Security Masterminds

Discover the critical role of a Business Security Officer in aligning security with business goals. But what happens when this vital bridge between security and the organization finds themselves facing unexpected challenges? Find out in this intriguing episode of the Security Masterminds podcast.Nicole Dove, a cybersecurity expert with an intriguing career path, helps businesses navigate the intersection of risk and technology. Starting her career on Wall Street, she transitioned into risk management consulting and auditing before eventually shifting gears into cybersecurity. As a Business Information Security Officer (BISO), Nicole focuses on aligning business and security, advocating for both to the benefit of the organizations she serves. Her business-first approach to security, understanding of diverse business units, and innate curiosity make her a critical asset in identifying and managing organization-wide threats.Security is like really a team sport and you can't wait until game day to practice and think you're going to win. - Nicole DoveConnect with Nicole DoveLinkedIn: https://www.linkedin.com/in/jnicoledove/Twitter:  https://twitter.com/IssaUrbanGirlUrban Girl Podcast: https://podcasts.apple.com/us/podcast/urban-girl-corporate-world/id1502039142Connect with us:Website: securitymasterminds.buzzsprout.comKnowBe4 Resources:KnowBe4 Blog: https://blog.knowbe4.comErich Kron - https://www.linkedin.com/in/erichkronJelle Wieringa - https://www.linkedin.com/in/jellewieringaJames McQuiggan - https://www.linkedin.com/in/jmcquigganJavvad Malik: https://www.linkedin.com/in/javvadMusic Composed by: Brian Sanyshyn - https://www.briansanyshynmusic.comAnnouncer: Sarah McQuiggan - https://www.sarahmcquiggan.comThis show's sound is edited by ProPodcastSolutions -https://propodcastsolutions.com/Show Notes created with Capsho - www.capsho.com

Protecting data in the age of cyber threats, cybersecurity expert Ian Garrett ignites a battle against ignorance, as he harnesses the power of AI and zero trust to defend organizations of all sizes from the lurking dangers of the digital world.Today's guest is Ian Garrett, the CEO and co-founder of Phalanx. With a background in computer science, he became an early adopter of AI application in cybersecurity and has been making waves in the industry ever since. Ian's ability to combine AI rapid data processing with a human understanding of nuanced threats exemplifies cutting-edge cybersecurity practices that help ensure data protection and privacy.Don't ignore the data outside of secure places. Even drafts and email attachments can be vulnerable. Take a comprehensive approach to data security. - Ian GarrettIn this episode, you will be able to:Gain insights into how AI and Zero Trust model can reinforce your data protection strategies.Learn from industry connoisseurs about typical data security blunders to be avoided.Identify the hurdles in managing multicloud data and the solutions to counter these challenges.Delve into the potent dangers presented by AI and chatbots and how to keep them at bay.Understand the practical application and multiple influences of the Zero Trust architecture on your business.Ian Garrett, CEO and co-founder of Phalanx, with a background in computer science, he became an early adopter of AI application in cybersecurity and has been making waves in the industry ever since. Ian's ability to combine AI rapid data processing with a human understanding of nuanced threats exemplifies cutting-edge cybersecurity practices that help ensure data protection and privacy.Don't ignore the data outside of secure places. Even drafts and email attachments can be vulnerable. Take a comprehensive approach to data security. - Ian GarrettConnect with Ian GarrettLinkedIn:  https://www.linkedin.com/in/ianygarrett/Twitter: @ianygarrett - https://twitter.com/ianygarrettOrganization: phalanx.io - https://www.phalanx.io/Connect with us:Website: securitymasterminds.buzzsprout.comKnowBe4 Resources:KnowBe4 Blog: https://blog.knowbe4.comErich Kron - https://www.linkedin.com/in/erichkronJelle Wieringa - https://www.linkedin.com/in/jellewieringaJames McQuiggan - https://www.linkedin.com/in/jmcquigganJavvad Malik: https://www.linkedin.com/in/javvadMusic Composed by: Brian Sanyshyn - https://www.briansanyshynmusic.comAnnouncer: Sarah McQuiggan - https://www.sarahmcquiggan.comThis show's sound is edited by ProPodcastSolutions -https://propodcastsolutions.com/Show Notes created with Capsho - www.capsho.com

Check us out on our new LinkedIn Page!  - https://www.linkedin.com/company/security-masterminds-podcast/Does this sound familiar? You've invested in threat intelligence data and spent countless hours analyzing it, yet you still feel vulnerable to cyber threats. Maybe you were told that having the data alone would be enough to protect your organization. But the reality is, simply having the data without knowing how to turn it into actionable insights leaves you exposed and frustrated. The pain of constantly worrying about cyber attacks and feeling powerless to stop them is all too real. In this episode, we'll show you how to transform your threat intelligence data into actionable intelligence, giving you the tools to defend against even the most sophisticated cyber threats.In this episode, you will be able to:Realize the urgency of embracing cybersecurity for your business's sustained success.Explore how actionable threat intelligence can augment your defenses against cyber adversaries.Absorb the advantages of using a joint and innovative approach to stay on top of evolving digital dangers.Discern the impact of robust communication and leadership skills in fostering a secure digital environment.Appreciate the role of attack simulation technology in unveiling security blind spots and improving protection.My special guest isBryson Bort is an accomplished cybersecurity veteran with more than two decades of experience under his belt. As the founder of Scythe, Bryson has cultivated a platform that empowers professionals in the cybersecurity space to effectively address and combat cyber threats. Simultaneously, he co-founded ICS Village, a non-profit that aims to increase knowledge and awareness of industrial control system security. With a strong background in both offensive and defensive security, Bryson's drive for constant improvement and growth has made him an influential figure within the cybersecurity community.Connect with Bryson Bort!Linkedin: https://www.linkedin.com/in/brysonbort/Twitter: https://twitter.com/brysonbortScythe: https://scythe.io/ICS Village: https://www.icsvillage.com/Testimonial for Scythe  https://scythe.io/library/purple-team-approach-boosts-cybersecurityConnect with us:Website: securitymasterminds.buzzsprout.comKnowBe4 Resources:KnowBe4 Blog: https://blog.knowbe4.comErich Kron - https://www.linkedin.com/in/erichkronJelle Wieringa - https://www.linkedin.com/in/jellewieringaJames McQuiggan - https://www.linkedin.com/in/jmcquigganJavvad Malik: https://www.linkedin.com/in/javvadMusic Composed by: Brian Sanyshyn - https://www.briansanyshynmusic.comAnnouncer: Sarah McQuiggan - https://www.sarahmcquiggan.comThis show's sound is edited by ProPodcastSolutions -https://propodcastsolutions.com/Show Notes created with Capsho - www.capsho.com

Check us out on our new LinkedIn Page!  - https://www.linkedin.com/company/security-masterminds-podcast/Are you struggling to raise cybersecurity awareness despite following the same old advice? Discover the power of storytelling and engagement in transforming cybersecurity training and arming your workforce against message fatigue and over-reliance on technology.In this episode, you will be able to:Delve into the connections between storytelling, engagement, and effective cybersecurity training.Gain insight into striking the perfect balance between factual content and captivating storytelling.Find out how relying too much on technology can jeopardize cybersecurity efforts.Master techniques for countering message fatigue in the cybersecurity industry.Explore the power of humor and entertainment in raising security awareness levels.Rob McCollum, a versatile voice actor with a background in sales, marketing, acting, and improv comedy, has lent his talents to over 300 anime roles and a plethora of corporate training videos. Joining forces with Twist & Shout, a KnowBe4 company, Rob ventured into corporate storytelling and cybersecurity training, working on projects for major companies such as Barclays Bank, AT&T, Warner Brothers, and Sony. His unique approach to storytelling and engagement in cybersecurity training has revolutionized the industry, keeping viewers intrigued and eager for more.About Rob McCollumLinkedIn - https://www.linkedin.com/in/robert-mccollum-23b1a86Rob McCollum Facebook Anime Fan Page: https://www.facebook.com/RobertMcCollumFanPageShow Notes:The Inside Man Series: https://info.knowbe4.com/inside-man-gaFavorite Books: After On, Year Zero, by Rob Reid - https://www.amazon.com/stores/author/B000AP8X36/allbooks?ingress=0&visitId=3058ab80-2f93-42c9-9be8-a1d49c3fec86&store_ref=ap_rdr&ref_=ap_rdrConnect with us:Website: securitymasterminds.buzzsprout.comKnowBe4 Resources:KnowBe4 Blog: https://blog.knowbe4.comErich Kron - https://www.linkedin.com/in/erichkronJelle Wieringa - https://www.linkedin.com/in/jellewieringaJames McQuiggan - https://www.linkedin.com/in/jmcquigganJavvad Malik: https://www.linkedin.com/in/javvadMusic Composed by: Brian Sanyshyn - https://www.briansanyshynmusic.comAnnouncer: Sarah McQuiggan - https://www.sarahmcquiggan.comThis show's sound is edited by ProPodcastSolutions -https://propodcastsolutions.com/Show Notes created with Capsho - www.capsho.com

Check us out on our new LinkedIn Page!  - https://www.linkedin.com/company/security-masterminds-podcast/Are you tired of the same old ineffective methods for GRC optimization and AI integration for cybersecurity? Do you feel like no matter what you do, you can't seem to get the results you need? Come join us in this episode to learn the latest and greatest techniques for enhancing your GRC processes and AI integration for cybersecurity success.Stas Bojoukha is a cybersecurity expert with over 20 years of experience in the industry. He has a deep passion for automation and making security consumable for everyone. Stas began his career as a computer technician, later progressing through various roles such as systems engineer, infrastructure engineer, and chief security officer. His diverse background has allowed him to gain valuable insights into a wide range of IT disciplines. Today, Stas is the CEO and founder of Compyl, an information security and compliance automation platform designed to streamline processes and improve efficiency in managing compliance requirements.The resources mentioned in this episode are:Look into Stas Bojoukha's company, Compyl, an information security and compliance automation platform that helps organizations automate their cybersecurity programs and reduce risk.Prioritize making security and compliance understandable for non-technical staff members, as this will help improve overall security awareness and adherence to policies.Remember that compliance does not necessarily guarantee security; focus on implementing security measures that go beyond compliance requirements to ensure a more robust security posture.About Stas BojoukhaLinkedIn - https://www.linkedin.com/in/stas-bojoukha/Email: stas@compyl.comSocial Media:  https://twitter.com/thestas1Compyl: https://compyl.com/ShowNotesSIM City 2000 - https://www.ea.com/games/simcity/simcity-2000SOC Analyst link from CISA - https://niccs.cisa.gov/education-training/catalog/cyber-range-solutions-inc/intro-soc-analystConnect with us:Website: securitymasterminds.buzzsprout.comKnowBe4 Resources:KnowBe4 Blog: https://blog.knowbe4.comErich Kron - https://www.linkedin.com/in/erichkronJelle Wieringa - https://www.linkedin.com/in/jellewieringaJames McQuiggan - https://www.linkedin.com/in/jmcquigganJavvad Malik: https://www.linkedin.com/in/javvadMusic Composed by: Brian Sanyshyn - https://www.briansanyshynmusic.comAnnouncer: Sarah McQuiggan - https://www.sarahmcquiggan.comThis show's sound is edited by ProPodcastSolutions -https://propodcastsolutions.com/Show Notes created with Capsho - www.capsho.com

Check out our new LinkedIn page! - https://www.linkedin.com/company/security-masterminds-podcast/Joanna Burkey's imparts her wisdom to help other professionals develop a successful cybersecurity program, emphasizing the importance of thought diversity and exposure to all aspects of the business. What other advice does she have to offer?"We need to be overseeing and ultimately accountable for the right culture of governance to be happening in our companies."Joanna Burkey is the CISO of HP, Inc. and has been in the cybersecurity field for over 25 years, working in a variety of roles from software development to CISO. She has seen the evolution of the field firsthand and provides valuable insights into the most pressing issues and trends across the industry.In this episode, you will learn:Exploring the essential cybersecurity capabilities to ensure effective coverageExamining the culture and networking elements of the cybersecurity fieldInvestigating the role and responsibilities of the Chief Executive Officer in cybersecurityUnderstanding the identity and trust issues surrounding cybersecurityAbout Joanna BurkeyLinkedIn - https://www.linkedin.com/in/joanna-burkeyEmail: joanna.burkey@hp.comSocial Media: https://www.linkedin.com/in/joanna-burkey/Show Notes FDDI & ATM network drivers for Novell Netware - https://support.novell.com/techcenter/articles/ana19960403.htmlSmart Brevity - Jim VandeHei - https://a.co/d/6K4gj2bEnterprise Risk Management, by James Lam -  https://a.co/d/apaNCHbTurn the Ship Around - https://a.co/d/2gy6Q7GHyperion - https://a.co/d/fmTCcHiConnect with us:Website: securitymasterminds.buzzsprout.comKnowBe4 Resources:KnowBe4 Blog: https://blog.knowbe4.comErich Kron - https://www.linkedin.com/in/erichkronJelle Wieringa - https://www.linkedin.com/in/jellewieringaJames McQuiggan - https://www.linkedin.com/in/jmcquigganJavvad Malik: https://www.linkedin.com/in/javvadMusic Composed by: Brian Sanyshyn - https://www.briansanyshynmusic.comAnnouncer: Sarah McQuiggan - https://www.sarahmcquiggan.comThis show's sound is edited by ProPodcastSolutions -https://propodcastsolutions.com/Show Notes created with Capsho - www.capsho.com

In this episode, Alex Panaretos bravely confronts the irony of trying to protect against what we don't know, challenging us to take an active role in building trust and security for organizations with a compassionate and humorous approach."You have to humanize yourself above the rest of the corporate noise. What are you saying that needs to make me pay attention?"Alex Panaretos is a passionate sports broadcaster turned cybersecurity expert. She bridges the gap between the digital and physical world by connecting the intangible risk of cybersecurity to the emotions of her audience.In this episode, you will learn the following:1. How can humor be used to bridge the gap between security professionals and the general public?2. What are the most effective ways to market security and behavior change to different generations in the workplace?3. How can organizations assess the risk of malicious activities and assign a numerical value to them?About Alexandra PanaretosLinkedIn: https://www.linkedin.com/in/alexandrapanaretosConnect with us:Website: securitymasterminds.buzzsprout.comLinkedIn: https://www.linkedin.com/company/security-masterminds-podcast/KnowBe4 Resources:KnowBe4 Blog: https://blog.knowbe4.comErich Kron - https://www.linkedin.com/in/erichkronJelle Wieringa - https://www.linkedin.com/in/jellewieringaJames McQuiggan - https://www.linkedin.com/in/jmcquigganJavvad Malik: https://www.linkedin.com/in/javvadMusic Composed by: Brian Sanyshyn - https://www.briansanyshynmusic.comAnnouncer: Sarah McQuiggan - https://www.sarahmcquiggan.comThis show's sound is edited by ProPodcastSolutions - https://propodcastsolutions.com/ShowNotes created with Capsho (www.capsho.com)

Loved this episode? Please leave us a review and rating on your favorite podcast platform!After leaving the CPA industry and becoming a computer trainer, Roger worked his way into the cybersecurity industry, Roger Grimes, a data-driven evangelist, is determined to protect organizations from malicious social engineering attacks, but finds that even his advanced tools are no match for the crafty hackers."Organizations need to defend their infrastructure by identifying their critical data to recognize and respond to threats. Utilizing a data driven defense allows you to detect and respond to threats more quickly and accurately than traditional methods." -Roger GrimesRoger Grimes is a cybersecurity expert and data driven defense evangelist for KnowBe4. He has held a variety of roles throughout his career, and his focus is on fixing the internet and protecting organizations from social engineering attacks.In this episode, you will learn the following:1. How did Roger Grimes go from being a CPA to becoming a cybersecurity expert?2. What was it like to work with John McAfee?3. How did Roger Grimes successfully bluff his way into the cybersecurity industry?About Roger Grimes, CPA, CISSPLinkedIn: https://www.linkedin.com/in/rogeragrimes/eMail: rogerg@knowbe4.comTwitter: https://twitter.com/rogeragrimesShow Notes / Links:Cuckoo’s Egg book - https://www.amazon.com/dp/B0083DJXCM?ref_=cm_sw_r_cp_ud_dp_FK52CJS8J6DAJ6JMZJTFData Killers, John McAfee - https://www.amazon.com/dp/031202889X?ref_=cm_sw_r_cp_ud_dp_7N07KYGNG9GGSKMW5Q07FidoNet - https://www.fidonet.org/index.htmlPeter Norton’s Guide to the IBM PC - https://www.amazon.com/dp/0136619010?ref_=cm_sw_r_cp_ud_dp_FJ7E13ENVAFXZWR139YDCISA’s Known Exploited Vulnerabilities Catalog - https://www.cisa.gov/known-exploited-vulnerabilities-catalogConnect with us:Website: securitymasterminds.buzzsprout.comKnowBe4 Resources:KnowBe4 Blog: https://blog.knowbe4.comErich Kron - https://www.linkedin.com/in/erichkronJelle Wieringa - https://www.linkedin.com/in/jellewieringaJames McQuiggan - https://www.linkedin.com/in/jmcquigganJavvad Malik: https://www.linkedin.com/in/javvadMusic Composed by: Brian Sanyshyn - https://www.briansanyshynmusic.comAnnouncer: Sarah McQuiggan - https://www.sarahmcquiggan.comThis show's sound is edited by ProPodcastSolutions - https://propodcastsolutions.com/ShowNotes created with Capsho (www.capsho.com)

In cybersecurity, one way to protect the organization is similar to Sun Tzu's Art of War, and to know the enemy. One way to protect yourself in cybersecurity is to have a healthy work/life balance."I think this is the best industry on the planet. I have always felt that I believe the opportunity for all people who want to work here if I, as a designer of Barbie doll dresses, can run cybersecurity well for some major brands. Well, I think what that says is this is both creative. It's creative and technical. It is broad and deep. It always changes; it's always evolving. You'll never be bored, and you'll never be unemployed."Karen Worstell is a senior cybersecurity strategist at VMware. She shares the story of her time in the cybersecurity industry since the 1980s and has served as a data processing analyst, Chief Information Security Officer, and research and engineering consultant.In this episode, you will learn the following:1. How did Karen Worstell's journey in the cybersecurity industry help her grow as a person and leader?2. What are the benefits of creativity in cybersecurity?3. How does culture play a role in work-life balance for CISOs?About Karen WorstellKaren’s website: https://www.karenworstell.comLinkedIn: https://www.linkedin.com/in/karenworstell/eMail: kworstell@vmware.comTwitter: https://twitter.com/karenworstellVMWare Vlogs: https://blogs.vmware.com/security/author/karen-worstellBonus Episode (Burnout): https://www.buzzsprout.com/1892704/11878086Connect with us:Website: securitymasterminds.buzzsprout.comLoved this episode? Please leave us a review and rating on your favorite podcast platform!KnowBe4 Resources:KnowBe4 Blog: https://blog.knowbe4.comErich Kron - https://www.linkedin.com/in/erichkronJelle Wieringa - https://www.linkedin.com/in/jellewieringaJames McQuiggan - https://www.linkedin.com/in/jmcquigganJavvad Malik: https://www.linkedin.com/in/javvadMusic Composed by: Brian Sanyshyn - https://www.briansanyshynmusic.comAnnouncer: Sarah McQuiggan - https://www.sarahmcquiggan.comThis show's sound is edited by ProPodcastSolutions - https://propodcastsolutions.com/ShowNotes created with Capsho (www.capsho.com)

After 20 years in the same role at Canon, Quentyn Taylor knows a thing or two about what it takes to be a successful CISO; in this episode, he shares his insights on the importance of technical skills, business skills, and storytelling to make the role of CSO one You will learn the role of the CISO in communicating with the Board of Directors."I strongly believe in educating users about the importance of comprehensive security programs and to try to improve security in a cost-effective way for organizations."Quentyn Taylor is the senior Director of Product, Information, Security and Global Response at Canon Europe, Middle East and Africa. He has over 20 years of experience in both the It and information security environments and is focused on building business relationships within his organization and cybersecurity community. He strongly believes in educating users about the importance of comprehensive security programs and to try to improve security in a cost effective way for organizations.In this episode, you will learn the following:1. Why do tiny things matter in information security?2. What is the secret to Quentyn Taylor's success as a CISO?3. What is the best way for a CISO to communicate with the Board of Directors?About Quentyn TaylorLinkedIn: https://www.linkedin.com/in/quentyntaylorTwitter: https://twitter.com/quentynblogYouTube: https://www.youtube.com/c/QuentynTaylorShow Notes:Security Engineering, by Ross Anderson - https://a.co/d/22nCFaJSecrets & Lies, by Bruce Schneier - https://a.co/d/33ehPldFotango buyout by Canon - https://www.campaignlive.co.uk/article/canon-goes-online-fotango-buyout/133990KnowBe4 ResourcesKnowBe4 Blog: https://blog.knowbe4.comErich Kron - https://www.linkedin.com/in/erichkronJelle Wieringa - https://www.linkedin.com/in/jellewieringaJames McQuiggan - https://www.linkedin.com/in/jmcquigganJavvad Malik: https://www.linkedin.com/in/javvadMusic Composed by: Brian Sanyshyn - https://www.briansanyshynmusic.comAnnouncer: Sarah McQuiggan - https://www.sarahmcquiggan.comThis show's sound is edited by ProPodcastSolutions - https://propodcastsolutions.com/

In this episode of Security Masterminds, Tanya Janca shares her insights on application security, OWASP, and her community, "We Hack Purple." "I would say software developers are more interested in security than they ever have been before they're being pushed that way, but I think a lot of them are just becoming interested in it."Tanya Janca is the director of Developer Relations at Bright Security and  founder of the We Hacks Purple community. She is a software developer with over 20 years of experience and is the author of the book Alice and Bob Learn Application Security.In this episode, you will learn: Tanya Janca's experience as a software developer, musician, and pentester The importance of networks and community in cybersecurity The shift towards increased security awareness among software developersAbout Tanya JancaWebsite: https://shehackspurple.ca/ Social Media: https://twitter.com/shehackspurpleBright Security - https://brightsec.com/vulnerabilitiesCyber Mentoring Monday - https://twitter.com/hashtag/CyberMentoringMondayWe Hack Purple Academy (on Brightsec) https://community.wehackpurple.comAlice & Bob Learn Series - AliceAndBobLearn.com LinkedIn: https://www.linkedin.com/in/tanya-jancaEmail: tanya.janca@brightsec.comShow Notes:OWASP - https://owasp.org/Sherif Koussa - https://www.linkedin.com/in/sherifkoussa/Katie Moussoouris, Luta Security - https://www.linkedin.com/in/kmoussouris/ASVS - https://owasp.org/www-project-application-security-verification-standard/KnowBe4 ResourcesKnowBe4 Blog: https://blog.knowbe4.comErich Kron - https://www.linkedin.com/in/erichkronJelle Wieringa - https://www.linkedin.com/in/jellewieringaJames McQuiggan - https://www.linkedin.com/in/jmcquigganJavvad Malik: https://www.linkedin.com/in/javvadMusic Composed by: Brian Sanyshyn - https://www.briansanyshynmusic.comAnnouncer: Sarah McQuiggan - https://www.sarahmcquiggan.comThis show's sound is edited by ProPodcastSolutions - https://propodcastsolutions.com/

You know about Blockchain, but do you really about blockchain? Then this episode is for you! You will learn: 1. The potential for blockchain technology to create a more secure world.2. The misconceptions about blockchain technology. 3. The auditing and validation process for blockchain technology.4. The four foundations of blockchain"Blockchain has the potential to create a more secure world with its ability to be immutable, validated, and secure."Jean-Michel Azzopardi is the CEO and co-founder of Infinity, a Web 3.0 startup. He has a background in enterprise, blockchain, cybersecurity, and video games. Azzopardi got into blockchain in 2011 after realizing the potential for this technology to change the world.LinkedIn - https://www.linkedin.com/in/jean-michel-azzopardi-b33ab439/Email: jeanmichel@infinity.comKnowBe4 ResourcesKnowBe4 Blog: https://blog.knowbe4.comErich Kron - https://www.linkedin.com/in/erichkronJelle Wieringa - https://www.linkedin.com/in/jellewieringaJames McQuiggan - https://www.linkedin.com/in/jmcquigganJavvad Malik: https://www.linkedin.com/in/javvadMusic Composed by: Brian Sanyshyn - https://www.briansanyshynmusic.comAnnouncer: Sarah McQuiggan - https://www.sarahmcquiggan.comThis show's sound is edited by ProPodcastSolutions - https://propodcastsolutions.com/

Everyday organizations are constantly managing risk and as cybersecurity professionals, there's a struggle to get the board to understand that risk. Our guest today shares his insights of his 5 pillars of security framework to increase the effectiveness of the risk conversation to the board and engaging them to reduce risk and secure the organization."I'm very passionate about the topic, and specifically very passionate about building a culture of cybersecurity within enterprises. Anything that has to do with security awareness, making people more cyber aware, is something that's really close to my heart."Mathieu Gorge is the CEO and founder of VigiTrust, a cybersecurity company with clients in 120 countries. Mathieu has over 20 years of IT security and risk management experience and is much-sought after for his expertise. As an authority on cybersecurity solutions, he has been asked to speak at conferences including RSA, ISSA and ISACA. Mathieu is a prominent member of the international cybersecurity community—due to VigiTrust’s continued success as well as its 5 Pillars of Security Framework™— and serves as president and chief security officer of the French Irish Chamber of Commerce. Mathieu has more than 15 years of experience in payment security, and works closely with the PCI Council in the US and EU. He is a renowned expert in  PCI DSS, GDPR, CCPA, HIPAA, VRM, and ISO 27001.Mathieu GorgeLinkedIn: https://www.linkedin.com/in/mgorgeWebsite: https://mathieugorge.comThe Cyber Elephant in the Boardroom (Amazon)In this episode, you will learn the following:The challenges of communicating cyber risk to the boardroom The importance of understanding how cyber security measures fit into the financial side of things The human impact of being a CSO, including the challenges of maintaining a work-life balance.Show LinksNIS2 - https://www.nis-2-directive.com/ENISA - https://www.enisa.europa.eu/Privacy Laws - CCPA - https://oag.ca.gov/privacy/ccpaPrivacy Laws - GDPR - https://gdpr-info.eu/Follow Me Printing Hacking Story - ForbesKnowBe4 ResourcesKnowBe4 Blog: https://blog.knowbe4.comErich Kron - https://www.linkedin.com/in/erichkronJelle Wieringa - https://www.linkedin.com/in/jellewieringaJames McQuiggan - https://www.linkedin.com/in/jmcquigganJavvad Malik: https://www.linkedin.com/in/javvadMusic Composed by: Brian Sanyshyn - https://www.briansanyshynmusic.comAnnouncer: Sarah McQuiggan - https://www.sarahmcquiggan.com

Episode SummaryJenny Radcliffe, a social engineer and known as the People Hacker, was recently inducted into the Infosecurity Europe Hall of Fame. Jenny is also an award winning podcast host and a conference speaker where she provides knowledge, expertise and insights on security, education and awareness to people around the world. In this episode of the Security Masterminds podcast, Jenny discusses her experience in the industry and how social engineering has changed over time. She also shares some tips on how to put together a team for a social engineering job, as well as some of her biggest social engineering failures and what she learned from them..In this episode, you will learn the following:1. The art and science of social engineering, and the importance of continuous learning.2. The evolution of social engineering over time, and the need for diversification.3. The importance of self-discipline in social engineering, and the need for details.Jenny Radcliffe, The People HackerJenny Radcliffe is a world-renowned Social Engineer hired to bypass security systems through a mixture of psychology, con-artistry, cunning, and guile. A "burglar" for hire and entertaining educator, she has spent a lifetime talking her way into secure locations, protecting clients from scammers, and leading simulated criminal attacks on organizations of all sizes to help secure money, data, and information from malicious attacks.Jenny was recognized as one of the top 25 Women in Cyber in 2020 by IT Security Guru and as a Top 50 Women of Influence in Cyber in 2019. She was nominated for the prestigious "Godmother of Security" award in 2020 and won the "Most Educational Security Blog 2020." Most recently, Woman of Influence & a Top 30 Cybersecurity Leader.Jenny is also the host of the award-winning podcast "The Human Factor," interviewing industry leaders, bloggers, experts, fellow social engineers, and con-artists about all elements of security and preventing people from becoming victims of malicious social engineering.LinkedIn: https://www.linkedin.com/in/jenny-radcliffe-the-people-hacker-%F0%9F%8E%A4%F0%9F%8E%A7%F0%9F%A7%A0-85ba1611/Website: https://humanfactorsecurity.co.uk/Twitter: https://twitter.com/Jenny_RadcliffePodcast: https://humanfactorsecurity.co.uk/category/the-human-factor/Show LinksJenny's Darknet Diaries episode: https://darknetdiaries.com/episode/90/Matthieu Ricard (Happy Monk) - https://en.wikipedia.org/wiki/Matthieu_RicardKnowBe4 ResourcesKnowBe4 Blog - https://blog.knowbe4.comErich Kron - https://www.linkedin.com/in/erichkronJelle Wieringa - https://www.linkedin.com/in/jellewieringaJames McQuiggan, Producer - https://www.linkedin.com/in/jmcquigganJavvad Malik, Producer - https://www.linkedin.com/in/javvadMusic Composed by: Brian Sanyshyn - https://www.briansanyshynmusic.comAnnouncer: Sarah McQuiggan - https://www.sarahmcquiggan.com

Episode SummaryTechnology is everywhere in society these days from our communication, shopping, and commerce capabilities. Whether email, online purchases, or using the blockchain, it amounts to large amounts of data being collected about people. All of this data, while easy to store, is also harder to manage and protect. As users, people exhibit behaviors when using this data, and the technology is learning those behaviors to effectively identify if it's this person based on geography, time, and frequency. All of this, along with being able to help people properly secure their data, and when they make an error, they receive a small learning mission to complete to help understand the mistake without feeling inadequate or reprimanded. In this month's podcast, David Willis shares his experiences with technology, human behaviors, and micro-learning based on his years of military and technical expertise over the past twenty years.David Willis, Head of Technology Integrations for the Business Development TeamDavid is an experienced business, security, and technology leader with over 20 years experience across telecommunications, financial services, and software industry verticals.David currently serves as Head of Technology Integrations for the Business Development Team, focused on addressing tactical and strategic security and IT solution integration needs at scale for Netskope customers. David also leads the building and expansion of new routes to market for Netskope.LinkedIn: https://www.linkedin.com/in/davidrwillis/Netskope page: https://www.netskope.com/blog/author/davidwillisShow LinksBright Shiny Object Syndrome (BSOS) - https://en.wikipedia.org/wiki/Shiny_object_syndromeGDPR - https://gdpr-info.eu/California Privacy Act - https://oag.ca.gov/privacy/ccpaNew York Protection Act - https://opengovernment.ny.gov/what-you-should-know-nys-personal-privacy-protection-law-ppplBJ Fogg Tweet - https://twitter.com/bjfogg/status/53486588944056321Rorschach Test - ​​https://en.wikipedia.org/wiki/Rorschach_testDeath by many duck bites - https://www.amazon.com/Death-Duck-Bite-Novelty-T-Shirt/dp/B07DMTTLBBKnowBe4 ResourcesKnowBe4 Blog - https://blog.knowbe4.comErich Kron - https://www.linkedin.com/in/erichkronJelle Wieringa - https://www.linkedin.com/in/jellewieringaJames McQuiggan, Producer - https://www.linkedin.com/in/jmcquigganJavvad Malik,  Producer - https://www.linkedin.com/in/javvadMusic Composed by: Brian Sanyshyn - https://www.briansanyshynmusic.comAnnouncer: Sarah McQuiggan - https://www.sarahmcquiggan.com

With current events, there is a strong focus on the critical infrastructure sector that provide fuel, water and electricity to our homes and office buildings. In today's episode we hear from Spencer Wilcox, who is a cybersecurity leader at a large power utility working to ensure that power is always available and protected against cybercriminals. He shares with us his insights to the energy industry, the supply chain, cyber resiliency and the threats the industry is facing in the next ten years.Spencer Wilcox has worked in the cybersecurity and physical space of the energy sector for almost twenty years, where previously he was in law enforcement.Don't miss out on The transition from a law enforcement to cyber securityHow important privacy is to securityThe importance of supply chain to availabilityDiscussed Links & Follow-upHex Editor - https://www.pcmag.com/encyclopedia/term/hex-editorTELNET - https://www.pcmag.com/encyclopedia/term/telnetLink for Thom Langford episode - https://www.buzzsprout.com/1892704/10255518The Hymn of the Great A’Tuin - https://discworld.fandom.com/wiki/Great_A%27TuinPurdue Model - https://en.wikipedia.org/wiki/Purdue_Enterprise_Reference_ArchitectureBlind Men & the Elephant - https://americanliterature.com/author/james-baldwin/short-story/the-blind-men-and-the-elephantChristmas Tree Scan - https://nmap.org/book/scan-methods-null-fin-xmas-scan.htmlNERC CIP Standards - https://www.nerc.com/pa/Stand/Pages/CIPStandards.aspxNetflix Chaos Engineering - https://netflixtechblog.com/tagged/chaos-engineeringAbout Spencer WilcoxSpencer Wilcox is Executive Director of Technology and Chief Security Officer at PNM Resources, an investor owned utility headquartered in Albuquerque, NM. Spencer is accountable for the secure operations of enterprise IT and OT Infrastructure, Network and Telecommunications, Technology Innovation and the Cyber and Physical Security of the enterprise and the electric grid. In this role he strategically leads leaders to continuously improve operational effectiveness using a risk based approach to technology and security.Spencer is a nationally recognized speaker, and regular contributor to (ISC)2, ASIS, and SC Congress events. He regularly serves in volunteer capacities to improve cyber security, technology innovation and economic development. He currently serves as Vice Chair of the ICCS committee for the Electric Power Research Institute, and as co-chair of the Security and Technology Policy Executive Advisory Committee for the Edison Electric Institute. He has previously served as a judge in the SC awards, and Maryland Cyber awards and as a volunteer on the boards of directors for the Virginia Crime Prevention Association, the Cybersecurity Association of Maryland, Inc, and the Fort Meade Alliance. LinkedIn: https://www.linkedin.com/in/spencerwilcoxcisspTwitter: @brasscount Email: 

Storytelling is a powerful medium to help get messages across and one feature is the ability to deliver humor into the story. In today's episode we interview Jim Shields, an author, actor, director and now cybersecurity expert. Jim is the director of the popular KnowBe4 video series, The Inside Man. He discusses with our hosts the use of comedy and drama in video and storytelling. Mr. Jim Shields eleven years working in comedy increased his storytelling capabilities to become a successful film director and storyteller of cybersecurity lessons. KnowBe4 Blog - https://blog.knowbe4.comInside Man Series - https://www.knowbe4.com/inside-manTwist & Shout: https://www.twistandshout.co.uk/LinkedInJim Shields: https://www.linkedin.com/in/jimshieldstwistandshout/Erich Kron - https://www.linkedin.com/in/erichkron/Jelle Wieringa - https://www.linkedin.com/in/jellewieringa/James McQuiggan - https://www.linkedin.com/in/jmcquiggan/Jim Shields, Author:Once More With Feeling Jim Shields Tedx Talkhttps://www.youtube.com/watch?v=ORSV532LkXMAnnouncer: Sarah McQuiggan (sarahmcquiggan.com)

In this week's episode, we speak with industry veteran and self-described recovering CISO Thom Langford.We discuss how Thom got into cybersecurity and became a CISO. Whether a CISO needs to be technical or not, and what differentiates a conventional CISO from a virtual CISO.  Thom also explained the benefits of storytelling, the use of videos humor, and how to influence security culture.We also hear about Thom's biggest security mistake. Show LinksKnowBe4 website - https://blog.knowbe4.comLinkedInThom Langford - https://www.linkedin.com/in/thomlangford/Erich Kron - https://www.linkedin.com/in/erichkron/Jelle Wieringa - https://www.linkedin.com/in/jellewieringa/James McQuiggan - https://www.linkedin.com/in/jmcquiggan/ZX 81 (pronounced Zed-X) - https://en.wikipedia.org/wiki/ZX81ZX Spectrum (pronounced Zed-X) - https://en.wikipedia.org/wiki/ZX_SpectrumHost Unknown Videos - https://www.youtube.com/user/HostUnknownTVLost all the Money, Accept the RiskTom’s vCISO Blog - https://thomlangford.com/2019/02/25/opening-a-new-door-of-opportunitySeagull Management - https://en.wikipedia.org/wiki/Seagull_managementWheaton’s Law - http://www.wheatonslaw.com

This months guest is KnowBe4's SVP Content Strategy & Evangelist for Africa and founder of Popcorn training, Anna Collard. In this episode, Anna shares what it means to be creative and how creativity can benefit cyber security - especially when it comes to delivering content. Being a female CEO and founder of a company can also be challenging, and Anna sheds some light on what that journey was like for her too. Including what biases exist, and how she even fell for her own biases. 

The Security Masterminds second guest is KnowBe4's Chief Research Officer Kai Roer, who founded CLTRe in 2015 to accurately answer the question, "how do you measure Security Culture?"In this episode, Kai explains what got him interested in Culture and what we can all learn from it. In addition to understanding how we can measure our security culture, what steps can be taken to strengthen it, and grow it. We examine the journey organisations are taking along their ABC's. Awareness, behaviour, and culture.