ISF Podcast

Information Security Forum Podcast
  • 4.7 (12)
  • MANAGEMENT
  • UPDATED WEEKLY
ISF Podcast

The ISF Podcast brings you cutting-edge conversation, tailored to CISOs, CTOs, CROs, and other global security pros. In every episode of the ISF Podcast, Chief Executive, Steve Durbin speaks with rule-breakers, collaborators, culture builders, and business creatives who manage their enterprise with vision, transparency, authenticity, and integrity. From the Information Security Forum, the leading authority on cyber, information security, and risk management.

  1. BONUS: Dr. Christopher Hand - Nurturing Online Wellbeing: Exploring digital identities

    5 DAYS AGO · BONUS

    BONUS: Dr. Christopher Hand - Nurturing Online Wellbeing: Exploring digital identities

    This episode is the first part of a two-part conversation between Steve and Dr. Christopher Hand. Chris is a senior lecturer in psychology at the University of Glasgow in Scotland. He and Steve talk about trust and authenticity online, cyber-bullying in the context of work, and what we know so far about the decision to return to the office post-pandemic. Mentioned in this episode: ISF Analyst Insight Podcast Read the transcript of this episode Subscribe to the ISF Podcast wherever you listen to podcasts Connect with us on LinkedIn and Twitter From the Information Security Forum, the leading authority on cyber, information security, and risk management

    23 min
  2. BONUS: Geoff White - From Cartels to Crypto: The digitalisation of money laundering

    5 NOV · BONUS

    BONUS: Geoff White - From Cartels to Crypto: The digitalisation of money laundering

    Today, Steve is speaking with investigative tech journalist Geoff White, who has been covering tech and financial crime for more than 20 years. Listeners may be familiar with his popular podcast The Lazarus Heist for the BBC World Service, and now his new book, Rinsed: From Cartels to Crypto: How the Tech Industry Washes Money for the World's Deadliest Crooks, will be available from Penguin Random House next week.  Steve and Geoff discuss current trends in organized cybercrime, how these criminals are—or maybe aren’t—adopting AI, and the difficulties law enforcement still faces in helping the victims of these crimes. Key Takeaways: 1.  Nation states and government agencies have been known to adopt tactics from organized crime gangs and activists – a sort of trickle-up effect. 2. As technological advancements are presenting criminals with new avenues for money laundering, law enforcement is not always able to keep up and instead is having to prioritize high level crimes. 3. The law enforcement landscape is a fast changing world, as agencies adapt and gain more awareness of cybercrime tactics relating to AI and cryptocurrencies. Tune in to hear more about: 1. Cybercrime evolution, nation-state involvement, and tactics (3:31) 2. AI use in cybercrime, potential for innovation and defense (8:29) 3. Cybercrime and money laundering, with a focus on the role of technology and law enforcement (11:45) 4. Cybercrime, crypto, and organized crime evolution (15:59) Standout Quotes: 1. “Sometimes the tools of organized cybercrime, gangs, nation states have also learned from hacktivists. From leaks from people like WikiLeaks or from Anonymous, they've learned the damage that a leak can do a leak of information can do. And that's fed into that disinformation piece nation states now extremely astute at getting in stealing information and then weaponizing that information to change elections, to change people's attitudes, to influence world events, the nation states have got both feet in to this cybercrime game.” -Geoff White 2. “I think maybe it's worth thinking like a criminal and understanding how thinking like a criminal is different to thinking like a different type of enterprise. The reason I enjoy thinking about organized crime and covering organized crime is because it's organized. These are networks, as you say, of professional, organized people. But they're not out to win customers. They're not like Microsoft and Google who wants to come out with innovation and innovative new products to win customers in their competition. No. They want to make money from victims. And frankly, as long as you're making enough money from your victims month in month out, you don't change. There's no reason to innovate. Crime gangs innovate when law enforcement and the force of authority stop them from making the money they usually make. That's when you innovate.” -Geoff White 3. “I think there was a time when, frankly, explaining Bitcoin to sort of rank and file police officers was a struggle. I think those days are gone … There's been this realization that things like cryptocurrency is something that law enforcement needs to be on top of.” -Geoff White 4. “As cryptocurrency gets larger, as more financial institutions get behind it, as governments get behind it, yes, it can make it more legitimate, it can expand the legitimacy of it. But it also creates more noise, if you like, for the criminals to hide.” -Geoff White Mentioned in this episode: ISF Analyst Insight Podcast Read the transcript of this episode Subscribe to the ISF Podcast wherever you listen to podcasts Connect with us on LinkedIn and Twitter From the Information Security Forum, the leading authority on cyber, information security, and risk management.

    23 min
  3. BONUS: Brian Lord - AI, Mis- and Disinformation in Election Fraud and Education

    29 OCT · BONUS

    BONUS: Brian Lord - AI, Mis- and Disinformation in Election Fraud and Education

    This is the second of a two-part conversation between Steve and Brian Lord, who is currently the Chief Executive Officer of Protection Group International. Prior to joining PGI, Brian served as the Deputy Director of a UK Government Agency governing the organization's Cyber and Intelligence Operations. Today, Steve and Brian discuss the proliferation of mis- and disinformation online, the potential security threats posed by AI, and the need for educating children in cyber awareness from a young age. Key Takeaways: 1. The private sector serves as a skilled and necessary support to the public sector, working to counter mis- and disinformation campaigns, including those involving AI. 2. AI’s increasing ability to create fabricated  images poses a particular threat to youth and other vulnerable users. Tune in to hear more about: 1. Brian gives his assessment of cybersecurity threats during election years. (16:04) 2. Exploitation of vulnerable users remains a major concern in the digital space, requiring awareness, innovative countermeasures, and regulation. (31:0) Standout Quotes: 1. “I think when we look at AI, we need to recognize it is a potentially long term larger threat to our institutions, our critical mass and infrastructure, and we need to put in countermeasures to be able to do that. But we also need to recognize that the most immediate impact on that is around what we call high harms, if you like. And I think that was one of the reasons the UK — over a torturously long period of time — introduced the The Online Harms Bill to be able to counter some of those issues. So we need to get AI in perspective. It is a threat. Of course it is a threat. But I see then when one looks at AI applied in the cybersecurity test, you know, automatic intelligence developing hacking techniques, bear in mind, AI is available to both sides. It's not just available to the attackers, it's available to the defenders. So what we are simply going to do is see that same kind of thing that we have in the more human-based countering the cybersecurity threat in an AI space.” -Brian Lord 2. “The problem we have now — now, one can counter that by the education of children, keeping them aware, and so on and so forth— the problem you have now is the ability, because of the availability of imagery online and AI's ability to create imagery, one can create an entirely fabricated image of a vulnerable target and say, this is you. Even though it isn’t … when you're looking at the most vulnerable in our society, that's a very, very difficult thing to counter, because it doesn't matter whether it's real to whoever sees it, or the fear from the most vulnerable people, people who see it, they will believe that it is real. And we've seen that.” -Brian Lord Mentioned in this episode: • ISF Analyst Insight Podcast Read the transcript of this episode Subscribe to the ISF Podcast wherever you listen to podcasts Connect with us on LinkedIn and Twitter From the Information Security Forum, the leading authority on cyber, information security, and risk management.

    23 min
  4. David Weisong - Clean Energy: A CISO’s perspective on cyber security challenges

    22 OCT

    David Weisong - Clean Energy: A CISO’s perspective on cyber security challenges

    In today’s episode, Steve speaks with David Weisong, CIO of Information Systems at Energy Solutions, a growing company with many US government clients. He speaks with Steve about his experiences overseeing a full migration of the company’s security framework, how he got buy-in for security from the C-suite, and how he has approached the challenge of staffing. Key Takeaways: 1. Organisations are advised to focus on protecting critical assets and closely monitoring any supply chain issues. 2. Security leaders and teams are also having to prepare policies for AI use and investigate cloud provider dependencies. 3. Security leaders and teams should be monitoring developments in quantum, staying in step with regulations and needed skills. Tune in to hear more about: 1. Security risks in technology innovation and adoption (1:29) 2. The impact of quantum computing on cybersecurity and the need for organisations to prioritise legacy technology updates (6:59) 3. Volatility, uncertainty, and technological change in the security industry (12:45) 4. How technology innovations can disrupt and improve organisations (18:22) 5. Managing innovation in a rapidly changing digital landscape (20:40) 6. Limitations of accessing powerful technologies due to restrictions, threats, and security concerns (26:12) 7. Emerging threats and risks in technology, including quantum computing, AI, and legacy systems (32:18) Standout Quotes: 1. “We're a professional services organisation, so our contracts are the foundation. And if they're not 100% met, then you actually don't proceed. So it became very easy to say, there's cause and effect here. And that's where that's taken a lot of … repeat exposure, I think, is one part of it, but also setting the stage that it's dynamic. It's not like, oh, yeah, we're done with that, so we can just kind of move on. It's like, we're done with this particular initiative right now. And there are more, and it will be changing probably, quarter to quarter.” - David Weisong 2. “There’s a lot of things that are being put onto platforms or systems that you sometimes get into the area where you might have a unique combination of things that creates problems. And so that's where I think the industry is looking at it still in a category basis. I think there's a need for a more holistic approach, dare I say, coordination or cooperation between companies and their solution offerings.” - David Weisong 3. “When I think about the three to five year window, I mean, there's clearly more fraud and more cybersecurity attacks. It is significant, and it's not decreasing. And so the ability for both organisations to share and for the industry that serving up different solutions, there has to be a coordination and a collaboration around that. Because the priority could change from year to year.” - David Weisong     Mentioned in this episode: Times Higher Education: We need a social science of data by Cristina Alaimo and Jannis Kallinikos ISF Analyst Insight Podcast Read the transcript of this episode Subscribe to the ISF Podcast wherever you listen to podcasts Connect with us on LinkedIn and Twitter  From the Information Security Forum, the leading authority on cyber, information security, and risk management.

    29 min
  5. Steve Satterwhite - Learning to Build a Tech-Savy but Emotionally Intelligent Team

    15 OCT

    Steve Satterwhite - Learning to Build a Tech-Savy but Emotionally Intelligent Team

    In today’s episode, Steve speaks with Steve Satterwhite, the founder and CEO of Entelligence, and author of "Above the Line: How the Golden Rule Rules the Bottom Line." He shares some simple but fresh ideas about how to find the right person for the right role, how to overcome the skills shortage, and why putting people first is the key to successful cybersecurity. Key Takeaways: 1. Successful companies can upskill employees in technology, using positive experiences and promising opportunities. 2. Satterwhite reflects on fatherhood, emphasizing the importance of helping children discover their purpose and identity. 3.  Satterwhite believes that the organisation’s role is to provide tools and systems for team members to thrive, while also acknowledging the reality of short-term employment. 4. Open-minded technology leaders who integrate technical skills with emotional intelligence thrive. Tune in to hear more about: 1. Attracting and retaining talent in the cybersecurity industry (2:40) 2. Cybersecurity talent shortage and skills gap in enterprises (10:00) 3. Finding and upskilling cybersecurity professionals for new technologies (16:44) 4. Prioritising people in business to boost revenue and profits (21:58) 5. Prioritising emotional intelligence in technology leadership (27:06) Standout Quotes: 1. “I believe that that culture attracts the kind of folks that are ambitious, that are hungry to learn, that are eager to move up in whatever way that they define moving up in their lives. And I think it's our job, really, as leaders, and especially here in our organisation. It’s to create that environment so that people can thrive.” - Steve Satterwhite 2.  “Here’s a stupid analogy, but I like to use it because it's how I think about the business. It's really just to simplify it. Let's say that you're a new airline, or you have a new airline route that you want to go from Houston to Paris, and you're short of pilots to fly the big Dreamliner or the big Airbus from here to there. It's a different operation. So what we do is we go look for people that have been flying 737s most of their career. They're deeply passionate about flying, and they're really good at it, and all we need to do is just kind of upskill them in a short period of time just to fly a different airplane. It's still piloting, it’s still flying. That's what we do. So if you think about just the evolution of technology and the things that we're doing, all we're doing, constantly, at Entelligence is just upskilling people in the shortest possible time.” - Steve Satterwhite Mentioned in this episode: ISF Analyst Insight Podcast Read the transcript of this episode Subscribe to the ISF Podcast wherever you listen to podcasts Connect with us on LinkedIn and Twitter From the Information Security Forum, the leading authority on cyber, information security, and risk management.

    33 min
  6. Dr. Andrew Newell - Deep Fakes: An attack on human identity

    8 OCT

    Dr. Andrew Newell - Deep Fakes: An attack on human identity

    Today, Steve sits down with Dr. Andrew Newell, Chief Scientific Officer at the British biometrics firm iProov, for a conversation about deep fakes. As technology improves, it’s becoming ever more difficult to determine what’s real and what’s fake. Steve and Andrew discuss what this will mean going forward for security, social media platforms, and everyday technology users. Key Takeaways: 1. Technology is the key to mitigating the threat of deep fakes, which are synthetic images or videos created to deceive. 2. Deep fakes are becoming increasingly sophisticated, making them hard to spot. 3. Newell breaks down the problem into two parts: secure identity verification and detecting synthetic images. 4. Incentives for verifying imagery will radically shift as deep fakes become more prevalent. Tune in to hear more about: 1. Deep fake technology and its potential impact on identity verification processes (5:57) 2. Preventing deep fake images and videos using technology and algorithmic systems (9:57) 3. Deep fakes and their potential uses, including filmmaking and education (13:11) 4. Deep fakes and their impact on society, with a focus on technology’s role in verifying authenticity (18:43) Standout Quotes: 1. “I think the urgency here — and this is the absolutely key part — is that we need to get the technology in place to make sure that the processes that rely on the genuineness of the person in imagery, that we can have something in place that we know works, that we know that we can trust, and is something that is very easy to use.” - Andrew Newell 2. “I think on the protection of identity proofing systems against the threat from deep fakes, we have a technology solution now. And the urgency is to make sure that this technology is used wherever that we need to actually guard against that threat.”  - Andrew Newell 3. “And one of the most important things, if not the most important thing, is: when we think about a way to mitigate these threats, it has to be something that works for everybody. We cannot end up with a system that only works for certain groups in a society.” - Andrew Newell  Mentioned in this episode: Dear Infosec Read the transcript of this episode Subscribe to the ISF Podcast wherever you listen to podcasts Connect with us on LinkedIn and Twitter From the Information Security Forum, the leading authority on cyber, information security, and risk management.

    24 min
  7. Unity Amid the Chaos: Finding common ground in a de-stabilised society

    24 SEPT

    Unity Amid the Chaos: Finding common ground in a de-stabilised society

    Today we bring you the second conversation with ISF CEO Steve Durbin around the increasing impact of technology on society and business. Societies have always been divided, but how future divisions may manifest feels more uncertain than ever right now. In this episode, Steve and producer Tavia Gilbert offer an analysis of potential future scenarios, as well as practical tips for what organisations can do now to prepare. Key Takeaways: 1. The future will be defined by technology and social media, leading to a shift away from traditional divisions and towards a more complex world where data and information are highly instantaneous and influential. 2. Leadership will need strong empathy, consolidation skills, and the ability to challenge/be challenged. 3.  Leaders should assume imperfection and constantly update their situational awareness to make informed decisions. They also ought to prioritize simplicity and clear communication to build trust and drive success. Tune in to hear more about: 1. Leadership and organisation in a rapidly changing world (4:44) 2. The role of businesses in society, including their potential to fill the void left by declining trust in traditional leadership models (9:58) 3.  Information security and the importance of skepticism in the digital age (14:33) 4. Technology’s impact on information sharing and nationalism (18:33) 5. Trust and verification in social media and supply chains (22:35) 6. Leadership, adapting to change, and the importance of soft skills in a rapidly changing world (28:23) Standout Quotes: 1. “Businesses have a new responsibility in the modern era … provide guidelines and stability in a time of deep division.” - Steve Durbin 2. “The one thing that is going to be so important that will differentiate the winners from the losers in the organisational stakes is: those organisations that are able to consolidate this overall sense of corporate purpose with purpose of the individual, whatever that looks like. And if we can do that, then I think that we'll create something that's particularly special and magic.” - Steve Durbin Mentioned in this episode: Dear Infosec Read the transcript of this episode Subscribe to the ISF Podcast wherever you listen to podcasts Connect with us on LinkedIn and Twitter From the Information Security Forum, the leading authority on cyber, information security, and risk management.

    31 min
  8. The AI-Quantum Revolution: Today, tomorrow and the future

    17 SEPT

    The AI-Quantum Revolution: Today, tomorrow and the future

    Today’s episode is the first of three conversations with ISF CEO Steve Durbin around the coming impact of technological development on society and business. We know that new technologies have always tested organisations, and technological innovation and integration into our lives and enterprises — it’s only accelerating. We offer an analysis of potential future scenarios, as well as practical tips for what organisations can do now to prepare. Key Takeaways: 1. Organisations must prioritise supporting smaller entities in keeping up with the fast pace of technological change. 2. Security can deliver competitive advantage, but implementation challenges persist, and security risks can become low priority in a fast-paced tech landscape. 3. Organisations face pressure to modernise technology while managing legacy systems and regulatory demands. 4. CEOs must balance competing priorities, including ESG initiatives, employee expectations, and shareholder demands. 5. Political developments may force organisations to respect local restrictions on technologies. 6. Organisations are advised to protect crown jewels, ensure data protection, and monitor supply chain partners. 7. Organisations must prepare for quantum-proof encryption and socialise policies for AI use. Tune in to hear more about: 1. The impact of technological innovation on business and society, with a focus on adoption challenges and timing (0:00) 2. Security risks in technology innovation and adoption (1:29) 3. The impact of quantum computing on cybersecurity and the need for organizations to prioritize legacy technology updates (6:59) 4. Volatility, uncertainty, and technological change in the security industry (12:45) 5. How technology innovations can disrupt and improve organizations (18:22) 6. Managing innovation in a rapidly challenging digital landscape (20:40) 7. Limitations of accessing powerful technologies due to restrictions, threats, and security concerns (26:12) 8. Emerging threats and risks in technology, including quantum computing, AI, and legacy systems (32:18) Standout Quotes: 1. “Organisations could certainly find themselves cut off from the supercharged processing power, because it may be developed by a government for its own ends and restricted, expensive, all of those sorts of things, so that it effectively becomes unavailable. And I think organisations, despite all of that, are going to have to operate in the shadow of this massive computing power shift when it comes about as the pace of change accelerates, innovations proliferate, traditional life cycles of technology shorten.” - Steve Durbin 2. “If we're going to have smaller organisations within our overall ecosystem, we need to be just sparing a bit of a thought for how they might be keeping up with such a fast pace of change and how we're going to support them in continuing to meet some of the standards and bars that were setting, so that everybody benefits, frankly.” - Steve Durbin 3. “So the world is also reshaping, as we're introducing AI into what we're doing. And so again, I think that the challenge from the business perspective, from the security perspective, from the technology perspective, is really about: how do you focus on what is important for your organisation, for your people, for your customers, in a world that is constantly now changing? And the speed of that change is only going to get faster. And we haven't seen that before.” - Steve Durbin 4. “So you're in a much better position, if you can control your innovations irrespective of what's going on. But you're never going to be able, I think, to divorce yourself completely from the market, because you operate in the market. And so the speed at which the market is evolving is going to, I think, determine — to a certain extent, anyway — your success in managing your own innovation, so you may need to be innovating more quickly than you're comfortable, just in order to try to keep up.” - Steve Du

    35 min
See All (280)

Trailer

Ratings & Reviews

4.7
out of 5
12 Ratings

About

The ISF Podcast brings you cutting-edge conversation, tailored to CISOs, CTOs, CROs, and other global security pros. In every episode of the ISF Podcast, Chief Executive, Steve Durbin speaks with rule-breakers, collaborators, culture builders, and business creatives who manage their enterprise with vision, transparency, authenticity, and integrity. From the Information Security Forum, the leading authority on cyber, information security, and risk management.

Information

  • Creator
    Information Security Forum Podcast
  • Years Active
    2016 - 2024
  • Episodes
    280
  • Rating
    Clean
  • Copyright
    © 263000
  • Show Website
    ISF Podcast

You Might Also Like

To listen to explicit episodes, sign in.

Stay up to date with this show

Sign in or sign up to follow shows, save episodes and get the latest updates.
Select a country or region

Africa, Middle East, and India

Asia Pacific

Europe

Latin America and the Caribbean

The United States and Canada