Prabh Nair

Prabh Nair
  • 5.0 (3)
  • TECHNOLOGY
  • UPDATED DAILY

Dive deep into the world of information security with Prabh Nair, a seasoned expert with a knack for distilling complex topics into easily digestible insights. Each episode, spanning just 15 minutes, is designed to provide listeners with a concise and clear understanding of the ever-evolving landscape of infosec. Whether you're a professional looking to stay updated, a student eager to learn, or just curious about the digital realm, Prabh's enlightening discussions promise to keep you informed and engaged. Tune in for your regular dose of cybersecurity wisdom, all in a quarter of an hou

  1. 12H AGO

    ISO/IEC 42001 Practical AIMS Implementation Step By Step

    In this bootcamp session, Prabh Nair breaks down ISO/IEC 42001 and the practical reality of AI governance inside organizations.If you are trying to implement an AI Management System (AIMS), this session walks you through the governance principles, the clause structure, the documentation mindset, and how to run AI risk assessments and impact assessments in a way that stands up to audits.WHAT YOU’LL LEARN- Why AI governance matters: bias, misinformation, misuse, and trust- The 5 AI governance principles: accountability, transparency, fairness, safety, and balanced innovation- ISO/IEC 42001 structure: clauses, annexes, and the PDCA cycle- AIMS implementation in 4 phases: gap analysis, planning, implementation, verification- Defining your organizational role: AI provider, producer, customer, partner, subject, authority- Project charter essentials: scope, context analysis, interested parties- Risk assessment methodology: likelihood, impact, and how to set criteria based on context- Risk assessment vs impact assessment: business risk vs human harm- When assessments must be repeated: planned intervals and major changes (data, model, rollout, geography)- Documentation and audit readiness: objectives, SoA, change management, competence, awareness, version controlPractical AI Governancehttps://www.youtube.com/watch?v=dQUML9vnlY4&t=3180s&pp=ygUKYWltcyBwcmFiaA%3D%3DAI Governancehttps://www.youtube.com/watch?v=LgFBi5XD-Ow&t=5668s&pp=ygUTYWkgZ292ZXJuYW5jZSBwcmFiaA%3D%3DAI Agent Governance https://www.youtube.com/watch?v=i721IZkpG8I&t=423s&pp=ygUYYWdlbnRpYyBnb3Zlcm5hbmNlIHByYWJo#ISO42001 #AIGovernance #AIMS #AIRiskAssessment #AICompliance #ISOCertification #Cybersecurity #GRC

    1h 51m

  2. 1D AGO

    Lazarus Group Exposed: How North Korea’s Cybercrime Machine Really Works

    Lazarus Group (widely attributed to North Korea) isn’t just “hacking” – it’s a repeatable cybercrime process: phishing, recruitment fraud, access, theft, then cryptocurrency laundering.In this podcast, investigative journalist and author Geoff White joins Prabh to break down how modern cybercrime actually works, why HR teams are now part of the attack surface, and what leaders can do to reduce real-world risk.GUESTGeoff White (LinkedIn): https://uk.linkedin.com/in/geoffwhitetechWHAT WE COVER- Lazarus tactics: phishing, insider targeting, and recruitment-style social engineering- Recruitment fraud: why Cybersecurity + HR must work together- Crypto laundering evolution: wallets → mixers → OTC brokers and beyond- WannaCry investigation lessons and why “evidence” can mislead- State cyber warfare: how weaker states use cyber tactics for leverage- AI and investigations: why human intuition still matters- Resilience planning: build an “if team” (prevention) and a “when team” (response)KEY TAKEAWAYS (FAST RECAP)1) Treat cybercrime like a business process, then break the chain.2) Recruitment and HR workflows are now security controls, not “admin work.”3) Incident readiness is not optional – plan for “when,” not just “if.”#LazarusGroup #CyberCrime #NorthKorea #CryptoLaundering #RecruitmentScam #Phishing #IncidentResponse #CyberSecurity #OSINT #ThreatIntel

    44 min

  3. 2D AGO

    CISO Mindset Explained | Cybersecurity Leadership, Business Risk & Resilience

    In this episode, Prabh Nair is joined by Jayant, CISO for Asia Pacific and Japan at Check Point Software Technologies, for a grounded conversation on what cybersecurity leadership really means at the CISO level.The discussion goes far beyond tools, products, and frameworks. It focuses on the mindset shift every CISO must make — from being a technical security expert to becoming a business-aligned risk leader.Jayant shares real-world experiences from global enterprises, including a critical lesson from deploying network access controls in a low-latency trading environment. The case highlights a hard truth many security leaders learn late: a technically correct control can still be a business failure if it ignores how the business actually operates.Throughout the conversation, the focus remains on understanding business dynamics, risk appetite, and outcomes before deploying security controls. We explore how the role of the CISO has evolved as enterprises moved from a small set of tools to managing dozens of security platforms, multiple cloud service providers, and complex regulatory expectations across regions.Key themes discussed include:Why CISOs must act as translators between technology, business, and regulatorsHow security practices need to align with peak business usage and time-to-market pressuresThe shift from CapEx to OpEx models and its impact on security strategyChallenges of securing cloud and hybrid environments, especially for regulated and critical infrastructuresWhy cyber resilience is about tested failover and recovery, not documentationHow regulators now demand evidence that controls actually workThe role of AI in cybersecurity — not as magic, but as an amplifier of both threats and defensesJayant also shares insights on CISO leadership skills, emphasizing adaptability, stakeholder alignment, and the ability to communicate cyber risk in business language to CEOs, CFOs, boards, and regulators.If you are a:CISO or aspiring CISOSecurity leader, architect, or consultantGRC, audit, or risk professionalEngineer transitioning into leadershipthis episode will help you understand how CISOs think, decide, and balance growth with security in real organizations.CISO talkshttps://www.youtube.com/playlist?list=PL0hT6hgexlYwPTD-wC3oFBe27VGEiizg1NIST Serieshttps://www.youtube.com/watch?v=VcC_KabV_Ho&list=PL0hT6hgexlYy0vBwMv0eteiyAxB48RQzy&pp=gAQBiAQBGRC Serieshttps://www.youtube.com/watch?v=mq_vSLHm4r0&list=PL0hT6hgexlYztA41j1bceTfVagP9mtq28&pp=gAQBLinkedin Profile of Prashanthttp://linkedin.com/in/prashant-mohan-cissp-issap-ccsp-04610215Book Building Blocks: Comprehensive guide to build a security architecture programhttps://amzn.to/4szY0QvISO 27001 Videohttps://www.youtube.com/watch?v=sQqJH2naU6I&t=1454s&pp=ygUeaXNvIDI3MDAxIGltcGxlbWVudGF0aW9uIHN0ZXBzISO 27001 Implementation Guidehttps://www.youtube.com/watch?v=GBfwk10Hh-o&pp=ygUeaXNvIDI3MDAxIGltcGxlbWVudGF0aW9uIHN0ZXBzGRC Practical Serieshttps://www.youtube.com/playlist?list=PL0hT6hgexlYztA41j1bceTfVagP9mtq28GRC Interviewhttps://www.youtube.com/playlist?list=PL0hT6hgexlYz1Usn1Nrnur6OzVoz59zylInternal Audithttps://www.youtube.com/playlist?list=PL0hT6hgexlYyNWBcGYfabwumCr0GKmLWv#ciso #cybersecurity #infosec #resilience #cyberresilience

    59 min

  4. 5D AGO

    Crafting the Ideal ISO 27001 Project Initiation Document

    Are you planning to implement ISO 27001 and wondering how to start? In this comprehensive video, we guide you through the process of writing a Project Initiation Document (PID) specifically for ISO 27001 implementation. This is the first video that covers everything from scratch—so whether you're a beginner or a seasoned professional, this video is designed to help you prepare a successful Project Initiation Document.What You Will Learn:What is a Project Initiation Document? We break down its purpose and significance in ISO 27001 implementation.Key Questions to Ask: Discover the essential questions you need to address while preparing a PID.Complete Content Overview: A detailed breakdown of what your Project Initiation Document should include, such as scope, objectives, timelines, risk management, and resources.Best Practices for ISO 27001 Implementation: Practical tips on how to structure your document to ensure a smooth ISO 27001 project kick-off.This video is a must-watch for anyone tasked with ISO 27001 implementation, especially those unfamiliar with creating a Project Initiation Document. By the end, you'll have a clear understanding of how to write an effective PID that sets the foundation for a successful ISO 27001 project. Key Topics Covered:Introduction to Project Initiation Documents (PIDs)Content required in a PID for ISO 27001Questions you must answer before creating your PIDReal-world case examples and step-by-step explanations💡 Why This Video is Unique: This is the first video to provide a detailed, practical guide on preparing a Project Initiation Document tailored to ISO 27001 implementation. If you're looking to save time and avoid mistakes in your ISO 27001 project, this is the resource for you.How to Implement ISO 27001 Implementatationhttps://www.youtube.com/watch?v=tvd1MUf3aHE&pp=ygUeaXNvIDI3MDAxIGltcGxlbWVudGF0aW9uIHN0ZXBzHow to Write ISMS Context Part 2https://youtu.be/wL2GSovv4Ok🔔 Don’t forget to like, comment, and subscribe for more in-depth ISO 27001 implementation guides!#ISO27001 #ProjectInitiationDocument #ISO27001Implementation #ISMS #CyberSecurity #Compliance #ProjectManagement #InformationSecurity #CyberSecurity2024 #ISO27001StepByStep

    34 min

  5. 6D AGO

    VIBE Coding Explained: Build Apps From English Prompts

    Turn plain English into working apps—safely. In this episode, Prabh and Siva unpack VIBE/VIP coding: using AI coding co-pilots to prototype websites and apps fast, with human-in-the-loop validation, security guardrails, and real software engineering discipline. We cover white coding for non-developers, secure AI development practices, and how to use AI to audit code—not replace developers.What you’ll learnVIBE/VIP coding workflow: idea → prompt → prototype → review → harden → shipAI as co-pilot (not autopilot): when to trust, verify, and hand-codeWhite coding for non-tech users: launch sites/apps quickly with oversightSecurity and governance: secrets handling, dependency checks, threat modeling, audit trailsHuman-in-the-loop gates: code review, tests, approvals, and rollback plansTooling stack: prompt builders, code assistants, prototyping and mobile app toolsUsing AI to audit work: test generation, linting, SBOM and supply-chain checksFrom POC to production: CI/CD, versioning, monitoring, and pen-test loopsWho this is forFounders, PMs, BAs, designers, and engineers who want AI-assisted development speed without losing quality, security, or governance.#AICoding #VIBECoding #VIPCoding #AIForBuilders #HumanInTheLoop #AIGovernance #SecureDevelopment #NoCode #LowCode #AIPrototyping #PromptEngineering #DevTools #AppDevelopment #CICD #SoftwareSecurity

    1h 18m

  6. FEB 11

    How to Prepare for ISSAP Certification

    In this podcast, Prabh Nair sits down with Aamir, who successfully cleared the ISSAP certification in his first attempt, to break down the real preparation journey behind one of the most challenging security architecture exams.Aamir shares his experience preparing for ISSAP with over 12 years of hands-on cybersecurity experience, explaining why ISSAP is not just a technical exam, but one that demands a security architect and enterprise mindset. He explains the revised ISAP structure, the four domains, and why Domain 3 (Infrastructure and System Security) carries the highest weightage and difficulty.The discussion covers how candidates should think while preparing for ISSAP, including the importance of defense-in-depth, secure-by-design, risk-based decision making, and understanding how security actually works inside large organizations. Aamir also explains why many candidates struggle with Domain 2 (Security Architecture Modeling) and how CISSP and CCSP concepts indirectly support ISAP preparation.We also discuss the ISSAP eligibility requirements, how the certification differs from CISSP and CCSP, the role of enterprise security architecture, IAM, federation, SSO, governance, and cloud architecture concepts that appear in the exam. Aamir shares honest insights about the lack of official resources, how he used books, CBK references, and practice techniques, and why patience and consistency matter more than shortcuts.Towards the end, the conversation moves into CISSP preparation strategy, where Aamir shares how understanding the ISC2 mindset, scenario-based questions, and architectural thinking helped him approach both ISSAP and CISSP with confidence.If you are planning to pursue ISSAP certification, security architecture roles, or want to understand what it really takes to clear advanced cybersecurity certifications, this episode gives you a realistic, experience-based roadmap.ISSAP Playlisthttps://www.youtube.com/playlist?list=PL0hT6hgexlYxZWJFIZbOqpkbKCT3u0ILeCISO talkshttps://www.youtube.com/playlist?list=PL0hT6hgexlYwPTD-wC3oFBe27VGEiizg1NIST Serieshttps://www.youtube.com/watch?v=VcC_KabV_Ho&list=PL0hT6hgexlYy0vBwMv0eteiyAxB48RQzy&pp=gAQBiAQBGRC Serieshttps://www.youtube.com/watch?v=mq_vSLHm4r0&list=PL0hT6hgexlYztA41j1bceTfVagP9mtq28&pp=gAQBISO 27001 Videohttps://www.youtube.com/watch?v=sQqJH2naU6I&t=1454s&pp=ygUeaXNvIDI3MDAxIGltcGxlbWVudGF0aW9uIHN0ZXBzISO 27001 Implementation Guidehttps://www.youtube.com/watch?v=GBfwk10Hh-o&pp=ygUeaXNvIDI3MDAxIGltcGxlbWVudGF0aW9uIHN0ZXBzGRC Practical Serieshttps://www.youtube.com/playlist?list=PL0hT6hgexlYztA41j1bceTfVagP9mtq28GRC Interviewhttps://www.youtube.com/playlist?list=PL0hT6hgexlYz1Usn1Nrnur6OzVoz59zylInternal Audithttps://www.youtube.com/playlist?list=PL0hT6hgexlYyNWBcGYfabwumCr0GKmLWv#issap #cissp #isc2

    50 min

  7. FEB 10

    MPLS Made Easy in Just 2 Minutes!

    Learn the basics of MPLS in just 2 minutes with a simple example in this video. Understand MPLS networking technology easily!

    2 min

  8. FEB 9

    APT Cozy Bear Uncovered: A High-Level Overview

    In this quick video, I break down APT Cozy Bear, one of the most notorious Advanced Persistent Threat (APT) groups. Known for their sophisticated cyber espionage campaigns, Cozy Bear has been linked to several high-profile attacks. But what exactly are they, and how do they operate?In this video, you'll learn:Who APT Cozy Bear is and their origins.The forms of attacks they specialize in.The techniques and tactics they use to infiltrate networks.We’ll keep it high-level, making it easy to understand how this APT group operates without diving too deep into technical jargon.Stay tuned for more videos on cyber threats and cybersecurity tips! Don’t forget to like, share, and subscribe for more insights into the world of cyber defense.#HACKING #cybersecurity #infosecurity

    2 min
See All (117)

Ratings & Reviews

5
out of 5
3 Ratings

About

Dive deep into the world of information security with Prabh Nair, a seasoned expert with a knack for distilling complex topics into easily digestible insights. Each episode, spanning just 15 minutes, is designed to provide listeners with a concise and clear understanding of the ever-evolving landscape of infosec. Whether you're a professional looking to stay updated, a student eager to learn, or just curious about the digital realm, Prabh's enlightening discussions promise to keep you informed and engaged. Tune in for your regular dose of cybersecurity wisdom, all in a quarter of an hou

Information

  • Creator
    Prabh Nair
  • Years Active
    2021 - 2026
  • Episodes
    117
  • Rating
    Clean
  • Copyright
    © Prabh Nair
  • Show Website
    Prabh Nair

You Might Also Like