Defense in Depth

Guest Jerich Beason, CISO, WM, discusses the risks of generative AI and the need for understanding, prioritizing safety, and adapting to its transformative nature. The chapter also explores building a trusted security framework and the challenges and evolution of AI.

Guest Himaja Motheram from Censys discusses building a security program around unknown unknowns. The podcast explores strategies for anticipating, detecting, and responding to unknown unknowns. It emphasizes the importance of executive buy-in, resources, and individual involvement in creating a security culture. The distinction between known unknowns and unknown unknowns is explored, along with the role of technology and human creativity. The shift of security responsibility to the user is discussed, as well as the value of worst-case scenario simulations and relationship-building in cybersecurity.

All links and images for this episode can be found on CISO Series. Check out this post for the discussion that is the basis of our conversation on this week’s episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Steve Zalewski. Joining us is our sponsored guest, Russell Spitler, CEO and co-founder, Nudge Security. In this episode: Are businesses walking a tightrope with generative AI? How can organizations implement generative AI responsibly? What can we learn from previous transitions that can help us responsibly bring generative AI into the workplace milieu? What else are we missing? Thanks to our podcast sponsor, Nudge Security Nudge Security provides complete visibility of every SaaS and cloud account ever created by anyone in your org, in minutes. No agents, browser plug-ins or network proxies required. With this visibility, you can discover shadow IT, manage your SaaS attack surface, secure SaaS access, and respond effectively to SaaS breaches.

In this podcast, cybersecurity expert guest_name discusses the role of humans in cybersecurity and whether they are the weakest link. The conversation explores understanding human behavior, security awareness training, weaknesses in top management, and the shift to focusing on human risk. It also highlights the importance of involving developers in the security team, implementing security measures like multi-factor authentication, and educating employees on security vulnerabilities.

In this episode, Jay Wilson joins the hosts to discuss the nonexistence of entry-level jobs in cybersecurity. They explore the reasons behind this contradiction and how job candidates can creatively gain experience to break into the industry. The importance of stories and personal growth in convincing potential employers is highlighted, along with the responsibility of industry professionals to help newcomers. The chapter also discusses the hiring process, networking, and the need for cybersecurity professionals to care about the businesses they protect.

Jamil Farshchi, CISO at Equifax, discusses the new SEC rules for cybersecurity and their implications for CISOs. They explore the potential effects on cybersecurity, the importance of transparency and measuring risk, and the need for bidirectional context between cybersecurity and the business stakeholders.

Guest Lee Parri joins the hosts to discuss the value of RSA, Black Hat, and Mega Cyber Tradeshows. They explore the economic value for CISOs attending trade shows like RSA and the industry gravity these events have. They also debate the significance and benefits of major cybersecurity corporations sponsoring and having a presence at security conferences. Additionally, they discuss the location of the RSA conference, the value of attending RSA, and the available cybersecurity slots and stickers at conferences.

Exploring the impact of remote work on cybersecurity, the podcast discusses worker preferences, the motives behind returning to the office, and the benefits of access to talent. It also highlights the importance of flexibility, community, and trust in remote work, as well as the challenges of building culture in a virtual environment.

This podcast discusses the challenges of managing users' desires for new technology, particularly focusing on generative AI. The speakers explore the need to adapt and apply previous lessons learned, the risks and mitigation strategies associated with adopting new technology, the importance of managing user desires and ensuring visibility, adhering to rules and protecting data, and the significance of continuous learning in cybersecurity.

Caitlin Sarian, popular cybersecurity TikToker, joins the hosts to discuss common cybersecurity questions. They cover topics such as online safety for children, phishing prevention, smartphone security, data breaches, and digital footprint. The importance of control and choice in online privacy is explored, as well as the need for clear guidance on user safety. They also discuss the importance of cybersecurity education and support structures for everyday users.