ISF Podcast

Information Security Forum Podcast
  • 4.7 (12)
  • MANAGEMENT
  • UPDATED WEEKLY
ISF Podcast

The ISF Podcast brings you cutting-edge conversation, tailored to CISOs, CTOs, CROs, and other global security pros. In every episode of the ISF Podcast, Chief Executive, Steve Durbin speaks with rule-breakers, collaborators, culture builders, and business creatives who manage their enterprise with vision, transparency, authenticity, and integrity. From the Information Security Forum, the leading authority on cyber, information security, and risk management.

  1. Emerging Threats for 2025: Q&A

    6 DAYS AGO

    Emerging Threats for 2025: Q&A

    Today we’re listening to the second half of Steve’s recent Emerging Threats webinar for security leaders. In this episode, Steve responds to audience questions, covering everything from government regulation to supply chain to raising awareness within your organization. Steve Durbin’s Contact Information: steve.durbin@securityforum.org Steve Durbin on LinkedIn Key Takeaways: 1. Knowing what your crown jewels are and how to protect them is paramount in a volatile world. 2. The government should do what the government does well, and it should let businesses do what businesses do well. The government should provide clear guidelines, but then there should be little interference. 3. Everything begins and ends with cyber resilience. How do we deal with the aftermath of the cyber incident that inevitably will occur? Tune in to hear more about: 1. How to get the board to care about cybersecurity and cyber risk (2:48) 2. How to avoid making regulatory compliance a tick box exercise (9:13) 3. How ISF can help make your organization more resilient (26:06) Standout Quotes: 1. “I like bringing people into the cyber space that are not technical. That doesn't mean to say you don't need technical people in cyber – you do, your security team needs to have a combination of the two – but I do very much like bringing them in from the business because their perspective is very much more about how they're going to make use of the technologies and therefore the use and the role that cybersecurity can play in securing the critical assets. Now, because we obviously are in an industry where there's a shortage of skills, what it does do is open up the markets to attracting – if you get it right – a whole variety of people that perhaps you wouldn't normally be able to bring into cybersecurity. So not only does it give you fresh perspective, not only does it align you more closely with the business, but it also opens up a pool of talent that otherwise might not be there.” - Steve Durbin  2. “I don't actually differentiate very much anymore between cyber risk and enterprise risk. [...] The reason I don't is that for me, I've become very much more convinced that cyber is so integral in everything that we do, that actually you create something of a problem for yourself if you begin to differentiate between enterprise and cyber.” Steve Durbin  3. “We need to make it simple for our users to be able to contact somebody in security if they are at all concerned about something that they've seen either through their email, on a system. And all too often we're not doing that. I can't tell you the number of times I've spoken to organizations and they simply aren't doing some of those basics. We don't need to complicate it all the time.” Steve Durbin Mentioned in this episode: Dear InfoSec Read the transcript of this episode Subscribe to the ISF Podcast wherever you listen to podcasts Connect with us on LinkedIn and Twitter From the Information Security Forum, the leading authority on cyber, information security, and risk management.

    31 min
  2. A Sneak Peak into Season 32...

    6 DAYS AGO · BONUS

    A Sneak Peak into Season 32...

    We’re starting 2025 with a preview of the episodes ahead, featuring Steve in conversation with thought leaders and security experts from around the world. We look forward to sharing the full episodes with you this winter. Stay tuned! Featured: • Rear Admiral Brian Luther, president and CEO of the insurance firm Navy Mutual • Duncan Wardle, former head of Innovation and Creativity at Disney • Dr. Kate Darling, research scientist at the MIT Media Lab, research lead at the Boston Dynamics AI Institute • Best-selling author and hypnotist Dr. Paul McKenna  • Author and leadership expert Sylvie di Giusto • Paul Bartel, senior intelligence analyst with PeakMetrics Read the transcript of this episode Subscribe to the ISF Podcast wherever you listen to podcasts Connect with us on LinkedIn and Twitter From the Information Security Forum, the leading authority on cyber, information security, and risk management.

    11 min
  3. Emerging Threats for 2025

    17/12/2024

    Emerging Threats for 2025

    Today’s episode is our annual lookahead to next year, as we present Steve’s recent Emerging Threats webinar for security leaders. You’ll get to hear Steve share some of his thoughts on the threats cybersecurity professionals should be prepared to see in 2025. And of course, he also offers suggestions on how to handle these threats. Steve Durbin’s Contact Information: steve.durbin@securityforum.org Steve Durbin on Linkedin Key Takeaways: Cybersecurity is becoming more of a business issue, which presents both opportunities and challenges. Supply chain, cloud storage, data integrity, and AI will be key information security issues in 2025. Information security professionals must learn how to align cybersecurity objectives with business objectives. Tune in to hear more about: Key information security challenges for 2025 (4:20) How to manage supply chain risks and AI-related security challenges (9:34) How to align cybersecurity objectives with business objectives (20:16) Standout Quotes: “The piece that worries me the most, and I've said this for a very long time, is the data integrity. AI data sets are vulnerable to deliberate poisoning or accidental pollution. Now, if I talk to AI providers, they will tell me that their AI is sufficiently intelligent, that it can really spot these things. I don't buy it. If I'm using AI, I want to make sure that the data it's actually telling me to make decisions about has a huge amount of the traditional information security guidance around it.” - Steve Durbin “The challenge for us is to align cyber risk management with the needs of the business by identifying how risk management and resilience are aligned and help to meet business objectives. That way, I can guarantee you will get the ear of the business. And if you can crack that one, then some of the other issues that we're dealing with, such as resourcing, such as alignment, such as commitment, tend to go away.” - Steve Durbin “The ones that I think are really going to succeed and flourish in 2025 are going to have aligned security with the business, and are going to have put in place mechanisms for all elements to change in sync with each other. Keeping on track is going to require a huge amount of collective collaboration across the enterprise.” - Steve Durbin Mentioned in this episode: ISF Analyst Insight Podcast   Read the transcript of this episode Subscribe to the ISF Podcast wherever you listen to podcasts Connect with us on LinkedIn and Twitter  From the Information Security Forum, the leading authority on cyber, information security, and risk management.

    26 min
  4. Cyber Security under a Trump Administration: Thoughts on what lies ahead

    10/12/2024

    Cyber Security under a Trump Administration: Thoughts on what lies ahead

    In today’s episode, journalist Nick Witchell speaks with Steve for the second of a two-part conversation about the coming Trump administration. Nick and Steve consider how Trump’s famously unpredictable behavior may impact business confidence and the steps business leaders can take to insulate their business from possible market changes. Key Takeaways: For business leaders, there is reason to be optimistic about the incoming Trump administration. Businesses in the US can take a “sit back, wait, and see” approach and await what new policies Donald Trump introduces in the beginning of his presidency.  It’s always wise to invest in cyber resilience. Tune in to hear more about: How the incoming Trump Administration can benefit businesses (1:44) How to “trump-proof” your business (5:02) The constant need for cyber resilience, no matter who’s leading the country (8:07) Standout Quotes: “So what do you expect from any incoming elected leader? Well, you hope for clarity. You hope for a very clear set of guidelines within which you can operate. You hope for removal of ambiguity. You hope for a reduction, I would say, in unnecessary regulation. The opposite of that, that what slows business down is an increase in regulation that is perhaps unnecessary and a lack of clarity. So I think that businesses will be hoping for that clarity.” - Steve Durbin “I think that certainly focusing more on the need for cyber resilience is something that business leaders need to do. I don't know that I particularly want my government to be telling me what to do. So I very much like being able to run my business in the way that I think is best suited to my needs. I'm not a fan of nanny government. What I am a fan of is clarity in government, understanding from government, and allowing me to get on and do what I'm good at.” - Steve Durbin “People are desperately looking for some form of guidance, something to trust. And I think that business leaders have a relatively unique opportunity, because we do have huge responsibility to the people that work within our businesses and also to our customers. And there's a significant opportunity, I think, in that, to carve out a path that allows us to be viewed in a way that, yes, suits the needs of the business, but also fills this gap in society for something that you can actually trust, something that people know you really do stand for and can get behind.” - Steve Durbin Mentioned in this episode: ISF Analyst Insight Podcast Read the transcript of this episode Subscribe to the ISF Podcast wherever you listen to podcasts Connect with us on LinkedIn and Twitter From the Information Security Forum, the leading authority on cyber, information security, and risk management.

    12 min
  5. Why Cyber Security Deserves a Place in the Political Spotlight

    03/12/2024

    Why Cyber Security Deserves a Place in the Political Spotlight

    In today’s episode, journalist Nick Witchell speaks with Steve about the coming Trump administration will mean for businesses. In the first part of their two-part discussion, Steve and Nick consider potential changes to the US approach to tech regulation and foreign policy. Key Takeaways: The fact that cyber security wasn’t part of Donald Trump’s campaign, doesn’t necessarily mean it won’t be a focus of his presidency. Election interference is about misinformation as much (if not more)  as it is about hackers getting into voting systems. Government must collaborate with private sector to create meaningful policies around digital security.  Tune in to hear more about: Expectations and hopes for the Trump administration’s approach to cyber security (2:35) Regulation of social media (6:51) The importance of cooperation between government and private sector (11:43) Standout Quotes: “If we look at some of the initiatives that he [Donald Trump] has in place around, for instance, immigration, then cybersecurity is fairly core and central to some of these programs and plans, because anything that involves technology, of course, also involves cybersecurity. So I think that that's the way we're going to start seeing cyber coming into his perspective on the world. Where it touches some of his other frontline policies, then we're going to see it playing a role.” - Steve Durbin “As soon as you implement technology without security, you're creating a huge problem for yourself further down the road; one which, unless you have invested ahead of time, is going to cost you a horrible amount of money to try to fix later.” - Steve Durbin “You need to have people in government who've actually been there and done it, because if you haven't, then where do you begin? And so I'd like to see a lot more collaboration between government and private sector in terms of getting a lot more knowledge, frontline knowledge, into some of the things that you absolutely must do to secure this technology, rather than simply deciding that that's the way we're going to go and then leaving it up to the different departments to figure things out.” - Steve Durbin Mentioned in this episode: ISF Analyst Insight Podcast Read the transcript of this episode Subscribe to the ISF Podcast wherever you listen to podcasts Connect with us on LinkedIn and Twitter From the Information Security Forum, the leading authority on cyber, information security, and risk management.

    14 min
  6. Stephen Pritchard - Insights Interview: Geopolitics and cyber threats, with the ISF's Steve Durbin

    26/11/2024

    Stephen Pritchard - Insights Interview: Geopolitics and cyber threats, with the ISF's Steve Durbin

    An interview with Steve Durbin, ISF CEO, by Security editor Stephen Pritchard. Originally published by Security Insights Podcast. Cybersecurity and geopolitics are more tightly linked than ever. The growth of online espionage, attacks by state actors, and governments turning a blind eye to cybercrime, are all increasing risk. And the “attack surface” is growing too. More and more of what we do every day is online, and this presents more opportunities to bad actors. In a connected world, it does not take much to cause huge disruption, whether by accident or design. The rise in ransomware over the decade shows just how vulnerable we are to cyber attack. And some of the most prolific ransomware groups have at least informal ties to nation states. But behind the scenes, the threats from state-based, not just state sanctioned, cyber attacks are growing. This, in turn, needs a different response from organisations, and their security teams. Geopolitics is driving cybersecurity threats, in ways that could hardly be imagined in the early days of the information security business. Our guest this week is Steve Durbin, CEO of the Information Security Forum. As he points out, a lot has changed over the last few decades, and especially in the last few years. We are now in a very risky place. And, in an increasingly connected world, cyber has the potential to be the “Achilles Heel” of our defences, he argues. Could we see the current level of cyber threats spill over into more overt conflict? And do organisations have the resources to operate in a more dangerous world?

    30 min
  7. BONUS: Raffael Marty - Getting Inside the Mind of the Hacker

    19/11/2024 · BONUS

    BONUS: Raffael Marty - Getting Inside the Mind of the Hacker

    In this episode, ISF CEO Steve Durbin is in conversation with Raffael Marty, Executive Vice President and General Manager of Cybersecurity Management at ConnectWise. Raffael is also the author of Applied Security Visualization and the Security Data Lake. He and Steve discuss how to prevent data from being compromised, what government and private enterprise can learn from each other vis a vis cybersecurity, the pros and cons of cyberinsurance, and more. Related ISF Resources: Protecting the Crown Jewels: How To Secure Mission-Critical Assets Mentioned in this episode: ISF Analyst Insight Podcast Read the transcript of this episode Subscribe to the ISF Podcast wherever you listen to podcasts Connect with us on LinkedIn and Twitter From the Information Security Forum, the leading authority on cyber, information security, and risk management

    34 min
  8. BONUS: Dr. Christopher Hand - Nurturing Online Wellbeing: Exploring digital identities

    12/11/2024 · BONUS

    BONUS: Dr. Christopher Hand - Nurturing Online Wellbeing: Exploring digital identities

    This episode is the first part of a two-part conversation between Steve and Dr. Christopher Hand. Chris is a senior lecturer in psychology at the University of Glasgow in Scotland. He and Steve talk about trust and authenticity online, cyber-bullying in the context of work, and what we know so far about the decision to return to the office post-pandemic. Mentioned in this episode: ISF Analyst Insight Podcast Read the transcript of this episode Subscribe to the ISF Podcast wherever you listen to podcasts Connect with us on LinkedIn and Twitter From the Information Security Forum, the leading authority on cyber, information security, and risk management

    23 min
See All (287)

Trailer

Ratings & Reviews

4.7
out of 5
12 Ratings

About

The ISF Podcast brings you cutting-edge conversation, tailored to CISOs, CTOs, CROs, and other global security pros. In every episode of the ISF Podcast, Chief Executive, Steve Durbin speaks with rule-breakers, collaborators, culture builders, and business creatives who manage their enterprise with vision, transparency, authenticity, and integrity. From the Information Security Forum, the leading authority on cyber, information security, and risk management.

Information

  • Creator
    Information Security Forum Podcast
  • Years Active
    2016 - 2025
  • Episodes
    287
  • Rating
    Clean
  • Copyright
    © 263000
  • Show Website
    ISF Podcast

You Might Also Like

To listen to explicit episodes, sign in.

Stay up to date with this show

Sign in or sign up to follow shows, save episodes and get the latest updates.
Select a country or region

Africa, Middle East, and India

Asia Pacific

Europe

Latin America and the Caribbean

The United States and Canada