The Security Strategist

EM360Tech

Stay ahead of cyberthreats with expert insights and practical security . Led by an ensemble cast of industry thought leaderss offering in-depth analysis and practical advice to fortify your organization's defenses.

  1. EPISODE 1

    Why the Cybersecurity Industry Needs Podcasts

    Podcasts are revolutionising how we raise awareness about cybersecurity.  They offer an interactive and engaging way to bring essential topics like AI, zero trust, and the human element into everyday conversations. By breaking down these complex issues into relatable and exciting discussions, podcasts make cybersecurity accessible and understandable to a broader audience. In this podcast, Chris Steffen, VP of Research at EMA and Paulina Rios Maya, Head of Industry Relations at EM360Tech, discuss the transformative power of podcasts in the cybersecurity world.  Key Takeaways Podcasts are a valuable tool for educating and engaging the cybersecurity industry.Cybersecurity professionals should advocate for themselves and discuss cybersecurity in accessible and engaging formats. Chapters 00:00 - Introduction and Launching the Podcast 03:17 - Advocating for Cybersecurity and Thought Leadership 07:03 - Exploring AI and Zero Trust in Cybersecurity 09:31 - The Human Factor in Cybersecurity 13:36 - Continuous Improvement in the Cybersecurity Industry 17:40 - Conclusion and Where to Find More

    19 min

  2. EPISODE 2

    Improv a Secret Weapon Against Cyber Threats

    Who knew that improv could revolutionise your cybersecurity strategies? Imagine your team, prepared and ready, responding to threats with the quick wit and adaptability of seasoned improvisers!  Communication and collaboration are the secret sauce of robust cybersecurity. Improv supercharges team communication and cranks up problem-solving skills to eleven.  In this podcast, Jeremy Strozer, Artistic Director at Wild Atlantic Theatre, and Paulina Rios Maya, Head of Industry Relations, discuss how improv can become your secret weapon against cyber criminals.  Key Takeaways: Improv techniques can enhance the adaptability of cybersecurity teams during incidents.Communication and collaboration are critical in cybersecurity, and improv can improve team communication. Chapters: 00:00 - Introduction 01:33 - Becoming Interested in Improv 03:00 - Using Improv in Strategic Planning 04:49 - Playing Out Scenarios 06:39 - Improving Communication in Teams 08:06 - Identifying and Mitigating Security Threats 09:02 - Conclusion

    10 min

  3. EPISODE 3

    Understanding PCI DSS 4.0, NIS2, and DORA Cybersecurity Compliance

    Understanding Cybersecurity Compliance: PCI DSS 4.0, NIS2, and DORA Directives Explained Compliance with cybersecurity standards is essential for any organisation to protect sensitive information, maintain customer trust, and mitigate the risks associated with data breaches and cyber threats. Adhering to recognized frameworks and regulations, not only safeguards the integrity, confidentiality, and availability of data but also demonstrates a proactive commitment to security best practices.  Join Chris Steffen and Uri Dorot, Senior Product Marketing Manager at Radware, as they delve into the critical aspects of compliance with cybersecurity standards.  Themes CompliancePCI DSS 4.0 NIS2 Dora Chapters 00:00 - Introduction and Overview 02:20 - Complying with the Latest Cybersecurity Standards: PCI DSS 4.0 09:37 - Understanding and Implementing NIST 2: Enhancing Cybersecurity in the EU 19:28 - Preparing for DORA: Operational Resilience for Financial Organisations 23:08 - Conclusion and Key Takeaways

    23 min

  4. EPISODE 4

    Cybersecurity Automation: Cutting Through the Manual Clutter

    In cybersecurity, manual processes such as using spreadsheets for application security are becoming increasingly inadequate. These traditional methods are time-consuming and error-prone and struggle to scale with the growing volume of threat sophistication.  Automation, particularly in Software Composition Analysis (SCA), is a beacon of hope in the face of these challenges. It brings relief by streamlining the identification and response to security threats, providing a more efficient and effective solution.  In this podcast, Chris Lindsey, application security evangelist for Mend.io., and Richard Stiennon, Chief Research Analyst at IT-Harvest, discuss how SCA tools can help identify vulnerabilities and the benefits of dependency automation.   Key Takeaways: Manual processes in application security are inefficient and cannot keep up with the speed of innovation.Upgrading dependencies is crucial to address security vulnerabilities and reduce security debt. Chapters: 00:00 - Introduction and Background 02:23 - The Limitations of Manual Processes in Application Security 06:40 - The Role of Software Composition Analysis in Identifying Security Threats 10:02 - The Importance of Upgrading Dependencies in Application Security 13:44 - Integrating Automation into the CI/CD Pipeline for Application Security 21:05 - MEND.IO: Scalable and Comprehensive Security Solutions

    24 min

  5. EPISODE 6

    Zero Trust Security: Mastering the Weakest Link

    Zero Trust architecture is a modern security approach that enhances protection by focusing on network segmentation and granular access control, moving away from traditional perimeter defences. This model helps prevent breaches and limits the spread of threats within a network. While transitioning to Zero Trust can be challenging, it can be implemented gradually without disrupting existing systems. Future advancements may include a software bill of materials to verify the integrity of the code used within the network. In this episode, William Malik, advisor at Lionfish Tech, speaks to Paulina Rios Maya, Head of Industry Relations at EM360, about Zero Trust architecture, security breaches and network segmentation.  Key Takeaways: Zero Trust architecture eliminates the concept of a perimeter and focuses on network segmentation and granular access control.Transitioning to the Zero Trust model can be done incrementally without disrupting the entire environment.The future of Zero Trust security may involve implementing a software bill of materials to ensure the veracity of the code being used. Chapters: 00:00 - Introduction to Zero Trust Architecture 02:23 - The Importance of Network Segmentation 04:45 - Transitioning to Zero Trust 13:25 - The Future of Zero Trust

    16 min

  6. EPISODE 7

    Rethinking Security in the Age of Zero Trust

    In the post-pandemic world, relying solely on perimeter-based identity security is no longer sufficient. Increased cloud adoption, expanded access permissions, and the complexities of modern cloud environments have exposed vulnerabilities that traditional methods can't address. Issues like VPN weaknesses and inadequate security controls highlight the need for a new approach. Explore the critical components of Zero Trust, including explicit verification, least privilege access, continuous monitoring, and adaptive policies. Discover how shifting to a Zero Trust framework can better protect your organisation in today’s complex and evolving landscape.  In this episode of The Security Strategist, Vivin Sathyan, Senior Technology Evangelist at ManageEngine, speaks to Alejandro Leal, Analyst at KuppingerCole, about why evolving your security strategy is essential for staying secure and resilient.  Key Takeaways: A layered approach to user, application, device, and network security is crucial for comprehensive protection, reducing the overall attack surface and focusing on newer threats.Common user vulnerabilities include weak authentication, insider threats, privilege escalation, misconfigured access controls, and unpatched vulnerabilities.Organisations can better protect against these risks at the identity level by implementing risk assessment procedures, enforcing strong password policies, monitoring user behaviour for anomalies, and providing context-based employee training. Chapters 00:00 Introduction and Challenges of Perimeter-Based Approach 05:09 Zero Trust: Critical Components and Differences 09:55 The Importance of a Layered Approach to Security 13:15 Common Vulnerabilities Associated with Users 18:04 Protecting Against Risks at the Identity Level 21:26 Translating the Zero Trust Philosophy into Actionable Steps with Managed Engine

    26 min

  7. EPISODE 8

    What Would 1% Do to Your Business: ML for Optimal Security Strategies

    Understanding the key differences between approaches in the EU and the US can help unlock maximum value with the right security strategies. Traditional methods often fall short, but integrating Machine Learning (ML) into your security framework can transform your defence against modern threats.  Embrace a dynamic approach to security that adapts to evolving risk profiles. ML optimises your security investments and ensures that measures are tailored to specific threats, enhancing protection and efficiency.  In this episode of the Security Strategist, Chris Steffen, EMA's VP of research, speaks to Brady Harrison, Kount's Director of Customer Analytics Solution Delivery, to discuss maximising value through optimal security strategies. Key Takeaways: Finding a balance between fraud prevention and sales generation is crucial for optimising security strategies.Machine learning can help businesses make informed, risk-based decisions by analysing large volumes of data in real-time.Optimising security investments involves evaluating the cost-benefit trade-offs and setting appropriate risk thresholds. Chapters: 00:00 - Introduction to the Security Strategist podcast 00:25 - Introduction to Kount and its focus on customer analytics and fraud prevention 01:49 - Differences between EU and US security strategies 05:12 - Balancing fraud prevention and sales conversion 08:59 - Optimizing security investments with machine learning 14:43 - Advantages of machine learning in security 18:31 - Setting security strategy based on machine learning 23:47 - Treating customers as good until proven otherwise 25:11 - Conclusion and call to action

    26 min

  8. EPISODE 9

    Cutting Through the Noise: Redefining Detection and Response With Secureworks

    When looking for the right cybersecurity to keep your organization safe, it’s easy to get overwhelmed by the acronyms and solutions on the market today. EDR. MDR. XDR. NDR. How can organizations really identify not only what they need, but what solutions can evolve with their strategies?  In this episode of the EM360 Podcast, Chris Steffen, EMA's Vice President of Research, speaks to Kyle Falkenhagen, Secureworks’ Chief Product Officer, to discuss how organizations are investing in extended detection and response solutions as a comprehensive approach to cybersecurity.  Key Takeaways: XDR (Extended Detection and Response) is a comprehensive approach that combines proactive risk reduction with reactive response. But not all solutions are equal, and it’s important to understand the distinction between basic and robust response.Identity plays a critical role in cybersecurity, with many breaches having an identity component. Organizations should focus on securing their identity environment and detecting and responding to identity-based threats.Balancing proactive security measures with traditional detection and response is vital for improving security posture. Organizations should look for security partners that can provide reactive and proactive capabilities. Chapters:  00:00 - Introduction and Background 02:48 - The Role of Response in XDR 08:50 - Balancing Proactive Security and Detection & Response 11:03 - The Significance of Identity in Cybersecurity 18:51 - Integrating Threat and Exposure Data for Better Security Posture 23:23 - Conclusion

    24 min
See All Season 1 (70)

About

Stay ahead of cyberthreats with expert insights and practical security . Led by an ensemble cast of industry thought leaderss offering in-depth analysis and practical advice to fortify your organization's defenses.

Information

  • Creator
    EM360Tech
  • Episodes
    174
  • Seasons
    1
  • Rating
    Clean
  • Copyright
    © Copyright 2025 EM360Tech
  • Show Website
    The Security Strategist