The ITSPmagazine Podcast

The December 2021 log4j vulnerability was a major event in the cybersecurity world. When it was released and exposed to the internet, it caused an explosion in attacks with five and a half million attacks per day and up to 25,000 sites attacked per hour. The vulnerability affects any system running that version of Java lookup and could be at risk, even if it is only exposed internally to insiders. The attackers initially used scanning and checking to see which sites were vulnerable, and then it was automated. Attack tools were created to make it easier for attackers to reach as many targets as possible. Public awareness campaigns have been effective, but vulnerabilities can reappear due to the prevalence of the software. 72% of organizations still had some level of vulnerability to log4j as of October 2022.As captured in this episode, remediation is not a one-and-done solution, as seen with Log4j, where organizations would fix the problem, and then it would come right back due to the prevalence of the software and how deep it went. The importance of API security is emphasized since 15% of the numbers were coming from APIs. The need to check and document new things added to the system is crucial to maintain proper documentation and be up on remediation. In short, software supply chain security is critical.Note: This story contains promotional content. Learn more.Guest: Gabi Stapel, Content Manager @ Imperva Threat Research [@Imperva]On LinkedIn | https://www.linkedin.com/in/gabriella-stapel/On Twitter | https://twitter.com/GabiStapelResourcesLearn more about Imperva and their offering: https://itspm.ag/imperva277117988Blog: Log4j: One Year LaterSolution page: Stopping software supply chain attacksLearning center: Supply Chain AttackLearning center: Zero-day (0day) exploitNational Telecommunications and Information Administration: Software Bill of MaterialsNational Telecommunications and Information Administration: Vulnerability-Exploitability eXchangeAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

GuestsAllison A. Sakara, Executive Director, High Alert Institute [@High-Alert-Inst]On ITSPmagazine | http://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/allison-a-sakaraDr. Maurice A Ramirez, Founder and President, High Alert Institute [@High-Alert-Inst]On ITSPmagazine | http://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/dr-maurice-a-ramirezSean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martinHost: Marco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli_____________________________This Episode’s SponsorsBugcrowd 👉 https://itspm.ag/itspbgcwebBlackCloak 👉 https://itspm.ag/itspbcweb_____________________________Episode Introduction"In this episode of the High Alert Institute podcast series, we introduce their work with NASA for space healthcare and AI medicine, including the need for an autonomous AI system that would provide guidance and care needed in non-Earth civilizations and habitats. They also explore how this AI system would interact and coordinate with human doctors in space."Welcome to the third episode of the High Alert Institute podcast series. In case you missed the previous episodes, we highly recommend that you catch up with them, as we've had some fascinating conversations on the work that the High Alert Institute is doing to help society. In this episode, Marco Ciappelli, Dr. Maurice Ramirez, Allison Sakara, and Sean Martin, will be discussing the work the Institute has been doing with NASA for space healthcare and AI medicine.Their work with NASA started many years ago when the High Alert Institute worked with the government agency for disaster preparedness planning and education. Over time, they were approached by International Space Law experts, who were involved with the International Space Court Foundation, to help with moot courts on space healthcare issues. The Institute's board members and experts were already fans of sci-fi, and this project was a fun and exciting challenge.As they dug deeper, they found that the regulations that have been in place for space healthcare over the last 60 years, based on cruise ship rules, won't work going forward, especially on the Moon or Mars, where there are no regulations or oversight of who is qualified to practice healthcare. They needed an autonomous AI system to provide the guidance and care needed in non-Earth civilizations and habitats.In this episode, Maurice, and Allison discuss their findings, including the need for an algorithmic framework for this AI system, which would be satellite-based and would help regulate and transfer data. They also discuss how this AI system would interact and coordinate with human doctors, who would need to be technical people, working the knobs and pulling the levers on the system as well as understanding how the human body functions.If you're interested in learning more about the relationship between technology and our modern society, we highly recommend that you subscribe to the Redefining Society podcast, hosted by Marco Ciappelli. Tune in to this episode to learn more about the High Alert Institute's work with NASA for space healthcare and AI medicine, and how they're preparing for the future._____________________________ResourcesHigh Alert Institute: highalertinstitute.org____________________________To see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcastAre you interested in sponsoring an ITSPmagazine Channel?👉 https://www.itspmagazine.com/advertise-on-itspmagazine-podcast Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

GuestsRavit Dotan, AI Ethics Expert and Director of the Collaborative AI Responsibility (CAIR) Lab at the University of PittsburghOn LinkedIn | https://www.linkedin.com/in/ravit-dotanWebsite | https://www.ravitdotan.com/HostsSean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________This Episode’s SponsorsDevo | https://itspm.ag/itspdvwebCrowdSec | https://itspm.ag/crowdsec-b1vpBugcrowd | https://itspm.ag/itspbgcweb___________________________Episode IntroductionIn the latest episode of a popular podcast, Ravit Dotan, Sean Martin, and Marco Ciappelli delve into the complex and timely topic of ethics and artificial intelligence (AI). Dotan, a respected figure in the field of ethics, talks about her work in co-founding a lab at the University of Pittsburgh that seeks to improve the governance of AI systems. With the goal of developing responsible AI and reducing unintended consequences such as discrimination and privacy violations, the lab aims to create a more equitable and just ecosystem. Dotan emphasizes the importance of alignment across all parties involved in the development and deployment of AI tools, including investors and those who purchase these tools.Throughout the podcast, the speakers engage in lighthearted banter on various topics, from fishing to Ryan Reynolds' voice, and even make reference to their previous podcast episode featuring mentions of the Wizard of Oz. They also encourage listeners to check out their previous conversation on advanced technology, which delved into more philosophical and ethical aspects of the field.This episode seeks to explore the challenges surrounding ethics and AI and examine how these tools can benefit humanity while mitigating potential harm. Enjoy the conversation as they highlight the need for a robust and inclusive dialogue on these issues and invite you to share your thoughts and experiences related to AI and its ethical implications.The development of AI has rapidly progressed in recent years, with its potential to revolutionize many industries and aspects of daily life. However, this rapid advancement has also raised concerns over the potential unintended consequences and ethical implications of these technologies. As AI tools become more prevalent in our society, it is crucial that we consider the impacts they may have on individuals and society as a whole.Through the discussion in this podcast episode, listeners gain insight into the current landscape of ethical considerations in AI development and learn about efforts to create more responsible AI. With the hope of generating more interest in the topic and promoting greater awareness of its ethical dimensions, the speakers encourage listeners to engage in dialogue and share their perspectives on these important issues.In a world where AI technologies are increasingly becoming an integral part of our lives, it is essential that we approach their development and deployment with a critical eye toward ethical considerations. The discussion in this podcast provides an opportunity for listeners to engage in this important conversation and consider the implications of AI for the future of humanity____________________________Resources____________________________To see and hear more Redefining Technology content on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-technology-podcastAre you interested in sponsoring an ITSPmagazine Channel?👉 https://www.itspmagazine.com/sponsor-the-itspmagazine-podcast-network Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Guest: Joanna Teljeur, Independent voice actorOn LinkedIn | https://www.linkedin.com/in/joannateljeur/On Facebook | https://www.facebook.com/joannateljeur____________________________Host: Deb RadcliffOn ITSPmagazine  👉 https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/deb-radcliff____________________________This Episode’s Sponsors Are you interested in sponsoring an ITSPmagazine Channel?👉 https://www.itspmagazine.com/sponsor-the-itspmagazine-podcast-network____________________________Episode DescriptionVoice actor Joanna Teljeur’s notable credits include the Golf Channel, HGTV and NBC Universal. We met online after she read my first book, “Breaking Backbones: Information is Power,” published through Archway, and she is currently recording my second book, subtitled “Information Should be Free.” Her performance was compelling as the book starts with a drone war outside a GlobeCom data center, and she also pronounced a lot of crazy hacker handles in there like d_ArkAngl, Des0l8tion, Skew3r, and CyAnthia (the protagonist)!In this podcast, she explains how voice acting is not for the faint of heart, as it is highly competitive just like screen acting, and how you need to make some basic investments in audio technologies and soundproofing to get started.____________________________ResourcesBreaking Backbones Audio Narrated by Joanna: https://www.amazon.com/Breaking-Backbones-Information-Hacker-Trilogy/dp/1665701099Breaking Backbones Book 2 (Joanna is currently recording): https://www.amazon.com/Breaking-Backbones-Information-Should-Trilogy/dp/1665726997/____________________________To see and hear more of the Cy Beat Podcast with Deb Radcliff content on ITSPmagazine, visit:https://www.itspmagazine.com/cy-beat-podcast-with-deb-radcliffAre you interested in sponsoring an ITSPmagazine Channel?👉 https://www.itspmagazine.com/sponsor-the-itspmagazine-podcast-network Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Host | Matthew S WilliamsOn ITSPmagazine  👉 https://itspmagazine.com/itspmagazine-podcast-radio-hosts/matthew-s-williams______________________This Episode’s SponsorsAre you interested in sponsoring an ITSPmagazine Channel?👉 https://www.itspmagazine.com/sponsor-the-itspmagazine-podcast-network______________________Episode DescriptionIn 1968, filmmaker Stanley Kubrick and noted science communicator Arthur C. Clarke collaborated on a film that would redefine the science fiction genre. The film, and the novelization penned by Clarke, created a legacy that still endures and could even come true someday!______________________Resources2001: A Space Odyssey (RogerEbert.com): https://www.rogerebert.com/reviews/great-movie-2001-a-space-odyssey-1968Kubrick Interview By Jeremy Bernstein (1966): https://www.youtube.com/watch?v=lk5_A42JHwY______________________For more podcast Stories from Space with Matthew S Williams, visit: https://itspmagazine.com/stories-from-space-podcast Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Guests:Jay Thoden Van Velzen, Strategic Advisor to the CSO at SAP [@SAP]On LinkedIn | https://www.linkedin.com/in/jay-thoden-van-velzen/On Twitter | https://twitter.com/JayThvVOn Mastodon | https://infosec.exchange/@jaythvvMehran Farimani, CEO at RapidFort [@RapidFortInc]On LinkedIn | https://www.linkedin.com/in/farimani/On Twitter | https://twitter.com/farimaniOn Mastodon | https://infosec.exchange/@farimaniMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Host: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martin____________________________This Episode’s SponsorsImperva: https://itspm.ag/imperva277117988HITRUST: https://itspm.ag/itsphitweb___________________________Episode NotesCybersecurity is a vast field with many categories and seemingly countless products and services. Some workflows can be implemented and automated to great effect if the organization understands them. However, many solutions within the cybersecurity space focus on the threat and the response but not on the environment of the organization and its business goals. An overload of options and this lack of understanding lead to an ineffective approach to security and wasted time and money.Inspired by a post on Mastodon, Mehran Farimani and Jay Thoden Van Velzen join Sean Martin and special guest, Marco Ciappelli to discuss the challenges with the alphabet soup that is the cybersecurity industry.____________________________ResourcesInspiring Post: https://infosec.exchange/@jaythvv/109530373418320875Community Containers: https://github.com/rapidfort/community-images____________________________To see and hear more Redefining CyberSecurity content on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-cybersecurity-podcastWatch the webcast version on-demand on YouTube: https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYqAre you interested in sponsoring an ITSPmagazine Channel?👉 https://www.itspmagazine.com/sponsor-the-itspmagazine-podcast-network Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Guest: Alex B Sheridan, CEO and Founder at ImpaxsOn LinkedIn | https://www.linkedin.com/in/alexbsheridan/On YouTube | https://www.youtube.com/c/AlexBSheridanHost: Brendon RodOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/brendon-rod____________________________This Episode’s SponsorsAre you interested in sponsoring an ITSPmagazine Channel?👉 https://www.itspmagazine.com/sponsor-the-itspmagazine-podcast-network____________________________Episode Introduction“...when you build your business around your life, then you're incorporating your business into your dream life and into the life that you wanna create for yourself or your loved ones.”Alex Sheridan is the founder and CEO of Impaxs, a video production company that helps businesses create compelling and engaging video content. Alex has a passion for helping businesses build trust and credibility with their audience. He is a master storyteller and a budding wrapper and comedian who knows how to create video content that resonates with viewers and leaves a lasting impression.Key topics:1. Why founders are investing more in video as a marketing strategy2. Managing your your dream life as a founder3. The founder work-life balance framework4. Hardest lessons learned in scaling a business5. Using the “Domino Effect” principle in your life and business____________________________Resources____________________________To see and hear more The Founder Pack Podcast content on ITSPmagazine, visit:https://www.itspmagazine.com/the-founder-pack-podcastTo watch The Founder Pack Podcast Video series, visit:https://www.youtube.com/playlist?list=PLnYu0psdcllQFcKt05rK-FF216DhbHLqMJoin The FOUNDER Pack communityCommunity: www.thefounderpack.comNewsletter sign-up: https://brendonrod.substack.com/We’re stronger together. Keep connected with The Founder Pack podcast on Apple Podcasts, Spotify, Stitcher and Google Podcast. Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Guest: Derya Yavuz, Senior Security Engineer at Praetorian [@praetorianlabs]On LinkedIn | https://www.linkedin.com/in/derya-yavuz/Host: Phillip WylieOn ITSPmagazine  👉 https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/phillip-wylie______________________Episode SponsorsAre you interested in sponsoring an ITSPmagazine Channel?👉 https://www.itspmagazine.com/sponsor-the-itspmagazine-podcast-network______________________Episode IntroductionOn this episode of the show, Derya Yavuz shares her experiences and journey in the field of security engineering, focusing on offensive security, as she shares her journey and experiences.Derya began her education in computer engineering, which laid the foundation for her future career. She then took her passion for technology and applied it to the world of security engineering, eventually specializing in the challenging and complex field of offensive security. Throughout the interview, Derya provides valuable insights into what led her down this path and what it takes to excel in the industry. She shares her experiences and challenges, as well as what she believes are the key skills and qualities that someone in this field should have.______________________Resources______________________For more podcast stories from The Hacker Factory with Phillip Wylie, visit: https://www.itspmagazine.com/the-hacker-factory-podcast Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Guest: Jerry Bell, VP and CISO, IBM Public Cloud [@IBM | @IBMcloud] and founder & co-host of the Defensive Security Podcast [@defensivesec]On Mastodon | https://infosec.exchange/@jerryOn Twitter | https://twitter.com/MaliciouslinkOn LinkedIn | https://www.linkedin.com/in/maliciouslink/InfoSec.Exchange | https://infosec.exchange/home________________________________Host: Alyssa MillerOn ITSPmagazine  👉 https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/alyssa-miller________________________________SponsorsAre you interested in sponsoring an ITSPmagazine Channel?👉 https://www.itspmagazine.com/sponsor-the-itspmagazine-podcast-network________________________________Episode DescriptionJerry Bell, @jerry Host of InfoSec.Exchange on Mastodon________________________________It is a podcast, yes, but you can join us as we record each episode live on Twitter, LinkedIn, Facebook, and Youtube.Live, Every Wednesday at 1 pm PDT | 4 pm EDT (USA) | The Recorded Podcast version is published a few days later.Our ability to improve the security posture of our organizations depends heavily on connecting the security function with the various aspects of the business. Join our host, Alyssa Miller, as she and her guests examine key ways to build and secure the bridges between security, product development, the executive suite, and beyond.Listen in as Alyssa sits down with senior and executive security leaders from various industries to share stories of successes and failures we experience working across business teams. Explore practical strategies for building sponsorship and gaining buy-in for security initiatives.It's time to build and secure the bridge to the business.________________________________ResourcesWatch the live stream webcast version on-demand on YouTube: https://www.youtube.com/playlist?list=PLnYu0psdcllQyN9-nfFOIp711q65pTsSQFor more podcast stories from Securing Bridges Podcast With Alyssa Miller: https://www.itspmagazine.com/securing-bridges-podcast Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Community Member Contributor: Dutch Schwartz, Principal Security Specialist, Amazon Web Services (AWS) [@AWSSecurityInfo]On LinkedIn | https://www.linkedin.com/in/dutchschwartzOn Twitter | https://twitter.com/dutch_26HostsSean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli______________________Episode DescriptionIn this episode, Dutch Schwartz—a Principal Security Specialist with Amazon Web Services—discusses how CISOs and other cybersecurity leaders need to expand upon their technical skills and include leadership competencies. Doing so allows cybersecurity leaders to connect with other leaders in the organization and their cybersecurity teams. This, in turn, makes it possible for cybersecurity activities to enable the business to knowingly take the risks it wants to take and then manage and mitigate those risks when they become problematic.______________________For more podcasts from Crucial Conversations with The Blue Lava Community, visit: https://www.itspmagazine.com/crucial-conversations-podcastTo access the full collection of Blue Lava Community resources, visit: https://itspm.ag/blclog22To learn more about Blue Lava, visit: https://itspm.ag/blue-lava-w2qs______________________Are you interested in sponsoring an ITSPmagazine Channel?👉 https://www.itspmagazine.com/sponsor-the-itspmagazine-podcast-network Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.