This week we are exploring the weird world of deepfakes - one of the latest ways cybercriminals are exploiting people and making money. Put simplistically, the term “ deepfake ” refers to an image, video, or audio clip that is manipulated using artificial intelligence and deep learning to depict something that did not really happen. On this week’s episode, we have two experts tackling the topic, first from a tech perspective - Andrzej Kawalec, Director of strategy and technology at Optiv , who e...
Dec 19, 2019•27 min•Season 3Ep. 10
According to the National Crime Agency more than 2,500 arrests were made last year in the UK, after Facebook reported offenders for trying to entice children into sharing indecent images or meeting in real life. Today’s children and teenagers have grown up in the online world, and with all its benefits, these arrests are proof of the darker side of the digital space. So how can we better our children and teenagers online? On this week’s teissPodcast I had the honour of speaking with Lorin LaFave...
Dec 11, 2019•29 min•Season 3Ep. 9
Apparently there’s an election on December 12th, so on this teissPodcast we’re exploring which cyber threats are going to impact the upcoming UK election. Our expert guest this week is Priscilla Moriuchi, director of strategic threat intelligence at Recorded Future, who’s researched the security threats facing elections globally, with a large focus on disinformation campaigns. On the podcast Priscilla discusses the tactics hackers are using to target elections, whether political micro-targeting ...
Dec 04, 2019•18 min•Season 3Ep. 8
Red teaming is one of the most fascinating activities an ethical hacker can be involved in. The practice usually involves an independent group that assumes the role of a hacker to show organisations what vulnerabilities or backdoors pose a threat to their cyber security. Sounds like every organisation should employ one…but is it always necessary? And if so, how do you know if your organisation is ready for red teaming? On this episode of the teissPodcast I speak with Ed Williams, EMEA director a...
Nov 27, 2019•21 min•Season 3Ep. 7
We are told that the expected cyber skills shortage is estimated to be 1.8 million by 2022 and yet just 12% of the cybersecurity workforce is under the age of 35. This week I speak with Mark Walmsley, CISO, Freshfields, about finding, nurturing and growing the next generation of cyber talent. Mark has a wealth of knowledge and experience in sourcing and recruiting talent – particularly in the more untraditional places – so I asked him about where and from what age the search should begin, what i...
Nov 13, 2019•25 min•Season 3Ep. 6
There’s a saying that culture trumps strategy every time, but how do you build a strong, positive culture in the first place? I caught up with Steve Moore, VP and Chief Security Strategist at Exabeam. Steve’s been on the podcast before and it’s always inspiring to hear his thoughts on leadership, nurturing talent and creating a culture which allows people to grow and thrive in their roles. Easy right? Steve highlights some approaches which can help. He also mentions Exambeam’s recent Cybersecuri...
Oct 25, 2019•20 min•Season 3Ep. 5
Welcome to the Security Leaders’ Roundtable Podcast, where I am joined by two exceptionally talented CISOs, Brian Brackenborough, CISO of a major broadcaster and Nick Nagle, CISO of the Publishing House, Conde Nast International. On this podcast, recorded in July 2019, I asked them to bring two cyber security news stories to the table, as well as a “grudging respect” – a story/hack/response to a breach which deserves a tip of the hat. Brian selected the story about the ICO intending to fine Brit...
Oct 18, 2019•45 min•Season 3Ep. 4
Whether it’s external threats to an organisation or bracing personal challenges, how do you respond to the unknown unknowns? Well fortunately our guest this week, Colin Anderson, CISO at Levi Strauss & Co, has had much experience in this realm. I had the opportunity to speak with him at the Exabeam user conference in San Francisco last week where we spoke about his leadership style, how he forms partnerships and support from within the board and whether cyber security can be measured in numb...
Oct 11, 2019•22 min•Season 3Ep. 3
What can we learn from the way cybercriminals recruit and train people in their networks to help us with our own cyber security skills shortage? On this podcast we are visiting the dark side of the moon with teissPodcast friend and regular, Joe Carson, Chief Security Scientist & Advisory CISO at Thycotic. We explore how criminals recruit and train people in their network and how quickly can they take someone with no experience and coach them to be a functional member of their team. Essential...
Oct 01, 2019•29 min•Season 3Ep. 2
This week the teissPodcast jumps right into the heart of cyber security innovation at LORCA (the London Office for Rapid Cybersecurity Advancement) – a Government-backed cyber accelerator which supports the most promising cyber security innovators in scaling and growing solutions to the cyber problem. teiss speaks with programme director, Saj Huq about the emerging trends in cyber innovation, the challenges that cyber start-ups face on both macro and micro levels and what role investors should p...
Sep 23, 2019•20 min•Season 3Ep. 1
This week, The teissPodcast is at The National Museum of Computing on Bletchley Park in Milton Keynes. If you’ve not already been there – GO - it’s a treasure trove of historic computers…In fact, it's home to the world’s largest collection, from the Turing-Welchman Bombe and Colossus of the 1940s through the large systems and mainframes of the 1950s, 60s and 70s, to the rise of personal computing and the rise of mobile computing and the internet. Seeing a floppy desk, Pacman mazes and a Seg...
Sep 03, 2019•29 min
There’s a cyber skills shortage, but are cyber security hiring and retention processes doing more harm than good to your organisation? This week I speak with Vicki Gavin, about recruitment, talent retention and leading teams. Vicki is an advisor on security, privacy and resilience and was previously CISO for the Economist; with years of experience under her belt I thought she was ideal to discuss these topics with. Vicki speaks with genuine warmth, passion and clarity and admits that it wasn’t u...
Aug 16, 2019•21 min•Season 3Ep. 22
Can you imagine a world where our water, energy and transport systems just stop working? How about our hospitals, telecoms and financial services? It’s a picture I struggle to visualise, and yet we are told that the risks to our national security have never been greater. So, how safe actually is our National Critical Infrastructure right now and are we able to protect ourselves? Questions we’ll be exploring on this episode of the Cracking Cyber Security Podcast. Tim Mackey, Principal Security St...
Jul 26, 2019•19 min•Season 3Ep. 21
How can we tackle the cyber skills shortage? What’s the best way to up-skill your cyber security workforce? Does it take more than just passion to work in cyber security? These are questions we’ll be exploring on this week’s Cracking Cyber Security podcast. This week I chat with Principal Security Consultant (CCSAS) at Trustwave SpiderLabs, Matt Lorentzen. We are told that cybersecurity skills shortage is worsening for the third year in a row and according to the annual global study of cybersecu...
Jul 19, 2019•18 min•Season 3Ep. 20
This week we are talking about leadership, imposter syndrome and humour with Thom Langford on the Cracking Cyber Security podcast. Founder of (TL)2 Security Ltd and former CISO at Publicis Groupe, Thom is a well-known figure in the security world, prolific public speaker and an active and engaging social media user – so to hear that he describes himself as “naturally shy” – came as a bit of a surprise. Thom speaks candidly about wrestling with imposter syndrome, using humour to his advantage and...
Jul 12, 2019•26 min•Season 3Ep. 19
How should organisations deal with the Insider Threat? Can you stop the insider before they cause harm? What are the red flags to look out for? This week on the Cracking Cyber Security Podcast we speak with Lisa Forte, cybersecurity expert and founder of Red Goat Cyber Security about the “Insider Threat”. Lisa began her career in maritime security before moving into counter-terrorism intelligence, and then later into one of the UK Police cyber-crime units where she got to know the attackers’ min...
Jul 05, 2019•21 min•Season 3Ep. 18
Head of Threat Intelligence at Cybereason, Assaf Dahan, shares some fascinating research about the latest cyber security trends. Assaf, shares some of the most notable attacks we’ve seen over the past year, which techniques were used, what were the attackers after and what you need to know about how to protect yourself from such attacks. We also discuss how the criminals are collaborating and what makes Israel a leader in cyber innovation. Assaf has over 15 years in the InfoSec industry. He star...
Jun 28, 2019•15 min•Season 3Ep. 17
Can defenders trick their attackers? Can organisations use deception successfully to level the playing field and dupe cybercriminals? This week on the Cracking Cyber Security podcast we’ll be discussing the “art of tricking the trickster”. This week Carolyn Crandall – who has the coolest title in cyber - Chief Deception Officer and CMO at Attivo Networks , joins us on the podcast and explains how organisations can turn the attackers' techniques against them. We also talk about evolving thre...
Jun 21, 2019•17 min•Season 3Ep. 16
On this episode of the Cracking Cyber Security Podcast, Stephen Moore, Chief Security Strategist at Exabeam says that organisations need a new breed of CISO – one who is groomed for the challenging audiences of the Executive Leadership Team (ELT), the CEO, subcommittees, and the Board. Furthermore, he shares advice on how to speak to the board in a language they understand, how to avoid sugar-coating bad news, and how to focus on co-operation not just budget. Stephen also talks passionately abou...
Jun 14, 2019•19 min•Season 3Ep. 15
Why has the US banned the use of Chinese company Huawei’s technology? To what extent is Huawei a security threat? What are the deeper issues at play in this power struggle? These are questions we’ll be exploring on this week’s cracking cyber security podcast. Malcolm Taylor, Head of Cyber Security at ITC Secure Networking, joins me to discuss what’s really at the root of tensions between the US, UK and China in the battle over the use of Huawei 5G technology. We also talk about the wider issues ...
Jun 07, 2019•22 min•Season 3Ep. 14
What can we learn from the way 'national security' government organisations think about and buy security? This week I’ll be speaking with ex-BAE Systems cyber security technical director and now co-founder of Garrison, Henry Harrison . He tells us what we can learn from government organisations in their approach to security and advises on the mind-set and strategies companies should adopt when buying security. Also, our podcast has been nominated for not just one but two awards at this...
May 31, 2019•16 min•Season 3Ep. 13
On this podcast we speak with CEO and co-founder at Tessian, Tim Sadler, about whether - amidst high stress and anxiety – CISOs can afford to be creative and take risks in their decision-making. We also ask, can the role of defender really be a creative one? Tim also shares advice on how to *creatively recruit* for *creative thinkers* and how he keeps his own leadership inspired. Also, our podcast has been nominated for not just one but two awards at this year’s EU Security Blogger Awards…We are...
May 24, 2019•21 min•Season 3Ep. 12
Our theme this week is “Zero trust” – what is it and how can you implement it in your organisation. On the episode I’m joined by Richard Archdeacon, Duo Security’s Advisory CISO about a ‘Zero Trust’ approach to security (ie ‘trust no-one, verify everything’) and how this addresses some of the biggest concerns for Security Professionals: from digital transformation to enabling remote working. We discuss the evolution of trust, the psychology of a zero trust approach and how hackers are evolving i...
May 10, 2019•20 min•Season 3Ep. 11
That’s the question we’ll be tackling on this episode of the cracking cyber security podcast. Peter Woollacott, CEO and Founder of Huntsman Security, joins us this week to discuss the changing face of cyber risk and how businesses can better understand their cybersecurity posture. We cover security scorecards, cyber insurance and whether it’s possible to place a price on risk, as well as reflecting on how far a success GDPR has been - almost a year since its implementation. Peter, who’s been in ...
May 03, 2019•20 min•Season 3Ep. 10
Cryptographer Bruce Schneier once said, "only amateurs attack machines, professionals target people" and yet how far should we be blaming humans for the breakdown of our cyber security? Joining us on this podcast is Flavius Plesu, former CISO at Bank of Ireland and co-founder and CEO of OutThink – a platform which is transforming the way companies are engaging with their employees. Many organisations push out some sort of security awareness training, simulated phishing emails, or brigh...
Apr 26, 2019•16 min•Season 3Ep. 9
March 12 2019 marked the 30 year anniversary of the World Wide Web and it was around this time that I met with former senior British Intelligence Officer and Head of Cyber Security at ITC, Malcolm Taylor. The serendipity of the occasion provided an opportune moment to ask Malcolm how he thinks the web has evolved since its inception and whether it’s, ultimately, been a force for good or bad…We also discussed the nature of privacy and trust and how they’ve changed during that time and are changin...
Apr 12, 2019•27 min•Season 3Ep. 8
Are CISOs suffering from an image crisis? Do they need a rebranding of sorts? How can they be taken seriously by the board and be seen as part of business operations as opposed to purely an investment? With us to explore these questions is TEISS podcast regular Joe Carson, Chief Security Expert at Thycotic. He’ll explain why 2019 is the year of the CISO but also why CISOs need to do more listening than talking.
Mar 29, 2019•18 min•Season 3Ep. 7
This week on the show we have ESET’S Malware Analyst and Researcher, Lukas Stefanko and Head of Automated Threat Detection and Artificial Intelligence, Juraj Jánošík. TEISS caught up with them at Mobile World Congress last month in Barcelona where we discussed the tactics criminals are employing to hack into mobile phones and how we can stay secure with the fast moving innovations in the mobile space.
Mar 22, 2019•20 min•Season 3Ep. 6
When it comes to movers and shakers in the tech world, our guest this week is certainly making some noise in that realm. Sian John, MBE, is the Chief Security Advisor at Microsoft and the tour de force behind the #queuefortheloo initiative; a series of events and online resources aimed at women (and men) in the cyber security sector. On this podcast Sian discusses how the #queuefortheloo campaign came about as well as why we’ve gone backwards when it comes to attracting and recruiting diverse ta...
Feb 22, 2019•17 min•Season 3Ep. 5
This week on the podcast we are talking with Naaman Haart, a UK-based threat hunter for the cybersecurity company, Digital Guardian. The role of the Threat hunter is a fairly new one within the industry and on this episode Naaman discusses the ins and outs of what the job entails, as well as how he hunts for, investigates and quarantines threats on a number of enterprise networks. Naaman also reveals the biggest malware trends he’s seeing at the moment.
Feb 08, 2019•25 min•Season 3Ep. 4
