NIS2 Unlocked: The New Era of European Cyber Resilience
This episode explores the transformative impact of the NIS2 Directive, which mandates robust cybersecurity risk management and strict "24-72-30" incident reporting timelines for essential and important entities across the EU. We break down the critical distinctions in supervisory regimes and the expanded scope that now includes sectors ranging from energy and health to digital infrastructure and food production. Finally, we discuss the elevated stakes for corporate leadership, detailing how new governance rules hold management bodies personally liable for compliance failures.
www.compliancehub.wiki/germany-completes-nis2-implementation-a-watershed-moment-for-european-cybersecurity
Sponsors:
www.cisomarketplace.com
www.compliancehub.wiki
--------
35:19
--------
35:19
Taming the AI Gold Rush: A New Building Code for Trustworthy Intelligence
As the tech world races through an "AI gold rush," the gap between rapid innovation and safety standards has created massive risks for organizations deploying Generative AI. This episode breaks down the new OWASP AI Maturity Assessment (AIMA), a comprehensive blueprint that acts as a "building code" to ensure AI systems are secure, reliable, and aligned with human values. We also explore critical threats from the OWASP Top 10 for LLMs, such as prompt injection and model poisoning, and discuss how to transition from reactive patching to proactive, architectural security.
https://www.hackernoob.tips/owasp-ai-testing-guide-v1-the-industrys-first-open-standard-for-ai-trustworthiness-testing
Sponsors:
www.cisomarketplace.com
https://airiskassess.com
https://vibehack.dev
--------
13:24
--------
13:24
Mastering Digital Resilience: The DORA in Control Framework
This episode explores the challenges financial institutions face in translating the complex legal requirements of the EU’s Digital Operational Resilience Act (DORA) into practical, daily operations. We dive into the "DORA in Control" framework developed by NOREA, which consolidates the regulation into 95 actionable controls across eight domains to simplify compliance and gap assessments. Finally, we discuss how adopting an engineering perspective allows organizations to move beyond a "tick-the-box" mentality and solve the actual root causes of ICT risks.
www.compliancehub.wiki/strategic-implementation-plan-for-the-digital-operational-resilience-act-dora
Sponsors:
www.compliancehub.wiki
www.cisomarketplace.com
--------
13:37
--------
13:37
Agent Zero: The New Era of Autonomous Cybercrime
This episode explores how the widespread deployment of agentic AI is fundamentally redefining enterprise security by creating fully autonomous, adaptive, and scalable threats that act with growing authority to execute multi-step operations and interact with real systems. We analyze how this shift has industrialized cybercrime, allowing automated operations to orchestrate ransomware and launch hyper-personalized social engineering campaigns that blend malicious actions with normal business workflows. The discussion focuses on the urgent need for organizations to move from reactive defense to anticipatory resilience, securing the AI supply chain, implementing AI workflow guardrails, and treating autonomous agents as accountable identities to survive this rapidly escalating threat landscape.
https://cisomarketplace.com/blog/ai-agent-identity-market-landscape-fastest-growing-cybersecurity-sector
Sponsor:
https://vibehack.dev
www.breached.company
www.cisomarketplace.com
--------
16:29
--------
16:29
The Hallucination Trap: Cutting Through AI Vendor Hype and Red Flags
The cybersecurity market is saturated with "AI washing," forcing CISOs to rigorously vet vendors promising "autonomous" capabilities that often lack genuine intelligence. This episode provides a battle-tested framework for demanding proof over promises, revealing critical technical red flags like claims of zero hallucinations or a lack of essential data residency guarantees. Learn how to avoid creating new liability and instead achieve measurable ROI, such as an average 80% reduction in false positive alert volume, by focusing on analyst augmentation over replacement.
https://cisomarketplace.com/blog/cisos-guide-ai-security-vendor-evaluation
Sponsors:
www.cisomarketplace.com
www.cisomarketplace.services
CISO Insights: The Cybersecurity Leadership PodcastWhere Security Leaders Shape Tomorrow’s DefensesJoin us for CISO Insights, the definitive podcast for cybersecurity executives navigating today’s evolving threat landscape. Each episode delivers exclusive conversations with industry pioneers and practical frameworks from security leaders.CISO Insights provides actionable intelligence for executives building resilient security programs. We cover everything from board-level risk communication to threat detection, compliance, and talent development.Whether you’re a CISO, aspiring security leader, or technology executive, we equip you with the tools to thrive in a complex digital environment.Connect with us:Shop: cisomarketplace.comNews: threatwatch.newsPodcast: cisoinsights.showTools: microsec.toolsAI Resources: cybersecuritygpt.storeFollow us:TikTok @cisomarketplace - Quick insights and security tipsYouTube @cisomarketplace - In-depth discussions and CISO interviewsTiktok & Youtube: @ScamwatchHQPowered by grit, fueled by caffeine. Thanks for keeping us going!coff.ee/cisomarketplacecoindrop.to/cisomarketplace
Listen to CISO Insights: Voices in Cybersecurity, The Corder Report Powered by eNCA.com and many other podcasts from around the world with the radio.net app
South Africa