Welcome to Risk Management: Brick by Brick! Join Jason Reichl on his journey to discover the crucial role technology plays in risk management in the construction sector. Accompanied by industry-leading risk managers, this podcast will deep-dive into the people who are helping to build and maintain the physical world around us.
…
continue reading
Cyber Risk Management Podcasts
The monthly podcast for security professionals, by security professionals.Two self proclaimed grumpy security professionals talk security risk, how they’ve managed it in the past and forward looking discussions with guests working in information security and risk management.
…
continue reading
1
Reduce Cyber Risk Podcast - Cyber Security Made Simple
Shon Gerber, vCISO, CISSP, Cyber Security Consultant, Author and Entrepreneur
1
189
Shon Gerber from the Reduce Cyber Risk podcast provides valuable insights, guidance, and training to you each week that only a senior cyber security expert and vCISO can perform. Shon has over 23+ years of experience in cyber security from large corporations, government, and as a college professor. Shon provides you the information, knowledge, and training needed to help protect your company from cyber security threats. Shon weekly provides cyber security training topics covering: Insider Th ...
…
continue reading
Host Unknown is the unholy alliance of the old, the new and the rockstars of the infosec industry in an internet-based show that tries to care about issues in our industry. It regularly fails. With presenters that have an inflated opinion of their own worth and a production team with a pathological dislike of them (or “meat puppets” as it often refers to them), it is with a combination of luck and utter lack of good judgement that a show is ever produced and released. Host Unknown is availab ...
…
continue reading
The "Risk Intel" Podcast was developed to share our collective insights and knowledge working within the Financial Services industry and invite other risk enthusiasts to the show to educate and promote proactive risk management. The show is hosted by Ed Vincent, CEO of SRA Watchtower, a leading SaaS provider of innovative risk management solutions, serving the financial services industry and beyond. Our suite of proprietary technology solutions and methodologies was built “by risk pros for r ...
…
continue reading
"Securing Our Place In The Industry" The podcast dedicated to removing roadblocks and adding diversity to the cybersecurity industry.
…
continue reading
Welcome to Perimeter Perspective, the podcast where we explore the strategies, challenges, and innovations shaping the future of cybersecurity and IT management. Hosted by the experts at Next Perimeter, this show dives into zero trust principles, cloud-first solutions, and the evolving role of technology in modern businesses. Whether you’re an IT leader, business owner, or tech enthusiast, Perimeter Perspective offers actionable insights and engaging discussions to help you secure your digit ...
…
continue reading
Educational sound bytes to help MSPs and their clients navigate Cyber Security. Cybersecurity maturity is a journey, don't go it alone. Interviews and guidance from fellow MSPs and other Industry experts. Our goal is Secure Outcomes and together we can make a difference.
…
continue reading
Welcome to the PRMA Risk Ready podcast, the show for Risk Management Professionals in the High Net Worth Space.
…
continue reading
The daily cybersecurity news and analysis industry leaders depend on. Published each weekday, the program also includes interviews with a wide spectrum of experts from industry, academia, and research organizations all over the world.
…
continue reading
"On Aon" offers conversations between Risk Capital and Human Capital experts and guests about the Risk and People issues impacting businesses around the world. Each episode provides unique insights to help industry experts make better decisions across Trade, Technology, Weather and Workforce.
…
continue reading
Kitecast features interviews with security, IT, compliance, and risk management leaders and influencers, highlighting best practices, trends, and strategic analysis and insights.
…
continue reading
Cyber Insurance Leaders is a bi-weekly podcast dedicated to helping Cyber Security and Insurance professionals hear about the latest developments, best practices and thought leadership from leaders in the market. If you’re looking to hear and learn from cyber insurance and security experts, this show is for you. Each episode features an interview with an executive or thought leader, discussing topics like: the cyber insurance industry as a whole, international growth, cyber claims, and more.
…
continue reading
Welcome to the GRCISO podcast, where Chief Information Security Officers (CISOs) gain indispensable insights into the dynamic world of Cyber Governance, Risk, and Compliance (GRC). Each episode delves into expert analysis and industry perspectives, designed to empower CISOs with the knowledge needed to make informed decisions in today’s complex cybersecurity landscape. Tune in for in-depth discussions, practical advice, and the latest trends to stay ahead in your role. Whether you’re a seaso ...
…
continue reading
Experiments in Risk Science
…
continue reading
The Bare Metal Cyber CRISC Prepcast is a comprehensive audio training series designed to help you master the CRISC certification with confidence. Each episode delivers in-depth coverage of ISACA’s CRISC domains — from risk governance to monitoring — using a uniquely structured, exam-focused format built for long-term retention. Whether you're studying on the go or doing a deep review, this prepcast is your essential guide to IT risk success.
…
continue reading
Confused about the latest cybercrime in the news? Overwhelmed by trying to figure out if an incident applies to you? Want to learn simple, actionable steps to keep you and your family safe online? Introducing Bee Cyber Fit, a podcast for the Yale University community and beyond. We’ll cut through the cyber mumbo jumbo and make cybersecurity awareness easy to digest. Every two weeks we’ll share compelling cyber stories, make sense of buzzwords and share a simple call to action. Scammers are e ...
…
continue reading
Cyber Security, data breaches, Hackers, Chief Information Security Officers, Talking Cyber Security (formerly 'The Australian CISO') is a podcast for anyone interested in Cyber Security. Hear about data breaches, cyber news, how security personnel 'tick', how to answer questions at an interview, lessons learnt while doing the security role, how security people network, how they succeed etc. Use the email address [email protected] to make comments, pose questions or even ask to be on ...
…
continue reading
Welcome to Resilience: Voices in Cyber Security. The cyber threat landscape constantly evolves, and attacker's capabilities are growing in variety, volume, and sophistication. This podcast will provide the latest strategies and trends to ensure cyber resilience. I’m Yonatan Lipschitz, Director of Client Leadership at a leading cyber security consulting and incident response company. In each episode, a thought leader in the cyber sector will join me, sharing their insights, thoughts, and expe ...
…
continue reading
Join us every week as we take you on an journey into the dynamic realm of cybersecurity. Our podcast brings you exclusive interviews with top-notch leaders in the field, providing an in-depth exploration of the thrilling world of digital security. Discover discussions that encompass everything from the ingenious minds of hackers to the cutting-edge advancements in artificial intelligence. We tackle the crucial topics of diversity and the imperative mission of closing the substantial skills g ...
…
continue reading
Interviews, conversations, and content from professionals in the cybersecurity industry providing you with valuable tips, tools, techniques, training, and resources to make you a top cyber pro.Connect with more from Top Cyber Pro at: Website: https://topcyberpro.com/ Facebook: https://www.facebook.com/TopCyberPro/ Instagram: https://www.instagram.com/topcyberpro/ Twitter: https://twitter.com/TopCyberPro TikTok: https://www.tiktok.com/@topcyberpro LinkedIn: https://www.linkedin.com/company/to ...
…
continue reading
Sponsored by Netswitch Technology Management - https://www.netswitch.net/
…
continue reading
Cyber Security for Small Businesses doesn't need to be complicated or expensive. Most of the time it comes down to planning, procedures and good Systems Administration. Learn the techniques that you can use to increase Cyber Resilience in your Small Business. The podcast covers auditing tools like the ACSC Essential 8, NIST and ISO 27001. It will look at ways that you can identify, protect, detect, respond and recovery to a cyber incident. You will learn about: Malware Denial of Service Man ...
…
continue reading
The Bare Metal Cyber CCISO Prepcast is your comprehensive guide to mastering the Certified Chief Information Security Officer (CCISO) exam. With 70 focused episodes, this series demystifies every domain, concept, and competency area tested, from governance and risk to technical controls, strategic planning, and vendor oversight. Designed specifically for experienced security professionals preparing for executive-level certification, the Prepcast offers deep dives into frameworks like ISO 270 ...
…
continue reading
מפגשים עם האנשים בחזית הגנת הסייבר לתעשייה ותשתיות קריטיות Meetings with the people at the forefront of cyber defense for industry and critical infrastructure ICS SCADA OT IoT
…
continue reading
The Dark Dive podcast is designed to demystify the dark web - arming you with everything you need to know about what the dark web is and how it is used. Join us for a deep dive into dark web markets, hacking forums, and ransomware leak sites. Listen to real life stories from experts that feature criminals buying and selling stolen data, trading exploits, and planning cyberattacks from the dark web. Most importantly, find out how the cybersecurity and law enforcement community can do somethin ...
…
continue reading
Helping clients embrace risk and achieve peak business performance for over 150 years.
…
continue reading
20MinuteLeaders features the world's prominent leaders for short conversations about their journeys and insights.
…
continue reading
The Bare Metal Cyber CISM Prepcast is your comprehensive, exam-focused audio companion for mastering the Certified Information Security Manager (CISM) certification. Designed to guide aspiring security leaders through all four domains of the CISM exam, this prepcast translates complex risk, governance, and incident response concepts into clear, structured, and easy-to-follow episodes. Whether you're transitioning from a technical role or already managing security programs, the series offers ...
…
continue reading
The ISF Podcast brings you cutting-edge conversation, tailored to CISOs, CTOs, CROs, and other global security pros. In every episode of the ISF Podcast, Chief Executive, Steve Durbin speaks with rule-breakers, collaborators, culture builders, and business creatives who manage their enterprise with vision, transparency, authenticity, and integrity. From the Information Security Forum, the leading authority on cyber, information security, and risk management.
…
continue reading
The Mazars Tech for Leaders podcast delves into the latest technology developments and how business leaders can tackle challenges whilst ensuring they are protected from a risk, security and compliance perspective. Join Mazars Technology and Digital experts as they speak with industry guests, specialist speakers and subject matter experts on all things tech.
…
continue reading
Each episode, Angela and Vince dig into the key issues facing organizations when it comes to cybersecurity and CPS (Cyber-Physical Systems). Sponsored by Viakoo, the leader in CPS vulnerability remediation.
…
continue reading
The CYBER5 is hosted by Landon Winkelvoss, Co-Founder at Nisos, and features cybersecurity and investigations industry leaders' thoughts and answers to five questions on one topic on actionable intelligence to enterprise revolving around third-party risk management, adversary research and attribution, digital executive protection, merger and acquisition diligence, brand protection, disinformation, and cyber threat intelligence.
…
continue reading
1
Moody's Talks - Focus on Finance
Moody's Investors Service, Ana Arsov, Danielle Reed, Mark Wasden, Bruno Baretta, Donald Robertson
23139
Hosted by Danielle Reed of Moody's Financial Institutions team, Focus on Finance helps you keep on top of developments within the banking, insurance and asset management sectors — from the impact of tech disrupters and cyber risk to the ongoing effects of ESG and lower-for-longer interest rates. Published by Moody's Investors Service..
…
continue reading
🔒 Cybersecurity is evolving — and so should you. Razorwire brings the open conversations that give you the edge. Welcome to the Razorwire podcast — your resource for practical advice, expert insights, and real-world conversations on cybersecurity, information security (InfoSec), risk management, governance, security leadership, human factors, and industry trends. Our mission is to help you build a stronger cybersecurity career while supporting a dynamic, agile community of professionals comm ...
…
continue reading
Daily cybersecurity news for practitioners. Vulnerabilities, defenses, threats, network security insight, research and more to make you sound smarter as you get to the office in the morning. New each weekday.
…
continue reading
Conversations with Thailand is a bi-monthly podcast series by Deloitte Thailand. Listeners can expect to hear insights from subject matter experts across the different business domains that will benefit both organisations and individuals navigate through complexities of today's VUCA world.
…
continue reading
Safeguarding Your Business in the Digital Age Welcome to The Cyberdap Podcast, your go-to resource for navigating the complex world of cybersecurity tailored specifically for small and medium business owners. In an era where digital threats lurk around every corner, staying ahead of cyber attacks is paramount to the success and security of your business. Join us as we delve deep into the ever-evolving landscape of cybersecurity, shedding light on the latest threats, vulnerabilities, and atta ...
…
continue reading
The Bare Metal Cyber CISA Prepcast is a comprehensive, exam-focused podcast designed to help you master every domain of the Certified Information Systems Auditor (CISA) certification. With over 100 tightly structured episodes, this prepcast walks you through key concepts, audit techniques, IT governance, system acquisition, operations, resilience, and information asset protection—all aligned to ISACA’s exam objectives. Whether you're just beginning your study journey or need a high-impact re ...
…
continue reading
Security Ledger is an independent security news website that explores the intersection of cyber security with business, commerce, politics and everyday life. Security Ledger provides well-reported and context-rich news and opinion about computer security topics that matter in our IP-enabled homes, workplaces and daily lives.
…
continue reading
The Voice of Cybersecurity for MSPs & MSSPs! The CyberCall is the weekly podcast where cybersecurity meets business reality. Hosted by Andrew Morgan, Founder of Right of Boom, this is the go-to show for Managed Service Providers (MSPs), virtual CISOs (vCISOs), and IT leaders navigating the complex world of cyber risk, compliance, and AI. Each episode features raw, practical conversations with the sharpest minds in cybersecurity—from operators in the trenches to CISOs, researchers, policymake ...
…
continue reading
CISO Insights: The Cybersecurity Leadership Podcast Where Security Leaders Shape Tomorrow’s Defenses Join us for CISO Insights, the definitive podcast for cybersecurity executives navigating today’s evolving threat landscape. Each episode delivers exclusive conversations with industry pioneers and practical frameworks from security leaders. CISO Insights provides actionable intelligence for executives building resilient security programs. We cover everything from board-level risk communicati ...
…
continue reading
Our goal for this series is to bring to listeners the latest insights on trending topics, delivered by specialists from Guy Carpenter and other organizations on the forefront of thought leadership.
…
continue reading
CISOs insiders is open conversations I’m having with leading CISOs in the industry. We’ll be talking about what makes them ticks, their biggest accomplishments and flagrant failures, their favorite drinks and what it is they like in vendors as well as dislike in vendors. We’ll try to tap into the mind of the person behind the role and hopefully have some fun while doing so. Join us for a light talk.
…
continue reading
Speedwell Research spends hundreds of hours researching public businesses each month and in "The Synopsis" they share their key learnings. Most business podcasts are superficial and assume their listeners are unsophisticated. In contrast, The Synopsis trusts listeners are interested in learning about complex, industry-specific issues, so long as they are explained clearly. We cover businesses from inception to current day, coupling business analysis and an investors lens. Start listening tod ...
…
continue reading
Barry Kirby explores aspects of Human Factors, from practitioners in the field, through Processes and Tools that are useful (or not) and other Information and News that may be beneficial. For HF people to keep in touch and non-HF people to hear what we do.
…
continue reading
Strategy. Execution. Results. Offering consulting, training & software solutions for companies building complex, highly regulated systems. Learn more @ www.321gang.com
…
continue reading
Breaking Cyber Barriers dives deep into the world of Cybersecurity, uncovering trends and exploring its limitless potential. Join host Liz Vagenas as she speaks with top leaders about the current challenges and opportunities within the industry, as well as strategies for success.
…
continue reading
1
Compliance Unlocked: Automation, AI, and Paramify’s Vision for the Future of Risk Management
31:36
31:36
Play later
Play later
Lists
Like
Liked
31:36
Send us a text In this episode of Secure Insights, we sit down with Mike Schreiner, COO of Paramify, for an eye-opening conversation about the future of automated compliance and why it's transforming how companies of all sizes manage risk and regulation. From scrappy startups to global enterprises, staying compliant is no easy task. Mike breaks dow…
…
continue reading
Cybersecurity Insurance and Risk Management are generally conversations we avoid in the ITSP space, but with recent events, Matt Lee and I sit down to talk about how the two complement each other, the pitfalls, and some tips for protecting yourself through both.
…
continue reading
1
The SME Cybersecurity Revolution: How Coro Cracked the Code
40:29
40:29
Play later
Play later
Lists
Like
Liked
40:29
Are small and medium-sized businesses finally getting the cybersecurity solutions they deserve - or is the market still leaving them exposed? Welcome back to Razorwire, the podcast where I investigate the real world challenges and breakthroughs in cybersecurity, bringing you the stories and advice of the industry’s leading minds. I’m Jim, and in th…
…
continue reading
1
SANS Stormcast Wednesday, July 23rd, 2025: Sharepoint 2016 Patch; MotW Privacy and WinZip; Interlock Ransomware; Sophos Patches
6:17
6:17
Play later
Play later
Lists
Like
Liked
6:17
Microsoft Updates SharePoint Vulnerability Guidance CVE-2025-53770 and CVE-2025-53771 Microsoft released its update for SharePoint 2016, completing the updates across all currently supported versions. https://msrc.microsoft.com/blog/2025/07/customer-guidance-for-sharepoint-vulnerability-cve-2025-53770/ WinZip MotW Privacy Starting with version 7.10…
…
continue reading
1
Channelcon25: Preview of Preday and Cyber Track
27:34
27:34
Play later
Play later
Lists
Like
Liked
27:34
Charles Love of ShowTech Solutions and I sit down to discuss Channelcon25. Why you should attend and a preview of some of the sessions. From MSP-Ignite and their peer group style conversations to Tech Degenerates and many other communities coming together for a Monday Pre-day and then rolling into the daily agenda, centered, of course, on sessions …
…
continue reading
Confusion persists over the Microsoft Sharepoint zero-days. CrushFTP confirms a zero-day under active exploitation. The UK government proposes a public sector ban on ransomware payments. A new ransomware group is using an AI chatbot to handle victim negotiations. Australia’s financial regulator accuses a wealth management firm of failing to manage …
…
continue reading
1
The Hyper-Connected Hospital Under Siege: 2025
36:31
36:31
Play later
Play later
Lists
Like
Liked
36:31
Explore the unprecedented, multi-front cyber crisis confronting the global healthcare sector as of July 2025, where technological innovation dangerously intertwines with cyber warfare, creating a hyper-connected ecosystem rife with vulnerabilities. We deconstruct the escalating threat landscape, including evolving ransomware with multi-extortion mo…
…
continue reading
1
The Human Zero Day Series | Ep1152: GenAI Fact-Checking w/ Raina & Kamath
41:19
41:19
Play later
Play later
Lists
Like
Liked
41:19
Journalist Pamposh Raina and fact‑checking founder Rajneil Kamath scale multilingual verification from crowded newsrooms to India’s Deepfake Analysis Unit, confronting election‑time AI fakes. They expose the media‑literacy chasm fueling misinformation and show how open, multi‑tool collaboration can sustain regional information integrity.…
…
continue reading
1
Dialogue. Evolution 2Q25 Business Update, Black Markets, UK Investigation, Asia Cyber Attacks
42:42
42:42
Play later
Play later
Lists
Like
Liked
42:42
In this Dialogue episode of The Synopsis, we discuss Evolution's 2Q25 earnings. We also give an overview of regulated vs unregulated markets and different complexities of regulation and solving the Asia Cyber attacks.. Evolution 2Q25 Business Update This update quoted several expert call transcripts from Alpha Sense. You can get a free trial to rea…
…
continue reading
1
S35 Ep9: SUMMER LISTENING Seán Doyle - Cyber and the World Economy
30:01
30:01
Play later
Play later
Lists
Like
Liked
30:01
Today, ISF CEO Steve Durbin speaks with Seán Doyle, Lead for the Centre for Cybersecurity at the World Economic Forum. They discuss the role of public-private partnerships in the current cyber landscape, the importance of running tabletop exercises to promote resilience, and improving cybersecurity legislation and regulation around the world to pro…
…
continue reading
1
SANS Stormcast Tuesday, July 22nd, 2025: SharePoint Emergency Patches; How Long Does Patching Take; HPE Wifi Vuln; Zoho WorkDrive Abused
6:00
6:00
Play later
Play later
Lists
Like
Liked
6:00
Microsoft Released Patches for SharePoint Vulnerability CVE-2025-53770 CVE-2025-53771 Microsoft released a patch for the currently exploited SharePoint vulnerability. It also added a second CVE number identifying the authentication bypass vulnerability. https://msrc.microsoft.com/blog/2025/07/customer-guidance-for-sharepoint-vulnerability-cve-2025-…
…
continue reading
1
What Makes a Good vCISO & Delivering at Scale
1:01:17
1:01:17
Play later
Play later
Lists
Like
Liked
1:01:17
Last week, we tackled a big one: 'Risk, Revenue, Responsibility: The Real Job of the vCISO — and it sparked an incredible conversation around how vCISOs are no longer just about frameworks and firewalls, but about protecting business outcomes, navigating executive risk, and helping clients make strategic decisions. This week, we’re taking it a step…
…
continue reading
Microsoft issues emergency updates for zero-day SharePoint flaws. Alaska Airlines resumes operations following an IT outage. The UK government reconsiders demands for Apple iCloud backdoors. A French Senate report raises concerns over digital sovereignty. Meta declines to sign the EU’s new voluntary AI code of practice. A new report claims last yea…
…
continue reading
1
Privilege & Peril: The Resilient Law Firm in 2025
30:04
30:04
Play later
Play later
Lists
Like
Liked
30:04
Law firms are a "digital bullseye", acting as custodians of clients' "crown jewels" of confidential and strategic information, making them uniquely vulnerable to escalating cyber threats. Attackers are now leveraging AI to launch hyper-realistic attacks at an unprecedented scale, while the human element remains the primary point of failure, leading…
…
continue reading
1
SANS Stormcast Monday July 21st, 2025: Sharepoint Exploited; Veeam Fake Voicemail Phish; Passkey Phishing Attack
8:05
8:05
Play later
Play later
Lists
Like
Liked
8:05
SharePoint Servers Exploited via 0-day CVE-2025-53770 Late last week, CodeWhite found a new remote code execution exploit against SharePoint. This vulnerability is now actively exploited. https://isc.sans.edu/diary/Critical+Sharepoint+0Day+Vulnerablity+Exploited+CVE202553770+ToolShell/32122/ Veeam Voicemail Phishing Attackers appear to impersonate …
…
continue reading
1
19. A Deep Dive Into The LockBit Data Leaks
40:38
40:38
Play later
Play later
Lists
Like
Liked
40:38
On May 7th, 2025 the notorious ransomware group LockBit’s dark web leak site displayed an unusual message: “Don’t do crime, crime is bad xoxo from Prague”. Alongside this text was the link to an archive file, containing data that appeared to have been stolen from the LockBit ransomware group itself. In this month's episode of The Dark Dive, members…
…
continue reading
1
The AI Revolution in Human Risk Management: Beyond Compliance
10:19
10:19
Play later
Play later
Lists
Like
Liked
10:19
Traditional security awareness training (SAT) has often proven ineffective, with only 15% of participants actually changing their behavior and a significant majority of data breaches, predicted to be 90% in 2024, involving a human element. Artificial intelligence (AI) is fundamentally transforming SAT by enabling personalized learning experiences, …
…
continue reading
1
Anisha Patel: Right along with them. [Program management] [Career Notes]
8:45
8:45
Play later
Play later
Lists
Like
Liked
8:45
Please enjoy this encore of Career Notes: Associate Director at Raytheon Intelligence and Space in the Cyber Protection Services Division Anisha Patel always loved math and it defined her career journey. As a first-generation American from an Asian household, Anisha said she was destined for a STEM-focused career and chose electrical engineering. S…
…
continue reading
1
The Human Zero Day Series | Ep1151: Dr. Nima Schei: Bio‑Inspired AI Trust
39:40
39:40
Play later
Play later
Lists
Like
Liked
39:40
MD‑turned‑neuroscientist Nima Schei shares how modeling the brain’s limbic system led him from crab‑neuron labs to Guacamole ID—lightweight, continuous desktop authentication—while devising guardrails against deepfakes and MFA fatigue. His bio‑inspired algorithms suggest emotional intelligence in machines can raise trust, cut compute, and free team…
…
continue reading
1
Beyond CSPM: The Cloud Security Evolution
20:22
20:22
Play later
Play later
Lists
Like
Liked
20:22
Cloud Security Posture Management (CSPM) is a critical component for continuously monitoring, detecting, and remediating security risks and compliance violations across cloud environments, particularly addressing misconfigurations which account for over 90% of cloud security breaches. While essential for visibility, risk assessment, and compliance …
…
continue reading
1
Creeping like a spider. [Research Saturday]
20:33
20:33
Play later
Play later
Lists
Like
Liked
20:33
This week, we are pleased to be joined by George Glass, Associate Managing Director of Kroll's Cyber Risk business, as he is discussing their research on Scattered Spider and their targeting of insurance companies. While Scattered Spider has recently turned its attention to the airline industry, George focuses on the broader trend of the group’…
…
continue reading
1
Firefighting to Foresight: Rethinking Cyber Risk for the Real World
30:22
30:22
Play later
Play later
Lists
Like
Liked
30:22
Stanley Li speaks with veteran security executive Steve Maciejewski (aka “Steve Mack”) to unpack the harsh realities and hopeful opportunities of managing cyber risk in today’s complex digital landscape. Drawing from decades of experience as a CISO across public and private sectors, Steve explains why traditional compliance checklists and siloed to…
…
continue reading
The UK sanctions Russian military intelligence officers tied to GRU cyber units. An AI-powered malware called LameHug targets Windows systems. Google files a lawsuit against the operators of the Badbox 2.0 botnet. A pair of healthcare data breaches impact over 3 million individuals. Researchers report a phishing attack that bypasses FIDO authentica…
…
continue reading
8th July 2008: Several DNS vendors released patches to mitigate an attack method discovered by Dan Kaminsky which could be used to cause DNS cache poisoning. Kaminsky had discovered the vulnerability 6 months prior and reported it to vendors privately so they could address it. RIP, Dan. https://x.com/todayininfosec/status/1942695691270193211 10th J…
…
continue reading
An Incident Response (IR) playbook is a comprehensive, step-by-step guide essential for organizations to proactively mitigate, detect, respond to, and recover from ransomware incidents. It serves as a single source of truth, enabling swift action to limit an incident's impact, save data, time, and money, and accelerate the return to normal business…
…
continue reading
1
SANS Stormcast Friday, July 18th, 2025: Extended File Attributes; Critical Cisco ISE Patch; VMWare Patches; Quarterly Oracle Patches
4:55
4:55
Play later
Play later
Lists
Like
Liked
4:55
Hiding Payloads in Linux Extended File Attributes Xavier today looked at ways to hide payloads on Linux, similar to how alternate data streams are used on Windows. Turns out that extended file attributes do the trick, and he presents some scripts to either hide data or find hidden data. https://isc.sans.edu/diary/Hiding%20Payloads%20in%20Linux%20Ex…
…
continue reading
Pro-Russian Hackers, scam lords, and ransomware gangs face global justice. Louis Vuitton ties customer data breaches to a single cyber incident. The White House is developing a “Zero Trust 2.0” cybersecurity strategy. OVERSTEP malware targets outdated SonicWall Secure Mobile Access (SMA) devices. An Australian political party suffers a massive rans…
…
continue reading
1
Beyond Compliance: The Evolving Art of ERM and Key Risk Indicators
20:09
20:09
Play later
Play later
Lists
Like
Liked
20:09
This episode explores how Enterprise Risk Management (ERM) processes evolve from foundational structures and informal approaches to sophisticated, enterprise-wide analytical frameworks. We delve into how Key Risk Indicators (KRIs) serve as crucial early warning signals, examining their varied development, monitoring, and application across three di…
…
continue reading
1
Gil Groskop VP Technology & Digital Transformation @Mekorot on moving tech forward & cyber by design
54:22
54:22
Play later
Play later
Lists
Like
Liked
54:22
פעמים אנחנו שוכחים שמים הם חלק מתעשיית המזון, האחריות של אספקת מים היא לא רק ברציפות האספקה בכול תנאי אלא גם עמידה בדרישות האיכות. בישראל קיימות שתי חברות תשתית גדולות כאשר מקורות היא אחת מהן עם אלפי אתרים ומערכות בקרה שפרוסות על פני כול המדינה. הצורך לאחד בין ביטחון פיזי לביטחון סייבר יחד עם הזרמת מידע בזמן אמת עד לאחרון העובדים היא אתגר שדורש תכנ…
…
continue reading
1
Resilience and the Rising Stakes of Cyber Risk
21:18
21:18
Play later
Play later
Lists
Like
Liked
21:18
In this episode of On Aon, our cyber experts explore the escalating scale and complexity of cyber threats, from AI-driven attacks to systemic third-party risks. Hosted by Nancy Eaves, product leader for Cyber Solutions, and featuring insights from Brent Rieth, global cyber leader, and David Molony, EMEA head of cyber solutions, the conversation exp…
…
continue reading
1
SANS Stormcast Thursday, July 17th, 2025: catbox.moe abuse; Sonicwall Attacks; Rendering Issues
5:09
5:09
Play later
Play later
Lists
Like
Liked
5:09
More Free File Sharing Services Abuse The free file-sharing service catbox.moe is abused by malware. While it officially claims not to allow hosting of executables, it only checks extensions and is easily abused https://isc.sans.edu/diary/More%20Free%20File%20Sharing%20Services%20Abuse/32112 Ongoing SonicWall Secure Mobile Access (SMA) Exploitation…
…
continue reading
Google and Microsoft issue critical updates. CISA warns of active exploitation of a critical flaw in Wing FTP Server. Cloudflare restores their DNS Resolver service following a brief outage. A critical vulnerability in a PHP documentation tool allows attackers to execute code on affected servers. NSA and FBI officials say they’ve disrupted Chinese …
…
continue reading
1
Christine Chasse merged Healthcare AI and Law | Hear her story!
7:42
7:42
Play later
Play later
Lists
Like
Liked
7:42
ABOUT THIS EPISODE: The Blak Cyber podcast presents "The AI Governance Mentors Series, Episode 3 featuring Christine Chasse RN, JD, MSN, NE-C, CIPPUS, AIGP. Christine recently passed the AIGP (Artificial Intelligence Governance Professional), and shares some of her insights. Christine is an Attorney with a focus on Regulatory and Compliance, and Da…
…
continue reading
1
NIS2 Accountability: The Boardroom's Burden
16:27
16:27
Play later
Play later
Lists
Like
Liked
16:27
This episode delves into the critical and direct accountability of top management and management boards for NIS2 compliance. We explore the significant legal obligations placed upon them, including the requirement to approve and oversee cybersecurity risk management measures and ensure timely incident reporting. Learn how proactive engagement by le…
…
continue reading
1
The Human Zero Day Series | Ep1150: Lucas Hu – Building a Swiss Cheese Security Stack
21:42
21:42
Play later
Play later
Lists
Like
Liked
21:42
When Lucas Hu witnessed a deepfake breach his firm’s defenses, he recognized the limits of traditional tooling. Leveraging a decade of ML research and hands-on cybersecurity experience, he pioneered a “Swiss cheese” model—layering email, domain, and behavioral signals—to outsmart evolving phishing and deepfake attacks.…
…
continue reading
1
SANS Stormcast Wednesday, July 16th, 2025: ADS Keystroke Logger; Fake Homebrew; Broadcom Altiris RCE; Malicious Cursor AI Extensions
5:45
5:45
Play later
Play later
Lists
Like
Liked
5:45
Keylogger Data Stored in an ADS Xavier came across a keystroke logger that stores data in alternate data streams. The data includes keystroke logs as well as clipboard data https://isc.sans.edu/diary/Keylogger%20Data%20Stored%20in%20an%20ADS/32108 Malvertising Homebrew An attacker has been attempting to trick users into installing a malicious versi…
…
continue reading
With some of the recent events in the ransomware space, I had a chance to hear firsthand from Dave Alton of Strategic Integrated Resources. I asked the question, "What is concerning you today?" This discussion has some action items that you can do with your own clients. Whether you are dealing with business email compromise, wire fraud, or are just…
…
continue reading
A DOGE employee leaks private API keys to GitHub. North Korea’s “Contagious Interview” campaign has a new malware loader. A New Jersey diagnostic lab suffers a ransomware attack. A top-grossing dark web marketplace goes dark in what experts believe is an exit scam. MITRE launches a cybersecurity framework to address threats in cryptocurrency and di…
…
continue reading
1
S3 | E22: Mind The Gap (PT3): How a Playbook Minimizes Execution Risk
27:03
27:03
Play later
Play later
Lists
Like
Liked
27:03
In this episode of The Risk Intel Podcast, Ed Vincent welcomes back Craig Hartman, founder and CEO of Plansmith, along with Christine Lake, Plansmith’s Chief Strategy Officer. This was part 3 of a larger series around "Execution Risk" with the Plansmith team and a natural progression from prior episodes, where we addressed the definition and mitiga…
…
continue reading
1
Canada Cyber Readiness: A Cross-Sector Imperative
17:29
17:29
Play later
Play later
Lists
Like
Liked
17:29
This podcast dives into the Cyber Security Readiness Goals Cross-Sector Toolkit, providing essential insights for Canadian critical infrastructure owners and operators. We explore how organizations can prioritize investments and elevate their cyber security posture by understanding the 36 readiness goals. Each episode unpacks recommended actions, a…
…
continue reading
1
S35 Ep8: SUMMER LISTENING Omera Khan - Future-Proofing Our Supply Chains
29:31
29:31
Play later
Play later
Lists
Like
Liked
29:31
ISF CEO Steve Durbin sits down with strategic supply chain risk expert Omera Khan. They talk about the current risk landscape vis a vis supply chain, protecting your supply chain by building collaborative systems, and incentivizing your staff appropriately to ensure they vet suppliers with a security-first mindset. Mentioned in this episode: ISF An…
…
continue reading
