RSA Conference

In today's digital age, the integrity of our elections faces unprecedented threats from malicious actors. Our U.S. local elections are particularly vulnerable to these global threats, making it more crucial than ever to build cybersecurity resilience to safeguard our election security system. This podcast explores the critical issue of election security, emphasizing the need for a collaborative and proactive approach. Join this talk as we delve into the bipartisan nature of election threats, highlighting the shared vulnerabilities faced by campaigns across the political spectrum. We discuss actionable steps that individuals, campaigns, and organizations can take to enhance their cybersecurity posture. Speakers: Andrew Schoka, Founder, VoterGuard Tatyana Sanchez, Content & Program Coordinator, RSAC Kacy Zurkus, Senior Content Manager, RSAC

Tribes are modernizing their Tribal General Council elections using cutting-edge technology. From traditional in-person voting to mobile platforms & blockchain-based systems, we discuss the security measures in place to ensure election integrity. Learn how Tribes are collaborating with MS-ISAC and EI-ISAC to prevent cyber threats, while also addressing challenges unique to Tribal elections. Speakers: Mackenzie Quick, Cybersecurity Analyst, Suquamish Tribe Tatyana Sanchez, Content & Program Coordinator, RSA Conference Kacy Zurkus, Senior Content Manager, RSA Conference

Join us for an in-depth discussion on the cybersecurity threats facing the retail and fashion industries. We'll explore the top trends for 2024 and 2025, including AI, e-commerce fraud, ransomware, and supply chain compromise. Our expert guest will share real-world examples of cyberattacks targeting the retail and fashion value chain, shedding light on the tactics used by threat actors. We'll also discuss predictions for 2026 and explore strategies for mitigating these risks and safeguarding your organization. Speakers: Alexandra Forsyth, Retail, Fashion and Cyber Security Expert, A.F's RetailGuide Tatyana Sanchez, Content & Program Coordinator, RSA Conference Kacy Zurkus, Senior Content Manager, RSA Conference

Speakers: Arti Raman, CEO and Founder, Portal26 Dane Sherrets, Senior Solutions Architect, HackerOne Kacy Zurkus, Senior Content Manager, RSA Conference AI has been implemented in almost every organization and AI governance helps ensure that AI is being used ethically and unbiasedly. We will explore the multifaceted world of AI, focusing on governance and applications. Join this podcast as we unfold the challenges and opportunities associated with AI technologies, examining the need for responsible governance, diverse applications across industries, and necessary measures for navigating the evolving landscape.

Join us for an insightful discussion featuring one of our Program Committee members as she shares her experiences in building a startup. Inspiring women entrepreneurs to take risks demands that we also help them navigate the sometimes-tumultuous path to securing funding. We'll talk about what makes a successful pitch and how to engage with potential investors. We will also highlight some of the ideas we would love to see come through the RSAC 2025 Call for Submissions. Tune in to this podcast to learn practical tips and strategies to craft compelling submissions and get inspired to contribute your voice at RSA Conference 2025. Speakers: Gadalia Montoya Weinberg O'Bryan, Founder & CEO, Dapple Security Tatyana Sanchez, Content & Program Coordinator, RSA Conference Kacy Zurkus, Senior Content Manager, RSA Conference

Summer is coming to an end and fall is approaching, which means RSAC 2025 Call for Submissions will be opening soon. Each year, RSA Conference receives an incredible amount of submissions from speakers globally, but what makes a submission stand out to the Program Committee? As you explore topics and ideas, we want to share some helpful tips to keep in mind when submitting your presentation. Join this podcast with Program Committee member, John Elliot, who will share some helpful tips and guidance to those interested in submitting their ideas for RSAC 2025. Speakers: John Elliott, Principal Consultant, Withoutfire and Pluralsight Author Tatyana Sanchez, Content & Program Coordinator, RSA Conference Kacy Zurkus, Senior Content Manager, RSA Conference

Secure by design has many core principles, including manufacturer accountability, radical transparency, and leadership-driven security prioritization. Secure by design is critical for organizations as it minimizes risks and vulnerabilities within an enterprise. Join us as we discuss a transformative approach to software development and cybersecurity. Listeners will gain insights into how this initiative is reshaping the tech industry's approach to security, moving from reactive measures to proactive, built-in safeguards. Speakers: Vaibhav Malik, Partner Solutions Architect, Cloudflare Surya Prakash, Senior Vice President, Global Financial Corporation Tatyana Sanchez, Content & Program Coordinator, RSA Conference Kacy Zurkus, Senior Content Manager, RSA Conference

Healthcare sectors need to implement a strong cybersecurity team, proactive strategies, and security awareness training, but how do they do that while prioritizing patient care? Enter the need for clinical resiliency. Join this podcast to learn actionable takeaways for building a team medical providers who also understand both the impact of cyberattacks on hospitals and how to achieve resilience in the face of an attack to ensure patient safety and care quality. Speakers: Christian Dameff, Emergency Physician and Clinical Informatics Fellow, University of California San Diego Tatyana Sanchez, Content & Program Coordinator, RSA Conference Kacy Zurkus, Senior Content Manager, RSA Conference

Drones are becoming more common in skies around the world. While the initial reaction seems to be focused on privacy concerns, which are very valid, there should also be a higher focus on what someone can do with a relatively lightweight drone. Having it carry a hacking device or it being a hacking device itself is something that has not been talked about enough. Speakers: Brad Ammerman, Senior Director of Security, Prescient Security Alex Thines, Senior Security Consultant, Prescient Security Tatyana Sanchez, Content & Program Coordinator, RSA Conference Kacy Zurkus, Senior Content Manager, RSA Conference

In case you missed out on the Bird Of Feather Session during RSA Conference 2024, here is your chance to learn how to use and adapt CISA Zero Trust Maturity Model and it’s five security pillars in practice. Join this podcast to hear real-world examples of challenges, benefits, and approaches about the model. Speakers: Jason Garbis, President, Numberline Security Tatyana Sanchez, Content & Program Coordinator, RSA Conference Kacy Zurkus, Senior Content Manager, RSA Conference

In case you missed out on the Bird Of Feather Session during RSA Conference 2024, here is your chance to hear about the educational resources on cybersecurity fundamentals that policymakers need to keep up in the rapidly changing regulatory environment. Learn how preparing them will support strong policies and equitable participation in the global digital economy. Join this podcast to hear some approaches and resources, as we discuss ways to build community to fill this strategic gap. Speakers: Diana Burley, Vice Provost Research & Innovation, American University Tatyana Sanchez, Content and Programming Coordinator, RSA Conference Kacy Zurkus, Senior Content Manager, RSA Conference

In today’s digital world, organizations are increasingly impacted by AI for the good and bad. AI is being used in the healthcare industry for a variety of reasons. Despite AI being a resource for the healthcare sector it also comes with challenges. Join this podcast as we discuss: • How the healthcare can prepare for combatting AI-driven cyber threats • What steps should be taken now, next weeks, next months • Strategy for adoption of AI for cybersecurity • Upskilling your team • Realistic expectations

We engage in a dynamic discussion our guests who will share their experiences in cyber and thoughts on the cyber risks for small businesses where there is a crucial gap in the cybersecurity market. Focusing on the unmet needs of small businesses, guests will discuss the importance of providing support and solutions tailored to this underserved sector accompanied by use cases and real-world examples. Speakers: Tiffiny Bryant, Information Security Analyst, Shipt Inc. Nick Gipson, CEO, Gipson Cyber, Jordyn Short, Collaborator, Stats on Stats Tatyana Sanchez, Content & Program Coordinator, RSA Conference Kacy Zurkus, Senior Content Manager, RSA Conference

Diversity, Equity, and Inclusion (DEI) has long been talked about in an effort to diversify the workforce, but what are organizations really doing to change organizational culture. Understanding different perspectives on inclusion is key to informing how to create effective change to help attract and retain talent. Join this podcast to learn about the findings of inclusion research that Women in CyberSecurity (WiCys) have conducted. Speakers: Lynn Dohm, Executive Director, Women in CyberSecurity (WiCyS) Tatyana Sanchez, Content & Program Coordinator, RSA Conference Kacy Zurkus, Senior Content Manager, RSA Conference

Tune in as RSAC 2024 DevSecOps Program Committee Members discuss the trends pulled out from the DevSecOps track. Join this podcast to hear the latest trends, their significance, and what track submissions are telling us about today’s cybersecurity landscape and much more. Speakers: Akira Brand, Application Security Engineer, Akira Brand Consulting Jennifer Czaplewski, Senior Director, Target Chris Romeo, Chief Executive Officer, Devici Tatyana Sanchez, Content & Program Coordinator, RSA Conference Kacy Zurkus, Senior Content Manager, RSA Conference

How can we ensure we drive product security from the get go? How can we provide security assurance throughout the protect detect and response lifecycle of our services and solutions? How can AI empower our defenders? Leaders from Microsoft and Google will share insights on how AI can improve security efficiencies for the entire product lifecycle. We review real world examples from cloud security solution providers that can benefit the broad security community and defenders. Speakers: Heather Adkins, Vice President, Security Engineering, Google Abhilasha Bhargav-Spantzel, Partner Security Architect, Microsoft Aanchal Gupta, CVP, Microsoft Tatyana Sanchez, Content and Programming Coordinator, RSA Conference

This podcast shares research that reveals how many of the most common cloud security risks—despite being tied to basic security guidelines such as the Principle of Least Privilege—are widely overlooked in organizations of all sizes, even in those with a high maturity level in terms of cloud security. We'll explain why that is and investigate approaches to reduce your risk. Speakers: Neil Carpenter, Principal Technical Evangelist, Orca Security Bar Kaduri, Research Team Leader, Orca Security Tatyana Sanchez, Content and Programming Coordinator, RSAC Kacy Zurkus, Senior Content Strategist, RSAC

Many organizations have fallen victim to data breaches and exposure. It is crucial to strengthen security as the rise of cyberattacks increases. What are some strong measurements to reduce the risk of data exposure? Join the RSAC 2024 Governance, Risk, and Compliance Program committee as they discuss what decision-makers need to think about from a compliance perspective. Speakers: Elliott Franklin, Chief Information Security Officer, Fortitude-RE James Lugabihl, VP Security - Governance Risk & Compliance, ADP Jamie Sanderson Reid, Director, Cyber Governance Risk & Compliance (GRC), The AES Corporation Tatyana Sanchez, Content and Programming Coordinator, RSAC Kacy Zurkus, Senior Content Strategist, RSAC

Protecting data is a critical key when developing products, systems, or services. What are some privacy measures to consider? Join us for a discussion on the overview of Privacy By Design and how to implement it into practice. Speakers: Kim Wuyts, Manager Cyber & Privacy, PwC Belgium Tatyana Sanchez, Content and Programming Coordinator, RSAC

With differing privacy approaches that expand many geographies, more organizations are focused on building a strong privacy program. Is it time for Privacy by Design? And where exactly is the intersection between privacy and security? Join the RSAC 2024 Privacy & Data Protection Program Committee for insights into why privacy was a strong trend in the RSAC 2024 submissions. Speakers: John Elliott, Principal Consultant, Withoutfire & Pluralsight Author Laura Koetlze, VP, Group Research Director, Forrester Research Kacy Zurkus, Senior Content Manager, RSA Conference

What does the cybersecurity workforce of the future looks like, and more importantly, how do we get there? Join us for a discussion on embracing the resilience and brilliance of black women is cyber, all part of the Black Women in Cyber Collective, who are working to protect our privacy and secure our world while also fostering opportunities to expand open pathways into cyber careers. Speakers: Shinesa Cambric, Principal Product Manager, Microsoft Mari Galloway, CEO & Founding Board Member, Cyberjutsu Talya Parker, Founder, Black Girls in Cyber Kacy Zurkus, Senior Content Strategist, RSA Conference

Recent studies have found that SMS users increasingly do not trust the confidentiality and integrity of SMS, with users also reporting that they can not trust the true identity of the sender. Cybercriminals are able to exploit the weaknesses of this authentication tool, yet it continues to be a technology widely used and relied upon for perceived security in mobile messaging. Join this podcast to learn more about the weaknesses in SMS texting and why it might be time to move on to more robust security technologies. Speakers: Tatyana Bolton, Security Policy Manager, Google Kacy Zurkus, Senior Content Manager, RSAC

Zero Trust Security is often associated with network access and identity access management. However, while those solutions are important and necessary, the evolution in infrastructure and the onset of new attack surfaces require us to expand our perspective and include the API layer in security strategies. Join this podcast to hear industry influencers speak to the origins and evolution of the Zero Trust Framework, why Zero Trust must include the API layer for holistic and resilient security, what each participant sees as the future of Zero Trust, and how the latest reference architecture serves to guide security experts. Richard Bird, CSO, Traceable Chase Cunningham, CSO, Ericom Software Kacy Zurkus, Senior Content Manager, RSA Conference

For years, the cybersecurity industry has supported the narrative that there is a major skills gap, but some have been questioning whether the issues is an actual dearth of qualified candidates who possess the skills needed to fill open roles or an abundance of candidates with some transferable skills who aren't being given an opportunity to gain experience. Join this podcast in which we'll engage in the great debate of whether there actually is a cybersecurity skills gap.

Cyber leaders are unique in their necessity to share.  Building community, leveraging best practices with organizations in the same industry is paramount to successfully protecting from threats. This podcast will delve into the world of the cybersecurity community and share some strategies, technologies, and best practices that CISOs can use to enhance the overall security posture of the organization. We'll focus on the importance of collaboration, communication, and relationship-building in cybersecurity.

In the race to develop the most powerful generative AI tools, businesses must take steps to avoid the inherent risks of this emerging tech. AI involves sharing massive quantities of data, so even a single misconfiguration can have serious repercussions. What are the new risks and broader business implications of AI that arise as organizations venture to harness its power? This podcast will examine that question and discuss the recent leak of 38 terabytes of data by AI engineers, as well as risk mitigation strategies that should be front of mind for developers and engineers looking to build more AI solutions.

Threat modeling is a process that is essential for organizations to use to combat threats, and for mitigating risks. Threat intelligence is a component that can be applied as a method for use with threat modeling to ensure that all risks and vulnerabilities are being properly assessed and techniques are used to protect assets. In this podcast, we'll discuss threat modeling and implementing threat intelligence to identify threat behavior and eliminate risks. Speakers: Tanisha L. Turner, Senior Security QA Engineer, Security Engineering Productivity, Elastic Kacy Zurkus, Senior Content Manager, RSAC

Cyberattacks have been growing in frequency and severity over the past decade and have increased exponentially with the adoption of cloud-native technology. The pressure is on for organizations to prioritize building and implementing a security testing strategy to avoid becoming the latest cyberattack headline. Speakers: Caroline Wong, Chief Strategy Officer, Cobalt Kacy Zurkus, Senior Content Manager, RSAC

Threat modeling at an enterprise scale can be costly to implement, scale and maintain, but there are ways in which you can curtail spend in two key areas – threat modeling toolsets cost and resourcing cost. This podcast will discus key spend considerations including purchase model for OOTB software and services as well as resource allocation and required updates. Speakers: Karen Harris, Architect, Threat Modeling Program Lead, JP Morgan Chase Kacy Zurkus, Senior Content Manager, RSA Conference

What is threat modeling and where does it fit in to the overall development process? In this podcast, we'll discuss what threat modeling is, when threat modeling activities are essential, and the skills needed to become a threat modeling expert. Speakers: Ashwini Siddhi, Senior Principal Product Security Advisor, Dell Technologies Kacy Zurkus, Senior Content Manager, RSAC

The Department of Defense (DoD) is implementing a 3rd Party Supply Chain Risk Management program that will require companies that receive their sensitive information to implement NIST SP 800-171 and then undergo a 3rd Party Cybersecurity Maturity Model Certification (CMMC) event. This podcast will discuss the ripple effects of the requirements and the extent of the impacts. Speakers: Matthew Titcombe, CEO, Peak InfoSec Kacy Zurkus, Senior Content Manager, RSAC

Password Managers are required by for employees at most companies, but are they designed to encourage good password hygiene? We conducted a comprehensive study with users who trusts the most popular passwords managers offered in the industry. We discovered that many users are still ignoring password reset notification from their Password Managers and aim to explain why that is the case. Speakers: David Ng, Director of Product Management, Salesforce Jacky Ho, Director of Technology Regulatory Advisory, USB AG

Well-known frameworks and lots of advice exist to help people protect data, privacy, and devices, but minimize the implication of human factors. This podcast will discuss the PCSF and highlight the ways in which it will help organizations move one step closer to having people recognized as the new enterprise edge. The PCSF complements, and does not replace, an organization’s risk management process and cybersecurity program. Speakers: Lucia Milică Stacy, VP, Global Resident Chief Information Security Officer, Proofpoint Kacy Zurkus, Senior Content Manager, RSAC

The cybersecurity community has had lots of conversations about workforce development, but it's time to take action. Learn about the efforts to bring cybersecurity education to the K-12 sector as part of the effort to narrow the skills gap and build the next generation of cyber defenders. Speakers: Laurie Salvail, Executive Director, CYBER.ORG Kacy Zurkus, Senior Content Manager, RSA Conference

In order to mitigate the risks in telehealth devices, healthcare delivery organizations need to identify threats. Join this podcast to hear practical steps to implement a more robust security strategy rooted in standards and best practices that include how to use NIST Frameworks and the work being done by the NCCoE Healthcare team. Speakers: Anahi Santiago, CISO, ChristianaCare Kacy Zurkus, Senior Content Manager, RSAC This podcast is sponsored by Quantinuum. Quantinuum uses the power of quantum computing to keep organizations ahead of cyber risks by providing quantum-computing-hardened encryption keys to provably harden existing security measures.

The White House published the US National Cybersecurity Strategy that outlines a five-pillared approach to dismantling threat actors, enabling partnerships, and investing in resilience. But what does all that mean for cyber defenders? This podcast will examine the strategy in depth to help listeners both realize the vision and understand roles, responsibilities, and resources in cyber. Speakers: Brandon Pugh, Director, Cybersecurity and Emerging Threats, R Street Institute Megan Stifel, Chief Strategy Officer, Institute for Security and Technology Kacy Zurkus, Senior Content Manager, RSA Conference

Within the last decade, fraud and cyberattacks have become increasingly focused on exploiting digital identity. The exposure of digital identity as an attack surface has implications for individuals, enterprises, and even our societal structures. In this session we discuss the state of identity-based attack vectors and what the security community is doing to address them. Speakers: Gadalia Montoya Weinberg O'Bryan, CEO, Dapple Security Kacy Zurkus, Senior Content Manager, RSAC

In the story of Gyge’s Ring, Plato asserts that if humans had the power to be invisible, they would act without consequence. In his book, Tracers in the Dark: The Global Hunt for the Crime Lords of Cryptocurrency, Greenberg details the truth of Plato’s claim as he recounts stories of criminal activity on the dark web, where people believed they were acting anonymously without the risk of getting caught. Join this podcast to hear Greenberg discuss his favorite scenes in the book that reveals how researchers and investigators were able to trace cryptocurrency exchanges. Speakers: Andy Greenberg, Senior Writer, Wired Kacy Zurkus, Senior Content Manager, RSAC

Intrigued by the dark web payment card landscape? Join us for this RSAC 365 podcast to hear about how the dark web payment card landscape was affected by the Russia-Ukraine war, exploring everything from the magecart infections/e-skimmers, which are used to steal the payment card data to “checkers”, which are tools used by cybercriminals to check the stolen payment cards for validity and 3-D bypass methods, and the tools cybercriminals. Get a sneak peak at the upcoming “Crypto Drainer” report, which details this as-a-service tool cybercriminals use to trick crypto centric individuals into providing access to their wallets. Speakers: Ilya Volovik, Senior Manager - Payment Fraud Intelligence Team, Recorded Future Kacy Zurkus, Senior Content Manager, RSAC

Cybersecurity and the resiliency of space assets are a priority because of the critical infrastructure services they provide. This session will discuss the attack vectors and mitigation approaches of exploits that can impact them as well as how the cyber security and space asset resiliency range will be used to test and validate their confidentiality, integrity, and availability. Speakers: Barbara Grofe, Lead Designer, Spartan Corp Kacy Zurkus, Content Strategist, RSAC

In this podcast, we will uncover the realities of insecure control systems software in critical infrastructure. From discovering zero-days to exposing vulnerabilities in built-in features, we'll explore the role of both vendors and operators in safeguarding our essential utilities. By the end, listeners will have a new perspective on the need to implement strong security practices into the foundation of the control systems that make modern life possible. Don't miss out on this crucial conversation about the current state and the future of our critical infrastructure! Speakers: Brian Foster, GMS Cybersecurity Lead, South California Edison Kacy Zurkus, Content Strategist, RSAC

There is a general lack of quantum risk awareness among board members. The emergence of powerful quantum computers are an impending threat to our digital ecosystems — e.g. mobile phones and internet — because they can conceivably crack classical encryption. A quantum algorithm with that capability already exists; yet, quantum risk management is not a standard topic discussed at board meetings. Speakers: Maëva Ghonda, Host, Quantum AI Institute Podcast and Senior Fellow of HQS Quantum Simulations Dr. Lily Chen, Project Leader, Mathematician, Cryptographic Technology Group, NIST Kacy Zurkus, Content Strategist, RSAC

Ransomware Operators have not only increased the ransoms they demand but are also using additional coercion techniques to perform multifaceted extortion attacks. Between us, we have worked on several ransomware incidents observing closely the challenges that organizations face while battling and remediating ransomware incidents. Based on the learnings from responding to such incidents, we will share our learnings and thoughts on the ransomware attack life cycle, practical security controls and enforcement measures to defend against and limit the impact of ransomware attacks. Speakers: Anurag Khanna, Manager, CrowdStrike Services Thirumalai Natarajan, Senior Manager, Mandiant Consulting Kacy Zurkus, Content Strategist, RSAC

Most organizations have moved beyond the insecure username and password access control a long time ago and started using multifactor authentication. But as Yahoo, Deloitte, and LinkedIn know, MFA won’t always save the company from a data breach. Not only has MFA access been defeated multiple times by attackers, but users hate it. It’s cumbersome, annoying, increasingly exploitable. In this podcast Violet Sullivan and Jessica Smith will discuss the evolution of MFA, why and how it can be exploited, and what organizations can and should do to address access control in a way that keeps their data security and users happy. Speakers: Jessica Smith, Vice President of Client Services, AllClear ID Health Violet Sullivan, Esq. CIPP/US, Vice President of Client Engagement, Redpoint Cybersecurity Kacy Zurkus, Content Strategist, RSAC

In the same way that the tango begins with foundational steps, the layering of device, application/workload, and user identity forms the foundation of Zero Trust security. Each intentional step weaving to create an intricately coordinated pattern. Join us as we take a look at the cryptographic dance between keys and identity that forms the basis of and maintains Trust in a Zero Trust world. Speakers: Karen Reinhardt, Principal Engineer, Cryptographic Services, The Home Depot Kacy Zurkus, Content Strategist, RSA Conference

Security analysts must fight both attackers and the products and services they rely on to drive their detection and response capabilities because of a lack of usability of security tools and processes. This podcast explains an emerging cybersecurity technology trend: analyst experience (AX). Join us to understand how AX can enable your team to find more effective security tools, build better workflows, and help security analysts make faster, more accurate decisions. Speakers: Allie Mellen, Analyst, Security and Risk, Forrester Research Jeff Pollard, Vice President & Principal Analyst, Forrester Kacy Zurkus, Content Strategist, RSA Conference

Back in 2017 New America and The Christian Science Monitor hosted then 14-year-old and CEO of VannTechCyber LLC, Paul Vann. He was indeed a rising star in the field, but where is Vann now? Join this RSAC 365 podcast as we shine a spotlight on the making of a cyber professional. We’ll feature Paul Vann, who’s now a senior at the University of Virginia and a Developer at Cyborg Security. Vann will inspire listeners with his story of growing from a “hacker kid” to a developer working on a malware analysis tool as well as his goals and aspirations for a future in the industry. Speakers: Paul Vann, Student, University of Virginia Kacy Zurkus, Content Strategist, RSA Conference

When it comes to defending critical infrastructure from cyber threats, understanding the threat landscape is critical to assessing risk and implementing a robust security strategy. Threat intelligence enables organizations to identify and react to threats, and we know that having the right attack surface intelligence informs the processes and procedures needed to quickly recover. Yet, intelligence sharing remains a problem for defenders. In this podcast we'll explore the value in public/private partnerships, the barriers to threat intelligence, and how organizations can collaborate to overcome those barriers and improve resilience. Speakers: Erin Miller, Executive Director, NCC/Space ISAC Kacy Zurkus, Content Strategist, RSA Conference

Congress has tried for years to pass a comprehensive federal data privacy and security law without success, which impacts consumers, industry, and security. Meanwhile, other countries and multiple U.S. states have moved forward with laws. However, the bipartisan, bicameral American Data Privacy and Protection Act (ADPPA) could be an opportunity to change this. This podcast will cover why data privacy and security legislation is important and look at the R Street Institute’s report on reaching consensus on traditional roadblocks, specific aspects of the bill like data security, the bill’s current status and possible next steps, and remaining challenges. Speakers: Brandon Pugh, Resident Senior Fellow and Policy Counsel, Cybersecurity and Emerging Threats, R Street Institute Kacy Zurkus, Content Strategist, RSA Conference

While there seems to be a growing awareness of the threats to the cyber-physical world with cybercriminals increasingly targeting industrial organizations within critical infrastructure, are current investments, regulations, and actions enough to stop attackers. In this podcast, we’ll have a follow up Q&A to the RSAC 2022 session, “The Cyber Physical War—Lessons from the Digital Front Line,” to understand what more must be done to protect industrial organizations. Speakers: Ian Bramson, Global Head of Industrial Cybersecurity, ABS Group Kacy Zurkus, Content Strategist, RSA Conference

We live very “smart” lives equipped to stay connected anywhere, any time. Getting connected is easy, securing it may be a fool’s errand if not approached properly. Say goodbye to the days of signature-based detection and say hello to IoT data anomaly and volatility predictive analysis for advanced “on the go” monitoring, detection and response. In this podcast, we will discuss novel approaches in using data analytics models from financial market trading systems (quant) to determine security volatility when faced with unprecedented and overwhelming volumes of data. We’ll propose potential solutions called the Cyber VIX and engineering concepts to test cyber defenses such as the “shake down test” and where failures and blind spots can be predicted and modeled. Speakers: Peter Tran, CISO & EVP Global Cyber and Product Security Solutions, InferSight LLC Kacy Zurkus, Content Strategist, RSA Conference

Our world is becoming increasingly interconnected and more interdependent than ever before. We continue to see an increase in cybercrime, which brings us to an inflection point - who's responsible for addressing security in our integrated digital world and what should be the role of policymakers and industry regulators in promoting good cyber hygiene and incentivizing collaboration? Speakers: Shinesa Cambric, CISSP, CISA, CISM, CDPSE, Product Manager, Microsoft Jay Hira, Cyber Security Strategy and Transformation Director This podcast is sponsored by DNSFilter. DNSFilter offers industry leading threat protection for companies across the globe. Utilizing powerful artificial intelligence, we identify and block threats 7 days earlier than competitors.

Over the course of the last two years, cybersecurity planning and thought leadership have picked up with a parallel increase in regulation, Congressional action, and government reorganization. The Cyberspace Solarium Commission recommended and got a National Cyber Director and incident reporting legislation through the hard work of the SASC, HASC, and HSGAC, but where do these changes leave us now? Is the National Cyber Director leading the federal government effort, or are government turf battles making leadership in cyber confusing? And what about incident reporting - how many new proposals have we seen, and which are the most critical to understand? Join us for a discussion of all of these issues and what the cybersecurity landscape might look like in a year or five years from now. Speakers: Tatyana Bolton, Policy Director, Cybersecurity and Emerging Threats, The R Street Institute Kacy Zurkus, Content Strategist, RSAC

Integrating security into the development lifecycle can be a challenge, especially for those who don’t understand why security matters to development and operations. What’s the ROI of DevSecOps? What are the key KPIs? Join us for an insightful conversation that explains why DevSecOps is important while shining a spotlight on some DevSecOps bloopers to avoid. Our guests will also expose the cost of bad DevSecOps and offer suggestions for how to measure developers on security. Speakers: Keenan Skelly, CEO, Shadowbyte Stephanie Simpson, Vice President of Product, SCYTHE

Virtual health providers create favorable conditions for the LGBTQ population's access to healthcare, an influx of electronic personal health information, and massive increases in cyber threats. Using software flaws, bad actors increasingly target healthcare systems to steal, monetize, and affect availability of data. This session explores software integrity and DevSecOps approaches to secure highly interconnected digital healthcare systems. Speakers: Safi Mojidi, Head of InfoSec, FOLX Health Kacy Zurkus, Content Strategist, RSA Conference

Massive cloud proliferation has driven huge increases in IT and security complexity, the vast majority of which come from trying to force fit legacy concepts, processes and even tools, into a cloud context. This will cover the most important considerations and requirements facing organizations to adequately understand and affect their new reality – and evolve their security thinking. Speakers: Nipun Gupta, Senior Security Leader, Devo Sounil Yu, CISO and Head of Research, JupiterOne Kacy Zurkus, Content Strategist, RSAC

Leading and guiding a data-driven security program as a BISO can be challenging. Data is everywhere and owned by many departments. Once a BISO has found that data they need, they must overcome the challenges of data access, storage, normalization and all the other steps required to turn that data into an actionable story. Fortunately, the Cloud can make this easier and faster. Speakers: James Binford, Director and Business Information Security Officer, Humana Ashish Rajan, Host of Cloud Security Podcast & SANS Trainer, Cloud Security Kacy Zurkus, Content Strategist, RSAC

What does an attacker need to do to exploit a threat? Join us to discuss the TTPs attackers are using to exploit myriad threats in today’s threat landscape. Our guests will look across different sectors to understand new and emerging threats, how those threats can be exploited, and steps organizations can take to avoid being the next victim of a cyberattack. Speakers: Jerone Jones, Founder, JustOne Solutions, LLC Alexiaa Jordan, Cyber Security Consultant, JustOne Solutions

The technology we work to secure is ever evolving, as are the threat actors that are out there trying to exploit those technologies. Hence, the challenge we face today with securing and then defending those advances in technology requires people that are just as excited about learning how to defend that new technology as someone once was about creating it. There is absolutely someone out there that is passionate about hacking their way into that new technological advancement, no matter what it is. Join this podcast to learn what motivates hackers and how to help instill a passion for defending against cyber threats in the members of a security team. Speakers: Tiffiny Bryant, Cyber Security Analyst, Crystal Clear Technologies, Inc Kacy Zurkus, Content Strategist, RSAC

Across the security world, there’s a growing appreciation about the need to better understand our software supply chain. Transparency won’t solve all our problems, but will lay a foundation for greater resilience and more informed decisions. This discussion will review the basics of SBOM, using the recent log4j vulnerability to understand how SBOM can help across the software ecosystem—and also understand its limits. We’ll also delve into the future of SBOM, exploring some of the gaps, where we need to focus to advance the state of the art. Our ultimate goal should be the integration of SBOM into the broader vulnerability and security data ecosystem through automation. Speakers: Allan Friedman, Senior Advisor and Strategist, CISA Kacy Zurkus, Content Strategist, RSA Conference

Furthering the White House Cybersecurity EO, the OMB just released a Zero Trust Architecture Strategy with one of its 5 pillars focused on identity, and requiring implementation of strong, phishing-resistant MFA for agency and citizen access. This session explores the gatekeeper role of identity in ZTA, and the business and technology challenges faced in managing access while passwords persist. Speakers: Mario Duarte, Vice President of Security, Snowflake Tom (TJ) Jermoluk, CEO and Co-Founder, Beyond Identity Kacy Zurkus, Content Strategist, RSA Conference

In 2021, artificial intelligence emerged as a viable technology, which warranted a conversation about the legal and policy considerations underlying modern society. We’ll look back at the ethical, legal, and policy considerations discussed in May of 2021 and ask where are we now? What more needs to be done in order to maximize a successful implementation and minimize potential risk? Speakers: Behnam Dayanim, Partner, Global Chair of Privacy & Cybersecurity Practice and Chair, Advertising & Gaming Practice, Paul Hastings LLP Kacy Zurkus, Content Strategist, RSAC

In a world where the terms “AI” and “machine learning” are used liberally to describe new products and technologies, creating an assessment framework for buyers (and sellers!) to evaluate these products is essential. In this session, we’ll follow the Cost and Vulnerability dimension of MITRE’s AI Relevance Competence Cost Score (ARCCS) Framework and consider the security and privacy implications of AI for smart cities and the humans that travel them. Speakers: Anne Townsend, Department Manager and Cybersecurity Engineer, The MITRE Corporation Kacy Zurkus, Content Strategist, RSAC

Protecting Data & the Supply Chain so deeply intertwined with everything from software to identity. Join Program Committee members Edna Conway and Diana Kelley as they discuss the challenges that folks are struggling with right now and some potential mitigation strategies. We'll explore what’s happening with Log4j and other vulnerabilities as well as the need for a software Bill of Materials (SBOM). Speakers: Edna Conway, Vice President, Security & Risk Officer, Azure, VP, Chief Security & Risk Officer, Azure Microsoft Diana Kelley, CTO and Co-Founder, SecurityCurve Kacy Zurkus, Content Strategist, RSAC

Countless conversations with students, politicians, and leaders about cybersecurity suggest that the term ‘cybersecurity’ does not invoke the personal sense of responsibility necessary, nor is it inviting to the majority of the public including minorities, women and young adults who we want to seek a career in this field. How do we change that? Let's start with Data Care. In this podcast, our guests will discuss what’s missing from the term ‘cybersecurity’ and how taking a ‘Data Care’ approach can help us all to build a more secure world. Speakers: Britta Glade, Senior Director, Content & Curation, RSA Conference Ron Gula, President, Gula Tech Adventures Cyndi Gula, Managing Partner, Gula Tech Adventures

The Rise of Privacy Tech (TROPT) recently released a whitepaper categorizing the privacy tech landscape. It explores privacy tech's relationship to its adjacent industries, which include cybersecurity, identity management, and data governance, among others. Join this podcast for a look at key takeaways and insight into the 8-month-long working group drafting process. Speakers: Lourdes Turrecha, Founder and CEO, The Rise of Privacy Tech Kacy Zurkus, Content Strategist, RSAC

Recognizing that the security of our interconnected world is as interdependent and fragile as a Jenga puzzle, how do we ensure that the entire system doesn’t fall apart when a single block is pulled? What do we ow each other, and how do we work together to ensure those organizations—be they non-profits, NGOs, or public schools and institutions—have the resources they need to be resilient in the face of a cyberattack? In this podcast, we’ll examine the security poverty line and our systemic dependencies and explore what we owe each other in order to ensure a more secure world. Speakers: Dr. Kelley Misata, Founder and CEO, Sightline Security Kacy Zurkus, Content Strategist, RSAC

How much responsibility should people really bear in the big data realm? Does informed consent equate to waiving rights? Is it realistic that they understand how data travels and is there an incorrect underlying assumption that data is their priority when they are consenting to its collection or use? In this podcast, we will examine the reasons people sign consent forms (to access care or information), the limited ability of informed consent to protect people from hacking and cybersecurity breaches, and its irrelevance to compensating people whose data is aggregated, sold, and resold. We will explore the limitations of informed consent in governing data collection and use in the healthcare arena. Speakers: Anne Zimmerman, Founder, Modern Bioethics Kacy Zurkus, Content Strategist, RSAC

The Program Committee for the RSAC 2022 Privacy track was challenged with selecting the top session that would make it onto the agenda, but privacy topics were not limited to this one track. So why is privacy trending, and what are this year’s privacy trends? Join two members of the Privacy Program Committee as they reveal their favorite picks and what attendees have to look forward to at Conference. Speakers: Bernard Brantley, Chief Information Security Officer, Corelight Francesca Ginexi, Privacy Policy Manager, Facebook Kacy Zurkus, Content Strategist, RSAC

Migrating to public cloud introduces new attack surfaces commonly the exploitation of misconfigured resources. In a cloud landscape that contains millions of resources, how do we detect these threats. This session explores the journey from security policy documentation to scanning and detecting security compliance violations in product infrastructure from the start of the development life cycle. Joe McCrea, Cloud Security DevOps Engineer, SAP Mariam Triki, DevSecOps Engineer, SAP Kacy Zurkus, Content Strategist, RSAC

The importance of cloud security has, perhaps, never been more critical, following massive shifts to remote workforces and ramped up digital transformation across organizations of all sizes. In this podcast, two members of the Cloud Security & Cloud Sec Ops Program Committee discuss trends observed in their selection process for 2022 RSA Conference and what matters most as organizations look to secure and further mature their multi-cloud and hybrid deployments. Speakers: Britta Glade, Senior Director, Content & Curation, RSA Conference Shawn Harris, Director, Information Security, Starbucks Rich Mogull, CEO/CISO, Securosis

Refreshed and updated to include the latest technologies and best practices in cybersecurity operations, guests will share key takeaways from the new 11 Strategies for Operating a World Class Cybersecurity Operations Center (CSOC) book that will be coming out later this year. We will discuss the 11 strategies, how to balance the CSOCs core incident response mission with supporting functions such as threat intelligence and threat hunting, the importance of growing staff in house, and why the CSOC can never stop evolving. As with the original book, this new edition will include a free electronic version available to everyone. Speakers: Kathryn Knerler, Department Manager, Cyber New Professionals Development Program, The MITRE Corporation Ingrid Parker, Chief Engineer, Homeland Security Enterprise Division, The MITRE Corporation Kacy Zurkus, Content Strategist, RSAC

In today’s world, data is currency. With that in mind, organizations need to consider the fiduciary duty they owe to data subjects, especially when they suffer a ransomware attack. This session outlines what types of fiduciary duties organizations have, why paying a ransom falls under those duties, how negotiations mitigate harm, and three steps for effectively responding to a ransomware attack. Speakers: Robert Fitzgerald, Founder and CEO, Arcas Risk Management Karen Walsh, CEO and Founder, Allegro Solutions Kacy Zurkus, Content Strategist, RSAC

Have you been wondering how to get into Cybersecurity? It may seem that you have to be a security tester or expert. It's not true! There are many paths into Cybersecurity using your existing experience, skills, and schooling. This talk will show the multiple paths people have followed into the Schneider Electric IT Security and Application Security organizations. Cassie Crossley, Director, Product Security Office, Schneider Electric Kacy Zurkus, Content Strategist, RSAC

You've gotten the job in tech—congrats! So now what do you do? We’ve heard stories from those who struggled with overcoming unexpected obstacles while new to the job. Let’s talk about what you can do to prepare for the unexpected. In this podcast, you’ll hear from an industry expert on ways to level up your career. This talk will provide various tools and resources to help navigate the tech space and make the most of what you have and help you in reaching your future goals. Speakers: Mari Galloway, Chief Executive Officer and Founding Board Member, Women’s Society of Cyberjutsu Kacy Zurkus, Content Strategist, RSAC

Humans engage with Android technology in myriad ways, but how has the technology been used to date and how is it evolving? This podcast will explore the ways in which the Android ecosystem has evolved by looking at Android from a techno-sociological, security, and privacy context. We will discuss dimensions of privacy, the impact Android has had on humans, the kinds of threats we are seeing in the wild, the security challenges that need to be addressed, and the evolution of features like Digital Well Being. Speakers: Aditi Bhatnagar, Product Security Engineer, Atlassian Kacy Zurkus, Content Strategist, RSAC

In this podcast, we discuss how countries have influenced worldwide elections historically and in modern day using cyberwarfare. We explore how countries and critical infrastructure respond to these attacks and how they should respond in the future. By the end, we brainstorm the ways to disrupt a future election in order to understand how to better protect it. Geoff Hale, Senior Cybersecurity Advisor, Cybersecurity and Infrastructure Security Agency Allie Mellen, Analyst, Security and Risk, Forrester Research

Throughout 2020, ransomware was consistently amongst the most challenging cyber exposures for organizations to manage. The insurance market can provide critical insights on how to understand the evolving ransomware landscape, given the volume of insurance claims being seen and emerging data on loss and exposure trends. This session will bring together experts from across the cyber insurance and breach coach space and give end to end insights on the financial and organizational impact of ransomware, risk implications, and challenges that will be seen in the market. Speakers: Marcello Antonucci, Global Cyber & Tech Claims Team Leader, Beazley Benjamin Di Marco, Cyber Specialist, Willis Towers Watson Christina Terplan, Founding Partner and President, Atheria Law This episode is brought to you by Axonius. Axonius helps organizations immediately know what assets they have, and shows which devices, cloud instances, and users adhere to or deviate from security policies. Try it free at axonius.com/rsac

Drawing on original research, the speakers will dive deep into one of the most prominent ransomware strains today: Sodinokibi/REvil. By tracking its operators’ activity in affected organizations, on the dark web, and through the group’s public blog, we will bring our collective insights to the audience, detailing how Sodinokibi operates, its malware uniqueness, and the damage it has inflicted. Speakers: Limor Kessem, Executive Security Advisor, IBM Security Camille Jackson Singleton, Strategic Cyber Threat Lead, IBM Kacy Zurkus, Content Strategist, RSAC

With the increased scale and pace of automated processes along with migrations to the cloud, proper design of security architecture becomes a critical component of your overall IT architecture implementation. Considering this, what should your business prioritize as the ultimate driver for security architecture decisions - and where does risk, privacy and compliance fit into the picture? Speakers: Shinesa Cambric, CISSP, CISA, CISM, CDPSE, Principal Program Manager, Microsoft Aparna Murthy, Aparna Murthy, CA, CPA, Principal Risk and Compliance Consultant Kacy Zurkus, Content Strategist, RSAC

Turku Energia - a Finnish energy distribution company - secured its power supply & IT network for the city’s 200,000 citizens. Utility SCADA systems are hacking targets, due to the damage that can be inflicted by sending cities dark or damaging the grids. The utility’s IT team ensured data integrity, visibility, and rapid threat detection and remediation within both IT and OT environments. Speakers: Vikram Sharma, Senior Engineering Manager, IoT, Cisco Kacy Zurkus, Content Strategist, RSAC

Study after study shows cybersecurity job descriptions lack clarity across most roles and industries — stifling talent recruitment, development and retention efforts. Infosec Institute and Aspen Cybersecurity Workforce Coalition will provide data-backed insights into how organizations are aligning job descriptions and training to tools like the NICE Framework, including what’s working and what’s not. Speakers: David Forscey, Senior Policy Analyst, National Governors Association Megan Sawle, VP of Research & Marketing, Infosec Kacy Zurkus, Content Strategist, RSA Conference

Rachel Tobac hacks people based on publicly available information. Camille Stewart encourages people to mitigate risk and defend against Rachel’s methods. We’re bringing these two industry leaders together for this one-of-a-kind podcast that will explore social engineering risks and highlight some best practices to help protect users and organizations. Presenters: Camille Stewart, Cyber Fellow, Harvard Belfer Center and Head of Security Policy, Google Play & Android, Google Rachel Tobac, CEO, SocialProof Security, White Hat Hacker Kacy Zurkus, Content Strategist, RSA Conference

The FBI’s Internet Crime Complaint Center received more than 791,000 complaints in 2020—a record number, representing a 69% increase over 2019. Join us for an in-depth discussion as we examine details of the report with FBI’s Cyber Division's Deputy Assistant Director Herb Stapleton. Speakers: Herb Stapleton, Deputy Assistant Director, Cyber Division, FBI Kacy Zurkus, Content Strategist, RSA Conference

Hotel chain data breaches have resulted in huge financial loss and reputational harm. Unlike other consumer-facing businesses, such as retail stores, hotels must hold onto payment card data for extended periods passing this valuable data among many participants in the payment security ecosystem as customers make reservations and complete travel. In this podcast, our guests will identify and discuss how organizations can reduce the risks associated with handling payment card information for hotels and, in turn, begin to strengthen the cybersecurity of the property management system (PMS). For more information, visit NIST’s project on Securing Property Management Systems. https://www.nccoe.nist.gov/projects/use-cases/securing-property-management-systems Speakers: John T. Bell, Founder and Principle Consultant, Ajontech LLC Arshad Noor, CTO, StrongKey Bill Newhouse, Cybersecurity Engineer, National Cybersecurity Center of Excellence (NCCoE) Kacy Zurkus, Content Strategist, RSA Conference

Business email compromise (BEC) has made a comeback. Vishing calls have proven profitable for cybercriminals as well. How can you stay ahead of these threats and detect fraud before any money is sent? Join us for a podcast that discusses how these attacks work, who they target and why. Our guests will also offer tips on what to do both professionally and personally to limit risk—from small things like training those who are handling the financial transactions to working with the banks and the cyber team. Speakers: Nicole Beckwith, Staff Cyber Intelligence Analyst, GE Aviation Ursula Cowan, Threat Research Analyst, FireEye/Mandiant Kacy Zurkus, Content Strategist, RSA Conference

In the industrial space, we’ve seen more organizations bringing in Chief Product Security Officers—with good reason. Security needs to be baked into the products that companies are delivering to customers, particularly when there is a life/safety impact. But the need for product security extends beyond ICS and OT. Join us with our guests Megan Samford and Patrick Miller who will look at why product security is the new frontier of the cybersecurity industry. Presenters: Patrick Miller, Founder, Director & President Emeritus, EnergySec and US Megan Samford, Chief Product Security Officer, Schneider Electric Kacy Zurkus, Content Strategist, RSA Conference

The majority of applications contain at least one security flaw and fixing those flaws typically takes months. Automating scanning and scanning via API can help development teams fix faster by a pretty wide margin. Veracode’s Chris Eng and Cyentia’s Jay Jacobs explore what’s driving the volume of code flaws, what factors influence fix rates, how organizations with higher fix rates are tackling the problem successfully, and automation as a best practice for DevSecOps and an action developers can take to "nurture" their apps to better security. Presenters: Chris Eng, Chief Research Officer, Veracode Jay Jacobs, Co-Founder and Chief Data Scientist, Cyentia Institute Kacy Zurkus, Content Strategist, RSA Conference

Principles of epidemiology can be effectively applied to cyber security, with some adaptations. What do travel quarantines and firewalls, social distancing and port closures have in common? Learn how much cyber incident responders can learn from the recent pandemic that effectively shut down so many of the human connections in the modern world. Presenters: Steve Faruque, Cyber Security Manager, IBM Dr. Manisha Juthani-Metha, Associate Professor of Medicine and Epidemiology and Infectious Diseases Specialist, Yale School of Medicine and Yale New Haven Hospital Kacy Zurkus, Content Strategist, RSAC This podcast is sponsored by Axonius. Axonius is the cybersecurity asset management platform that gives organizations a comprehensive asset inventory, uncovers security solution coverage gaps, and automatically validates and enforces security policies.

The submissions and decisions have been made. The Program Committee’s selections will soon be announced. Before that happens join me and two members of a Hackers & Threats PC to discuss what trends they saw come through in this year's RSA Conference submissions. They'll also give a sneak peak into what attendees of RSAC 2021 have to look forward to on the Hackers & Threats track. Greg Day, VP and Chief Security Officer, EMEA, Palo Alto Networks Nicole Little, Walt Disney Studios Kacy Zurkus, Content Strategist, RSA Conference

TikTok and Huawei are probably two of the most notable Chinese technology companies that are enveloped in policy debates. The US government's most recent actions against TikTok could be an indication of future actions that could be taken against Chinese technology companies. Join us for the important discussion about how geopolitical motivations impact technology regulations and international interference operations. We'll look at how Western businesses are changing their technology development, operations and staffing strategies in Greater China and much more. Gabo Alvarado, Managing Director, Pointe Bello Katherine Koleski, Program Analyst, Defense Innovation Unit Aaron Turner, President and Chief Security Officer, HighSide Kacy Zurkus, Content Strategist, RSAC

Sometimes the greatest obstacles we must overcome are the ones we put in front of ourselves. It’s no different for businesses or even for an entire industry. In cybersecurity, one of the greatest barriers to entry could be the perception people have of what cybersecurity is. Many outsiders believe a job in cybersecurity equals sitting in front of a screen and coding all day. So, how do we rebrand ourselves in order to develop talent from various diverse sources? Join us to discuss different strategies for addressing the talent shortage.

What is OT systems management and why is it so critical to protecting our critical infrastructure? What are the necessary controls to ensure ICS/OT cybersecurity? A comprehensive program includes a range of controls and design efforts, In this podcast, industry leaders will discuss the challenges and requirements of protecting Operating Information Technology systems, which includes the need for establishing OT Systems Management, a holistic approach to hardening, updating, maintaining, and monitoring the endpoints and networks in industrial environments.

Though concerns over election security did not begin with the 2016 Presidential election, new and emerging threats coupled with an expanding attack surface have exacerbated what were already major security concerns for municipalities, states and the federal government. So what is the current risk environment and what has changed in CISA and the FBI’s cyber missions? We’ll answer these questions and offer tips on how the tech community and citizens can get involved in this can’t miss podcast.

Networking has many advantages and has the potential to open doors of opportunity, but how do you identify the right people to network with? What do you bring to the table and what are you looking for from others? Join us for an engaging exchange with two industry leaders who will share their perspectives on the value of education, experience and relationship building. They’ll share advice on how to meet security practitioners, motivate other, be a well-rounded worker and an industry influencer.

Agility is not a strategy, and Zero Trust is not a product you can buy. In a Zero Trust approach as identity becomes more important than ever, managing the lifecycle correctly is critical, during provisioning, use as well as destruction. These are some of the reasons why Zero-trust architecture is becoming the defacto segmentation approach in our digital-first world. Interrelated are the opportunities in both Edge Computing and DevSecOps to help businesses differentiate products and services by transitioning to more collaborative and risk-based security. Join us as we discuss Zero Trust, DevSecOps and Edge Computing with two industry experts who will explore the ways in which these approaches to customer-centric transformation can help businesses stay competitive.

COVID-19 has forced enterprises to adopt new ways of working in order to ensure their data remains protected as they navigate the impacts of the global pandemic and manage a distributed workforce. As more employees work remotely and an organization’s attack surface area increases, it’s never been more important to invest in security. At the same time, IT budgets are shrinking and security is at risk of being deprioritized or compromised in this new reality, where many employees are working from home and not on secure corporate networks. The only way to protect organizations is by protecting your endpoints, and in this podcast, we’ll discuss how adopting a zero-trust strategy can help organizations quickly adapt and prepare for a different post-pandemic world.

As Camille Stewart wrote, “Cyber diplomacy and international cyber capacity building are better served by having diverse representation that understands the cultural nuances that determine how technology will move through a society.” Similarly, when it comes to managing security risk management programs, diversity matters. Risk management has many challenges, which is why a team can only be enriched and strengthened by including those with a vast range of experiences. There is no one-size-fits-all when it comes to risk management, however being attune to issues of race and other forms of discrimination and how they manifest themselves in their work, will result in building better programs. In this podcast, we will hear from esteemed industry experts who will share their different perspectives on why diversity matters to risk management and the consequences of not addressing the lack of diversity in cybersecurity and risk management.

Having a communications person as part of the security organization ensures that the enterprise communicates security not only through awareness programs but also across silos. A security communications lead plays a critical role in developing and executing incident response plans as well as other security policies that impact the business. In order to effectively create a security aware culture, your security organization needs to be able to communicate the risks, the strategies to mitigate risks and the policies that must be followed in the event of a security incident. People need to understand their roles and responsibilities, which need to be clearly communicated. In this podcast, we will hear from industry experts who will help you understand the value of and implement good, clear security communications.