Cover art for podcast Cyber Pro Files

Cyber Pro Files

139 EpisodesProduced by securitycurrentWebsite

Are you a cyber security pro and want to hear what your peers are doing to safeguard their organizations? Or are you someone who wants to learn how the nation’s top cyber security pros are protecting your data against hackers or just human error? In these real-world conversations, the nation’s leadi… read more

episodes iconAll Episodes

SC 136: Tomás Maldonado, CISO of the National Football League (NFL), speaks with Ian Keller, CSO of SBV Bank

July 28th, 2020


Tomás Maldonado, CISO of the National Football League (NFL), speaks with Ian Keller, CSO of SBV Bank, which operates across Africa and is the only company in South Africa to partner with the South African Reserve Bank …

SC 135: VP and CISO of Sentara Healthcare Dan Bowden speaks about the not-for-profit health system’s journey post COVID-19

June 30th, 2020


Dan Bowden, VP and CISO Sentara Healthcare, speaks with *David Cass, VP of Cyber & IT Risk at the Federal Reserve Bank of New York, about the not-for-profit health system’s journey post COVID-19. The two leaders …

SC 134: SVP and CISO of Ellie Mae Selim Aissi shares his invaluable insights

June 10th, 2020


Having conducted a major influenza pandemic exercise in Q4 of last year assuming all employees were sent home, Ellie Mae SVP & CISO Selim Aissi was able to quickly and effectively respond to COVID-19. In this …

Listen to a sneak peek on our upcoming CISO Roundtable: Unprecedented Times

June 10th, 2020


Host and moderator Joey Johnson, CISO of Premise Health, will be joined by leading healthcare CISOs Hussein Syed of RWJBarnabas Health and Anahi Santiago of ChristianaCare as they discuss the unique challenges they face …

SC 133: Chief Information Security Officer (CISO) at Metropolitan Water District of Southern California Jake Margolis

June 8th, 2020


Jake Margolis, CISO Metropolitan Water District of Southern California – the largest distributor of treated drinking water in the United States, has …

SC 132: Chief Information Security Officer (CISO) of Fannie Mae Christopher Porter talks about today’s challenging times and the importance of people

June 2nd, 2020


Fannie Mae CISO Christopher Porter speaks with David Cass, VP of Cyber & IT Risk at the Federal Reserve Bank of New York. The two industry leaders discuss today’s challenging times and the importance of people. They …

SC 131: Global CSO of TikTok Roland Cloutier discuss the new normal and what things may look like on the other side.

May 28th, 2020


Global CSO of TikTok Roland Cloutier speaks with David Cass, VP of Cyber & IT Risk at the Federal Reserve Bank of New York (*any opinions David …

SC 130: Dr. Pablo Molina, AVP and CISO at Drexel University Speaks About Distance Learning and the Challenges the University Has Encountered

May 19th, 2020


Dr. Pablo Molina, AVP and CISO at Drexel University speaks with David Cass, VP of Cyber & IT Risk at the Federal Reserve Bank of New York (any …

Listen to a sneak peek on our upcoming CISO Roundtable: The New Normal

May 14th, 2020


Host and moderator David Cass, VP of Cyber & IT Risk at the Federal Reserve Bank of New York* talks about what to expect when his CISO peers …

SC 129: Chief Information Security Officer (CISO) Colin Anderson Discusses People Being Paramount During COVID-19

May 11th, 2020


CISO Colin Anderson of Levi Strauss speaks with David Cass, VP of Cyber & IT Risk at the Federal Reserve Bank of New York (*any opinions he …

SC 128: CISO David Levine of RICOH USA Talks Quickly Moving to a Remote Workforce Due to the Pandemic

May 11th, 2020


What impact has the COVID-19 pandemic had on the security of organizations that have now by and large had to quickly migrate to a remote workforce? David Cass, VP of Cyber & IT Risk at the Federal Reserve Bank of …

SC 127: EDR for All – Bitdefender Discusses Best Practices for Implementing Endpoint Detection and Response Technology

April 4th, 2018


The business of information security is tough: the bad guys only need to get it right once, while the good guys have to get it right all the time. One hundred percent protection of all endpoints is not possible, and …

SC 126: Tufin Talks Increasing Security and Agility Through Security Policy Orchestration

November 7th, 2017


Enterprise networks grow more complex by the day. With hundreds to thousands of firewall rules, devices and routers across on-premise and hybrid …

SC 125: Ron Green, Mastercard Executive VP CISO, Talks New Technologies, What Keeps Him Up at Night and Provides Recommendations to His Peers

October 9th, 2017


Mastercard is a technology company in the global payments industry which operates the world’s fastest payments processing network, connecting …

Maxim Integrated Chief Cyber Risk Officer and SentinelOne's CEO Talk Endpoint Security, Automation and Visibility

September 28th, 2017


The endpoint is becoming the new edge of the business. As the doorway to your data, with more and more breaches getting in via the endpoint, it is turning into one of the weakest links for today’s business. It is …

SC 123: Bay Dynamics CEO Discusses How to Gain Insight in to Security Risks Using User Behavior Analytics

August 28th, 2017


CISOs are increasingly looking to User Behavior Analytics (UBA) as a key security tool to help combat threats by identifying anomalous behavior.

SC 122: CISO David Cass Talks Cloud Adoption and Security

June 6th, 2017


Enterprises are increasingly adopting cloud strategies. Despite this, adoption has been impacted in some cases due to cybersecurity concerns.   In this podcast, David Cass, the Global Partner, Cloud Security and FSS …

SC 121: Joey Johnson, Premise Health CISO, Discusses Challenges in Securing Distributed, Highly Regulated Environments

March 27th, 2017


Premise Health is a leader in onsite health and wellness programs providing some 600 large employer sponsored employee clinics. With a highly …

SC 120: DocuSign CISO Discusses the Human Element of Incident Response

February 28th, 2017


The volume of threats and attacks most security teams face daily can leave them overworked and fatigued, operating in what DocuSign CISO Vanessa …

SC 119: Marci McCarthy, President CEO of T.E.N. and Founder of the ISE® Awards Provides Insights into the Evolution of the CISO Role

February 23rd, 2017


The CISO increasingly has a seat in the boardroom, as the role is becoming more of the rule than the exception in enterprises.

During RSA Conference …

SC 119: San Diego CISO Gary Hayslip Talks Strategies for Building Executive Buy-in, Security Tech and Leveraging the Cloud

February 22nd, 2017


The city of San Diego is a $4 billion business and it doesn’t shut down. As you’ll hear in this discussion between Gary Hayslip, the city’s CISO, and David Cass, Global CISO IBM Cloud and SaaS, San Diego is a smart city …

SC 118: Global CISO David Cass Discusses the Proliferating Attack Surface Being Created by Internet of Things Devices with ForeScout’s Commercial CTO and VP Len Rosenberg

February 10th, 2017


There has been an exponential adoption of Internet of Things (IoT) with experts predicting billions of IoT devices coming into use. And with the strategy more often than not being go to market and secure it later, …

117 SC: Gartner Research VP Anton Chuvakin Talks New CISOs at RSA, New Technologies and Box Fatigue with Global CISO David Cass

February 9th, 2017


With RSA around the corner and more security vendors than you can count, if you are a new CISO at the conference what should your game plan be? As …

SC 116: Jason Witty, US Bancorp EVP and CISO, Discusses The Benefits of Tokenization with David Cass, Global CISO IBM Cloud SaaS

January 31st, 2017


Tokenization is helping render data theft obsolete. Jason Witty, US Bancorp EVP and CISO, is in the midst of completing a multi-year tokenization …

SC 115: Gartner Research VP Anton Chuvakin Speaks with Global CISO David Cass on Security Monitoring, SIEM and UBA

January 17th, 2017


What specific things should companies look at when it comes to security monitoring in 2017? As you’ll hear in this podcast, a lot of the security …

SC 114: Global CISO David Cass continues his discussion in part two of the series with Chief Security Architect Chris Roberts on Acalvio's threat deception technology

December 19th, 2016


As you’ll hear in part two of the conversation between David Cass, Global CISO IBM Cloud and SaaS, and Chris Roberts, Acalvio Chief Security …

SC 113: Payment Card Processor Monext Discusses Continuous Compliance, Reducing Complexity and Heightening Security

November 29th, 2016


Ensuring continuous compliance while reducing complexity is essential to bolstering security for many organizations, in particular, those that …

SC112: David Cass, Global CISO IBM Cloud and SaaS Speaks with Chris Roberts, Acalvio Chief Security Architect, on Threat Deception, the Internet of Things and Technology Innovation

November 23rd, 2016


It’s becoming an old adage: it isn’t a matter of if an attacker will infiltrate your network but when.” With that being the case and with research …

SC 111: Matt Hollcraft, Maxim Integrated CISO, Speaks with Dan Schiappa, SVP GM, Sophos Enduser Security Group on Ransomware, IoT and Hacking as a Business

November 4th, 2016


In this interview Matt Hollcraft, Maxim Integrated CISO, discusses common threat vectors – what is old and what is new – with Dan Schiappa, SVP & …

SC 110: David Mahon, CSO of CenturyLink, and David Cass, Global CISO IBM Cloud SaaS, Discuss the Evolution of the CISO and Provide Tips to Current and Aspiring CISOs

October 26th, 2016


In this conversation with Security Current podcast host David Cass, Global CISO IBM Cloud & SaaS, David Mahon, CenturyLink CSO, talks about the …

SC 109: IBM Global CISO Cloud SaaS and ADP Vice President Global Security Architect Discuss the Business and Technology Benefits of User Behavior Analytics (UBA) Tools

September 26th, 2016


The use of user behavior analytics (UBA) is at the forefront of technologies that CISOs are seeking for their security toolkits to help them identify …

SC 108: David Cass, Global CISO IBM Cloud and SaaS, Speaks with Reuven Harrison, CTO Tufin, on Network Security Policy Automation and Orchestration in the Cloud

September 14th, 2016


In this conversation, CISO David Cass and CTO Reuven Harrison, discuss the journey to the cloud. They talk about increasing enterprise cloud adoption and hybrid environments. They also discuss the associated demand for …

SC 107: John Masserini, CSO MIAX Options, Speaks with Barmak Meftah, President and CEO AlienVault, About Threat Detection and Response

August 23rd, 2016


In this conversation, MIAX Options CSO John Masserini discusses the threat detection and response space with AlienVault President and CEO Barmak …

SC 106: David Cass, Global CISO IBM Cloud SaaS, and David Rooker, CISO Actian Corp, Discuss Today's Greatest Security Threats

August 18th, 2016


In the series brought to you by Security Current and Intersections IT Security ONE2ONE Summit and you will hear CISOs discuss today’s most critical issues in IT Security.

This episode features David Cass, IBM Cloud …

SC 105: Part 3- CISO of IBM Cloud SaaS Speaks with Spirent on Medical Device and Autonomous Car Hacking

August 11th, 2016


In part three of the conversation David Cass, IBM cloud & SaaS global CISO and John Weinschenk, Spirent Communications general manager enterprise and network application discuss the potential hacking of medical …

SC 104: David Cass, CISO IBM Cloud SaaS, and David Mahon, CSO CenturyLink, Discuss the Most Common Threats Hitting Businesses Today

August 10th, 2016


In this conversation with  Security Current podcast host David Cass, Global CISO IBM Cloud & SaaS, David Mahon, CenturyLink Chief Security Officer, discusses what he sees as two of today’s critical security issues …

SC 103:David Cass, Global CISO IBM Cloud SaaS, and William Okula, Executive Officer Police Technology Bureau at the Suffolk County Police Department, Discuss Today’s Threats, Security Best Practices and Staffing

July 20th, 2016


In the series brought to you by Security Current and Intersections IT Security ONE2ONE Summit you will hear CISOs discuss today’s most critical issues in IT Security.

This episode features David Cass, IBM Cloud & …

SC 102: David Cass, CISO IBM Cloud SaaS, and Richard Seiersen, GM Cybersecurity and Privacy GE Healthcare, Discuss Security, Trust and Privacy in Healthcare

July 13th, 2016


This episode features David Cass, IBM Cloud & SaaS CISO, and Richard Seiersen, GE Healthcare’s General Manager Cybersecurity and Privacy who discuss the different types of attack vectors in healthcare, which as …

SC 101: CISOs David Cass, IBM Cloud SaaS, and Jonathon Neel, University of Virginia School of Medicine, Discuss the Changing Threat Landscape in Healthcare

July 6th, 2016


In the series brought to you by Intersections IT Security ONE2ONE Summit and Security Current you will hear CISOs discuss today’s most critical issues in IT Security.

This episode features David Cass, IBM Cloud & …

SC 100: Part 2 CISO of IBM Cloud SaaS Speaks with Spirent on Risk, Remediation, Testing and Technology

June 28th, 2016


In part two of the conversation David Cass, IBM cloud & SaaS global CISO and John Weinschenk, Spirent Communications general manager enterprise and network application security, discuss managing risk.

In this …

SC 99: CISO David Cass Speaks to Spirent Communications on IoT, Ranswomware and More

June 21st, 2016


CISOs can never reduce risk to zero. As technology development increases at a lightning speed with the Internet of Things (IoT) bringing more …

SC 98: David Cass, IBM Cloud SaaS CISO, Speak with James Beeson, GE Capital America CISO, on the Changing Nature of Attacks

June 13th, 2016


Welcome to the Intersections IT Security One2One Summit podcast series presented in conjunction with Security Current.

In the series you will hear CISOs discuss today’s most critical issues in IT Security.

This episode …

SC 97: CISO David Cass, IBM Cloud SaaS, and David Hahn, Hearst CISO, Talk Security Challenges Facing Media Corporations

June 8th, 2016


Welcome to the Intersections IT Security ONE2ONE Summit podcast series presented in conjunction with Security Current.

In the series you will hear CISOs discuss today’s most critical issues in IT Security.

The first …

SC 96: IBM Cloud SaaS CISO Speaks with Deloitte's CISO on Security and the Convergence of Technologies

May 27th, 2016


In today’s digital age, there are more connected devices than ever before. A look at the history of the digital universe shows that, like the real universe, it is expanding. From a single device meeting our …

SC 95: Cloud Security Alliance Talks Challenges, CISO and Other Trends

March 15th, 2016


Cloud security continues to be a key consideration for CISOs with them weighing in on the pros and cons of whether or not to migrate to the cloud and, if so, best practices for migrating. A recent report issued by the …

SC 94: Security Shark Tank Vendor Spotlight: Skyport Systems

March 8th, 2016


Skyport Systems mission is to deliver a simple and effective secure-computing platform for enterprise applications.

As we hear from Skyport Systems Corporate Vice President Doug Gourlay, Skyport Systems SkySecure is a …

SC 93: Security Shark Tank Vendor Spotlight: Tempered Networks

March 8th, 2016


Tempered Networks enables enterprises to ‘cloak’ their networks, communications and endpoints so they are undetectable and tamper-proof, protected from cyber threats and human misuse/errors.

As we hear from Tempered …

SC 92: Security Shark Tank Vendor Spotlight: Spikes Security

March 8th, 2016


Spikes Security Isla Malware Isolation System assumes all web content is bad and isolates everything on an appliance in the DMZ, protecting web users …

SC 91: Security Shark Tank Vendor Spotlight: Pwnie Express

March 8th, 2016


Pwnie Express provides full threat detection of every wireless and wired devices in and around an organization’s workplace.

As we hear from Pwnie …

SC 90: Security Shark Tank Vendor Spotlight: Interset

March 8th, 2016


Interset is a user behavior analytics (UBA) solution, which leverages machine learning, big data, and risk forensics to provide an intelligent, …

SC 89: Security Shark Tank Vendor Spotlight: GuardiCore

March 8th, 2016


GuardiCore provides a real-time breach detection and response solution that leverages threat deception and process-level visibility to quickly detect …

SC 88: Security Shark Tank Vendor Spotlight: ProtectWise

March 8th, 2016


ProtectWise offers a Cloud Network DVR, which records everything on the network.

As we hear from ProtectWise Co-founder and Chief Technology Officer …

SC 87: Security Shark Tank Vendor Spotlight: Exabeam

March 7th, 2016


Exabeam is a user behavior analytics (UBA) solution, which leverages existing log data to quickly detect advanced attacks, prioritize incidents and …

SC 86: Social Media and Cyberterrorism - A Conversation with Cybercrime Expert Morgan Wright

February 16th, 2016


Morgan Wright is an internationally recognized cybersecurity, cyberterrorism and identity theft expert. 

He's testified in front of congress, advised the U.S. State Department and served in law enforcement.  In this …

SC 85: Security and Network Access Control at Barnabas Healthcare

February 10th, 2016


With vast amounts of personal information and Internet-enabled medical equipment, health care faces unique security requirements. Some are a result …

SC 84: Of Encryption and Backdoor Access - A Conversation with a CISO

January 29th, 2016


Encryption is fundamental to business today. But encryption also allows evildoers to plan nefarious criminal or terrorist acts.  Law enforcement, …

SC 83: Bug Bounty Programs: Trends in Developing Secure Software with SANS John Pescatore

January 13th, 2016


In the push to launch mission critical applications, insecure software often makes it into production. Sometimes hackers find the gaps and exploit …

A CISO Looks at Where We Go From Here in Information Security?

December 29th, 2015


Each year is a new opportunity to use what we've learned in the past in order to address the future and anticipate what the bad actors may do next to breach our information security.

Here, the head of information …

SC 81: Addressing the Growing Cybersecurity Threat in 2016 with Jason Witty, U.S. Bancorp CISO

December 23rd, 2015


The overall cost of cyber crime in 2015 to the world economy as a whole was estimated at a conservative $575 billion, according to research. Breaches …

SC 80: Hurdling Obstacles to Security Training and Awareness Success

November 30th, 2015


Things happen. Staffers click links they shouldn't. Interlopers enter the workplace, gain access to a vacant desk, log in and steal corporate …

SC 79: Software Defined Perimeters

November 5th, 2015


In a world of three letter acronyms comes yet another -- a new specification from the Cloud Security Alliance. SDP or Software Defined Perimeter.

SDP approaches are meant to create a secure micro segment between the …

SC 79: CISO Buying Trends, Approaches and Considerations

October 27th, 2015


With the plethora of information security products and services on the market, how can CISOs prioritize what they truly need? And how can they …

Creating and Managing a Security Aware Culture

October 20th, 2015


In both the public and private sectors employees are by and large the weakest links when it comes to information security breaches.

Training needs to be more than simply a checkbox on a compliance list. Optimal …

SC 76: The European's Safe Harbor Provisions are Invalid. So What?

October 14th, 2015


The European Union's (EU) highest court recently found that the "Safe Harbor" provisions allowing data transfers from EU countries to United States' data centers are invalid.

Triggering this finding was a lawsuit …

SC 74: Management Hierarchy and CISO Reporting Roles – Part 2 with CISO Brian Lozada

September 16th, 2015


What is the optimal structure within an enterprise in terms of CISO reporting? Should a CISO report to the CIO? Or possibly to the CFO? 

In some …

SC 73: Information Security in Hedge and Private Equity Funds - Part 1

September 8th, 2015


Information security in hedge funds is new and many hedge funds don't know what cybersecurity is or what is at risk. And there are unique security issues specifically related to hedge funds. 

With a high risk/reward …

SC 72: Vetting Security Startups -- Venture Capital Series Part 3

August 31st, 2015


How can CISOs differentiate among "me too" information security startups? What is the role of incubators and are they useful in helping new security …

SC 71: What Happens When Your Security Vendor is Acquired –Venture Capital Series Part 2

August 18th, 2015


One of the primary exit strategies for security startups is to be acquired. Sometimes that's a good thing, other times, not so much.

Hear about some of the issues associated with acquisitions and where startups added …

SC 70: Security Shark Tank Quick Hits

August 13th, 2015


At the second Security Current Security Shark Tank competition held during Black Hat in Las Vegas, six up and coming cybersecurity providers came face-to-face with some 20 Chief Information Security Officers (CISOs).

SC 70: Experience Matters for Security Startups - Venture Capital Series Part 1

August 10th, 2015


The level of venture capital financing has hit new heights with increasing investments in information security. Some venture capitalists (VCs) specialize in finding and funding startups in security, which is a unique …

SC 69: Anton Chuvakin on the Operational Effectiveness of Security Analytics

July 28th, 2015


How effective are Security Analytics tools and how do you compare their operational effectiveness?

After spending months researching this subject, …

SC 68: DataStealth from Datex, Inc.- Transforming Sensitive Information Securely

July 23rd, 2015


It no longer is will an intruder will gain access to your network, it is just a matter of when they will gain access.

Cybersecurity company Datex, Inc. says employees will make mistakes, user credentials will be …

SC 67: Cloud SIEM Doesn't Really Exist - Yet

July 20th, 2015


SIEM stands for Security Information and Event Management.

SIEM is continuing to grow in usage but where does it stand in terms of cloud deployments and what is its cloud-based market share?

Gartner's Dr. Anton Chuvakin …

SC 66: Using User Behavior Intelligence To Identify Account Takeovers

July 14th, 2015


Massive database breaches have resulted in millions of user identification and authentication profiles being compromised. Identifying unauthorized …

SC 65: Changing User Behavior Through Security Education

July 10th, 2015


With experts citing employees being compromised by attackers as a primary cause of security breaches, many enterprises are seeking new training methods.

Spun out of Carnegie Mellon University, Wombat Security takes what …

SC 64: Overcoming Silos Between Security and Privacy

July 6th, 2015


For organizations to achieve maximum privacy and security the two need to go hand-in-hand but unfortunately they are often siloed within …

SC 63: Gartner's Anton Chuvakin On the Failure of Security Policies

June 29th, 2015


Many security policies are aspirations, doomed to fail because they are unrealistic. Not only can they be unachievable, but may in fact encourage …

SC 62: Augmenting the Past with Network Forensics

June 5th, 2015


Most "new" security technologies use functions and features developed years ago. Network Forensics applies machine learning, automating detection …

SC 61: An Information Security Officer's Deep Thoughts

June 1st, 2015


In this interview with an information security officer who prefers to remain anonymous we discuss the definitions of security intelligence, what it takes to be a CISO and the toughest part about heading up security at …

SC 60: The Role of the CISO with Daniel Conroy, Synchrony Financial

May 18th, 2015


As the news of breaches across multiple sectors continues the role of the Chief Information Security Officer (CISO) has never been more important.

SC 59: Breach Detection with Seculert

May 15th, 2015


It isn't a matter of if your organization will be infected with malware but rather a matter of when. Based on that premise, Seculert designed a cloud …

SC 58: A CISO Talks Security in Healthcare

May 11th, 2015


Healthcare providers have some of the most complicated environments with a multitude of systems, users and regulatory mandates. And often, according …

A CISO Reviews RSA 2015: Patricia Titus

May 6th, 2015


RSA Conference 2015 was bigger than ever with hundreds of startups promoting their wares. One segment that caught the attention of CISOs was what is being dubbed as next generation endpoint security.

As you'll hear, new …

SC 56: The State of Cyber Security: Implications for 2015

May 5th, 2015


A surprising number of organizations are expecting a cyber attack. Despite this it is getting harder to fill cyber security jobs.

ISACA, an independent, nonprofit global association that develops and promotes the …

SC 55: Next Generation Endpoint Protection

May 1st, 2015


Is there room for yet another endpoint protection product in a market crowded with alternatives?

SentinelOne says there is and that they are reinventing endpoint protection with an aim to replace antivirus within the …

Gartner Analyst on the Bus - Security Budgets Up as Staffing Down

April 30th, 2015


The percentage of the IT budget allocated to security is increasing. In fact, it is growing at a faster rate than the overall IT budget. But what …

SC 53: The New Perimeter is Around the Cloud: CYREN Annual Report Details Latest Threats

April 29th, 2015


Some 2.5 billion emails containing malware were sent in 2014. Malware URLs are on the rise. Phishing URLs are on the rise. And according to CYREN's 2015 Cyber Threats Yearbook it doesn't appear that attackers will be …

SC 52: Protecting Against Targeted Corporate Email Attacks

April 27th, 2015


More than 90 percent of enterprise security problems are reportedly caused by malicious email.

The number of corporate spear phishing attacks is growing. It isn’t a matter of if an employee will click on a malicious …

SC 51: Tempered Networks: Addressing TCP/IP Vulnerabilities

April 14th, 2015


2015 has been dubbed the year of the security start-up and competition has never been greater. How do Chief Information Security Officers (CISOs) who are responsible for the security of their enterprises identify …

SC 50: Security Analytics: Buy or Build

April 7th, 2015


How big a market is Security Analytics? If you ask our guest, Gartner Research VP Dr. Anton Chuvakin you'll hear that there actually is no specific or defined market called Security Analytics. He says that while there …

SC 49: A Five-time CISO on Attacks, Security Personnel Shortages and More

March 25th, 2015


Five-time CISO Jeff Klaben, who is currently at a Silicon Valley think tank and also is an adjunct professor, says there is a shortage of skilled security professionals, especially at the management level, to combat an …

SC 48: Automotive Security and the Car of the Future

March 24th, 2015


Imagine a future when cars are no longer controlled by the driver.

With automatically controlled cars coming "just around the corner" and with more …

SC 47: Cloud Security Monitoring, Cloud Access Security Brokers and MSSPs

March 4th, 2015


Monitoring new cloud environments for adequate security is challenging, particularly when trying to determine which approach might be best.

Most …

SC 46: Addressing a Critical Vulnerability Management Problem

March 2nd, 2015


Scanning a network, devices or applications for security vulnerabilities may not tell the whole story or even tell the true story. IP addresses and …

SC 45: The Security Hits Keep Coming

February 24th, 2015


Some research suggests that 97 percent of organizations are already compromised, according to former Gartner analyst Eric Ouellet. And according to Ouellet the hackers are smarter and more persistent than ever, often …

SC 44: FBI Views on Cybersecurity

February 18th, 2015


The recent US Presidential Directive along with White House statements on cybersecurity have brought new energy to law enforcement approaches against cybercrime. 

Sharing threat data within the public and private …

SC 43: The City of San Diego's CISO Talks About Security Innovation

February 11th, 2015


You wouldn't think that innovation and city government go hand in hand but in The City of San Diego that is precisely the case. 

In this conversation …

SC 42: Emerging Deception Techniques, Technologies and Tools

February 4th, 2015


There's a desire to "get back" at infrastructure attackers through offensive deception techniques. Products are just emerging designed to lead the bad guys into worthless, time-wasting activities to minimize the damage …

SC 40: Aviation Security: Who's Watching Out for Us?

January 27th, 2015


The aviation industry is a pillar of critical infrastructure and the industry is very complicated. It has cargo, passenger, military and leisure components with an overlay of complex communications systems. Networks …

SC 40: A Small Company Takes on the Devil Inside the Beltway

January 6th, 2015


LabMD processes medical specimens. One day, a security services company emailed them advising that its patented searching software, which looks for problems caused by peer-to-peer applications, found a file with …

SC 39: Legal Issues with BYOD

December 29th, 2014


With Bring Your Own Device (BYOD) increasing in the workplace, the question arises of employer and employee rights governing the use of these employee-owned tablets, laptops, smartphones and other personal devices. What …

SC 38: Where Are the New Security Professionals Coming From?

December 15th, 2014


There is a shortage of operational security professionals, with approximately 100,000 open positions seeking technically qualified people. Supporting education in STEM, sourcing ex-military and promoting people from the …

SC 37: How History Impacts Security Around the World

December 9th, 2014


It takes a village to build a secure world. Privacy and security are intertwined. But approaches in America are subtly different than approaches taken in Europe. Americans often approach security from an infrastructure …

SC 36: Securing the API Economy: A CISO Tutorial

December 4th, 2014


With the increase in APIs, and in particular usage with REST-based architecture, developers need to rethink how they secure them. So what should …

SC 35: A Secure Internet of Things Ecoysystem

November 21st, 2014


As the Internet of Things (IoT) evolves security is often an afterthought. One of the greatest challenges facing IoT project teams is ensuring the …

SC 34: PKI and Securing the Internet of Things

November 18th, 2014


Whatever happened to public key infrastructure (PKI)? Despite rumors of its demise, PKI is not dead! However, it has essentially disappeared into the applications, processes and products it is now protecting.

The …

SC 33: Smart Carpets and Cheney's Heart

November 11th, 2014


How does a CISO approach the special security and privacy issues involved in a medical setting as the Internet of Things moves forward? Jeff Misrahi, …

SC 32: Information Sharing Among Security Executives

November 6th, 2014


Who should the CISO report to in the organization? How can CISOs who are at competing organizations share information security without tension? And …

SC 31: An Interview with the First CISO, Steve Katz Formerly of Citigroup

October 31st, 2014


Steve Katz, credited with being the first Chief Information Security Officer (CISO), sets the record straight on that honorific. He talks about what it was like being the first CISO, jesting that he slept like a baby, …

SC 30: Securing Embedded Systems on the Internet of Things

October 24th, 2014


Embedded systems, the Internet of Things and security. What do these three things have in common?

Once in use industrial, medical, avionics and other systems typically don't get upgraded, but they need to operate in a …

SC 29: Overcoming Security Silos

October 22nd, 2014


The drumbeat of breaches -- Home Depot, Target, Jimmy John's and the list goes one -- continues almost daily. Why is this the case? It doesn't appear to be a lack of security investment or governance.

As you'll hear …

SC 28: Threat Intelligence: What it Is. How it is Used.

October 17th, 2014


Threat Intelligence is more than just a list of bad actors' IP addresses. The best sources of it tend to come from the more mature and 'enlightened' providers who employ a substantial number of security analysts who can …

SC 27: Data Loss Prevention Use Cases

October 9th, 2014


Data Loss Prevention (DLP) solutions help keep private data private. Using various rules based on certain policies, sensitive information can be …

SC 26: Security Incident Response and the Lack of Sleep

September 26th, 2014


It is often law enforcement that finds evidence of a security breach first. Being able to respond effectively to breaches can reflect on an organization's reputation. 

There is always malware running somewhere. Some …

SC 25: History of Malware and How Privacy Gets No Respect

September 17th, 2014


Malware in its various forms has been around since the start of the computing age, but one platform remains more susceptible to evil code than others with more than 1 million new unique virus  signatures discovered each …

SC 24: Do Honeypots Still Have Value in Network Security?

September 12th, 2014


Honeypots, used to detect cyber attacks, have been around information security for a long time.

The non-profit Honeynet Project is dedicated to investigating the latest attacks and working to improve the utility of …

SC 23: Raytheon's Perspectives on Commercial Information Security Projects

September 10th, 2014


Why should a commercial entity consider a defense contractor for security projects?Answering the question is Edward Hammersla, President of …

SC 22: Live Attack Intelligence, Big Data and the X-Ray Machine that Could Hack

August 20th, 2014


Black Hat Series

There are a multitude of threat data sources used by Intrusion Prevention Systems (IPS) and anti-malware products to strengthen …

SC 21: Yale New Haven Health System Cyber Security Case Study

August 18th, 2014



With an increase in cyber attacks across industries, and in particular healthcare with medical-related …

SC 20: Securing the Branch Location and Remote Site

August 11th, 2014



Hackers continue to go after the easiest target -- the branch or remote office be it a gas station, retail store, bank branch, local health clinic or the like.

Armed with the knowledge that …

SC19: Backoff Point of Sales Malware, Ransomware and More

August 10th, 2014



Purpose-built, specialized malware dubbed "Backoff" is being found in point-of-sales (POS) systems. At the discovery, the malware, which is gathering magnetic strip information, keyed data and more, had …

SC 18: The Bad Guys Get Smarter

August 9th, 2014



IBM's Security Systems X-Force recommends that a shift takes place from focusing on protecting the perimeter to  securing applications.

The X-Force publishes a Threat Quarterly Report that analyzes …

SC 17: Sex Tapes, Cloud and Security

July 9th, 2014


A recent movie shows what happens when a private video goes "up into the cloud" for everyone to see. 

The movie is called "Sex Tape." A memorable refrain from one of the characters in the movie is "Nobody Understands …

SC 16: Is Big Data Analytics for Security Mainstream?

July 3rd, 2014


Security analysts and experts often talk about big data security analytics as a burgeoning space. But is that the really the case?

What is reality behind big data analytics for security? Is it mainstream? Does a …

SC 15: From UserID and Password to Digital ID

June 2nd, 2014


Many consumer-facing e-commerce implementations depend on 1960s technology to identify and authenticate customers. SecureKey is bringing …

SC 14: Flavors of Intelligence

May 19th, 2014


What are intelligence security controls? Intelligence sharing domains? Shared response infrastructure? Are they just information security buzz words …

SC 13: Voltage Spies Secure Email

May 1st, 2014


From email to texting and other forms of social media, the need for protected communications underscores the requirement to continue encrypted …

SC 12: PCI DSS Version 3, What's New?

April 17th, 2014


Does the Payment Card Industry Data Security Standard (PCI DSS), now in its 3rd version, actually increase safeguards required to be taken by enterprises to ensure customer data?

According to the PCI Security Standards …

SC 11: Tools for Securing the Cloud

April 15th, 2014


What are use cases for security tools for protecting information in the cloud?

What organizational changes can trigger an enterprise to adopt …

SC 10: IT Security Entrepreneurs Forum 2014; Bridging the Gap Between the Federal Government and Private Industry

April 10th, 2014


The Security Innovation Network (SINET) this week held its annual IT Security Entrepreneurs Forum in Silicon Valley. 

There, connections were made …

SC 009: Data Visualization in Threat Intelligence

March 31st, 2014


How valuable is data visualization in spotting patterns on attacks on individuals, institutions or locations? 

Understanding what is going on in this realm can help organizations protect themselves against organized …

SC 008: Pentesting and Hacking Hardware

March 26th, 2014


The Ability to See All the Things: Vulnerability Assessment and Pentesting.

What security vulnerabilities are you not seeing in your remote …

SC 007: What is Tokenization?

March 21st, 2014


What is tokenization? 

How does tokenization compare to encryption and format preserving encryption?

Are there performance issues regarding its use?

SC 006: Security and the Internet of (Every)Thing

March 18th, 2014


Security and the Internet of (Every)Thing.

How are data and communications going to be protected as CPUs and Near Field Communication chips become less expensive and are embedded in to the Internet of (Every)Thing?

What …

E5 Vic Wheatman Discusses Threat Intelligence with Spire Security's Pete Lindstrom

March 10th, 2014


Threat Intelligence -- What is it? Who provides it? What should you do with it? securitycurrent's Vic Wheatman speaks at the RSA conference with Pete …

E-4 Vic Wheatman Speaks to Hytrust's President Eric Chui on Defensive Cloud and Virtualization

March 3rd, 2014


A soon to be released survey conducted by cloud security automation provider Hytrust found that consumers believe corporations don't really care about protecting consumer data. Yet companies are increasingly moving to …

E3 Victor Wheatman speaks with Trend Micro on what c-level executives needs to know about information security

February 28th, 2014


Security from the top? What does a c-level executive at an organization need to know about information security given today's security trends? Join …

E2 Victor Wheatman Discusses Symantec's CyberWar Games with Forrester and Enterprise Management Analysts

February 24th, 2014


Victor Wheatman speaks with leading security analysts David Monahan, Research Director for the Security and Risk Management Group at Enterprise Management Associates, and Edward S. Ferrara, Principal Analyst serving …

E1 Vic Wheatman Speaks with Gartner's Lawrence Pingree on the NSA RSA

February 19th, 2014


Analyst and securitycurrent's senior editor Victor Wheatman speaks with Gartner security and privacy analyst Lawrence Pingree on the calls by some security experts to boycott the RSA 2014 conference over the reported …

Loading ...

Are you the creator of this podcast?

Verify your account

and pick the featured episodes for your show.

Listen to Cyber Pro Files


A free podcast app for iPhone and Android

  • User-created playlists and collections
  • Download episodes while on WiFi to listen without using mobile data
  • Stream podcast episodes without waiting for a download
  • Queue episodes to create a personal continuous playlist
RadioPublic on iOS and Android
Or by RSS
RSS feed

Connect with listeners

Podcasters use the RadioPublic listener relationship platform to build lasting connections with fans

Yes, let's begin connecting
Browser window

Find new listeners

  • A dedicated website for your podcast
  • Web embed players designed to convert visitors to listeners in the RadioPublic apps for iPhone and Android
Clicking mouse cursor

Understand your audience

  • Capture listener activity with affinity scores
  • Measure your promotional campaigns and integrate with Google and Facebook analytics
Graph of increasing value

Engage your fanbase

  • Deliver timely Calls To Action, including email acquistion for your mailing list
  • Share exactly the right moment in an episode via text, email, and social media
Icon of cellphone with money

Make money

  • Tip and transfer funds directly to podcastsers
  • Earn money for qualified plays in the RadioPublic apps with Paid Listens