Cybersecurity Café

CyberRisk and Knowbe4 host an executive event joining them on the day is Kevin Mitnick, Cyber Security Café host Beverley moderates the session and asks the questions. Kevin’s childhood and fascination with magic and pranking history “McDonald’s prank”. We discuss the latest findings in penetration testing and any commonalities, also what advice Kevin is offering executives and the workforce on phishing, social engineering and paying ransomware. A few surprises near the end of the podcast.A special thanks to Kevin Mitnick for his generosity for our industry. Thanks to our sponsor Cyber-Risk and KnowBe4www.cyber-risk.com.auwww.knowbe4.com

“Disruption”. Join Craig Templeton and Beverley Roche for a wrap up and summary of the 2020 SIT summit event and what is changing and working in the Cyber security culture programs. We talk about the practitioners that contribute to making this event happen, the presenters, panel discussions and the key issues. Want to know more about the SIT Empowers group? LinkedIn – Security, Influence and Trust Or check out the SITEMPOWERS website and download the SIT Guidebook and use the free resources.https://sitempowers.com/

The trauma, emotional and financial devastation, shame, and victim-blaming are all explored in this forthright conversation with relationship scam survivor, Jan Marshall. Understanding that scammers are trained professionals, not just opportunistic players is vital to protect the vulnerable and idealistic in a world where everything and everyone is open for exploiting. How can an intelligent person be so thoroughly scammed? Cyber Security Cafe host, Beverley Roche chats to Jan Marshall about her story and the devastating trauma of a relationship scam.Emotions still resonate powerfully as Jan shares her very personal experience of being a victim of a relationship scam and details of her new emotional support service, Life After Scams for victims of similar cyber crimes. If you think it is too good to be true, it probably is. If you are being asked for money and personal details shortly after meeting someone online, ask yourself #isthisforreal?If you think you are experiencing a relationship scam, here are some helpful sites to assist you: Jan Marshall – www.lifeafterscams.orgReport to Scamwatch – www.scamwatch.gov.auIDCare – www.IDCare.org

Security 101 tips for reviewing Office 365 infrastructure, details of a Spear phishing attack that owned an organisations infrastructure and important tips about keeping an eye on your logs and monitoring. During COVID19, data is moving about everywhere, with organisations rushing to move people to work from home and playing security catchup. Beverley Roche chats to Christopher McNaughton from SECMON1,who specialise at looking at Security inside your organisation, Data discovery, workplace investigations, Digital Forensics and Electronic discovery. Former Senior Forensic Examiner with Victoria Police Force, Chris talks about how he landed in Cybersecurity. We talk about an organisations risk in relation to Data and how SECMON1 use their Discovery tools and off course we lift the rug to understand how important it is for employees not to use company assets for malicious purposes.

Will it make us safer? or will the data it collects lead to greater social harm in future ? Cyber Security lead, Beverley decompiles the current issues with the Covidsafe app and chats to well-known identity, Shannon Sedgwick about his early days in cyber and his current role as Senior Managing Director at Ankura. We cover how Australian’s might be feeling about the trust issues, the trade offs and downloading the app for the greater good. Shannon Sedgwick is highly regarded in technology and cyber security circles in Asia Pacific. He is often seen appearing on TV, radio, and in print publications, delivering keynotes discussing cyber security, effective leadership, business development, governance, culture, technology risk, government policy, and breaking news events. Shannon can be contacted through his website: ssedgwick.com

Relationship scams, COVID-19 scams, Investment scams - Right now, there are more opportunistic, professional cyber-criminals hard at work to catch you out than ever before. Deputy Chair of the Australian Competition & Consumer Commission, Delia Rickard joins cyber security expert, Beverley Roche to unpack the current threats to your safety and finances. Listen to how to keep yourself safe online and how to report scams. Ask yourself #isthis4real

What are the types of threats we are facing right now? Highly motivated cyber-criminals are working overtime right now. Former National Director Joint Cyber Security Program of Australian Cyber Security Centre - Lead Ryan Janosevic of Retrospect Labs takes us through the steps to help you be Cyber Resilient. Retrospect Labs came through the accelerator Program at CyRise and Ryan is an investor, supporter and champion of Cybersecurity startups (Cybersecurity venture program powered by NTT and Deakin University. We discussed the importance of supporting Australian Talent and Australian start-ups to ensure the flow of talent into the future of the cyber-security industry.What should organisations be doing right now to be prepared and ready? Ryan recommends businesses practice their incident response plans and develop playbooks to testing a whole of enterprise approach with all the business stakeholders - treat it like a fire plan and drill. ContactRyan Janosevic and Jason Pangwww.retrospectlabs.com.au

How to avoid workplace issues that lead to staff being compromised by phishing emails. What are the behavioural cues that indicate cognitive load is high? Using a customer journey map to understand the workforce and what are the danger zones in their day. What controls, both human and technology based can we deploy to mitigate that danger zone? Paul Burrow, Cybersecurity Behavioural Expert discusses "wicked problems" and quotes Tim Brown's "Human Centred design" as his guidebook.Wicked problems like “How might we get all Australian’s implement Two Factor Authentication” How to get the right message to the right people at the right time. We discuss the importance of finding shared language and common themes, how to build a narrative to get a workforce engaged. Cognitive load in the workplace is challenging how and when we, as cyber security professionals intersect with reminding people to be extra vigilant when those phishing emails hit. Connect with Paul Burrow on LinkedIn - https://www.linkedin.com/in/paulburrow

THE INTRO ?Louisa and Beverley are at the SIT Summit today in Melbourne and this episode is an event special to help amplify the learnings for those who couldn't attend, wherever they are in the world! The Security Influence and Trust Group, founded in late 2015, is a community of people who believe that collaboration, consistent messages and simple actions are key to empower people to protect themselves in the digital world. They are working together to amplify consistent tips that help the community to build online safety skills. They are industry professionals with a long history of building security aware cultures. The 4th SIT Summit was hosted by Telstra in Melbourne on 27th November 2019. Event agenda sit-summit-2019-agenda Event photos (under SIT News) https://sitempowers.com ???THE CHAT??Louisa and Beverley share their insights from the sessions and also asked special guests Christie Wilson, Erica Hardinge and Susie Jones to also share some of their key take aways from the event including:?- Advice on starting an awareness or influence program from scratch- Why they are passionate about human security and why it is important- What were their key learnings from the day- What was the thing that surprised them most- What amplify means to them- What is the one thing the security industry could do to help improve human security?For the full Transcript of the chat visit this linkprovided for free by Otter.ai (unedited)??CREDITS?Guests: Christie Wilson, Erica Hardinge, Susie JonesHosts: Beverley Roche and Louisa Vogelenzang https://www.cybersecuritycafe.com.au/co-hostsProducer/Editor: Louisa VogelenzangSound Producer: Darcy Milne (Propodcastproduction.com)? USEFUL LINKS ?Darren Pauli's writing guide https://sitempowers.com/1571-2/SIT Guidebook https://sitempowers.com/sit-guidebook/More info on ANZ PACT referred to by Erica Hardinge https://media.anz.com/posts/2018/10/anz-encourages-australians-to-make-a-pact-to-protect-their-virtu? CONTACT THE CYBERSECURITY CAFÉ Join our LinkedIn Group https://www.linkedin.com/company/the-cybersecurity-café Email us:louisa@cybersecuritycafe.com.aubeverley@cybersecuritycafe.com.au Visit our website: https://www.cybersecuritycafe.com.au Want to be on the show? Send us your bio and an overview on what you want to chat about and we’ll be in touch asap. We also welcome guest suggestions – in particular we’d love to hear from new voices in the industry who have new ideas to share about the human side of security. © 2019 by Cyb

THE INTRO ?Louisa has been in New York at a Cyber insurance conference and shares her insights from a couple of the sessions including what people want their cyber insurance policy to cover and whether or not millennials care about privacy including the impact digital savviness may have on this Beverley wants to know who the greatest conmen of our time was and Louisa thinks Frank Abagnale Jr. is a good candidate and there are lots techniques Frank used that are still used today. Louisa and Beverley discuss the different definitions of social engineering Beverley is excited to have Chris Gatford on the podcast today ???THE CHAT??Chris Gatford is the director of Hacktive in Sydney, Australia and performs penetration tests for organisations all around the world. Chris has performed thousands of penetration tests in his career and has reviewed countless IT environments and has directed and been responsible for numerous security assessments for a variety of corporations and government departments Chris has co-authored two books, including “Network Security Assessment: From Vulnerability to Patch” from Syngress Publishing.?For the full Transcript of the chat visit this linkprovided for free by Otter.ai (unedited)?THE DEBRIEF?Louisa is seeing some themes emerge from the podcast interviews in terms of the key skillsets needed to be in cybersecurity and the criticality of curiosity Beverley agrees with Chris on why it is so hard to secure the family home Beverley is also glad to hear that millennials are asking big questions about privacy Beverley shares her view on whether penetration testing can be outsourced including the use of bug bounty programs and the role of trust Why we need another podcast to look at how our roles might change in the future and how we prepare for that How the BBQ/taxi conversation has changed and why we need to be ready to change our message as the criminals evolve ?How to follow Chriswebsite: https://www.hacktive.ioEmail: chris@hacktive.io Twitter: @ChrisGatford?CREDITS?Guest: Chris GatfordHosts: Beverley Roche and Louisa Vogelenzang https://www.cybersecuritycafe.com.au/co-hostsProducer/Editor: Louisa VogelenzangSound Producer: Darcy Milne (Propodcastproduction.com)? RESEARCH Digital literacy survey mentioned at the panel discussion Louisa attended in New York https://www.nominet.uk/digital-generation-gap-remains-wide-open-older-generations-fail-embrace-new-technology/ Frank Abignale on why tech has made things 4000x easier for criminals https://www.techrepublic.com/article/famous-con-man-frank-abagnale-crime-is-4000-times-easier-today/ Splendour in the grass science tent https://inspiringnsw.org.au/2019/06/27/science-tent-returns-to-splendour/ Open DNS solution mentioned by Chris during the chat https://www.opendns.com?CONTACT THE CYBERSECURITY CAFÉ Join our LinkedIn Group https://www.linkedin.com/company/the-cybersecurity-café Email us:louisa@cybersecuritycafe.com.aubeverley@cybersecuritycafe.com.au Visit our website: https://www.cybersecuritycafe.com.au Want to be on the show? Send us your bio and an overview on what you want to chat about and we’ll be in touch asap. We also welcome guest suggestions – in particular we’d love to hear from new voices in the industry who have new ideas to share about the human side of security.

THE INTRO ?Louisa has been in New York at a Cyber insurance conference and shares her insights from a couple of the sessions including what people want their cyber insurance policy to cover and whether or not millennials care about privacy including the impact digital savviness may have on this Beverley wants to know who the greatest conmen of our time was and Louisa thinks Frank Abagnale Jr. is a good candidate and there are lots techniques Frank used that are still used today. Louisa and Beverley discuss the different definitions of social engineering Beverley is excited to have Chris Gatford on the podcast today ???THE CHAT??Chris Gatford is the director of Hacktive in Sydney, Australia and performs penetration tests for organisations all around the world. Chris has performed thousands of penetration tests in his career and has reviewed countless IT environments and has directed and been responsible for numerous security assessments for a variety of corporations and government departments Chris has co-authored two books, including “Network Security Assessment: From Vulnerability to Patch” from Syngress Publishing.?For the full Transcript of the chat visit this linkprovided for free by Otter.ai (unedited)?THE DEBRIEF?Louisa is seeing some themes emerge from the podcast interviews in terms of the key skillsets needed to be in cybersecurity and the criticality of curiosity Beverley agrees with Chris on why it is so hard to secure the family home Beverley is also glad to hear that millennials are asking big questions about privacy Beverley shares her view on whether penetration testing can be outsourced including the use of bug bounty programs and the role of trust Why we need another podcast to look at how our roles might change in the future and how we prepare for that How the BBQ/taxi conversation has changed and why we need to be ready to change our message as the criminals evolve ?How to follow Chriswebsite: https://www.hacktiv.ioEmail: chris@hacktiv.ioTwitter: @ChrisGatford?CREDITS?Guest: Chris GatfordHosts: Beverley Roche and Louisa Vogelenzang https://www.cybersecuritycafe.com.au/co-hostsProducer/Editor: Louisa VogelenzangSound Producer: Darcy Milne (Propodcastproduction.com)? RESEARCH Digital literacy survey mentioned at the panel discussion Louisa attended in New York https://www.nominet.uk/digital-generation-gap-remains-wide-open-older-generations-fail-embrace-new-technology/ Frank Abignale on why tech has made things 4000x easier for criminals https://www.techrepublic.com/article/famous-con-man-frank-abagnale-crime-is-4000-times-easier-today/ Splendour in the grass science tent https://inspiringnsw.org.au/2019/06/27/science-tent-returns-to-splendour/ Open DNS solution mentioned by Chris during the chat https://www.opendns.com?CONTACT THE CYBERSECURITY CAFÉ Join our LinkedIn Group https://www.linkedin.com/company/the-cybersecurity-café Email us:louisa@cybersecuritycafe.com.aubeverley@cybersecuritycafe.com.au Visit our website: https://www.cybersecuritycafe.com.au Want to be on the show? Send us your bio and an overview on what you want to chat about and we’ll be in touch asap. We also welcome guest suggestions – in particular we’d love to hear from new voices in the industry who have new ideas to share about the human side of security.

THE INTRO ?Louisa is in the USA this week and Beverley is trying out her US accent One of the reasons for doing the podcast was to showcase the fantastic talent in the cybersecurity industry Cybersecurity can be a stressful profession and recent research Louisa has found confirms that the top 4 reasons for stress are about interfacing with the business (link in research section below) Beverley agrees that one of the reasons you are not suited to cybersecurity (according to some research she had find on a previous episode was related to finding explaining an incident to executives too stressful (link in research section below) Someone who is clearly very suited to a career in cybersecurity is Mandy Turner. Since recording the chat with Mandy she was also awarded Australian Information Security Association (AISA) Professional of the year (2019) as well as a fellowship of AISA? Louisa and Beverley agree that is so great to see volunteers recognised in our industry ???THE CHAT??*CONTENT WARNING*: This chat briefly makes mention of domestic violence. If this word is a trigger for you we would advise listener discretion. If you need to skip past the section you can fast forward the minute markers from minute 19:55 to 21:00 If you have been affected by this content in any way, please visit lifeline.org.au who have resources on their website for support around domestic and family violence as well as a 24/7 crisis helpline. ?Mandy Turner is a shining light in the Cybersecurity industry - she is positive, collaborative and supports the industry thorough extensive volunteer work. Mandy has recently been recognised for her work winning multiple awards this year. She knows our industry well and what we need to change - you can read her full bio via the following link Mandy Turner BIO?For the full Transcript of the chat visit this linkprovided for free by Otter.ai (unedited)?THE DEBRIEF?Beverley is amazed by the volunteer work that Mandy does and the contribution she has made (and continues to make) to our profession Louisa agrees and re-iterates how great it is to see her recognised Beverley is curious about Mandy's book plans and cautions that whilst we need not glamourise cybercrime as it is just crime, we know it is still much harder to catch (cyber) criminals Louisa shares that a future podcast will cover the way in which tech enables cybercrime Louisa reminds listeners that their feedback is valued and that we welcome guest suggestions! ?How to follow Mandy?Initiatives: The mentoring initiative website (such as it is,) is here https://cybercenturymentoring.weebly.com/ Twitter: https://twitter.com/empressbat LinkedIn: www.linkedin.com/in/amandajane1?CREDITS?Guest: Mandy TurnerHosts: Beverley Roche and Louisa Vogelenzang https://www.cybersecuritycafe.com.au/co-hostsProducer/Editor: Louisa VogelenzangSound Producer: Darcy Milne (Propodcastproduction.com)? RESEARCH Research on causes of stress in cyber https://www.google.com.au/amp/s/www.techrepublic.com/google-amp/article/cybersecurity-burnout-10-most-stressful-parts-of-the-job/ Reasons you are not suited to a cyber careerhttps://www.google.com.au/amp/s/www.techrepublic.com/google-amp/article/10-signs-you-arent-cut-out-to-be-a-cybersecurity-specialist/?Dr. Jessica Barker research on origins of cyber https://www.peerlyst.com/posts/cyber-by-any-other-name-would-smell-as-insecure-the-language-of-security-at-bsides-london-2016-jessica-barker ?CONTACT THE CYBERSECURITY CAFÉ Join our LinkedIn Group https://www.linkedin.com/company/the-cybersecurity-café Email us:louisa@cybersecuritycafe.com.aubeverley@cybersecuritycafe.com.au Visit our website: https://www.cybersecuritycafe.com.au Want to be on the show? Send us your bio and an overview on what you want to chat about and we’ll be in touch asap. We also welcome guest suggestions – in particular we’d love to hear from new voices in the industry who have new ideas to share about the human side of security.

Description

THE INTRO Data is everywhere including in Louisa's living room in many different forms (thanks to Star Trek!) We know data is being created in large volumes and we know it can be used in a negative way but how do we know we have the right systems in place now and in the future to effectively govern it Beverley says there is a lot of debate about these topics and confirms that our guest today will be able to help bring some of these issues together Daniella Traino who is very close to the innovation space - she is the cyber track leader at Spark festival and a volunteer Start up Editor on Cyber and AI at https://www.ideaspies.com/ ???THE CHAT??Daniella Traino leads a niche technology advisory with a focus on strategic cyber security services (interim CISO for high-tech & mid sized enterprises) and high-tech commercialisation. She is a non-executive director and strategic advisor to IoTSec Australia (a not-for-profit organisation influencing IoT cyber security innovation), a member of the Research Advisory Committee for the Internet Commerce Security Laboratory (ICSL) – a cyber security research unit of Federation University Australia, Startup Editor (AI, Cyber Security) for IdeaSpies (platform sharing innovation to inspire action across the Australian ecosystem), Cyber Track Leader for Spark Festival. She was recently nominated as 2019 Security Champion, by the AWSN & CSO IDG Women in Security Awards. Full Bio for Daniella here: https://www.cybersecuritycafe.com.au/daniella-traino-bio ? Transcript of the full chat on our website: https://www.cybersecuritycafe.com.au/transcript-daniella-traino-chat transcript provided by Otter.ai (unedited)?THE DEBRIEF?Louisa needs the mind-blown emoji after listening to the chat Louisa was interested by the idea Daniella shared about changing the economic value of collecting data and shares an example of where she was asked to share data she didn't need to Beverley has a technique she uses to protect her privacy when shopping - she doesn't have loyalty cards at all! Louisa mentions the positive of AI in Cybersecurity and shared some research finding from Cap Gemini and also shares some insights around how Cybercriminals are using AI Beverley wonders what we need to consider from a product development perspective and Louisa offers some insights Beverley wonders if we should sign up to an ethics agreement as a cyber security profession Louisa thinks that's one for a whole other podcast! ?How to follow Daniella:?Twitter: Daniella_t05Website: https://www.pineconestrategies.tech/?CREDITS?Guest: Daniella TrainoHosts: Beverley Roche and Louisa Vogelenzang https://www.cybersecuritycafe.com.au/co-hostsProducer/Editor: Louisa VogelenzangSound Producer: Darcy Milne (Propodcastproduction.com)? RESEARCH ?https://www.capgemini.com/research/reinventing-cybersecurity-with-artificial-intelligence/https://labsblog.f-secure.com/2019/07/11/malicious-use-of-ai/https://www.raconteur.net/technology/ai-cybersecurityhttps://www.computerworld.com.au/article/632444/6-ways-hackers-will-use-machine-learning-launch-attacks/https://www.techopedia.com/are-hackers-using-ai-for-malicious-intentions/2/33647??CONTACT THE CYBERSECURITY CAFÉ Join our LinkedIn Group https://www.linkedin.com/company/the-cybersecurity-café Email us:louisa@cybersecuritycafe.com.aubeverley@cybersecuritycafe.com.au Visit our website: https://www.cybersecuritycafe.com.au Want to be on the show? Send us your bio and an overview on what you want to chat about and we’ll be in touch asap. We also welcome guest suggestions – in particular we’d love to hear from new voices in the industry who have new ideas to share about the human side of security.

THE INTRO Data is everywhere including in Louisa's living room in many different forms (thanks to Star Trek!) We know data is being created in large volumes and we know it can be used in a negative way but how do we know we have the right systems in place now and in the future to effectively govern it Beverley says there is a lot of debate about these topics and confirms that our guest today will be able to help bring some of these issues together Daniella Traino who is very close to the innovation space - she is the cyber track leader at Spark festival and a volunteer Start up Editor on Cyber and AI at https://www.ideaspies.com/ ???THE CHAT??Daniella Traino leads a niche technology advisory with a focus on strategic cyber security services (interim CISO for high-tech & mid sized enterprises) and high-tech commercialisation. She is a non-executive director and strategic advisor to IoTSec Australia (a not-for-profit organisation influencing IoT cyber security innovation), a member of the Research Advisory Committee for the Internet Commerce Security Laboratory (ICSL) – a cyber security research unit of Federation University Australia, Startup Editor (AI, Cyber Security) for IdeaSpies (platform sharing innovation to inspire action across the Australian ecosystem), Cyber Track Leader for Spark Festival. She was recently nominated as 2019 Security Champion, by the AWSN & CSO IDG Women in Security Awards. Full Bio for Daniella here: https://www.cybersecuritycafe.com.au/daniella-traino-bio ? Transcript of the full chat on our website: https://www.cybersecuritycafe.com.au/transcript-daniella-traino-chat transcript provided by Otter.ai (unedited)?THE DEBRIEF?Louisa needs the mind-blown emoji after listening to the chat Louisa was interested by the idea Daniella shared about changing the economic value of collecting data and shares an example of where she was asked to share data she didn't need to Beverley has a technique she uses to protect her privacy when shopping - she doesn't have loyalty cards at all! Louisa mentions the positive of AI in Cybersecurity and shared some research finding from Cap Gemini and also shares some insights around how Cybercriminals are using AI Beverley wonders what we need to consider from a product development perspective and Louisa offers some insights Beverley wonders if we should sign up to an ethics agreement as a cyber security profession Louisa thinks that's one for a whole other podcast! ?How to follow Daniella:?Twitter: Daniella_t05Website: https://www.pineconestrategies.tech/?CREDITS?Guest: Daniella TrainoHosts: Beverley Roche and Louisa Vogelenzang https://www.cybersecuritycafe.com.au/co-hostsProducer/Editor: Louisa VogelenzangSound Producer: Darcy Milne (Propodcastproduction.com)? RESEARCH ?https://www.capgemini.com/research/reinventing-cybersecurity-with-artificial-intelligence/https://labsblog.f-secure.com/2019/07/11/malicious-use-of-ai/https://www.raconteur.net/technology/ai-cybersecurityhttps://www.computerworld.com.au/article/632444/6-ways-hackers-will-use-machine-learning-launch-attacks/https://www.techopedia.com/are-hackers-using-ai-for-malicious-intentions/2/33647??CONTACT THE CYBERSECURITY CAFÉ Join our LinkedIn Group https://www.linkedin.com/company/the-cybersecurity-café Email us:louisa@cybersecuritycafe.com.aubeverley@cybersecuritycafe.com.au Visit our website: https://www.cybersecuritycafe.com.au Want to be on the show? Send us your bio and an overview on what you want to chat about and we’ll be in touch asap. We also welcome guest suggestions – in particular we’d love to hear from new voices in the industry who have new ideas to share about the human side of security.

THE INTRO Louisa has a cartoon to describe that she saw on the Cyber Security Hub via LinkedIn (link to original cartoon in the research links below) Beverley thinks it's timely, and a perfect lead in for our guest today. Beverley has a quote from Warren Buffett, and everybody's got a load of respect for Warren Buffett. He says we are on in uncharted territory by not having the right cyber security skill sets in every boardroom. companies and their boards have set themselves up for failure, it's almost guaranteed, it's going to get worse before it gets better. Louisa wonders if we get our time in the boardroom, how do we possibly convey the right information that the board needs in that just that few minutes that we get if we get it? And how do we make sure that we understand what they're thinking and what they need from us. Beverley thinks we've made a lot of assumptions about what boards want to talk about and what they're interested in. The reality is, we like to think, because we see cyber risk as so important we'd love to think that we're one or number two, and here was an article last year that said we're in the top five subjects. she is not sure if that's true and is hoping that our guest today is going to shed some light. Louisa Is so confident he'll be able to do that - Jason Wilk, will be joining us and he has got one foot in the boardroom and one foot in cyber security. So she can't think of anybody better qualified to come and talk to to us about what boards need from us, and how we can better engage with them on on cyber security. ???THE CHAT? The unedited transcript of the chat with Jason Wilk courtesy of otter.ai can be found via our website: https://www.cybersecuritycafe.com.au/transcript-jason-wilk-chat ?THE DEBRIEF Beverley unpacks whether we can apply occupational health and safety to cybersecurity awareness programs and shares some insights on when she had tried this Beverley acknowledges there is a lot to learn from occupational health and safety and that it is great place for us to take some learnings Louisa was struck by Jason's advice that we should be careful not to talk about a 'cyber culture' with boards but that it doesn't mean this term and the work relating to it is not valuable outside of the board room Beverley notes we should ensure we align our cyber behaviours to an organisations culture overall How to follow Jason: LinkedIn page: https://www.linkedin.com/in/jasonwilk-au/Website: https://www.bluezoo.com.au/?CREDITS Guest: Jason WilkHosts: Beverley Roche and Louisa Vogelenzang https://www.cybersecuritycafe.com.au/co-hostsProducer/Editor: Louisa VogelenzangSound Producer: Darcy Milne (Propodcastproduction.com)? RESEARCH ?Roger Schillerstrom cartoon original article link (cartoon reposted by The Cybersecurity Hub on LinkedIn): https://www.pionline.com/article/20170123/PRINT/301239998/get-real-on-cybersecurity?AICD Cyber for Directors Course: https://aicd.companydirectors.com.au/education/courses-for-the-director/short-courses/cyber-for-directors Security in Depth ‘State of Cyber’ 2019 research on only 2/3 of Australian businesses having a cybersecurity professional on staff https://securityindepth.com.au/stateofcyber? CONTACT THE CYBERSECURITY CAFÉ Join our LinkedIn Group https://www.linkedin.com/company/the-cybersecurity-café Email us:louisa@cybersecuritycafe.com.aubeverley@cybersecuritycafe.com.au Visit our website: https://www.cybersecuritycafe.com.au Want to be on the show? Send us your bio and an overview on what you want to chat about and we’ll be in touch asap. We also welcome guest suggestions – in particular we’d love to hear from new voices in the industry who have new ideas to share about the human side of security.

THE INTRO Louisa has a cartoon to describe that she saw on the Cyber Security Hub via LinkedIn (link to original cartoon in the research links below) Beverley thinks it's timely, and a perfect lead in for our guest today. Beverley has a quote from Warren Buffett, and everybody's got a load of respect for Warren Buffett. He says we are on in uncharted territory by not having the right cyber security skill sets in every boardroom. companies and their boards have set themselves up for failure, it's almost guaranteed, it's going to get worse before it gets better. Louisa wonders if we get our time in the boardroom, how do we possibly convey the right information that the board needs in that just that few minutes that we get if we get it? And how do we make sure that we understand what they're thinking and what they need from us. Beverley thinks we've made a lot of assumptions about what boards want to talk about and what they're interested in. The reality is, we like to think, because we see cyber risk as so important we'd love to think that we're one or number two, and here was an article last year that said we're in the top five subjects. she is not sure if that's true and is hoping that our guest today is going to shed some light. Louisa Is so confident he'll be able to do that - Jason Wilk, will be joining us and he has got one foot in the boardroom and one foot in cyber security. So she can't think of anybody better qualified to come and talk to to us about what boards need from us, and how we can better engage with them on on cyber security. ???THE CHAT? The unedited transcript of the chat with Jason Wilk courtesy of otter.ai can be found via our website: https://www.cybersecuritycafe.com.au/transcript-jason-wilk-chat ?THE DEBRIEF Beverley unpacks whether we can apply occupational health and safety to cybersecurity awareness programs and shares some insights on when she had tried this Beverley acknowledges there is a lot to learn from occupational health and safety and that it is great place for us to take some learnings Louisa was struck by Jason's advice that we should be careful not to talk about a 'cyber culture' with boards but that it doesn't mean this term and the work relating to it is not valuable outside of the board room Beverley notes we should ensure we align our cyber behaviours to an organisations culture overall How to follow Jason: LinkedIn page: https://www.linkedin.com/in/jasonwilk-au/Website: https://www.bluezoo.com.au/?CREDITS Guest: Jason WilkHosts: Beverley Roche and Louisa Vogelenzang https://www.cybersecuritycafe.com.au/co-hostsProducer/Editor: Louisa VogelenzangSound Producer: Darcy Milne (Propodcastproduction.com)? RESEARCH ?Roger Schillerstrom cartoon original article link (cartoon reposted by The Cybersecurity Hub on LinkedIn): https://www.pionline.com/article/20170123/PRINT/301239998/get-real-on-cybersecurity?AICD Cyber for Directors Course: https://aicd.companydirectors.com.au/education/courses-for-the-director/short-courses/cyber-for-directors Security in Depth ‘State of Cyber’ 2019 research on only 2/3 of Australian businesses having a cybersecurity professional on staff https://securityindepth.com.au/stateofcyber? CONTACT THE CYBERSECURITY CAFÉ Join our LinkedIn Group https://www.linkedin.com/company/the-cybersecurity-café Email us:louisa@cybersecuritycafe.com.aubeverley@cybersecuritycafe.com.au Visit our website: https://www.cybersecuritycafe.com.au Want to be on the show? Send us your bio and an overview on what you want to chat about and we’ll be in touch asap. We also welcome guest suggestions – in particular we’d love to hear from new voices in the industry who have new ideas to share about the human side of security.

THE INTRO ??Beverley gets payback this episode by getting to interview Ken Gamble – although she does have a background in eCrime so Louisa is happy to let her have this one! Ken is co-founder and Executive Chairman at IFW Global who provide the expertise & global reach to investigate serious fraud, combat cybercrime and recover assets https://www.ifwglobal.com/about/our-team/??THE CHAT??Full show notes from the chat are available on our website show notes page for this episode: https://www.cybersecuritycafe.com.au/shownotes-ken-gamble FOLLOW KEN IFW Global LinkedIn page: https://www.linkedin.com/company/ifw-globalIFW Podcast ‘Scammers Caught in action’ where you can listen to the boiler room con artists in action and learn how to avoid falling victim. https://soundcloud.com/ifwglobal/scammers-caught-in-actionIFW Global website: https://www.ifwglobal.comTwitter: @ifwglobal CREDITS Guest: Ken Gamble https://www.ifwglobal.com/about/our-team/Hosts: Beverley Roche and Louisa Vogelenzang https://www.cybersecuritycafe.com.au/co-hostsProducer/Editor: Louisa VogelenzangSound Producer: Darcy Milne (Propodcastproduction.com) RESEARCH Aljazeera documentary featuring Ken Gable ‘Swindle Kings of Manila’https://www.aljazeera.com/programmes/101east/2018/09/swindle-kings-manila-180913064446101.html Link to the 60 minutes documentary ‘How IFW Global led 60 Minutes to one of the biggest boiler room busts ever seen’https://blog.ifwglobal.com/blog/60-minutes-ifw-global-take-down-boiler-room-operation Outstanding Consumer Affairs Reporting (sponsor Godfrey Wines) Liam Bartlett, Joel Tozer (60 Minutes, Nine)http://kennedyawards.com.au/ Australian Competition and Consumer Report 2018 https://www.accc.gov.au/publications/targeting-scams-report-on-scam-activity/targeting-scams-report-of-the-accc-on-scam-activity-2018 CONTACT THE CYBERSECURITY CAFÉ Join our LinkedIn Group https://www.linkedin.com/company/the-cybersecurity-café Email us:louisa@cybersecuritycafe.com.aubeverley@cybersecuritycafe.com.au Visit our website: https://www.cybersecuritycafe.com.au Want to be on the show? Send us your bio and an overview on what you want to chat about and we’ll be in touch asap. We also welcome guest suggestions – in particular we’d love to hear from new voices in the industry who have new ideas to share about the human side of security.

THE INTRO ??Beverley gets payback this episode by getting to interview Ken Gamble – although she does have a background in eCrime so Louisa is happy to let her have this one! Ken is co-founder and Executive Chairman at IFW Global who provide the expertise & global reach to investigate serious fraud, combat cybercrime and recover assets https://www.ifwglobal.com/about/our-team/??THE CHAT??Full show notes from the chat are available on our website show notes page for this episode: https://www.cybersecuritycafe.com.au/shownotes-ken-gamble FOLLOW KEN IFW Global LinkedIn page: https://www.linkedin.com/company/ifw-globalIFW Podcast ‘Scammers Caught in action’ where you can listen to the boiler room con artists in action and learn how to avoid falling victim. https://soundcloud.com/ifwglobal/scammers-caught-in-actionIFW Global website: https://www.ifwglobal.comTwitter: @ifwglobal CREDITS Guest: Ken Gamble https://www.ifwglobal.com/about/our-team/Hosts: Beverley Roche and Louisa Vogelenzang https://www.cybersecuritycafe.com.au/co-hostsProducer/Editor: Louisa VogelenzangSound Producer: Darcy Milne (Propodcastproduction.com) RESEARCH Aljazeera documentary featuring Ken Gable ‘Swindle Kings of Manila’https://www.aljazeera.com/programmes/101east/2018/09/swindle-kings-manila-180913064446101.html Link to the 60 minutes documentary ‘How IFW Global led 60 Minutes to one of the biggest boiler room busts ever seen’https://blog.ifwglobal.com/blog/60-minutes-ifw-global-take-down-boiler-room-operation Outstanding Consumer Affairs Reporting (sponsor Godfrey Wines) Liam Bartlett, Joel Tozer (60 Minutes, Nine)http://kennedyawards.com.au/ Australian Competition and Consumer Report 2018 https://www.accc.gov.au/publications/targeting-scams-report-on-scam-activity/targeting-scams-report-of-the-accc-on-scam-activity-2018 CONTACT THE CYBERSECURITY CAFÉ Join our LinkedIn Group https://www.linkedin.com/company/the-cybersecurity-café Email us:louisa@cybersecuritycafe.com.aubeverley@cybersecuritycafe.com.au Visit our website: https://www.cybersecuritycafe.com.au Want to be on the show? Send us your bio and an overview on what you want to chat about and we’ll be in touch asap. We also welcome guest suggestions – in particular we’d love to hear from new voices in the industry who have new ideas to share about the human side of security.

THE INTROIt's a brief intro today because we want to get straight to our guest from our favourite security podcast - Smashing Security's Graham Cluley. Beverley is very much regretting giving the interview to Louisa 'the Brit interviewing the Brit' because Graham couldn't tell that Louisa was British anyway! ??THE CHATGraham Cluley is co-host of the award-winning Smashing Security podcast (winner of cybersecurity podcast of the year 2018 and 2019) as well as being a public speaker, award winning blogger and independent computer security analyst More background on Graham here https://www.grahamcluley.com/about-this-site/ We get to know Graham a little by chatting about how he landed in Cybersecurity by writing computer games when he was a student and how a package that arrived at his house changed his life How anti-virus was back when Graham started at Dr Solomon’s and how it looks today What Graham is doing today and why he loves podcasting so much Why using humour helps to engage people with security messaging and why Graham feels it’s important to try and be accessible to everyone by using language that people can understand Why it’s hard to stay up to date with security What threats we should be focused on right now noting that some of those aren’t going to be very sexy Graham’s view on the biggest threat right now which is Phishing and why that continues to be a big problem How business email compromise has changed and why it is still a risk for businesses today What can be done about BEC across both process and technology perspective (including email tags, domain name verification, DMARC and what this does) Why technology alone doesn’t effectively stop most of the InfoSec problems What everyone is talking about in Europe (apart from Brexit) including GDPR and whether this is having an impact on executives’ attitudes to security and whether fines need to increase Whether being a ‘secure’ company will be a differentiator Why people get so excited about IoT Whether people actually change suppliers after a data breach or a privacy scandal Whether the Great Hack will change anything in terms of people’s attitudes How the most popular episode of Smashing Security was about quitting Facebook and why people stay We get some great advice from Graham on how he manages passwords and what should we be telling others about how they should manage their passwords. We also discuss password managers and how they can help us to help our families and friends too. Graham’s view on the future and why he is wary of predicting it The role of the cybersecurity community in the future ??How to follow Graham:Podcast: ‘Smashing Security’ with Graham Cluley and Carole Theriaulthttps://www.smashingsecurity.comTwitter: @gcluleyBlog: https://www.grahamcluley.com??THE DEBRIEF?Our key take aways from the chat with Graham includingHow engaging, fun and relatable Graham's communication style is Beverley loved Graham's 'Open Source Intelligence' and 'IOT Toothbrush' comments and we get to hear her awesome British accent impression ;-) Why Louisa didn't want to admit to Graham that she had a Google home How much is enough to create a wake up call for shareholders around data breaches Quitting Facebook and how hard it is to give up - Beverley has finally given up hers and what the other alternative methods are Whether people actually take action following privacy scandals and what more we can do about that including vote with your keyboard not your feet (that would be #sneakernet) Why we are so grateful to Graham and why you should listen to Smashing Security CREDITSGuest:Graham CluleyHosts:Beverley Roche and Louisa VogelenzangProducer/Editor: Louisa VogelenzangSound Producer:Darcy Milne (Propodcastproduction.com) RESEARCHBusiness Email Compromise Losses: https://businessinsights.bitdefender.com/fraudsters-steal-million-business-email-compromise Accenture research about businesses differentiating based on trust referenced by Louisa: "As people become more anxious about their data security and privacy, we'll start to see.....organisations differentiate based on trust more than on price or on pure technical capabilities"Note: This quote came from Accenture's Johnathan Restarick commenting on the Australian results from some 2019 Accenture research - 'Putting the Human First in the Future Home' and cited in the Australian Financial Review (subscription only – accessed Thursday 11th July 2019)The Great Hack Netflix documentary https://www.netflix.com/au/title/80117542 ??CONTACT THE CYBERSECURITY CAFÉJoin our LinkedIn Group https://www.linkedin.com/company/the-cybersecurity-caféEmail us:louisa@cybersecuritycafe.com.aubeverley@cybersecuritycafe.com.auVisit our website: https://www.cybersecuritycafe.com.au Want to be on the show? Send us your bio and an overview on what you want to chat about and we’ll be in touch asap.We also welcome guest suggestions – in particular we’d love to hear from new voices in the industry who have new ideas to share about the human side of security.?