Claim OwnershipThe Security Strategist
Подписка оформлена: 6Воспроизведенные: 41
Подписаться
© Copyright 2025 EM360
Описание
In cybersecurity, every move is critical. “The Security Strategist” podcast delves into the depths of the cybercriminal underworld, revealing practical strategies to keep you one step ahead. We explore the latest trends and threats in cybersecurity, providing insights on how to protect your organisation effectively.
Our discussions, featuring thought leaders and pioneering organisations, cover the most pressing issues businesses face today. Tune in as we dissect major threats, explore emerging trends, and share proven prevention strategies to fortify your defences.
Our discussions, featuring thought leaders and pioneering organisations, cover the most pressing issues businesses face today. Tune in as we dissect major threats, explore emerging trends, and share proven prevention strategies to fortify your defences.
136 Episodes
Reverse
New software code is released almost as fast as new ideas are conceived in the tech industry. While this growth is necessary, it makes web applications rather vulnerable places online, as these are exposed to the online world and easily targeted. It's time to find better methods to address application security.In this podcast, freelance analyst Bob Tarzey talks to Rapid7's Ben Glass, Manager of Enterprise Security Consulting, and Jay Paz, Director of Penetration Testing and Consultant Development, about finding better methods to address application security and building better code.
New software code is released almost as fast as new ideas are conceived in the tech industry. This makes web applications some of the most vulnerable places online, as these are exposed to the online world and easily targeted.In the previous episode, Bob Tarzey spoke to Rapid7's Ben Glass and Jay Paz, Manager of Enterprise Security Consulting and Director of Penetration Testing and Consultant Development, respectively, about building better code to stay secure.In this second podcast Bob, Jay and Ben look at some of the supporting technology to avoid vulnerability in companies. This includes the testing of code before releasing it, the testing of deployed software, and finding safer guides to build better and stronger software.
With organizations poised to spend more than $5B+ on endpoint security software this year, it raises the question: What should enterprises be asking from security vendors, and how can they parse signal from all the marketing noise? In this three-part podcast series, hosted by freelance analyst Bob Tarzey, he speaks to Ian McShane who as a former Gartner analyst focuses on the endpoint security market. Ian McShane has written extensively about the failure of antivirus vendors to defend against modern attacks, and the marketing hype surrounding “next-gen” antivirus.Part 1 - How Endpoint Security Got To NowIn this podcast, Bob Tarzey talks to VP and endpoint security expert from Endgame, Ian McShane. They discuss the history of endpoint security, the failings of signature-based anti-virus and how it is integral for all organizations.
With organizations poised to spend more than $5B+ on endpoint security software this year, it raises the question: What should enterprises be asking from security vendors, and how can they parse signal from all the marketing noise? In this podcast series, hosted by freelance analyst Bob Tarzey, he speaks to Ian McShane who as a former Gartner analyst focuses on the endpoint security market. Ian McShane has written extensively about the failure of antivirus vendors to defend against modern attacks, and the marketing hype surrounding “next-gen” antivirus.Part 2 - What’s Next for Endpoint Security?In the previous episode, Bob Tarzey spoke to VP and endpoint security expert from Endgame, Ian McShane, about the history of endpoint security and why it needs to play an integral role for companies.In this second podcast, Bob and Ian look at the future of endpoint security and the next steps that need to be taken. This involves looking at whether security teams will have to learn new skills and also the importance of the MITRE ATT&CK framework.
With organizations poised to spend more than $5B+ on endpoint security software this year, it raises the question: What should enterprises be asking from security vendors, and how can they parse signal from all the marketing noise?In this podcast series, hosted by freelance analyst Bob Tarzey, he speaks to Ian McShane who as a former Gartner analyst focuses on the endpoint security market. Ian McShane has written extensively about the failure of antivirus vendors to defend against modern attacks, and the marketing hype surrounding “next-gen” antivirus.Part 3 - How To Map Endpoint Security To A Contemporary Security Strategy?In the previous two episodes, Bob Tarzey spoke to VP and endpoint security expert from Endgame, Ian McShane. They discussed the history of endpoint security and how to progress moving forward.In this final part of the podcast, Ian explains various aspects of how to implement endpoint security most effectively. Furthermore, making sure these security controls are kept up to standard and improve over time.
Security covers every aspect of IT infrastructure and usage, to ensure the protection of users, data and business processes. Backup and recovery tools are a way to restore lost data after any number of issues. However, security attacks can often aim to mimic such incidents for ransomware purposes. Adapting backup and recovery tools to try and provide backstops against these threats is something organizations need to be implementing.Freelance IT industry analyst Bob Tarzey speaks to Joe Noonan, VP of Product Management and Marketing at Unitrends. They speak about how backup tools can adapt to prevent ransomware attacks. Also, making sure backup-sets assist any size business and different methods to make sure they do not become compromised.
The scope of digitisation and the speed of adoption has increased rapidly in the last few decades. Virtually every aspect of any business operation feels this impact from supply chains to customer relationships. This pervasive aspect has changed the risk profile for every business.Therefore, businesses have had to transform the way they assess risk. Managing digital risk requires the tools to assess where the risks lie, how to mitigate them and to measure the effectiveness of the protections put in place.Freelance IT industry analyst Bob Tarzey speaks to Peter Beardmore, Director of Marketing for Digital Risk Management Solutions at RSA. They speak about what tools are effective to assess and plan for digital risk and when to implement these ideas.
Assessing, detecting, and responding to cyber threats are not new pursuits. However, evolving technology and innovating attackers make this a more challenging endeavor. More specifically, companies must be ahead of the changing nature of the threats and act at speed once encountered. Businesses today must have the necessary skills, agility, and underlying platforms to help them mitigate these risks.In this podcast, hosted by freelance analyst Bob Tarzey, SecureData's Chief Strategy Officer, Charl van der Walt lends his expertise on the matter. Firstly, he discusses how organisations should prioritise their plan of action. Then, he outlines a basic strategy that businesses should be following. Finally, he offers his guidance on how to keep ahead of the changing landscape.
Cybersecurity is changing rapidly due to advanced AI. These changes mean security officers have to adapt and utilise AI effectively to combat numerous growing threats. A different approach is necessary to detect threats that signature technologies may have missed. Advanced end-to-end AI, allows security officers to transform their strategies from the classic reactionary cycles.In this podcast, Industry Analyst at 451 research, Eric Ogren speaks to Nicole Eagan, CEO of Darktrace and JR Tietsort, Visionary Security Executive at CoreScientifc. They speak about the impact AI is having across all aspects of cybersecurity.
The advent of DevOps was hailed as a means to have all aspects of application deployment handled by one single team. Quicker updating of applications and better accountability of developers were among the many advantages of DevOps. However, over time, concerns surrounding security have begun to arise. Many feel that security should be more of a priority for DevOps teams.In this podcast, freelance IT industry analyst Bob Tarzey speaks with Kelly Shortridge, VP of Product Strategy at Capsule8. Kelly outlines the DevOps process and how it affects IT security. As well as this, she advises on the tools that DevOps teams can benefit from. She also demonstrates how the ‘DevSecOps’ approach can help organisations meet compliance obligations. Finally, Kelly delves into Linux deployment and filling the gaps it comes with.
The cybersecurity industry has significantly evolved over the last few decades. The fact that there is simply more of everything is a huge contributor to this. This includes more technologies, more people, more data sets, and so on. However, the threat landscape has also changed and become more complex. This has ultimately led to cybersecurity having to be at the forefront of enterprise risk agendas.In this podcast, Dr Andrew Aken speaks with Nik Whitfield, CEO and Founder at Panaseer. Nik lends his expertise on establishing a cyber infrastructure. As well as this, Nik delves into the challenges that often confront organisations when trying to gain visibility into their cybersecurity controls and metrics. Finally, he discusses the pressing issue that is the cybersecurity skills gap.
Businesses are increasingly utilising channels such as LinkedIn and WhatsApp to enhance customer interactivity and stay connected with team members. However, the current network security infrastructure was established before their creation. As a result, third-party apps have introduced security risks that the current structure cannot account for. Thus, businesses must take extra care to ensure their channels are secure.Otavio Freire, President, CTO, and Co-Founder at SafeGuard Cyber, joins us on this podcast to discuss the matter. Firstly, Otavio details the shortfalls of the current infrastructure and how this impacts companies' social and digital channels. Of course, these channels do have their in-app security and privacy settings, but Otavio outlines why these are not enough to rely on. He then goes on to explain the threats associated with social media channels. In light of these obstacles, Otavio shares his thoughts on how companies can get around the risks and make the most out of their social and digital channels.
Attacks have become part and parcel of an organisation's lifespan. However, in most cases, this is the result of the attacker being able to exploit a weakness in the organisation. Thus, organisations must do what they can to understand their vulnerabilities and their impact. But understanding and reporting common vulnerabilities and exposures (CVEs) are rigorous tasks. Therefore, companies may benefit from using tools to increase automation and reduce manual procedures.In this podcast, freelance IT industry analyst Bob Tarzey speaks with Benjamin Preminger, Senior Cyber Threat Intelligence Specialist at Sixgill. Benjamin begins by outlining the differences between common vulnerabilities and exposures, and demonstrates the rate at which they are reported. He also shares his thoughts on the MITRE database and the inadequacies in their scoring. As well as this, Benjamin explores why a dynamic CVE scoring will make the patching process more manageable for security professionals.
Cybersecurity is an unrelenting matter for organisations, and no organisation is truly immune. In particular, the threat that cyber risks pose to business is an increasing concern for IT departments and senior management alike. Thus, it is becoming increasingly important to consider how best to mitigate these risks.In this podcast, freelance IT industry analyst Bob Tarzey speaks with Brian Robison, Chief Evangelist at Blackberry Cylance. Brian begins by sharing his thoughts on how to prevent cyber attacks. In particular, he details Blackberry Cylance's approach of utilising computing power and AI to build a predictive model. Also, Brian outlines the role that data plays in cyber defence. Finally, Brian explains why he believes that investing in cybersecurity can provide a return for businesses.
Vulnerability management is a must for enterprises today. In particular, vulnerability management automation gives businesses the scalability and frequency necessary for today's landscape. Businesses should endeavour to automate where possible, although the accuracy of automation isn't always 100%.Joining us to lend his expertise on the matter is Eoin Keary, CEO and Founder at Edgescan. Firstly, Eoin outlines the findings of a recent survey by Edgescan, which investigated validating false positives among cybersecurity professionals. Then, he explores the current challenges that cybersecurity professionals are facing today. Eoin also shares his guidance on overcoming these obstacles.
Digital transformation is creating a new security landscape. In particular, it has paved the way for more workforce flexibility, empowering employees to work how and when they wish. However, this introduces new security considerations that many businesses have not had to address before.Here to lend his expertise on the matter is Sudhakar Ramakrishna, CEO at Pulse Secure. Sudhakar walks us through the findings of an IDG global survey sponsored by Pulse Secure, investigating the state of enterprise secure access. Then, he delves into how secure access is an enabler of digital transformation, while heightening security too. Furthermore, Sudhakar shares his guidance on what organisations need to do to drive secure access and zero trust capabilities.
Technology has enjoyed an ongoing revolution, meaning organisations today can enjoy cloud, Internet of Things, artificial intelligence, and more – all of which are significantly advantageous for business. However, as organisations begin to heavily rely on these innovations, it begs the question: how should businesses strike the balance between delivering useful, available IT services and protecting the privacy of employees and customers?In this podcast, Bob Tarzey speaks with Nathan Howe, Director of Transformation Strategy at Zscaler. Firstly, Nathan delves into how cloud, mobility, and crypto make up the 'unholy trinity' in cybersecurity. Then, he explores the effect of an increasingly millennial workplace, before revisiting crypto. In particular, he discusses the impact of companies not inspecting SSL and TLS and its effect on the threat landscape. Furthermore, Nathan outlines what traffic businesses have the right to inspect. He also demonstrates why Zscaler's origins in email security is still relevant today.
Today's increasingly digital enterprise environment means that businesses must combat more threats than ever. However, it's not just the new generation of threats that they need to worry about. Organisations must also consider the threats that have stood the test of time. In particular, credential stuffing is one that has persisted over the years. Unfortunately, the misunderstandings surrounding it makes it all-the-more difficult to mitigate.In this podcast, Shuman Ghosemajumder, CTO at Shape Security, lends his expertise on the matter of credential stuffing. Firstly, he recaps what credential stuffing is and why it is still prevalent to this day. Then, he discusses the impact it has on companies and the best ways for them to mitigate the risks.
Applications are a double-edged sword for businesses. On one hand, they are a modern necessity to drive business success. However, on the other, they come with a host of security problems that need special attention.Joining Bob Tarzey to outline the considerations specific to application security is Jeff Williams, Co-Founder and CTO at Contrast Security. In particular, Jeff details the threat posed by the fact that we simply aren’t very good at writing vulnerability-free software, and why this is the case. As well as this, they discuss the role of DevOps, and specifically, DevSecOps, in software development. Finally, Jeff delves into self-protecting software and how it works.
The advent of DevOps was hailed as a means to have all aspects of application deployment handled by one single team. However, over time, concerns surrounding security have begun to arise. Many feel that security should be more of a priority for Development & DevOps teams, particularly in regard to applications. On the one hand, apps are a modern necessity to drive business success. However, on the other hand, they come with a host of security problems that need special attention, necessitating DevSecOps in turn.Joining us to lend his expertise on this matter is Jeff Martin, Senior Director of Product at WhiteSource. Firstly, Jeff explains whose responsibility AppSec actually is and how organisations ultimately create DevSecOps. He then demonstrates what the typical ‘DevSecOps’ workflow should look like. Finally, he outlines the benefits of open source tools and how important security procedures are for businesses and their DevOps efforts.
Комментарии
Top Podcasts
The Best New Comedy Podcast Right Now – June 2024The Best News Podcast Right Now – June 2024The Best New Business Podcast Right Now – June 2024The Best New Sports Podcast Right Now – June 2024The Best New True Crime Podcast Right Now – June 2024The Best New Joe Rogan Experience Podcast Right Now – June 20The Best New Dan Bongino Show Podcast Right Now – June 20The Best New Mark Levin Podcast – June 2024
Загрузить из Google Play
Загрузить из App Store
United States