ISF Podcast

Information Security Forum Podcast
  • 4.7 (12)
  • MANAGEMENT
  • UPDATED WEEKLY
ISF Podcast

The ISF Podcast brings you cutting-edge conversation, tailored to CISOs, CTOs, CROs, and other global security pros. In every episode of the ISF Podcast, Chief Executive, Steve Durbin speaks with rule-breakers, collaborators, culture builders, and business creatives who manage their enterprise with vision, transparency, authenticity, and integrity. From the Information Security Forum, the leading authority on cyber, information security, and risk management.

  1. Emerging Threats for 2025 - Part 1

    4 DAYS AGO

    Emerging Threats for 2025 - Part 1

    Today’s episode is our annual lookahead to next year, as we present Steve’s recent Emerging Threats webinar for security leaders. You’ll get to hear Steve share some of his thoughts on the threats cybersecurity professionals should be prepared to see in 2025. And of course, he also offers suggestions on how to handle these threats. Steve Durbin’s Contact Information: steve.durbin@securityforum.org Steve Durbin on Linkedin Key Takeaways: Cybersecurity is becoming more of a business issue, which presents both opportunities and challenges. Supply chain, cloud storage, data integrity, and AI will be key information security issues in 2025. Information security professionals must learn how to align cybersecurity objectives with business objectives. Tune in to hear more about: Key information security challenges for 2025 (4:20) How to manage supply chain risks and AI-related security challenges (9:34) How to align cybersecurity objectives with business objectives (20:16) Standout Quotes: “The piece that worries me the most, and I've said this for a very long time, is the data integrity. AI data sets are vulnerable to deliberate poisoning or accidental pollution. Now, if I talk to AI providers, they will tell me that their AI is sufficiently intelligent, that it can really spot these things. I don't buy it. If I'm using AI, I want to make sure that the data it's actually telling me to make decisions about has a huge amount of the traditional information security guidance around it.” - Steve Durbin “The challenge for us is to align cyber risk management with the needs of the business by identifying how risk management and resilience are aligned and help to meet business objectives. That way, I can guarantee you will get the ear of the business. And if you can crack that one, then some of the other issues that we're dealing with, such as resourcing, such as alignment, such as commitment, tend to go away.” - Steve Durbin “The ones that I think are really going to succeed and flourish in 2025 are going to have aligned security with the business, and are going to have put in place mechanisms for all elements to change in sync with each other. Keeping on track is going to require a huge amount of collective collaboration across the enterprise.” - Steve Durbin Mentioned in this episode: ISF Analyst Insight Podcast   Read the transcript of this episode Subscribe to the ISF Podcast wherever you listen to podcasts Connect with us on LinkedIn and Twitter  From the Information Security Forum, the leading authority on cyber, information security, and risk management.

    26 min
  2. Cyber Security under a Trump Administration: Thoughts on what lies ahead

    10 DEC

    Cyber Security under a Trump Administration: Thoughts on what lies ahead

    In today’s episode, journalist Nick Witchell speaks with Steve for the second of a two-part conversation about the coming Trump administration. Nick and Steve consider how Trump’s famously unpredictable behavior may impact business confidence and the steps business leaders can take to insulate their business from possible market changes. Key Takeaways: For business leaders, there is reason to be optimistic about the incoming Trump administration. Businesses in the US can take a “sit back, wait, and see” approach and await what new policies Donald Trump introduces in the beginning of his presidency.  It’s always wise to invest in cyber resilience. Tune in to hear more about: How the incoming Trump Administration can benefit businesses (1:44) How to “trump-proof” your business (5:02) The constant need for cyber resilience, no matter who’s leading the country (8:07) Standout Quotes: “So what do you expect from any incoming elected leader? Well, you hope for clarity. You hope for a very clear set of guidelines within which you can operate. You hope for removal of ambiguity. You hope for a reduction, I would say, in unnecessary regulation. The opposite of that, that what slows business down is an increase in regulation that is perhaps unnecessary and a lack of clarity. So I think that businesses will be hoping for that clarity.” - Steve Durbin “I think that certainly focusing more on the need for cyber resilience is something that business leaders need to do. I don't know that I particularly want my government to be telling me what to do. So I very much like being able to run my business in the way that I think is best suited to my needs. I'm not a fan of nanny government. What I am a fan of is clarity in government, understanding from government, and allowing me to get on and do what I'm good at.” - Steve Durbin “People are desperately looking for some form of guidance, something to trust. And I think that business leaders have a relatively unique opportunity, because we do have huge responsibility to the people that work within our businesses and also to our customers. And there's a significant opportunity, I think, in that, to carve out a path that allows us to be viewed in a way that, yes, suits the needs of the business, but also fills this gap in society for something that you can actually trust, something that people know you really do stand for and can get behind.” - Steve Durbin Mentioned in this episode: ISF Analyst Insight Podcast Read the transcript of this episode Subscribe to the ISF Podcast wherever you listen to podcasts Connect with us on LinkedIn and Twitter From the Information Security Forum, the leading authority on cyber, information security, and risk management.

    12 min
  3. Why Cyber Security Deserves a Place in the Political Spotlight

    3 DEC

    Why Cyber Security Deserves a Place in the Political Spotlight

    In today’s episode, journalist Nick Witchell speaks with Steve about the coming Trump administration will mean for businesses. In the first part of their two-part discussion, Steve and Nick consider potential changes to the US approach to tech regulation and foreign policy. Key Takeaways: The fact that cyber security wasn’t part of Donald Trump’s campaign, doesn’t necessarily mean it won’t be a focus of his presidency. Election interference is about misinformation as much (if not more)  as it is about hackers getting into voting systems. Government must collaborate with private sector to create meaningful policies around digital security.  Tune in to hear more about: Expectations and hopes for the Trump administration’s approach to cyber security (2:35) Regulation of social media (6:51) The importance of cooperation between government and private sector (11:43) Standout Quotes: “If we look at some of the initiatives that he [Donald Trump] has in place around, for instance, immigration, then cybersecurity is fairly core and central to some of these programs and plans, because anything that involves technology, of course, also involves cybersecurity. So I think that that's the way we're going to start seeing cyber coming into his perspective on the world. Where it touches some of his other frontline policies, then we're going to see it playing a role.” - Steve Durbin “As soon as you implement technology without security, you're creating a huge problem for yourself further down the road; one which, unless you have invested ahead of time, is going to cost you a horrible amount of money to try to fix later.” - Steve Durbin “You need to have people in government who've actually been there and done it, because if you haven't, then where do you begin? And so I'd like to see a lot more collaboration between government and private sector in terms of getting a lot more knowledge, frontline knowledge, into some of the things that you absolutely must do to secure this technology, rather than simply deciding that that's the way we're going to go and then leaving it up to the different departments to figure things out.” - Steve Durbin Mentioned in this episode: ISF Analyst Insight Podcast Read the transcript of this episode Subscribe to the ISF Podcast wherever you listen to podcasts Connect with us on LinkedIn and Twitter From the Information Security Forum, the leading authority on cyber, information security, and risk management.

    14 min
  4. Stephen Pritchard - Insights Interview: Geopolitics and cyber threats, with the ISF's Steve Durbin

    26 NOV

    Stephen Pritchard - Insights Interview: Geopolitics and cyber threats, with the ISF's Steve Durbin

    An interview with Steve Durbin, ISF CEO, by Security editor Stephen Pritchard. Originally published by Security Insights Podcast. Cybersecurity and geopolitics are more tightly linked than ever. The growth of online espionage, attacks by state actors, and governments turning a blind eye to cybercrime, are all increasing risk. And the “attack surface” is growing too. More and more of what we do every day is online, and this presents more opportunities to bad actors. In a connected world, it does not take much to cause huge disruption, whether by accident or design. The rise in ransomware over the decade shows just how vulnerable we are to cyber attack. And some of the most prolific ransomware groups have at least informal ties to nation states. But behind the scenes, the threats from state-based, not just state sanctioned, cyber attacks are growing. This, in turn, needs a different response from organisations, and their security teams. Geopolitics is driving cybersecurity threats, in ways that could hardly be imagined in the early days of the information security business. Our guest this week is Steve Durbin, CEO of the Information Security Forum. As he points out, a lot has changed over the last few decades, and especially in the last few years. We are now in a very risky place. And, in an increasingly connected world, cyber has the potential to be the “Achilles Heel” of our defences, he argues. Could we see the current level of cyber threats spill over into more overt conflict? And do organisations have the resources to operate in a more dangerous world?

    30 min
  5. BONUS: Raffael Marty - Getting Inside the Mind of the Hacker

    19 NOV · BONUS

    BONUS: Raffael Marty - Getting Inside the Mind of the Hacker

    In this episode, ISF CEO Steve Durbin is in conversation with Raffael Marty, Executive Vice President and General Manager of Cybersecurity Management at ConnectWise. Raffael is also the author of Applied Security Visualization and the Security Data Lake. He and Steve discuss how to prevent data from being compromised, what government and private enterprise can learn from each other vis a vis cybersecurity, the pros and cons of cyberinsurance, and more. Related ISF Resources: Protecting the Crown Jewels: How To Secure Mission-Critical Assets Mentioned in this episode: ISF Analyst Insight Podcast Read the transcript of this episode Subscribe to the ISF Podcast wherever you listen to podcasts Connect with us on LinkedIn and Twitter From the Information Security Forum, the leading authority on cyber, information security, and risk management

    34 min
  6. BONUS: Dr. Christopher Hand - Nurturing Online Wellbeing: Exploring digital identities

    12 NOV · BONUS

    BONUS: Dr. Christopher Hand - Nurturing Online Wellbeing: Exploring digital identities

    This episode is the first part of a two-part conversation between Steve and Dr. Christopher Hand. Chris is a senior lecturer in psychology at the University of Glasgow in Scotland. He and Steve talk about trust and authenticity online, cyber-bullying in the context of work, and what we know so far about the decision to return to the office post-pandemic. Mentioned in this episode: ISF Analyst Insight Podcast Read the transcript of this episode Subscribe to the ISF Podcast wherever you listen to podcasts Connect with us on LinkedIn and Twitter From the Information Security Forum, the leading authority on cyber, information security, and risk management

    23 min
  7. BONUS: Geoff White - From Cartels to Crypto: The digitalisation of money laundering

    5 NOV · BONUS

    BONUS: Geoff White - From Cartels to Crypto: The digitalisation of money laundering

    Today, Steve is speaking with investigative tech journalist Geoff White, who has been covering tech and financial crime for more than 20 years. Listeners may be familiar with his popular podcast The Lazarus Heist for the BBC World Service, and now his new book, Rinsed: From Cartels to Crypto: How the Tech Industry Washes Money for the World's Deadliest Crooks, will be available from Penguin Random House next week.  Steve and Geoff discuss current trends in organized cybercrime, how these criminals are—or maybe aren’t—adopting AI, and the difficulties law enforcement still faces in helping the victims of these crimes. Key Takeaways: 1.  Nation states and government agencies have been known to adopt tactics from organized crime gangs and activists – a sort of trickle-up effect. 2. As technological advancements are presenting criminals with new avenues for money laundering, law enforcement is not always able to keep up and instead is having to prioritize high level crimes. 3. The law enforcement landscape is a fast changing world, as agencies adapt and gain more awareness of cybercrime tactics relating to AI and cryptocurrencies. Tune in to hear more about: 1. Cybercrime evolution, nation-state involvement, and tactics (3:31) 2. AI use in cybercrime, potential for innovation and defense (8:29) 3. Cybercrime and money laundering, with a focus on the role of technology and law enforcement (11:45) 4. Cybercrime, crypto, and organized crime evolution (15:59) Standout Quotes: 1. “Sometimes the tools of organized cybercrime, gangs, nation states have also learned from hacktivists. From leaks from people like WikiLeaks or from Anonymous, they've learned the damage that a leak can do a leak of information can do. And that's fed into that disinformation piece nation states now extremely astute at getting in stealing information and then weaponizing that information to change elections, to change people's attitudes, to influence world events, the nation states have got both feet in to this cybercrime game.” -Geoff White 2. “I think maybe it's worth thinking like a criminal and understanding how thinking like a criminal is different to thinking like a different type of enterprise. The reason I enjoy thinking about organized crime and covering organized crime is because it's organized. These are networks, as you say, of professional, organized people. But they're not out to win customers. They're not like Microsoft and Google who wants to come out with innovation and innovative new products to win customers in their competition. No. They want to make money from victims. And frankly, as long as you're making enough money from your victims month in month out, you don't change. There's no reason to innovate. Crime gangs innovate when law enforcement and the force of authority stop them from making the money they usually make. That's when you innovate.” -Geoff White 3. “I think there was a time when, frankly, explaining Bitcoin to sort of rank and file police officers was a struggle. I think those days are gone … There's been this realization that things like cryptocurrency is something that law enforcement needs to be on top of.” -Geoff White 4. “As cryptocurrency gets larger, as more financial institutions get behind it, as governments get behind it, yes, it can make it more legitimate, it can expand the legitimacy of it. But it also creates more noise, if you like, for the criminals to hide.” -Geoff White Mentioned in this episode: ISF Analyst Insight Podcast Read the transcript of this episode Subscribe to the ISF Podcast wherever you listen to podcasts Connect with us on LinkedIn and Twitter From the Information Security Forum, the leading authority on cyber, information security, and risk management.

    23 min
  8. BONUS: Brian Lord - AI, Mis- and Disinformation in Election Fraud and Education

    29 OCT · BONUS

    BONUS: Brian Lord - AI, Mis- and Disinformation in Election Fraud and Education

    This is the second of a two-part conversation between Steve and Brian Lord, who is currently the Chief Executive Officer of Protection Group International. Prior to joining PGI, Brian served as the Deputy Director of a UK Government Agency governing the organization's Cyber and Intelligence Operations. Today, Steve and Brian discuss the proliferation of mis- and disinformation online, the potential security threats posed by AI, and the need for educating children in cyber awareness from a young age. Key Takeaways: 1. The private sector serves as a skilled and necessary support to the public sector, working to counter mis- and disinformation campaigns, including those involving AI. 2. AI’s increasing ability to create fabricated  images poses a particular threat to youth and other vulnerable users. Tune in to hear more about: 1. Brian gives his assessment of cybersecurity threats during election years. (16:04) 2. Exploitation of vulnerable users remains a major concern in the digital space, requiring awareness, innovative countermeasures, and regulation. (31:0) Standout Quotes: 1. “I think when we look at AI, we need to recognize it is a potentially long term larger threat to our institutions, our critical mass and infrastructure, and we need to put in countermeasures to be able to do that. But we also need to recognize that the most immediate impact on that is around what we call high harms, if you like. And I think that was one of the reasons the UK — over a torturously long period of time — introduced the The Online Harms Bill to be able to counter some of those issues. So we need to get AI in perspective. It is a threat. Of course it is a threat. But I see then when one looks at AI applied in the cybersecurity test, you know, automatic intelligence developing hacking techniques, bear in mind, AI is available to both sides. It's not just available to the attackers, it's available to the defenders. So what we are simply going to do is see that same kind of thing that we have in the more human-based countering the cybersecurity threat in an AI space.” -Brian Lord 2. “The problem we have now — now, one can counter that by the education of children, keeping them aware, and so on and so forth— the problem you have now is the ability, because of the availability of imagery online and AI's ability to create imagery, one can create an entirely fabricated image of a vulnerable target and say, this is you. Even though it isn’t … when you're looking at the most vulnerable in our society, that's a very, very difficult thing to counter, because it doesn't matter whether it's real to whoever sees it, or the fear from the most vulnerable people, people who see it, they will believe that it is real. And we've seen that.” -Brian Lord Mentioned in this episode: • ISF Analyst Insight Podcast Read the transcript of this episode Subscribe to the ISF Podcast wherever you listen to podcasts Connect with us on LinkedIn and Twitter From the Information Security Forum, the leading authority on cyber, information security, and risk management.

    23 min
See All (285)

Trailer

Ratings & Reviews

4.7
out of 5
12 Ratings

About

The ISF Podcast brings you cutting-edge conversation, tailored to CISOs, CTOs, CROs, and other global security pros. In every episode of the ISF Podcast, Chief Executive, Steve Durbin speaks with rule-breakers, collaborators, culture builders, and business creatives who manage their enterprise with vision, transparency, authenticity, and integrity. From the Information Security Forum, the leading authority on cyber, information security, and risk management.

Information

  • Creator
    Information Security Forum Podcast
  • Years Active
    2016 - 2024
  • Episodes
    285
  • Rating
    Clean
  • Copyright
    © 263000
  • Show Website
    ISF Podcast

You Might Also Like

To listen to explicit episodes, sign in.

Stay up to date with this show

Sign in or sign up to follow shows, save episodes and get the latest updates.
Select a country or region

Africa, Middle East, and India

Asia Pacific

Europe

Latin America and the Caribbean

The United States and Canada