Phishy Business

In this episode of Phishy Business, we discuss some important ways to think about and look at risk and how its more about making decisions than assessing threats. Our special guest is Stefan Gershater, Director of Risk at Burberry. Stefan is a risk management expert, a biochemist, and a navy veteran. Stefan says that as a risk expert, he tries to make sense of uncertainty, which means he thinks a lot about how everyday decisions impact people and organizations. Stefan feels that when defining “risk”, it should be disassociated from the word “threat”, and simply be about making better decisions to improve outcomes. In ‘It’s Time to Retire the Risk Management Profession’, we discuss: How being in the royal navy shaped Stefan’s understanding of risk The difference between risk in the navy and risk in a corporate setting Why Stefan thinks the risk management profession should be retired The importance of data in risk assessment How to communicate risk to stakeholders Mental health in the workplace About Phishy Business Fed up with the same old cybersecurity stories? Come with us on a journey that explores the lesser-known side. Whether it’s social engineering, taking criminals to court or the journalists hunting down hackers — our new podcast series, Phishy Business, looks for new ways to think about cybersecurity. Mimecast’s very own Brian Pinnock and Alice Jeffery are joined by guests from a range of unique security specialisms. Each episode explores tales of risk, reward and just a dash of ridiculousness to learn how we can all improve in the fight to stay safe. For more tales of risk, reward and ridiculousness, subscribe to Phishy Business on iTunes, Spotify, Anchor or wherever you get your podcasts. www.mimecast.com

In this episode of Phishy Business, we discuss career coaching, looking at what it is, and how it can benefit all professionals, including those in the cybersecurity space. We delve into the differences between coaching and mentoring and discuss what to expect when working with a career coach. Our special guests are executive coach and mentor Fiona Anderson, and Dr. Kiri Addison, Senior Product Manager at Mimecast. Fiona is a change catalyst who works with professionals from all sectors with a particular focus on culture change. Fiona loves working with people to help them become the best versions of themselves. Kiri is a senior product manager and all-around cybersecurity expert who recently won a Most Inspiring Women in Cyber award and worked with Fiona on her own career development. In ‘Understanding More About Career Coaching’, we discuss: The difference between coaching and mentoring Recognizing that there may be career ceilings of our own making How different personalities and even gender identity can lead to different perspectives How the career coaching process works and key things to insist on, such as confidentiality The importance of knowing your own values What Kiri got out of the coaching process Tips to combat stress and burnout, a major issue in the cybersecurity sector  About Phishy Business Fed up with the same old cybersecurity stories? Come with us on a journey that explores the lesser-known side. Whether it’s social engineering, taking criminals to court or the journalists hunting down hackers — our new podcast series, Phishy Business, looks for new ways to think about cybersecurity. Mimecast’s very own Brian Pinnock and Alice Jeffery are joined by guests from a range of unique security specialisms. Each episode explores tales of risk, reward and just a dash of ridiculousness to learn how we can all improve in the fight to stay safe. For more tales of risk, reward and ridiculousness, subscribe to Phishy Business on iTunes, Spotify, Anchor or wherever you get your podcasts. www.mimecast.com

In this episode of Phishy Business, we discuss what can be a very scary side of AI – when bots start thinking for themselves. We delve into some examples of this actually happening, but also look at the good AI is providing humankind. Our special guest is Mo Gawdat, former chief business officer at Google X and bestselling author of the books Solve for Happy and Scary Smart. Mo describes himself as having two lives – a first life as a “maker” who coded, built robots, and developed technology, and a second life following a personal tragedy, as an author, podcaster, and “thinker” who analyzes things that tend to be overlooked by others. Mo spends much of his time championing the importance of happiness and acceptance of events we cannot change. Mo also has a lot to say about the similarity between developing AI and raising children. Mo believes that one day AI will become more intelligent than humans and that we need to prepare now to coexist with AI. In ‘Scary Smart AI? Or the Potential to Be a Force for Good?’, we discuss: Why AI could be scary, but also, why it could be good for humankind How raising AI is similar to parents raising children Why AI is humanity’s biggest opportunity The potential for AI to develop emotions and consciousness When AI becomes smarter than humans and what the implications could be How Mo stays happy as explained in his book Solve for Happy About Phishy Business Fed up with the same old cybersecurity stories? Come with us on a journey that explores the lesser-known side. Whether it’s social engineering, taking criminals to court or the journalists hunting down hackers — our new podcast series, Phishy Business, looks for new ways to think about cybersecurity. Mimecast’s very own Brian Pinnock and Alice Jeffery are joined by guests from a range of unique security specialisms. Each episode explores tales of risk, reward and just a dash of ridiculousness to learn how we can all improve in the fight to stay safe. For more tales of risk, reward and ridiculousness, subscribe to Phishy Business on iTunes, Spotify, Anchor or wherever you get your podcasts. www.mimecast.com

In this episode of Phishy Business, we discuss the idea of Work Inspired, a corporate culture where employees all love to work because it turns out that happy employees are very good for business. Our special guest is Aron Ain, award-winning, retired CEO of UKG, formerly known as Kronos. Aron now serves as Executive Chair of the UKG Board of Directors and is also the author of Work Inspired, a book that depicts an inspiring example of what’s possible in shaping corporate culture. Aron transformed his company’s culture at Kronos, building a billion-dollar business. Aron truly believes that great organizations are powered by great people and that great people build better products, services, and outcomes. He also believes the biggest challenge in building such an organization is creating an engaging environment where people feel wanted and valued. We also discuss how Aron’s leadership style and authenticity were key weapons when his organization fell victim to a cyberattack. In ‘Work Inspired – What’s Possible in Shaping Corporate Culture’, we discuss: · How employees are a powerful strategic weapon in any organization. The concept of being an ‘unleader’ and the importance of humility – how you don’t need to throw your title around and be forceful to get things done. Being conscious of being authentic. How Aron handled the COVID-19 pandemic as a leader. Aron’s views on the future of work. The importance of transparency and overcommunication when dealing with a cyberattack. Why organizations often aren’t transparent in the event of a cyberattack. How Aron’s values showed up in his people during the attack. About Phishy Business Fed up with the same old cybersecurity stories? Come with us on a journey that explores the lesser-known side. Whether it’s social engineering, taking criminals to court or the journalists hunting down hackers — our new podcast series, Phishy Business, looks for new ways to think about cybersecurity. Mimecast’s very own Brian Pinnock and Alice Jeffery are joined by guests from a range of unique security specialisms. Each episode explores tales of risk, reward and just a dash of ridiculousness to learn how we can all improve in the fight to stay safe. For more tales of risk, reward and ridiculousness, subscribe to Phishy Business on iTunes, Spotify, Anchor or wherever you get your podcasts. www.mimecast.com

In this episode of Phishy Business, we discuss the very definition of ransomware and how it can be an overused and underdefined concept. We also take a closer look at the world of threat research. Our special guest is former professional hacker Charl van der Walt, Head of Security Research at Orange CyberDefense, who now spends his time asking and answering the important questions around cybersecurity, specifically those that pertain to ransomware. Charl believes we need to move beyond the term ransomware and look more at the concept of cyber extortion because the days of one-off ransomware attacks have given way to a massive, highly profitable, well-organized cyber-crime industry. Charl is working to ensure cybersecurity professionals look at ransomware more in terms as being part of a series of crimes in which security is breached and then something of value is taken and held for ransom. This is because ransom attacks are moving beyond just denial of access to data and are more frequently including confidential data exposure and denial of service in some form. In ‘Cyber Extortion – The Next Evolution of Ransomware’, we discuss: Redefining the term “ransomware” as “cyber extortion”. Why cyber extortion is now a much more appropriate term for security professionals to use. The main categories of threats in cybersecurity. The trends in ransomware over the past few years that have led to its transformation. How to effectively communicate about ransomware to a non-technical audience. The work communities can do to prevent ransomware attacks, known as ecosystem-based security. About Phishy Business Fed up with the same old cybersecurity stories? Come with us on a journey that explores the lesser-known side. Whether it’s social engineering, taking criminals to court or the journalists hunting down hackers — our new podcast series, Phishy Business, looks for new ways to think about cybersecurity. Mimecast’s very own Brian Pinnock and Alice Jeffery are joined by guests from a range of unique security specialisms. Each episode explores tales of risk, reward and just a dash of ridiculousness to learn how we can all improve in the fight to stay safe. For more tales of risk, reward and ridiculousness, subscribe to Phishy Business on iTunes, Spotify, Anchor or wherever you get your podcasts. www.mimecast.com

In this episode of Phishy Business, we discuss how cybersecurity marketing, sales, and support are for the most part inadequate, and how there can be a big disconnect between how marketers market and how technology professionals buy. We talk more about how marketing should consider the customer experience and how marketing departments should not only market their products and services but should also be active listeners and understand what their buyers need and want. Our special guest is cybersecurity marketing expert and podcaster Dani Woolf, who spent the past decade running high impact marketing departments for technology startups. She has since started Audience 1st to help cybersecurity vendors understand what CIOs and CISOs really want from them. Dani helps cybersecurity marketers better understand their buyers so they can sell more. In ‘Marketing as Customer Experience – Be an Active Listener’, we discuss: How cybersecurity can help solve very complex problems. Vendors should have a ‘mission over money’ mindset. Some traditional demand- and lead-gen techniques that don’t work with a cybersecurity audience. Why CISOs tend to be a more cynical and less trustworthy audience, which is understandable because of the high stakes and stressful nature of the job. Co-creating with influencers who have polarizing opinions in the market is a good strategy in cybersecurity marketing. How the cybersecurity community values concise and clear content. The fact that technology leaders want marketing to be authentic and to cut through the ‘noise’. The mass over use of buzzwords that is all too common and alarming in the sector. How the cybersecurity community is open to giving feedback and taking feedback and how not a lot of vendors take advantage of this. That in order to be successful, marketing mindset needs to shift from product first to customer first. About Phishy Business Fed up with the same old cybersecurity stories? Come with us on a journey that explores the lesser-known side. Whether it’s social engineering, taking criminals to court or the journalists hunting down hackers — our new podcast series, Phishy Business, looks for new ways to think about cybersecurity. Mimecast’s very own Brian Pinnock and Alice Jeffery are joined by guests from a range of unique security specialisms. Each episode explores tales of risk, reward and just a dash of ridiculousness to learn how we can all improve in the fight to stay safe. For more tales of risk, reward and ridiculousness, subscribe to Phishy Business on iTunes, Spotify, Anchor or wherever you get your podcasts. www.mimecast.com

In this bonus episode of Phishy Business, we continue to recognize the value of the work of cybersecurity professionals. Join us as Peter Coroneos, Founder and Executive Chairman of Cybermindz.org, takes us through a 10-minute meditation aimed at lowering stress. This is a just a taste of the whole Cybermindz protocol, and worth a try!

In this episode of Phishy Business, we honor and recognize the value of the work of those professionals who spend their days defending people and organizations from cyberattacks by taking a close look at one of the biggest problems the industry faces today: worker burnout and the associated mental health issues. Join us as we discuss how while many of us say we are simply “fine” when someone asks how we are, we may, in fact, actually be suffering silently from stress and burn out. Our special guest is cybersecurity expert Peter Coroneos, Founder and Executive Chairman of Cybermindz.org, an organization that recognizes that many cybersecurity professionals are themselves under sustained and increasing stress and sets out to provide direct support to restore and rebuild emotional and cognitive health. Peter has worked in cybersecurity for a long time and was once head of the Internet Industry Association in Australia which gave him special and early insight into how cybersecurity workers can suffer from on-the-job stress. With cybersecurity professionals suffering more and more from stress and burnout, Peter is working to develop and deploy programs that are designed to help. In ‘Cybermindz – Hope in a Burnt-Out Sector’, we discuss how: Stressed-out security teams make companies less secure. Hope and reinvigoration through a proven relaxation protocol is the aim of Cybermindz. The brain is not designed for constant periods of stress. The brain can’t distinguish between a physical and psychological threat – and how in cybersecurity teams there is a constant sense of being under attack. In preliminary findings, CISOs are polling worse than frontline healthcare workers on their sense of efficacy and ‘doing a good job’. Through research, connecting the dots between cyber teams’ mental health and an organization’s cybersecurity posture is paramount to bring this issue to the forefront. The huge skills gap is making it impossible to simply throw more resources at the problem. It is a holistic issue, meaning that the skills gap needs to be filled and corporate culture needs to be improved before we see some improvement in CISO burnout. About Phishy Business Fed up with the same old cybersecurity stories? Come with us on a journey that explores the lesser-known side. Whether it’s social engineering, taking criminals to court or the journalists hunting down hackers — our new podcast series, Phishy Business, looks for new ways to think about cybersecurity. Mimecast’s very own Brian Pinnock and Alice Jeffery are joined by guests from a range of unique security specialisms. Each episode explores tales of risk, reward and just a dash of ridiculousness to learn how we can all improve in the fight to stay safe. For more tales of risk, reward and ridiculousness, subscribe to Phishy Business on iTunes, Spotify, Anchor or wherever you get your podcasts. www.mimecast.com

In this episode of Phishy Business, we discuss how criminals are like water because of how they flow, and adapt around obstacles and security measures, always looking for a way in no matter what security professionals put in their way. You’ll learn more about how well-thought-out cybersecurity strategies, tools, and responses can be, especially in the military vs. the private sector, and, why this needs to be the case when protecting users from very fluid criminals. Our special guest is threat intelligence expert Jason Rivera, who is currently serving as a senior director in the Strategic Threat Advisory Group at CrowdStrike. He provides threat intelligence thought leadership to commercial and government organizations across the globe. Jason is an Army veteran who worked in cyber roles for the military, built cyber intelligence programs for civilian organizations, and today combines both of those elements of his experience into helping advise CrowdStrike and its customers on cybersecurity strategy. In ‘Criminals Are Like Water, Adapting to New Circumstances’, we discuss: The military vs. the private sector and understanding how they are not always what they seem. Identifying the cyber domain as a new part of warfare, and how this is different from the traditional domains such as land, sea, and air. How the need to understand risk is ever-increasing and how to best deploy scarce resources. Identifying the various types of adversaries, what they’re motivated by, how they operate, and how they sometimes collaborate with each other. New trends in cybercrime such as callback phishing, data extortion, and multifactor authentication bypass, including what these are and how they work. Cybersecurity vendor collaboration and how a second opinion is healthy. How cybersecurity vendor integration and collaboration is increasing. Being happy at work because if you’re happy, a job doesn’t feel like work and that happiness leads to much more productivity. About Phishy Business Fed up with the same old cybersecurity stories? Come with us on a journey that explores the lesser-known side. Whether it’s social engineering, taking criminals to court or the journalists hunting down hackers — our new podcast series, Phishy Business, looks for new ways to think about cybersecurity. Mimecast’s very own Brian Pinnock and Alice Jeffery are joined by guests from a range of unique security specialisms. Each episode explores tales of risk, reward and just a dash of ridiculousness to learn how we can all improve in the fight to stay safe. For more tales of risk, reward and ridiculousness, subscribe to Phishy Business on iTunes, Spotify, Anchor or wherever you get your podcasts. www.mimecast.com

In this episode of Phishy Business, we find out everything you may have wanted to ask your CISO or CIO but were too afraid to ask. Two very experienced information technology leaders delve deeper into the roles they play in keeping their organizations safe while balancing the nos and yesses they deal in every day. You’ll learn a lot more about that it is like to be CISO or CIO and the challenges they face in their roles. Our special guests are Magnus Carling, CISO at Swedish shipping company Stena, and Andrew Pritchett, CIO at Grant Thornton Australia, a leading accounting and consultancy firm. Magnus runs the global information security program for shipping conglomerate Stena, which is made up of a number of companies. Andrew navigates the challenges of the CIO role to balance pleasing clients while at the same time keeping client and internal resources safe. Learn more about these two leaders and their real-world daily challenges. In ‘Risk, Risk, Risk…and Beer: What Keeps the Cyber C-Suite Up at Night’, we discuss: What it is like being considered the department of no by colleagues. The challenges of balancing protecting the organization with the needs of team members. The crossroads of tech and people that occur every day at every organization. How the weakest link in security can be people – and how to get that point across to those very same people. The problems IT leaders face when the board don’t speak cyber. How to bring cyber risk in earlier in the board’s conversations. Conducting proper risk assessment before the big decisions instead of dealing with the fallout after an attack. Keeping cyber teams together and not burning them out. The difference between responsibility and accountability for CISOs in cyber breaches. Why the need for CISOs to have battle scars from previous breaches is so valuable. Beer as a stress relief strategy. Why cybersecurity is everyone’s business. About Phishy Business Fed up with the same old cybersecurity stories? Come with us on a journey that explores the lesser-known side. Whether it’s social engineering, taking criminals to court or the journalists hunting down hackers — our new podcast series, Phishy Business, looks for new ways to think about cybersecurity. Mimecast’s very own Brian Pinnock and Alice Jeffery are joined by guests from a range of unique security specialisms. Each episode explores tales of risk, reward and just a dash of ridiculousness to learn how we can all improve in the fight to stay safe. For more tales of risk, reward and ridiculousness, subscribe to Phishy Business on iTunes, Spotify, Anchor or wherever you get your podcasts. www.mimecast.com

In this episode of Phishy Business, we take a look at data, which some have called the new gold or the new oil and discuss why it really is something more like the new uranium because it has such a huge potential to impact society, just like uranium did in the 20th century. And just like uranium, data can be used for good, and for bad. Join us as we delve further into all things data – how it is collected, used, and what the consequences are when it is leaked. Our special guest is Glenn Wilkinson, world-renowned cybersecurity expert and ethical hacker for organizations ranging from startups to multi-nationals and governments. Glenn is an ethical hacker for hire who helps organizations protect themselves against real-world attackers by simulating real-world attacks. He also builds security products, conducts training sessions, and gives talks on cybersecurity. In ‘Is Data the new Uranium?’, we discuss: The types of data that can be compromised during a security breach and what can be the most valuable data to malicious hackers. The voluntary, involuntary, and necessary data we share every day, some of which is essential to live in the modern world. The huge amount of personal information that is housed on social media and with other companies that claim to provide personalized services. How companies want our data to sell us more personalized ads and to also sell it on to third parties. The fact that companies are also collecting our personal data simply because they can – and how they are planning to figure out what to do with it later, using AI to process it for example. If we are at the point in history where we can call data the new uranium because in that sense, it could contain information that if monetized, could have profound societal impact. Data, and how the aggregation of it can also be used by less democratic regimes to spy on and control their population. Using Glenn’s top three tips that could help you and the data you share online stay secure. About Phishy Business Fed up with the same old cybersecurity stories? Come with us on a journey that explores the lesser-known side. Whether it’s social engineering, taking criminals to court or the journalists hunting down hackers — our new podcast series, Phishy Business, looks for new ways to think about cybersecurity. Mimecast’s very own Brian Pinnock and Alice Jeffery are joined by guests from a range of unique security specialisms. Each episode explores tales of risk, reward and just a dash of ridiculousness to learn how we can all improve in the fight to stay safe. For more tales of risk, reward and ridiculousness, subscribe to Phishy Business on iTunes, Spotify, Anchor or wherever you get your podcasts. www.mimecast.com

In this episode of Phishy Business, we take a look at AI. We talk on the fact that the stigma of AI running amok in Terminator-fashion is a myth we must dispel in the face of all the good AI can do in protecting the world - from cyberattacks to helping with climate change. We also talk about the other major challenges that AI can be used to solve globally in the next decade. Our special guests are Vilas S. Dhar, President of the Patrick J. McGovern Foundation, who was named a young global leader by the World Economic Forum, and our own AI data scientist Elaine Lee. Vilas originally trained as a computer scientist who worked on early AI, also went to law school, and then worked on rule of law in technology, finally moving on to build a few businesses in the private sector. Elaine uses her expertise as a data scientist to help create products that protect users against email cyberthreats and was recently promoted to manage a team of data scientists at Mimecast. In ‘Supercharging the AI Tortoise’, we discuss: How optimism is essential to taking control of what we want AI systems to do. The sense of urgency that is needed in this work to protect people today and in the future. Why human oversight of AI systems is crucial to course correct and to remove biases in the algorithms. How diversity is fundamental in creating AI systems. The fact that more needs to be done in relation to how AI can be a force for good, from educating policy makers to more positive media coverage. How AI and data science can be used to created sustainable and scalable progress on the big issues our society faces, such as climate, poverty, and hunger. The reasons why Winnie the Pooh is possibly the greatest modern philosopher of our era. About Phishy Business Fed up with the same old cybersecurity stories? Come with us on a journey that explores the lesser-known side. Whether it’s social engineering, taking criminals to court or the journalists hunting down hackers — our new podcast series, Phishy Business, looks for new ways to think about cybersecurity. Mimecast’s very own Brian Pinnock and Alice Jeffery are joined by guests from a range of unique security specialisms. Each episode explores tales of risk, reward and just a dash of ridiculousness to learn how we can all improve in the fight to stay safe. For more tales of risk, reward and ridiculousness, subscribe to Phishy Business on iTunes, Spotify, Anchor or wherever you get your podcasts. www.mimecast.com

In this episode of Phishy Business, we take a look at how cybersecurity awareness training needs to go beyond just having users sit through training, but in fact, has to work to change user behavior. Listen in to learn more about the importance of cybersecurity awareness training at organizations of all sizes across the globe and how, with today’s diverse and threatening security landscape, cybersecurity is the responsibility of everyone in the organization, not just security professionals. Our special guests are Ira Winkler, award-winning CISO and best-selling author of Security Awareness for Dummies, and our own cybersecurity training expert Duane Nicol, Senior Product Manager – Awareness Training at Mimecast. Ira works to help organizations become more resilient against cyberattack and Duane works to make people feel more involved and included as part of the cybersecurity awareness culture at an organization, driving measurable results. In ‘Beyond Awareness Training: How to Improve User Behavior’, we discuss: How cybersecurity awareness is part of everyone’s job responsibility. Why the outcome of cybersecurity awareness training shouldn’t just be awareness, but also should be behavior change. The importance of a just corporate culture to encourage employees to report mistakes. The difference between ‘must’ and ‘should’. Whether or not there is ever a role for blame in cybersecurity awareness training. The fact that measurement of cybersecurity awareness programs is crucial. Why if a user clicks on a phishing link, the failure happened much further upstream because a lot of technology had to fail to let that malicious email through, and why holistic remediation is necessary. About Phishy Business Fed up with the same old cybersecurity stories? Come with us on a journey that explores the lesser-known side. Whether it’s social engineering, taking criminals to court or the journalists hunting down hackers — our new podcast series, Phishy Business, looks for new ways to think about cybersecurity. Mimecast’s very own Brian Pinnock and Alice Jeffery are joined by guests from a range of unique security specialisms. Each episode explores tales of risk, reward and just a dash of ridiculousness to learn how we can all improve in the fight to stay safe. For more tales of risk, reward and ridiculousness, subscribe to Phishy Business on iTunes, Spotify, Anchor or wherever you get your podcasts. www.mimecast.com

In this episode of Phishy Business, we take a look at bots. Listen in to learn more about what bots are, and what they do. Also, learn what can make them good…and what can make them bad. It would seem the answer lies within the intent of the person deploying them. Our special guests are Cyril Noel-Tagoe, Principal Security Researcher at Netacea, and our own Dr. Kiri Addison, Senior Product Manager at Mimecast. Cyril works to understand automated attacks to discover their aim and how to stop them; Kiri is a senior product manager and all-around cybersecurity expert who has a good amount of experience discovering and combatting malicious bots. In ‘Shining a Light on Bots: The Good and the Bad’, we discuss: Some examples of good and bad bots, and how they can be used and misused. How bad bots are responsible for as much as 3% of revenue loss. That bots can be used in all kinds of cyberattacks, including phishing, and DDoS attacks. How bots can skew website metrics, which can falsify entire marketing campaigns. That bots are also used to automate tasks for cybercriminals such as validating credentials. The fact that Marketing and IT teams should work together to understand the problem of malicious bots and discover how to best combat them. The ways bots can also be used defensively, against cyberattacks. How the fact remains: If the promises of a product or service sound too good to be true, they probably are. About Phishy Business Fed up with the same old cybersecurity stories? Come with us on a journey that explores the lesser-known side. Whether it’s social engineering, taking criminals to court or the journalists hunting down hackers — our new podcast series, Phishy Business, looks for new ways to think about cybersecurity. Mimecast’s very own Brian Pinnock and Alice Jeffery are joined by guests from a range of unique security specialisms. Each episode explores tales of risk, reward and just a dash of ridiculousness to learn how we can all improve in the fight to stay safe. For more tales of risk, reward and ridiculousness, subscribe to Phishy Business on iTunes, Spotify, Anchor or wherever you get your podcasts. www.mimecast.com

In this episode of Phishy Business, we take a look at what has been called the smartest and biggest scam of the 21st century, OneCoin, a cryptocurrency that brought in $4 billion in investments via multi-level marketing and proved to be nothing but a scheme that made one woman who is still on the run very rich. This wasn’t a backroom con, but in fact, was perpetrated by a woman whose adoring fans filled an arena two years after OneCoin’s founding, and whose con took money from millions of people. Our special guest is Jamie Bartlett, author of The Missing Cryptoqueen: The Billion Dollar Cryptocurrency Con and the Woman Who Got Away with It, a book that started out as a podcast in which Jaime tells the all-too-true tale of Dr. Ruja Ignatova, the Oxford-educated fugitive who got away with billions. In ‘The Billion Dollar Cryptocurrency Scam’ we discuss: How Jaime discovered this amazing story after presenting his findings following an investigation into drug sales on the Dark Web and was approached by a fellow journalist who was propositioned with this too-good-to-be-true cryptocurrency scam. A little background on cryptocurrency, its history, and how it works, as well as how Dr. Ruja presented a story and a cryptocurrency that was so appealing to so many people. How cryptocurrencies currently make ideal attack vectors for scammers. How FOMO is a very powerful tool in the cybercriminal arsenal and how it worked for Dr. Ruja. Why most people’s murky understanding of the tech behind cryptocurrency allowed the alleged victims to be more easily duped by Dr. Ruja and her real and impressive credentials Why cries of OneCoin being a Ponzi scheme from the very beginning went unheeded by investors and regulators. How a simple selfie posted on social media can reveal a treasure trove of information for investigators…and for cybercriminals. If the promises of a product or service sound too good to be true, they probably are. About Phishy Business Fed up with the same old cybersecurity stories? Come with us on a journey that explores the lesser-known side. Whether it’s social engineering, taking criminals to court or the journalists hunting down hackers — our new podcast series, Phishy Business, looks for new ways to think about cybersecurity. Mimecast’s very own Brian Pinnock and Alice Jeffery are joined by guests from a range of unique security specialisms. Each episode explores tales of risk, reward and just a dash of ridiculousness to learn how we can all improve in the fight to stay safe. For more tales of risk, reward and ridiculousness, subscribe to Phishy Business on iTunes, Spotify, Anchor or wherever you get your podcasts. www.mimecast.com

In this episode of Phishy Business, we take a look at the skills shortage being faced by IT departments when it comes to hiring cybersecurity experts and how the Absa Cybersecurity Academy is working with its partner, the Maharishi Institute, to assist in helping marginalized South African youth to become certified cybersecurity experts. Together, Absa and the Maharishi Institute are consistently working to develop a sustainable means to give youth the training they need to maintain careers and break the cycle of poverty they have been born into. Our special guests are Shenaaz Abrahams, who has made it her mission to ensure the Absa Academy is giving the most marginalized in her community access to cybersecurity training, and one of the Absa Academy’s success stories, student Kerwin Jacobs. In ‘Closing the cybersecurity skills gap through education and opportunity’ we discuss: What the Absa Cybersecurity Academy is, and its aim The holistic learning experience at the Maharishi Institute, which includes a lot of self-development and getting to learn things like transcendental meditation Absa’s latest partnership with the Hein Wagner Academy and teaching cybersecurity skills to the visually impaired The opportunities for Africa to be a cybersecurity hub and how the continent can help plug the global skills gap while offering employment opportunities in a market with a high unemployment rate Why individuals from disadvantaged backgrounds – like those enrolled at the academy – make good cybersecurity professionals How the academy has impacted Kerwin’s life Some inspiring stories about other students enrolled in the academy About Phishy Business Fed up with the same old cybersecurity stories? Come with us on a journey that explores the lesser-known side. Whether it’s social engineering, taking criminals to court or the journalists hunting down hackers — our new podcast series, Phishy Business, looks for new ways to think about cybersecurity. Mimecast’s very own Brian Pinnock and Alice Jeffery are joined by guests from a range of unique security specialisms. Each episode explores tales of risk, reward and just a dash of ridiculousness to learn how we can all improve in the fight to stay safe. For more tales of risk, reward and ridiculousness, subscribe to Phishy Business on iTunes, Spotify, Anchor or wherever you get your podcasts. www.mimecast.com

In this episode of Phishy Business, we take a look at cyber crisis exercises and insider threats. Our special guest is Lisa Forte, an expert on running cyber crisis exercises and training high-risk staff on insider threats and social engineering, who was named one of the top 30 female cybersecurity leaders by SC Magazine. Lisa works hard to simulate cybersecurity disasters for organizations in order to train them in how to deal with real-world cyberattacks. Lisa shares her insights on cyber crisis exercises and preparing organizations on how to handle cyberattacks as well as how to prevent insider threats. In ‘Actors, tabletop exercises, and insider threats’ we discuss: The fact that 70% of organizations in EMEA do not have a plan for dealing with insider threats despite it being a growing risk. How insider threats can be both accidental and malicious, different ways to look at the term “insider threat”, and some of the factors that may play into people becoming insider threats. How to balance fear and empowerment to get every employee to care personally about an organization’s cybersecurity, and how cybersecurity needs to be marketed internally to people across the organization. Some of the creative ways to use role-playing and acting in cyber crisis exercises to make simulations as real as possible, which is key to educating teams in dealing with cyberattacks. Top tips for getting started with a plan to deal with insider threats and cyberattacks and the importance of explaining to key personnel that just having backups really is not a solid plan for dealing with today’s threats. The importance of a happy workforce, properly and legally monitoring for insider threats, and tech-for-good and cybersecurity-for-good initiatives. Why CISOs might benefit from rock climbing  About Phishy Business Fed up with the same old cybersecurity stories? Come with us on a journey that explores the lesser-known side. Whether it’s social engineering, taking criminals to court or the journalists hunting down hackers — our new podcast series, Phishy Business, looks for new ways to think about cybersecurity. Mimecast’s very own Brian Pinnock and Alice Jeffery are joined by guests from a range of unique security specialisms. Each episode explores tales of risk, reward and just a dash of ridiculousness to learn how we can all improve in the fight to stay safe. For more tales of risk, reward and ridiculousness, subscribe to Phishy Business on iTunes, Spotify, Anchor or wherever you get your podcasts. www.mimecast.com

In this episode of Phishy Business, we take a look at ways for children and teens to stay safe while online. Our special guest is Emma Sadleir, a leading expert in social media law who educates individuals and organizations about the legal, disciplinary, and reputational risks of social media. Emma is also the co-author of Selfies, Sex, and Smartphones: A Teenager’s Online Survival Guide, which explains the legal pitfalls, hidden dangers, and future implications of what teens do, see, and post online. Emma shares her insights on using common sense to stay safe when participating in social media. In ‘The Internet Tattoo Effect and Common Sense Online Safety’, we discuss: What children and teens should and should not put online, or even commit to digital content, and the limitations of the billboard test (don’t post online what you would not put on a billboard next to a photo of yourself on the side of the highway) in today’s online world. How digital content is dangerous because it is out of our control, even when we think we are in a private online setting, and how deepfake technology is beginning to become a big problem. The legal guidebooks Emma has had a hand in creating and the benefits they provide for readers. The six p’s (police, parents, principals, predators, prospective schools/employers, phishers) that teenagers should keep in the back of their minds when posting content or interacting online. How parents can keep their heads above water while trying to maintain their child’s online safety in today’s online world. How the lines between the real world and the digital world are fading – we need to now consider the digital world as an extension of the real world. The age at which children should be allowed online and the fact that the Internet has no “shallow end” in which to get acclimated. Whether or not social media platforms are doing enough to protect children online? Learn why Emma says they are not. The steps children themselves can take and the tools they can use to maintain their safety online. About Phishy Business Fed up with the same old cybersecurity stories? Come with us on a journey that explores the lesser-known side. Whether it’s social engineering, taking criminals to court or the journalists hunting down hackers — our new podcast series, Phishy Business, looks for new ways to think about cybersecurity. Mimecast’s very own Brian Pinnock and Alice Jeffery are joined by guests from a range of unique security specialisms. Each episode explores tales of risk, reward and just a dash of ridiculousness to learn how we can all improve in the fight to stay safe. For more tales of risk, reward and ridiculousness, subscribe to Phishy Business on iTunes, Spotify, Anchor or wherever you get your podcasts. www.mimecast.com

In this episode of Phishy Business, we take a look at advanced persistent threat groups, also known as APT Groups. Special guest Krijn de Mik, Incident Response and Intelligence Lead at Hunt & Hackett, where he specializes in investigations, forensic analysis, and tracking threat actors and threat actor groups, gives his insight on how organizations can protect themselves from APT Groups and their advanced cyberattacks.  In ‘Advanced Persistent Threat Groups: Preparing Instead of Hoping’, we discuss: What advanced persistent threat groups are, their tactics, their motivations, how large and organized they can be, and why we distinguish them as threat actors The ransom amounts that APT Groups seek, how and why the amounts differ by industry and victim, and the three most targeted industries (listen to learn which three) To pay or not to pay – some of the things that organizations should consider and what they should do when it comes to making this decision How prevention remains an organization’s best bet and how prevention tactics such a table-top and crisis management exercises can help organizations prepare for attacks and reduce chaos One of the largest-scale and most fascinating APT group hacks Krijn and Hunt & Hackett have investigated The importance of:     o Forensic readiness and how it can be achieved     o Two-factor authentication     o Backups and how organizations need to ensure they are complete About Phishy Business Fed up with the same old cybersecurity stories? Come with us on a journey that explores the lesser-known side. Whether it’s social engineering, taking criminals to court or the journalists hunting down hackers — our new podcast series, Phishy Business, looks for new ways to think about cybersecurity. Mimecast’s very own Brian Pinnock and Alice Jeffery are joined by guests from a range of unique security specialisms. Each episode explores tales of risk, reward and just a dash of ridiculousness to learn how we can all improve in the fight to stay safe. For more tales of risk, reward and ridiculousness, subscribe to Phishy Business on iTunes, Spotify, Anchor or wherever you get your podcasts. www.mimecast.com

In this episode of Phishy Business, we delve into the current and future state of quantum computing, and make some predictions about how it will impact cybersecurity and the world in general. Just how cybersecurity doesn’t just impact organizations, but is something that every user should be thinking about, quantum computing is going to have a wide-reaching impact on many aspects of life. Special guests Duncan Jones, Head of Cybersecurity at Cambridge Quantum, and Dr. Francis Gaffney, Director of Mimecast Labs & Future Operations, do their best to take a concept that can be intimidating and break it down into simple, easy-to-understand scenarios. In ‘Quantum Computing: Qubits, Algorithms, and Cybersecurity?’, we discuss: How to describe quantum computing at a dinner party, how it is different from the computing we are familiar with The power of quantum computing and its benefits for technologies like machine learning, medical discovery, and language processing How quantum computing is going to impact cybersecurity, including the fact that quantum computers may one day in the not-so-distant future render modern encryption powerless How quantum computing can be used in the future to defend against threats and what organizations should be doing to plan for a future with quantum computing How IoT devices that are being built today should factor in quantum computing as much as possible since these devices will very likely still be in use when quantum computing is deployed on a large scale. What Q Day refers to About Phishy Business Fed up with the same old cybersecurity stories? Come with us on a journey that explores the lesser-known side. Whether it’s social engineering, taking criminals to court or the journalists hunting down hackers — our new podcast series, Phishy Business, looks for new ways to think about cybersecurity. Mimecast’s very own Brian Pinnock and Alice Jeffery are joined by guests from a range of unique security specialisms. Each episode explores tales of risk, reward and just a dash of ridiculousness to learn how we can all improve in the fight to stay safe. For more tales of risk, reward and ridiculousness, subscribe to Phishy Business on iTunes, Spotify, Anchor or wherever you get your podcasts. www.mimecast.com