The ITSPmagazine Podcast

In this episode, Alyssa talks to Andra Zaharia, Cyber Empathy podcast host and cybersecurity content marketer.________________________________It is a podcast, yes, but you can join us as we record each episode live on Twitter, LinkedIn, Facebook, and Youtube.Live, Every Wednesday at 1pm PDT | 4pm EDT (USA) | The Recorded Podcast version is published a few days later.Our ability to improve the security posture of our organizations depends heavily on connecting the security function with the various aspects of the business. Join our host, Alyssa Miller, as she and her guests examine key ways to build and secure the bridges between security, product development, the executive suite, and beyond.Listen in as Alyssa sits down with senior and executive security leaders from various industries to share stories of successes and failures we experience working across business teams. Explore practical strategies for building sponsorship and gaining buy-in for security initiatives.It's time to build and secure the bridge to the business.________________________________GuestAndra ZahariaPodcast Host at Cyber Empathy Podcast and Cybersecurity Content Marketer at The Content HabitWebsite: http://andrazaharia.com/On LinkedIn | https://www.linkedin.com/in/andrazaharia/On Twitter | https://twitter.com/AndraZaharia________________________________HostAlyssa MillerOn ITSPmagazine  👉 https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/alyssa-miller________________________________This Episode’s Sponsors________________________________ResourcesCyber Empathy Podcast: https://cyberempathy.org/________________________________Watch the live stream webcast version on-demand on YouTube: https://www.youtube.com/playlist?list=PLnYu0psdcllQyN9-nfFOIp711q65pTsSQFor more podcast stories from Securing Bridges Podcast With Alyssa Miller: https://www.itspmagazine.com/securing-bridges-podcastAre you interested in sponsoring an ITSPmagazine Channel?👉 https://www.itspmagazine.com/podcast-series-sponsorships Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

The future may still be unpredictable. Disasters, however, are not. While the devil may not always present as such, the boom is still there and, with some new thinking, we can put ourselves to the left of the boom.In this episode, Sean gets to connect again with Juliette Kayyem to talk through some of the real-life stories she discusses in her new book, The Devil Never Sleeps.About the bookIn The Devil Never Sleeps, Juliette Kayyem lays the groundwork for a new approach to dealing with disasters. Presenting the basic themes of crisis management, Kayyem amends the principles we rely on far too easily. Instead, she offers us a new framework to anticipate the “devil’s” inevitable return, highlighting the leadership deficiencies we need to overcome and the forward thinking we need to harness. It’s no longer about preventing a disaster from occurring, but learning how to use the tools at our disposal to minimize the consequences when it does.Filled with personal anecdotes and real-life examples from natural disasters like the California wildfires to man-made ones like the Boeing 737 MAX crisis, The Devil Never Sleeps is a guide for governments, businesses, and individuals alike on how to alter our thinking so that we can develop effective strategies in the face of perpetual catastrophe._____________________________GuestsJuliette KayyemBelfer Lecturer in International Security at Harvard Kennedy School [@Kennedy_School], Security Analyst at CNN [@CNN], and CEO and Co Founder at Grip Mobility and ZemcarWebsite | https://juliettekayyem.com/On LinkedIn | https://www.linkedin.com/in/juliettekayyem/On Twitter | https://twitter.com/juliettekayyem_____________________________This Episode’s SponsorsBlue Lava: https://itspm.ag/blue-lava-w2qsNintex: https://itspm.ag/itspntweb_____________________________ResourcesBook | The Devil Never Sleeps: Learning to Live in an Age of Disastershttps://juliettekayyem.com/the-devil-never-sleeps/Podcast | RSAC Event Coverage | Digital life, real life, complexity, risk, and keeping the flow: https://itspmagazine.simplecast.com/episodes/chats-on-the-road-to-rsac-usa-2020-three-with-juliette-kayyemPodcast | Defining Critical Infrastructure | With Juliette Kayyem, Emilian Papadopoulos, Mati Epstein: https://itspmagazine.simplecast.com/episodes/defining-critical-infrastructure-with-juliette-kayyem-emilian-papadopoulos-mati-epstein_____________________________For more podcast stories from Audio Signals: https://www.itspmagazine.com/audio-signalsAre you interested in sponsoring an ITSPmagazine Channel?👉 https://www.itspmagazine.com/podcast-series-sponsorships Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Organizations have made little progress in addressing cyber risk. This is in large part because they have viewed the issue with an excessively narrow focus as just a technical/operational issue. This needs to change.To compete in the modern economy, enterprises must engage in digital transformation, which can generate a substantial increase in growth and profitability but can also vastly increase risk. Sure, foundational technical security measures are necessary, but they, alone, are not sufficient to address cyber threats. Cybersecurity must be an enterprise-wide risk management issue built on appropriate understanding, structure, investment, and risk-management methods.Listen in to learn more about why, and how, we need to fundamentally rethink our approach to cybersecurity.____________________________GuestLarry ClintonPresident and CEO of the Internet Security Alliance (ISA) [@isalliance]On LinkedIn | https://www.linkedin.com/in/larry-clinton-20237b4/On YouTube | https://www.youtube.com/channel/UCbeFbrVg-aNu-mMSzsCiYnw____________________________This Episode’s SponsorsImperva: https://itspm.ag/imperva277117988HITRUST: https://itspm.ag/itsphitweb____________________________ResourcesLearn more about ISA: https://www.isalliance.orgOn LinkedIn: https://www.linkedin.com/company/internet-security-allianceOn Twitter: https://twitter.com/isallianceOn Facebook: https://www.facebook.com/ISAllianceISA Publications:https://isalliance.org/isa-publications/cyber-risk-oversight-handbook/https://isalliance.org/isa-publications/international-cyber-risk-management-handbooks/Book | Cybersecurity for Business: Organization-Wide Strategies to Ensure Cyber Risk Is Not Just an IT Issue: https://www.amazon.com/Cybersecurity-Business-Organization-Wide-Strategies-Ensure-dp-1398606146/dp/1398606146/ref=mt_other?_encoding=UTF8&me=&qid=1648037695____________________________To see and hear more Redefining Security content on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-cybersecurityAre you interested in sponsoring an ITSPmagazine Channel?👉 https://www.itspmagazine.com/podcast-series-sponsorships Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

For our next Chats On The Road to RSA Conference 2022, we talk about transformation. Which, of course, can't be accomplished without talking about change. Which is constant.About the RSAC 2022 Keynote with Rohit Ghai, Chief Executive Officer of RSA:“Emerging technologies, expanding connections, hidden vulnerabilities: our sector understands that the only constant is change. As the world adapts once again, our industry’s experience shaping transformational shifts will determine the next normal. So let’s review how we’ve evolved, examine our missteps, predict where we’re headed, and start planning our next transformation.”Tune in and be sure to join us for more from RSA Conference USA 2022!____________________________GuestRohit GhaiChief Executive Officer of RSA [@RSAsecurity]On LinkedIn | https://www.linkedin.com/in/rohitghai/On Twitter | https://twitter.com/rohit_ghai____________________________This Episode’s SponsorsHITRUST: 👉https://itspm.ag/itsphitwebCrowdSec: 👉https://itspm.ag/crowdsec-b1vpBlue Lava: 👉https://itspm.ag/blue-lava-w2qsBlackCloak 👉https://itspm.ag/itspbcweb____________________________ResourcesLearn more, explore the agenda, and register for RSA Conference: https://itspm.ag/rsac-b8ef76RSAC Keynote Session | The Only Constant: https://www.rsaconference.com/USA/agenda/session/The%20Only%20Constant____________________________For more RSAC Conference Coverage podcast and video episodes visit: https://www.itspmagazine.com/rsa-conference-usa-2022-rsac-san-francisco-usa-cybersecurity-event-coverageTo see and hear more Redefining Security content on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-cybersecurityAre you interested in sponsoring an ITSPmagazine Channel?👉 https://www.itspmagazine.com/podcast-series-sponsorshipsAre you interested in telling your story in connection with RSA Conference by sponsoring our coverage?👉 https://itspm.ag/rsac22sp Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Matt shares not only his story and advice, he gives valuable advice based on his personal interviewing and job hunting experience, as well as the experience he has gained interviewing others for roles in his consulting team. Matt also shares information about the community that he started to help people trying to get into the cybersecurity field._______________________GuestMatt KeeleySenior Security Consultant at Bishop FoxOn LinkedIn | https://www.linkedin.com/in/mattrkeeley/______________________HostPhillip WylieOn ITSPmagazine  👉 https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/phillip-wylie______________________This Episode’s SponsorsBugcrowd 👉 https://itspm.ag/itspbgcweb______________________ResourcesDevilSec Discord: https://discord.gg/PATf8Ueu______________________For more podcast stories from The Hacker Factory with Phillip Wylie, visit: https://www.itspmagazine.com/the-hacker-factory-podcast______________________Are you interested in sponsoring an ITSPmagazine Channel?👉 https://www.itspmagazine.com/podcast-series-sponsorships Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Join Cyberjutsu's CEO to learn how to get involved with the organization and its mission. We also dive into the best tips for those who are new to cybersecurity and upcoming events with Cyberjutsu.______________________________GuestMari GallowayCEO of Cyberjutsu [@WomenCyberjutsu]On Twitter | https://twitter.com/marigallowayOn LinkedIn | https://www.linkedin.com/in/themarigalloway/______________________________HostChloé MessdaghiOn ITSPmagazine  👉 https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/chloe-messdaghi______________________________This Episode’s Sponsors ______________________________ResourcesCyberjutsu Website: https://womenscyberjutsu.org______________________________For more podcast stories from The Changemaking Podcast With Chloé Messdaghi: https://www.itspmagazine.com/the-changemaking-podcast______________________________Are you interested in sponsoring an ITSPmagazine Channel?👉 https://www.itspmagazine.com/podcast-series-sponsorships Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

These 2 Cyber Chicks catch up with ajay Menendez -  ajay is a military veteran and a cyber expert with over 30 years in this space. Tune in for more about threat intelligence, his take on learning and development in cyber, whether any social platforms are truly “secure” or private, and how to level up your LinkedIn recommendation game. And, most importantly: what do cyber professionals need to learn from Confucianism?__________________________Guestajay MenendezCEO, Black Tower Security and Associate Director of Cybersecurity at HackerUOn Twitter | https://twitter.com/paladin63On LinkedIn | https://www.linkedin.com/in/ajaymenendez/ HostsJax ScottOn ITSPmagazine  👉 http://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/jaclyn-jax-scottErika McDuffieOn ITSPmagazine  👉 http://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/erika-mcduffie__________________________Sponsors__________________________Resources__________________________For more podcast stories from 2 Cyber Chicks with Erika McDuffie and Jax Scott,  visit: 👉 https://www.itspmagazine.com/2-cyber-chicks-podcastAre you interested in sponsoring an ITSPmagazine Channel?👉 https://www.itspmagazine.com/podcast-series-sponsorships Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

From finding bugs to pentesting and now a successful woman entrepreneur. Let's listen to her story of building resilience, strength, and believing in herself.It is said that we carve our own destiny, that we create our own opportunities. This conversation inspires us as a woman to never give up on our dreams.Laura Bell started finding bugs and became a pentester. Soon, she identified that there was a problem for how we understand application security and created an education program for the masses to address this need.It can be daunting to be an entrepreneur in a male-dominated field. But, Laura's grit and resilience created opportunities for others to follow her path.Listen to this inspiring conversation about being proud of who you are and welcoming yourself as you are .____________________________GuestsLaura BellFounder and CEO of SafeStack Academy [@safestack]On LinkedIn | https://www.linkedin.com/in/lauradbellOn Twitter | https://www.twitter.com/lady_nerdHostAmina AggarwalOn ITSPmagazine  👉 https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/amina-aggarwal____________________________This Episode’s SponsorsIf you’d like to sponsor this or any other podcast episode on ITSPradio, you can learn more here: https://www.itspmagazine.com/podcast-series-sponsorships____________________________Resources____________________________For more Living And Breathing Technology Podcast stories visit: https://www.itspmagazine.com/living-and-breathing-technology-podcastAre you interested in sponsoring an ITSPmagazine Channel?https://www.itspmagazine.com/podcast-series-sponsorships Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

The U.S. Department of Health and Human Services’ (HHS) Office for Civil Rights (OCR) released a Request for Information (RFI) seeking input from the public on two requirements of the Health Information Technology for Economic and Clinical Health Act of 2009 (HITECH Act), as amended in 2021. How does it impact cybersecurity and risk management programs? Why do (should) CISOs care about this? Are we about to throw more money at this problem?Maybe a smart question: Is there an opportunity to be smarter?While all are important, that final question is certainly the most valid question. But, the details of the provisions will come when the community feedback comes in. The thing to make note of as you listen to this episode is that there's an opportunity to shape these provisions for the better of the overall healthcare ecosystem, moving beyond lowest common denominator frameworks, standards, and controls.John Houston and Michael Parisi share their thoughts in the current state of cyber risk management affairs, the opportunity to do more in the RFI and potential responses coming in from the community, and how John's experience with an advanced, mature risk management program at UPMC can help set the bar for what's possible — not just from a guidance or framework perspective, but from a fiscally responsible, scalable, operational perspective.Listen in to learn more about the RFI  and the role you can have in shaping its outcome.Not in the healthcare space? You should still pay attention. There's a lot going on in the healthcare sector that other industries can leverage.Note: This story contains promotional content. Learn more.____________________________GuestsJohn HoustonVice President, Information Security and Privacy; Associate Counsel at UPMC [@UPMC]On Linkedin | https://www.linkedin.com/in/john-houston-5b9915b/Michael Parisi, VP of Adoption, @HITRUST____________________________Catch the webcast and the podcast here: https://itspm.ag/hitrust-hhs-ocr-hitech-rfiBe sure to visit HITRUST at https://itspm.ag/itsphitweb to learn more about their offering.____________________________ResourcesNews Release: https://www.hhs.gov/about/news/2022/04/06/hhs-ocr-seeks-public-comment-on-recognized-security-practices-sharing-civil-money-penalties-monetary-settlements-under-hitech-act.htmlIndividuals seeking more information about the RFI or how to provide written or electronic comments to OCR should visit the Federal Register to learn more: https://www.federalregister.gov/documents/2022/04/06/2022-07210/considerations-for-implementing-the-health-information-technology-for-economic-and-clinical-health____________________________To see and hear more Redefining Security content on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-cybersecurity____________________________Are you interested in telling your story?https://www.itspmagazine.com/telling-your-story Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

What if we could create the Internet architecture from scratch? You might think that this is a crazy endeavor, but that's exactly what a research team in Zurich, Switzerland, is doing. And for good reason.In today's episode, we are joined by Nicola Rustignoli, a research assistant at the Network Security Group at ETH Zürich, to take a look at the history of the Internet, its purpose, the challenges it has introduced, and the path forward to an Internet that allows for its intent to be met while maintaining scalability, control, and resiliency. Nicola works on making the Internet more secure and reliable with the SCION Architecture and by helping to start the SCION Foundation.SCION was born as a research project 11 years ago, from the research question: how secure can an Internet be? There's a lot to learn from this project.About the SCION ArchitectureSCION is the first clean-slate Internet architecture designed to provide route control, failure isolation, and explicit trust information for end-to-end communication. SCION organizes existing ASes into groups of independent routing planes, called isolation domains, which interconnect to provide global connectivity. Isolation domains provide natural isolation of routing failures and misconfigurations, give endpoints strong control for both inbound and outbound traffic, provide meaningful and enforceable trust, and enable scalable routing updates with high path freshness. As a result, the SCION architecture provides strong resilience and security properties as an intrinsic consequence of its design. Besides high security, SCION also provides a scalable routing infrastructure, and high efficiency for packet forwarding. As a path-based architecture, SCION end hosts learn about available network path segments, and combine them into end-to-end paths that are carried in packet headers. Thanks to embedded cryptographic mechanisms, path construction is constrained to the route policies of ISPs and receivers, offering path choice to all the parties: senders, receivers, and ISPs. This approach enables path-aware communication, an emerging trend in networking. These features also enable multi-path communication, which is an important approach for high availability, rapid failover in case of network failures, increased end-to-end bandwidth, dynamic traffic optimization, and resilience to DDoS attacks.Why a clean-slate design? Why can't we adopt existing solutions? Is it easy to "replace" the Internet?Listen in to learn more about this exciting program.____________________________GuestNicola RustignoliResearch Assistant at ETH Zürich and Founding Engineer at the SCION Association. On LinkedIn | https://www.linkedin.com/in/nicola-rustignoli-830b7512/On Twitter | https://twitter.com/NicorustiOn YouTube | https://www.youtube.com/channel/UCATqViXMlA0cCroLuoJVAGw____________________________This Episode’s SponsorsImperva: https://itspm.ag/imperva277117988HITRUST: https://itspm.ag/itsphitweb____________________________ResourcesLearn more about SCION: https://scion-architecture.net/On LinkedIn: https://www.linkedin.com/company/78769571On Twitter: https://twitter.com/SCIONassociatioOn Facebook: https://www.facebook.com/SCIONinternetSCION Day 2022 videos: https://scion-architecture.net/pages/scion_day_2022/“The Complete Guide to SCION” is coming out with Springer Verlag in June 2022. An old version is open access and available on scion-architecture.netThe White House & 50 more countries recently released a Declaration for the Future of Internet: https://www.whitehouse.gov/wp-content/uploads/2022/04/Declaration-for-the-Future-for-the-Internet_Launch-Event-Signing-Version_FINAL.pdfThe FCC recently launched an inquiry about routing security: https://www.fcc.gov/document/fcc-launches-inquiry-internet-routing-vulnerabilities____________________________To see and hear more Redefining Security content on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-cybersecurityAre you interested in sponsoring an ITSPmagazine Channel?👉 https://www.itspmagazine.com/podcast-series-sponsorships Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.