Future of Threat Intelligence

In our latest episode of the Future of Threat Intelligence podcast, Mikko Hypponen, Chief Research Officer at WithSecure, explores the transformative role of AI in cybersecurity. Mikko shares his expert insights on how automation is revolutionizing detection and response strategies, such as being able to detect, craft a response, test it, implement, and share the response across the globe in mere minutes. 
 
He also discusses the ethical considerations surrounding AI, such as the groundbreaking potential of machine-generated content that can be used both to attack and to defend. This episode is a must-listen for anyone interested in the cutting-edge intersections of AI and cybersecurity, offering valuable advice and perspectives from one of the industry's leading minds. 
 
Topics discussed:
AI's role in revolutionizing cybersecurity detection and response strategies.
Ethical considerations and dilemmas in the use of AI for cybersecurity.
The growing importance and impact of automation in cyber defense.
Future predictions about machine-generated content and its implications.
The necessity of tabletop exercises, visibility, and recovery preparedness for effective cybersecurity preparedness.
The importance of comprehensive data collection while ensuring it’s protected within organizations.
 
Key Takeaways: 
Implement AI-driven tools to enhance your cybersecurity detection and response strategies.
Conduct tabletop exercises regularly with your leadership team to prepare for potential cyber threats.
Ensure comprehensive visibility into your organization's network by utilizing advanced monitoring tools.
Collect and store as much data as possible to improve your ability to detect and respond to incidents.
Test your organization's recovery plans frequently to ensure you can bounce back from cyber attacks swiftly.
Address ethical considerations in AI deployment by establishing clear policies and guidelines.
Educate your team on the ethical implications of AI to foster responsible use of technology.
Utilize automation to reduce manual workloads and improve efficiency in cybersecurity operations.
Monitor advancements in machine-generated content to stay ahead of emerging cyber threats.
Engage with industry experts and thought leaders to continuously update your knowledge on AI and cybersecurity trends.

In our latest episode of the Future of Threat Intelligence podcast, Matthew Bull, CTO and CISO at Elanco, shares insights on the unique challenges and opportunities of the life sciences industry, as well as those Elanco faced following its separation from Eli Lilly. He emphasizes the importance of practical application and hands-on experience in cybersecurity. 
Matthew also talks about the necessity for proactive measures to tackle evolving threats. This includes using generative AI and automation to help stay focused rather than get bogged down with smaller problems or threats that inevitably crop up. 
 
Topics discussed:
The challenges and opportunities presented by Elanco's spin-off from Eli Lilly, including rebuilding the IT ecosystem from the ground up.
Strategies for shedding legacy systems and modernizing IT infrastructure, with a focus on cloud-based solutions.
Balancing Elanco's risk appetite with regulatory compliance and the importance of proactive risk management strategies.
Insights into the evolving threat landscape, the impact of AI on cybersecurity, and the need for preventative measures like zero trust and passwordless authentication. 
Key Takeaways: 
Leverage opportunities to modernize IT infrastructure during major organizational changes to reduce technical debt and improve efficiency.
Implement zero trust principles to enhance security in a highly distributed and hybrid work environment.
Focus on hands-on experience and practical application of cybersecurity knowledge to ensure effective implementation and problem-solving.
Transition to cloud-based systems to increase flexibility, scalability, and security within your IT infrastructure.
Maintain connections with diverse external networks and communities to stay informed about industry trends and innovative practices.
Continuously educate your workforce about new technologies and recalibrate processes to align with modern security requirements.
Embed cybersecurity practices into every aspect of IT and engineering teams to ensure security is a foundational element.
Embrace and explore the potential of AI and generative technologies to stay ahead of evolving cyber threats and opportunities. 

In our latest episode of the Future of Threat Intelligence podcast, Cody Florek, Director of Information Security Operations at Sentry, offers his insights into the intricacies of building robust cybersecurity programs run by robust teams. He shares his unique journey from high school tech enthusiast to a seasoned security professional, giving excellent advice on balancing technology with human factors. 
Cody also touches on understanding and managing cyber risk, and the necessity of continuous learning in the constantly evolving field. He also talks about the importance of building agility and designing security programs that are adaptable while also supporting and enabling the client’s business. 
 
Topics discussed:
Insights on managing vulnerabilities and application security to strengthen overall cybersecurity defenses, including utilizing data analytics to assess vulnerabilities and make informed decisions.
The importance of clear communication with stakeholders to understand environments and facilitate effective security measures.
The necessity of ongoing education to stay current with cybersecurity trends and advancements.
Adopting an automation-first approach to improve response times and ensure consistency in security operations.
Designing security strategies that are adaptable to emerging threats and changes in the business environment so that the business is not only secure but able to thrive.
Key Takeaways: 
Prioritize clear communication with stakeholders to understand their environments and needs for effective security solutions.
Educate your team and clients on vulnerability management and application security to strengthen overall security posture.
Utilize data analysis to understand vulnerabilities and make informed decisions for risk management.
Encourage ongoing education to stay updated with the latest cybersecurity trends and technologies.
Develop a multi-layered security strategy to mitigate risks and protect against diverse cyber threats.
Work closely with different teams to build security into business processes from the start.
Adopt an automation-first approach to enhance response times and maintain consistency in security operations.
Regularly assess and communicate risk levels to ensure all stakeholders are aware and can act accordingly.
Design your security program to be agile, enabling quick adaptation to emerging threats and changes in the environment.

In our recent episode of the Future of Threat Intelligence podcast, we talk with expert João Pedro Gonçalves, Global Chief Information Security Officer at EQT Group, about risk-based cybersecurity approaches, building security departments from the ground up, and the critical role of cybersecurity steering committees. 
Pedro also talks about his journey in cybersecurity leadership and shares his insights on how security practitioners should aim to work with organizations that prioritize cybersecurity and align business strategies with tech architecture. 
Topics discussed: 
Risk-based cybersecurity approaches for effective protection.
Building security departments from scratch in organizations.
Significance of cybersecurity steering committees in risk management.
Navigating organizational hierarchies for enhanced security strategies.
Forming cybersecurity steering committees with executive team members for strategic decision-making.
Key Takeaways: 
Implement risk-based cybersecurity approaches to enhance protection strategies.
Establish and structure security departments intentionally from the start.
Form cybersecurity steering committees with executive team members for strategic decision-making.
Navigate organizational hierarchies to streamline security strategies effectively.
Evaluate cybersecurity providers rigorously, focusing on certifications like SoC 2.
Read and analyze reports critically to ensure comprehensive risk coverage – read what is there and what’s not there.
Drive discussions with stakeholders to address security challenges and make informed decisions.

Welcome to the Future of Threat Intelligence, formerly known as the Future of Cyber Risk Podcast. As we evolve our focus towards proactive threat management, we're excited to bring you more insightful content into the dynamic world of cybersecurity.
In our latest episode, Noah Davis, VP & Chief Information Security Officer at Ingersoll Rand, shared his insights on the importance of business acumen in cybersecurity. He discussed his experience in various leadership and security roles, highlighting the need for communication, empathy, and continuous learning in the industry.
 
Topics discussed:
The importance of understanding business language in cybersecurity leadership roles.
The integration of empathy and authenticity in leadership for effective team management.
Future of cybersecurity, including AI adoption, detection, and response capabilities.
Communication strategies to bridge the gap between cybersecurity and business objectives.
Advocating for transparency and education in the cybersecurity industry.
Key Takeaways: 
Embrace curiosity to ask insightful questions and dive deeper into cybersecurity concepts.
Practice effective communication by being brief, bright, and concise in conveying cybersecurity messages.
Foster relationships by prioritizing and investing in team members' growth and well-being.
Stay updated on emerging technologies like AI to enhance cybersecurity practices and stay ahead of threats.
Bridge the gap between cybersecurity and business objectives by understanding financial concepts and language.
Advocate for transparency and open communication to educate stakeholders about cyber risks and best practices.
Stay proactive in learning and self-education to adapt to evolving cybersecurity challenges and opportunities. 

In this week's episode of the Future of Cyber Risk podcast, David speaks with Joshua Brown, VP and Global CISO at H&R Block, who explains the importance of not being alarmist when raising risk concerns and avoiding leading a conversation with "no." 
Joshua also discusses why storytelling is such a huge part of his role and shares some advice for cybersecurity professionals, including a reminder that technology is the enforcement mechanism for our solutions, not the solution itself.
 
Topics discussed:
How Joshua started in philosophy and ended up at a tech desk, then building a security team.
Signs that it's time to discard the old way of doing things for something better.
How Joshua knows he's getting his ideas across during his meetings with board members and how that affects their desire to take risks.
How being a good storyteller can help a CISO communicate with their team and the company.
The importance of listening, building relationships, and understanding motivations within your team.
Advice for cybersecurity professionals on communication, planning, and maintaining transparency.
 
Key Takeaways: 
Craft compelling cybersecurity narratives that resonate with stakeholders, illustrating the risks and solutions in a context that matters to them, not just from a technical perspective.
Engage with your team regularly to understand their needs. Effective leadership in cybersecurity involves continuous learning and adaptation.
Watch for signs that something isn’t working and see if you can try something new.
Listen to the questions you’re being asked: they can tell you about how well you’re being understood. 

In this week's episode of the Future of Cyber Risk podcast, David speaks with David Lingenfelter, Chief Information Security Officer at PENN Entertainment. They discuss the challenge of securing assets that you did not create yourself and how evolving regulations have affected the gaming industry's risk appetite. 
 
David also offers his insight on the critical skills a successful security practitioner should have. He also explains his approach to educating employees on security when they might have varying degrees of knowledge on staying secure.
 
Topics discussed:
The challenges of securing assets, such as slot machines, that you did not create yourself.
What it's like to balance both physical and cyber security responsibilities: luckily you only have to worry about one or the other.
Critical skills for security practitioners to succeed in today's landscape.
What education looks like at an organization where employees might have diverse levels of knowledge on security.
How ransomware has affected the gaming industry, even as it has transitioned from brick and mortar to digital.
Whether the industry practices direct collaboration to help each other prevent and overcome threats even when they're competitors.
How evolving regulations have affected the industry, especially regarding risk appetite.

In this week's episode of the Future of Cyber Risk podcast, David speaks to Chris Copeland, Associate Professor & Director of the Institute of Homeland Security and Cybercrime at Tarleton State University, about the misconceptions of cybersecurity and how he prepares his students for a full career of learning. 
Chris also predicts the trends of cybercrimes that will likely be around for good, for example how fraud has evolved into the data breaches and cryptocurrency scams of today. He also talks about the work he does as Executive Director of the Juno Initiative, which uses data mining and machine learning to help stop human trafficking.
 
Topics discussed:
Chris's journey from working a help desk to directing the Institute of Homeland Security and Cybercrime.
How the Juno Initiative uses technology such as data mining and machine learning to help stop human trafficking.
What Chris puts on the curriculum for his courses at Tarleton State University and how it is constantly changing with the landscape.
The misconceptions of cybersecurity: it's not just a guy in a ski mask typing on a computer underneath a headlamp.
The trends of cybercrimes and what will likely stick around, namely fraud.
Chris's top four pieces of advice, including give back and create a portfolio.

In this week's episode of the Future of Cyber Risk podcast, David speaks to Eric Adams, CEO/CISO at Federal Cyber Defense Solutions. They discuss what FedRAMP and FISMA are, how to use NIST as a roadmap to federal compliance, and what controls you need to implement for those requirements. They also talk about the need for vulnerability context and continuous monitoring, the importance of having leadership support behind your compliance efforts, and how AI will impact the future of security — but only if it's used for good.
 
Topics discussed:
How to understand the differences in NIST, FISMA, and FedRAMP and how NIST is the roadmap that can lead you to federal compliance.
How to better understand the controls you need to apply for something like FedRAMP compliance.
Why you need to have leadership commitment and support behind your security compliance efforts.
Why you can be compliant but not secure and what questions and suggestions can guide your efforts to increase security.
Why vulnerability prioritization based on context and continuous monitoring needs to be part of your compliance approach.
How the future of security will include more automation and AI — but only if it's used properly.
 

In this week's episode of the Future of Cyber Risk podcast, David speaks to Nat Prakongpan, VP of Product at Cyberbit (formerly of IBM at the time of recording). They discuss the need for business resiliency in security programs, and why you shouldn't just focus on preventing an attack but on recovery after an attack as well. They also talk about why security teams need to practice their incident response so it becomes muscle memory, the importance of making backups quantum-safe, and the growing need for detection and response in storage systems.
 
Topics discussed:
How Nat's career in cybersecurity began after being the target of an attack, and what he learned from 18 years at IBM.
The importance of business resiliency and the blind spots that many organizations have when it comes to attack surface management and knowing their assets.
Why security teams need to be like firefighters and develop their muscle memory for incident response.
How IBM approaches internal training on security, including annual training and role-based education.
Why organizations need to have a plan for both preventing attacks and for recovery after an attack.
The importance of keeping your backups quantum-safe for the future of computing.
The need for detection and response capabilities in storage systems to prevent compromise or attack.