Cyber Security Weekly Podcast MySecurity Media

In this interview at SINCON 2024, Dr. Joshua James, a Regional Counter Cyber Crime Coordinator for the United Nations Office on Drugs and Crime (UNODC), shared his insights on the Regional Counter-cybercrime programme at UNODC.Dr. James argued that while law enforcement agencies are getting better at responding to cybercrime, the cyber criminals are also getting better at what they do. This is because cybercrime is a business for them, and they invest heavily in security measures to protect their operations.He believes that the key to defeating cybercrime is for governments to see their citizens as assets rather than liabilities. If people are viewed as assets, then more will be invested in educating them and giving them the tools they need to protect themselves online.He also said that international cooperation is essential in the fight against cybercrime. The current system for international cooperation, called mutual legal assistance, was created before the internet and is not effective for cybercrime. New tools and methods for international cooperation are needed.In conclusion, Dr. James said that he is confident that cybercrime can be defeated, but it will take a lot of work from governments and citizens alike.Recorded 23rd May 2024, 10.30am, SINCON 2024, Singapore.Dr. Joshua James is the United Nations Office on Drugs and Crime (UNODC) Regional Counter-Cybercrime for Southeast Asia and the Pacific, based in Bangkok, Thailand. He and his team implement counter-cybercrime programme in the region through capacity building and awareness programmes at all levels of government. He has worked as a seconded researcher with the Irish Police Computer Crimes Investigation Unit, INTERPOL’s Financial and High-Tech Crime Unit, and the Korean National Police. He has also worked closely with public and private sector groups to raise awareness about cybersecurity and cybercrime issues. He completed his Bachelor’s degree in Network Security from Purdue University, and his PhD in Computer Science with a focus on automating human inference in investigations from University College Dublin.#mysecuritytv #unodc #cybercrime

In this interview, we speak with Mac Munsayac, Head of Customer Experience at Philippine Airlines, to explore the transformative role of AI in the aviation industry. Mac elaborates on the integration of generative AI and tools to enhance customer interactions by providing personalized, proactive, and frictionless experiences, especially in scenarios involving flight disruptions and service-related concerns.He underscores the significance of recognizing AI's limitations and stresses the necessity of human intervention in high-risk tasks to ensure accuracy and reliability. Training employees effectively and maintaining ongoing communication are crucial to successfully implementing AI. Mark highlights that starting with high-volume, less complex pain areas allows for immediate impact and smoother adoption.Using the example of checking flight statuses—a high-volume but straightforward task—he illustrates how AI can significantly reduce customer queries and improve service efficiency. This approach serves as a training ground, gradually extending AI's application to more complex scenarios. Mark also touches on the importance of defining clear metrics for operational efficiency, customer experience, and cost savings to measure AI's success.Ultimately, he advises organizations to adopt a phased approach, beginning with manageable tasks to build trust and progressively enhancing AI capabilities. This ensures that AI is leveraged effectively to improve customer experiences and operational efficiency while managing risks and expectations realistically.Mac Munsayac, Head of Customer Experience, Philippine Airlines: A dynamic leader with 20 years of diverse leadership experience spanning global finance, business process outsourcing, and aviation. Currently serving as the head of PAL Customer Experience, he excels in fostering innovation, problem-solving, and maximizing organizational performance. In this capacity, he oversees initiatives aimed at enhancing passenger satisfaction, streamlining services, and elevating the overall customer journey. Beyond his professional pursuits, Mac is an avid traveler, deeply passionate about immersing himself in diverse cultures and experiences.Recorded 8 May 2024, 3pm, World Tour Essentials Asia 2024, Singapore Marina Bay Sands Convention Centre #mysecuritytv

As Vice President and CTO, Solutions, for Salesforce ASEAN, Gavin Barfield leads a team of Salesforce engineers across the region to develop and drive integrated technology solutions for Salesforce customers. Gavin works closely with customers in ASEAN on their digital transformations, bringing together the full value of the Salesforce platform to drive positive business outcomes. A seasoned IT veteran with over 20 years of experience, Gavin has a deep technology background in areas like IT infrastructure, enterprise architecture, cybersecurity, and program management for a variety of industries. Prior to joining Salesforce, he has held C-level positions managing IT and transformation for some of Southeast Asia’s largest companies, such as Ayala Corporation and Meralco. Gavin also brings many years of experience in management consulting into his work for customers.Gavin has a passion for emerging technologies and he regularly speaks at international conferences and other forums on the future of disruptive technologies and how they affect people and work.- In this interview, Gavin discusses how, to drive AI adoption and reap the benefits of AI, businesses need accurate, complete data and humans in the driver’s seat. He highlights several key points:• Trust and Value Gaps: Two main barriers to AI adoption are the trust gap and the value gap. Trust in generative AI is essential, as companies need to ensure that AI outputs are accurate, unbiased, and secure.• Human at the Helm: Gavin emphasizes the importance of having humans oversee AI operations. AI should complement human work by enhancing capabilities while maintaining transparency and trust with customers.• Quality Data: AI systems need to be grounded in high-quality, trusted data. Many companies struggle with AI outputs due to a lack of trust in the data used to train these models.• Use Case Awareness: Understanding the appropriate use cases for AI is crucial. Companies need to educate employees and align AI implementations with specific business problems to maximize benefits.• Governance and Training: Effective governance and training are necessary to build trust in AI. Organizations should focus on data accuracy, transparency, and the role of AI as a supportive tool, not a replacement for humans.• Security and Privacy: Protecting customer and company data is paramount. Salesforce has implemented a trust layer that masks personal information, uses secure gateways, and ensures data is not retained by large language models (LLMs).• Future of AI: Gavin anticipates that within a year, the AI landscape will evolve with more specialized LLMs tailored to specific industries and regions. Trust, security, and embedding AI into everyday workflows will remain critical factors for successful AI adoption. Recorded 8th May 2024, 12noon, Singapore Marina Bay, Salesforce World Tour Essentials 2024 Singapore

In this interview at Black Hat Asia 2024, we spoke with Adrian Wood and Mary Walker, security engineers from Dropbox, about the critical issues surrounding AI security, backdoors, and malware.Adrian and Mary explained that many users rely on pre-existing machine learning (ML) models from public repositories rather than creating their own. This introduces vulnerabilities similar to those found in open-source software. Using in-house data requires careful handling to avoid bias and unintended consequences, while third-party models can be compromised.They emphasized that downloading and running models from the internet can introduce malware. Attackers can backdoor models to alter their functions or insert malicious code, posing significant threats, especially in sensitive industries.Adrian and Mary also stressed the importance of understanding the ML environment, ensuring proper logging, and having incident response plans in place. Companies should prepare by conducting tabletop exercises and securing their supply chains.For more educational information on machine learning: https://gist.github.com/5stars217/236bab5d1d8d50e9785a4136aca8cf20 --------Dropbox, Security Engineer - Adrian Wood, aka threlfall, currently works for Dropbox on their red team. He has worked as a red team consultant for WHITEHACK, a company he founded, and later as a lead engineer for an offensive security research team at a US bank. His research recently has been in supply chain attacks on CI/CD and ML systems, which includes maintaining the offsec ml playbook and has presented on these topics at DEFCON 30, 31, the DEFCON AI village, Cackalackycon and more.Dropbox, Security Engineer - Mary Walker, aka mairebear, currently works for Dropbox on their threat intelligence team; she splits her time at work between research (primarily focused on ML) and building tooling to help her team move faster. She's previously worked at a major online retailer on their malware analysis and forensics team, a US bank on their red team, and an energy company in their SOC. Her background is primarily in DFIR and malware analysis, with a keen interest in production environments.Recorded 18th April 2024, 4.30pm, BlackHat Asia 2024, Singapore #BHAsia #mysecuritytv #blackhat

Now in its fourth year we'll be starting this year's series at a heightened time of risk and significant activity across the security domain - the opening episodes will be discussing how these events impact private security and emergency services and what may be the broader requirements and implications. To open the series, which will run regular episodes of live webinars, pre-recorded interviews and in-person events, we wanted to open with the current state of play – regional conflicts in the Middle East and Europe with a steadily growing risk of an Indo-Pacific conflict and how this will and may impact on the private security and emergency management sector. In this episode we're joined by:Paul Riley, Director, Foreign Risk at Curtin University Bryan de Caries, CEO, Australian Security Industry AssociationDr Shannon Ford, Faculty of Humanties, Curtin UniversityProf Sissel Jore, visiting Professor with Edith Cowan UniversityWebinar title: Requirements and implications on the private security sector in a phase of multi-region conflict• Implications of war (and pre-war) in the Indo-Pacific and impacts on the private security sector• Alignment and consistency of national security advice• Trust in information systems and delivery/interpretation• Current and required national response frameworks should war break out in the Indo-Pacific• Learning outcomes from the Pandemic – what went wrong and what needs to change?#mysecuritytv

Now in its fourth year we'll be starting this year's series at a heightened time of risk and significant activity across the security domain - the opening episodes will be discussing how these events impact private security and emergency services and what may be the broader requirements and implications. To open the series, which will run regular episodes of live webinars, pre-recorded interviews and in-person events, we wanted to open with the current state of play – regional conflicts in the Middle East and Europe with a steadily growing risk of an Indo-Pacific conflict and how this will and may impact on the private security and emergency management sector. In this episode we're joined by:• Dr Malcolm Davis, Senior Analyst, ASPI• Stephen Beaumont AM, Chair, Critical Infrastructure ISAC and• Gill Savage, Senior Fellow, ASPIWebinar title: Requirements and implications on the private security sector in a phase of multi-region conflict• Implications of war (and pre-war) in the Indo-Pacific and impacts on the private security sector• Alignment and consistency of national security advice• Trust in information systems and delivery/interpretation• Current and required national response frameworks should war break out in the Indo-Pacific• Learning outcomes from the Pandemic – what went wrong and what needs to change?#mysecuritytv