CISO Talk Techstrong Group

CISO Talk finishes 2023 with a year-end review hosted by Mitch Ashley (Techstrong Research) and Jennifer Minella (Viszen Security), joined by Allison Miller (executive security leader) and Dan Glass (CISO, NTT DATA). Our cyber leaders reflect on the rapid rise of generative AI (and whether it lives up to its billing), the career and legal risks of CISO following the SEC's actions, security as a product feature, where we are with zero-trust and more.

Anton Chuvakin, security advisor at Office of the CISO at Google Cloud and former Gartner distinguished analyst, joins Mitch and JJ to discuss AI and its security implications, software supply chain security and moving and securing workloads in the cloud, including its similarities and differences from operating in traditional data centers.

In episode two of a two-part series, CISO Talk hosts Mitch Ashley and Jennifer "JJ" Minella, continue their conversation with Andy Ellis, former CISO at Akamai and current operating partner at Weill Ventures. They delve into topics like building security teams, adapting to change and the impact of AI on the security landscape. Andy emphasizes the need for organizations to understand the value they aim to produce and to align their security efforts with that objective. He discusses how AI, particularly large language models (LLMs), can change the dynamics of software development and security, ultimately advocating for a shift toward safety engineering to minimize attack surfaces and improve defenses. Andy also shares insights from his book and offers guidance on how to navigate the evolving cybersecurity landscape.For more information and to follow Andy Ellis's insights, you can visit his LinkedIn or Twitter profiles (@CSOAndy) and subscribe to his newsletter at https://duhaone.substack.com/ . Andy's book "1% Leadership: Master the Small, Daily Improvements that Set Great Leaders Apart" can be found at various book retailers, and he also has an audiobook version, narrated by himself, which offers an enriching experience for the readers.

In episode one of a two-part series, CISO Talk hosts Mitch and Jennifer "JJ" Minella introduce Andy Ellis, a renowned figure in the security industry with a long tenure at Akamai and currently an operating partner at Weil Ventures. Andy shares insights into the role of a CISO, particularly focusing on whether they belong in the boardroom and the challenges associated with their role(s). They discuss the SEC's new four-day breach disclosure requirement and delve into the intricacies and nuances of materiality in cybersecurity. They emphasize the importance of building relationships and effective communication to ensure that security concerns are adequately addressed at the executive level. The conversation also touches on liability and insurance considerations for CISOs, highlighting the need for personal insurance coverage due to potential gaps in company-provided policies.For more information and to follow Andy Ellis' insights, you can visit his LinkedIn or Twitter profiles (@CSOAndy) and subscribe to his newsletter at https://duhaone.substack.com/ . Andy's book "1% Leadership: Master the Small, Daily Improvements that Set Great Leaders Apart" can be found at various book retailers, and he also has an audiobook version, narrated by himself, which offers an enriching experience for the readers.

Third-party software and services, including SaaS applications, are integral to our everyday operations. But this widespread dependency on third parties also introduces risk and vulnerabilities, and cyberattacks and breaches continue to surge -- the MOVEit breach being a relatively recent vulnerable service of note.In this episode of CISO Talk, host Mitch Ashley and JJ Minella are joined by Eve Maler (ForgeRock) and Steve Benton (Anomali) We'll delve into the root causes behind this surge of vulnerabilities and discuss the potential security lapses that allow cybercriminals an edge. Beyond understanding these vulnerabilities, our conversation will explore actionable steps organizations can take to manage and mitigate these security risks, ensuring a robust defense mechanism against unforeseen cyberthreats.And, of course, with artificial intelligence's rapid evolution and adoption, its role in the future of cyberattacks cannot be underestimated. We'll also discuss how AI is weaponized and used in cyberattacks, the implications and the preemptive measures we can adopt in the face of AI-enhanced cybersecurity threats.

There's a lot going on in the cybersecurity industry today -- new SEC incident and security program reporting requirements, the discovery of pervasive Chinese malware in critical infrastructure systems and the wild west of generative AI adoption. In this episode of CISO Talk, Jennifer Minella and Mitch Ashley discuss security topics that are top-of-mind for security leaders.