Security Insights

24/06/2024

The latest Security Insights episode discusses cyber warfare, and what it means for organisations in the private sector operating online.

But we also go a bit deeper, and ask whether the lessons from past generations of military historians can also help cyber defenders.

Our guest is Peter Kestner, author of a new book, The Art of Cyber Warfare.

Cyber war is not a new idea. But current geopolitical events have out cyber warfare right in the spotlight. NATO now ranks cyber as lone of the domains of conflict, alongside land, sea, air and [...]

15/06/2024

In the third part of our short series on the changing role of the CISO, we speak to Mani Keerthi Nagothu of SentinelOne about her career to date, how the CISO is more integrated than ever with the business, and why effective security teams need diversity:

Constant change and the need to adapt is always a feature of cybersecurity. It is certainly a feature of the day to day role of the CISO. And that’s why our guest this week lists [...]

23/05/2024

Could “on demand” resources help firms plug the cybersecurity skills gap?

In the second of our three part series on the changing role of the CISO, Victoria Parker from Orange Cyberdefense argues that they can - as long as CISOs also build up their in-house teams.

Should cybersecurity leaders look beyond their own organisations, to fill the skills gap? Cybersecurity’s skills shortage is a persistent problem, despite the best efforts of recruiters, governments, the education sector and professional bodies. Worldwide, there [...]

21/05/2024

Our current episode looks at the role of the Chief Business Security Officer. What do they do, how do they work with the CISO and board, and does your organisation need one?

More organisations are appointing chief business security officers. But are they the CISO's ally, or rival?

02/04/2024

The current show is episode 100 of the Security Insights podcast! In it, we discuss whether we've reached the end of the road for passwords. If we have, what could take their place?

Passwords have been around for millennia. But are they still fit for purpose? If not, what should replace them? Passwords were once simply a way to prove identity: something you know, to prove who you [...]

09/02/2024

This week's podcast looks at a proposed new cyber governance code of practice from the UK Government. But will it make businesses more secure?

The UK Government is proposing a new code of practice for cyber governance. Will it make firms more secure?

17/01/2024

In our first podcast of 2024, we catch up with ISACA’s global chief technologist and discuss some of the tends he feels will be key in in the coming year.

(Also ICYMI do check out our review of 2023 with Amanda Finch of CIISec - https://www.securityinsights.co.uk/podcast/security-insights-2023-year-in-review/)

https://www.securityinsights.co.uk/podcast/security-in-2024-ai-skills-and-a-seat-on-the-board/

2024 is set to bring its challenges for everyone in cybersecurity. From growing threats and an increasing attack surface, as the world becomes ever more digital, to more onerous regulatory requirements and the risks posed [...]

15/12/2023

Our latest podcast peers into the dark world of , with guest Raj Samani, chief scientist at Rapid 7 and adviser to the European Cybercrime Centre, EC3:

Cybercrime, in all its various forms, is a growing threat to any organisation that operates online. Despite improvements in IT security, criminal groups continue to probe defences, exploit weaknesses and attack systems in cyberspace. Usually, [...]

25/08/2023

In our latest podcast episode, we look at why cloud users are failing to take simple steps to secure their applications and data:

Cloud security risks are on the rise, as attackers target misconfigured applications and assets, according to research from Qualys.

27/07/2023

This week's podcast episode looks at biometrics, surveillance and AI:

Biometric surveillance promises both security and convenience. But do we need tougher safeguards, especially around AI?

31/05/2023

Our current regular episode takes another look at nation state cyber threats. This time, we examine how these are increasingly impacting private businesses. And we discuss a new methodology for countering them with Allie Mellen from analysts Forrester.
https://www.securityinsights.co.uk/podcast/nation-state-cyber-attacks-part-2-evolving-threats-adapting-defence/

25/05/2023

Last week our editor attended CREST’s annual conference, CRESTCon, in London.
And we caught up with keynote speaker Jon Geater from RKVST and the IETF:

Security Insights meets with CRESTCon 2023 keynote speaker Jon Geater to talk about data security and integrity and supply chain risks.

31/03/2023

Here's links to our last couple of episodes. In March we asked whether GDPR and privacy is still a live issue for boards (spoiler: it is) https://www.securityinsights.co.uk/podcast/data-privacy-ai-and-the-board/
And we looked at how generative AI (yes the tech behind ChatGPT, among others) might impact cybersecurity https://www.securityinsights.co.uk/podcast/gpt-3-generative-ai-and-cyberthreats/

Is data privacy a board level concern? And can less be more when it comes to collecting personal information?

27/02/2023

Our latest guest on the podcast is Elizabeth Green, from Dell Technologies. She talks about achieving the right balance between defence, recovery and resilience. And how a more diverse workforce can make organisations more secure.

Can a business really be secure if it has not planned to recover from a cyber attack? And how does diversity improve security?

09/02/2023

The current episode of the Security Insights podcast asks whether benchmarkign against peers can improve cyber defences:

Firms of all sizes face growing threats and greater compliance burdens. But organisations still struggle to adopt cyber security best practice

04/01/2023

Our current podcast episode looks at geopolitics, cybersecurity, and the impact of war in the Ukraine. Our guest is the former permanent secretary at Estonia's Ministry of Defence, Lauri Almann. Here, he describes how his country countered a nation-state cyber attack, and the lessons learned.

The conflict in Ukraine is taking place in both military and cyber domains. What risks does this pose and what can we learn?

11/11/2022

Our latest episode asks whether a better appreciation of neurodiversity could help narrow the cyber skills gap:

We speak to two employers who have actively recruited staff with neurodivergent backgrounds, and how that has benefited their businesses.

05/10/2022

The 2 most recent episodes of the Security Insights podcast cover why we still rely on weak passwords (https://www.securityinsights.co.uk/podcast/why-do-we-love-weak-passwords/) and look at how geopolitics is influencing DDoS attacks (https://www.securityinsights.co.uk/podcast/ddos-shifting-focus-war-religion-and-politics/)

06/07/2022

This week's Security Insights podcast is the first in a series, looking at the global skills shortage in cybersecurity.

We kick off with a guest who is very well placed to see the problem in the round: former head of digital and CISO for NHS Scotland, now CISO at security firm Check Point, Deryck Mitchelson.

https://www.securityinsights.co.uk/podcast/closing-the-skills-gap-part-1-deryck-mitchelson/

The cybersecurity industry faces a massive skills gap. In the UK, the number of vacancies is put at more than 30,000. Worldwide, experts put the shortfall at over three million. And the global pandemic has [...]

09/06/2022

The latest episode of the Security Insights podcast looks at the challenges facing smaller businesses.

With Lee Wrall, of Manchester-based Everything Tech.

https://www.securityinsights.co.uk/podcast/security-smes-and-new-ways-of-working/

Are smaller businesses doing enough to protect themselves from cyber attack? Smaller firms are no means immune to cyber attack. In fact, there is growing evidence that criminal groups are targetting smaller businesses. One reason [...]

22/04/2022

The latest Security Insights podcast looks at the psychology of cyber attacks, and how organisations can help their people withstand them:
https://www.securityinsights.co.uk/podcast/surviving-a-crisis-the-psychology-of-cyber-attacks/

The human mind is perhaps the greatest weapon for fighting cyber attacks. Yet too few firms invest in the people on the cyber front line.

02/11/2021

In our latest podcast we look at cybercrime as a service - is it one of the drivers of online crime?

https://www.securityinsights.co.uk/podcast/rent-a-hack-why-cybercrime-is-now-a-service/

Criminal groups are increasingly turning their attention to cyber, a trend that picked up pace during the pandemic. Technical skills are no longer needed to launch a cyber or phishing attack. Instead, anyone can buy [...]

12/07/2021

In the current Security Insights podcast, editor Stephen Pritchard hosts a round-table discussion on ransomware with three industry experts:
https://www.securityinsights.co.uk/top-post-1/ransomware-cybersecuritys-clear-and-present-danger/

Ransomware is now the greatest threat to UK business. In this round table discussion, our experts look at why, and how to counter it.

01/07/2021

In our latest episode, we ask if cybercriminals
are exploiting the pandemic (spoiler alert: they are) and what can be done to protect the healthcare, pharma and research sectors.

https://www.securityinsights.co.uk/podcast/cybercrime-and-healthcare-exploiting-the-pandemic/

Attacks on healthcare have risen during the pandemic. What can security professionals, and governments, do to protect this critical service?

24/05/2021

Our latest episode on the Security Insights podcast looks at how to protect critical infrastructure. Plus we hear a first hand account of how to “hack” a power station.

https://www.securityinsights.co.uk/podcast/critical-infrastructure-and-new-norms-for-cyber/

Critical infrastructure is on the front line of cybersecurity. An attack on power, sanitation, healthcare, or even the banking system, could be catastrophic. But it could happen. Back in the 1990s, ethical hacker Joe Carson [...]

06/04/2021

Our latest episode looks at Forrester's latest cybersecurity threat research:

https://www.securityinsights.co.uk/featured-post/security-priorities-for-2021-forresters-outlook/

Security Insights speaks to Forrester analyst Enza Iannopollo about the analyst firm's latest cybersecurity threat report.

23/03/2021

The information security industry is struggling to overcome its skills gap. One estimate, from ISC(2), puts the number of unfilled positions at just over 3m worldwide. And the industry suffers from a lack of diversity. The industry is working on long-term solutions, including encouraging better take up of STEM subjects in schools, especially by girls. But more immediately, could information security cut the skills gap, by encouraging a greater number of talented people to consider a career switch?...

https://www.securityinsights.co.uk/podcast/making-the-switch-a-new-career-in-cyber/

The information security industry is struggling to overcome its skills gap. One estimate, from ISC(2), puts the number of unfilled positions at just over 3m worldwide. And the industry suffers from a lack of diversity. [...]

09/03/2021

Secure remote working: a year on, with Amar Singh, of the Cyber Management Alliance ()
)

https://www.securityinsights.co.uk/podcast/secure-remote-working-a-year-on-with-amar-singh/

How have businesses adapted to the pandemic, and has cybersecurity kept pace? What are the risks posed by remote and home working, and how do CISOs mitigate them? Over the last year the threat landscape, [...]

23/02/2021

Special report: Zero Trust: How does it work, and how practical is it?

https://www.securityinsights.co.uk/podcast/special-report-zero-trust/

Zero Trust promises a new way to deal with the limitations of perimeter security. But how does it work, and how practical is it?