In this episode, host Raghu Nandakumara sits down with Sherrod DeGrippo, Director of Threat Intelligence Strategy at Microsoft, to explore the evolving landscape of cyber threats and the importance of resilience in the face of ransomware. They discuss the changing tactics of threat actors, the critical role of Zero Trust in modern cybersecurity, and the growing influence of AI on both cyber defense and offense. Sherrod also shares insights into balancing objective and subjective assessments in security, emphasizing the need for strong foundational practices and operational resilience.--------“Pre-decision making. If we come under ransom, are we going to pay? A lot of people start spiraling and it's like, wait, do you want to be spiraling now or do you want to be spiraling when we're actually under ransom? Let's spiral now. Let's do that worrying now, so that if something happens in the future, we're ready for that.”--------Time Stamps (04:53) Sherrod's career journey(16:15) Importance of basic security practices in ransomware resilience(18:37) Ransomware: To pay or not to pay?(22:08) Building a culture of ransomware resilience(26:19) Subjectivity of security(29:51) Evolution of threat actors(34:13) Zero Trust's impact on security(46:04) Role of AI in cybersecurity(49:49) Future of threat intelligence --------SponsorAssume breach, minimize impact, increase resilience ROI, and save millions in downtime costs — with Illumio, the Zero Trust Segmentation company. Learn more at illumio.com.Illumio World Tour --------LinksConnect with Sherrod on LinkedIn

The Monday Microsegment for the week of October 14th. All the cyber security news you need to stay ahead, from Illumio's The Segment podcast.Tiny company, massive data breach, and a swarm of lawsuits. New details in NPD bankruptcyThe Wayback Machine moving forward after a series of attacksAnd OpenAI shuts down efforts to use it for AI-powered wrongdoingAnd Gary Barlet to talk about Cybersecurity Awareness Month.  Head to The Zero Trust Hub: hub.illumio.comIllumio World Tour Registration: https://www.illumio.com/illumio-world-tour 

The Monday Microsegment for the week of October 7th. All the cyber security news you need to stay ahead, from Illumio's The Segment podcast.China breaches U.S. broadband providers in months long breachIt’s double trouble as two flaws put critical networking infrastructure at riskAnd U.S. authorities seize dozens of internet domains tied to Russian hackers.And John Kindervag joins us to talk about the 14 year Zero Trust journey.  Head to The Zero Trust Hub: hub.illumio.comIllumio World Tour Registration: https://www.illumio.com/illumio-world-tour  

In this episode, host Raghu Nandakumara sits down with Nicole Tisdale, Founder and Principal of Advocacy Blueprints. Nicole spent 15 years as a national security expert at The White House - National Security Council and the U.S. Congress's House Committee on Homeland Security. She joins the podcast to discuss cyber equity and security policy. --------“Should have, would have, could have - public policy is not about penalizing people for what they could have been doing or should have been doing. It's about making it better in the present and then making it better in the future.”--------Time Stamps (02:01) Nicole’s background (08:31) Responses to breaches and reporting (11:19) Victims of cyber hacks (17:39) Defining cyber equity (24:19) High impact cyber attacks (37:42) Linking Zero Trust to Cyber Equity: Secure-by-design  --------SponsorAssume breach, minimize impact, increase resilience ROI, and save millions in downtime costs — with Illumio, the Zero Trust Segmentation company. Learn more at illumio.com.--------LinksConnect with Nicole on LinkedInThe Hidden Injustice of Cyberattacks by Nicole Tisdale Illumio World Tour

In this episode, host Raghu Nandakumara sits down with Tristan Morgan, Managing Director Cyber Security at BT Group, and Mark Hendry, Digital Services Partner at Evelyn Partners to discuss DORA regulations and compliance in the financial services sector. They discuss the interplay between regulatory standards like NIS2 and DORA, the importance of proportionality and operational resilience, and the broader adoption of principles such as Zero Trust. Learn more on how to achieve DORA compliance: Illumio.com/doraLearn strategies for DORA compliance in this ebook: https://www.illumio.com/resource-center/zero-trust-segmentation-dora --------"If you did a search on DORA and looked for the word segmented, ss in micro-segmentation, instantaneous severing of elements of the network in order to contain and what have you, it's in there. It's absolutely in there. So, you just need to know what you're looking for and you'll find it. And Zero Trust will evolve. It might evolve into a different name or a different set of characteristics that we seek to achieve, but DORA should last. And we might find terms like Zero Trust start to pop up in regulatory technical standards or implementing technical standards that accompany it, but it's absolutely in there because it's such a good way to protect our organizations from harm, the types of harm that we've talked about." - Mark "If you were to build something completely separate and ask all businesses to comply with something that was different, not only would there be significant cost, I think actually you get much greater resistance. Whereas, these regulations like DORA actually build upon industry-recognized best practices that many businesses are already adopting to a degree, and it actually is sensible, but it also makes the barrier to compliance less." - Tristan--------Time Stamps (04:22) Current cyber threat landscape (11:02) Operational resilience and cyber resilience(12427) Compliance and regulatory standards (15:22) A historical look at compliance (25:58) The tipping point for the EU to prioritize operational resilience(36:48) What differentiates DORA from other legislation? (44:24) The role of Zero Trust within DORA  --------SponsorAssume breach, minimize impact, increase resilience ROI, and save millions in downtime costs — with Illumio, the Zero Trust Segmentation company. Learn more at illumio.com.--------LinksConnect with Tristan on LinkedInConnect with Mark on LinkedIn

Thomas Mueller-Lynch, the Global Director of Digital Identities at Siemens, dives into the ambitious zero trust program at Siemens. He shares insights from his journey in semiconductor development to leadership in IT and security. The conversation highlights the challenges of implementing zero trust in a large organization, emphasizing collaboration between IT, cybersecurity, and business units. Thomas also discusses the critical role of identity management in enhancing cybersecurity and driving competitive advantages in product development.

Indy Dhami, a partner at KPMG UK specializing in cybersecurity practices, engages in an insightful discussion about the evolution towards cyber resilience. He highlights the importance of foundational cybersecurity practices in ensuring business continuity and driving innovation. The conversation dives into the strategic implementation of Zero Trust, the complexities of navigating regulatory pressures, and the ethical dilemmas posed by ransomware. Indy stresses the need for a collaborative approach across various business functions to effectively manage cybersecurity risks.

Kyla Guru, a passionate cybersecurity advocate and founder of Bits N' Bytes Cybersecurity Education, discusses the evolution of proactive cyber education. She highlights the importance of integrating security into product design and the role of AI in defense strategies. Kyla emphasizes that cybersecurity is a continuous process, adapting to evolving threats, and stresses grassroots community engagement to foster awareness. Aiming to inspire the next generation, she advocates for mandatory security courses in computer science programs to build a safer digital landscape.

Stephen J. White, CEO of Viking Technology Advisors, discusses the critical role of Zero Trust Network Access (ZTNA), cloud adoption, and AI in modernizing network security. Emphasizing visibility, automation, and holistic approaches, he explores the challenges of modernization, connecting business and security outcomes, generative AI in security, and managing the borderless network perimeter.

Former Director of CISA’s Zero Trust Initiative, Sean Connelly, discusses the shift towards critical-asset focus, acceleration of cloud adoption, drafting regulations, agency improvements post-incidents, and challenges moving forward in protecting data. Sponsored by Illumio.