Security Matters

In this episode of Trust Issues, Daniel Schwartzer, CyberArk's Chief Product Technologist and leader of the company’s Artificial Intelligence (AI) Center of Excellence, joins host David Puner for a conversation that explores AI's transformative impact on identity and access management (IAM). Schwartzer discusses how CyberArk's AI Center of Excellence is equipping the R&D team to innovate continuously and stay ahead of AI-enabled threats. Learn about the future of AI in IAM, the role of AI in shaping new business models and the importance of an experimentation culture in driving user experience (UX) improvements. Gain insights into the methodical, data-driven approaches to monetization strategies and the significance of learning from on-the-job experiences. This episode is a must-listen for anyone interested in the intersection of AI and IAM, and the opportunities it presents for leading the transition in the industry. Tune in to uncover what's coming down the AI pike and how it will influence the future of IAM.For more from Daniel on this subject, check out his recent blog, "Predicting the Future of AI in Identity and Access Management." 

In this episode of the Trust Issues podcast, we explore the nexus of mindfulness, identity security and leadership with Jitender Arora, Partner and Chief Information Security Officer (CISO) for Deloitte North and South Europe, and Deloitte's Global Deputy CISO. Arora discusses with host David Puner how a Zen-like mindset can be influential in helping to bolster organizational cyber defenses, sharing his wisdom on the critical role of emotional intelligence, empathy and the human touch within the cyber realm. This episode offers a glimpse into innovative strategies for navigating the intricate cybersecurity landscape, emphasizing the significance of maintaining a Zen-like composure for effective decision-making and risk management. Listeners will gain insights into the evolving role of CISOs and the transformative impact of integrating Zen principles into leadership and cybersecurity practices. Tune in for a fresh perspective on leading with tranquility amid an ever-expanding threat landscape and about the pivotal role of identity security in protecting both human and non-human identities.

In this episode of Trust Issues, we dive into the complex and rapidly evolving world of cyber insurance. We discuss the challenges and opportunities facing companies seeking to protect themselves from the ever-present threat of cyberattacks. Joining host David Puner, today’s guest is Ruby Rai, Cyber Practice Leader, Canada at Marsh McLennan, who shares her insights into the current state of the cyber insurance market, its future trajectory and the key requirements companies need to meet to obtain coverage. We also explore the impact of third-party access and non-human identities on cyber insurance requirements and how companies can adopt an identity security approach to meet these requirements. Join us as we dig into the complexities of the cyber insurance market and discuss the importance of collaboration between insurers and clients in ensuring that companies have the coverage they need.

Udi Mokady, Founder and Executive Chairman of CyberArk, shares his journey from startup to a global identity security leader. He reflects on the evolving threat landscape and the importance of innovation in cybersecurity. Udi emphasizes the cultural values of humility, intelligence, and boldness that shape CyberArk's collaborative environment. He discusses the impact of AI on security strategies and the company’s resilience during crises like COVID-19. Plus, there's a fun nod to Mark Knopfler's new album, which Udi describes as perfect for driving!

In this episode of Trust Issues, host David Puner interviews Eric Hussey, SVP, Chief Information Security Officer (CISO) at Finastra, a leading provider of financial software solutions and services. Hussey shares his insights on the evolving role of the CISO, the challenges of keeping up with new and evolving cybersecurity regulations, and the importance of balancing innovation with security in the fintech space. He also discusses how identity factors into the equation, mentioning the importance of identity security in the future of fintech and banking, and the need for frictionless enhancements in identity security. Hussey also talks about his career path, AI’s emerging and evolving role in cybersecurity, and the importance of good governance and risk management in prioritizing security concerns. 

In this episode, Justin Hutchens discusses the potential misuse of generative AI for social engineering and hacking. They cover AI's ability to learn human emotions and manipulate people for compromising security. The conversation also touches on the role of identity in threat monitoring and the challenges and opportunities AI presents for organizations in defending against evolving threats.

Shay Nahari, VP of CyberArk Red Team Services, discusses session-based threats and secure browsing. Topics include cookie theft dangers, expanding attack surfaces, and CyberArk Secure Browser's end-to-end identity control. Importance of least privilege, assume breach mindset, and protecting organizations from session-based attacks.

In this episode of the Trust Issues podcast, Kaivan Karimi, Global Partner Strategy and OT Cybersecurity Lead – Automotive Mobility and Transportation at Microsoft, discusses with host David Puner the complexities of the automotive cybersecurity ecosystem, and they explore the challenges and considerations facing the industry. Karimi shares his insights on the role of identity security in automotive cybersecurity and how it helps ensure that only authenticated entities have the privilege to engage in the high-speed exchange of information. He also talks about the importance of data sovereignty, data privacy and compliance in the automotive industry. This episode provides a fascinating look into the present and future world of automotive cybersecurity and the measures being taken to protect against cyber threats. Take the audio ride!  

Global Digital Identity Leader at Deloitte Belgium, Jan Vanhaecht, discusses digital trust and risk management with host David Puner. Topics range from the impact of regulations on cybersecurity to the role of identity in security culture. They explore passwordless authentication and Zero Trust principles in safeguarding digital landscapes.

Andy Thompson, CyberArk Labs Offensive Security Research Evangelist returns to Trust Issues for a deep dive into the recent APT29 breach of Microsoft. In conversation with host David Puner, Thompson explores the intricate details of the January 2024 attack, dissecting the tactics employed by the APT29 threat actor, also known as Cozy Bear, Cozy Car, The Dukes – or, as Microsoft refers to the group: Midnight Blizzard. From the initial password spray technique to the exploitation of OAuth applications, listeners are taken on a journey through the breach's timeline – and learn how, ultimately, it all boils down to identity. The discussion touches upon the nuances of threat actor nomenclature, the significance of various bear-themed aliases and the professional nature of state-sponsored cyber espionage groups. Throughout the episode, practical insights and cybersecurity best practices are shared, offering organizations valuable strategies to bolster their defenses against evolving cyber threats. For a comprehensive analysis of the APT29 Microsoft data breach and detailed recommendations for improving cybersecurity posture, check out the accompanying blog post written by Andy Thompson.