CISO Unplugged

Building Organizational Resilience | James Green

SureCloud — Tue, 07 May 2024 14:43:39 +0100

In this episode of the Cyber and Risk Leaders podcast, we're joined by James Green, who does a deep dive into his resiliency Think Tank, how to run better tabletop exercises and all things how to build resiliency in organizations.

Follow us on Linkedin:
• Matthew Davies - https://www.linkedin.com/in/matthew-daviespm
• James Green - https://www.linkedin.com/in/thejamesgreen
• SureCloud - https://www.linkedin.com/company/surecloud/

#cybersecurity #resilience #grc

The Role of Intelligence in CyberSecurity | AJ Nash

SureCloud — Fri, 19 Apr 2024 10:06:43 +0100

In this episode of the Cyber and Risk Leaders podcast, SureCloud's Matthew Davies welcomes special guest AJ Nash of ZeroFox about the role of intelligence in cybersecurity. We delve into the challenges of misinformation in the digital age, including the spread of disinformation and erosion of trust in institutions.

Join us as we explore the impact of dis/mis/malinformation, the manipulation of social media and what to consider when it comes to news sources.

· Matthew Davies - https://www.linkedin.com/in/matthew-daviespm

· AJ Nash - https://www.linkedin.com/in/nashaj

· SureCloud - https://www.linkedin.com/company/surecloud/

The Future of Risk Assessments | Tom Cornelius

SureCloud — Thu, 28 Mar 2024 13:07:35 +0000

In this episode, Matt Davies sits down with Tom Cornelius from the SCF and Compliance Forge to dive into the world of risk assessments. Together, they explore the latest developments in risk assessment practices, how recent SEC changes have influenced risk management strategies, and introduce an innovative approach to transform the way you work.

In this episode, hear more about the following:

Why risk assessment methods are often broken, with teams asking irrelevant questions and lacking executive management involvement.
How the SEC has introduced changes that require publicly traded companies to have board oversight of cybersecurity threats and manage material risks.
How the new approach to risk assessment aligns with the Secure Controls Framework (SCF) and focuses on aligning risk assessments with executive management, using control maturity, and providing situational awareness to business leaders.
How to address key challenges by providing meaningful risk assessment results, speaking the language of the business, and ensuring the right people make risk decisions.

Matthew Davies Linkedin: https://www.linkedin.com/in/matthew-daviesgrc
Tom Cornelius Linkedin: https://www.linkedin.com/in/tcornelius
SureCloud Linkedin: https://www.linkedin.com/company/surecloud

How CCM Can Level Up Your Compliance | Jodie Lash

SureCloud — Tue, 27 Feb 2024 11:49:57 +0000

In the latest SureCloud Cyber & Risk Leaders Podcast, Jodie Lash, a cybersecurity professional, discusses her career journey, the importance of continuous control monitoring (CCM), and the challenges and priorities in the industry. She emphasizes the need for effective security programs, automation in controls assurance, and the role of cybersecurity awareness. Jodie also shares insights on implementing CCM technology, the skills required for information security professionals, and her wish for more time to focus on solving security problems.

#governance #risk #compliance #grc #cybersecurity #podcast

Contact Matthew Davies
👉 Matthew's LinkedIn: https://www.linkedin.com/in/matthew-davies/
👉 SureCloud's Website: https://www.surecloud.com/

Contact Jodie Lash
👉 Jodie's LinkedIn: https://www.linkedin.com/in/jodie-lash/

4 Key Steps to Reduce Your Organizational Risk & Budget | Brent Deterding

SureCloud — Thu, 25 Jan 2024 09:32:54 +0000

In this podcast episode, Brent Deterding, the CISO at Afni, joins Matthew Davies, the VP of Product at SureCloud. They discuss Brent's approach to organizational risk. Brent outlines his four steps for significantly reducing risks within businesses in a manner that is simple, easy, and inexpensive.

Contact Brent Deterding
👉 Brent's LinkedIn: / brent-deterding
👉 Afni' website: https://afni.com/

Contact Matthew Davies
👉 Matthew's LinkedIn: / matthew-daviesgrc
👉 SureCloud's Website: https://www.surecloud.com/

Automation in Compliance with Michelle Garcia | GRC & Cyber Leaders

SureCloud — Wed, 10 Jan 2024 10:36:08 +0000

As technology rapidly evolves, so does the landscape of compliance.

In the latest SureCloud podcast episode, Michelle Garcia, Director of Information Security and Compliance at Carnival Cruise Line, and Matthew Davies of SureCloud discuss on the transformative journey of compliance and the emerging tools reshaping its future.

In today's fast-paced tech landscape, why is automation not just an advantage but a must for compliance?

And how can businesses best use its power?

Identity & Access Management Best Practices, with Stuart Powell | GRC & Cyber Leaders

SureCloud — Wed, 13 Sep 2023 11:07:49 +0100

In this podcast episode, Stuart Powell, Chief Information Security Officer (CISO) at the Government of Jersey, joins Matthew Davies, VP of Product at SureCloud, to discuss Identity and Access Management (IAM) and how you can improve this in your organization. They also talk about the topic of the moment, Artificial Intelligence (AI), and how it can impact your organization's risk and compliance management.

Contact Stuart Powell
👉 Stuart's LinkedIn: https://www.linkedin.com/in/stuart-powell-82968812b/
👉 Government of Jersey's website: https://www.gov.je/Pages/default.aspx

Contact Matthew Davies
👉 Matthew's LinkedIn: https://www.linkedin.com/in/matthew-daviesgrc/
👉 SureCloud's Website: https://www.surecloud.com/

4 Simple, Easy & Budget-Friendly Steps to Reduce Your Organizational Risk, with Brent Deterding | GRC & Cyber Leaders

SureCloud — Thu, 07 Sep 2023 10:45:47 +0100

Contact Brent Deterding
👉 Brent's LinkedIn: www.linkedin.com/in/brent-deterding/
👉 Afni's website:afni.com/

Contact Matthew Davies
👉 Matthew's LinkedIn: www.linkedin.com/in/matthew-daviesgrc/
👉 SureCloud's Website: www.surecloud.com/

How Secure is a WordPress Website (2023 Update)? | Cyber Threat Briefing

SureCloud — Tue, 15 Aug 2023 11:12:01 +0100

Every month, our experts Nick, Hugh, and Arron will highlight the current and emerging cyber threats you need to know about right now, giving you great insights to help protect your organization.

July's Cyber Threat Briefing covers:

💡 WordPress security. Is it STILL a problem in 2023?
💡 U.S. Cyber Trust Mark - Can mandatory standards really drive security improvement?

🎬 Related Video: Cybersecurity and Wearable Devices | Cyber Threat Briefing ➟ https://youtu.be/HGkw6PuaO14

💻 Register for our next episode here: https://www.surecloud.com/resources/webinars/surecloud-live-cyber-threat-briefing

👉 Learn more: https://www.surecloud.com/cyber-security-services/cybersecurity-as-a-service

👂 Questions? Email: 𝗯𝗿𝗶𝗲𝗳𝗶𝗻𝗴@𝘀𝘂𝗿𝗲𝗰𝗹𝗼𝘂𝗱.𝗰𝗼𝗺

👉 Nick Hayes' LinkedIn: https://www.linkedin.com/in/nickjhayes/
👉 Hugh Raynor's LinkedIn: https://www.linkedin.com/in/hughraynor/
👉 Arron Dowdeswell's LinkedIn: https://www.linkedin.com/in/dowdeswell/

Strategies for Business Continuity & Disaster Recovery, with Alexander Zhitenev, CISO's IFCO | GRC & Cyber Leaders

SureCloud — Thu, 20 Jul 2023 14:21:01 +0100

In this podcast episode, Alexander Zhitenev, CISO at IFCO Systems, joins Matthew Davies, VP of Product at SureCloud, to discuss business continuity and disaster recovery. Alexander emphasizes the significance of implementing suitable safeguards within a business to guarantee its ability to sustain operations in the face of any potential disruptions or disasters.

Contact Alexander Zhitenev
👉 Alexander's LinkedIn: www.linkedin.com/in/alexanderzhitenev/
👉 IFCO SYSTEMS' website: www.ifco.com/

Contact Matthew Davies
👉 Matthew's LinkedIn: www.linkedin.com/in/matthew-daviesgrc/
👉 SureCloud's Website: www.surecloud.com

MOVEit Breach & CISA Warning for Iphone: Patch Required for Vulnerabilities | Cyber Threat Briefing

SureCloud — Thu, 06 Jul 2023 11:20:44 +0100

Every month, our experts Nick, Hugh and Arron will highlight the current and emerging cyber threats you need to know about right now, giving you great insights to help protect your organization.

June's Cyber Threat Briefing covers:

💡 The Worldwide Impact of the MOVEit Breach and the Latest Tactics for Future Prevention
💡 CISA Sounds Alarm: iPhone Zero Day & Triangulation Trojans - Urgent Patch Required for Stealthy iMessage Exploit

💻 Register for our next episode here: www.surecloud.com/resources/webinars/surecloud-live-cyber-threat-briefing

👉 Learn more: www.surecloud.com/cyber-security-services/cybersecurity-as-a-service

👂 Questions? Email: 𝗯𝗿𝗶𝗲𝗳𝗶𝗻𝗴@𝘀𝘂𝗿𝗲𝗰𝗹𝗼𝘂𝗱.𝗰𝗼𝗺

👉 Nick Hayes' LinkedIn: www.linkedin.com/in/nickjhayes/
👉 Hugh Raynor's LinkedIn: www.linkedin.com/in/hughraynor/
👉 Arron Dowdeswell's LinkedIn: www.linkedin.com/in/dowdeswell/

Cybersecurity Leadership: A New Era, with Karla Reffold, COO at Orpheus Cyber | GRC & Cyber Leaders

SureCloud — Tue, 06 Jun 2023 10:30:10 +0100

In this podcast edition, Karla Reffold, award-winning cyber security professional and Chief Operating Officer (COO) at Orpheus Cyber, joins Matthew Davies, VP of Product at SureCloud, to explore the surge of board advisory roles for CISOs in today's cyber landscape. They also discuss her transition from Human Resources (HR) to a COO role, her current activities as a Board Advisor of two cyber-related organizations and a Non-executive Director at Trident Search, as well as her 'Advisory Boards Guide Book'.

Contact Karla Reffold
👉 Karla Reffold's LinkedIn: https://www.linkedin.com/in/karlareffold/
👉 Karla Reffold's website: https://karlareffold.co.uk/
👉 Orpheus Cyber's website: https://orpheus-cyber.com/
👉 Advisory Boards Guide book: https://karlareffold.co.uk/wp-content/uploads/2023/04/Cybersecurity-advisory-boards-guide-book-2.pdf

Contact Matthew Davies
👉 Matthew Davies' LinkedIn: https://www.linkedin.com/in/matthew-daviesgrc/
👉 SureCloud's Website: https://www.surecloud.com/

AI in Cybersecurity: Opportunities, Risks, and Changes to Job Roles? | Cyber Threat Briefing

SureCloud — Tue, 23 May 2023 12:48:40 +0100

Every month, our experts Nick, Hugh and Arron will highlight the current and emerging cyber threats you need to know about right now, giving you great insights to help protect your organization.

May's Cyber Threat Briefing covers:

💡 What is meant by 'Artificial Intelligence' (AI)?
💡 Where does AI's potential lie in cybersecurity?
💡 What cybersecurity risks does AI present?
💡 How is AI transforming cybersecurity jobs?

Why AI is a Threat to Your Business, with Sam Bisbee, F5's Senior Director & Distinguished Engineer | GRC & Cyber Leaders

SureCloud — Thu, 18 May 2023 09:44:12 +0100

Artificial Intelligence (AI) has been transforming various industries, and organizations are increasingly incorporating this technology into their operations.

In this podcast edition, Sam Bisbee, Senior Director and Distinguished Engineer at F5, joins Matthew Davies, VP of Product at SureCloud, to discuss the dangers of ChatGPT and AI within organizations and how to mitigate those risks.

Consumer Protection: US Government vs Tech Firms Disclaimers, with Jim Dempsey, Lecturer & Senior Policy Advisor | GRC & Cyber Leaders

SureCloud — Thu, 27 Apr 2023 11:36:29 +0100

In this podcast edition, James (Jim) Dempsey, Lecturer at UC Berkeley Law School and Senior Policy Advisor at Stanford Cyber Policy Center, joins Matthew Davies, VP of Product at SureCloud, to talk about cybersecurity law, in particular about the new approach announced by the US government, which aims to prevent technology providers from using disclaimers to protect themselves from liability.

ChatGPT & AI, Malware Traffic and C3X Supply Chain Attack | Cyber Threat Briefing

SureCloud — Tue, 25 Apr 2023 16:19:32 +0100

Every month, our experts Nick, Hugh and Arron will highlight the current and emerging cyber threats you need to know about right now, giving you great insights to help protect your organization.

April's Cyber Threat Briefing covers:

💡 C3X app compromised by North Korean hackers in a supply chain attack
💡 Over 1/10 businesses have malware traffic on their network
💡 Does ChatGPT pose a risk to your company?

TPRM for Securing Healthcare, with Robert Wood, Chief Information Security Officer at CMS | GRC & Cyber Leaders

SureCloud — Fri, 31 Mar 2023 15:38:05 +0100

In this podcast edition, Robert Wood, Chief Information Security Officer (CISO) at Centers for Medicare & Medicaid Services (CMS) and Founder of the Soft Side of Cyber, joins Matthew Davies, VP of Product at SureCloud, to have an in-depth discussion on Third Party Risk Management (TPRM) for healthcare. Additionally, Robert tells about his TPRM-related challenges and how he approaches them.

Warning: This podcast episode has background noise in a few spots.

Microsoft OneNote Malware, TPM 2.0 Flaws, The Good & Bad in Cybersecurity | Cyber Threat Briefing

SureCloud — Tue, 28 Mar 2023 12:55:25 +0100

Every month, our experts Nick, Hugh and Arron will highlight the current and emerging cyber threats you need to know about right now, giving you great insights to help protect your organization.

March's Cyber Threat Briefing covers:
💡 Microsoft OneNote used to spread malware across networks
💡 TPM 2.0 flaws leave cryptographic keys vulnerable
💡 The line between good and bad in cybersecurity

Europe under Russian Cyberattack, Reddit Security Incident & GoDaddy Hacked | Cyber Threat Briefing

SureCloud — Mon, 06 Mar 2023 11:20:29 +0000

Every month, our experts Nick, Hugh and Arron will highlight the current and emerging cyber threats you need to know about right now, giving you great insights to help protect your organization.

February's Cyber Threat Briefing covers:
💡 European infrastructure under cyberattack from Russian hackers
💡 Reddit's security "incident". What happened?
💡 GoDaddy subject to a multi-year cyberattack campaign

Implementing Factor Analysis of Information Risk, with Tyler Britton, Cyber Risk Manager at Dropbox | GRC & Cyber Leaders

SureCloud — Wed, 01 Mar 2023 12:08:35 +0000

In this podcast edition, Tyler Britton, Cyber Risk Manager at Dropbox, joins Matthew Davies, VP of Product at SureCloud, to discuss Factor Analysis of Information Risk methodology and how he has embedded it in his organization, Dropbox. He explains his role as a Quantitative Cyber Risk Manager and goes through the challenges and benefits of implementing Factor Analysis of Information Risk (FAIR) methodology in organizations.

Vulnerability Management: What Value Does your Organization Get Running a Solid Program? | CISO's How-To

SureCloud — Fri, 17 Feb 2023 16:22:44 +0000

In this CISO How To podcast episode, SureCloud's Senior Consultant, Tom Hulme, and Senior Director of Cybersecurity, Nick Hayes, discuss Vulnerability Management (VM). Watch this video to learn more about VM and what value your organization can get running a solid vulnerability management program.

Red Teaming: What Values Can your Organization Get From It? | CISO's How-To

SureCloud — Wed, 08 Feb 2023 16:11:32 +0000

In this CISO How To podcast episode, SureCloud's Principal Cybersecurity Consultant Mark Wardlow, Senior Cybersecurity Consultant Steve Velcev and Senior Director of Cybersecurity Nick Hayes discuss Red Teaming. Watch this video to learn more about Red Teaming, the differences between penetration testing and red teaming services, and the stages involved when leveraging red teaming services for your organization.

LastPass Incident, Slack's GitHub Breach & Biden's Classified Documents | Cyber Threat Briefing

SureCloud — Fri, 03 Feb 2023 08:55:48 +0000

Every month, our experts Hugh and Nick will highlight the current and emerging cyber threats you need to know about right now, giving you great insights to help protect your organization.

The first Cyber Threat Briefing of 2023 covers:
💡 The LastPass incident update - how secure are password managers?
💡 Slack's GitHub breach - what is the value of knowing your attack surface when using cloud-based services?
💡 Biden's classified documents - what are the risks, and how can you protect your organization?

What is Zero Trust Strategy and Why Security Awareness Matters, with George Finney, CISO & Author | GRC & Cyber Leaders

SureCloud — Tue, 31 Jan 2023 12:36:14 +0000

In this podcast edition, George Finney CISO, author, speaker, professor, and consultant, joins Matthew Davies, VP of Product at SureCloud, to discuss security awareness and the concept of zero trust, the subject of his bestseller 'Project Zero Trust: A Story about a Strategy for Aligning Security and the Business'. Besides being the author of a bestseller, George wrote several other cybersecurity books, including: 'Well Aware: Mastering the Nine Cybersecurity Habits to Protect Your Future', 'No More Magic Wands: Transformative Cybersecurity Change for Everyone' and more.

More Women in Male-dominated Industries, with Jane Frankland, Entrepreneur | GRC & Cyber Leaders

SureCloud — Thu, 19 Jan 2023 08:48:53 +0000

In this podcast edition, Jane Frankland, Entrepreneur, Author, Speaker, and Influencer, joins Matthew Davies, VP of Product at SureCloud, to discuss her role within the tech industry and how this impacts businesses, society, and women's lives.

AppSec: How Can your Organization Implement Its Own Successful Program? | CISO's How-To

SureCloud — Fri, 09 Dec 2022 13:50:01 +0000

In this CISO's How-To episode, SureCloud's Principal Security Consultant, Simone Q., and Senior Director of Cybersecurity, Nick Hayes, discuss AppSec (Application Security). Listen to this podcast to learn more about AppSec, DevSecOps (Development, Security, and Operations), shift left testing, what are the differences between them, and how your organization can implement its own AppSec program.

Why do CMMC and SCRM Matter with Katie Arrington - Former CISO at US DOD & Owner of LD Innovations | GRC & Cyber Leaders

SureCloud — Thu, 01 Dec 2022 13:20:34 +0000

In this CISO Interview, Katie Arrington, former CISO at the US Department of Defense (DOD) and Owner of LD Innovations, LLC Cybersecurity, joins Matthew Davies, VP of Product at SureCloud, to discuss the scope of the Cybersecurity Maturity Model Certification (CMMC) program, her creation within the US DOD. Additionally, Katie spoke about Supply Chain Risk Management (SCRM) and how companies should be looking at that. Katie shares great insights on cybersecurity best practices and explains how she handles the many challenges this busy and demanding role involves.

NCSC, UK's £6m Cyber Defense Program & Iran Exploits Log4j | Cyber Threat Briefing

SureCloud — Wed, 30 Nov 2022 10:26:10 +0000

Every month, our experts Hugh and Nick will highlight the current and emerging cyber threats you need to know about right now, giving you great insights to help protect your organization. November's Cyber Threat Briefing covers: - NCSC launches scanning capability to identify UK vulnerabilities. - UK defends Ukraine with £6m cyber defense program. - Iran exploits Log4j and gains access to US government networks.

Innovative Approaches to Data Protection: Insights from a Former Gartner, with Claude Mandy | GRC & Cyber Leaders

SureCloud — Thu, 17 Nov 2022 19:53:03 +0000

In this podcast episode, Claude Mandy, Chief Evangelist, Data Security at Symmetry Systems, joins Matthew Davies, VP of Product at SureCloud, to discuss his approach to security, privacy, and risk management. Claude also shares some great insights on data security innovation and his experiences, having previously worked as a Senior Director Analyst at Gartner and CISO. Contact Claude Mandy 👉 Claude's LinkedIn: https://www.linkedin.com/in/claudemandy/ 👉 Symmetry Systems' website: https://www.symmetry-systems.com/ Contact Matthew Davies 👉 Matthew's LinkedIn: https://www.linkedin.com/in/matthew-daviesgrc/ 👉 SureCloud's Website: https://www.surecloud.com/ Warning: This podcast has audio issues in a few spots that have internet glitches.

Microsoft Data Leak, Australian Cyberattacks & Age Impact on Security | Cyber Threat Briefing

SureCloud — Wed, 09 Nov 2022 11:48:46 +0000

Every month, our experts Hugh and Nick will highlight the current and emerging cyber threats you need to know about right now, giving you great insights to help protect your organization. October's Cyber Threat Briefing covers: - Australian cyberattacks – is the region an easy target? - Does age impact our attitude towards security? - BlueBleed: Microsoft customer data leak - 150k companies affected

Inclusion: The Cyber Advantage, with Holly Foxcroft | GRC & Cyber Leaders

SureCloud — Thu, 03 Nov 2022 12:27:05 +0000

In this edition of the podcast, Holly Foxcroft, Head of Neurodiversity in Cyber Research and Consulting at Stott and May Consulting, joins Matthew Davies, VP of Product at SureCloud. They discuss the inclusion of neurodiversity individuals in cybersecurity. Holly shares her point of view as a woman and a neurodiverse person in this market. Contact Holly Foxcroft 👉 Holly's LinkedIn profile: https://www.linkedin.com/in/hollyfoxcroft/ 👉 Stott and May's website: https://consulting.stottandmay.com/ Contact Matthew Davies 👉 Matthew's LinkedIn: https://www.linkedin.com/in/matthew-daviesgrc/ 👉 SureCloud's Website: https://www.surecloud.com/

Market Challenges and Best Practice with Jake Bernardes, VP of Security, and Compliance at Whistic | GRC & Cyber Leaders

SureCloud — Tue, 18 Oct 2022 13:01:16 +0100

In this CISO Interview, Jake Bernards, VP of Security and Compliance at Whistic, joins Matthew Davies, VP of Product at SureCloud, to discuss his approach to cybersecurity and Compliance running an information security team. He explains how he handles the many challenges that his busy and demanding role involves. Warning: This podcast has audio issues in a few spots that have internet glitches.

Uber, Rockstar Games, and Revolut Hacked | Cyber Threat Briefing

SureCloud — Fri, 14 Oct 2022 10:09:08 +0100

Join SureCloud's Nick Hayes, Arron Dowdeswell, and Hugh Raynor in this Cyber Threat Briefing episode. Among other cybersecurity hot topics, Nick, Arron, and Hugh will be discussing the latest many cyberattacks happening in only one week: September's Cyber Threat Briefing covers: - The Uber breach - cloud systems hijacked. - Rockstar Games - source code was stolen. - Revolut hack - 50,000 users affected.

Cisco, Twilio, Cloudflare: Cyber Attacks / NCSC & ICO: Ransomware Payments | Cyber Treat Briefing

SureCloud — Tue, 11 Oct 2022 17:24:06 +0100

Join SureCloud's Nick Hayes and Hugh Raynor in this Cyber Threat Briefing episode. Among other cybersecurity hot topics, Nick and Hugh discuss the recent Cisco hack, the phishing attacks Twilio and Cloudflare suffered, and the NCSC and ICO's positions on ransomware payments.

Information Security Management Best Practice with Benjamin Corll, CISO at Coats | GRC & Cyber Leaders

SureCloud — Mon, 15 Aug 2022 09:32:13 +0100

In this edition of the podcast, Benjamin Corll, Chief Information Security Officer at Coats joins Matthew Davies, VP of Product at SureCloud to discuss his approach to cybersecurity and to running an information security team. He explains his approach to handling the many challenges that his busy and demanding role involves.

Managing Spectris cybersecurity and compliance burdens with Ian Brown, CISO at Spectris | GRC & Cyber Leaders

SureCloud — Mon, 01 Aug 2022 10:54:30 +0100

In this CISO Interview, Ian Brown, Chief Information Security Officer at Spectris, joins Matthew Davies, VP of Product at SureCloud. Ian and Mathew discuss the challenges associated with being responsible for cybersecurity management at an FTSE 250 company.

Managing Okta’s password-stealing risk and Linux-based malware strains | Cyber Treat Briefing

SureCloud — Fri, 29 Jul 2022 08:00:00 +0100

Join SureCloud’s Nick Hayes and Hugh Raynor in this Cyber Threat Briefing episode. Among other cyber security hot topics, they discuss a recently released report from Authomize which reveals the potential for passwords to be stolen from the Okta solution.

Challenges of Managing Cybersecurity and Compliance Threats for a Government-focused Services Provider with Mike Privette, VP of Cyber Security at Passport | GRC & Cyber Leaders

SureCloud — Mon, 18 Jul 2022 11:25:23 +0100

In this podcast edition, Mike Privette, VP of Cyber Security at Passport, joins Matthew Davies, VP of Product at SureCloud, to discuss his approach to cybersecurity and how he manages, maintains, and develops the security strategy, programs, and operational security requirements of the company he works for. He explains his main challenges and shares some of the strategies he uses to manage risk.

Examining the Follina and Confluence Vulnerabilities | Cyber Threat Briefing

SureCloud — Thu, 23 Jun 2022 15:32:11 +0100

Join SureCloud’s Craig Moores and Hugh Raynor for our latest Cyber Threat Briefing. Craig and Hugh will be discussing the recently recent zero-day Follina and Confluence vulnerabilities, in addition to talking about cybersecurity and vulnerability management best practice and the rise of SMSing in the corporate world.

GRC Past, Present and Future | Capabilities

SureCloud — Mon, 20 Jun 2022 14:16:39 +0100

Join Nick Rafferty, Matthew Davies and Yang Zheng from SureCloud, who will be discussing the development of GRC solutions from their origins over two decades ago. They also consider market trends, common challenges and shortfalls, and how the technology will evolve in years to come.

Cybersecurity and the SCF, with Tom Cornelius, Co-Founder of the Secure Controls Framework | GRC & Cyber Leaders

SureCloud — Mon, 06 Jun 2022 09:43:07 +0100

Join Matthew Davies of SureCloud, and Tom Cornelius, Co-Founder of the Secure Controls Framework, who discuss what the SCF is doing to assist organizations in their journey towards compliance and enhanced cybersecurity.

UK SOX: What is the purpose of this emerging legislation and how will it impact your business? | Capabilities

SureCloud — Mon, 30 May 2022 09:23:37 +0100

Join Matthew Davies and Yang Zheng from SureCloud, who will be discussing the forthcoming UK SOX laws and identifying the key areas that organizations should be focusing on to get ready and to ensure they remain compliant.

Examining the CISA Report for Exploited Vulnerabilities | Cyber Threat Briefing

SureCloud — Fri, 20 May 2022 11:50:53 +0100

Join SureCloud’s Craig Moores and Hugh Raynor in this Cyber Threat Briefing episode. They discuss the recently released CISA report, which highlights the top vulnerabilities that threat actors were able to exploit over the past year.

Practical Steps to Improve your Third-Party Risk Management Program | Capabilities

SureCloud — Thu, 19 May 2022 10:00:00 +0100

Join Nick Rafferty, Matt Davies and Yang Zheng of SureCloud, who discuss ways in which organizations can enhance their third-party risk management operations and practices.

Common Third-Party Risk Management Challenges for Organizations | Capabilities

SureCloud — Thu, 12 May 2022 10:46:01 +0100

Join Nick Rafferty, Matt Davies and Yang Zheng of SureCloud, for a discussion of the most common third-party risk management challenges that they see on consulting engagements.

Cybersecurity Essentials for Cloud Environments | CISO's How-To

SureCloud — Mon, 09 May 2022 15:02:57 +0100

In this CISO's How-To episode, join SureCloud's Nick Hayes and Hugh Raynor. They discuss and provide practical solutions to cloud-based security challenges.

Interpreting the 2022 Cyber Security Breaches Survey from the DCMS I Cyber Threat Briefing

SureCloud — Thu, 28 Apr 2022 10:02:05 +0100

Join Craig Moores and Hugh Raynor of SureCloud, in this Cyber Threat Briefing episode. They discuss a recently released report from The UK’s Department for Digital, Culture, Media and Support (DCMS), which examines the prevalence of cyber breaches over the past year.

Making Cybersecurity a Quality Function, with Greg van der Gaast, CISO at ScoutBee | GRC & Cyber Leaders

SureCloud — Mon, 25 Apr 2022 15:16:43 +0100

In this CISO Interview episode, Greg van der Gaast, Chief Information Security Officer at ScoutBee, joins Matthew Davies, SureCloud's VP of Product. Greg and Mathew discuss both the challenges and opportunities that come with being instated as a growing company’s first Chief Information Security Officer, in addition to delving into Greg’s visionary approach to strategic security management.

Data Privacy Compliance and Cybersecurity Challenges with Phil Lea, Chief Privacy Officer at Tenth Revolution Group | GRC & Cyber Leaders

SureCloud — Wed, 06 Apr 2022 10:40:35 +0100

In this CISO interview episode, Phil Lea, Chief Privacy Officer at Tenth Revolution Group, joins Matthew Davies, SureCloud's VP of Product. Phil and Mathew discuss Phil’s role as Chief Privacy Officer - the main challenges he faces and the key initiatives he is undertaking.

Ukrainian Fundraiser Phishing Scams

SureCloud — Wed, 06 Apr 2022 10:04:16 +0100

The NCSC has issued a report that states that an extremely high level of phishing scams are currently being circulated that claim to be fundraising to support the Ukrainian cause. So why are fraudsters choosing this particular topic? In many ways, it’s the perfect subject as it contains many of the key ingredients of a successful and compelling phishing scam. The Ukrainian situation is: a matter of urgency; highly compelling – something that is close to most people’s hearts; something that many people may be motivated to share, providing a viral element to the scam.

The Strengthening American Cybersecurity Act, with Chad Brustin, Lead Security Engineer at Clyde

SureCloud — Mon, 04 Apr 2022 16:05:55 +0100

Chad Brustin, Lead Security Engineer at Clyde joins Nick Hayes and James Pierce, both Directors at SureCloud, to talk about the Strengthening American Cybersecurity act, which has recently been passed by the US Senate. Our expert panel will discuss the varied implications of the key features within this emerging legislation.

Assessing the Russian Cyber Threat Landscape I Cyber Threat Briefing

SureCloud — Wed, 23 Mar 2022 10:30:30 +0000

Join SureCloud’s Risk Advisory Senior Director, Craig Moores, and Senior Cybersecurity Consultant Hugh Raynor, in this Cyber Threat Briefing episode. This Cyber Threat Briefing will focus on the most common and prevalent threats that exist within the current threat landscape and what organizations can do to mitigate threats and enhance their security posture. Craig and Hugh will be discussing cybercriminal activity linked to the Russia-Ukraine conflict.

Cybersecurity and Risk Best Practice with Robin Smith, Chief Security Officer at Aston Martin | GRC & Cyber Leaders

SureCloud — Mon, 21 Mar 2022 11:53:17 +0000

Robin Smith, Chief Security Officer at Aston Martin, joins SureCloud’s Matthew Davies for the latest instalment of our Leaders in Cybersecurity and Risk series. Robin explains what he is doing to take Aston Martin on a cybersecurity journey to enhance their information security posture and enable the company to become more productive and profitable. Robin also recounts aspects of his career journey that led to him becoming the CISO of Aston Martin and highlights the most important things he’s learned along the way.

Cyber Warfare: How will It Impact your Organization and What Can you do to Stay Safe?

SureCloud — Thu, 10 Mar 2022 15:44:08 +0000

We are living in times of political uncertainty. The increasingly hostile occurrences of recent weeks have far wider implications than many people realize. Cyber warfare is now a recognized tactic employed by aggressive nation-states, and these cyber-attacks can represent a significant proportion of the weaponry used by warring factions. And even civilian businesses and other organizations that seem unconnected to these disputes can become caught in the crossfire. SureCloud's cybersecurity experts, Nick Hayes and Nick Rafferty discuss the implications of cyber warfare for all businesses, regardless of where they are located and what industry they are a part of. Watch their discussion to learn what the risks are and what you can do to protect your business.

Enterprise Architecture And Its Role Against Security Threats | Cyber Threat Briefing

SureCloud — Wed, 02 Mar 2022 09:53:34 +0000

Join SureCloud’s Craig Moores and Hugh Raynor in this Cyber Threat Briefing briefing. Craig and Hugh will be discussing the role of Enterprise Architecture in optimizing an organization’s security posture. This Cyber Threat Briefing will focus on the ‘defensive depth’ that many businesses are trying to achieve - robust security measures which are distributed throughout your architecture, which form a series of unique obstacles which prevent attackers from gaining access.

CMMC 2.0 - What's New with Tom Cornelius, Founder & Contributor at SCF

SureCloud — Mon, 28 Feb 2022 16:00:00 +0000

Tom Cornelius, Partner at ComplianceForge and Founder of Secure Controls Framework (SCF), joins SureCloud’s Craig Moores to discuss the advent of Cybersecurity Maturity Model Certification (CMMC) 2.0. Craig and Tom will provide an overview of what the second version of CMMC will constitute and will then discuss the practical changes which are associated with the forthcoming release of CMMC 2.0.

CMMC (Cybersecurity Maturity Model Certification) - What, When, Who and Why?

SureCloud — Thu, 24 Feb 2022 11:07:39 +0000

Join SureCloud’s Craig Moores and Tim Hodgkins as they examine the recently introduced Cybersecurity Maturity Model Certification (CMMC) standard and will discuss exactly what challenges companies of all sizes who aim to supply products and services to the US Department of Defense (DoD) will face. In this short recording you will learn what is involved in the CMMC, and what changes your organization can expect to undertake in order to comply with this standard.

An Organization's Susceptibility to Supply Chain Attacks | Cyber Threat Briefing

SureCloud — Mon, 21 Feb 2022 11:17:49 +0000

Join SureCloud’s Craig Moores and Hugh Raynor in this Cyber Threat Briefing episode. They will be discussing the increasing propensity of criminals to target supply chains. Our experts will analyze the main threats to supply chains and how businesses are impacted when breaches occur, as well as discuss various strategies and tactics to mitigate risk.

Tooling Considerations To Support Your GRC / IRM Programs | Capabilities

SureCloud — Wed, 16 Feb 2022 17:14:13 +0000

If your organization has decided to implement a GRC solution for the first time or has concluded that it’s time to upgrade what you have, then this video is a must-watch! Three industry veterans discuss what they have learned from overseeing countless GRC and Integrated Risk Management implementations across a wide range of enterprises. Avoid common mistakes by learning what it takes to develop genuine GRC capabilities. Watch this full and frank discussion between SureCloud’s VP of Product, Matthew Davies; Senior Director of Customer Success, Yang Zheng and Co-founder, Nick Rafferty.

Vendor Risk Best Practice with Ryan Walker, Third-Party Risk Manager at AutoZone | GRC & Cyber Leaders

SureCloud — Tue, 15 Feb 2022 09:57:56 +0000

Join Ryan Walker, Third-Party Risk Manager at AutoZone, and Matthew Davies, SureCloud's VP of Product, for a 'how-to' discussion. AutoZone is a leading automotive parts supplier; Ryan and Matthew discuss how to optimize cyber security strategies, structure the security team, influence, manage and persuade stakeholders, and talk through lessons learned from previous breaches and other incidents.

Through The Eyes of an APT | Cyber Threat Briefing

SureCloud — Fri, 11 Feb 2022 14:37:05 +0000

Join SureCloud’s Craig Moores and Hugh Raynor in this Cyber Threat Briefing episode. They will introduce the concept of Advanced Persistent Threats (APTs), discuss current trends, and discuss what organizations can do to protect themselves. Topics for discussion include: what motivates APTs and how they typically operate; Log4J vulnerability and how you could be impacted; incident response best practice; and how organizations can protect against zero-day vulnerabilities in general.

Welcome to the Capability-Centric GRC & Cyber Security Podcast

SureCloud — Thu, 10 Feb 2022 17:06:30 +0000

A short introduction to the Capability-centric GRC & Cyber Security Podcast.