Security Insights

27/01/2025

We've released two new episodes in January. Firstly, we spoke to Jack Mersey, CISO at catering company Westbury Street Holdings about how he ensures security across the business:

https://www.securityinsights.co.uk/podcast/ciso-interview-jack-mersey-westbury-street-holdings/

And we spoke to Dan Potter, of Immersive Labs, about how to handle a cyber attack, and the importance of drills and exercises to build connections within a team, and ensure they are as effective as possible when a breach does happen:

https://www.securityinsights.co.uk/podcast/the-eye-of-the-storm-dealing-with-a-cyber-crisis/

What happens when a cyber attack hits? What is it like to be in the eye of the storm, and how can security teams prepare? A cyber attack will always be a stressful and worrying [...]

20/12/2024

This week's podcast episode looks at how hacktivism is changing, and the threat it poses to cybersecurity:

Online hacktivism is not new: it has been around almost as long as the public internet. But the make up, and goals, of hacktivist groups has changed over the years. Today’s hactivist is less likely [...]

13/12/2024

In the current Security Insights podcast, we look at how AI is contributing to cybercrime, the risks AI applications can pose to businesses, and whether incorporating AI into security tools can help counter threats. Our guest is Jon France, CISO at ISC2.

AI brings both risks and challenges to cybersecurity. Bad actors can use AI tools for target reconnaissance, to make phishing attacks more believable and potentially, to find vulnerabilities in the wild. But there are also [...]

28/11/2024

The current Security Insights podcast looks at stress and burn out in cybersecurity. How to spot the signs and above all, how to deal with them:

Stress and workplace burnouts are growing problems in the cybersecurity industry. A degree of stress perhaps goes with the territory: cybersecurity is, after all, a fast-paced industry. And responding to a cyber attack is always [...]

19/11/2024

The latest Security Insights podcast is now out. In it we talk about geopolitics and cyber with Steve Durbin, CEO of the Information Security Forum:

Geopolitics is increasingly influencing cybersecurity. The growth of online espionage, the potential for attacks by state actors, and governments turning a blind eye to cybercrime are all increasing risk. At the same time, our growing [...]

01/11/2024

The current Security Insights podcast looks at deepfakes. Who's making them, how, and and why. And what can we do about them?

In the online world, do we really know who we are speaking to? The rise of deepfakes is challenging our assumptions about identity, and even how to tell if we are dealing with another human. [...]

24/06/2024

The latest Security Insights episode discusses cyber warfare, and what it means for organisations in the private sector operating online.

But we also go a bit deeper, and ask whether the lessons from past generations of military historians can also help cyber defenders.

Our guest is Peter Kestner, author of a new book, The Art of Cyber Warfare.

Cyber war is not a new idea. But current geopolitical events have out cyber warfare right in the spotlight. NATO now ranks cyber as lone of the domains of conflict, alongside land, sea, air and [...]

15/06/2024

In the third part of our short series on the changing role of the CISO, we speak to Mani Keerthi Nagothu of SentinelOne about her career to date, how the CISO is more integrated than ever with the business, and why effective security teams need diversity:

Constant change and the need to adapt is always a feature of cybersecurity. It is certainly a feature of the day to day role of the CISO. And that’s why our guest this week lists [...]

23/05/2024

Could “on demand” resources help firms plug the cybersecurity skills gap?

In the second of our three part series on the changing role of the CISO, Victoria Parker from Orange Cyberdefense argues that they can - as long as CISOs also build up their in-house teams.

Should cybersecurity leaders look beyond their own organisations, to fill the skills gap? Cybersecurity’s skills shortage is a persistent problem, despite the best efforts of recruiters, governments, the education sector and professional bodies. Worldwide, there [...]

21/05/2024

Our current episode looks at the role of the Chief Business Security Officer. What do they do, how do they work with the CISO and board, and does your organisation need one?

More organisations are appointing chief business security officers. But are they the CISO's ally, or rival?

02/04/2024

The current show is episode 100 of the Security Insights podcast! In it, we discuss whether we've reached the end of the road for passwords. If we have, what could take their place?

Passwords have been around for millennia. But are they still fit for purpose? If not, what should replace them? Passwords were once simply a way to prove identity: something you know, to prove who you [...]

09/02/2024

This week's podcast looks at a proposed new cyber governance code of practice from the UK Government. But will it make businesses more secure?

The UK Government is proposing a new code of practice for cyber governance. Will it make firms more secure?

17/01/2024

In our first podcast of 2024, we catch up with ISACA’s global chief technologist and discuss some of the tends he feels will be key in in the coming year.

(Also ICYMI do check out our review of 2023 with Amanda Finch of CIISec - https://www.securityinsights.co.uk/podcast/security-insights-2023-year-in-review/)

https://www.securityinsights.co.uk/podcast/security-in-2024-ai-skills-and-a-seat-on-the-board/

2024 is set to bring its challenges for everyone in cybersecurity. From growing threats and an increasing attack surface, as the world becomes ever more digital, to more onerous regulatory requirements and the risks posed [...]

15/12/2023

Our latest podcast peers into the dark world of , with guest Raj Samani, chief scientist at Rapid 7 and adviser to the European Cybercrime Centre, EC3:

Cybercrime, in all its various forms, is a growing threat to any organisation that operates online. Despite improvements in IT security, criminal groups continue to probe defences, exploit weaknesses and attack systems in cyberspace. Usually, [...]

25/08/2023

In our latest podcast episode, we look at why cloud users are failing to take simple steps to secure their applications and data:

Cloud security risks are on the rise, as attackers target misconfigured applications and assets, according to research from Qualys.

27/07/2023

This week's podcast episode looks at biometrics, surveillance and AI:

Biometric surveillance promises both security and convenience. But do we need tougher safeguards, especially around AI?

31/05/2023

Our current regular episode takes another look at nation state cyber threats. This time, we examine how these are increasingly impacting private businesses. And we discuss a new methodology for countering them with Allie Mellen from analysts Forrester.
https://www.securityinsights.co.uk/podcast/nation-state-cyber-attacks-part-2-evolving-threats-adapting-defence/

25/05/2023

Last week our editor attended CREST’s annual conference, CRESTCon, in London.
And we caught up with keynote speaker Jon Geater from RKVST and the IETF:

Security Insights meets with CRESTCon 2023 keynote speaker Jon Geater to talk about data security and integrity and supply chain risks.