The ITSPmagazine Podcast

Guest: Jinan Budge, Vice President, Principal Analyst serving Security & Risk professionals, ForresterOn LinkedIn | https://www.linkedin.com/in/jinan-budge-2898132/Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast & Audio Signals PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesThe Australian Cyber Conference Melbourne 2024 is a dynamic hub of innovation, bringing together top cybersecurity professionals and thought leaders to tackle the industry’s most pressing challenges. On this On Location Recording Sean Martin and Marco Ciappelli have a  conversation with Jinan Budge, Vice President at Forrester Research, focusing on the vital role of human-centered security in today’s evolving landscape.Building a Human-Centered Cybersecurity CultureOne of the central themes of the discussion was the shift from traditional security awareness programs to human risk management. Jinan Budge emphasized the need to move beyond treating people as liabilities and instead design security practices that align with individual behaviors and motivations. This evolution toward human-centered cybersecurity is essential to addressing the unique risks posed by human behavior while fostering a culture of adaptability and trust.Collaboration Between Enterprises and VendorsThe podcast highlighted the shared responsibility between enterprises and vendors to advance security practices. Enterprises must embrace adaptive security solutions tailored to their workforce, while vendors have a pivotal role in driving innovation and educating the market. This partnership is key to creating flexible, effective solutions that meet the needs of diverse organizations, from startups to global enterprises.Understanding the Human Element in Data BreachesBudge introduced a framework she calls the “wheel of human element breaches,” which categorizes risks such as social engineering, human error, and insider threats. This comprehensive approach pushes the conversation beyond the common narrative of phishing attacks, encouraging organizations to adopt holistic strategies that address the root causes of human-driven vulnerabilities.Education and Continuous LearningMarco Ciappelli and Jinan Budge underscored the importance of integrating cybersecurity education into early learning environments. Instilling digital safety habits at a young age helps build an instinctive understanding of cybersecurity, preparing future generations for the increasingly digital workplace. This foundation ensures smoother transitions into organizational cultures where cybersecurity is second nature.ConclusionThe discussions at the Australian Cyber Conference Melbourne 2024 illuminated the industry’s growing focus on human-centered strategies and collaboration between enterprises and vendors. These efforts underscore the importance of proactively addressing human risks and integrating cybersecurity education into every level of society. Events like this continue to shape the future, offering invaluable insights and inspiration for those dedicated to advancing the field.____________________________This Episode’s SponsorsThreatlocker: https://itspm.ag/threatlocker-r974____________________________ResourcesLearn more and catch more stories from Australian Cyber Conference 2024 coverage: https://www.itspmagazine.com/australian-cyber-conference-melbourne-2024-cybersecurity-event-coverage-in-australiaBe sure to share and subscribe!____________________________Catch all of our event coverage: https://www.itspmagazine.com/technology-cybersecurity-society-humanity-conference-and-event-coverageTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastTo see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcastWant to tell your Brand Story Briefing as part of our event coverage?Learn More 👉 https://itspm.ag/evtcovbrf Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

During AISA Cyber Con 2024 in Melbourne, Sean Martin connected with Jade Wilkie from ThreatLocker. Wilkie, who is currently an account executive and soon to assume a leadership role with the APAC sales team, discusses the significance of ThreatLocker’s presence at the event and their growth in the Australian market. With ThreatLocker’s APAC team attending for the first time, Wilkie emphasizes the importance of support on the ground as Australia has quickly become ThreatLocker’s second-largest market.ThreatLocker’s approach, centered on a default deny methodology and zero trust framework, aligns well with Australia’s Essential Eight cybersecurity framework. Wilkie highlights that this strategy not only prevents unauthorized access but also reduces noise during detection and response processes. This makes the Essential 8 a solid foundation for cybersecurity, offering a straightforward and effective structure that companies can implement.At their booth, ThreatLocker aims to raise awareness about their comprehensive offerings beyond application control, including EDR and MDR, and network control modules. Wilkie invites attendees to engage with the team to understand how ThreatLocker’s solutions can fortify their security structures.The episode teases an upcoming conversation at Zero Trust World in Orlando, where Sean Martin and Jade Wilkie will further explore the event’s takeaways and discuss emerging themes and trends in the cybersecurity space. Don’t miss out on this insightful discussion that promises to deliver valuable information for strengthening cybersecurity efforts.Learn more about ThreatLocker: https://itspm.ag/threatlocker-r974Note: This story contains promotional content. Learn more.Guests: Jade Wilkie, Account Executive APAC, ThreatLocker [@ThreatLocker]On LinkedIn | https://www.linkedin.com/in/jade-wilkie-salesprofessional/ResourcesEssential Eight: https://itspm.ag/threatq55qZero Trust World: https://itspmagazine.com/zero-trust-world-2025-cybersecurity-and-zero-trust-event-coverage-orlando-floridaLearn more and catch more stories from ThreatLocker: https://www.itspmagazine.com/directory/threatlockerView all of our AISA Cyber Con 2024 coverage: https://www.itspmagazine.com/australian-cyber-conference-melbourne-2024-cybersecurity-event-coverage-in-australiaAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Guest: Jacqueline Jayne, The Independent Cybersecurity ExpertOn LinkedIn | https://www.linkedin.com/in/jacquelinejayne/At AU Cyber Con | https://melbourne2024.cyberconference.com.au/speakers/jacqueline-jayne-smictHosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast & Audio Signals PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesDuring the On Location series at AISA Cyber Con 2024 in Melbourne, the conversation about cybersecurity turns engaging as Jacqueline Jayne, Security Awareness Advocate, shares her experience on human risk management and cybersecurity education. Her insights bring forward crucial points on bridging the gap between human behavior and technological security measures.One pivotal topic discussed is the persistent challenge of human error in cybersecurity. Jacqueline highlights that human error now accounts for over 90% of security breaches. The approach to mitigating these risks isn't merely technological but educational. She emphasizes the need for comprehensive security awareness training and shifting organizational culture towards proactive risk management.Jacqueline shares, “Organizations should redefine IT departments from the ‘Department of No’ to the ‘Department of K-N-O-W.’” She believes that instead of restricting users, organizations should focus on empowering them with knowledge, emphasizing the importance of comprehensive training that connects with employees on a personal level.Throughout the conversation, the importance of contextual and relatable education stands out. Jacqueline advocates for simulated phishing campaigns to provide real-world scenarios for employees. By understanding and experiencing what a phishing attempt looks like in a controlled environment, employees can better recognize and react to actual threats.Another compelling point is teaching digital citizenship from a young age. Jacqueline compares cybersecurity education to road safety education. Just as children learn road safety progressively, digital safety should be ingrained from an early age. Appropriate and guided exposure to technology can ensure they grow up as responsible digital citizens.The discussion also touches on parental and organizational roles. Jacqueline discusses the proposal of banning social media for children under 16, acknowledging its complexity. She suggests that though banning might seem straightforward, it's more about educating and guiding children and teenagers on safe digital practices. Organizations and parents alike should collaborate to create a safer and more informed digital environment for the younger generation.Towards the end, the dialogue shifts to the potential role of AI in enhancing cybersecurity awareness. There’s a consensus on using AI not as a replacement but as an augmentative tool to alert and educate users about potential threats in real-time, potentially mitigating the risk of human error. In conclusion, the conversation highlights the indispensable role of education in cybersecurity. JJ's perspective fosters a comprehensive approach that includes organizational culture change, continuous engagement, and early digital citizenship education. It’s not just about implementing technology but evolving our collective behavior and mindset to ensure a secure digital future.____________________________This Episode’s SponsorsThreatlocker: https://itspm.ag/threatlocker-r974____________________________ResourcesThe top 10 skills your security awareness and culture person must have with no IT or cyber skills in sight (Session): https://melbourne2024.cyberconference.com.au/sessions/session-OZ4j4mTr1OKeeping our kids safe online: The essential information for parents and caregivers (Session): https://melbourne2024.cyberconference.com.au/sessions/session-oBf7Gjn2xGSecurity awareness 2.0: The paradigm shift from training and simulations to engagement and culture: https://melbourne2024.cyberconference.com.au/sessions/session-drDWsOKBsLLearn more and catch more stories from Australian Cyber Conference 2024 coverage: https://www.itspmagazine.com/australian-cyber-conference-melbourne-2024-cybersecurity-event-coverage-in-australiaBe sure to share and subscribe!____________________________Catch all of our event coverage: https://www.itspmagazine.com/technology-cybersecurity-society-humanity-conference-and-event-coverageTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastTo see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcastWant to tell your Brand Story Briefing as part of our event coverage?Learn More 👉 https://itspm.ag/evtcovbrf Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Guest: Caroline Wong, Chief Strategy Officer, CobaltLinkedIn | linkedin.com/in/carolinewmwongHost: Dr. Rebecca WynnOn ITSPmagazine  👉  https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/rebecca-wynn________________________________This Episode’s SponsorsAre you interested in sponsoring an ITSPmagazine Channel?👉 https://www.itspmagazine.com/sponsor-the-itspmagazine-podcast-network________________________________Episode DescriptionIn this episode of Soulful CXO, host Dr. Rebecca Wynn speaks with Caroline Wong about navigating the complexities of the job search process. Caroline emphasizes the importance of concentrating on elements within your control, such as crafting a tailored resume, leveraging your professional network, and preparing for interviews. She highlights how a positive mindset can help you navigate challenges and setbacks during your search. Caroline also shares valuable insights on evaluating potential employers, assessing organizational culture, and embracing change as a constant in one’s career. With practical advice and strategies, this episode equips listeners with the tools to approach their job search with confidence and clarity.________________________________ResourcesCaroline Wong's Courses: https://www.linkedin.com/learning/instructors/caroline-wongCaroline Wong's book, Security Metrics, A Beginner's Guide: https://a.co/d/391G2nH________________________________Support:Buy Me a Coffee: https://www.buymeacoffee.com/soulfulcxo________________________________For more podcast stories from The Soulful CXO Podcast With Rebecca Wynn: https://www.itspmagazine.com/the-soulful-cxo-podcastITSPMagazine YouTube Channel:📺 https://www.youtube.com/@itspmagazineBe sure to share and subscribe! Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Gina D’Addamio, a threat analyst at the Canadian Cyber Threat Exchange, shares her inspiring journey from nursing to cybersecurity. She reflects on the emotional challenges of postpartum care and the motivation behind her career switch. The discussion emphasizes the importance of diverse backgrounds in cybersecurity and how her healthcare experience informs her approach to threat analysis. Gina also highlights the role of community support and mentorship in fostering success within the cybersecurity landscape.

Host | Matthew S WilliamsOn ITSPmagazine  👉 https://itspmagazine.com/itspmagazine-podcast-radio-hosts/matthew-s-williams______________________This Episode’s SponsorsAre you interested in sponsoring an ITSPmagazine Channel?👉 https://www.itspmagazine.com/sponsor-the-itspmagazine-podcast-network______________________Episode NotesIn 1966, NASA and the Soviet space program focused all of their efforts on getting to the Moon first. On July 20th, 1969, Americans succeeded and landed the first astronauts on the lunar surface. By reaching the Moon, NASA effectively won the Space Race. But what followed was a new era of cooperation and long-term plans that would eventually lead back to the Moon and onto Mars...______________________ResourcesThe Space Race - National Air and Space Museum: https://millercenter.org/the-presidency/educational-resources/space-race______________________For more podcast Stories from Space with Matthew S Williams, visit: https://itspmagazine.com/stories-from-space-podcast Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Guest: Chris Glanden, CEO and Founder, BarCode Security [@BarCodeSecurity]On LinedIn | https://www.linkedin.com/in/chrisglanden/On Twitter | https://x.com/barcodesecurityHosts: HutchOn ITSPmagazine  👉 https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/hutchLen Noe, Technical Evangelist / Whitehat Hacker at CyberArk [@CyberArk]On ITSPmagazine 👉 https://itspmagazine.com/itspmagazine-podcast-radio-hosts/len-noe______________________Episode SponsorsAre you interested in sponsoring an ITSPmagazine Channel?👉 https://www.itspmagazine.com/sponsor-the-itspmagazine-podcast-network______________________Episode IntroductionDiscussion with Chris Glanden - founder/CEO of BarCode and Producer of the Inhuman Documentary on AI, Robotics, Cybersecurity, Filmmaking, Podcasting, etc.______________________ResourcesBarCode Podcast - https://barcodesecurity.com/episodesNEWS:US and China agree to not integrate AI with Nuclear Weapons Systemshttps://www.reuters.com/world/biden-xi-agreed-that-humans-not-ai-should-control-nuclear-weapons-white-house-2024-11-16/Oxford study finds elderly men more comfortable with robotic care than womenhttps://www.ox.ac.uk/news/2024-11-14-men-more-willing-women-accept-robot-care-old-age-oxford-study-findsLeaks from OpenAI suggest that scaling AI is hitting diminishing returnshttps://www.businessinsider.com/openai-orion-model-scaling-law-silicon-valley-chatgpt-2024-11______________________For more podcast stories from Cyber Cognition Podcast with Hutch, visit: https://www.itspmagazine.com/cyber-cognition-podcastWatch the video podcast version on-demand on YouTube: https://www.youtube.com/playlist?list=PLnYu0psdcllS12r9wDntQNB-ykHQ1UC9U Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast & Audio Signals PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesIn this pre-event Chats on the Road episode of the On Location with Sean and Marco Podcast, hosts Sean Martin and Marco Ciappelli meet up in person and on location to discuss their excitement and expectations for the upcoming Australia Cybersecurity Conference 2024 in Melbourne. They express their enthusiasm about reuniting with the cybersecurity community and emphasize the significance of the event, which is organized by AISA and supported by notable individuals like Akash Mattel, Megan, and Abbas Kudrati.Sean and Marco share a light-hearted opening conversation about boats and travels, setting a casual tone before diving into what they look forward to at the conference. The hosts appreciate the opportunity to connect with industry leaders and attendees, emphasizing the importance of stories in operationalizing cybersecurity in business and society.Sean highlights the need to align technology with business processes while adhering to policies and laws on a global scale. On the other hand, Marco provides a broader perspective on the interaction between individuals, society, and technology, stressing the role of cybersecurity in protecting personal privacy and fostering human interaction — it turns out it's all about the intersection of technology and culture.The hosts reflect on their past experiences in the cybersecurity field, with Sean sharing an anecdote about a vintage AV hat that represents his journey at Symantec rooted in the Australia. culture. This reflection underscores the value of learning from past and present experiences to shape a better future in cybersecurity.Sean and Marco discuss the diverse sessions and interactions planned for the event, mentioning notable speakers like Joe Sullivan and Mikko Hypponen. They are particularly excited about the wide range of topics to be covered, from policy and privacy to operational strategies and the human element in cybersecurity.As they anticipate the week ahead, Sean and Marco invite listeners to engage with them during the conference. They are eager to forge new relationships and gather stories that resonate on a global scale, underscoring the event's potential for fostering meaningful connections and enhancing cybersecurity practices worldwide.Tune in to hear Sean and Marco's thoughts on what promises to be an exciting and informative week at the Australia Cybersecurity Conference 2024. Whether you're attending the event or staying tuned from afar, this episode sets the stage for the compelling conversations and insights to come.____________________________This Episode’s SponsorsThreatlocker: https://itspm.ag/threatlocker-r974____________________________Learn more and catch more stories from Australian Cyber Conference 2024 coverage: https://www.itspmagazine.com/australian-cyber-conference-melbourne-2024-cybersecurity-event-coverage-in-australiaBe sure to share and subscribe!____________________________Catch all of our event coverage: https://www.itspmagazine.com/technology-cybersecurity-society-humanity-conference-and-event-coverageTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastTo see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcastWant to tell your Brand Story Briefing as part of our event coverage?Learn More 👉 https://itspm.ag/evtcovbrf Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

In this Brand Story episode, recorded live at the HITRUST Collaborate Conference 2024, host Sean Martin sits down with Monica Shokrai, Head of Risk and Insurance for Google Cloud. The topic of conversation centers around cyber insurance, a crucial area impacting organizations across sectors.Monica Shokrai leads the charge in managing risk and procuring insurance for Google Cloud, a role that integrates closely with both the finance and security teams. She highlights the unique dual approach of her team, which not only secures coverage for Google but also strategizes on how to leverage insurance to assist Google Cloud customers in mitigating risks.A key point discussed is the interdisciplinary nature of cyber insurance. Traditionally managed by the finance or legal departments, Shokrai emphasizes its growing collaboration with cybersecurity teams. She notes that the standard organizational structure often sees a communication divide between finance and security departments. However, the evolving cyber insurance market is pushing these groups closer together, fostering a more integrated risk management strategy.Shokrai also shares insights on how Google approaches risk exposure and posture. By modeling risk in-house and leveraging an actuarial team, Google can quantify risks accurately and work closely with security teams. This model not only helps in securing better insurance terms but also aids in understanding and integrating security measures within the organization.Another significant point is Google’s innovative approach to automating the cyber insurance process. Through their Risk Protection Program, Google allows security metrics to be shared with insurance partners like Allianz in Munich. This method simplifies the underwriting process and promotes a data-driven approach to evaluating cybersecurity risks, aligning insurers and security teams toward a common goal.Overall, the discussion underscores the importance of a cohesive strategy that bridges finance and cybersecurity through innovative risk management and insurance practices. With leaders like Monica Shokrai at the helm, Google Cloud is at the forefront of integrating these critical functions, ultimately benefiting both the company and its customers.Learn more about Google Cloud: https://itspm.ag/google-pkapNote: This story contains promotional content. Learn more.Guest: Monica Shokrai, Head of Risk and Insurance, Google Cloud [@lifeatgoogle]On LinkedIn | https://www.linkedin.com/in/monicashokrai/ResourcesLearn more and catch more stories from Google: https://www.itspmagazine.com/directory/googleSimplified Cyber Insurance for Organizations with a HITRUST Certification: https://itspm.ag/hitrusp5x6Learn more and catch more stories from HITRUST: https://www.itspmagazine.com/directory/hitrustLearn more about 7 Minutes on ITSPmagazine Short Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Companies, organizations and governments have massive volumes of data, and the primary focus for its security is placed on that which is stored in the cloud, but many are not following best practices of taking the extra steps necessary to ensure their backed up data is secure, complete and uncorrupted. This story is to talk about using the 3-2-1 rule for cyber resiliency (keep three copies of data, on two different formats–both encrypted, one of which is stored off-site and offline) and discuss anecdotes of what can happen when cyber resilience plans are not put in place or followed.Data is the most important asset an organization has, whether it’s a business, organization or a government. At the same time, the frequency of cyber attacks that compromise data are increasing. Ransomware continues to be a plague, with some reports showing more than 14 publicly claimed attacks daily for the first half of 2024. Having a plan to thwart cyberattack is only part of the strategy. Equally important is how to rapidly recover and restore operations after a ransomware disruption has occurred. Share anecdote about OVHcloud data center that burned down in 2021 with backups in it – all assets destroyed and websites down for days. also might be good to mention the latest ransomware attack on University of Texas healthcare that is still not fully operational, 3 weeks after the attack and counting. it is unknown if they paid the ransom, but if they did and they’re still not operational, that goes to show how unreliable the ransomed data is. Apricorn’s own research shows that only half of U.S. respondents are conducting automatic backups to both a central repository AND a personal repository. Additionally, more than 25% of survey respondents were unable to recover all of their data successfullyIf attackers are successfully breaching data and holding it for ransom, organizations have to be able to recover complete backups of their data in order to a) avoid paying the ransom and b) assure the original data needed for restoration of operations is complete and intact, which statistics show, frequently is corrupted and incomplete when ransom is paid. One of the easiest and most effective ways to rapidly restore operations after a ransomware attempt is to keep multiple copies of integrity-checked data so you can fully recover it if it’s compromised. The 3-2-1 rule is a proven cyber resilience best practice. The 3-2-1 rule calls for keeping at least three copies of your data on two different types of media, with one being encrypted and offsite. This is where Apricorn comes into play - we make the highest grade, portable data encryption products on the market. Our products are security focused - 100% software free, FIPS certified, non-Chinese chips and so many unique features such as admin AND user forced enrollment, programmable PIN lengths, brute force defense, self destruct PINS and more.Learn more about Apricorn: https://itspm.ag/apricomebvNote: This story contains promotional content. Learn more.Guest: Kurt Markley, Managing Director, America's, Apricorn [@apricorn_info]On LinkedIn | https://www.linkedin.com/in/kurt-markley-1596054/ResourcesSecuring Data with Hardware Encrypted USB Drives: https://itspm.ag/apricoy0dmLearn more and catch more stories from Apricorn: https://www.itspmagazine.com/directory/apricornLearn more about 7 Minutes on ITSPmagazine Short Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.