Malicious Life Podcast: Inside the HAFNIUM Microsoft Exchange Attacks

The recent HAFNIUM attacks hit tens of thousands of organizations’ Microsoft Exchange servers around the globe. Now, an array of other threat actors are leveraging the residual webshells on victim systems to launch new attacks against organization… Continue reading Malicious Life Podcast: Inside the HAFNIUM Microsoft Exchange Attacks

Security CEO Roundtable: Restoring Our National Cybersecurity

Now that President Biden has proposed the allocation of $10 Billion for cyber security and IT modernization, what specifically should the federal government focus on to restore confidence in our national cyber security defense posture?
The post Se… Continue reading Security CEO Roundtable: Restoring Our National Cybersecurity

CISO Stories Podcast: Your Job is to Make Cybersecurity Simple

The CISO position in some organizations is relatively new, but the role has actually been evolving over the past 25 years – ever since Citibank named the first CISO, Steve Katz, in 1995. Join this podcast to learn how Steve navigated the early day… Continue reading CISO Stories Podcast: Your Job is to Make Cybersecurity Simple

International Women’s Day: “Win as One” Takes True Commitment to Diversity

“As a woman…” I haven’t really used that phrase for very long. Eight years ago, I came out as a transgender woman, very late in life. And even today I find myself fighting forty years of my own preconceived notions of what I had to be in order t… Continue reading International Women’s Day: “Win as One” Takes True Commitment to Diversity

International Women’s Day: UbU and Lead Like a Girl

Rewind to 2012: Sheryl Sandberg’s Lean In had just been published, pushing women to stop sitting back and start taking more risks. Amy Cuddy had just come out with her “Power Pose” TED Talk telling women that posing like Superwoman for two minutes… Continue reading International Women’s Day: UbU and Lead Like a Girl

CISO Stories Podcast: …and Other Useless Security Constructs

Bob Bigman, former CISO for the CIA, simplifies the conversation by slaughtering some of the industry’s most sacred cows like risk tolerance as a key driver for security programs – check it out…
The post CISO Stories Podcast: …and Other Useless Se… Continue reading CISO Stories Podcast: …and Other Useless Security Constructs

CISO Stories Podcast: Without Building a CISO EQ, You May Be On Your Own

The CISO must interact with many different groups within the company. These groups differ in the amount of business acumen and technical depth necessary. The CISO must have self-awareness of how to approach each of these different types of stakeho… Continue reading CISO Stories Podcast: Without Building a CISO EQ, You May Be On Your Own

CISO Stories Podcast: Doing Privacy Right vs. Doing Privacy Rights

Eric Schmidt (CEO Google 2001-2007) famously noted that his company’s policy was to get ‘right up to the creepy line and not cross it.’ The closer an organization can get to this imaginary line, the greater the profit maximization. When does this … Continue reading CISO Stories Podcast: Doing Privacy Right vs. Doing Privacy Rights