ISF Podcast

Written by: Information Security Forum Podcast
  • Summary

  • The ISF Podcast brings you cutting-edge conversation, tailored to CISOs, CTOs, CROs, and other global security pros. In every episode of the ISF Podcast, Chief Executive, Steve Durbin speaks with rule-breakers, collaborators, culture builders, and business creatives who manage their enterprise with vision, transparency, authenticity, and integrity. From the Information Security Forum, the leading authority on cyber, information security, and risk management.
    263000
    Show more Show less
activate_Holiday_promo_in_buybox_DT_T2
Episodes
  • S30 Ep4: BONUS: Brian Lord - AI, Mis- and Disinformation in Election Fraud and Education
    Oct 29 2024
    This is the second of a two-part conversation between Steve and Brian Lord, who is currently the Chief Executive Officer of Protection Group International. Prior to joining PGI, Brian served as the Deputy Director of a UK Government Agency governing the organization's Cyber and Intelligence Operations. Today, Steve and Brian discuss the proliferation of mis- and disinformation online, the potential security threats posed by AI, and the need for educating children in cyber awareness from a young age.

    Key Takeaways:
    1. The private sector serves as a skilled and necessary support to the public sector, working to counter mis- and disinformation campaigns, including those involving AI.
    2. AI’s increasing ability to create fabricated images poses a particular threat to youth and other vulnerable users.

    Tune in to hear more about:
    1. Brian gives his assessment of cybersecurity threats during election years. (16:04)
    2. Exploitation of vulnerable users remains a major concern in the digital space, requiring awareness, innovative countermeasures, and regulation. (31:0)

    Standout Quotes:

    1. “I think when we look at AI, we need to recognize it is a potentially long term larger threat to our institutions, our critical mass and infrastructure, and we need to put in countermeasures to be able to do that. But we also need to recognize that the most immediate impact on that is around what we call high harms, if you like. And I think that was one of the reasons the UK — over a torturously long period of time — introduced the The Online Harms Bill to be able to counter some of those issues. So we need to get AI in perspective. It is a threat. Of course it is a threat. But I see then when one looks at AI applied in the cybersecurity test, you know, automatic intelligence developing hacking techniques, bear in mind, AI is available to both sides. It's not just available to the attackers, it's available to the defenders. So what we are simply going to do is see that same kind of thing that we have in the more human-based countering the cybersecurity threat in an AI space.” -Brian Lord

    2. “The problem we have now — now, one can counter that by the education of children, keeping them aware, and so on and so forth— the problem you have now is the ability, because of the availability of imagery online and AI's ability to create imagery, one can create an entirely fabricated image of a vulnerable target and say, this is you. Even though it isn’t … when you're looking at the most vulnerable in our society, that's a very, very difficult thing to counter, because it doesn't matter whether it's real to whoever sees it, or the fear from the most vulnerable people, people who see it, they will believe that it is real. And we've seen that.” -Brian Lord


    Mentioned in this episode:
    • ISF Analyst Insight Podcast

    Read the transcript of this episode
    Subscribe to the ISF Podcast wherever you listen to podcasts
    Connect with us on LinkedIn and Twitter

    From the Information Security Forum, the leading authority on cyber, information security, and risk management.
    Show more Show less
    23 mins
  • S30 Ep3: David Weisong - Clean Energy: A CISO’s perspective on cyber security challenges
    Oct 22 2024
    In today’s episode, Steve speaks with David Weisong, CIO of Information Systems at Energy Solutions, a growing company with many US government clients. He speaks with Steve about his experiences overseeing a full migration of the company’s security framework, how he got buy-in for security from the C-suite, and how he has approached the challenge of staffing.


    Key Takeaways:

    1. Organisations are advised to focus on protecting critical assets and closely monitoring any supply chain issues.

    2. Security leaders and teams are also having to prepare policies for AI use and investigate cloud provider dependencies.

    3. Security leaders and teams should be monitoring developments in quantum, staying in step with regulations and needed skills.


    Tune in to hear more about:

    1. Security risks in technology innovation and adoption (1:29)

    2. The impact of quantum computing on cybersecurity and the need for organisations to prioritise legacy technology updates (6:59)

    3. Volatility, uncertainty, and technological change in the security industry (12:45)

    4. How technology innovations can disrupt and improve organisations (18:22)

    5. Managing innovation in a rapidly changing digital landscape (20:40)

    6. Limitations of accessing powerful technologies due to restrictions, threats, and security concerns (26:12)

    7. Emerging threats and risks in technology, including quantum computing, AI, and legacy systems (32:18)


    Standout Quotes:

    1. “We're a professional services organisation, so our contracts are the foundation. And if they're not 100% met, then you actually don't proceed. So it became very easy to say, there's cause and effect here. And that's where that's taken a lot of … repeat exposure, I think, is one part of it, but also setting the stage that it's dynamic. It's not like, oh, yeah, we're done with that, so we can just kind of move on. It's like, we're done with this particular initiative right now. And there are more, and it will be changing probably, quarter to quarter.” - David Weisong

    2. “There’s a lot of things that are being put onto platforms or systems that you sometimes get into the area where you might have a unique combination of things that creates problems. And so that's where I think the industry is looking at it still in a category basis. I think there's a need for a more holistic approach, dare I say, coordination or cooperation between companies and their solution offerings.” - David Weisong

    3. “When I think about the three to five year window, I mean, there's clearly more fraud and more cybersecurity attacks. It is significant, and it's not decreasing. And so the ability for both organisations to share and for the industry that serving up different solutions, there has to be a coordination and a collaboration around that. Because the priority could change from year to year.” - David Weisong





    Mentioned in this episode:

    • Times Higher Education: We need a social science of data by Cristina Alaimo and Jannis Kallinikos
    • ISF Analyst Insight Podcast

    Read the transcript of this episode

    Subscribe to the ISF Podcast wherever you listen to podcasts

    Connect with us on LinkedIn and Twitter


    From the Information Security Forum, the leading authority on cyber, information security, and risk management.

    Show more Show less
    29 mins
  • S30 Ep2: Steve Satterwhite - Learning to Build a Tech-Savy but Emotionally Intelligent Team
    Oct 15 2024
    In today’s episode, Steve speaks with Steve Satterwhite, the founder and CEO of Entelligence, and author of "Above the Line: How the Golden Rule Rules the Bottom Line." He shares some simple but fresh ideas about how to find the right person for the right role, how to overcome the skills shortage, and why putting people first is the key to successful cybersecurity.


    Key Takeaways:

    1. Successful companies can upskill employees in technology, using positive experiences and promising opportunities.
    2. Satterwhite reflects on fatherhood, emphasizing the importance of helping children discover their purpose and identity.
    3. Satterwhite believes that the organisation’s role is to provide tools and systems for team members to thrive, while also acknowledging the reality of short-term employment.
    4. Open-minded technology leaders who integrate technical skills with emotional intelligence thrive.


    Tune in to hear more about:

    1. Attracting and retaining talent in the cybersecurity industry (2:40)
    2. Cybersecurity talent shortage and skills gap in enterprises (10:00)
    3. Finding and upskilling cybersecurity professionals for new technologies (16:44)
    4. Prioritising people in business to boost revenue and profits (21:58)
    5. Prioritising emotional intelligence in technology leadership (27:06)


    Standout Quotes:

    1. “I believe that that culture attracts the kind of folks that are ambitious, that are hungry to learn, that are eager to move up in whatever way that they define moving up in their lives. And I think it's our job, really, as leaders, and especially here in our organisation. It’s to create that environment so that people can thrive.” - Steve Satterwhite

    2. “Here’s a stupid analogy, but I like to use it because it's how I think about the business. It's really just to simplify it. Let's say that you're a new airline, or you have a new airline route that you want to go from Houston to Paris, and you're short of pilots to fly the big Dreamliner or the big Airbus from here to there. It's a different operation. So what we do is we go look for people that have been flying 737s most of their career. They're deeply passionate about flying, and they're really good at it, and all we need to do is just kind of upskill them in a short period of time just to fly a different airplane. It's still piloting, it’s still flying. That's what we do. So if you think about just the evolution of technology and the things that we're doing, all we're doing, constantly, at Entelligence is just upskilling people in the shortest possible time.” - Steve Satterwhite
    Mentioned in this episode:

    • ISF Analyst Insight Podcast

    Read the transcript of this episode

    Subscribe to the ISF Podcast wherever you listen to podcasts

    Connect with us on LinkedIn and Twitter

    From the Information Security Forum, the leading authority on cyber, information security, and risk management.

    Show more Show less
    33 mins

What listeners say about ISF Podcast

Average Customer Ratings

Reviews - Please select the tabs below to change the source of reviews.