ISF Podcast

It is an unavoidable fact that businesses and organisations’ sensitive information will be breached at some stage in the future. When a network has been compromised, proper investigation and remediation to the incident is vital, as the impact can be significant in the digital world. There are various steps that need to be taken to respond and recover from a data breach, much like the processes that are observed in a medical centre. Those steps create a tedious, disruptive process that may take more than one cyber life cycle to heal.In this podcast, Steve Durbin, Managing Director at the ISF talks with Ondrej Krehel, CEO and founder of LIFARS LLC, an international cybersecurity and digital forensics firm specialising in remediation and resolution services. Here they discuss how data breaches are inevitable to businesses, and how organisations can prepare to effectively retaliate in the new world filled with cyber warfare.https://www.securityforum.org/videos-podcasts/isf-podcast-a-digital-specialist-on-data-breaches/

Virtual reality has a great deal of potential for the betterment of society - but as with all new technologies, we should be aware of ethical concerns that could emerge as social problems further down the line. With this in mind, there is a need for increased legislation and guidelines to ensure both businesses and consumers don’t get caught up in the novelty of virtual reality. In the second part of this podcast, Steve Durbin, Managing Director at the ISF talks with Emory Craig, an educator and leading expert in virtual, augmented and mixed reality. Here they discuss the dystopian elements to virtual reality, its challenges and implications, but also the steps needed to manage its legislation.https://www.securityforum.org/videos-podcasts/virtual-reality-and-a-new-code-of-ethics/

Virtual, augmented and mixed reality has made tremendous progress over the last 4 years. Since then the landscape has dramatically shifted - consumers now experience these new technologies through devices such as smartphones and smart headsets, taking them into a whole new era. Organisations within industries such as film and medical have started implementing virtual reality to transform the way they do business. In this podcast, Steve Durbin, Managing Director at the ISF talks with Emory Craig, an educator and leading expert in virtual, augmented and mixed reality. He is the Director of eLearning at the College of New Rochelle, and co-founder and partner at Digital Bodies. Here they discuss successful implementations of virtual, augmented and mixed reality, and the fascinating facts behind this new technology.https://www.securityforum.org/videos-podcasts/a-futurists-insights-on-virtual-augmented-reality/

The traditional way of doing business is transforming, with businesses now required to adopt and embed cyber technology into their organisation. The shift in the way we do business isn’t just down to technology, but also cultural change – such cultural shifts include increasing business agility, shared information rather than centralised data, collaboration rather than a traditional triangle type hierarchy, and empowering one’s team to make decisions rather than exerting control over your talent. In this podcast, Steve Durbin, Managing Director ISF discusses the 21st century workforce, and how businesses can attract and retain in an era of gig economy and short-term employee contracts, and what skill-sets are needed within a business to keep pace with the speed of technological developments. https://www.securityforum.org/videos-podcasts/isf-podcast-doing-business-the-cyber-way/

Cyber-attacks are steadily increasing year on year. Organisations are constantly under threat with over two-thirds experiencing data breaches in 2017. Consequently, cyber security preparedness and resiliency are becoming increasingly important to the protection of an organisation’s information. One way of improving the ability to handle cyber-attacks is by running cyber security exercises. In this podcast, Steve Durbin, Managing Director at the ISF, discusses how organisations should approach running internal cybersecurity exercises to support breach identification, prevention and response. This autumn, the ISF's 'Delivering an Effective Cyber Security Exercise' report was released to ISF Members which provides a detailed overview of the most suitable cybersecurity exercises and how to deploy them effectively. The public release for the overview of the report is November 15. https://www.securityforum.org/videos-podcasts/isf-podcast-cyber-security-exercises/

Social media has transformed the way users behave online and offline. It has prevailed over the last decade and billions of people around the world engage with each other on these platforms on a daily, if not hourly basis. Whilst social media encourages individuality, the sharing of ideas and opinions online has created stereotypes and unrealistic benchmarks that people must attain to be accepted. Consequently, this has resulted in a multitude of mental health issues amongst individuals who believe they don’t fit the bill. In the final episode in this three-part series, Steve Durbin, Managing Director at the ISF talks with Scott Amyx, Managing Partner at Amyx Ventures about healthy social media and technology use for kids, and whether they understand the ethical nature of sharing content online.https://www.securityforum.org/videos-podcasts/isf-podcast-social-media-technology-habits/

‘Artificial Intelligence’ has materialised much faster than leading researchers and security professionals in the field expected and the future of it remains unknown. Thus far, consumers have engaged with virtual assistants, namely Amazon’s ‘Alexa’ or Apple’s ‘Siri’. Additionally, it is proposed that businesses can reap the benefits of increased efficiency through automating the value chain but also taking the combined approach of ‘man and machine’. Globally, a negative perception of superintelligence has been fostered, however, attention must be given to the emerging possibilities as the economic landscape evolves. In this podcast, Steve Durbin, Managing Director at the ISF talks with Scott Amyx, Managing Partner at Amyx Ventures and author of the book ‘The Human Currency’. They discuss Artificial Intelligence (AI) and what it holds for the future of the global economy, focusing on the role that humans will play following the ‘4th Industrial Revolution.' https://www.securityforum.org/videos-podcasts/isf-podcast-ai-machine-learning/

The ‘Internet of Things’ is a name given to exponential technologies encompassing our physical devices, vehicles, home appliances and increasingly normal everyday objects such as water bottles, that can store and exchange data. For consumers, they are often fearful of these advances and question how secure their personal data is. To overcome this issue, consumers must self-educate about personal security, moving away from a naive perspective and become mature, responsible agents when operating these data-storing devices. In this podcast, Steve Durbin, Managing Director at the ISF, talks with Scott Amyx, Managing Partner at Amyx Ventures (a Venture Capital firm) and author of the forthcoming book ‘The Human Race’. They discuss the implications of the Internet of Things (IoT) and what the future holds - not just for businesses but also consumers. https://www.securityforum.org/videos-podcasts/isf-podcast-scott-amyx-episode-one/

Following the introduction of GDPR and new e-privacy laws, sales and marketing teams are under pressure to think of new tactics and methods in which to collect information about existing and potential clients. Marketing relies heavily on digital engagement and therefore necessitates a strong brand image online to convert visitors on a web page to engage with the business. In this podcast, Steve Durbin, Managing Director, ISF, discusses how marketing and sales can overcome challenges presented by recent government legislation when collating data and engaging your audience. Steve also talks about brand awareness on social media and how best to present your business in a way that will open the door to new business opportunities.https://www.securityforum.org/videos-podcasts/isf-podcast-marketing-teams-adopt-new-tactics-to-increase-business/

The probability of a data breach for most organisations is highly likely, with it being a matter of ‘when’ not ‘if’. IT and security leaders are increasingly under pressure to not just protect the company’s reputation, stock and critical assets, but also ensure plans and systems are set up so that an organisation can properly respond to a data breach. In this podcast, Steve Durbin, Managing Director at the ISF, discusses the importance of having a data breach plan in place, and walks us through the steps and the immediate actions organisations must take to reduce the risk of major data implications. https://www.securityforum.org/videos-podcasts/isf-podcast-data-breach-response/

Today, acquirer companies in M&A’s are intensifying their cyber security due diligence during the negotiation period. Why? Because the cyber-risks to businesses are ever intensifying and any data vulnerabilities exposed can seriously threaten the value of a business and the overall success of the venture. In this podcast, Steve Durbin, Managing Director at ISF, discusses the importance of the acquiring entity understanding the organisations information assets, and why cyber security due diligence should be implemented at an early stage of M&A to add value to the process and mitigate risk exposure post deal. https://www.securityforum.org/videos-podcasts/isf-podcast-ma-best-practice-cybersecurity/

In the final part of this 3-part business leaders podcast series, Richard Guida, former CISO at Johnson & Johnson, and Steve Durbin, Managing Director at ISF, discuss what keeps CISO’s awake at night, the challenges integrating security into the product development process, and the importance of security for lay people. https://www.securityforum.org/videos-podcasts/isf-podcast-security-product-development-process/

Artificial intelligence and machine learning are redefining cyber security, re-engineering threat detection tools and exposing sophisticated attacks – but there is a dark side. With increased use, we are seeing outcomes that go beyond the capabilities of IT and security professionals, which if not managed correctly could lead to major security issues and widen the already long-term skills gap. In this podcast, Steve Durbin, Managing Director at ISF distinguishes the difference between machine learning and AI and discusses the pros and cons of the advancing technologies on cyber security, and particularly on the cyber workforce. https://www.securityforum.org/videos-podcasts/isf-podcast-ai-machine-learning-contributing-to-the-skills-shortage/

A survey with ISF Members revealed that only 50% of organisations have a sufficient framework in place to manage third parties suppliers, and they don’t regularly review or update it! With third party suppliers playing a critical role in supporting business activities, and often having access to critical business information and customer data, management and engagement with third parties as part of your breach prevention plan is essential. In this podcast Steve Durbin, Managing Director at ISF shares what organisations must do to ensure third party suppliers have sufficient controls in place, and how to prioritise which third party suppliers need the most attention. https://www.securityforum.org/videos-podcasts/isf-podcast-third-party-where-is-my-data/

In the second part of this 3-part business leaders podcast, Steve Durbin, Managing Director at ISF and Richard Guida, Managing Director at Guida Technologies discuss the negative impact new technology and in particular connected devices has on data security, and what this means for both businesses and consumers in the future. https://www.securityforum.org/videos-podcasts/isf-podcast-data-security-iot-challenges/

In the first of this 3 part Business Leaders podcast, Steve Durbin, Managing Director at the ISF talks with Richard Guida, Managing Director at Guida Technology Associates about his experience as a former CISO implementing data security within a large organisation, the role technology plays and the implications this has on security and the people who work within it. https://www.securityforum.org/videos-podcasts/isf-podcast-richard-guida-episode-1/

Increasingly organisations are incorporating mobile apps into their customer service offerings, however struggle to overcome the challenge of adequately securing apps, while ensuring ease of access is not compromised. With the added consideration of data privacy, businesses need to start focusing on security rather than just performance, but whose responsibility is it? In this podcast Steve Durbin, Managing Director at the Information Security Forum discusses the challenges associated with acquiring, using and operating mobile apps, and provides actions to manage those challenges, while maintaining the business benefits. https://www.securityforum.org/videos-podcasts/isf-podcast-mobingdom-for-an-app/

In this podcast, Steve Durbin, Managing Director at the Information Security Forum, shares the 5 key actions organisations can take today to demonstrate compliance, and how they can continue to build compliance into the organisations DNA beyond the deadline date. Steve also discusses the key issue of third party suppliers and their access to personal information, sharing an approach to help rationalise the number of suppliers and protect the data shared with them to support your compliance programme.https://www.securityforum.org/videos-podcasts/isf-podcast-gdpr-too-late/

Recognising the need to build a sustainable security workforce is of real concern to organisations across all sectors, as any shortfalls in skills and capabilities could leave an organisation vulnerable to an attack on its most critical assets, impacting an organisations performance and brand reputation. But as demand outstrips supply, a sustainable security workforce is becoming more and more difficult to achieve, increasing pressure on the CISO’s role. In this podcast Steve Durbin, Managing Director at the ISF, discusses the skills and attributes CISOs should be looking for when building a sustainable workforce, how to retain them, and the part technology will play in the future when trying to overcome the workforce shortfall. https://www.securityforum.org/videos-podcasts/isf-podcast-buile-for-the-future/

When your most critical information assets represent 80% of your organisations total value, it’s important to know exactly what they are, where they are, and how to protect them? Until regulations such as GDPR came into focus, most organisations, while familiar with the term had no real understanding of how to define their ‘critical information assets’ and why they should be protecting them. Organisations now know that protecting these assets is crucial if they want to compete and succeed in a global market. In this podcast, Steve Durbin, Managing Director at the Information Security Forum discusses what critical information assets mean to different organisations, how you can protect them, and what the consequences could be for an organisation if these assets were to be breached.https://www.securityforum.org/videos-podcasts/isf-podcast-protect-critical-assets/

Insider threats account for 54% off all breaches, and are found at all levels of an organisation, from top to bottom. Numerous factors are increasing organisations’ exposure to the threats posed by insiders, and technical controls are limited. To combat these threats, organisations must invest in a deeper understanding of trust, and work to improve the trustworthiness of all insiders. The insider threat has only intensified as people have become increasingly mobile and hyper-connected, and with technology continuously advancing, the risks posed by insiders are only set to increase. In this podcast, Steve Durbin, Managing Director, ISF discusses the most common types of insider threats, as well as how organisations need to take a holistic approach to tackle insider threats that include both technology and people when embedding security into their organisation’s DNA.https://www.securityforum.org/videos-podcasts/isf-podcast-who-to-your-business/

The frequency of ransomware attacks on businesses has significantly grown over the past two years, with the number of detections increasing by nearly 2000%. As the space becomes more attractive and lucrative to cyber criminals, the threat of ransomware is only set to rise in 2018 as attackers get more creative, sophisticated and persistent, and attacks from named ransomware such as WannaCry and BadRabbit become ever more prevalent. With so many end points accessible to malware, organisations must be more vigilant than ever to protect themselves against this growing threat. In this podcast, Steve Durbin, Managing Director, ISF addresses what organisations can do to prepare and protect against ransomware, and how focusing on the basics, as well as embedding security awareness within the organisation can help prevent such attacks.https://www.securityforum.org/videos-podcasts/isf-podcast-rans-cyber-criminals/

The role of a CISO has evolved over the years’ and now requires someone who combines InfoSec capabilities with business requirements. They must be able to align cyber to business strategy, speaking both languages while developing reporting metrics that satisfies the board and promotes good cyber resilience across the business. All these attributes support the belief that the CISO of the future doesn’t have to come from an IT background. In this podcast, Steve Durbin, Managing Director ISF, addresses the objectives a CISO should aim to achieve in the first 100 days in the role, and offers insights into how a CISO should work with the board and security teams to achieve these. https://www.securityforum.org/videos-podcasts/the-ciso-reset/

With the main industries in India comprising IT Services providers, banks and conglomerates such as Tata Group, Birla Group, Mahindra, and Reliance who all manage EU personal data – Indian organisations are determining how they can comply with the EU GDPR by May 2018. India aims to achieve 25 billion digital transactions in 2017 to 2018, so complying with the GDPR is going to have to be top of the business agenda. In this podcast, Steve Durbin addresses some of the challenges that India will face and offers insights into best practice solutions to address the requirements of the EU GDPR. Steve also discusses how Indian organisations should not view the EU GDPR as a compliance burden, but as an opportunity for culture change across the business that will lead to tangible business benefits. Find out more at www.securityforum.org.https://www.securityforum.org/videos-podcasts/isf-podcast-eu-gn-customers-data/

When we talk about the board and cyber security, we have moved away from the board doesn’t get it, to the board gets it, to the board doesn’t feel they are sufficiently briefed when a breach takes place. But is all of this evasive talk to avoid responsibility, or is there still a lack of communication between cybersecurity professionals and the board? In this podcast, Steve Durbin, Managing Director ISF, offers insights into the specific actions the board needs to take to embed cybersecurity into business strategy. With the May 2018 deadline for the EU GDPR fast approaching, the board should be viewing upcoming legislation as an opportunity for cultural change, rather than a compliance burden. https://www.securityforum.org/videos-podcasts/isf-podcast-cybeions-that-matter/

The smartphone has become an extension of our work and our personal life – everyone expects to be able to access something with a click of the button. But what are some of the serious consequences that a culture of convenience has given rise to? With 21 billion connected devices estimated to be around the world by 2020 this is surely a question all technology users should be asking. In this podcast, Steve Durbin, Managing Director, ISF, discusses the business and personal security consequences of IoT and how technology providers need to ensure security is built in rather than tapped on to IoT devices. For more information visit www.securityforum.org. https://www.securityforum.org/videos-podcasts/isf-podcast-iot-on-my-smartphone/

As organisations of all sizes try to be more agile in responding to emerging threats, finding people with the right skill set is something of a challenge. With cyber now integrated into the DNA of business, the big question remains: how do we attract, train and retain the cyber specialists of the future? In this podcast, Steve Durbin, Managing Director ISF, offers insights into how educational bodies and organisations, such as the ISF, can educate the next generation of cyber security professionals. Steve highlights the constantly evolving and dynamic nature of the role that makes cyber security such an attractive career path, whilst also discussing the importance of helping business people transition into the security space. https://www.securityforum.org/videos-podcasts/isf-podcast-tacknnovation-is-key/

As organisations become increasingly dependent on data, unscrupulous competitors and cyber criminals are using falsified information as a form of attack. Falsification has been used to inflict both product and brand damage on organisations that have been too slow to protect their information. So, what steps can organisations take to protect the integrity of their data and minimise the impact upon their brand? In this podcast, Steve Durbin, Managing Director ISF, provides solutions for businesses. Steve discusses what has contributed to the growth of falsified information, how businesses should protect the integrity of their data and how they should work collaboratively with third parties to tackle the threat. https://www.securityforum.org/videos-podcasts/falsification-hontegrity-of-data/

Many organisations with a footprint in Europe are still unclear if the GDPR applies to them, or if they have the right team and resources to address it. The GDPR will require a collaborative effort between businesses and third parties to ensure that all areas of the information life cycle are protected – a daunting project for security teams. In this podcast, Steve Durbin, Managing Director ISF, offers top tips and insights into the steps organisations must take to comply with the GDPR – to produce a security model of ‘privacy by design’. Fundamentally, organisations will need to know what data they are storing, how they are storing it and how they are protecting it – to show regulatory bodies that they have taken every possible step to preserve the integrity of customer data. For more information visit: www.securityforum.org

Artificial Intelligence is a growing trend across industry sectors from medical and legal to automotive and manufacturing. However, the new capabilities of AI technologies, can lead to unexpected outcomes and new risks on the threat horizon, such as: AI machines misunderstanding information, new means for criminals to extract an organisation’s mission critical information and AI technologies learning from wrong or incomplete data to make poorly informed decisions. Such cybersecurity risks raise the questions, what does the growth of AI mean for businesses and how can business leaders ensure that the benefits of AI outweigh the risks? In this podcast, Steve Durbin, Managing Director ISF, offers insights for C-suite and business leaders into how to collaborate across the organisation to create best practice methods for deploying AI systems. Steve provides an overview of the risks associated and maps out the security by design argument to enable companies to successfully handle emerging technology and develop a robust cyber resilience strategy. https://www.securityforum.org/videos-podcasts/4696-2/

Increasingly, organisations are waking up to the negative business impact of poor cybersecurity programmes and are taking cyber incidents more seriously in their mergers and acquisitions deals (e.g YAHOO! and Verizon). However, trying to get a grasp of the cyber profile of an organisation is extremely difficult – as integrity of information is often difficult to monitor. For companies to grow and become desirable for acquisition deals, they need to be able to demonstrate their cyber resilience strategies. Businesses must be able to prove to their stakeholders, clients, potential buyers and shareholders that they have taken every reasonable step to ensure that their mission critical information is protected. Steve Durbin, Managing Director ISF, discusses the nature of the mergers and acquisitions process in a digital age and offers insights into how organisations can build a strong cyber resilience programme to move with confidence as they pursue new acquisitions. https://www.securityforum.org/videos-podcasts/building-cyberseisitions-process/

In a digital age, the internet is viewed by businesses and individuals alike as a basic utility. Businesses are dependent upon it and this, in itself, is a threat that cyber criminals can take advantage of. We saw earlier in May 2017 how the NHS attack on its critical infrastructure led to a shutdown of the NHS Windows systems, causing medical professionals to have to resort to pens and paper when noting patient data. Moreover, a few years ago Russian hackers cut the internet off in Estonia in a national attack on their critical infrastructure, resulting in business grinding to a halt. The internet is a part of every businesses infrastructure, so what is the impact if this is compromised and what should a business response plan look like? Steve Durbin, Managing Director ISF, offers solutions for C-suite leaders, should their critical infrastructure come under attack and advises how a reliance on older technology can assist an organisation through an internet attack. Fundamentally, whilst the future is becoming more and more digitised, organisations need to be planning for the day when their technology is not working. https://www.securityforum.org/videos-podcasts/threats-to-critinet-as-a-utility/

In March 2017, the New York Department for Financial Services (DFS) implemented a Cyber Security regulation, requiring financial institutions to establish a cyber security programme to protect consumer data. But how will this affect New York businesses and what measures should they put in place to meet these requirements? In this podcast, Steve Durbin, Managing Director of the ISF, addresses these questions and offers insights into how the ISF can help New York financial institutions put in place the mechanisms to comply with the NY DFS. https://www.securityforum.org/videos-podcasts/isf-podcast-the-the-isf-can-help/

People remain a ‘wild card’ to the cyber security of an organisation. Many businesses recognise people as their biggest asset, yet still fail to recognise the need to secure ‘the human element’ of information security. Steve Durbin, Managing Director at the ISF, tackles the question: how can organisations make people their strongest line of defence against cyber-attack? https://www.securityforum.org/videos-podcasts/isf-podcast-the-izon-2017-series/

The GDPR will require extreme preparation in order for organisations to meet new compliance rules. Businesses cannot rely on the government and regulatory bodies to do the work for them. In this podcast, Steve Durbin, Managing Director at the ISF, talks through the checklist of regulations, financial and operational challenges and data management that organisations must take responsibility for and address this year. https://www.securityforum.org/videos-podcasts/isf-podcast-govent-do-it-for-you/

Cyber-crime syndicates have rapidly matured and have now become businesses. With rogue states taking advantage of these services, the resulting cyber incidents this year will be more damaging than ever before. Steve Durbin, Managing Director at the ISF, offers insights into how organisations can stay one step ahead of the increasing sophistication of cyber-criminal organisations. https://www.securityforum.org/videos-podcasts/isf-podcast-cybeizon-2017-series/

It is expected that 28.4 billion devices will be connected in 2017. IoT devices offer a way in for cyber-attacks. So what are the risks and how will this impact privacy? In this podcast, Steve Durbin, Managing Director at the ISF, addresses how the healthcare, financial and many other industries can manage the threat of the IoT. https://www.securityforum.org/videos-podcasts/the-internet-of-unmanaged-risks/

Organisations that suffer an incident face challenging and damaging circumstances: • data stolen • financial penalties • legislative and regulatory scrutiny • reputation damageSteve Durbin, Managing Director at the ISF, offers guidance and practical steps, to manage through a breach in a confident and intelligent manner and plan for the day you hope never arrives.https://www.securityforum.org/videos-podcasts/isf-podcast-manaith-steve-durbin/

ISF research shows that some of the largest organisations have misaligned cyber security practices. This podcast, in conversation with Steve Durbin, Managing Director at the ISF, addresses why it is so important for businesses to align cyber security across their enterprise and what steps they can take to make this happen.https://www.securityforum.org/videos-podcasts/isf-podcast-aligith-steve-durbin/

It is not a matter of if – but when you will experience a cyber-attack. Steve Durbin, Managing Director at the ISF, offers insights into how ISF Members have used the ISF cyber resilience framework to prepare for inevitable cyber-attack. https://www.securityforum.org/videos-podcasts/2-cyber-resilienreat-environment/

With CISO’s busy preparing for an inevitable cyber-attack, triggers of engagement to communicate with the board have never been more important. In this podcast Steve Durbin, Managing Director at the ISF, confronts the challenges between the CISO and the board and explains how CISO’s can exhibit C-suite leadership and engage with the board and stakeholders effectively. Search for more guidance on engaging with the board here: www.securityforum.org https://www.securityforum.org/videos-podcasts/isf-podcast-cisoith-steve-durbin/