Powered by RND
PodcastsTechnologyRazorwire Cyber Security
Listen to Razorwire Cyber Security in the App
Listen to Razorwire Cyber Security in the App
(471)(247,963)
Save favourites
Alarm
Sleep timer

Razorwire Cyber Security

Podcast Razorwire Cyber Security
Razorthorn Security
Welcome to the Razorwire podcast where we share information, best practices and up to date news in cyber security and infosec. Our mission is to help you becom...
More

Available Episodes

5 of 61
  • Humans vs AI: Building a Security Culture That Actually Works with Noora Ahmed-Moshe
    As AI reshapes cybersecurity threats, understanding how scams are evolving has never been more critical.Welcome to Razorwire. I'm Jim, and today I'm talking with Noora Ahmed-Moshe, VP of Strategy and Operations at Hoxhunt. We'll explore how AI is transforming cybersecurity threats and what that means for protecting ourselves and our organisations.We discuss how traditional scams have changed with AI technology and look at why phishing remains a persistent problem, along with practical ways to make security training more effective. Noora explains her approach to combining smart technology with human awareness and why building a supportive security culture works better than focusing on mistakes. Join us to gain insights into today's cyber threats and take away actionable tips for how organisations can better prepare their teams.3 Key Talking Points:AI-Enhanced Phishing Techniques: Discover how AI, including tools like ChatGPT, has drastically increased the volume and sophistication of phishing emails, making them harder to detect and more culturally nuanced.Positive Reinforcement in Training: Learn why a supportive, non-punitive approach to security awareness training—using gamification and rewards—can lead to better internalisation of security practices among employees.Deepfake Challenges: Understand the emerging threats posed by deepfake technology, particularly in a remote work environment, and how organisations can adapt their security measures to validate identities effectively.Tune in to this vital discussion to stay ahead of cyber threats and foster a culture of security within your organisation.Motivating Through Gamification: "It is about motivating people and how you do that. And that's why at Hoxhunt, when we do our training, for example, in terms of social engineering attacks, we reward people anytime they report something. Then they're on a leaderboard, and it's all gamified. So it gives people this real sense of engagement, and that makes it positive."Noora Ahmed-MosheListen to this episode on your favourite podcasting platform: https://razorwire.captivate.fm/listenIn this episode, we covered the following topics:Power up your security training: Learn how to structure effective security training programmes that actually prevent data breaches, based on real-world examples of what works and what doesn't.Master the scammer’s playbook: Understand why "too good to be true" scams continue to succeed by exploring their evolution from the Love Bug virus to modern day frauds, helping you spot timeless patterns in social engineering.Outsmart AI-powered threats: Discover how AI is transforming phishing attempts with sophisticated language and cultural awareness and learn what makes these new attacks so challenging for staff to detect.Stay ahead of QR code attacks: Get ahead of emerging threats by understanding how criminals are exploiting QR codes in innovative ways and learn how to spot these often-overlooked security risks.Unlock human security potential: Understand why human behaviour is at the heart of most security breaches and learn practical ways to address these vulnerabilities in your organisation.Build a confident security culture: Discover why leading organisations are moving away from fear-based security cultures and learn how to create an environment where staff feel confident reporting potential...
    --------  
    49:14
  • Mental Health, Organisational Culture & The Human Side of Cybersecurity
    Are layoffs increasing your cybersecurity risk and driving your team to burnout? This episode looks into the psychological underpinnings of infosec to navigate turbulent times at work.Welcome to Razorwire, the podcast that cuts through the complexities of information security with sharp insights and expert discussions. In this episode, I’m joined by Lisa Ventura (MBE), founder of Cybersecurity Unity, and Bec McKeown, a psychologist specialising in high-risk environments. Together, we explore the hidden psychological factors that shape cybersecurity practices and discuss essential strategies to safeguard your organisation.Join us as we discuss the impact of economic layoffs on cybersecurity, the efficacy and ethical concerns surrounding psychological profiling, and the sophisticated tactics employed by malicious actors in today's digital arena. Lisa, Bec, and I also unpack the importance of organisational culture in mitigating human error, the role of mental health in cybersecurity, and how to implement targeted security measures without overwhelming your team. This episode is a must-listen for professionals seeking to understand the human dynamics behind infosec challenges and cultivate a supportive, resilient security culture.3 Key Takeaways:Protect Your Organisation Without Crossing Privacy Lines. Want to strengthen your security approach without relying on controversial psychological profiling? Discover practical, ethical alternatives as Bec McKeown walks you through smarter ways to assess and mitigate insider risks whilst preserving employee trust and privacy.Prevent Data Theft During Company Transitions. Is your organisation facing changes? Learn how to protect your critical assets during turbulent times. Lisa Ventura reveals proven strategies to identify and secure your most valuable data, particularly when your company is experiencing workforce changes or economic pressure.Build a Stronger, More Resilient Security Team. Ready to boost both your security effectiveness AND team morale? Get hands-on techniques from Bec McKeown to create an environment where your security professionals thrive. Walk away with practical steps to reduce burnout, increase psychological safety and build a high-performing team that stays sharp and engaged.Tune in to Razorwire for actionable advice and expert perspectives to fortify your cybersecurity strategy amid challenging times.On Psychological Safety & Blame Culture:"If people are constantly told off for not doing things in the right way, whether that's cybersecurity training or otherwise, they're never gonna fess up to it... if you haven't got that psychological safety within the culture, then these things are probably more likely to happen because it's not in the person's best interest to hold their hand up."Bec McKeown Listen to this episode on your favourite podcasting platform: https://razorwire.captivate.fm/listenIn this episode, we covered the following topics:Understanding Layoff Security Risks: Explore why workforce changes increase data theft risks and why organisations need heightened awareness during these transitions.Beyond Psychological Profiling: Learn more effective and ethical ways to assess security risks without compromising employee privacy - practical alternatives you can implement today.High-Value Target Protection: Understanding why certain roles face increased targeting and need additional security...
    --------  
    40:32
  • Insider Threats & Third Party Risk: How to Manage Security Threats
    Every vendor you trust and every employee you hire could be your next security crisis—explore the realities of third party risk and insider threats on this episode of Razorwire!Join us for a discussion on the multifaceted challenges of third party risk and how they can destabilise your organisation. From the growing complexities of cloud providers like AWS and Azure to detecting and dealing with insider threats, our conversation covers it all. My esteemed guests, Razorwire favourites Iain Pye and Chris Dawson, share their perspectives on the right to audit third parties and how shifts in business models and changing workplace culture impact our security postures. We also break down a case study involving indemnity and insurance settlements following a breach incident, providing you with practical takeaways for enhancing your own security protocols.Key takeaways:Strengthen Your Third Party Risk ManagementImplement contractual audit rights early in vendor relationshipsDevelop resilience plans for vendor service failuresUnderstand the risks of supply chain dependencies (third parties of third parties)Plan for scenarios where key service providers might fail or be compromisedUnderstand and Mitigate Insider ThreatsIdentify different types of insider threats (accidental, disgruntled employees, corporate espionage)Monitor for behavioural changes and suspicious activity patternsImplement ongoing background checks and security clearance reviewsBalance monitoring with employee privacy and company culture considerationsAddress Modern Security ChallengesEvaluate the cost-benefit trade-offs between in-house and outsourced servicesImplement monitoring solutions that correlate data from multiple sourcesDevelop security strategies that account for both human and technical factorsCreate comprehensive risk assessments that include both internal and external threatsJoin us on Razorwire as we untangle the complexities of third party risk and insider threats, providing you with actionable insights to fortify your organisation's cyber defences.On the inevitability and scale of third-party breaches: "It's inevitable. You're gonna have a third party breach. There's about, what, 10 a day... You could do all the due diligence in the world and all the security checks about this. You could have a very robust vendor risk management, whatever you wanna call it. At the end of the day, it's gonna take one little, maybe insider threat on the third party side, and that will cause a breach." Iain PyeListen to this episode on your favourite podcasting platform: https://razorwire.captivate.fm/listenIn this episode, we discuss:● Implementing Third Party Audit Rights: Secure your organisation by establishing robust audit rights in vendor contracts before engagement begins.● Evaluating Cloud Provider Stability: Assess and mitigate risks when selecting cloud providers by verifying their financial stability and data migration capabilities.● Preventing Insider Security Breaches: Distinguish and protect against both intentional and accidental internal security threats through targeted controls.● Building a Strong Security Culture: Foster an environment where employees actively report and respond to security warnings rather than normalising them.● Managing Employee-Related Risks: Develop strategies to...
    --------  
    44:58
  • How to Optimise Your GRC Tools
    How to Optimise Your GRC Tools Improving Value, Efficiency & True Risk ManagementAre your GRC tools really managing risk, or just creating noise?Welcome to the latest episode of Razorwire, where we cut through the complexities of the cybersecurity world to deliver actionable insights. I'm your host, Jim, and in this episode, we're discussing the multifaceted challenges and opportunities surrounding Governance, Risk and Compliance (GRC) tools with none other than Jack Jones, creator of the FAIR risk model and a seasoned security professional with nearly 40 years’ experience.In our conversation, Jack and I explore the intricate landscape of GRC tools, questioning their effectiveness in truly managing risk. We talk about the difference between controlling efficiencies and understanding genuine risks, shedding light on the often misleading contents of risk registers. In this episode, you'll learn invaluable insights that could transform how you approach risk management and compliance. From navigating price range vs efficiency, to the idea of developing a more effective and affordable GRC solution, this episode offers a treasure trove of useful takeaways for anyone in the cybersecurity field. Key takeawaysThe Real Cost of GRC Tools: Jack and I discuss the hidden expenses and renewal price hikes associated with existing GRC tools. If you're feeling the financial strain of your current GRC solutions, this segment is a must-listen to understand the true cost and value proposition of these tools.Redefining Risk Management: We talk about the importance of differentiating between real risks and mere efficiencies and how many organisations can get this wrong. Learn how to avoid the ‘noise’ in your risk register to focus on genuine risk scenarios that matter to your business.The Path to Better GRC Solutions: Tune in to hear our thoughts on the pressing need for innovation in GRC tool design. If you're looking for practical, cost effective solutions tailored to meet your risk management needs, you'll want to hear our insights and future plans.Don't miss this conversation that could reshape your perspective on GRC tools and risk management."If I thought the [GRC tool] technology is actually provided anywhere near the value of their potential… if the GRC products and their implementations were actually doing the job they're intended to do, they should cost a lot of money because they would be providing a ton of value." - Jack JonesListen to this episode on your favourite podcasting platform: https://razorwire.captivate.fm/listenIn this episode, we covered the following topics:Cybersecurity Responsibilities Debate: We debate whether cybersecurity should fall under IT or infosec departments.Penetration Testing Management: How penetration testing could be subject to a conflict of interest depending on which department manages it.GRC Tool Costs: Maximising GRC Tool ROI: Gain insights on how to assess and optimise your GRC tool's value proposition through regular utilisation and cost reviews.Identifying GRC Tool Shortcomings: Understand the common pitfalls of popular GRC tools in addressing real world risks, enabling better tool selection and implementation.Proper Risk Register Management: Learn to distinguish between genuine risks and audit deficiencies for more accurate and useful risk registers.Third-Party Risk Management: Learn strategies for effectively managing the challenges posed by third party risks in modern business environments.Effective Risk Communication: Master...
    --------  
    43:36
  • Navigating Mental Health, Narcissism & Burnout in Cybersecurity with Lisa Ventura MBE
    Welcome to Razorwire, the podcast where I, James Rees, cover the cybersecurity topics that matter with expert guests from across the industry. We aim to help cybersecurity professionals enhance their skills, improve their work performance, and boost their overall quality of life in this demanding field.The illustrious Lisa Ventura, MBE, award winning cyber security specialist and the founder of Cyber Security Unity, joins me in this episode. We talk about the pressing issues that cybersecurity professionals face on a daily basis, from mental health struggles to dealing with industry narcissists.Lisa shares her insights on current industry developments and uses her personal experiences to offer practical advice and knowledge for cybersecurity professionals at all career stages.Join us as we talk about:1. Burnout and Mental Health in Cybersecurity: We talk about the root causes of burnout and mental health issues among cybersecurity professionals, and share practical strategies to protect your wellbeing in a high stress environment.2. Navigating Industry Narcissism: Gain insights on how to identify and handle narcissistic behaviours in the workplace, and work towards a healthier and more supportive professional atmosphere.3. Cyber Skills Gap and Industry Trends: Lisa's shares her thoughts on the role of AI and VC money, and the ongoing challenge of closing the cyber skills gap, especially in smaller organisations.Tune in to Razorwire and empower yourself with the knowledge and resilience essential for thriving in the cybersecurity arena.Lisa on handling narcissists in the workplace: "If it gets too much, I have only one bit of advice. And it's not a good bit of advice to say, and that is to find something new as soon as you possibly can and leave because those individuals will never change."Lisa Ventura, MBEListen to this episode on your favourite podcasting platform: https://razorwire.captivate.fm/listenIn this episode, we covered the following topics:Burnout and Mental Health: Discover strategies for managing burnout and maintaining mental health in cybersecurity.Cyber Skills Gap: Learn about the factors contributing to the cyber skills gap and how this can be addressed.Responsibility and Fear: Understand the psychological impact of responsibility and blame in security roles.Budget Reductions and Layoffs: Find out how budget cuts and layoffs are affecting the industry post-pandemic.Handling Narcissistic Individuals: Get practical advice on dealing with narcissistic individuals in the workplace.Infosec Industry Trends: Explore current and future trends in information security, including AI misuse.Legislation and C-Suite Attention: Learn how new legislation is increasing executive-level focus on cybersecurity.Experiences in Infosec: Hear firsthand accounts of dealing with negative behaviours in the industry.Targeting and Narcissism Among Women: Uncover insights on targeting and hypocrisy, even among diversity advocates.Challenges for Young Professionals: Find out how mentorship can help newcomers overcome challenges and impostor syndrome.Resources MentionedCyber Sentinels...
    --------  
    40:52

More Technology podcasts

About Razorwire Cyber Security

Podcast website

Listen to Razorwire Cyber Security, The Vergecast and many other podcasts from around the world with the radio.net app

Get the free radio.net app

  • Stations and podcasts to bookmark
  • Stream via Wi-Fi or Bluetooth
  • Supports Carplay & Android Auto
  • Many other app features
Radio
Social
v6.29.0 | © 2007-2024 radio.de GmbH
Generated: 12/4/2024 - 6:24:29 AM