecurity to the role of identity in security culture. They explore passwordless authentication and Zero Trust principles in safeguarding digital landscapes.

Andy Thompson, CyberArk Labs Offensive Security Research Evangelist returns to Trust Issues for a deep dive into the recent APT29 breach of Microsoft. In conversation with host David Puner, Thompson explores the intricate details of the January 2024 attack, dissecting the tactics employed by the APT29 threat actor, also known as Cozy Bear, Cozy Car, The Dukes – or, as Microsoft refers to the group: Midnight Blizzard. From the initial password spray technique to the exploitation of OAuth applications, listeners are taken on a journey through the breach's timeline – and learn how, ultimately, it all boils down to identity. The discussion touches upon the nuances of threat actor nomenclature, the significance of various bear-themed aliases and the professional nature of state-sponsored cyber espionage groups. Throughout the episode, practical insights and cybersecurity best practices are shared, offering organizations valuable strategies to bolster their defenses against evolving cyber threats. For a comprehensive analysis of the APT29 Microsoft data breach and detailed recommendations for improving cybersecurity posture, check out the accompanying blog post written by Andy Thompson.

In this episode of Trust Issues, the conversation revolves around the challenges and transformations in operational technology (OT) security. Guest Mike Holcomb, the Fellow of Cybersecurity and the ICS/OT Cybersecurity Lead at Fluor shares insights with host David Puner on securing legacy systems, the impact of generative AI – and the evolving threat landscape. From addressing security challenges in manufacturing plants to the skills gap in OT cybersecurity, the episode provides an overview of the current state and future prospects of securing critical infrastructure. Holcomb also emphasizes the importance of identity in OT security and offers practical advice for organizations looking to enhance their cybersecurity posture. Check out the episode to explore the dynamic intersection of IT and OT – and how it spotlights the urgent need for robust cybersecurity measures in an evolving digital landscape.

In this episode of Trust Issues, CyberArk’s resident Technical Evangelist, White Hat Hacker and Transhuman Len Noe joins host David Puner for a discussion about the emerging threat of AI kiddies, a term that describes novice attackers using large language models (LLMs) and chatbots to launch cyberattacks without any coding skills. Noe explains how these AI kiddies use prompt engineering to circumvent the built-in protections of LLMs like ChatGPT and get them to generate malicious code, commands and information. He also shares his insights on how organizations can protect themselves from these AI-enabled attacks by applying the principles of Zero Trust, identity security and multi-layered defense. All this and a dollop of transhumanism … Don’t be a bot – check it out! 

Guest Dr. Magda Chelly, Managing Director and CISO of Responsible Cyber, joins Trust Issues host David Puner for a conversation about third-party risk management and cyber resilience. Dr. Chelly underscores the imperative of prioritizing identity management, particularly as decentralized work environments are becoming the norm in today’s evolving digital landscape. She also explains how breaking things played a critical role in propelling her into a career in cybersecurity – and then in fostering and advancing it. The interview unfolds against the backdrop of Dr. Chelly’s extensive experience and recently authored book, "Building a Cyber Resilient Business," which serves as a handbook for executives and boards navigating the complexities of cybersecurity. If you’re seeking insights on how to gain stronger visibility and control over your organization’s digital identities, this episode is for you.Join us to learn how build resiliency against today’s ever-growing array of cyber threats – and what’s to come in 2024 and beyond.