Secure Talk Podcast

In December 2023 the U.S. Department of Health and Human Services reported that the medical data of more than 88 million people was exposed in the first ten months of 2023. A 2018 Trustwave Global Security Reported that a single healthcare record would receive an average of $250.15 when sold, 50 times more valuable than a stolen credit card. 92% of stolen patient records were criminally acquired. This is a 9x increase over the past five years affecting over 145 million people. Patient Healthcare Information is the most sensitive, valuable and prolific security challenge of the present day. Thankfully, we have this information due to the oft-maligned HIPAA law. Truly innovative for its time and often updated due to its popularity, it is a great accomplishment in privacy law. However, like most laws, its implementation for a business can be fraught. Consulting on HIPAA has become its own industry with an army of consultants and legal experts. In this episode of Strike Graph we are going to delve into the 2nd edition of “The Practical Guide to HIPAA Privacy and Security Compliance.” with the authors Rebecca Harold and Kevin Beaver. The discussion highlights the importance of a comprehensive approach to HIPAA compliance, common myths, and challenges facing healthcare organizations today. The episode also addresses the growing threat of cybercrime, the evolving landscape of data security, and practical steps organizations can take to safeguard patient information. A must-listen for professionals navigating the complex world of healthcare data security.

It seems a new security crisis is emerging at a weekly pace. The emergence of critical security breaches, data exposures and digital infrastructure failures has vastly accelerated in the last 5 years. What happens when your job is to operate in a crisis? Join us for the next episode of Secure Talk where we sit down with Vice Admiral Mike LeFevre (ret.) the CEO of Concentric Security and Roderic Jones ex-Scotland Yard and Executive Chairman of Concentric as they share their deep experience in crisis management. Their valuable insights were gleaned as Mike LeFevre commander, Office of the Defense Representative to Pakistan during the killing of Osama Bin Laden and as Roderick Jones served for Scotland Yard’s Special Branch focused on international terrorism. Their insights delve into four key phases of crisis management—911 moments, second and third-order effects, steady state, and the road to normalcy—while underscoring the importance of leadership, preparation, and external relationships. They also highlight the critical need for cyber risk management in today's evolving threat landscape. This episode also covers their book, 'End Game First: A Leadership Strategy for Navigating a Crisis,' which serves as a guide for cybersecurity leaders.

What software do radical techno-libertarians, the CIA, Privacy Advocates, the US State Department and Cyber Criminals use every day? The TOR Browser. In this compelling episode of SecureTalk, Justin Beals, the Founder and CEO of Strike Graph, discusses the book ‘Tor: From the Dark Web to the Future of Privacy’ with its author, Ben Collier, a Lecturer in Digital Methods at the University of Edinburgh. This episode traces the early anonymity problems that the US military and libertarian-minded computer scientists were attempting to solve. How they created a partnership and worked together to invent a solution that could provide global privacy at the dawn of the information age. Ben provides powerful insights into the motivations behind its invention and the future of our connected world.

"They're not trying to be gracious here. They're trying to make as much money as they can with that personal data.” - Mary D'Angelo Join us for this Secure Talk podcast to unmask the activity of cyber criminals on the dark web. Mary D’Angelo, an expert in Cyber Threat Intelligence, helps us “follow the money” and understand the aggressive tactics being used by threat actors to steal and monetize your data. Discover how these criminal organizations are monetizing your personal data before it even surfaces in the dark corners of the internet and how the long tail of data breaches can follow your organization for years.

98% of cyberattacks rely on social engineering. An average business organization faces over 700 social engineering attacks annually. And 90% of data breach incidents target the human element to gain access to sensitive business information. How can understanding human psychology help your cybersecurity defense? On the latest SecureTalk, I engage in a profound conversation with Dr. Abbie Marono, a behavioral scientist from social-engineer.com. We explored how nonverbal communication and emotional triggers play crucial roles in cyber threats. This insightful discussion reveals that our trust and cooperative nature, while beneficial, can also be exploited by skilled attackers. Dr. Marono’s ability to blend her academic research with practical cybersecurity applications is a testament to the power of multidisciplinary knowledge. Her insights on preference for trust and how nonverbal communication plays a part in that can help transform the people in your organization into a primary defense mechanism. Don't miss out on these valuable insights for enhancing your security approach!

From childhood hacking experiments to disrupting North Korea's internet, Alejandro Caceres shares his incredible journey and the future of cyber warfare on SecureTalk. From the early days of modems and personal computers Alejandro was deeply interested in connective computing. The early days of exploring BBS’s, telecom networks and digital modems revealed Alejandro’s talent and expertise for understanding vulnerabilities in systems. Later as a professional “red teamer”, by searching for paid vulnerabilities in common systems like Google Chrome, Alejandro was approached by a “friend of a friend” to perform some analysis. That analysis was an attempted hack on Alejandro by a North Korean operative. Tune into this intriguing episode as we chat with Alejandro about his journey as a professional cybersecurity hacker. How he was attacked, and how he responded by hacking North Korea. What does it take to hack an entire country? Alejandro Caceres, the mastermind behind a massive cyber attack on North Korea, tells all in this gripping episode of SecureTalk. #cybersecurity #databreach #northkorea

What are the essential principles for successful CISO leadership? In this episode of SecureTalk, Justin Beals, founder and CEO of StrikeGraph, sits down with cybersecurity expert Todd Fitzgerald to explore this question. As the author of 'CISO Compass' and the newly released 'Privacy Leader Compass,' Todd shares his journey from a computer programmer to a cybersecurity leader and touches on critical topics from his books. The discussion delves into the evolution of the CISO role, and his approach to CISO strategy, including different methodologies such as incident-driven and vision-driven approaches. Todd also provides an insider perspective on the renowned SolarWinds hack and the lessons it offers for improving security measures. With over 20 years of experience as a Chief Information Security Officer, Todd's insights offer invaluable guidance for navigating the complexities of cybersecurity.

If data is at the center of your risk profile, how resilient is your current encryption? In this episode of Secure Talk we discuss encryption with Purandar Das a deep expert in data encryption and CEO of Sotero. The conversation also explores his early influences, the role of a CTO, the evolving challenges in data security, and the importance of adaptive leadership. Purandar shares insights on the effectiveness of current encryption algorithms, the impact of quantum computing, and the development of AI-driven solutions for data security. We also review the LastPass breach, highlighting the importance of strong encryption practices and the ongoing evolution of cybersecurity threats. This episode is a must-listen for cybersecurity experts and enthusiasts looking to stay ahead in the rapidly changing information security landscape.

On this episode of Secure Talk we meet with Christy Wyatt the CEO of Absolute Security, and the importance of cyber resilience. We discuss topics of security complexity, compliance, fostering a security-conscious culture, and managing cyber risks effectively. Additionally, discussions explore device compliance, self-healing hardware capabilities, and strategies against ransomware. The podcast also touches on business continuity planning involving remote users, the challenges posed by ransomware attacks, considerations for AI integration, and privacy implications within the cybersecurity sector.

Is ‘Security Theater’ plaguing your efforts for cyber resilience? Chris Hodson author of “Cyber Risk Management” gives us a reality check on SecureTalk. Discover why risk is the cornerstone of every security program and how his book guides CISO’s and security leaders through effective security posture scoping. Delve into aligning security with business goals, evolving CISO roles, compliance challenges, and the impact of AI. Understand the importance of risk acceptance in corporate decision-making, the role of AI in security, multi-factor authentication, and the real-world implications of security breaches. Explore cybersecurity risk management with expert Chris Hodson and Strike Graph CEO Justin Beals.