CISO Tradecraft®

Cybersecurity is on the brink of transformation as we look toward 2025. Expect AI influencers to become commonplace, reshaping branding and public interactions. A significant collaboration between Google and Apple aims to bolster security standards. The trends will also include consolidation in application security and a shift towards browser-based security solutions. The formalization of the CISO role and the rise of models committees highlight the evolving landscape, all while preparing for the complexities of post-quantum cryptography.

🔥 Hackers Beware! Cyber Deception is Changing the Game 🔥 In this must-hear episode of CISO Tradecraft, we expose a mind-blowing cybersecurity strategy that flips the script on attackers. Instead of waiting to be breached, cyber deception technology tricks hackers into revealing themselves—before they can do real damage. 🚨🎭 Imagine laying digital traps—fake credentials, bogus systems, and irresistible bait—that lead cybercriminals straight into a controlled maze where every move they make is tracked. Early threat detection? ✅ Real-time attacker intel? ✅ Fewer false positives? ✅ 🎙️ Featuring deception tech guru Yuriy Gatupov, we break down: ✅ How deception tech works & why it’s a game-changer ✅ How to expose and track hackers in real time ✅ How to prove ROI and make the case for your org Cyber deception isn’t just defense—it’s offense against cyber threats. Are you ready to fight back? Listen now!   Big thanks to our Sponsors ThreatLocker - https://hubs.ly/Q02_HRGK0  CruiseCon - https://cruisecon.com/   Contact Yuriy Gatupov -  info@labyrinth.tech  Yuri's LinkedIn - https://www.linkedin.com/in/yuriy-gatupov-373155281/    Transcripts: https://docs.google.com/document/d/1oyQzCBRoPLbDOCOCypJMGGXxcPI5w75o    Chapters  02:05 History of Cyber Deception 04:57 Advantages of Deception Technology 06:57 Engagement and Detection Strategies 10:18 How Deception Technology Works 16:13 Attack Scenarios and Detection 24:09 Decoys and Deception: A New Paradigm 24:56 Real-World Success Stories 33:30 Deception in OT and SCADA Systems 37:38 Calculating ROI for Deception Technologies

In this episode of CISO Tradecraft, host G Mark Hardy interviews Ross Haleliuk, author of 'Cyber for Builders: The Essential Guide to Building a Cybersecurity Startup.' Ross shares valuable insights on starting a cybersecurity company, and emphasizes the importance of understanding market needs, customer engagement, and trust in the industry. They discuss the role of angel investors, the differences between product and service companies, and the challenges founders face. The episode also includes an announcement about CISO Tradecraft's partnership with CruiseCon for an upcoming cybersecurity conference. Additionally, Ross provides a glimpse into his non-traditional background and journey into the cybersecurity space.   Thank you to our sponsors - ThreatLocker - https://hubs.ly/Q02_HRGK0 - CruiseCon - https://cruisecon.com/   Ross Haleliuk's Book - https://www.amazon.com/Cyber-Builders-Essential-Building-Cybersecurity/dp/173823410X/ Ross Haleliuk's LinkedIn Page - https://www.linkedin.com/in/rosshaleliuk/    Transcripts: https://docs.google.com/document/d/1b8UPolYvYWEYbmO7n_7NqrilObv-HNzo  Chapters 02:28 Ross Haleliuk's Background and Journey 04:32 Discussing the Book: Cyber for Builders 10:52 Insights on Cybersecurity and Business 15:54 Challenges and Realities of Cybersecurity Startups 22:19 Navigating Market Competition 23:15 Entering Established Markets 24:28 Challenges in Security Tool Adoption 25:11 Legacy Vendors and Market Entrenchment 27:35 Building a Company: Beyond the Product 30:02 Validating Market Needs 32:27 Funding Your Startup 35:25 The Role of Angel Investors 43:29 Conclusion and Next Steps

Merritt Baer, former Deputy CISO at AWS and Harvard Law graduate, offers expert insights on the future of cybersecurity. She discusses the complexities of cloud security and the critical shared responsibility model. AI's dual role as both a tool and a threat is explored, including the risks of AI-generated fraud. Baer emphasizes the importance of sustainable practices in security and predicts key trends for 2025, urging CISOs to adopt robust security measures amid evolving challenges and regulatory scrutiny.

Kieran Human, a special project engineer at ThreatLocker with a master's in cybersecurity, shares compelling insights on modern endpoint protection. He explores the evolution from traditional antivirus systems to advanced EDR, revealing the critical role of allowlisting and ring fencing in today's threat landscape. Kieran discusses the limitations of conventional methods against fileless malware and ransomware, emphasizing proactive strategies to safeguard endpoints. Practical tips and real-world experiences highlight how organizations can effectively mitigate cyber risks with ThreatLocker’s innovative solutions.

Join cybersecurity experts Adam Isles and Andreas Kurland from the Chertoff Group as they delve into the pressing 'Salt Typhoon' threat from state actors targeting telecoms. They explore the vulnerabilities within telecommunications infrastructure, emphasizing the importance of encryption and secure communication methods. Learn about the risks of messaging platforms, voice communication security, and best practices for maintaining privacy during virtual meetings. They offer actionable insights to enhance corporate cybersecurity and protect against sophisticated attacks.

In this riveting episode of CISO Tradecraft, host G Mark Hardy welcomes back Richard Thieme, a thought leader in cybersecurity and technology, almost three years after his last appearance. Richard delves into the necessity of thinking like a hacker, provides insights into the AI singularity, and discusses the ethical and societal implications of emerging technologies. The conversation also touches on Richard's extensive body of work, including his books and views on cyber warfare, disinformation, and ethical decision-making. Tune in for a thought-provoking discussion that challenges conventional wisdom and explores the interconnectedness of technology, consciousness, and our future. Big Thanks to our Sponsor CruiseCon - https://cruisecon.com/ CruiseCon Discount Code: CISOTRADECRAFT10 Link to Richard’s home page (and links to Amazon for his books):              https://thiemeworks.com/ Link to the book, The Ending of Time:             https://store.kfa.org/products/the-ending-of-time-new-edition Transcripts: https://docs.google.com/document/d/1Q7CJkF7Spji2iAbV_mYEyYHnKWobzo6N Chapters  00:00 Introduction and Guest Announcement 00:56 Upcoming Cybersecurity Event: CruiseCon 01:41 Welcoming Back Richard Thieme 02:06 Reflecting on Past Discussions 02:59 The Necessity for Thinking Like a Hacker 03:10 Exploring Richard Thieme's Books 08:25 Understanding AI and Its Implications 18:28 Soft Power and Global Influence 24:01 The Power of Fiction in Revealing Truth 24:37 Ethical Frameworks Post 9/11 26:12 The Role of Empathy in Intelligence Work 26:37 The Blurring Line Between Fact and Fiction 29:52 The Isolation of Intelligence Work 31:18 The Interconnectedness of Everything 33:36 Exploring Remote Viewing and Consciousness 36:50 The Rise of AI and Ethical Considerations 39:43 The Evolution of Technology and Society 45:07 Final Thoughts and Reflections

Shawnee Delaney, an insider threat expert with a background in espionage, shares her insights into cybersecurity's human elements. She highlights how understanding motivation is vital for detecting insider threats and stresses the importance of cultivating a positive organizational culture. Delaney discusses proactive strategies like psychological testing in hiring and employee lifecycle management. She also offers practical advice for leaders to foster open communication and build effective insider threat programs, drawing parallels from military core values.

Welcome to another enlightening episode of CISO Tradecraft! In this episode, host G. Mark Hardy dives deep into the critical topic of CISO burnout with special guest Raghav Singh, a PhD candidate from the University of Buffalo. This is an eye-opening session for anyone in the cybersecurity field, especially those in or aspiring to the CISO role. Raghav shares valuable insights from his extensive research on the unique stresses faced by CISOs, the organizational factors contributing to burnout, and practical coping mechanisms. We also explore the evolutionary phases of CISOs, from technical experts to strategic business enablers. Whether you're dealing with resource limitations, seeking executive support, or managing ever-evolving cybersecurity threats, this episode offers actionable advice to navigate the demanding role of a CISO successfully. Don't forget to like, comment, and share to help other CISOs and cybersecurity leaders! Big Thanks to our Sponsor CruiseCon - https://cruisecon.com/ CruiseCon Discount Code: CISOTRADECRAFT10 Transcripts: https://docs.google.com/document/d/1fhLkaj_JetlYFQ50Q69uMGmsw3fS3Wqa CISO Burnout - https://aisel.aisnet.org/amcis2023/sig_lead/sig_lead/4/ CISO-CIO Power Dynamics https://aisel.aisnet.org/amcis2024/is_leader/is_leader/6/  Cybersec professionals and AI integration https://aisel.aisnet.org/amcis2024/security/security/29/ Raghav can be reached on rsingh45@buffalo.edu Chapters  00:00 Introduction and Guest Welcome 02:34 Understanding CISO Burnout 03:24 PhD Journey and Challenges 10:12 Key Findings on CISO Burnout 18:39 Six Sources of CISO Burnout 32:47 CISO Maturity Levels 42:57 Conclusion and Call to Action

Setting Sail with Cybersecurity: Exclusive Insights from Ira Winkler on CruiseCon 2025 🛳️ Join us for an exciting episode of CISO Tradecraft as G Mark Hardy sits down with renowned cybersecurity expert Ira Winkler! Discover the groundbreaking CruiseCon 2025, the first at-sea cybersecurity conference, featuring top-tier speakers and unrivaled networking opportunities. Learn about Ira's illustrious career, the significance of certifications, and the current state of the cybersecurity job market. Don't miss out on this chance to enhance your career and connect with industry luminaries. Big Thanks to our Sponsor CruiseCon - https://cruisecon.com/ CruiseCon Discount Code: CISOTRADECRAFT10 Transcripts: https://docs.google.com/document/d/1CGyFBxOrxvJitKsH9BRKwf2_g8rRPZ6K Chapters 00:00 Introduction and Special Announcement 00:42 Reconnecting with Ira Winkler 04:07 Early Cybersecurity Days and Certifications 14:35 Innovative Ideas and CruiseCon 21:32 Meet the Top Cybersecurity Experts 22:13 Exciting Events and Networking Opportunities 24:10 Special Deals and Sponsorships 34:47 Addressing the Cybersecurity Job Market