Infosecurity Magazine Podcast

OpenClaw’s weak spots have not gone unnoticed and Australian pentester Jamieson O’Reilly, founder of DVULN, was among the first to call them out. Now, he’s been appointed OpenClaw’s security representative, tasked with hardening the project from within. In this exclusive Infosecurity interview (from 7.30), O’Reilly explains his journey from a critic, who created a ‘fake’ malicious OpenClaw skill called “What would Elon do?” to a custodian. He also shares why he still treats OpenClaw with caution and outlines the security roadmap he’s building to make the project safer without stifling innovation. O’Reilly’s vision goes beyond patches and firewalls. He advocates for treating OpenClaw skills, its modular tools, like mobile apps. This means standardized security reviews, supply chain checks and transparency requirements. He also highlights the need for better ways to analyze AI prompts and agent behavior. This reduces the risk of hidden threats in natural language interactions. If successful, his work could set a new bar for security in open-source AI projects. O’Reilly’s appointment signals a shift. The project is taking security seriously, but the road ahead is complex. For CISOs and developers, his insights offer a rare look at how to balance experimentation with real-world safeguards. Resources: • OpenAI's Promptfoo Deal Plugs Agentic AI Testing Gap, Infosecurity Magazine https://www.infosecurity-magazine.com/news/openai-promptfoo-deal-agentic-ai/ • Researchers Reveal Six New OpenClaw Vulnerabilities, Infosecurity Magazine https://www.infosecurity-magazine.com/news/researchers-six-new-openclaw/ • Researchers Find 40,000+ Exposed OpenClaw Instances, Infosecurity Magazine https://www.infosecurity-magazine.com/news/researchers-40000-exposed-openclaw/ • Hundreds of Malicious Crypto Trading Add-Ons Found in Moltbot/OpenClaw, Infosecurity Magazine https://www.infosecurity-magazine.com/news/malicious-crypto-trading-skills/ • OpenClaw’s main website: https://openclaw.ai/blog/virustotal-partnership • OpenClaw’s GitHub page: https://github.com/openclaw/openclaw • OpenClaw’s Trust page outlining the project’s security roadmap: https://trust.openclaw.ai/ • OpenClaw Partners with VirusTotal for Skill Security, OpenClaw https://openclaw.ai/blog/virustotal-partnership

For the fifth year running, the World Economic Forum’s Global Cybersecurity Outlook report has provided a critical snapshot of the evolving cyber threat landscape – and this year’s findings mark a turning point. Cyber-enabled fraud has now overtaken ransomware as the top cybersecurity concern for organizations worldwide, signaling a fundamental shift in how attackers operate and the risks businesses face. In this episode, we sit down (4.55) with Giulia Moschetta, a research and analysis specialist at the World Economic Forum's Centre for Cybersecurity and one of the report’s lead authors, and Akshay Joshi, head of the WEF’s Centre for Cybersecurity, to break down the findings and what they mean for the future of cybersecurity. The discussion explores why fraud, from sophisticated payment scams to AI-driven social engineering, has become the dominant threat, while ransomware, though still potent, is no longer the sole focus of cyber defenses. Resources: -Global Cybersecurity Outlook 2026, Centre for Cybersecurity, World Economic Forum: https://www.weforum.org/publications/global-cybersecurity-outlook-2026/ -“World Economic Forum: Cyber-Fraud Overtakes Ransomware as Business Leaders' Top Cybersecurity Concern,” Infosecurity Magazine: https://www.infosecurity-magazine.com/news/fraud-overtakes-ransomware-as-top/ -Unmasking Cybercrime: Strengthening Digital Identity Verification against Deepfakes, Cybercrime Atlas, World Economic Forum: https://reports.weforum.org/docs/WEF_Unmasking_Cybercrime_Strengthening_Digital_Identity_Verification_against_Deepfakes_2026.pdf -“World Economic Forum: Deepfake Face-Swapping Tools Are Creating Critical Security Risks,” Infosecurity Magazine: https://www.infosecurity-magazine.com/news/wef-deepfake-faceswapping-security/

This year, cybercrime got a teenage makeover. Groups like Scattered Lapsus$ Hunters, part of the loose collective ‘The Com’ and filled with young, radicalized hackers, became a top threat. Their aggressive tactics led to high-profile breaches in 2025, including attacks on Marks & Spencer, the Co-op, and Jaguar Land Rover. Meanwhile, insider attacks exploded: employees secretly working for ransomware gangs, zero-day brokers selling to Russia, and a million-dollar-worth crypto heist at Coinbase. In 2025 we also saw AI evolve from being a futuristic threat to a threat which can power real malware, with AI tools like Claude helping criminals automate attacks at terrifying speed. We sat down with Rebecca Taylor, Threat Intelligence Knowledge Manage & Researcher at Sophos and Will Thomas, Senior Threat Intelligence Advisor at Team Cymru, to discuss 2025’s highs and lows in cybersecurity and cybercrime – and to make educated guesses on what to look for in 2026. Their prediction? That 2026 could bring live deepfake heists (imagine a fake CEO on a video call draining company funds) and nation-states weaponizing insiders for destructive cyberwar. This episode is sponsored by SailPoint.

Just in time for spooky season, this episode takes you into the darkest corners of the cyber underworld, where the real monsters aren’t ghosts or goblins, but ransomware gangs lurking in the shadows. We sat down with Matthew Maynard (3.42), a cybersecurity pro by day and a real-life cyber ghostbuster by night, who doesn’t just hunt vulnerabilities, but haunts the hackers themselves. While most bug bounty programs reward researchers for finding flaws, Matthew’s work is far more chilling (and thrilling). As part of threat intelligence programs like Halcyon’s Threat Research Intelligence Program (TRIP), he infiltrates ransomware gangs, extracts their secrets and helps shut down their operations before they strike. For CISOs and executives, Matthew’s experience offers a rare and critical perspective on how to shift from reactive fire-drills to proactive threat hunting. By leveraging dark web intelligence, undercover engagements, and threat actor profiling, security leaders can anticipate attacks, disrupt criminal operations, and even recover stolen data before it’s too late.

Generative AI is poised to revolutionize vulnerability discovery in critical infrastructure, but will it actually fix the problem, or just shift the burden? The recent AI Cybersecurity Challenge (AIxCC), a two-year competition sponsored by the US Defense Advanced Research Projects Agency (DARPA) and Advanced Research Projects Agency for Health (ARPA-H), crowned winners whose AI systems autonomously discovered and patched zero-day flaws in real-world code. Now, with models potentially going open-source, the implications for defenders, attackers and policymakers are seismic. In this episode, we sat down with Taesoo Kim, the leader of Team Atlanta, the AIxCC winning team, and Andrew Carney, program manager for the AIxCC at DARPA and ARPA-H. In the interview (13.56), they discuss why the commercialization of GenAI-powered vulnerability scanning tools could be just around the corner and how "self-healing infrastructure" might soon become a reality.

In this special episode of the Infosecurity Magazine podcast, we dive deep into the rapidly evolving story surrounding Microsoft SharePoint On-Premises. Recent disclosures have revealed a series of vulnerabilities now being exploited in targeted campaigns, with Chinese threat actors at the centre but other threat actors joining in the attacks. This episode breaks down the complexities of the incident, the ongoing exploitations and the broader implications for security practitioners. Stay updated as this story unfolds and equip yourself with valuable insights to better understand and defend against emerging cyber threats. Our discussion includes: Timeline of events surrounding the ToolShell Microsoft SharePoint on-prem vulnerability (02.20) Interview with Charles Carmakal, CTO at Mandiant, now part of Google Cloud (06.38). Charles details these critical vulnerabilities and steps towards patching and what some orgnaizations may be missing, leaving them vulnerable to compromise. Interview Lorri Janssen-Anessi, Director of External Cyber Assessments at BlueVoyant. With extensive experience from her time at the NSA and the Department of Homeland Security, Lorri provides an in-depth perspective on the impact these attacks are having and what they mean for organizations today. (17.18) Sing up to receive Infosecurity Magazine's weekly newsletter here.

In this Infosecurity podcast episode, the team dive into the details of Donald Trump's June 2025 Cybersecurity Executive Order (EO). This EO revises previous orders from both Barack Obama and Joe Biden, while also removing a host of requirements from Biden's January 2025 EO. From software supply chains and quantum computing to the research and testing of AI for cyber defense, this new order covers a wide array of critical cybersecurity topics. To unpack the details of the latest EO We sit down with Nick Reese, the co-founder and COO of Frontier Foundry, a Professor at New York University and a member of the Homeland Security Advisory Board at the George Washington University. Reese brings invaluable experience from his time as Director for Emerging Technology Policy at the US Department of Homeland Security (2019-2023). In our discussion, we break down the intricate details of the executive order, helping us understand its provisions and the nuances of the changes it introduces to the cybersecurity landscape. Sing up to receive Infosecurity Magazine's weekly newsletter here.

In this episode of the Infosecurity Magazine podcast we dive into the exciting world of Infosecurity Europe. Two veteran cybersecurity pros share their expert advice on how to get the most out of your visit to one of the industry's premier events. Heather Lowrie, former CISO and co-founder of Resilionix, and Jon Davies, Director - Cyber, KPMG share their perspectives on emerging cybersecurity themes to expect at the event and their reflections on how Infosecurity Europe has evolved over the years. We touch on how to navigate the diverse offerings at Infosecurity Europe, the value of engaging in Table Talks and Masterclasses and how to best plan your visit. This episode is packed with valuable insights to help you maximize your experience at Infosecurity Europe. Infosecurity Europe returns from 3rd to 5th June, 2025, at London’s Excel, celebrating its 30th anniversary. Registration is now open at infosecurityeurope.com. Find out more about Infosecurity Europe via the website here. https://www.infosecurityeurope.com/en-gb/lp/register-now.html?utm_source=advert&utm_medium=referral&utm_campaign=infosecurity_magazine&utm_content=&utm_term= Discover more from our sponsor, Vanta, here. https://www.vanta.com/demo-uk?utm_campaign=emea_generic&utm_source=info-security&utm_medium=podcast Sing up to receive Infosecurity Magazine's weekly newsletter here. https://www.infosecurity-magazine.com/my-account/login/

In this episode of Infosecurity Magazine's podcast, we delve into the critical realm of vulnerability management, exploring the pivotal roles played by two US government-funded security programs that today are under pressure as vulnerability reporting explodes. Join us as we discus the latest developments involving the National Vulnerability Database (NVD), operated by a dedicated team within NIST, which has been under pressure for the last 12 months. We’ll also touch on the recent uncertainty relating to the CVE Program, sponsored by the US Department of Homeland Security (DHS) and CISA and managed by the non-profit MITRE Corporation. These programs serve as essential data sources for organizations worldwide, enabling them to identify, prioritize and remediate vulnerabilities effectively. Our discussion is enriched by insights from expert guests, including: • Brian Martin, former member of the CVE Board (10:23) • Stephen Shaffer, a principal security engineer at a leading pharmaceutical company (26:55) • Rose Gupta, Cyber Exposure Management Lead at AssuredPartners (39:43) Discover more from our sponsor, Vanta, https://www.vanta.com/demo-uk?utm_campaign=emea_generic&utm_source=info-security&utm_medium=podcast Sing up to receive Infosecurity Magazine's weekly newsletter https://www.infosecurity-magazine.com/my-account/login/

With 4.3 million devices infected and 3.9 billion stolen passwords shared by hackers, infostealers have emerged as one of the dominant malware threats of 2024. According to recent reports from Kela and Huntress, these stealthy attackers are now involved in one in four cyber-attacks, making them a major concern for individuals and organizations alike. In our latest podcast episode, we take a closer look at the rise of infostealers and what you can do to protect yourself from these insidious threats. You will hear from Leonid Rozenberg, Cybercrime and Threat Intelligence Researcher at Hudosn Rock about: Infostealers’ ability to steal passwords stored in browsers and other malware features that most people don’t usually talk about (7:24) The latest trends in infostealer development, deployment and distribution in 2025 (26:40) How organizations and individuals can prevent and mitigate the infostealer threat (32:07) Discover more from our sponsor, Vanta, here. https://www.vanta.com/demo-uk?utm_campaign=emea_generic&utm_source=info-security&utm_medium=podcast Sign up to recieve Infosecurity Magazine's weekly newsletter here.https://www.infosecurity-magazine.com/my-account/login/

Listen to this episode of the Infosecurity Magazine podcast for your comprehensive guide to Infosecurity Europe 2024, taking place at the Excel London from 2-6 June. This episode dives deep into Europe's leading information security event, featuring insights from seasoned attendees Paul Watts, Distinguished Analyst and vCISO at the Information Security Forum, and Mun Vajil, CISO at Trainline. Listen to learn: • What Infosecurity Europe is all about and how to register. • Proven strategies to maximize your experience, whether you're a first-timer or a veteran. • Highlights of the conference program, including must-see sessions, key topics and exclusive speakers. • How to navigate the exhibition and connect with leading cybersecurity vendors. Plus, get valuable tips to help you make the most of your Infosecurity Europe experience. Click here to register for Infosecurity Europe 2024: https://www.infosecurityeurope.com/en-gb.html

This episode of the Infosecurity Magazine Podcast dives deep into the recent cyber-attack on Change Healthcare, a major player in US healthcare billing and data. The attack's impact went beyond data breaches, disrupting prescriptions, payments, and causing significant financial losses. Hear from: Wes Wright, Chief Healthcare Officer at Ordr, (08.37) who explains how the attack rippled through the healthcare system. Victor Acin, Head of Threat Intel at Outpost24, (26.00) who sheds light on the ransomware gang that targeted Change Healthcare and why healthcare is a prime target The discussion explores the attack's tactics, the future of Ransomware-as-a-Service (RaaS), and what lessons healthcare can learn to improve its cybersecurity posture.

Operation Cronos took the cybersecurity world by storm as law enforcement disrupted one of the most prolific ransomware gangs in the world. Now the dust has settled it’s time for a first assessment of the takedown’s impact on the LockBit ransomware group. In this episode, the Infosecurity Magazine team goes behind the scenes of the law enforcement operation with Prodaft, a threat intelligence company that collaborated with the FBI, the NCA, and Europol to take down the group’s infrastructure. We also dissected the operation’s impact on LockBit’s activity and explored what the future holds for this notorious cybercriminal organization, with great insights from RedSense, another threat intelligence firm that spent three years investigating the group. You will hear from: -Koryak Uzan, co-founder of Prodaft (6.52) -Marley Smith, principal threat researcher at RedSense and Yelisey Bohuslavskyi, RedSense co-founder (31.36)

Big corporations are tightening their cyber defenses, making small and medium businesses (SMEs) a tempting target for cybercriminals. This episode of Infosecurity Magazine’s podcast dives into the growing threat landscape for SMEs and explores the potential consequences of an attack. Guests include: • Simon Whittaker, CEO of Vertical Structure (07.35) • Gill Thomas, Director of Engagement, Capacity and Resilience Program at the Global Cyber Alliance (33.15)

This year’s Data Privacy Week campaign carries the theme ‘take control of your data,’ underlying the scale of personal information being collected and used online by businesses. In this episode, we analyze growing consumer awareness and concern about the use of their personal data online, and practical steps businesses can take to improve trust and transparency in this area. This includes creating ‘value exchange’ with customers around using their personal data. We also delve into the impact of AI on data privacy – good and bad, and how to manage customer relationships during a data breach. Tune into this episode to learn practical ways organizations can update their data privacy practices for the modern consumer. Guests include: Joe Jones, Director of Research and Insights for the International Association of Privacy Professionals (IAPP) – 07.21 Sarah Pearce, Partner, Hunton Andrews Kurth – 20.32

In this episode of the Infosecurity Magazine podcast, we take a look back at 2023 and explore some of the most significant cybersecurity trends and topics that have shaped the industry this year. We discuss the growing cyber skills gap, the increasing use of AI in both offensive and defensive cybersecurity operations, and the emerging threats posed by AI-powered tools like ChatGPT. We also feature an interview with Brad LePorte of LionFish Tech Advisors, who shares his insights on the future of cybersecurity in 2024. Listen to hear more about: The widening cyber skills gap and its impact on organizational security The growing use of AI in both offensive and defensive cybersecurity operations Insights from Brad LePorte of LionFish on cybersecurity trends for 2024

In November the UK hosted its first ever AI Safety Summit, less than one year after OpenAI released ChatGPT, its revolutionary generative AI-powered chatbot. In this episode, we delve into the rapidly evolving world of artificial intelligence, exploring the implications of recent developments and announcements from governments, tech companies, and industry bodies around the globe. Join us as we dissect the key takeaways from the AI Safety Summit and examine how these advancements impact the cybersecurity landscape. Whether you're a cybersecurity professional or simply curious about the future of AI, this episode provides valuable insights into the intersection of AI and cybersecurity. You’ll hear from: - Matt Roach, Head of i-4 Cyber Security Leaders Community, KPMG UK (11.45) - Rob van der Veer, Senior Director, Software Improvement Group (SIG) & Founder, OWASP AI Exchange (30.01)

Phishing has been a prominent topic in cyber for many years, but attackers have become more sophisticated in their approaches, assisted by generative AI and deepfake technologies. During this episode to mark the 20th anniversary of Cybersecurity Awareness Month, the Infosecurity Magazine team discuss new trends relating to this vector, and how awareness training and guidance needs to be reviewed and updated in response. Two experts from the field of academia share their thoughts and new research in this constantly evolving area of cybersecurity. Guests include: • Constantinaos Patsakis, Associate Professor at the Department of Informatics, University of Piraeus (04.28) • Jason Nurse, Director of Science & Research at CybSafe and Reader, University of Kent (28.27)

This episode of the Infosecurity Magazine podcast focuses on the cybersecurity skills gap and how to bridge the divide. We discuss the challenges of recruiting and retaining cybersecurity talent, as well as the innovative solutions that are being developed to address the problem. We also speak to MK Palmore, Vice President of Cyversity, about his work to increase diversity in the cybersecurity workforce and why diversity of thought is vital to the cybersecurity landscape.

Despite a general slowdown of ransomware attacks in in 2022 we are now experiencing a resurgence of ransomware activities. In this episode, the Infosecurity Magazine team discuss some of the research recently published by threat analysts in the ransomware space and what it is demonstrating about how threat actors are evolving their approaches in 2023. This includes interviews with two cybersecurity experts who have uncovered critical new insights into the evolution of ransomware. Guests include: Jacqueline Burns Koven, Head of Cyber Threat Intelligence at Chainalysis, explains why ransomware is on course for one of its biggest years to date (07.15) Dr Karen Nershi, Postdoctoral Fellow, Stanford Internet Observatory, discusses increasing political motivations for this threat vector (22.45) Tune in now to understand the latest ransomware trends and tactics.

Join the Infosecurity Magazine team and guests as they plunge into the heart of a devastating cyber-attack that has impacted the likes of BBC, PwC, and Schneider Electric. In this episode, we delve deep into the world of supply chain attacks, and where the notorious Clop ransomware group capitalizes on a hidden weakness in MOVEit Transfer—a trusted file transfer solution used by thousands of companies. In an interview with Secureworks, one of the first cybersecurity firms to sound the alarm, we examine the cloak-and-dagger tactics, techniques, and procedures (TTPs) employed by the audacious Clop. Our expert guests unravel the secrets behind the far-reaching impact of this hack, while offering invaluable insights into the crucial steps cybersecurity practitioners must take in the face of such a high-stakes incident. Tune in now to stay one step ahead in the battle against the relentless forces of cybercrime. Guests include: • Rafe Pilling, Director of Threat Research at Secureworks Counter Threat Unit • William Thomas, CTI Researcher at Equinix Threat Analysis Center (ETAC) & co-founder of Curated Intelligence • Paul Watts, Distinguished Analyst at the Information Security Forum This Podcast is sponsored by Mandiant’s mWISE Conference, click here to register.

Infosecurity Europe is Europe's leading cybersecurity event, and this year's show is no exception. In this podcast episode hear about some of the key conference sessions, activities and must-see attractions at the 2023 event. The Infosecurity Magazine editorial team also highlight some of the biggest cybersecurity themes at discussion topics that will be important for information security professionals to educate themselves on and will hear about at Infosecurity Europe. Finally, Brian Honan, CEO of BH Consulting and former Infosecurity Europe Hall of Fame winner, gives his advice on how to get the most out the event and some of the sessions he’s most looking forward to attending.

Since the launch of ChatGPT in November 2022 the cybersecurity world has been abuzz with talk of AI and its usefulness as well as the threat it poses. In this episode of the podcast the team discuss how cybersecurity vendors are leveraging AI, what threats AI has brought to the technology landscape and what to be cautious of when using large language models. Beth Maundrill also sits down with Sergey Shykevich, Threat Intelligence Group Manager at Check Point Research, to dispel some of the myths around threat actors' use of AI and what Check Point has observed over the past six months. Shykevich also provides his thoughts on the future of AI in cybersecurity.

The RSA conference in San Francisco is back this month and the editorial team will be crossing the pond to join the cybersecurity community at the largest North America cyber event. During this episode of the podcast, Beth Maundrill and James Coker discuss what they think will be the biggest talking points at RSA 2023 and some of the sessions that have caught their eye. Expect to hear a lot about government initiatives including President Biden’s National Cybersecurity Strategy and how Federal agencies are working with international partners to bolster cyber defenses. AI will of course be a huge topic at all events this year following the emergence of ChatGPT. The team also speaks to Pam Nigro, chair, board of directors at ISACA and VP of security at Medecision, about what she thinks about some of the emerging conference themes as well as tips on how to make the most out of the event in-person.

February 24, 2023 will mark 12 months since the Russian invasion of Ukraine began but the cyber war began months, if not years, before the kinetic attack began. In this episode of the podcast the team discuss how the war has had an impact on the cyber threat landscape, how Russian-affiliated actors have behaved over the last 12 months and the tactics that have appeared. Kevin Poireault will discuss the findings from a recent report from Google’s Threat Analysis Group which found that Russian cyber aggression dates all the way back to 2019. Kevin will also dive into research he’s been doing surrounding the explosion in wiper malware attacks in 2022. Finally, Beth Maundrill speaks to Recorded Future’s Alex Leslie about a recent report that examines the relationship between cybercriminals and the Russian state.

January marks Data Privacy Week, a global campaign to spread awareness about online privacy, and the team dives into current state of data privacy and related regulation, including, of course, GDPR. In addition, Valerie Lyons, COO at BH Consulting shares her expertise on data privacy and speaks to James Coker the real-world impact of data privacy legislation, how she expects the development of AI, including ChatGPT, to affect our online privacy over the coming years and why organizations need to move privacy from risk into corporate-social responsibility. You can listen and subscribe to the Infosecurity Magazine’s Podcast on Spotify and Apply Music.

Jen Ellis is a well-known member of the cybersecurity community both in the US and the UK. She spent over a decade employed at the cybersecurity company Rapid7 and is now an independent cybersecurity advocate who is working to improve public safety in cyber by collaborating and advising policymakers and government bodies. During this discussion Beth and Jen speak about how the cybersecurity community can have an impact on cybersecurity related regulation and legislation, both in the UK and abroad. As well as how cybersecurity professionals can make sense of all the data that it published relating to the cybersecurity threat landscape and how they can practically analyze the information. You’ll hear about Jen’s “West Wing” experience as she started her journey in towards influencing cybersecurity policy on both sides of the pond and much more. You can listen and subscribe to Infosecurity Magazine’s Podcast on Spotify and Apple Music.

In this month's episode of the IntoSecurity podcast the team review the year that was 2022 and highlight some of the top trends in cybersecurity and how to prepare for the next 12 months. Hear from Aaron Webb Senior Product Marketing Manager, Security at Jamf, who gives his views on the threat landscape and what businesses can do to prepare for 2023. Later James Coker speaks to Larry Whiteside Jr, a CISO and co-founder of Cyversity, about the most interesting developments he’s observed in cybersecurity this year and what elements of the cybersecurity skills gap have evolved over the past 12 months. You can listen and subscribe to the IntoSecurity Podcast on Spotify and Apply Music. Should you listen to our podcast your information will be shared with the sponsor indicated above. See our privacy policy for more information.

As we approach a crucial season for the retail industry, with the holiday season upon us and the famous (or infamous) Black Friday and Cyber Monday shopping days around the corner, consumers are littered with deals and offers. Sadly, as previous years have shown, this provides huge opportunities for cyber-criminals and fraudsters to strike, such as posing as well-known brands with fake offers. During this podcast we’ll hear from CISA’s Deputy Mission Coordinator for Threat Hunting, Jillian Rucker, and Neira Jones, an Independent Advisor & International Speaker, with huge expertise in payment and financial services security. The team also analyze recent news and figures relating to scams and cybercrime relating to shopping.

In this episode, Beth Maundrill is joined by Dr. Jason Nurse, Associate Professor in Cyber Security at the University of Kent, and a Visiting Academic at the University of Oxford. Join the conversation as they discuss routes into cybersecurity academia, practical advice on corporate communications following a cyber-incident and Jason’s research with RUSI on the state of cyber insurance market today. Resources discussed: A framework for effective corporate communication after cyber security incidents Cyber insurance and the cyber security challenge

Into Security Podcast Episode 40, Brought to You by Tufin by Infosecurity Magazine

Teacher, entrepreneur and woman in tech, Jan Carrol talks to us about her journey into cybersecurity, her view of the cyber-security skills gap and how she took the leap of faith to set up her own company, the Fortify Institute. Jan’s work includes rolling out initiatives to up-skill jobseekers, delivering diplomas in cybersecurity and is passionate about getting more women back into the workplace after they have taken a break. As someone who is not able to say no, Jan is involved in a number of community groups including Cyber Women Ireland which aims to increase the participation of women in cyber and focus on how to maintain retention. She is also involved in the National Cyber Taskforce in Ireland that is working on creating resources for frontline workers to help in cases of technology-facilitated domestic abuse (also known as stalker-ware).

In this month's episode of the IntoSecurity podcast, Beth Maundrill and James Coker analyze Insider Threats as September is National Insider Threats Awareness Month. James also speaks to Lisa Forte, Partner at Red Goat Cyber Security, about recent research into insider threats, how to identify them and what steps businesses should take towards creating an effective insider threat policy.

Ian Murphy, founder of CyberOff, talks about how he uses humor and stand-up to get people engaged with cybersecurity training and cyber awareness and why putting people first is key for a successful cyber training strategy. Having had dreams of a football career, Ian tells the story of how his interest in all things technical during the 1970s and ‘80s led him down the pay of cyber security. Ian shares his opinions on the good, the bad and the ugly of the cyber industry today, no holds barred. Ian’s food and drink pairing: Coffee (or whisky after 5pm) and some biscuits. You can listen and subscribe to the IntoSecurity Chats Podcast on Spotify and Apply Music. Should you listen to our podcast you information will be shared with the sponsor indicated above. See our privacy policy for more information.

In this month's episode of the IntoSecurity podcast, James and Benjamin discuss long-standing Infosecurity Magazine's Editor Eleanor Dallaway's departure and review the recent Infosecurity Europe conference in London

Javvad Malik tells us who should get married, snogged and killed if he was pitched against his Host Unknown podcast co-hosts, Thom Langford and Andrew Agnes. Javvad and Eleanor chew the fat about Javvad’s journey from end-user to analyst to vendor and they get serious about burnout and mental health in the cybersecurity industry (oh, and they debate information security versus cybersecurity).

This episode of the IntoSecurity podcast focuses on the impact and challenges of the General Data Protection Regulation (GDPR), with the fourth anniversary of the legislation coming up later this month. Eleanor, Benjamin and James also review a number of recent stories in the industry.

Camille Stewart was destined for great things – as a child, she’d insist on her parents signing contracts regarding financial incentives for good grades! She says the best advice she was ever given was for the traditional path to not be a limitation, but to be a guide, and Camille has fully embraced that advice. Eleanor Dallaway and Camille talk about Camille’s journey along that path, from Capitol Hill to Google where she currently serves as global head of product security strategy. There’s also some Beyoncé and Disney chat for good measure. Food & Drink Podcast Pairing Recommendation by Camille: Coffee (bourbon optional) and kettle corn (sweet popcorn!)

In episode 36 of the IntoSecurity podcast, the Infosecurity editorial team takes a deep dive into the cyber skills gap. Benjamin David interviews Leeza Garber, cybersecurity and privacy attorney and consultant, and the team discusses a handful of the latest and hottest cybersecurity headlines.

In episode 35 of the IntoSecurity podcast, the Infosecurity editorial team consider the most important coverage surrounding the Russia Ukraine conflict. We also take a look at the highlights from the hot-off-the-press European Industrial Infrastructure Cyber Threat Perspective report from Dragos. Eleanor is joined by Dragos’ utterly brilliant VP of threat intelligence, Sergio Caltagirone, as they discuss the research findings.

In this special Valentine's Day episode of the IntoSecurity podcast, the Infosecurity editorial team takes a deep dive into romance scams. James Coker interviews Lisa Forte, partner at Red Goat Cybersecurity, and the team discusses the biggest five romance scams they've reported in recent years here at Infosecurity.

You probably haven’t listened to many information security podcasts that have Mr Bean, BMW drivers and Bono on the agenda, but that’s what this episode of IntoSecurity Chats with Brian Honan has in store. It’s not all fun and giggles though, as Brian admits to Eleanor Dallaway that he sometimes feels intimidated by the industry and those in it, and they deep dive into user-blaming, ransomware payments and cyber-attack disclosure. Plus, a bold declaration from Brian that the industry needs to get over itself! Food & Drink Podcast Pairing Recommendation by Brian: A pint of Guinness and boxty

In the January episode of the IntoSecurity podcast, the Infosecurity editorial team takes a deep dive into cybersecurity's image problem. Benjamin David interviews Dr Victoria Baines, a research fellow at Bournemouth University and author, and the team discusses a handful of the latest and hottest cybersecurity headlines.

In the final IntoSecurity podcast of the year, Infosecurity Magazine enters reflection mode and reveals its top ten most-read news stories of the year. Join Eleanor Dallaway, Benjamin David and James Coker to rediscover the stories behind the biggest headlines of 2021.

What do sextortion, a Christmas hippopotamus and a best-selling book have in common? They’re all discussed in the December episode of IntoSecurity Chats, featuring the fantastic Dr Jessica Barker. Eleanor and Jess discover they have a lot in common and Jess spills the beans on her most memorable awareness campaign, the realities of writing a book and the biggest mistake an organization can make when running an information security awareness campaign.

The November episode of the IntoSecurity podcast shines a spotlight on ecommerce security challenges, particularly relevant around Black Friday and Cyber Monday. James Coker interviews Christopher Morgan, Senior Cyber Threat Intelligence Analyst at Digital Shadows, who offers advice around keeping shoppers and retailers safe online. As always, the team discusses a handful of the latest and hottest cybersecurity headlines.

In the October episode of the IntoSecurity podcast, the Infosecurity editorial team discusses Cyber Security Awareness Month. Benjamin David interviews Holly Grace Williams, managing director of Akimbo Core, who explores the significance of cyber security awareness month. Benjamin David also welcomes Laura Hoffner, chief of Staff at Concentric, who presents five ways organizations can protect themselves against phishing attacks. Finally, as always, the team discusses a handful of the latest and hottest cybersecurity headlines.

Eleanor Dallaway and Graham Cluley have more in common than you'd think...They both reside in Oxfordshire, both host infosec podcasts and write about infosec happenings, and have a shared disdain (to put it mildly) of Piers Morgan. Their views on feeling the sand between their toes, however, are polar opposite, as you'll find out... Eleanor asks Graham all the big questions: Do you consider yourself an infosec celeb? Did you panic buy petrol? Why on earth are you taking distress flairs to a beautiful tropical island? Food & Drink Podcast Pairing Recommendation by Graham: San Pellegrino sparkling water accompanied by some Jacob's cream crackers and gorgeous blue cheese