In this episode of the Trust Issues podcast, we explore the nexus of mindfulness, identity security and leadership with Jitender Arora, Partner and Chief Information Security Officer (CISO) for Deloitte North and South Europe, and Deloitte's Global Deputy CISO. Arora discusses with host David Puner how a Zen-like mindset can be influential in helping to bolster organizational cyber defenses, sharing his wisdom on the critical role of emotional intelligence, empathy and the human touch within the...
Jun 12, 2024•43 min•Ep. 54
In this episode of Trust Issues, we dive into the complex and rapidly evolving world of cyber insurance. We discuss the challenges and opportunities facing companies seeking to protect themselves from the ever-present threat of cyberattacks. Joining host David Puner, today’s guest is Ruby Rai, Cyber Practice Leader, Canada at Marsh McLennan, who shares her insights into the current state of the cyber insurance market, its future trajectory and the key requirements companies need to meet to obtai...
May 28, 2024•41 min•Ep. 53
In this episode of the Trust Issues podcast, host David Puner interviews CyberArk Founder and Executive Chairman Udi Mokady on the occasion of the company’s 25th anniversary . They discuss that milestone and reflect on CyberArk’s growth to becoming the global leader in identity security and the ever-evolving threat landscape – and how the company has scaled to meet it. Udi shares his insights on the company's culture, values, philosophies and lessons he's learned. He also dives into the importan...
May 10, 2024•53 min•Ep. 52
In this episode of Trust Issues, host David Puner interviews Eric Hussey, SVP, Chief Information Security Officer (CISO) at Finastra , a leading provider of financial software solutions and services. Hussey shares his insights on the evolving role of the CISO, the challenges of keeping up with new and evolving cybersecurity regulations, and the importance of balancing innovation with security in the fintech space. He also discusses how identity factors into the equation, mentioning the importanc...
May 01, 2024•42 min•Ep. 51
In the 50th episode of the Trust Issues podcast, host David Puner interviews Justin Hutchens, an innovation principal at Trace3 and co-host of the Cyber Cognition podcast (along with CyberArk’s resident Technical Evangelist, White Hat Hacker and Transhuman Len Noe ). They discuss the emergence and potential misuse of generative AI, especially natural language processing, for social engineering and adversarial hacking. Hutchens shares his insights on how AI can learn, reason – and even infer huma...
Apr 17, 2024•40 min•Ep. 50
In this episode of Trust Issues, David welcomes back Shay Nahari, VP of CyberArk Red Team Services, to discuss the topic of secure browsing and session-based threats. They delve into the dangers of cookie theft, the expanding attack surface, and the importance of identity security. Shay explains how cookies sit post-authentication and how attackers can bypass the entire authentication process by stealing them. He also discusses how browsers have been designed for consumers, not for the enterpris...
Apr 03, 2024•30 min•Ep. 49
In this episode of the Trust Issues podcast, Kaivan Karimi, Global Partner Strategy and OT Cybersecurity Lead – Automotive Mobility and Transportation at Microsoft, discusses with host David Puner the complexities of the automotive cybersecurity ecosystem, and they explore the challenges and considerations facing the industry. Karimi shares his insights on the role of identity security in automotive cybersecurity and how it helps ensure that only authenticated entities have the privilege to enga...
Mar 21, 2024•34 min•Ep. 48
In this episode of Trust Issues, Jan Vanhaecht, the Global Digital Identity Leader at Deloitte Belgium, delves into the intricate realms of digital trust and risk management with host David Puner. The discussion covers topics ranging from the impact of regulations on cybersecurity practices to the pivotal role of identity in building a robust security culture. Unpacking the nuances of digital trust maturity, the episode explores how organizations can navigate the delicate balance between risk an...
Mar 05, 2024•38 min•Ep. 47
Andy Thompson, CyberArk Labs Offensive Security Research Evangelist returns to Trust Issues for a deep dive into the recent APT29 breach of Microsoft. In conversation with host David Puner, Thompson explores the intricate details of the January 2024 attack, dissecting the tactics employed by the APT29 threat actor, also known as Cozy Bear, Cozy Car, The Dukes – or, as Microsoft refers to the group: Midnight Blizzard. From the initial password spray technique to the exploitation of OAuth applicat...
Feb 15, 2024•32 min•Ep. 46
In this episode of Trust Issues, the conversation revolves around the challenges and transformations in operational technology (OT) security. Guest Mike Holcomb, the Fellow of Cybersecurity and the ICS/OT Cybersecurity Lead at Fluor shares insights with host David Puner on securing legacy systems, the impact of generative AI – and the evolving threat landscape. From addressing security challenges in manufacturing plants to the skills gap in OT cybersecurity, the episode provides an overview of t...
Feb 06, 2024•42 min•Ep. 45
In this episode of Trust Issues, CyberArk’s resident Technical Evangelist, White Hat Hacker and Transhuman Len Noe joins host David Puner for a discussion about the emerging threat of AI kiddies, a term that describes novice attackers using large language models (LLMs) and chatbots to launch cyberattacks without any coding skills. Noe explains how these AI kiddies use prompt engineering to circumvent the built-in protections of LLMs like ChatGPT and get them to generate malicious code, commands ...
Jan 25, 2024•33 min•Ep. 44
Guest Dr. Magda Chelly, Managing Director and CISO of Responsible Cyber , joins Trust Issues host David Puner for a conversation about third-party risk management and cyber resilience. Dr. Chelly underscores the imperative of prioritizing identity management, particularly as decentralized work environments are becoming the norm in today’s evolving digital landscape. She also explains how breaking things played a critical role in propelling her into a career in cybersecurity – and then in fosteri...
Jan 12, 2024•45 min•Ep. 43
In this year-end Trust Issues podcast episode, host David Puner takes listeners on a retrospective jaunt through some of the show’s 2023 highlights. The episode features insightful snippets from various cybersecurity experts and thought leaders, each discussing crucial aspects of the ever-evolving cyber landscape. From discussions on the dynamic nature of threat actors and the need for agile security approaches to insights on identity security challenges in the cloud and the intricacies of safeg...
Dec 27, 2023•35 min•Ep. 42
Our guest today is Rita Gurevich, the CEO and Founder of SPHERE , an identity hygiene platform. Gurevich joins host David Puner to explore the challenges and dynamics surrounding identity and cyber hygiene in today's cybersecurity landscape. The conversation begins by addressing the accelerated pace at which cyber controls and identity hygiene requirements are evolving, emphasizing the critical role they play in cybersecurity strategies. The discussion extends to the impact of cloud and hybrid e...
Dec 14, 2023•38 min•Ep. 41
Today’s Trust Issues guest is Brian Contos, Chief Strategy Officer at Sevco Security. With host David Puner, Contos discusses the intricacies of securing the Internet of Things (IoT) and the challenges posed by the expanding IoT landscape – emphasizing the need for robust identity management. In a broader context, IoT encompasses identity management, cybersecurity and the evolving role of AI in safeguarding digital assets. Contos delves into the pressing issues surrounding IoT, Extended IoT (xIo...
Nov 28, 2023•41 min•Ep. 40
In this Trust Issues episode, host David Puner welcomes back Andy Thompson, CyberArk Labs' Offensive Security Research Evangelist for a discussion focused on two recent high-profile breaches: one targeting MGM Resorts International and the other involving Okta's support unit. The conversation delves into the details of the attacks – who’s behind them, how identity plays a pivotal role in both – and the larger implications of this new breed of supply chain attack amid the evolving threat landscap...
Nov 02, 2023•33 min•Ep. 39
Today’s guest is Charles Chu, CyberArk's General Manager of Cloud Security, who’s spent more than a decade at the forefront of cloud security. Chu joins host David Puner for a conversation that delves into secure cloud access and the concept of zero standing privileges (ZSP), a dynamic approach to securing identities in multi-cloud environments. Chu sheds light on the complexities of cloud security, emphasizing the need for tailored solutions to protect against evolving cyber threats. Don't miss...
Oct 19, 2023•36 min•Ep. 38
Arati Chavan, Staff Vice President, Global Head of Identity and Access Management (IAM) at Elevance Health joins host David Puner for a conversation that sheds light on how federated identity solutions are pivotal in achieving efficient and secure access control across diverse entities. Chavan also explores the challenges and opportunities in cloud transformation, the evolving role of AI in healthcare and the delicate balance between customer simplicity and robust security measures. Listen in fo...
Oct 05, 2023•38 min•Ep. 37
Our guest today is Phillip Wylie, an offensive security professional and evangelist, author and podcast host who recently added director of services and training at Scythe to his extensive CV. Wylie talks with host David Puner about the critical need for ethical hacking in cybersecurity, identity security revelations from years of penetration testing, and his fascinating career arc, which began in professional wrestling. Considering a cybersecurity career? You won’t want to miss this episode – W...
Sep 21, 2023•36 min•Ep. 36
In this episode, we welcome back Shay Nahari, VP of CyberArk Red Team Services. His discussion with host David Puner revolves around attacker innovation, focusing on key areas like cascading supply chain attacks and session cookie hijacking. Lean in as Nahari explains how the Red Team simulates real-world attacks to help organizations identify vulnerabilities and improve their security posture.
Sep 07, 2023•26 min•Ep. 35
Today’s episode of Trust Issues focuses on spycatching! Eric O'Neill, a former FBI counterintelligence operative and current national security strategist, joins host David Puner to discuss his legendary undercover mission to capture Robert Hanssen, one of the most notorious and damaging spies in U.S. history. O'Neill details his “cover job” of working beside Hanssen in the FBI’s new information assurance (cybersecurity) division, while secretly uncovering his espionage activities. O'Neill’s made...
Aug 23, 2023•54 min•Ep. 34
Crystal Trawny, Optiv’s Practice Director, Privileged Account and Endpoint Privilege Management (PAM/EPM), joins host David Puner in exploring the ever-evolving identity landscape and how emerging threats impact organizations’ cybersecurity requirements. Through the eyes of an end user, Trawny shares best practices for overcoming change resistance, creating effective deployment timelines and avoiding scope creep. This episode maps the correlation between critical program elements – such as robus...
Aug 08, 2023•31 min•Ep. 33
In this episode of Trust Issues, host David Puner talks with CyberArk CEO Matt Cohen, who shares his distinct take on leadership – emphasizing the importance of leading without fanfare. Cohen talks about his transition into the CEO role, insights on identity security and the current threat landscape. He also touches on the significance of company culture, professional development – and his admiration for a particular Boston Red Sox manager’s leadership style. The discussion delves into CyberArk'...
Jul 20, 2023•40 min•Ep. 32
While generative AI offers powerful tools for cyber defenders, it's also enabled cyber attackers to innovate and up the ante when it comes to threats such as malware, vulnerability exploitation and deep fake phishing. All this and we’re still just in the early days of the technology. In this episode, CyberArk Labs’ Vice President of Cyber Research Lavi Lazarovitz, discusses with host David Puner the seismic shift generative AI is starting to bring to the threat landscape – diving deep into offen...
Jul 06, 2023•40 min•Ep. 31
Diana Kelley, Chief Information Security Officer (CISO) at Protect AI joins host David Puner for a dive into the world of artificial intelligence (AI) and machine learning (ML), exploring the importance of privacy and security controls amid the AI Gold Rush. As the world seeks to capitalize on generative AI’s potential, risks are escalating. From protecting data from nefarious actors to addressing privacy implications and cyber threats, Kelley highlights the need for responsible AI development a...
Jun 21, 2023•28 min•Ep. 30
Scattered across the internet are jigsaw puzzle pieces containing your personal information. If reassembled by an attacker, these puzzle pieces could easily compromise your identity. Our returning guest today is Len Noe, CyberArk’s resident transhuman (a.k.a. cyborg), whose official titles these days are Technical Evangelist, White Hat Hacker and Biohacker. Noe joins host David Puner to shed light on the concept of synthetic identity, which involves gathering publicly available, unprotected data...
Jun 07, 2023•25 min•Ep. 29
In this episode of the Trust Issues podcast, host David Puner interviews Brad Jones, CISO and VP of Information Security at Seagate Technology. They delve into cloud security challenges, including protecting data in a constantly shifting technological landscape. Jones discusses the importance of establishing trust as a data company and implementing rigorous controls to safeguard sensitive information. Then, they take a deep dive into the evolving external threat landscape, the role of AI in secu...
May 24, 2023•33 min•Ep. 28
In today’s Trust Issues episode, Dusty Anderson, a managing director of Global Digital Identity at the consulting firm Protiviti, digs into all things DevSecOps and cautions against a one-size-fits-all approach. In conversation with host David Puner, Anderson emphasizes the significance of strategic planning and well-defined goals – demonstrating how bite-sized steps can add up to major security wins and bottom-line benefits over time. And she sheds light on how the intricate web of identities –...
May 11, 2023•35 min•Ep. 27
Andy Thompson, Offensive Security Research Evangelist at CyberArk Labs, returns to Trust Issues for a dive with host David Puner into the latest developments in the world of ransomware. With ransomware events on the rise, Thompson sheds light on the alarming trend of data exfiltration and double extortion. But what's causing this surge? Thompson connects the dots between the rise of digital identities and the increasing frequency of ransomware attacks. As more organizations adopt cloud and DevOp...
Apr 26, 2023•25 min•Ep. 26
We all accept a certain degree of risk in our lives. So, to varying degrees, we’re all operating – to use cybersecurity parlance – with an assume breach mindset . Meaning, we accept that attacks are inevitable and, as such, we focus time and effort on protecting the assets that matter most. In short, we buckle up for safety. And risk is something that today’s guest Larry Lidz, who’s Vice President and Chief Information Security Officer (CISO) for Cisco CX Cloud, thinks about a lot. On today’s ep...
Apr 13, 2023•24 min•Ep. 25
