The Cipher Podcast

The goals and needs of IT and Cybersecurity are different. IT is more focused on uptime and keeping systems running. Cybersecurity is focused on reducing the risk of data breaches, ransomware and other negative impacts from threat actors. The holistic approach to balance these elements can be accomplished with effective Governance, Risk and Compliance (GRC). In this episode we discuss what benefits GRC solutions can bring to companies, how a vCISO can help, and more. Our guest is Cipher's Kevin Kurzawa, who leads GRC in the United States. For more information on Cipher's GRC services, visit www.cipher.com/grc.

The US government has made cybersecurity a key focus for national security. As such, different organizations within the Government have issued guidance related to to cybersecurity standards. The impact of these actions and what it means for private organizations is a complex topic. We break it down with TrustMAPP CTO and CISO Allan Alford.

The blockchain, cryptocurrency, tokenization, social media, gaming, and the metaverse have created a new class of assets unique to the digital world. These assets have made many rich, but they are vulnerable to theft and fraud. We discuss this topic with Prosegur Global Director of Innovation and Product Development José Daniel García Espinel.

Organizations should understand what happens when they are breached, in order to measure the value or their tools and understand how long it takes for them to detect threat actors. SCYTHE is an Adversary Emulation tool that enables organizations to do this in a repeatable and secure way. CTO Jorge Orchilles joins the episode to discuss how this methodology and tool differs from other cybersecurity practices, how it can help organizations improve, and what a Purple Team is. Learn more about SCYTHE at www.scythe.io.

We covered the top trends and stories from 2021 in the world of cybersecurity and related topics in this episode. Read the accompanying blog for links to the articles mentioned and charts of the trends: https://cipher.com/blog/year-in-cybersecurity-recap.

LogRhythm recently released a report on 'Security and the C-Suite: Making: Security Priorities Business Priorities'. In the report, they evaluated the influence of security leaders in enterprise organizations. LogRhythm Chief Security Officer and VP of R&D  James Carder joins the episode to give his expert insights into the topic.  Read the report at https://logrhythm.com/making-security-priorities-business-priorities. 

The term Secure Access Service Edge (SASE) was coined in 2019 to describe an emerging security and network framework. Since then, the term has taken off with many companies marketing their solutions as part of the SASE concept. Our guest for today’s episode is Nate Smolenski who is the Head of Cyber Intelligence Strategy at Netskope.  Netskope is touted as the SASE Leader. We cut through the acronym soup of the cyber world to identify how organizations benefit by implementing SASE concepts, in terms of both security and productivity. 

Nearly every computer that runs Windows has Active Directory (AD). This structure helps organizations manage user identities, privileges, and much more. The power that AD has means threat actors are often targeting it to execute attacks. Our guest for the episode is Christopher Keller, who is Senior Security Engineer at Tenable. We cover the common mistakes admins make with AD, how hackers take advantage, and what companies can do to improve.

The root cause of untold cyber attacks is the age-old technique of social engineering. KnowBe4 Security Evangelist James McQuiggan joins the episode to lend his expert analysis and insight. We discuss the concepts of social engineering and how cybercriminals use it to manipulate people.  October is Cybersecurity Awareness Month. One of the themes is Fight the Phish. Social engineering plays into why people fall for phishing emails. The message is “Think before you click on any suspicious emails, links or attachments and make sure to report any suspicious emails if you can!” 

Neste episódio, falamos sobre “SASE – Como conciliar rapidez de resposta e proteção de dados”. Para essa conversa, convidamos o Renato Jager, o nosso CTO LATAM na Cipher. Ouça agora e fique por dentro de mais um episódio!

The threats that organizations are facing today look a lot different than 20 years ago. Cybersecurity concerns are now a core topic. David Fernicola Vice President of Global Risk Services at Prosegur joins this episode to discuss what has changed and how a modern organization should view risk management and security. For more information on Prosegur Global Risk Management, visit www.prosegur.us/security-solutions/global-risk-services. 

In this episode, we go into the core concepts of Zero Trust and how it relates to cybersecurity. AppGuard Chief Product Officer Kristen Gandhi joins the episode. She explains how AppGuard software stops cyber threats using a Zero Trust framework. Tips for becoming more resilient to cybersecurity threats are also covered.

Last May, Colonial Pipeline was hacked. This caused massive impacts around the United States. Recently the Biden Administration took a series of steps to guide companies in the utility industry to improve their cybersecurity. We discuss the topic with Brian Maloney in today's episode. Brian has extensive experience designing cyber solutions for companies in the utility sector. Download our report on the DOE RFI results at https://info.cipher.com/cybersecurity-for-critical-electric-infrastructure.

Cipher recently held a webinar with Cmd on how to secure digital connections. Cmd delivers runtime security for cloud workloads and Linux assets. The session was hosted by Cmd's Chief Security Officer Jake King and Cipher CTO David Rickard. They go over different attack techniques and how to stop them. We present an audio recording of the session now.

Neste episódio, falamos sobre "Gestão de equipes de alta performance em tempos de pandemia”, como realizar a gestão da sua equipe remotamente, quais os desafios, formas de liderança, como ajudar sua equipe com as metas e, outras informações. Para essa conversa, convidamos o David Tudino, que está na Cipher há mais de 10 anos, onde atuou como diretor de MSS e agora assume o cargo de BDM América Latina na Cipher. Ouça agora e fique por dentro de mais um episódio!

Neste episódio, falamos sobre "os riscos da alta exposição de suas informações pessoais”, como se proteger dos golpes de engenharia social, os perigos em publicar a imagem do cartão de vacina da covid-19, como ter uma navegação segura na internet e, outras informações. Para essa conversa, convidados o Fernando Amatte, diretor de red team e cyber intelligence da Cipher. Ouça agora e fique por dentro de mais um episódio!

Neste episódio, falamos sobre "os riscos da alta exposição das suas informações pessoais”, como se proteger dos golpes de engenharia social, os perigos em publicar a imagem do cartão de vacina da covid-19, como ter uma navegação segura na internet e, outras informações. Para essa conversa, convidados o Fernando Amatte, diretor de red team e cyber intelligence da Cipher. Ouça agora e fique por dentro de mais um episódio!

Neste episódio, falamos sobre como a comunicação e o marketing estão posicionados em tempos de pandemia e em como a Cipher enxerga o crescimento de marketing digital com o mercado de cybersegurança. Para essa conversa, convidados a Patricia Teixeira - diretora de marketing para América Latina da Cipher. Ouça agora e fique por dentro de mais um episódio!

Como as ferramentas de segurança conseguem ajudar as empresas estarem em compliance com a LGPD?\r\n\r\nNeste episódio, falamos sobre a proteção das informações PII no ambiente integrando outras tecnologias como DAM, SIEM e como saber onde estão as informações que precisam ser protegidas.\r\nApresentação: Wesney Bolzan - Latin America, Information Security and Integration Director.\r\n

Our final podcast episode of the year looks at the immense cyber attack that took place recently. SolarWinds software was hacked, which led to government and private organizations being breached. We look at how it happened and what organizations should do to stay secure. Visit NSA and Department of Homeland Security websites for more information: https://cyber.dhs.gov/ed/21-01/.