Cyber Risk Management Podcast

AI-driven attacks aren't coming; they're here. A Chinese state-sponsored group just ran cyber espionage operations that were 80 to 90 percent autonomous. What does this means for defenders? Your hosts are Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.   Here's Anthropic's report -- https://www.anthropic.com/news/disrupting-AI-espionage  

AI can supercharge your security team. But it can also supercharge attackers. So how do you stay ahead in an AI-powered threat landscape? Let's find out in our special 200th episode! Your hosts are Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.   Kip's keynote address -- https://youtu.be/DNRNbT0IaKM "Fire Doesn’t Innovate: Thriving in the Face of Evolving Cyber Risks" In this ROCon 2025 keynote, Kip Boyle challenges audiences to rethink how they approach modern threats in the age of AI. Using the metaphor of fire — a static risk that hasn’t changed for millennia — Kip explores how cyber adversaries are innovating daily while many organizations remain trapped in outdated mindsets. He closes with a compelling call to action: adapt like firefighters did with fire — or risk being left behind.

How has GenAI turned phishing Into a speed war? And what should we do about it? Let's find out with your hosts are Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.

What happens when a HIPAA Business Associate Agreement gets tested in court after a ransomware attack? And what can we learn from it? Let's find out with your hosts are Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.   "New HIPAA Security Rule" episode: https://cr-map.com/podcast/178

What happens when critical third-party services go down? What do your vendors actually owe you when that happens? Are new regulations going to make a difference? Let's find out with our guest Dan Bowdan, Global Business CISO with Marsh McLennan. Your hosts are Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.   "Cyber Incident Reporting for Critical Infrastructure Act” (CIRCIA) episodes:   https://cr-map.com/podcast/161 https://cr-map.com/podcast/162/

AI agents are everywhere: 91% of organizations already use them. But can we control these autonomous digital workers? And what happens when they go rogue? Let's find out with our guest Matthew Hansen, Regional Chief Security Officer for the Americas with Okta. Your hosts are Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.   NIST AI RMF episodes:   https://cr-map.com/podcast/153/ https://cr-map.com/podcast/154/

Boards are getting the wrong cybersecurity information. But, what do boards really need to know? And how do we fix this problem? Let's find out with our guest Dr. Keri Pearlson, MIT Sloan School of Management. Your hosts are Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.   HBR Article -- https://hbr.org/2023/10/a-tool-to-help-boards-measure-cyber-resilience   LinkedIn -- https://www.linkedin.com/in/kpearlson/   Register for "Oktane on the Road in Seattle" -- https://regionalevents.okta.com/seattle-oor-exec-panel-okta

Our brains in "autopilot mode" make us sitting ducks for phishing attacks. Why? And what we can do about it? Let's find out with our guest Lisa Petrocchi-Merriman, Executive Coach with "WorksWell Labs Coaching & Training". Your hosts are Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.   Email -- lisamerriman@workswell.info   LinkedIn -- https://www.linkedin.com/in/lisa-merriman/   Register for "Oktane on the Road in Seattle" -- https://regionalevents.okta.com/seattle-oor-exec-panel-okta

Getting full value from AI requires a huge technology transformation. How can leaders navigate AI transformation without losing their teams and their digital assets along the way? Let's find out with our guest Jenny Moshea, former CIO for Sellen Construction. Your hosts are Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.   LinkedIn profile -- https://www.linkedin.com/in/jmoshea/   Free Guide -- https://getjennergy.com/   Website -- https://www.kinetiqshift.com/

How can generative AI transform your cybersecurity work without replacing your expertise? And why should you start experimenting now? Let's explore with our host Kip Boyle, CISO with Cyber Risk Opportunities, as he shares nearly three years of hands-on AI experience and practical strategies for staying ahead of the curve.   “Delegate Smarter with People and AI: Lead More, Do Less.” https://maven.com/kipboyle/people-ai?promoCode=KIP50

How would you add law enforcement as a valuable resource to your cybersecurity program? And why would you want to? Let's find out with our guest Supervisory Special Agent Douglas Domin of the Federal Bureau of Investigation. Your hosts are Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.   “Cyber Resilience in the Age of AI: Threats, Responses & Human Stories” at MIT April 2025 -- https://youtu.be/6Jlg4tZV3TU   FBI field office directory -- https://www.fbi.gov/contact-us/field-offices   CISA/FBI/NSA Joint Advisories -- https://www.cisa.gov/news-events/cybersecurity-advisories

How should individuals be thinking about generative artificial intelligence at work and at home? Let's find out with our guest Daniel Miessler, whose mission is “Working towards Human 3.0 so we can survive and thrive as humans after AI". Your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.   Website: https://danielmiessler.com/ LinkedIn: https://www.linkedin.com/in/danielmiessler/ X: https://x.com/DanielMiessler Fabric: https://github.com/danielmiessler/fabric Blog Post: https://danielmiessler.com/p/weve-been-thinking-about-ai-all-wrong

Unit 42 (Palo Alto Networks) just showed they can use AI to conduct a complete ransomware attack in 25 minutes, a 100x speed increase. What does this mean for defenders? Let's find out with your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.

And, here's part 2 of our annual Verizon Data Breach Investigations Report (DBIR) review! What's in the rest of the 2025 report? Let's find out with your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.

It's time for part 1 of our annual Verizon Data Breach Investigations Report (DBIR) review! What's new for 2025? Let's find out with your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.

The second edition of "Fire Doesn't Innovate" has dropped. What's new? Why it was updated? How can different types of readers get the most value from it? Let's find out with your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.   You can pick up a copy of "Fire Doesn't Innovate" second edition (paperback or Kindle versions) -- https://a.co/d/64hzmxN See Episode 124 for full details on the “United Structures of America” case -- https://cr-map.com/podcast/124/ See Episode 136 for full details on the “iRobot lawsuit against Expeditors International” -- https://cr-map.com/podcast/136/ See Episode 141 for full details on the “NIST Cybersecurity Framework version 2” update -- https://cr-map.com/podcast/141/

Is evidence from Artificial Intelligence and Quantum Computing devices legally admissible in court? And how are courts actually handling this influx? Let's find out with your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.

Is the so-called "Insider Threat" a big deal? If so, how could you use a honeypot to catch them? Let's find out with your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.    If you want to know more about honeypots, check out Kip's newest LinkedIn Learning course: “Active Defense: The New Frontier in Cybersecurity” -- https://www.linkedin.com/learning/active-defense-the-new-frontier-in-cybersecurity/

The implementation manual for the NIST Cybersecurity Framework gone missing. Can it be found? Let's find out with your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.    Want a deep discount on Kip's new Udemy course "Implement version 2 of NIST Cybersecurity Framework"? This one is valid until May 31, 2025 -- CRM_PODCAST_FRIEND   https://www.udemy.com/course/implement-version-2-of-nist-cybersecurity-framework/?couponCode=CRM_PODCAST_FRIEND   If you need to quickly get up-to-speed with the changes in NCSF v2 listen to this episode -- https://cr-map.com/podcast/141/

How much trust should you put in your Endpoint Detection and Response (EDR) solution? Let's find out with your hosts Kip Boyle, CISO with Cyber Risk Opportunities, and Jake Bernstein, Partner with K&L Gates.    Want to quickly come up to speed with the Essential Eight (E8)? Listen to this episode:   https://cr-map.com/podcast/63/