Future of Threat Intelligence
Welcome to the Future of Threat Intelligence podcast, where we explore the transformative shift from reactive detection to proactive threat management. Join us as we engage with top cybersecurity leaders and practitioners, uncovering strategies that empower organizations to anticipate and neutralize threats before they strike. Each episode is packed with actionable insights, helping you stay ahead of the curve and prepare for the trends and technologies shaping the future.
Episodes
Tuesday Aug 27, 2024
Tuesday Aug 27, 2024
In our latest special episode of the Future of Threat Intelligence podcast, David catches Christopher Steffen, VP of Research, Information Security at Enterprise Management Associates, at the Black Hat conference. They discuss the current landscape of cybersecurity, emphasizing the need for CISOs to focus on foundational technologies rather than getting caught up in the hype of AI.
Chris highlights the value of open-source solutions in addressing real-world challenges like API and data security, noting their responsiveness compared to traditional vendors. He also provides practical advice for evaluating new technologies, encouraging listeners to consider innovative smaller companies that are driving change in the industry.
Topics discussed:
The importance of foundational technologies over the hype surrounding AI in cybersecurity solutions.
How open-source solutions are becoming viable for enterprise-class problems, offering responsiveness and cost-effectiveness compared to traditional vendors.
How the cybersecurity landscape is evolving, with a focus on addressing real-world challenges like API security and data protection.
How CISOs should prioritize technologies that solve immediate problems rather than relying on aspirational features from vendors.
The value of evaluating new products through documented use cases to ensure they meet organizational needs effectively.
How smaller, innovative companies are driving significant advancements in cybersecurity, offering unique solutions that larger vendors may overlook.
Key Takeaways:
Evaluate new cybersecurity technologies based on documented use cases to ensure they address your organization's specific needs effectively.
Prioritize foundational technologies over the latest AI trends to tackle immediate cybersecurity challenges in your organization.
Leverage open source solutions to enhance API security and data protection, taking advantage of their responsiveness and low cost.
Engage with smaller, innovative companies that are driving advancements in cybersecurity, as they often provide unique and effective solutions.
Focus on automation within your SOC to streamline alert management and reduce the burden on your team.
Monitor compliance requirements regularly to ensure your cybersecurity strategies align with evolving regulations and standards.
Collaborate with your team to identify core technological problems that need immediate attention, rather than getting distracted by aspirational features.
If you’re interested in Team Cymru’s latest research, download our “Voice of a Threat Hunter 2024” report here: https://www.team-cymru.com/voth2.0
Thursday Aug 22, 2024
Thursday Aug 22, 2024
In our latest episode of the Future of Threat Intelligence podcast, we speak with Drew Simonis, Chief Information Security Officer at Juniper Networks. Drew shares his insights into the evolving landscape of cybersecurity, emphasizing the crucial role of empathy and humility in effective leadership.
He also explores the transformative potential of AI in cybersecurity and offers practical advice on aligning security efforts with business objectives. Drew provides actionable insights, making our chat a must-listen for anyone involved in risk management, cybersecurity strategy, or leadership roles.
Topics discussed:
The importance of empathy and humility as foundational traits for effective cybersecurity leadership.
The evolving landscape of cybersecurity and how it has changed over the past 20 years.
The role of AI and automation in transforming cybersecurity practices and enhancing risk management.
Practical advice on aligning cybersecurity efforts with overarching business objectives to create impactful strategies.
The significance of conducting thorough team assessments to identify skill gaps and improve overall performance.
Insights into building a balanced cybersecurity team that includes both deep technical experts and broad, cross-functional connectors.
Drew's actionable advice for aspiring leaders on becoming experts in their business and understanding their colleagues' perspectives.
Key Takeaways:
Model empathy and humility in your leadership approach to build trust and collaboration within your cybersecurity team.
Stay updated on the latest advancements in AI and automation to enhance your cybersecurity practices and risk management strategies.
Align your security efforts with the overall business objectives to ensure that your initiatives have a meaningful impact.
Conduct regular team assessments to identify skill gaps and areas for improvement, fostering a culture of continuous development.
Engage with other departments to understand their perspectives and how cybersecurity can support their goals more effectively.
Standardize on a common vocabulary within your team to improve communication and ensure everyone is on the same page.
Participate in business meetings and listen to leadership presentations to better understand the strategic direction of your organization.
Encourage your team to step out of their comfort zones and take on new challenges to foster professional growth.
Implement practical risk management practices by saying "how" instead of just "yes" or “no” to ensure responsible and sustainable security measures.
Monitor your cybersecurity roadmap and ensure that your team is executing priorities that support the organization's goals.
Thursday Aug 08, 2024
Thursday Aug 08, 2024
In our latest episode of the Future of Threat Intelligence podcast, Andrew Gontarczyk, CISO at Pure Storage, dives into the world of cybersecurity leadership. Andrew shares his invaluable insights on the importance of blending technical expertise with a strong understanding of business priorities.
He recounts his professional journey, highlighting key lessons he’s learned along the way. Andrew offers unique value by addressing common industry pitfalls, the significance of effective communication, and strategies for building and leading successful cybersecurity teams. This episode is a treasure trove of practical advice for both aspiring and established cybersecurity professionals.
Topics discussed:
The importance of being highly technical while understanding broader business contexts for effective cybersecurity leadership.
Strategies for assembling and managing successful cybersecurity teams, emphasizing competence, communication, and problem-solving.
Common mistakes in cybersecurity and how to avoid them, focusing on understanding business priorities and effective communication.
Leveraging industry standards to accelerate progress and build credibility within cybersecurity initiatives.
Techniques for distilling complex technical information into concise, meaningful reports for executive and board-level audiences.
The necessity of collaboration and communication across departments to meet customer expectations and achieve security goals.
Key Takeaways:
Understand the balance between technical expertise and business context to make informed decisions in cybersecurity leadership.
Leverage industry standards to accelerate cybersecurity initiatives and build credibility within your organization.
Communicate effectively with executive leadership by distilling complex technical details into concise, meaningful reports.
Build strong cybersecurity teams by prioritizing competence, communication, and problem-solving skills.
Avoid common industry pitfalls by understanding broader business priorities and maintaining effective communication across departments.
Engage stakeholders by encouraging them to bring security ideas and strategies to the table, fostering a proactive security culture.
Reflect on your cybersecurity strategies by considering the broader business context and avoiding creating "shelfware" strategies.
Collaborate with other departments to meet customer expectations and achieve comprehensive security goals.
Emphasize the importance of understanding business priorities to help prioritize and negotiate cybersecurity tasks effectively.
Stay updated with industry trends and developments to keep your cybersecurity practices relevant and effective.
Headed to Black Hat? Visit us at booth #4428 for a free demo. Until then, try Pure Signal Scout Insight™ free for 30 days by signing up here.
Thursday Aug 01, 2024
Thursday Aug 01, 2024
In our latest episode of the Future of Threat Intelligence podcast, Joe Mariscal, Director of Cybersecurity and Compliance at Ryerson, shares his expertise in building hybrid cybersecurity teams and managing metals-industry-specific cyber risks. Joe shares invaluable insights from his extensive career, offering a unique look at the challenges and strategies within the metals industry.
He discusses the importance of specialized outside services, common oversights in cybersecurity practices, and the critical need for strong partnerships and team collaboration. Joe provides listeners with actionable advice and a fresh perspective on effective risk management and team building in the ever-evolving field of cybersecurity.
Topics discussed:
Challenges and unique cyber risks in the metals industry and Ryerson's response strategies.
Building hybrid cybersecurity teams utilizing specialized outside services and in-house skills.
Common cybersecurity mistakes and oversights observed in the industry.
Effective risk management strategies and maintaining strong partnerships within the organization.
The future of cybersecurity at Ryerson and general industry trends, including the integration of new technologies.
Key Takeaways:
Evaluate skill gaps in your team to determine whether to utilize in-house resources or specialized outside services for cybersecurity needs.
Build strong partnerships with other business units to ensure a cohesive approach to cybersecurity and compliance.
Stay informed about unique cyber risks specific to your industry to tailor your defensive strategies effectively.
Conduct after-action reports regularly to learn from incidents and improve your cybersecurity posture.
Focus on continuous learning and training to keep your team's skills up-to-date in the ever-evolving field of cybersecurity.
Engage in open conversations with business leaders you might not frequently interact with to build stronger organizational relationships.
Avoid being a blame-avoidance leader; instead, focus on understanding what went wrong and how to improve.
Implement zero trust or constant validation methodologies to strengthen your cybersecurity controls.
Seek management and company support that aligns with your professional goals and provides ample training opportunities.
Stay vigilant about the tools and technologies you use, ensuring they are up-to-date and fully utilized for maximum security.
Thursday Jul 25, 2024
Thursday Jul 25, 2024
In our latest episode of the Future of Threat Intelligence podcast, Rick DeLoach, Deputy CISO at ADT, explores the transformative impact of AI on cybersecurity. Rick dives into the intricacies of how AI can simulate attack paths and bolster layered defense strategies, while also addressing the challenges of ensuring the accuracy and reliability of AI-generated data.
Additionally, Rick shares invaluable advice on the essential technical skills and soft skills, such as effective communication, that aspiring security professionals need to succeed in the ever-evolving cybersecurity landscape. This episode is a must-listen for anyone looking to stay ahead in the field of cybersecurity.
Topics discussed:
The transformative role of AI in simulating cyber attack paths and enhancing defense strategies.
The importance of technical proficiency in operating systems and networking for aspiring cybersecurity professionals.
Challenges in ensuring the reliability and accuracy of AI-generated data in cybersecurity.
Essential soft skills like effective communication and collaboration for career advancement in cybersecurity.
Strategies for integrating AI technology effectively within organizational security frameworks.
The need for continuous learning about emerging technologies and the evolving threat landscape in cybersecurity.
Advice on balancing security controls with business objectives to align with organizational risk appetite.
Key Takeaways:
Leverage AI to simulate cyber attack paths and improve defense mechanisms within your organization.
Develop technical proficiency in operating systems, networking, and data handling to enhance your cybersecurity skill set.
Prioritize effective communication skills to facilitate collaboration and advance your career in cybersecurity.
Ensure the accuracy of AI-generated data by conducting thorough research and validation.
Stay updated on emerging technologies and the evolving threat landscape to remain ahead in the cybersecurity field.
Understand your organization's risk appetite to align security controls with business objectives effectively.
Integrate AI tools within your security frameworks to detect and prevent cyber threats more efficiently.
Foster leadership skills to take ownership of security processes and drive improvements.
Communicate cybersecurity risks clearly to leadership and stakeholders using scenarios and impact assessments.
Engage in continuous learning to keep up with rapid changes in cybersecurity technologies and threat vectors.
Headed to Black Hat? Visit us at booth #4428 for a free demo. Until then, try Pure Signal Scout Insight™ free for 30 days by signing up here: https://www.team-cymru.com/ip-address-lookup-scout-insight
Thursday Jul 18, 2024
Thursday Jul 18, 2024
In our latest episode of the Future of Threat Intelligence podcast, Brian Palmer, Director of IT Security and Infrastructure at Ventas, Inc. highlights the critical importance of translating cyber risk into business language, making it comprehensible and actionable for executives and board members.
Brian shares his unique insights on balancing technical oversight with broader business objectives and the evolving challenges in cybersecurity, especially within the real estate sector. He also offers valuable perspectives on the impact of AI on phishing attacks and the essential role of continuous learning and networking for those aspiring to advance in the cybersecurity field. To close the chat, he describes his passion for mountaineering, likening seeing a huge summit in the distance and feeling overwhelmed but that once you break it down and go step by step, any problem or mountain is not so daunting.
Topics discussed:
The importance of translating cyber risk into business language for effective executive communication.
Strategies for balancing technical oversight with broader business objectives in cybersecurity.
Evolving cybersecurity challenges in the real estate sector, especially healthcare real estate.
The impact of AI technologies like ChatGPT on the sophistication of phishing attacks.
The necessity of continuous learning and networking for career advancement in cybersecurity.
Practical advice and real-world examples for implementing effective cybersecurity measures in business contexts.
Key Takeaways:
Translate cyber risks into business language to enhance executive and board understanding and decision-making.
Balance technical and business needs by aligning cybersecurity measures with business objectives and outcomes.
Communicate the potential business impacts of cybersecurity threats to ensure executive buy-in and support.
Leverage real-world examples from the news to educate and raise awareness about cybersecurity issues among employees.
Adapt cybersecurity strategies continuously to keep up with the ever-evolving threat landscape.
Foster a culture of continuous learning and curiosity within your cybersecurity team to stay updated on new threats and solutions.
Incorporate AI detection tools to counteract the increasing sophistication of phishing attacks.
Engage in networking with other cybersecurity professionals to share insights and strategies for managing emerging threats.
Evaluate your organization's unique cybersecurity challenges, especially if operating in niche sectors like real estate.
Develop hypothetical scenarios during interviews to assess candidates' problem-solving and adaptability skills in cybersecurity contexts.
Headed to Black Hat? Visit us at booth #4428 for a free demo. Until then, try Pure Signal Scout Insight™ for 30 days by signing up here.
Thursday Jul 11, 2024
Thursday Jul 11, 2024
In our latest episode of the Future of Threat Intelligence podcast, Mikko Hypponen, Chief Research Officer at WithSecure, explores the transformative role of AI in cybersecurity. Mikko shares his expert insights on how automation is revolutionizing detection and response strategies, such as being able to detect, craft a response, test it, implement, and share the response across the globe in mere minutes.
He also discusses the ethical considerations surrounding AI, such as the groundbreaking potential of machine-generated content that can be used both to attack and to defend. This episode is a must-listen for anyone interested in the cutting-edge intersections of AI and cybersecurity, offering valuable advice and perspectives from one of the industry's leading minds.
Topics discussed:
AI's role in revolutionizing cybersecurity detection and response strategies.
Ethical considerations and dilemmas in the use of AI for cybersecurity.
The growing importance and impact of automation in cyber defense.
Future predictions about machine-generated content and its implications.
The necessity of tabletop exercises, visibility, and recovery preparedness for effective cybersecurity preparedness.
The importance of comprehensive data collection while ensuring it’s protected within organizations.
Key Takeaways:
Implement AI-driven tools to enhance your cybersecurity detection and response strategies.
Conduct tabletop exercises regularly with your leadership team to prepare for potential cyber threats.
Ensure comprehensive visibility into your organization's network by utilizing advanced monitoring tools.
Collect and store as much data as possible to improve your ability to detect and respond to incidents.
Test your organization's recovery plans frequently to ensure you can bounce back from cyber attacks swiftly.
Address ethical considerations in AI deployment by establishing clear policies and guidelines.
Educate your team on the ethical implications of AI to foster responsible use of technology.
Utilize automation to reduce manual workloads and improve efficiency in cybersecurity operations.
Monitor advancements in machine-generated content to stay ahead of emerging cyber threats.
Engage with industry experts and thought leaders to continuously update your knowledge on AI and cybersecurity trends.
Thursday Jun 20, 2024
Thursday Jun 20, 2024
In our latest episode of the Future of Threat Intelligence podcast, Matthew Bull, CTO and CISO at Elanco, shares insights on the unique challenges and opportunities of the life sciences industry, as well as those Elanco faced following its separation from Eli Lilly. He emphasizes the importance of practical application and hands-on experience in cybersecurity.
Matthew also talks about the necessity for proactive measures to tackle evolving threats. This includes using generative AI and automation to help stay focused rather than get bogged down with smaller problems or threats that inevitably crop up.
Topics discussed:
The challenges and opportunities presented by Elanco's spin-off from Eli Lilly, including rebuilding the IT ecosystem from the ground up.
Strategies for shedding legacy systems and modernizing IT infrastructure, with a focus on cloud-based solutions.
Balancing Elanco's risk appetite with regulatory compliance and the importance of proactive risk management strategies.
Insights into the evolving threat landscape, the impact of AI on cybersecurity, and the need for preventative measures like zero trust and passwordless authentication.
Key Takeaways:
Leverage opportunities to modernize IT infrastructure during major organizational changes to reduce technical debt and improve efficiency.
Implement zero trust principles to enhance security in a highly distributed and hybrid work environment.
Focus on hands-on experience and practical application of cybersecurity knowledge to ensure effective implementation and problem-solving.
Transition to cloud-based systems to increase flexibility, scalability, and security within your IT infrastructure.
Maintain connections with diverse external networks and communities to stay informed about industry trends and innovative practices.
Continuously educate your workforce about new technologies and recalibrate processes to align with modern security requirements.
Embed cybersecurity practices into every aspect of IT and engineering teams to ensure security is a foundational element.
Embrace and explore the potential of AI and generative technologies to stay ahead of evolving cyber threats and opportunities.
Thursday Jun 06, 2024
Thursday Jun 06, 2024
In our latest episode of the Future of Threat Intelligence podcast, Cody Florek, Director of Information Security Operations at Sentry, offers his insights into the intricacies of building robust cybersecurity programs run by robust teams. He shares his unique journey from high school tech enthusiast to a seasoned security professional, giving excellent advice on balancing technology with human factors.
Cody also touches on understanding and managing cyber risk, and the necessity of continuous learning in the constantly evolving field. He also talks about the importance of building agility and designing security programs that are adaptable while also supporting and enabling the client’s business.
Topics discussed:
Insights on managing vulnerabilities and application security to strengthen overall cybersecurity defenses, including utilizing data analytics to assess vulnerabilities and make informed decisions.
The importance of clear communication with stakeholders to understand environments and facilitate effective security measures.
The necessity of ongoing education to stay current with cybersecurity trends and advancements.
Adopting an automation-first approach to improve response times and ensure consistency in security operations.
Designing security strategies that are adaptable to emerging threats and changes in the business environment so that the business is not only secure but able to thrive.
Key Takeaways:
Prioritize clear communication with stakeholders to understand their environments and needs for effective security solutions.
Educate your team and clients on vulnerability management and application security to strengthen overall security posture.
Utilize data analysis to understand vulnerabilities and make informed decisions for risk management.
Encourage ongoing education to stay updated with the latest cybersecurity trends and technologies.
Develop a multi-layered security strategy to mitigate risks and protect against diverse cyber threats.
Work closely with different teams to build security into business processes from the start.
Adopt an automation-first approach to enhance response times and maintain consistency in security operations.
Regularly assess and communicate risk levels to ensure all stakeholders are aware and can act accordingly.
Design your security program to be agile, enabling quick adaptation to emerging threats and changes in the environment.
Thursday May 23, 2024
Thursday May 23, 2024
In our recent episode of the Future of Threat Intelligence podcast, we talk with expert João Pedro Gonçalves, Global Chief Information Security Officer at EQT Group, about risk-based cybersecurity approaches, building security departments from the ground up, and the critical role of cybersecurity steering committees.
Pedro also talks about his journey in cybersecurity leadership and shares his insights on how security practitioners should aim to work with organizations that prioritize cybersecurity and align business strategies with tech architecture.
Topics discussed:
Risk-based cybersecurity approaches for effective protection.
Building security departments from scratch in organizations.
Significance of cybersecurity steering committees in risk management.
Navigating organizational hierarchies for enhanced security strategies.
Forming cybersecurity steering committees with executive team members for strategic decision-making.
Key Takeaways:
Implement risk-based cybersecurity approaches to enhance protection strategies.
Establish and structure security departments intentionally from the start.
Form cybersecurity steering committees with executive team members for strategic decision-making.
Navigate organizational hierarchies to streamline security strategies effectively.
Evaluate cybersecurity providers rigorously, focusing on certifications like SoC 2.
Read and analyze reports critically to ensure comprehensive risk coverage – read what is there and what’s not there.
Drive discussions with stakeholders to address security challenges and make informed decisions.
Your Title
This is the description area. You can write an introduction or add anything you want to tell your audience. This can help potential listeners better understand and become interested in your podcast. Think about what will motivate them to hit the play button. What is your podcast about? What makes it unique? This is your chance to introduce your podcast and grab their attention.