Defense in Depth

Exploring the impact of remote work on cybersecurity, the podcast discusses worker preferences, the motives behind returning to the office, and the benefits of access to talent. It also highlights the importance of flexibility, community, and trust in remote work, as well as the challenges of building culture in a virtual environment.

This podcast discusses the challenges of managing users' desires for new technology, particularly focusing on generative AI. The speakers explore the need to adapt and apply previous lessons learned, the risks and mitigation strategies associated with adopting new technology, the importance of managing user desires and ensuring visibility, adhering to rules and protecting data, and the significance of continuous learning in cybersecurity.

Caitlin Sarian, popular cybersecurity TikToker, joins the hosts to discuss common cybersecurity questions. They cover topics such as online safety for children, phishing prevention, smartphone security, data breaches, and digital footprint. The importance of control and choice in online privacy is explored, as well as the need for clear guidance on user safety. They also discuss the importance of cybersecurity education and support structures for everyday users.

The podcast discusses the challenges and solutions of ingesting data into data lakes, the power and complexity of data lakes, extracting value from a data lake, using data lakes for security, the importance of data collection and linking, and the significance of prioritizing data quality in a data lake.

The podcast discusses the challenges of executing a threat intelligence program successfully, including planning and setting expectations. They also highlight the importance of data and actionable intelligence, as well as the evolution of threat intelligence programs and the shift towards a strategic and predictive approach. The episode touches on the role of evidence in identifying threats and mentions the future potential of generative AI in security.

Security leaders discuss strategies for managing intense stress during incidents, particularly during the SolarWinds incident. They explore the toll it takes on their well-being, the challenges of managing stress within teams, and the importance of support from the community. Strategies for coping with stress, addressing security risks with shadow SaaS apps, building support networks, and challenges in incident management training are also discussed.

Explore the methods to make employees more security conscious and aware. Discuss the importance of a security mindset practiced by senior leadership. Emphasize personalized cybersecurity education and the value of prioritizing collective security. Highlight the importance of trust and respect in cybersecurity.

All links and images for this episode can be found on CISO Series. Users have tried to upload sensitive company information and PII, personally identifiable information, into ChatGPT. Those who are successful getting the data in, have now made that data free to all. Will people's misuse of these generative AI programs be our greatest downfall to security and privacy? Check out this post for the discussion that is the basis of our conversation on this week's episode co-hosted by me, David Spark (@dspark), the producer of CISO Series, and Geoff Belknap (@geoffbelknap), CISO, LinkedIn. Joining us is our special guest Suha Can, CISO, Grammarly. Thanks to our podcast sponsor, Opal Opal is building the next generation of intelligent identity. Identity is one of the last great enterprise frontiers. It's fragmented with legacy architecture. Opal's mission is to empower teams to understand and calibrate access end to end, and to build identity security for scale. Learn more by at www.opal.dev. In this episode: Will people's misuse of these generative AI programs be our greatest downfall to security and privacy? Is AI the problem? Or is poor human judgement the problem? Is it better to get started with any guardrails until setting up a full policy? What are we going to do now?

David Spark, Producer of CISO Series, and Geoff Belknap, CISO, discuss creating a pipeline of cyber talent by training existing staff, promoting employees, and investing in building talent. They explore transitioning careers through training programs and fostering a blameless post-mortem culture. Amtrak's CISO, Jesse Whaley, joins the conversation. They also highlight the significance of diversity and recommend using LinkedIn for job search and skill improvement.

Finding the right balance in access management, strategies for implementing least privileged access, automating access calibration, challenges of managing access in a high-scale environment, and improving accessibility in identity and access management.