Claim Ownershipmnemonic security podcast
Subscribed: 16Played: 526
Subscribe
© 2024 mnemonic security podcast
Description
The mnemonic security podcast is a place where IT Security professionals can go to obtain insight into what their peers are working with and thinking about.
115 Episodes
Reverse
When we talk about securing an organisation’s assets, we most often mean its data, devices, servers, or accounts, but are we doing enough to secure the group of people leading the company? Or the ones doing high risk work on behalf of the organisation?To discuss the importance of securing high-risk individuals, like journalists, politicians and executives, Robby is joined by an expert in this field, Runa Sandvik, journalist, security researcher and founder of Granitt. At Granitt, Runa works w...
For this episode, Robby is once again joined by Eoin Wickens, Technical Research Director at HiddenLayer, an organisation doing security for Machine learning (ML) and Artificial Intelligence (AI). It is not too long ago since Eoin last visited the podcast, (only 7 months,) but lots has happened in the world of AI since. During the episode, he talks about some of the most significant changes and developments he’s seen the last months, how models are getting smarter, smaller and more...
Data Brokers and Data Removal ServicesWhat does the process of removing your online presence look like? And how would you handle the data brokers that have collected your personal information with just a few clicks of the mouse to sell to other companies?To answer this, we’re joined by an expert in this field; Darius Belijevas, Head of Incogni, a service that automates user personal data removal from data brokers.Darius shares from his research on data brokers and their business models, and e...
For this episode, Robby is joined by Levi Gundert, Chief Security Officer at the cybersecurity company Recorded Future and author of the book The Risk Business – what leaders need to know about intelligence and risk-based security.Levi shares from his decades of experience in the threat and risk space – and Robby picks his brain about a broad set of security topics ranging from telling the risk story and categorising risk, to darknet monitoring and infiltration, and using chatbots for securit...
Ethical social engineeringEven the best pentesters out there can be fooled by a social engineering attempt under the right circumstances. But how do we treat the ones that have been tested and failed?Ragnhild «Bridget» Sageng, Senior Security Advisor at Norwegian Customs, has several years of experience from the IT and cybersecurity industry, and hands-on experience working as an ethical hacker specialising in social engineering.In her conversation with Robby, she shares what goes through her...
How will AI impact the next generation of people working with computer science?This question is probably relevant for anyone making their way through school now, in all fields of study. Without looking for a definite answer, but to help him navigate this question, Robby has invited two people with quite different backgrounds: Richard Stiennon, author of Security Yearbook 2023 and Founder and Chief Research Analyst at IT-Harvest, and High School Junior, Athena Contos. Athena was recently ...
How does cybersecurity play a part in ensuring food security?As part of the ISACA series of the mnemonic security podcast, we’re welcoming Karianne Kjønås, Cyber & Privacy Associate at PwC Norway. Karianne recently won the ISACA master’s thesis award with her thesis on how cybersecurity incidents can affect Norwegian food production.During her conversation with Robby, she shares some of her major research findings, and how data, automation, IoT and AI play an important role in food produc...
Conflictual coexistenceToday’s guest, Raymond Andrè Hagen, holds over 20 years of experience in cybersecurity and information security, and is currently researching advanced persistent threats for his PhD in Computer and Information Systems Security. He also has experience as a Security Specialist at the Norwegian Digitalization Agency (Digdir), including being Chief Security Officer at Altinn, the Norwegian authorities' solution for reporting and dialogue with business and industry.In h...
To join Robby for this episode on Russian cybercrime and ransomware, we’re welcoming Sam Flockhart, Cyber Threat Intelligence Manager at Santander UK.Sam has a background in military intelligence from the British army, where he has spent a large part of his career looking at Russian influence in Eastern Europe. Including experience from the British army’s support mission to Ukraine.Sam goes through his presentation “From Russia with ransomware” presented at FS-ISAC EMEA Summit last month. Rob...
MetaversesHave you been to the metaverse yet? And are you among the 78% that believe the metaverse will provide a significant value to their organisation in the future?To join Robby for this episode, we’re welcoming Julia Hermann, Senior Technology and Innovation Manager at Giesecke+Devrient, where she works on identifying opportunities in the metaverse.Julia shares what companies are utilising metaverses well, and where she sees the most opportunities in enterprise, commercial and industrial...
Defending EVE OnlineHow does combatting botting, hacking, and fraud in a virtual game relate to fighting real cybercrime?To share his take on this, Maksym Gryshchenko joins us to share how he works as a Security analyst at CCP Games, a leading game developer based in Iceland, and the developers behind the sci-fi role-playing game EVE Online.EVE Online is known for having an immensely complex market economy system for the game's internal industry and trade between players, and Maks explains to...
Last year, threat researchers all over the world got a sneak peek into the inner workings of the Russian defence contractor NTC Vulkan. The Vulkan files leak provided an interesting behind the scenes look at Russian cyber capabilities and scalability, and the ways state sponsored organisation work. Joe Slowik, managing threat intelligence at the cybersecurity company Huntress, joins Robby to talk about how he worked through the hundreds of pages of data from the leak, and what he le...
Cryptology is fundamental for the way the internet works today. But what exactly is modern cryptology, and what are the most common areas in which it’s being used?To guide us through this complex area, Robby’s joined by Bor de Kock, PhD. in Cryptology and Assistant Professor at NTNU.They talk about some of the main challenges to cryptology these days, encryption security and its limitations, and how Bor expects quantum computing to affect cryptology.Bor also shares what makes him both optimis...
Physical penetration testing | ISACA seriesFor this episode that is part of our ISACA series, we’re joined by Rob Shapland, Ethical Hacker/Head of Cyber Innovation at Falanx Cyber.Rob talks about what he’s learned from his 15 years of testing physical and cyber security for his clients, including more than 200 building intrusions assignments. He explains how these kind of testing assignments work, what usually does work – and what happened the one time he actually didn’t get in.Robby and Rob ...
Artificial intelligence (AI) and machine learning (ML) models have already become incorporated into many facets of our lives. In this episode, we discuss what happens if these models are attacked.How can the models that AI and ML are built upon be attacked? And how can we defend them?Eoin Wickens, Senior Adversarial ML Researcher at HiddenLayer, an organisation doing security for AI and ML, joins Robby to talk about this often overlooked aspect of AI.During the episode, they also discuss the ...
What do you really know about your vendors? And about your vendors' vendors?To talk about supply chain attacks, and how to best mitigate and meet these risks, Robby is joined by a pair with a lot of experience on this topic: Roger Ison-Haug, CISO of StormGeo, and Martin Kofoed, CEO of Improsec.Martin and Roger discuss what a supply chain attack looks like these days, how to prepare for when a compromise happens, and how to get an overview of your organization's exposure. They also highlight t...
How to succeed with bug bountiesResponsible disclosure and vulnerability reporting have come a long way in recent years, and have gone from being feared and even something you took legal action against, to something that is appreciated for its value.Ioana Piroska, Bug Bounty Program Manager at Visma, joins Robby to share how Visma has succeeded with their bug bounty program. She talks about Vismas’ approach to these kind of programs, and the actual value they receive from them.Ioana and Robby...
Influencing the boardWhat are some of the most effective methods of gaining a board’s support, and how do you maintain this trust and improve it over time?Our guest today has worked with a lot of boards, and joins us to share his experiences providing boards with the tools to ask the right questions when it comes to cybersecurity, and conveying to them why cybersecurity is important for their organisation.Roger Ison-Haug has worked in IT for close to 30 years and is now working as the CISO &a...
KraftCERT trusselvurdering 2023 | In Norwegian onlyOur podcast guest this week is Espen Endal, previous mnemonic colleague and currently OT Security Analyst at the Norwegian energy sector CERT: KraftCERT/InfraCERT.InfraCERT is an ISAC (Information Sharing and Analysis Center) and an IRT (Incident Response Team). Mainly working to update their members about relevant vulnerabilities and threats to make them able to better detect and respond to digital attacks. They are also part of the Norwegia...
Avoiding overload and managing stress in cybersecurityFor today’s episode, Robby’s joined by Lisa Ventura, Cybersecurity Specialist, Author, and qualified Mental Health First Aider. After many years of experience from the industry, she’s become particularly interested in the human aspects of cybersecurity, especially when it comes to mental health issues, stress, and burnouts.During their conversation, Lisa explains how common stress and burnouts are in InfoSec and cybersecurity, and discuss ...
Comments
Download from Google Play
Download from App Store
United States