ISF Podcast

Information Security Forum Podcast
  • 0.0 (0)
  • MANAGEMENT
  • UPDATED WEEKLY

The ISF Podcast brings you cutting-edge conversation, tailored to CISOs, CTOs, CROs, and other global security pros. In every episode of the ISF Podcast, Chief Executive, Steve Durbin speaks with rule-breakers, collaborators, culture builders, and business creatives who manage their enterprise with vision, transparency, authenticity, and integrity. From the Information Security Forum, the leading authority on cyber, information security, and risk management.

  1. Brett Johnson - From Most Wanted to Most Valuable: Inside the Cybercrime Landscape

    2 DAYS AGO

    Brett Johnson - From Most Wanted to Most Valuable: Inside the Cybercrime Landscape

    Today we bring back one of our favorite guests: former US most-wanted cybercriminal Brett Johnson. It’s been seven years since he was last on the show, and much has happened in the world of cyber. Brett shares how his perspective has changed in the past few years, and gives his thoughts on how new technologies impact cyber crime. Steve and Brett discuss compliance and what Brett’s path from prison to helping law enforcement means for other cyber criminals. Brett also answers some rapid-fire questions. Key Takeaways:  Increased ease of access to cybercrime tools and services, along with manpower problems in law enforcement, are key reasons for why cyber crime is one of the world’s largest economies today. Enterprises must shift focus from trying to block every attack to protecting their crown jewels for when an attack inevitably gets through.   Bad things happen because good people remain silent.  Tune in to hear more about: Why cybersecurity awareness training often fail (13:32) If Brett’s path to redemption is still viable for today’s cyber criminals (16:57) Some rapid-fire questions to Brett (21:35) Standout Quotes: “Cybersecurity and security overall is not a romantic thing. It's not an exotic thing. It's simply doing the nuts and bolts of what you need to do. And the problem is that largely that's not happening in the environment. If you've got management that's more interested in butter than they are in guns, you've got those types of issues.” - Brett Johnson “Cybersecurity awareness training or fraud prevention training, scam awareness, anything like that, we tend to educate at a very rational level. For scams and a lot of fraud and stuff like that, it doesn't happen at a rational level. If I'm trying to attack a person and compromise that person, I'm not doing it at a rational level. I'm doing it at an emotional level. I'm trying to get you to set reason and logic aside and to react emotionally. So all that training takes place at that rational level. You can understand it there. That doesn't mean that you understand it at the emotional level whatsoever.” - Brett Johnson “Is it harder? In one respect it is because we now have people that are aware of how money is moved, what criminals seek to do with it. Banks have become more aware of a lot of the new ways to launder and funnel funds. In many ways, it's much harder, but at the same time, criminal networks have adapted to that difficulty.” - Brett Johnson Read the transcript of this episodeSubscribe to the ISF Podcast wherever you listen to podcastsConnect with us on LinkedIn and Twitter From the Information Security Forum, the leading authority on cyber, information security, and risk management.

    26 min
  2. Steve Durbin - Global Threats, UK Blind Spots: Cyber Resilience in a Volatile World

    14 APR

    Steve Durbin - Global Threats, UK Blind Spots: Cyber Resilience in a Volatile World

    Today, Steve returns to Business Matters with Juliette Foster. The war continues to rage in Iran, and with it comes an increasing threat of cyber attacks. Steve shares his thoughts on what the conflict means for cyber investment in the private sector, British critical infrastructure, and the British government’s approach to cyber resilience. Steve and Juliette also discuss the UK Financial Minister’s Spring Statement, which didn’t include any references to cybersecurity. What does this omission signal? How will multinational companies react? Is cyber a macro economic issue? This, and more, in Steve’s latest appearance on Business Matters. Key Takeaways:  Cyber is a macroeconomic issue, not just a technical one.  AI has changed the way that the threat landscape is evolving, but it's also brought benefits for cyber defence.  Governments have limited abilities to support the cyber resilience of the private sector; cooperation between large enterprises supports the whole business landscape. Tune in to hear more about: If Steve thinks the UK Finance Minister’s spring statement will impact cyber investments (8:57) The impact on UK businesses of slower economic growth in the UK (14:59) The state of government cyber resilience in the UK (22:39) Standout Quotes: “What you have to do is you have to look at your crown jewels and back to this minimum viable company notion that I mentioned right at the beginning of our chat. You have to understand what the most critical elements of your business are, and then you can track those through these complex supply chains. Those are the pieces you need to be protecting because that's what's gonna bring your business down or ensure that you can continue to operate.”  - Steve Durbin “The business climate in the UK at the moment is exceptionally tough, exceptionally demanding. I think if you look at some of the legislation that's recently come in particularly around hiring, retaining employees, the sheer cost of doing business has risen pretty much exponentially for most organizations, and that means that they have to make cuts somewhere. If they can't do it in terms of some of the core business, they will look to some of the fringe elements. So if you've got an organization that perhaps does not view cyber as being core to what they do, then that may well be somewhere where a cut is made.” - Steve Durbin “I think we'll certainly see a maturing of the industry. It's a very young industry still in terms of the way that it's evolving and changing, and I think that with the benefit of a couple of years under our belt, then most organizations will have moved to a stronger position from a maturity standpoint, and I would hope certainly that we're talking very much more about resilience rather than protection.” Read the transcript of this episodeSubscribe to the ISF Podcast wherever you listen to podcastsConnect with us on LinkedIn and Twitter From the Information Security Forum, the leading authority on cyber, information security, and risk management.

    30 min
  3. Special edition – From Awareness to Action: Prostate Cancer, Community and the Case for Early Detection

    31 MAR

    Special edition – From Awareness to Action: Prostate Cancer, Community and the Case for Early Detection

    Today’s episode is a special one, recorded to announce an exciting and important new partnership between ISF and the organisation Prostate Cancer Research. Joining the show is PCR CEO Oliver Kemp, who for nearly a decade has worked to ensure fewer men suffer and die from prostate cancer. Steve and Oliver talk about how prostate cancer screening works and the importance of catching it early. The two also talk about the partnership and how it will help PCR’s efforts across the UK.  Key Takeaways: Early detection saves lives. If you find prostate cancer before it has reached stage 3, the survival rate is 100%. A cancer battle will affect people around you, but they will also be the people whom you can draw strength and support from.  Access to cancer screening varies between regions and demographics.  Tune in to hear more about: What PSA is and how testing for prostate cancer is done (5:28) The new partnership between ISF and PCR (18:58) How AI and new technologies can help in cancer detection (22:34) Standout Quotes: “I think us men are not always the best at going and looking after ourselves and we often need to be nagged to go out and do something. But if you've got prostate cancer, it's gonna get you one way or another, and it'll gradually grow inside of you. And it's far better getting it early and having a relatively simple procedure, which you can now be in and out of hospital in a single day rather than late-stage prostate cancer, which will have very different consequences.” - Oliver Kemp  “I think one of the great things about this partnership is first of all, we're aiming at people who often don't get tested. And there are lots of PSA tests happening across this country, but they're often focused on regional areas. So southeast of England, London has lots of testing. It has lots of the best hospitals in the world, whereas other parts of the country don't have access to that.” - Oliver Kemp  “And for people in cybersecurity, it's about being as proactive about your own health as you are about protecting your organization. So it isn't about waiting for symptoms. I didn't have any. Look at PSA tests. We've said on this show it's a very low cost. And the people that I've come across who've certainly taken that step, and sadly there are more of us than people might think, all tell me the same thing. And as for partners, families, friends that are listening, don't underestimate the power of your encouragement just being there. That's really important. You don't have to do anything big. It's just a quiet conversation that could genuinely help.” - Steve Durbin Read the transcript of this episodeSubscribe to the ISF Podcast wherever you listen to podcastsConnect with us on LinkedIn and Twitter From the Information Security Forum, the leading authority on cyber, information security, and risk management.

    30 min
  4. Martina Navratilova - Focus, Adapt, Evolve: Serving up the secrets of success

    24 MAR

    Martina Navratilova - Focus, Adapt, Evolve: Serving up the secrets of success

    In today’s episode, Steve speaks with Martina Navratilova. Martina is one of the most accomplished tennis players of all time, holding the record for most open era titles and Wimbledon wins. Since retiring from tennis, Martina has been a vocal advocate for gay rights and cancer awareness. In her conversation with Steve, she talks about the importance of screening and early detection, and why self-awareness and kindness to yourself are essential when you’re going through something difficult. The two also discuss adapting to change, how to read your opponents and why rehearsing matters – both on the tennis court and in the world of cyber. Martina also gives the audience a piece of advice on staying resilient in the face of uncertainty, from the perspective of a champion. Key Takeaways: If something doesn’t feel right in your body, get tested. And even if you’re feeling fine, do that annual physical.  There is no substitute for practice when it comes to crisis preparedness. Breaches will happen, it’s about how you respond – with clarity and honesty – that matters. Tune in to hear more about: Some news from Steve (1:33) Building the right team (10:18) Recovering after a breach (13:24) Standout Quotes: “We tend to overreact and overcorrect. Less is more in just about everything in life. Less is more. You can always add to it. But if you go too far, you've gone too far.” - Martina Navratilova “At the end of the day, if you are the big boss, you are making the decisions, you have to trust your gut. So you take all the information in, but you have to say, ‘Okay, what really feels right with my knowledge, with my intelligence, with my history, what is the best way forward?’” - Martina Navratilova “No system is bulletproof no matter what. You may hit the best serve ever, but that person guessed and they get it back. It's how you bounce back from that. But nothing is bulletproof. You just need to figure out where was the breach, how can we fix it and avoid doing it again?” - Martina Navratilova Read the transcript of this episodeSubscribe to the ISF Podcast wherever you listen to podcastsConnect with us on LinkedIn and Twitter From the Information Security Forum, the leading authority on cyber, information security, and risk management.

    18 min
  5. Rainer Hersch - The Sound of Leadership: What Orchestras can Teach Modern Business Teams

    17 MAR

    Rainer Hersch - The Sound of Leadership: What Orchestras can Teach Modern Business Teams

    In this week’s episode, Steve sits down with conductor, pianist, comedian, and broadcaster Rainer Hersch. Rainer leans on his orchestra experience to explain how leaders outside the concert hall can build deep trust and strike a balance between discipline and adaptability in a rapidly changing world. He also reveals his secret leadership weapon: humor.  Key Takeaways: Conducting an orchestra has many parallels to leading a business. Not every team member must know the entire business, but the leaders do.  Good conducting—and by extension, good leadership—is a back-and-forth effort between leaders and those being led. Tune in to hear more about: How conductors make different parts of the orchestra function in harmony (1:53) Flexibility in an orchestra and in business (6:59) How Hersch uses humor in his work as a conductor (14:54) Standout Quotes: “These analogies are very similar to how any large organization works. The only person actually who's got the kind of blueprint for the product that the orchestra is presenting to its customers, that is the orchestra score, is the conductor. Everybody else has just got their individual parts of the project. So coming together in that way musically, well, requires listening, it requires following in certain occasions, leading in others.” - Rainer Hersch “The conductor is the person who's given that one job of examining this plain piece of writing and going, okay, this is what is intended, this is the emotion that is intended. And in order to bring that emotion out, we need to do this in a certain way, and inspiring and motivating everybody else to participate in that irrespective of how they would personally go about it.” - Rainer Hersch “There are mistakes that happen in a performance, and I'm not going to stop every single mistake and go, ‘Duh-uh, bar 24 flutes.’ No. There are some things that happen, I know they will be fixed by the individual players. In a rehearsal, something happens, they miss the queue. I'll say, that'll be all right in the performance, won't it? Yes, it will. They've seen that I've seen it, and that's enough for them.” - Rainer Hersch Read the transcript of this episodeSubscribe to the ISF Podcast wherever you listen to podcastsConnect with us on LinkedIn and Twitter From the Information Security Forum, the leading authority on cyber, information security, and risk management.

    19 min
  6. Dr. Helena Boschi - Your Brain Unlocked: What Every Leader Needs to Know

    10 MAR

    Dr. Helena Boschi - Your Brain Unlocked: What Every Leader Needs to Know

    Today, Steve sits down with Dr. Helena Boschi, globally acclaimed psychologist, to talk about the best security system of all: the human brain. The two discuss how stress impacts performance in high stakes environments like cybersecurity, why trust and psychological safety matter more than ever, and what leaders can do to help their team stay calm, focused, and creative even when the pressure is on. Finally, Dr. Boschi also explains what neuroscience reveals about how we can train our brains to become more cyber resilient.  Key Takeaways: Leaders must be aware of the early warning signs of too much stress – memory loss, absentmindedness, sudden outbursts, etc.  Leaders must strike a balance between quick results and allow teams to think about problems in new ways, even if it takes a little longer. The brain is not great at adapting to big changes, so introduce new things in chunks to make the transition easier.  Tune in to hear more about: How the brain can help us become better leaders (11:26) Digital fatigue (19:56) How leaders help teams embrace change (25:50) Standout Quotes: “If you can see that if people start behaving in a much more emotional way than normal or they're struggling to make decisions or they're a bit absent-minded, time for leaders to say, let's just take a pause and let's think about what's going on. By the time these warning signs are spilled over into physical and behavioral ones, it's normally then almost too late.” - Dr. Helena Boschi “In a world with endless distraction, we have got information coming at us from all directions, and we simply don't have the brain power to deal with it all. So the brain selects what it wants to focus on based on what's important to that person. So what's important for me may not be important for you. We have to select, the brain has to actively select – this is called selective attention. Selective attention also makes us blind to the things we are choosing not to focus on. And you might pick up something that I am blind to. So your selective attention might help me see what I can't see. So it's really important to surround yourself with people who disagree with you, who see the world differently, because their blindness will be different to our blindness.” -  Dr. Helena Boschi “Human beings are quite fallible and they're quite flawed because we have a brain that is not optimized for making the best decisions. It's optimized for making the best decisions for me, but often not for the collective. And when it comes to information security, again, it's not really optimized. If the brain is tired or hungry, it won't make great decisions. So I think coming back to basics for the brain is really important. Keeping the brain in its most healthy state is probably the best thing that cybersecurity professionals can do, and that means keeping the body very active.”  - Dr. Helena Boschi Read the transcript of this episodeSubscribe to the ISF Podcast wherever you listen to podcastsConnect with us on LinkedIn and Twitter From the Information Security Forum, the leading authority on cyber, information security, and risk management.

    37 min
  7. Jaya Baloo - Decrypting Tomorrow: Quantum Computing and the Race to Reinvent Cybersecurity

    24 FEB

    Jaya Baloo - Decrypting Tomorrow: Quantum Computing and the Race to Reinvent Cybersecurity

    Today, Steve is in conversation with Jaya Baloo, COO at Aisle. One of the world’s leading experts on quantum technology and cybersecurity, Jaya shares what the future of quantum computing looks like and what businesses can do to prepare for a quantum-prevalent world. She also offers her view of how cyber and quantum technology will co-evolve in the next 10 to 20 years.  Key Takeaways: You should have started preparing for quantum yesterday. Cybersecurity stands out among areas of quantum as a space where quantum may first be used by governments to attack adversaries. More diversity is needed in quantum development.  Tune in to hear more about: How to begin your journey to quantum-ready today (8:17) How diversity can shape responsible development of quantum (13:48) Jaya Baloo’s view on quantum in 10-20 years (15:58) Standout Quotes: “ Cybersecurity is something really special here because unfortunately we do not have only from quantum, the same ability to protect as we have to attack. And I worry that the first application of these technologies beyond the sensors, the first real application from governments will be that offensive use to attack our current cryptographic stack.” - Jaya Baloo “I think in general, especially now with the whole onslaught against everything DEI, I actually think it's such a shame to waste time on excluding anyone from anything. We really need the best skillset we can possibly get. And what you see is that, especially in areas like quantum, there's not enough diversity.” - Jaya Baloo “So what I really think that we need to think about is how do we democratize, as much as possible, access to our defense against a potential quantum threat, and how do we democratize the availability of quantum computing in order to benefit all of humanity?” - Jaya Baloo Read the transcript of this episodeSubscribe to the ISF Podcast wherever you listen to podcastsConnect with us on LinkedIn and Twitter From the Information Security Forum, the leading authority on cyber, information security, and risk management.

    18 min
  8. Steve Durbin - How Quantum and Geopolitics Are Redefining Resilience

    10 FEB

    Steve Durbin - How Quantum and Geopolitics Are Redefining Resilience

    Today, Steve returns to Business Matters with Juliette Foster. In this conversation, Steve recaps 2025 in cyber and shares what he sees as the biggest risks heading into 2026. The two also discuss resilience and compliance, as well as the growing importance of togetherness among businesses… Key Takeaways: Companies would be wise to conduct frequent cyber audits.  Supply-chain disruptions can have long-lasting, reputational effects.  How we protect the integrity of our data is at the core of cybersecurity.  Tune in to hear more about: The relationship between government business in cyber (12:56) How boards should plan for a cyber attack (15:40) Collaborating within and across industries (22:24) Standout Quotes: “I've said many times that good compliance doesn't equal good security, but good security does equal, nine times out of 10, very good compliance. So where do we go with all of that? I do think that we're probably getting to a point, sadly, where we need to be viewing some of the security processes that we need to undergo in the same way as we consider financial audits.” - Steve Durbin “I think that the day is gone when you can rely on your defenses. So boards have to be planning for the day when the defenses fail. When an attack really starts to make an impact on your business. The starting point is to figure out how long you can be without your systems. It may sound like a strange thing to say, but that's the important starting point for me.” - Steve Durbin “Security is not, in my opinion anyway, a competitive advantage. And because it's not a competitive advantage, there shouldn't be this massive barrier to sharing some of the ideas, some of the attacks that are out there for the good of the industry.” - Steve Durbin  Read the transcript of this episodeSubscribe to the ISF Podcast wherever you listen to podcastsConnect with us on LinkedIn and Twitter From the Information Security Forum, the leading authority on cyber, information security, and risk management.

    27 min
See All (338)

Trailer

About

The ISF Podcast brings you cutting-edge conversation, tailored to CISOs, CTOs, CROs, and other global security pros. In every episode of the ISF Podcast, Chief Executive, Steve Durbin speaks with rule-breakers, collaborators, culture builders, and business creatives who manage their enterprise with vision, transparency, authenticity, and integrity. From the Information Security Forum, the leading authority on cyber, information security, and risk management.

Information

  • Creator
    Information Security Forum Podcast
  • Years Active
    2016 - 2026
  • Episodes
    338
  • Rating
    Clean
  • Copyright
    © 263000
  • Show Website
    ISF Podcast

You Might Also Like