Security Matters

EP 26 - The tyranny of the now: identity at machine speed

CyberArk — Fri, 06 Mar 2026 09:47:20 -0500

Security teams are under more pressure than ever, reacting at human speed while systems, identities, and AI agents operate at machine speed. In this episode of Security Matters, host David Puner sits down with cybersecurity leader and former FBI executive MK Palmore to explore why defenders struggle to keep pace and what it takes to regain control.

From AI agents that overshare sensitive data to cloud misconfigurations that never seem to disappear to the persistent success of ransomware, MK explains how complexity, vendor sprawl, and overloaded teams create gaps that attackers continue to exploit. The conversation highlights how identity across human, machine, and emerging agent types has become the center of modern security and why fundamentals, prioritization, and platform thinking matter more than ever.

Listeners will hear insight on:

• Identity at machine speed and the rise of autonomous access
• Why attackers still win more than 51 percent of the time
• How ransomware continues to succeed despite industry progress
• Why SMBs face “mission impossible” expectations
• The true cost of vendor sprawl and operational overload
• What effective security leadership looks like in the current threat environment

If you work in identity, security operations, strategy, or leadership, this discussion cuts through hype and focuses on the realities defenders face and how to push back against the constant pressure of the tyranny of the now.

EP25 - Identity is the attack vector w/ Udi Mokady

CyberArk — Wed, 18 Feb 2026 08:52:40 -0500

CyberArk founder and executive chairman Udi Mokady returns to Security Matters at a transformational moment—now as part of Palo Alto Networks, following the acquisition’s close on February 11. In this far‑reaching conversation, Udi and host David Puner explore why identity has become the attack vector for modern enterprises, driven by an unprecedented surge in human, machine and AI‑powered identities that attackers increasingly exploit.

Udi discusses what the combined companies’ scale and capabilities mean for customers, why identity security must now operate as frontline defense rather than a management layer, and how AI agents are rapidly reshaping the threat landscape. He also reflects on CyberArk’s long‑distance entrepreneurial journey, the cultural foundations that have made the company durable over 26 years, and how productive paranoia, innovation and trust continue to guide the mission forward inside Palo Alto Networks.

Note: This episode was recorded in January, prior to the acquisition’s close.

EP 24 - FOMO, identity, and the realities of AI at scale

CyberArk — Tue, 27 Jan 2026 08:41:04 -0500

In this episode of Security Matters, host David Puner sits down with Ariel Pisetzky, chief information officer at CyberArk, for a candid look at the fast‑evolving intersection of AI, cybersecurity, and IT innovation. As organizations race to adopt AI, the fear of missing out is driving rapid decisions—often without enough consideration for identity, security, or long‑term impact.

Ariel shares practical insights on what it really takes to secure AI at scale, from combating AI‑enabled phishing attacks to managing agent identities and reducing growing risks in the software supply chain.

The conversation explores how leaders can balance innovation with identity‑centric guardrails, understand the economics of AI adoption, and push for the democratization of IT without losing control. Whether you're a CIO, an IT leader, or simply curious about the future of cybersecurity, this episode offers clear, actionable guidance to help you stay ahead in 2026 and beyond.

EP 23 - Red teaming AI governance: catching model risk early

CyberArk — Wed, 14 Jan 2026 09:42:17 -0500

AI systems are moving fast, sometimes faster than the guardrails meant to contain them. In this episode of Security Matters, host David Puner digs into the hidden risks inside modern AI models with Pamela K. Isom, exploring the governance gaps that allow agents to make decisions, recommendations, and even commitments far beyond their intended authority.

Isom, former director of AI and technology at the U.S. Department of Energy (DOE) and now founder and CEO of IsAdvice & Consulting, explains why AI red teaming must extend beyond cybersecurity, how to stress test AI governance before something breaks, and why human oversight, escalation paths, and clear limits are essential for responsible AI.

The conversation examines real-world examples of AI drift, unintended or unethical model behavior, data lineage failures, procurement and vendor blind spots, and the rising need for scalable AI governance, AI security, responsible AI practices, and enterprise red teaming as organizations adopt generative AI.

Whether you work in cybersecurity, identity security, AI development, or technology leadership, this episode offers practical insights for managing AI risk and building systems that stay aligned, accountable, and trustworthy.

EP 22 - Security at the speed of innovation: Breaking down legacy barriers

CyberArk — Tue, 30 Dec 2025 12:40:53 -0500

How are defenders supposed to keep up when attackers move at the speed of AI? In this episode of Security Matters, host David Puner welcomes Rick McElroy, founder and CEO of Nexasure, for a candid conversation about cybersecurity’s breaking point. Together, they unpack the realities of defending organizations in an era of identity sprawl, machine risk, agentic AI, and relentless automation. Rick shares hard-won insights from decades on the front lines, challenging the myth of perfect defense and revealing why identity remains at the root of most breaches. Whether you’re a CISO, IT leader, or cybersecurity professional, you’ll get actionable advice on managing machine identities, rethinking risk, and building resilience for a future where change is the only constant.

EP 21 - When attackers log in: Pausing for perspective in the age of instant answers

CyberArk — Tue, 16 Dec 2025 10:07:38 -0500

In this episode of Security Matters, host David Puner welcomes back David Higgins, senior director in CyberArk’s Field Technology Office, for a timely conversation about the evolving cyber threat landscape. Higgins explains why today’s attackers aren’t breaking in—they’re logging in—using stolen credentials, AI-powered social engineering, and deepfakes to bypass traditional defenses and exploit trust.

The discussion explores how the rise of AI is eroding critical thinking, making it easier for even seasoned professionals to fall for convincing scams. Higgins and Puner break down the dangers of instant answers, the importance of “never trust, always verify,” and why zero standing privilege is essential for defending against insider threats. They also tackle the risks of shadow AI, the growing challenge of misinformation, and how organizations can build a culture of vigilance without creating a climate of mistrust.

Whether you’re a security leader, IT professional, or just curious about the future of digital trust, this episode delivers actionable insights on identity security, cyber hygiene, and the basics that matter more than ever in 2026 and beyond.

EP 20 - Why agentic AI is changing the security risk equation

CyberArk — Wed, 26 Nov 2025 08:51:28 -0500

As enterprises embrace agentic AI, a new security risk equation emerges. In this episode of Security Matters, host David Puner sits down with Lavi Lazarovitz, VP of Cyber Research at CyberArk Labs, to unpack how AI agents and identity security are reshaping the threat landscape. Learn why privileged access is now the fault line of enterprise security, how attackers exploit overprivileged AI agents, and what security teams must rethink before scaling AI. Packed with real-world examples and actionable insights, this is a must-listen for anyone meeting the challenges of AI and cybersecurity.

EP 19 - Trust Under Attack: Spies, Lies, and the New Face of Cybercrime

CyberArk — Wed, 12 Nov 2025 10:00:58 -0500

Eric O’Neill, former FBI ghost and author of “Spies, Lies & Cybercrime,” joins host David Puner to take a deep dive into the mindset and tactics needed to defend against today’s sophisticated cyber threats. Drawing on O’Neill’s experience catching spies and investigating cybercriminals, the conversation explains how thinking like an attacker can help organizations and individuals stay ahead. The episode covers actionable frameworks, real-world stories, and practical advice for building cyber resilience in an age of AI-driven scams and industrialized ransomware.

EP 18 - The humanity of AI agents: Managing trust in the age of agentic AI

CyberArk — Tue, 28 Oct 2025 09:31:30 -0400

In this episode of Security Matters, host David Puner sits down with Yuval Moss, CyberArk’s VP of Solutions for Global Strategic Partners, to explore the fast-evolving world of agentic AI and its impact on enterprise security. From rogue AI agents deleting production databases to the ethical blind spots of autonomous systems, the conversation dives deep into how identity and Zero Trust principles must evolve to keep pace. Yuval shares insights from his 25-year cybersecurity journey, including why AI agents behave more like humans than machines—and why that’s both exciting and dangerous. Whether you're a security leader, technologist or curious listener, this episode offers practical guidance on managing AI agent identities, reducing risk, and preparing for the next wave of autonomous innovation.

Explore more of Yuval’s thinking on agentic AI and identity-first security in these recent articles:

EP 17 - Privilege creep and the machine identity surge: Securing the modern enterprise

CyberArk — Thu, 09 Oct 2025 09:50:53 -0400

In this episode of Security Matters, Chris Schueler, CEO of Cyderes, joins host David Puner for a dive into the evolving challenges of enterprise security. The conversation explores the dangers of privilege creep, the explosion of machine identities, and why accountability at every point of interaction is essential for building resilient teams and systems. Chris shares insights on the risks of unmanaged access, the impact of AI and automation on both defense and attack strategies, and practical advice for CISOs and boards on managing identity risk while enabling business transformation.

Whether you’re a security leader, practitioner, or simply interested in the future of cybersecurity, this episode delivers actionable guidance and fresh perspectives on safeguarding your organization’s reputation, continuity, and trust.

EP 16 - Sensing the signals: The hidden risks in digital supply chains

CyberArk — Thu, 25 Sep 2025 13:18:24 -0400

Modern digital supply chains are increasingly complex and vulnerable. In this episode of Security Matters, host David Puner is joined by Retsef Levi, professor of operations management at the MIT Sloan School of Management, to explore how organizations can “sense the signals” of hidden risks lurking within their software supply chains, from open source dependencies to third-party integrations and AI-driven automation.

Professor Levi, a leading expert in cyber resilience and complex systems, explains why traditional prevention isn’t enough and how attackers exploit unseen pathways to infiltrate even the most secure enterprises. The conversation covers the critical need for transparency, continuous monitoring, and rapid detection and recovery in an era where software is built from countless unknown components.

Key topics include:

How to sense early warning signs of supply chain attacks
The role of AI and automation in both risk and defense
Best practices for mapping and securing your digital ecosystem
Why resilience—not just prevention—must be at the core of your security strategy

Whether you’re a CISO, IT leader or security practitioner, this episode will help you rethink your approach to digital supply chain risk and prepare your organization for what’s next.

Subscribe to Security Matters for expert insights on identity security, cyber resilience and the evolving threat landscape.

EP 15 - Why banks need to treat machine identities like VIPs

CyberArk — Wed, 10 Sep 2025 12:14:35 -0400

In this episode of Security Matters, host David Puner speaks with Andy Parsons, CyberArk’s Director of EMEA Financial Services and Insurance, whose career spans from the British Army to CISO and CTO roles in global financial institutions. Andy shares hard-earned lessons on leadership, risk management, and the evolving cybersecurity landscape in banking—from insider threats to machine identity governance and the rise of agentic AI.

Discover why “you can’t secure what you can’t see,” how manual processes fail at scale, and why treating machine identities as “first-class citizens” is no longer optional. Andy also explores the privileged access paradox, dynamic access management, and how AI is reshaping compliance, trading, and operational resilience.

Whether you're a security leader, technologist, or financial executive, this episode offers strategic insights and practical steps to future-proof your organization in an era of accelerating digital risk.

EP 14 - Beyond secrets: Securing the future of machine identity

CyberArk — Wed, 27 Aug 2025 09:32:20 -0400

In this episode of Security Matters, host David Puner sits down with Matt Barker, CyberArk’s VP and Global Head of Workload Identity Architecture, for a deep dive into the exploding world of machine identities and the urgent need to rethink how to secure them. From his journey co-founding Jetstack and creating Cert Manager to leading CyberArk’s efforts in workload identity, Matt shares insights on why secrets-based security is no longer sustainable—and how open standards like SPIFFE are reshaping the future of cloud-native and AI-driven environments.

Discover how machine identities now outnumber humans 80 to 1, why leaked secrets are a "hacker’s buffet," and how workload identity is becoming a cornerstone of Zero Trust architecture. Whether you're a CISO, platform engineer, or just curious about the next frontier in cybersecurity, this episode offers actionable advice and a compelling vision for securing the age of AI agents.

EP 13 - Pizza parties and profit margins: The business of cybercrime

CyberArk — Tue, 12 Aug 2025 00:01:00 -0400

Cybercriminals today operate more like startups than stereotypes—complete with org charts, sprint cycles, and pizza parties to celebrate successful breaches. In this episode of Security Matters, host David Puner talks with former CISO and U.S. Air Force veteran Ian Schneller about the evolving sophistication of threat actors and what it takes to stay ahead.

From zero-day vulnerabilities and machine identity risks to AI-powered attacks and insider threats, Ian shares practical strategies drawn from his experience in military intelligence, offensive cyber operations, and corporate security leadership. Learn how to build resilience, translate cyber risk into business outcomes, and lead with mission-driven clarity in a threat landscape that never slows down.

EP 12 - From assumptions to accountability: A CISO’s take on cloud risk

CyberArk — Tue, 29 Jul 2025 00:01:00 -0400

What does "secure by default" really mean—and is it enough? In this episode of CyberArk’s Security Matters, host David Puner sits down with Scott Barronton, Chief Information Security Officer (CISO) at Diebold Nixdorf, to explore the often-overlooked risks of cloud default settings and how assumptions can lead to vulnerabilities.

Drawing on over 25 years in cybersecurity, Scott shares how he balances product and corporate security, leads a global team, and chairs his company’s AI steering committee. He discusses the importance of machine identity management, certificate automation, and building security programs that support both innovation and accountability.

Plus, Scott reflects on how his passion for travel—including a group trip to Antarctica—informs his leadership style and security mindset.

EP 11 - The calm CISO: Strength under pressure

CyberArk — Tue, 15 Jul 2025 13:43:30 -0400

What does it take to stay calm in the face of constant cyber pressure—and why does that mindset matter more than ever? In this episode of Security Matters, host David Puner speaks with Den Jones, founder and CEO of 909Cyber, about his transition from enterprise chief security officer (CSO) to cybersecurity consultant. They explore what it means to lead with clarity and composure in a high-stakes environment, the realities of launching a firm in a crowded market, and how pragmatic security strategies—especially around identity, AI, and Zero Trust—can help organizations navigate AI-driven threats, talent shortages, and operational complexity. It’s a candid conversation about what works and what doesn’t when it comes to modern security leadership.

EP 10 - A new identity crisis: governance in the AI age

CyberArk — Thu, 26 Jun 2025 08:07:55 -0400

In this episode of Security Matters, host David Puner sits down with Deepak Taneja, co-founder of Zilla Security and General Manager of Identity Governance at CyberArk, to explore why 2025 marks a pivotal moment for identity security. From the explosion of machine identities—now outnumbering human identities 80 to 1—to the convergence of IGA, PAM, and AI-driven automation, Deepak shares insights from his decades-long career at the forefront of identity innovation.

Listeners will learn:

Why legacy identity governance models are breaking under cloud scale
How AI agents are reshaping entitlement management and threat detection
What organizations must do to secure non-human identities and interlinked dependencies
Why time-to-value and outcome-driven metrics are essential for modern IGA success

Whether you're a CISO, identity architect, or security strategist, this episode delivers actionable guidance for navigating the evolving identity security landscape.

EP 9 - J&J’s former CISO on trust, identity, and the future of cybersecurity

CyberArk — Wed, 11 Jun 2025 00:01:00 -0400

In this episode of Security Matters, host David Puner sits down with Marene Allison, former Chief Information Security Officer (CISO) of Johnson & Johnson, for a candid and wide-ranging conversation on trust, identity, and leadership in cybersecurity. From securing global vaccine supply chains during the COVID-19 pandemic to navigating the rise of AI and machine identities, Marene shares hard-earned insights from her decades-long career in national security and the private sector.

They explore what it means to be a mission-driven CISO, how to build trust from the boardroom to the front lines, and why identity has always been the true perimeter. Marene also reflects on her post-CISO chapter and the evolving role of cybersecurity leaders in a rapidly evolving threat landscape.

EP 8 - Zero Trust, Zero Chill: Securing Machine Identity

CyberArk — Wed, 28 May 2025 00:01:00 -0400

In this episode of Security Matters, host David Puner welcomes Kevin Bocek, CyberArk SVP of Innovation, for an insightful discussion on the critical role of machine identity in modern cybersecurity. As digital environments become increasingly complex, securing machine identities has never been more crucial.

According to the CyberArk 2025 Identity Security Landscape, machine identities now outnumber human identities by more than 80 to 1. As organizations scale cloud workloads and automation, these identities are becoming a critical part of the cybersecurity frontline. From TLS certificate outages to API key exposures, failures in machine identity management can lead to outages, breaches, and cascading system failures. In this episode of Security Matters, Kevin Bocek explains why this moment is pivotal for getting machine identity right—and how Zero Trust principles, automation, and visibility are essential to building cyber resilience.

We also explore the future of identity security—from AI kill switches and agentic AI to quantum threats—and how identity can serve as both a safeguard and a kill switch in the age of autonomous systems.

Whether you're a cybersecurity professional or simply interested in the latest security trends, this episode offers valuable insights into the importance of machine identity in safeguarding our digital world. Don’t forget to subscribe, leave a review, and follow Security Matters for more expert discussions on the latest in cybersecurity.

EP 7- Resilience in Identity Management: Avoiding Single Points of Failure

CyberArk — Thu, 15 May 2025 00:01:00 -0400

In this episode of Security Matters, host David Puner sits down with Eric Olden, co-founder and CEO of Strata Identity, and a pioneer in modern identity management. Eric shares his career journey, from founding Simplified to leading Oracle's global identity division, and discusses the critical importance of resilience in identity systems.

Discover how organizations can eliminate single points of failure, test their backup plans and ensure their digital operations remain robust even in the face of unexpected outages. Eric also delves into the concept of identity orchestration, explaining how it can unify multiple identity systems and enhance security.

Tune in to learn about the latest trends in identity management, including the intersection of AI and identity, and gain insights into how businesses can proactively assess and mitigate risks associated with identity outages.

Don't miss this engaging conversation filled with practical advice and forward-thinking strategies to help safeguard your organization's identity infrastructure.

EP 6 - Incident Response POV: 2025 Emerging Threats

CyberArk — Wed, 30 Apr 2025 00:01:00 -0400

In this episode of Security Matters, host David Puner, dives into the world of evolving cyberthreats with Bryan Murphy, Senior Director of CyberArk's Incident Response Team. Imagine a scenario where an attacker uses AI-generated deepfakes to impersonate your company's VP of finance, gaining unauthorized access to your environment. Bryan Murphy shares insights on how these sophisticated attacks are turning identity into the attack surface and why your first line of defense might be as simple as a video call. Learn about the latest trends in social engineering, credential tiering and the importance of visual verification in incident response. Don't miss this eye-opening discussion on how to protect your organization from the ever-evolving threat landscape.

EP 5 - Identity Debt: The Hidden Risk in SaaS Applications

CyberArk — Wed, 09 Apr 2025 00:01:00 -0400

In this episode of the Security Matters podcast, host David Puner sits down with Lior Yaari, CEO and co-founder of Grip Security, for a discussion that covers the concept of identity debt and its implications for modern cybersecurity. Lior shares insights from his experience in Israel's elite Unit 8200 and explains why identity is now the new security perimeter. They delve into the challenges organizations face in managing SaaS applications, the impact of generative AI on cybersecurity and the importance of proactive identity governance. Tune in for tips on how to protect your organization from within and stay ahead of evolving threats.

EP 4 - AI-Powered Fraud: Redefining the Identity Threat Landscape

CyberArk — Fri, 28 Mar 2025 00:30:00 -0400

Imagine receiving an urgent email from your bank that looks perfectly legitimate. It warns you of a suspicious transaction and prompts you to verify your identity. You hesitate but click, and suddenly, your credentials are compromised. This scenario, crafted by AI-powered fraud-as-a-service, is happening now.

In this episode of the Security Matters podcast, host David Puner is joined by Blair Cohen, Founder and President of AuthenticID, to discuss the evolving identity threat landscape. They explore the rise of synthetic fraud, the role of biometric authentication and how AI-driven security is reshaping the fight against cybercrime. Blair shares insights on the challenges of detecting deepfakes, the advancements in biometric authentication and the impact of generative AI on security measures.

Tune in to learn how security leaders can stay ahead in this rapidly changing environment and what organizations can do to prepare for the next generation of cyberthreats.

EP 3 - Building Trust in AI Agents

CyberArk — Thu, 13 Mar 2025 12:07:01 -0400

In this episode of the Security Matters podcast, host David Puner is joined by Lavi Lazarovitz, Vice President of Cyber Research at CyberArk Labs, to explore the transformative impact of AI agents on cybersecurity and automation. They discuss real-world scenarios where AI agents monitor security logs, flag anomalies, and automate responses, highlighting both the opportunities and risks associated with these advanced technologies.

Lavi shares insights into the evolution of AI agents, from chatbots to agentic AI, and the challenges of building trust and resilience in AI-driven systems. The conversation delves into the latest research areas, including safety, privacy, and security, and examines how different industries are adopting AI agents to handle vast amounts of data.

Tune in to learn about the critical security challenges posed by AI agents, the importance of trust in automation, and the strategies organizations can implement to protect their systems and data. Whether you're a cybersecurity professional or simply curious about the future of AI, this episode offers valuable insights into the rapidly evolving world of AI agents.

More security resources via the CyberArk Blog

EP 2 - Dispatch From Retail's Frontline: Building Cyber Resilience

CyberArk — Thu, 27 Feb 2025 11:17:06 -0500

In this episode of Security Matters, we dive into the world of retail technology and cybersecurity. Imagine a bustling retail chain during its busiest shopping season, only to be disrupted by a cyberattack. Our guest, Jason James, Chief Information Officer (CIO) at Aptos Retail, shares his insights with host David Puner on how to stay ahead of these threats.

Discover the strategies for building cyber resilience, the role of AI in retail, the importance of protecting consumer trust and the critical role of identity in safeguarding sensitive data. JJ's journey from tech enthusiast to CIO offers actionable insights and expert advice for cyber professionals, business leaders and anyone with a seat at or view of the cybersecurity table.

More security resources via the CyberArk Blog

EP 1 - AI Gone Rogue: FuzzyAI and LLM Threats

CyberArk — Wed, 12 Feb 2025 14:02:36 -0500

In the inaugural episode of the Security Matters podcast, host David Puner dives into the world of AI security with CyberArk Labs' Principal Cyber Researcher, Eran Shimony. Discover how FuzzyAI is revolutionizing the protection of large language models (LLMs) by identifying vulnerabilities before attackers can exploit them. Learn about the challenges of securing generative AI and the innovative techniques used to stay ahead of threats. Tune in for an insightful discussion on the future of AI security and the importance of safeguarding LLMs.

What's Security Matters? Check out the show trailer to learn more. Make us your top cybersecurity podcast.

More security resources via the CyberArk Blog

Links referenced in this episode:

Welcome to Security Matters: The Next Evolution of CyberArk's Podcast (Show Trailer)

CyberArk — Fri, 07 Feb 2025 16:41:29 -0500

Welcome to Security Matters, the next evolution of CyberArk’s podcast. Previously known as Trust Issues, this show has always brought expert insights into the world of identity security.

Hosted by David Puner, Senior Editorial Manager at CyberArk, Security Matters refines its focus to emphasize a proactive approach to cybersecurity. The podcast will delve into the principle of "Think like an attacker," highlighting the importance of staying ahead of threats rather than merely reacting to them.

Each episode will feature deep insights, expert perspectives, and actionable strategies to help empower listeners to defend and protect their organizations and the digital world. Topics will include securing the entire spectrum of identities—both human and machine—protecting hybrid and multi-cloud environments and analyzing the latest attack methods.

Join Security Matters to explore why how you approach security truly matters.

Coming mid-Feb. 2025 to this stream and most major podcast platforms.

EP 70 - Zero Days and High Stakes: The US Treasury Attack

CyberArk — Thu, 23 Jan 2025 12:29:06 -0500

In this episode of Trust Issues, host David Puner dives into the recent high-profile cyberattack on the U.S. Treasury Department. Joined by Andy Thompson, CyberArk Labs' Senior Offensive Research Evangelist, and Joe Garcia, CyberArk’s Principal DevOps Solutions Engineer, they explore the timeline, details and implications of the attack. Discover proactive security recommendations, insights into zero-day vulnerabilities and the broader impact on federal cybersecurity. Tune in to learn how to help bolster your defenses against future cyber threats.

To read CyberArk Labs' analysis of the U.S. Treasury attack, check out the teams' blog, "The US Treasury Attack: Key Events and Security Implications."

EP 69 - Cloudy with a 100% Chance of Secrets: Decoding Secrets Management in the Cloud

CyberArk — Fri, 17 Jan 2025 00:01:00 -0500

In this episode of the Trust Issues podcast, host David Puner dives into the complexities of secrets management with Ritesh Desai, General Manager at AWS Secrets Manager. They discuss the evolving landscape of secrets management, emphasizing the importance of a multi-layered defense strategy as organizations increasingly adopt cloud services, digital transformation and agile development practices. Ritesh highlights the critical role of machine identities in managing secrets and the growing significance of AI and automation in enhancing security measures. He also underscores the necessity of a comprehensive approach that includes discovery, visibility and leak detection to safeguard sensitive information effectively. The conversation covers the challenges of managing secrets in multi-cloud environments and the importance of regular secret rotation and access control. This episode provides valuable insights into best practices and strategies for securing secrets.

EP 68 - Cloud Security, Collaboration and Futuring in the Now

CyberArk — Thu, 26 Dec 2024 00:01:00 -0500

In this episode, Trust Issues host David Puner wraps up 2024 with a conversation with Red Hat’s Field CTO Ambassador E.G. Nadhan about the future of cybersecurity. They discuss the importance of cloud security principles, the impact of emerging technologies like AI and quantum computing, and the challenges of managing machine identities. Nadhan emphasizes the need for organizations to prepare for future security challenges by understanding the attacker mindset and taking proactive steps today to protect for tomorrow. The conversation also touches on collaboration within the open source community and the role of Red Hat's Field CTO organization in driving innovation and addressing market opportunities.

EP 67 - The Password Problem

CyberArk — Fri, 06 Dec 2024 00:01:00 -0500

In this episode of the Trust Issues podcast, host David Puner sits down with Andrew Shikiar, the Executive Director and CEO of the FIDO Alliance, to discuss the critical issues surrounding password security and the innovative solutions being developed to address them. Andrew highlights the vulnerabilities of traditional passwords, their susceptibility to phishing and brute force attacks, and the significant advancements in passwordless authentication methods, particularly passkeys. He explains how passkeys, based on FIDO standards, utilize asymmetric public key cryptography to enhance security and reduce the risk of data breaches.

The conversation also covers the broader implications of strong, user-friendly authentication methods for consumers and organizations, as well as the collaborative efforts of major industry players to make the internet a safer place. Additionally, Andrew highlights the importance of identity security in the context of these advancements, emphasizing how robust authentication methods can protect personal and organizational data.

Tune in to learn about the future of authentication and the steps being taken to eliminate the reliance on passwords.

EP 66 - Post-Election Insights: AI, Misinformation and Security

CyberArk — Thu, 21 Nov 2024 09:11:07 -0500

In this episode of Trust Issues, host David Puner interviews James Imanian, Senior Director of the U.S. Federal Technology Office at CyberArk. They discuss the critical topic of election security, focusing on the recent 2024 U.S. presidential election. Drawing from his extensive background in cybersecurity including a career in the Navy and a stint at the U.S. Department of Homeland Security, James brings a wealth of experience to the conversation, which explores AI's impact on election security—highlighting how AI has transformed the landscape by increasing the scale, speed and sophistication of misinformation and disinformation campaigns. James explains the differences between misinformation, disinformation and malinformation and their roles in the information environment surrounding elections.

He also highlights the importance of public-private partnerships in securing election infrastructure and the role of international collaboration in countering nation-state threats. The episode examines the challenges of maintaining trust in the digital age and the potential of identity verification technologies to enhance information trustworthiness.

Finally, the discussion touches on the parallels between election security and enterprise cybersecurity, emphasizing the need for critical thinking and proactive measures to uphold the integrity of both elections and organizational security.

For more insights from James Imanian on election security, check out his blog, "Six Key Measures for Upholding Election Security and Integrity."

EP 65 - Machine Identities, AI and the Future of Security with the 'Identity Jedi'

CyberArk — Fri, 08 Nov 2024 00:01:00 -0500

In this episode of the Trust Issues podcast, host David Puner and David Lee, aka “The Identity Jedi,” delve into the evolving landscape of identity security. They discuss the critical challenges and advancements in securing both human and machine identities. Lee shares insights on the fear and misconceptions surrounding AI, drawing parallels to pop culture references like Marvel's Jarvis. They explore the potential of autonomous AI in monitoring and managing security tasks, emphasizing the need for real time data analysis and context understanding. The conversation highlights the importance of providing context on both human and machine sides to enhance security measures. They also touch on the role of investors in the identity security space and the need for better storytelling in the industry.

EP 64 - Identity Reinvention: Insights From the World's First Augmented Ethical Hacker

CyberArk — Wed, 23 Oct 2024 00:01:00 -0400

In this episode of the Trust Issues Podcast, host David Puner sits down with CyberArk's resident technical evangelist, white hat hacker and transhuman, Len Noe. They dive into Len's singular journey from a black hat hacker to an ethical hacker, exploring his identity reinvention and the fascinating world of subdermal microchip implants and offensive security. Len shares insights from his new book, "Human Hacked: My Life and Lessons as the World's First Augmented Ethical Hacker," which releases on October 29. They also discuss the relevance of Len's transhuman identity to his work in identity security.

EP 63 - Jailbreaking AI: The Risks and Realities of Machine Identities

CyberArk — Wed, 09 Oct 2024 00:01:00 -0400

In this episode of Trust Issues, host David Puner welcomes back Lavi Lazarovitz, Vice President of Cyber Research at CyberArk Labs, for a discussion covering the latest developments in generative AI and the emerging cyberthreats associated with it. Lavi shares insights on how machine identities are becoming prime targets for threat actors and discusses the innovative research being conducted by CyberArk Labs to understand and mitigate these risks. The conversation also touches on the concept of responsible AI and the importance of building secure AI systems. Tune in to learn about the fascinating world of AI security and the cutting-edge techniques used to protect against AI-driven cyberattacks.

EP 62 - The Evolution of Identity

CyberArk — Wed, 25 Sep 2024 00:01:00 -0400

In this episode of the Trust Issues podcast, host David Puner sits down with Jeff Reich, Executive Director of the Identity Defined Security Alliance (IDSA), a nonprofit that provides vendor-neutral guidance on identity-centric security strategies to help organizations reduce the risk of identity-related attacks. They explore the evolution of digital identity, discussing how it has transformed from simple identifiers to complex, multifaceted digital identities for both humans and machines. In today's threat landscape, the number and types of identities, attack methods and environments have dramatically increased, making it more challenging to secure identities. Jeff discusses the challenges and efforts in creating sustainable, interoperable digital identity hubs for cross-border applications, the future of digital passports and the importance of encryption and multi-factor authentication (MFA) for securing sensitive data. The conversation also highlights the significance of thought leadership and maintaining a vendor-agnostic approach in identity security.

EP 61 - Put Your Name on It: Identity Verification and Fighting Fraud

CyberArk — Wed, 11 Sep 2024 00:01:00 -0400

Aaron Painter, CEO of Nametag, joins host David Puner for a conversation that covers several key themes, including the inadequacies of current identity verification methods, the rise of deep fakes and AI-generated fraud – and the importance of preventing identity fraud rather than merely detecting it. Aaron discusses the role of advanced technologies like cryptography, biometrics and AI in improving identity verification. He also highlights the critical issue of social engineering attacks at help desks and the need for trust in digital interactions.

Aaron stresses the importance of preventing identity fraud by using a combination of cryptography, biometrics and AI, rather than solely relying on detection methods. He also touches on the challenges of verifying human identities and the need for platforms to verify their users to create safe online communities.

Put your name on it and give it a listen!

EP 60 - Going Viral: Security Insights from TikTok's Former Global CSO

CyberArk — Tue, 27 Aug 2024 07:00:00 -0400

In this episode of the Trust Issues podcast, Roland Cloutier, who served as TikTok's Global Chief Security Officer (CSO) from April 2020 to September 2022, joins host David Puner for a discussion that covers his extensive experience in the field of security. He previously held similar roles at ADP and EMC and is now a partner at the Business Protection Group.

Roland discusses his challenges in protecting sensitive data at TikTok, the social media platform with over 1 billion active users. He also talks about the complexities of ensuring data security and compliance. Roland emphasizes the importance of identity in modern security, explaining how privilege controls across the IT estate are crucial for protecting workforce users, third-party vendors, endpoints and machine identities.

Roland also highlights the need for a deep understanding of the business and its culture to implement security measures effectively. He shares insights into the role of identity in determining access to data and the importance of continuous controls assurance and validation.

The episode provides a fascinating look into the security imperatives of a major social media platform and the measures taken to protect user data. Listeners will gain valuable insights into the strategies and principles Roland employed during his tenure at TikTok, as well as his broader views on security and privacy in the digital age.

EP 59 - The Persistent Pursuit of Digital Transformation

CyberArk — Tue, 13 Aug 2024 07:00:00 -0400

In this episode of the Trust Issues podcast, Debashis Singh and host David Puner explore the intricate world of digital transformation and identity security. Debashis, the Global CIO at Persistent Systems, shares his frontline insights on the singular challenges and strategies organizations face on their digital transformation journeys. The conversation highlights the importance of integrating identity security into digital initiatives, ensuring compliance – and protecting against the evolving cyber threat landscape.

Debashis also discusses the delicate balance between innovation and security, the impact of AI on cybersecurity and the significance of organizational cyber awareness. Additionally, he talks about the role of generative AI in the industry and the potential risks it poses, such as sophisticated deepfake attacks and ransomware threats.

This episode offers valuable perspectives on how businesses can navigate the complexities of digital transformation while maintaining robust security measures to safeguard their operations and identities.

EP 58 - Trust and Resilience in the Wake of CrowdStrike's Black Swan

CyberArk — Tue, 30 Jul 2024 10:20:56 -0400

In this episode of Trust Issues, we dig into the recent the global IT outage caused by a CrowdStrike software update, which impacted millions of Microsoft Windows endpoints and disrupted many sectors. This "black swan" event highlights, among other things, the importance of preparedness, adaptability and robust crisis management. CyberArk Global Chief Information Officer (CIO) Omer Grossman discusses with host David Puner the outage's ramifications, the shaking of trust in technology – and the criticality of resilience against cyberthreats. This conversation underscores the need to be ready for the unexpected and the value of adaptability and resilience in unforeseen circumstances.

EP 57 - Proactive Defense: Security's AI Infusion

CyberArk — Tue, 23 Jul 2024 07:00:00 -0400

In this episode of the Trust Issues podcast, we explore the transformative impact of artificial intelligence (AI) on identity security. Guest Peretz Regev, CyberArk’s Chief Product Officer, joins host David Puner, for a discussion about how AI is reshaping cyber protection, offering solutions that are as intelligent as they are intuitive. With the ability to predict threats and adapt with unprecedented agility, AI is ushering in a new era of proactive security. Regev shares insights into the company's strategic vision and the role of AI in enhancing customer security and productivity. He also discusses the launch of CyberArk's AI Center of Excellence and the introduction of CyberArk CORA AI, an umbrella of AI capabilities infused within CyberArk's products.

Join us as we examine the challenges and opportunities presented by AI in the cybersecurity landscape, the importance of fostering a culture of innovation and how CyberArk is leading the charge in securing identities in the AI era. This episode is a must-listen for anyone interested in the intersection of AI and identity security – and the future of cyber protection.

EP 56 - Time as Attack Surface

CyberArk — Wed, 10 Jul 2024 07:00:00 -0400

In the latest episode of the Trust Issues podcast, the focus is on the criticality of time in organizational security. The conversation with host David Puner and guest Katherine Mowen, SVP of Information Security at Rate (formerly Guaranteed Rate), highlights the importance of swift decision-making and prompt threat response. They discuss the role of just-in-time (JIT) access and AI in accelerating response times, as well as the ever-evolving threat landscape that requires constant vigilance. The episode emphasizes the strategies and technologies shaping the future of cybersecurity, particularly at the intersection of time management and identity protection.

Join us for a timely discussion that underscores the intersection of time management and identity protection.

EP 55 - AI Insights: Shaping the Future of IAM

CyberArk — Tue, 25 Jun 2024 07:00:00 -0400

In this episode of Trust Issues, Daniel Schwartzer, CyberArk's Chief Product Technologist and leader of the company’s Artificial Intelligence (AI) Center of Excellence, joins host David Puner for a conversation that explores AI's transformative impact on identity and access management (IAM). Schwartzer discusses how CyberArk's AI Center of Excellence is equipping the R&D team to innovate continuously and stay ahead of AI-enabled threats. Learn about the future of AI in IAM, the role of AI in shaping new business models and the importance of an experimentation culture in driving user experience (UX) improvements. Gain insights into the methodical, data-driven approaches to monetization strategies and the significance of learning from on-the-job experiences. This episode is a must-listen for anyone interested in the intersection of AI and IAM, and the opportunities it presents for leading the transition in the industry. Tune in to uncover what's coming down the AI pike and how it will influence the future of IAM.

For more from Daniel on this subject, check out his recent blog, "Predicting the Future of AI in Identity and Access Management."

EP 54 - Zen and the Art of CISO Leadership

CyberArk — Wed, 12 Jun 2024 07:00:00 -0400

In this episode of the Trust Issues podcast, we explore the nexus of mindfulness, identity security and leadership with Jitender Arora, Partner and Chief Information Security Officer (CISO) for Deloitte North and South Europe, and Deloitte's Global Deputy CISO. Arora discusses with host David Puner how a Zen-like mindset can be influential in helping to bolster organizational cyber defenses, sharing his wisdom on the critical role of emotional intelligence, empathy and the human touch within the cyber realm. This episode offers a glimpse into innovative strategies for navigating the intricate cybersecurity landscape, emphasizing the significance of maintaining a Zen-like composure for effective decision-making and risk management. Listeners will gain insights into the evolving role of CISOs and the transformative impact of integrating Zen principles into leadership and cybersecurity practices. Tune in for a fresh perspective on leading with tranquility amid an ever-expanding threat landscape and about the pivotal role of identity security in protecting both human and non-human identities.

EP 53 - Cyber Insurance: Managing Risk and Protection

CyberArk — Tue, 28 May 2024 07:00:00 -0400

In this episode of Trust Issues, we dive into the complex and rapidly evolving world of cyber insurance. We discuss the challenges and opportunities facing companies seeking to protect themselves from the ever-present threat of cyberattacks. Joining host David Puner, today’s guest is Ruby Rai, Cyber Practice Leader, Canada at Marsh McLennan, who shares her insights into the current state of the cyber insurance market, its future trajectory and the key requirements companies need to meet to obtain coverage. We also explore the impact of third-party access and non-human identities on cyber insurance requirements and how companies can adopt an identity security approach to meet these requirements. Join us as we dig into the complexities of the cyber insurance market and discuss the importance of collaboration between insurers and clients in ensuring that companies have the coverage they need.

EP 52 - Built to Last: CyberArk's 25-Year Innovation Evolution w/ Founder and Executive Chairman Udi Mokady

CyberArk — Fri, 10 May 2024 09:31:50 -0400

In this episode of the Trust Issues podcast, host David Puner interviews CyberArk Founder and Executive Chairman Udi Mokady on the occasion of the company’s 25th anniversary. They discuss that milestone and reflect on CyberArk’s growth to becoming the global leader in identity security and the ever-evolving threat landscape – and how the company has scaled to meet it. Udi shares his insights on the company's culture, values, philosophies and lessons he's learned. He also dives into the importance of innovation, the role of AI in cybersecurity and his future aspirations for the company.

And, because we say in the episode that we’ll share it here, Mark Knopfler’s new album is entitled ‘One Deep River’ … Udi describes it as great for driving and optimistic.

Enjoy the podcast!

EP 51 - Balancing Innovation and Security in FinTech

CyberArk — Wed, 01 May 2024 08:33:56 -0400

In this episode of Trust Issues, host David Puner interviews Eric Hussey, SVP, Chief Information Security Officer (CISO) at Finastra, a leading provider of financial software solutions and services. Hussey shares his insights on the evolving role of the CISO, the challenges of keeping up with new and evolving cybersecurity regulations, and the importance of balancing innovation with security in the fintech space. He also discusses how identity factors into the equation, mentioning the importance of identity security in the future of fintech and banking, and the need for frictionless enhancements in identity security. Hussey also talks about his career path, AI’s emerging and evolving role in cybersecurity, and the importance of good governance and risk management in prioritizing security concerns.

EP 50 - Adversarial AI's Advance

CyberArk — Wed, 17 Apr 2024 09:26:12 -0400

In the 50th episode of the Trust Issues podcast, host David Puner interviews Justin Hutchens, an innovation principal at Trace3 and co-host of the Cyber Cognition podcast (along with CyberArk’s resident Technical Evangelist, White Hat Hacker and Transhuman Len Noe). They discuss the emergence and potential misuse of generative AI, especially natural language processing, for social engineering and adversarial hacking. Hutchens shares his insights on how AI can learn, reason – and even infer human emotions – and how it can be used to manipulate people into disclosing information or performing actions that compromise their security. They also talk about the role of identity in threat monitoring and detection, and the challenges and opportunities AI presents organizations in defending against evolving threats and how we can harness its power for the greater good. Tune in to learn more about the fascinating and ever-changing landscape of adversarial AI and identity security.

EP 49 - Inside the Attack Surface: Lessons from the Red Team on Browser Threats

CyberArk — Wed, 03 Apr 2024 08:45:54 -0400

VP of CyberArk Red Team Services Shay Nahari joins host David Puner for an in-depth look at the evolving risks facing enterprise browsers. The conversation explores how attackers are shifting from stealing credentials to hijacking session tokens and cookies, and why browsers originally designed for consumers have become a prime target in today’s identity-driven threat landscape. Shay shares real-world examples of session-based attacks, insights from adversarial simulations, and practical strategies for reducing risk, including the importance of least privilege, ephemeral identities, and layered security. This episode offers actionable guidance for security leaders and practitioners looking to protect identities and sensitive data across today’s expanding digital environments.

EP 48 - What's Driving the Future of Automotive Security

CyberArk — Thu, 21 Mar 2024 11:19:25 -0400

In this episode of the Trust Issues podcast, Kaivan Karimi, Global Partner Strategy and OT Cybersecurity Lead – Automotive Mobility and Transportation at Microsoft, discusses with host David Puner the complexities of the automotive cybersecurity ecosystem, and they explore the challenges and considerations facing the industry. Karimi shares his insights on the role of identity security in automotive cybersecurity and how it helps ensure that only authenticated entities have the privilege to engage in the high-speed exchange of information. He also talks about the importance of data sovereignty, data privacy and compliance in the automotive industry. This episode provides a fascinating look into the present and future world of automotive cybersecurity and the measures being taken to protect against cyber threats.

Take the audio ride!

EP 47 - Digital Trust and the Identity Cornerstone

CyberArk — Tue, 05 Mar 2024 07:00:00 -0500

In this episode of Trust Issues, Jan Vanhaecht, the Global Digital Identity Leader at Deloitte Belgium, delves into the intricate realms of digital trust and risk management with host David Puner. The discussion covers topics ranging from the impact of regulations on cybersecurity practices to the pivotal role of identity in building a robust security culture. Unpacking the nuances of digital trust maturity, the episode explores how organizations can navigate the delicate balance between risk and reward. From the emergence of passwordless authentication to the practical applications of Zero Trust principles, the conversation provides valuable perspectives on safeguarding digital landscapes. Join us as we unravel the complexities of cybersecurity and discover how it intertwines with innovation, compliance and the pursuit of trust in the digital age.

EP 46 - Behind the Data Breach: Dissecting Cozy Bear's Microsoft Attack

CyberArk — Thu, 15 Feb 2024 10:16:30 -0500

Andy Thompson, CyberArk Labs Offensive Security Research Evangelist returns to Trust Issues for a deep dive into the recent APT29 breach of Microsoft. In conversation with host David Puner, Thompson explores the intricate details of the January 2024 attack, dissecting the tactics employed by the APT29 threat actor, also known as Cozy Bear, Cozy Car, The Dukes – or, as Microsoft refers to the group: Midnight Blizzard. From the initial password spray technique to the exploitation of OAuth applications, listeners are taken on a journey through the breach's timeline – and learn how, ultimately, it all boils down to identity. The discussion touches upon the nuances of threat actor nomenclature, the significance of various bear-themed aliases and the professional nature of state-sponsored cyber espionage groups. Throughout the episode, practical insights and cybersecurity best practices are shared, offering organizations valuable strategies to bolster their defenses against evolving cyber threats. For a comprehensive analysis of the APT29 Microsoft data breach and detailed recommendations for improving cybersecurity posture, check out the accompanying blog post written by Andy Thompson.

EP 45 - OT Security's Digital Makeover

CyberArk — Tue, 06 Feb 2024 18:33:57 -0500

In this episode of Trust Issues, the conversation revolves around the challenges and transformations in operational technology (OT) security. Guest Mike Holcomb, the Fellow of Cybersecurity and the ICS/OT Cybersecurity Lead at Fluor shares insights with host David Puner on securing legacy systems, the impact of generative AI – and the evolving threat landscape. From addressing security challenges in manufacturing plants to the skills gap in OT cybersecurity, the episode provides an overview of the current state and future prospects of securing critical infrastructure. Holcomb also emphasizes the importance of identity in OT security and offers practical advice for organizations looking to enhance their cybersecurity posture. Check out the episode to explore the dynamic intersection of IT and OT – and how it spotlights the urgent need for robust cybersecurity measures in an evolving digital landscape.

EP 44 - The Rise of Prompt Engineering: How AI Fuels Script Kiddies

CyberArk — Thu, 25 Jan 2024 07:00:00 -0500

In this episode of Trust Issues, CyberArk’s resident Technical Evangelist, White Hat Hacker and Transhuman Len Noe joins host David Puner for a discussion about the emerging threat of AI kiddies, a term that describes novice attackers using large language models (LLMs) and chatbots to launch cyberattacks without any coding skills. Noe explains how these AI kiddies use prompt engineering to circumvent the built-in protections of LLMs like ChatGPT and get them to generate malicious code, commands and information. He also shares his insights on how organizations can protect themselves from these AI-enabled attacks by applying the principles of Zero Trust, identity security and multi-layered defense. All this and a dollop of transhumanism … Don’t be a bot – check it out!

EP 43 - Breaking Things in the Name of Cyber Resilience

CyberArk — Fri, 12 Jan 2024 11:48:47 -0500

Guest Dr. Magda Chelly, Managing Director and CISO of Responsible Cyber, joins Trust Issues host David Puner for a conversation about third-party risk management and cyber resilience. Dr. Chelly underscores the imperative of prioritizing identity management, particularly as decentralized work environments are becoming the norm in today’s evolving digital landscape. She also explains how breaking things played a critical role in propelling her into a career in cybersecurity – and then in fostering and advancing it. The interview unfolds against the backdrop of Dr. Chelly’s extensive experience and recently authored book, "Building a Cyber Resilient Business," which serves as a handbook for executives and boards navigating the complexities of cybersecurity. If you’re seeking insights on how to gain stronger visibility and control over your organization’s digital identities, this episode is for you.

Join us to learn how build resiliency against today’s ever-growing array of cyber threats – and what’s to come in 2024 and beyond.

EP 42 - Year in Review 2023: Unleashing AI, Securing Identities

CyberArk — Wed, 27 Dec 2023 12:42:55 -0500

In this year-end Trust Issues podcast episode, host David Puner takes listeners on a retrospective jaunt through some of the show’s 2023 highlights. The episode features insightful snippets from various cybersecurity experts and thought leaders, each discussing crucial aspects of the ever-evolving cyber landscape. From discussions on the dynamic nature of threat actors and the need for agile security approaches to insights on identity security challenges in the cloud and the intricacies of safeguarding data, the episode encapsulates a wealth of knowledge shared by industry professionals. With diverse perspectives on generative AI, risk management, cloud security, DevSecOps – and even a personal bear wrestling story – Trust Issues’ 2023 cannon delivers an engaging compilation for both cybersecurity enthusiasts and industry practitioners.

As the podcast looks back on the year's diverse lineup of guests, it serves as a valuable resource for anyone seeking to stay informed about the latest cybersecurity trends, strategies and challenges. The episode emphasizes the importance of adapting to the rapidly changing threat landscape, adopting innovative security practices and fostering collaboration to address the multifaceted nature of cyber risks in the modern digital era.

Clips featured in this episode from the following guests:

Eran Shimony, Principal Security Researcher, CyberArk Labs

Andy Thompson, Offensive Security Research Evangelist, CyberArk Labs

Eric O’Neill, Former FBI Counterintelligence Operative & Current National Security Strategist

Shay Nahari, VP of Red Team Services, CyberArk

Diana Kelley, CISO, Protect AI

Len Noe, Technical Evangelist, White Hat Hacker & Biohacker, CyberArk

Theresa Payton, Former White House CIO, Founder & CEO of Fortalice Solutions

Larry Lidz, VP & CISO, Cisco CX Cloud

Matt Cohen, CEO, CyberArk

Charles Chu, GM of Cloud Security, CyberArk

Brad Jones, CISO & VP of Information Security, Seagate Technology

Dusty Anderson, Managing Director, Global Digital Identity, Protiviti

Philip Wylie, Offensive Security Professional, Evangelist & Ethical Hacker

EP 41 - Cyber Hygiene and the Identity Imperative

CyberArk — Thu, 14 Dec 2023 15:38:15 -0500

Our guest today is Rita Gurevich, the CEO and Founder of SPHERE, an identity hygiene platform. Gurevich joins host David Puner to explore the challenges and dynamics surrounding identity and cyber hygiene in today's cybersecurity landscape. The conversation begins by addressing the accelerated pace at which cyber controls and identity hygiene requirements are evolving, emphasizing the critical role they play in cybersecurity strategies. The discussion extends to the impact of cloud and hybrid environments, the nuances of cyber insurance trends – and the challenges presented by mergers and acquisitions in relation to identity hygiene. Gurevich highlights the growing importance of considering both cloud and on-prem systems with equal rigor, emphasizing the need for comprehensive cybersecurity measures to combat threats and risks.

EP 40 - The Identity of Things

CyberArk — Tue, 28 Nov 2023 06:58:00 -0500

Today’s Trust Issues guest is Brian Contos, Chief Strategy Officer at Sevco Security. With host David Puner, Contos discusses the intricacies of securing the Internet of Things (IoT) and the challenges posed by the expanding IoT landscape – emphasizing the need for robust identity management. In a broader context, IoT encompasses identity management, cybersecurity and the evolving role of AI in safeguarding digital assets. Contos delves into the pressing issues surrounding IoT, Extended IoT (xIoT) and OT devices' security vulnerabilities – and explores how these vulnerabilities pose threats to consumer privacy, sensitive data and public safety. The conversation also touches on the intersections of identity security with asset intelligence and the importance of understanding the complete asset landscape in cybersecurity. We’re calling this one “The Identity of Things” … Check it out!

EP 39 - Analyzing the MGM and Okta Breaches: the Identity Connection

CyberArk — Thu, 02 Nov 2023 10:00:00 -0400

In this Trust Issues episode, host David Puner welcomes back Andy Thompson, CyberArk Labs' Offensive Security Research Evangelist for a discussion focused on two recent high-profile breaches: one targeting MGM Resorts International and the other involving Okta's support unit. The conversation delves into the details of the attacks – who’s behind them, how identity plays a pivotal role in both – and the larger implications of this new breed of supply chain attack amid the evolving threat landscape. Thompson also shares insights into how organizations can better protect themselves and their customers.

Check out the CyberArk blog for further insights into the MGM and Okta breaches. And, watch Andy Thompson in the CyberArk Labs' webinar, "Anatomy of the MGM Hack."

EP 38 - Why Cloud Security Doesn't Taste Like Chicken

CyberArk — Thu, 19 Oct 2023 06:58:00 -0400

Today’s guest is Charles Chu, CyberArk's General Manager of Cloud Security, who’s spent more than a decade at the forefront of cloud security. Chu joins host David Puner for a conversation that delves into secure cloud access and the concept of zero standing privileges (ZSP), a dynamic approach to securing identities in multi-cloud environments. Chu sheds light on the complexities of cloud security, emphasizing the need for tailored solutions to protect against evolving cyber threats. Don't miss this insightful conversation that demystifies cloud security and redefines safeguarding digital assets – and answers the pivotal question: Why doesn’t cloud security taste like chicken?

EP 37 - Cloud Transformation and the Art of Simplicity

CyberArk — Thu, 05 Oct 2023 07:00:00 -0400

Arati Chavan, Staff Vice President, Global Head of Identity and Access Management (IAM) at Elevance Health joins host David Puner for a conversation that sheds light on how federated identity solutions are pivotal in achieving efficient and secure access control across diverse entities. Chavan also explores the challenges and opportunities in cloud transformation, the evolving role of AI in healthcare and the delicate balance between customer simplicity and robust security measures. Listen in for a deep dive into the heart of identity security and its impact on the healthcare industry.

EP 36 - The Evolution of an Ethical Hacker

CyberArk — Thu, 21 Sep 2023 07:00:00 -0400

Our guest today is Phillip Wylie, an offensive security professional and evangelist, author and podcast host who recently added director of services and training at Scythe to his extensive CV. Wylie talks with host David Puner about the critical need for ethical hacking in cybersecurity, identity security revelations from years of penetration testing, and his fascinating career arc, which began in professional wrestling.

Considering a cybersecurity career? You won’t want to miss this episode – Wylie’s passion for cybersecurity education and mentorship is contagious. Plus, you’ll discover many unexpected parallels between pro wrestling and red teaming – and how they can help strengthen your organization’s digital defenses.

EP 35 - Threat Innovations: Exploring Cascading Supply Chain Attacks

CyberArk — Thu, 07 Sep 2023 14:04:36 -0400

In this episode, we welcome back Shay Nahari, VP of CyberArk Red Team Services. His discussion with host David Puner revolves around attacker innovation, focusing on key areas like cascading supply chain attacks and session cookie hijacking. Lean in as Nahari explains how the Red Team simulates real-world attacks to help organizations identify vulnerabilities and improve their security posture.

EP 34 - How to Catch a Malicious Insider w/ Eric O'Neill

CyberArk — Wed, 23 Aug 2023 06:59:00 -0400

Today’s episode of Trust Issues focuses on spycatching! Eric O'Neill, a former FBI counterintelligence operative and current national security strategist, joins host David Puner to discuss his legendary undercover mission to capture Robert Hanssen, one of the most notorious and damaging spies in U.S. history. O'Neill details his “cover job” of working beside Hanssen in the FBI’s new information assurance (cybersecurity) division, while secretly uncovering his espionage activities. O'Neill’s made-for-the-big-screen experiences emphasize the challenges posed by malicious insiders – some of the most difficult and expensive cybersecurity threats of our time. His gripping account draws intriguing parallels between spies and cyber criminals, shedding light on identity security’s significant role in thwarting insider espionage and defenders’ continuous push to outpace attacker innovation.

EP 33 - The Evolution of Privileged Access Management (PAM)

CyberArk — Tue, 08 Aug 2023 07:00:00 -0400

Crystal Trawny, Optiv’s Practice Director, Privileged Account and Endpoint Privilege Management (PAM/EPM), joins host David Puner in exploring the ever-evolving identity landscape and how emerging threats impact organizations’ cybersecurity requirements. Through the eyes of an end user, Trawny shares best practices for overcoming change resistance, creating effective deployment timelines and avoiding scope creep. This episode maps the correlation between critical program elements – such as robust endpoint privilege management and dynamic access controls – and privileged access management (PAM) maturity. In the face of complexity and ransomware, insider threats and other sophisticated cyberattacks, organizations can use these insights to help assess their current strategy and chart a course for success.

EP 32 - Building Trust and Collaboration in Identity Security w/ CyberArk CEO Matt Cohen

CyberArk — Thu, 20 Jul 2023 07:00:00 -0400

In this episode of Trust Issues, host David Puner talks with CyberArk CEO Matt Cohen, who shares his distinct take on leadership – emphasizing the importance of leading without fanfare. Cohen talks about his transition into the CEO role, insights on identity security and the current threat landscape. He also touches on the significance of company culture, professional development – and his admiration for a particular Boston Red Sox manager’s leadership style. The discussion delves into CyberArk's mission to secure the world against cyber threats by securing identities, and empower organizations to move forward, fearlessly to unlock growth, innovation and progress.

Three key takeaways from this episode are:
1) The significance of authenticity and humility in leadership.
2) The criticality of identity security in today's evolving threat landscape.
3) The value of customer-centricity and trust-building in successful business relationships.

EP 31 - How Generative AI is Reshaping Cyber Threats

CyberArk — Thu, 06 Jul 2023 07:00:00 -0400

While generative AI offers powerful tools for cyber defenders, it's also enabled cyber attackers to innovate and up the ante when it comes to threats such as malware, vulnerability exploitation and deep fake phishing. All this and we’re still just in the early days of the technology. In this episode, CyberArk Labs’ Vice President of Cyber Research Lavi Lazarovitz, discusses with host David Puner the seismic shift generative AI is starting to bring to the threat landscape – diving deep into offensive AI attack scenarios and the implications for cyber defenders.

EP 30 - Securing Data Amid the AI Gold Rush

CyberArk — Wed, 21 Jun 2023 09:01:38 -0400

Diana Kelley, Chief Information Security Officer (CISO) at Protect AI joins host David Puner for a dive into the world of artificial intelligence (AI) and machine learning (ML), exploring the importance of privacy and security controls amid the AI Gold Rush. As the world seeks to capitalize on generative AI’s potential, risks are escalating. From protecting data from nefarious actors to addressing privacy implications and cyber threats, Kelley highlights the need for responsible AI development and usage. The conversation explores the principle of least privilege (PoLP) in AI, the privacy implications of using AI and ML platforms and the need for proper protection and controls in the development and deployment of AI and ML systems.

EP 29 - Synthetic Identity: Unmasking a New AI-Fueled Cyber Threat

CyberArk — Wed, 07 Jun 2023 09:01:25 -0400

Scattered across the internet are jigsaw puzzle pieces containing your personal information. If reassembled by an attacker, these puzzle pieces could easily compromise your identity. Our returning guest today is Len Noe, CyberArk’s resident transhuman (a.k.a. cyborg), whose official titles these days are Technical Evangelist, White Hat Hacker and Biohacker. Noe joins host David Puner to shed light on the concept of synthetic identity, which involves gathering publicly available, unprotected data and then using AI chatbots and platforms like ChatGPT along with predictive analytics to correlate the data and generate deep digital portraits of individuals. Then, thinking like an attacker, Noe dives into how this new digital clairvoyance has the potential to up threat actors’ games and what organizations and individuals should be doing to combat it. Noe also shares his POV on the implications for cybersecurity and his concerns about sharing personal and proprietary information with AI chatbots and platforms.

EP 28 - Safeguarding Data in the Cloud

CyberArk — Wed, 24 May 2023 06:59:00 -0400

In this episode of the Trust Issues podcast, host David Puner interviews Brad Jones, CISO and VP of Information Security at Seagate Technology. They delve into cloud security challenges, including protecting data in a constantly shifting technological landscape. Jones discusses the importance of establishing trust as a data company and implementing rigorous controls to safeguard sensitive information. Then, they take a deep dive into the evolving external threat landscape, the role of AI in security and Seagate's cloud migration journey. Tune in to learn how to bridge security gaps, set your organization up for cloud security success and stay ahead of threat actors in the digital age.

EP 27 - How Identity Factors into DevSecOps

CyberArk — Thu, 11 May 2023 09:52:42 -0400

In today’s Trust Issues episode, Dusty Anderson, a managing director of Global Digital Identity at the consulting firm Protiviti, digs into all things DevSecOps and cautions against a one-size-fits-all approach. In conversation with host David Puner, Anderson emphasizes the significance of strategic planning and well-defined goals – demonstrating how bite-sized steps can add up to major security wins and bottom-line benefits over time. And she sheds light on how the intricate web of identities – both human and non-human – shape the modern development pipeline to underscore the importance of visibility, governance and Zero Trust-based thinking. Tune in for insights to help fortify your cybersecurity practices and unlock the full potential of effective DevSecOps strategies.

EP 26 - Ransomware Revisited: Combating the Identity Explosion

CyberArk — Wed, 26 Apr 2023 06:58:00 -0400

Andy Thompson, Offensive Security Research Evangelist at CyberArk Labs, returns to Trust Issues for a dive with host David Puner into the latest developments in the world of ransomware. With ransomware events on the rise, Thompson sheds light on the alarming trend of data exfiltration and double extortion. But what's causing this surge? Thompson connects the dots between the rise of digital identities and the increasing frequency of ransomware attacks. As more organizations adopt cloud and DevOps technologies, the number of digital identities has skyrocketed, providing attackers with more accounts to exploit. However, Thompson emphasizes that staying vigilant about properly configured identities and analyzing their behavior can go a long way in mitigating the risk of ransomware attacks. Tune in to stay ahead of the curve in the ever-evolving landscape of cybersecurity threats.

EP 25 - Cisco CX Cloud CISO on the Language of Risk

CyberArk — Thu, 13 Apr 2023 06:58:00 -0400

We all accept a certain degree of risk in our lives. So, to varying degrees, we’re all operating – to use cybersecurity parlance – with an assume breach mindset. Meaning, we accept that attacks are inevitable and, as such, we focus time and effort on protecting the assets that matter most.

In short, we buckle up for safety.

And risk is something that today’s guest Larry Lidz, who’s Vice President and Chief Information Security Officer (CISO) for Cisco CX Cloud, thinks about a lot. On today’s episode, host David Puner talks with Lidz about cyber risk, the shifting tolerance levels for it and how it influences security decision-making.

EP 24 - Making the Leap to Post-Quantum Computing Encryption

CyberArk — Thu, 30 Mar 2023 06:59:00 -0400

Quantum computing is coming and it has the potential to be both exciting and terrifying... On today's episode of Trust Issues, host David Puner speaks with cryptographer Dr. Erez Waisbard, CyberArk’s Technology and Research Lead, about quantum computing innovation and its cybersecurity implications – from data encryption to surveillance and privacy.

Dr. Waisbard breaks down how encryption works, why it’s so important for safeguarding our data, and how quantum computers will break the methods used today. This may sound ominous, but designs for quantum-resistant encryption algorithms are already well underway. Check out the episode to learn more about them and how your organization can start preparing now.

And, if you like this episode, be sure to check out Erez Waisbard’s blog post, "Quantum Computing Is Coming… Here are 4 Ways to Get Ready," on the CyberArk Blog.

EP 23 - From Delivering Mail to Delivering Zero Trust: A CSO's Cyber Journey

CyberArk — Wed, 15 Mar 2023 08:03:20 -0400

Today's guest is Den Jones, who's Chief Security Officer (CSO) at Banyan Security, a startup Zero Trust network access solution (and a CyberArk technology partner). Jones spent almost 19 years at Adobe, followed by a stop at Cisco, before landing at Banyan in 2021. As his Twitter bio tells it, he's a “Large Scale Zero Trust Deliverer,” which is part of his multifaceted CSO charge.

In this episode, host David Puner talks with Jones about his singular cybersecurity career path – beginning with a formative stint as a Royal Mail postman in Scotland – and how he worked his way up the ladder to become a Zero Trust-delivering CSO. Jones explains how his role at Banyan encompasses all aspects of security, including product (putting the security around the security, as it were), enterprise and physical security. He also discusses the challenges he faces in his current role, including evangelizing the company's security strategy.

EP 22 - Deep Fakes, ChatGPT and Disinformation: Theresa Payton on Evolving Digital Threats (Part 2)

CyberArk — Wed, 01 Mar 2023 06:58:00 -0500

Today's episode is part two of our conversation with former White House CIO, bestselling author and founder and CEO of Fortalice Solutions, Theresa Payton. If you missed part one, you can start here and go back to that episode. Or, you can start there and come back to this one – but you're already here, so maybe just stick around?

In this episode, host David Puner and Payton continue their discussion, diving into the implications of AI and tools like ChatGPT for the cyber threat landscape – and the potential threats posed by deep fakes backed by synthetic identities. Also, could AI tech make it easier for bad actors to spread disinformation on a large scale?

EP 21 - Back to the Cyber Future: Theresa Payton on Evolving Digital Threats (Part 1)

CyberArk — Wed, 15 Feb 2023 06:58:00 -0500

Since the earliest digital days, cyberattackers have targeted identities in their quests for riches, chaos and even revenge. So, what if we could hop into a flux capacitor-equipped DeLorean, hammer-down to 88 mph, and go back in time to better understand how yesterday’s threats influence today’s landscape – and what history can teach us about outpacing adversaries? Today, we do that – and a whole lot more – with a fantastic guest: Theresa Payton.

Payton is the first woman to have served as White House Chief Information Officer, a best-selling author and the founder and CEO of Fortalice Solutions. In part one of our talk, host David Puner and Payton cover a lot of ground: Payton highlights some of the major cybersecurity trends and threats during her time in the George W. Bush White House – from SQL injection attacks to emerging ransomware. She also reflects on technology’s role in expanding – and complicating – the attack surface, and offers innovative insights for defenders, drawing from her experience as a veteran cybercrime fighter.

As you’ll hear, it’s a great talk – so good that we’re releasing it in two installments. Be sure to check out part two of our conversation with Theresa Payton, which will release on March 1. You can make sure not to miss it by following Trust Issues – available on all major podcast platforms.

Great Scott!

EP 20 - Hacking ChatGPT

CyberArk — Wed, 01 Feb 2023 06:58:00 -0500

Even if you've been living under a super-sized rock for the last few months, you've probably heard of ChatGPT. It's an AI-powered chatbot and it's impressive. It's performing better on exams than MBA students. It can debug code and write software. It can write social media posts and emails. Users around the globe are clearly finding it compelling. And the repercussions – good and bad – have the potential to be monumental.

That's where today's guest Eran Shimony, Principal Security Researcher for CyberArk Labs, comes into the picture. In fact, in an effort to stay ahead of the bad guys, Eran recently had ChatGPT create polymorphic malware. In conversation with host David Puner, he helps us understand if we are collectively prepared to deal with ChatGPT and the implications it may have for cyber threats.

How'd did he get ChatGPT to do this and what are the implications? Listen in to find out.

If you find this episode interesting, be sure to check out Eran's recent blog post on the CyberArk Threat Research blog: https://www.cyberark.com/chatgpt-blog

EP 19 - The Cybersecurity Gridiron

CyberArk — Wed, 18 Jan 2023 07:01:00 -0500

In this episode of the Trust Issues podcast, host David Puner interviews Nigel Miller, Director of Security Operations and Engineering at Maximus, a company that provides process management and tech solutions to help governments improve their health and human service programs. Nigel discusses his role in keeping the company's nearly 40,000 employees cyber-trained and secure. And, as you'll hear, Nigel highlights the similarities between football and cybersecurity and that understanding one's opponent and environment is crucial to success in both.

EP 18 - Why Protecting Critical Infrastructure is Critical in 2023

CyberArk — Thu, 05 Jan 2023 06:59:00 -0500

We're starting the new year with a conversation focused on securing critical infrastructure. The issue, of course, is that we're seeing increased threats and cyberattacks on critical infrastructure. Not to mention the war in Ukraine. This collective threat is a rallying point, bringing together cyber professionals from around the world, as well as their respective countries. On today’s episode, host David Puner talks with David Higgins, who’s a Senior Director in CyberArk‘s Field Technology Office, about how the critical infrastructure landscape has changed, its global implications and how cyber protectors have had to adapt.

EP 17 - Highmark Health CISO on the Power of Storytelling

CyberArk — Wed, 21 Dec 2022 06:58:00 -0500

Too often when we think of the human element in cybersecurity it's the insider threats. But more often it's the hardworking protectors inside the organization who, while passionate about their jobs, would rather work to live rather than live to work. Although that reality can easily flip due to the nature of the cyber world. That's where today's guest Omar Khawaja, who’s been the CISO at Highmark Health for nine years, comes into the picture. As you'll hear, Khawaja’s been on the cutting edge of cultivating talent and creating a cyber culture that empowers the human element of an organization with more than 37,000 employees. What you'll learn: How the power of language, relationships and story can be used to effectively communicate cybersecurity strategies and best practices with partners outside of the space. And how the benefits of this can lead to better culture, retention of talent and business growth.

EP 16 - Beware of Stolen Cookies for MFA Bypass

CyberArk — Tue, 06 Dec 2022 06:58:00 -0500

Today's episode is a bit of a year-end cybersecurity fortune cookie. Its focus is an attack trend that's surged in 2022: Cookie hijacking (aka stolen cookies). Session cookies, that is. And it’s an attack trend CyberArk Labs researchers predict will continue to flourish in 2023. To dig into the stolen cookies trend and what's coming next, host David Puner talks with VP of CyberArk Red Team Shay Nahari, and Research Evangelist of CyberArk Labs, Andy Thompson, both of whom have spent a considerable amount of time popping the hood on the trend. And it's something you should be thinking about too in preparing for 2023 cybersecurity challenges.

EP 15 - Navigating a Ransomware Crisis in Latin America

CyberArk — Tue, 08 Nov 2022 06:57:00 -0500

In the spring of 2022, Costa Rica was hit with a series of large-scale, long-lasting ransomware attacks, which wreaked havoc on the government and healthcare system – and paralyzed imports and exports. The ripple effects were far-reaching and the economy was crippled. President Rodrigo Chaves declared a national state of emergency. Trust was shaken. On today’s episode, Vinicio Chaves Alvarado, acting CISO at BAC Credomatic, the Costa Rica-based international bank, talks with host David Puner about being on the frontlines of stabilizing and building back trust. As he puts it, "We are not only cybersecurity professionals – we not only create cybersecurity controls or detect or react to threats. We create trust."

EP 14 - Humanizing Cybersecurity

CyberArk — Tue, 25 Oct 2022 06:58:00 -0400

Being a Chief Information Security Officer is a tough job. CISOs are on the front lines, protecting against the unknown day after day, week after week. It's no wonder mental health issues such as depression and anxiety are surging in our industry. There are a lot of things that need to change, but on a positive note, this once-taboo subject is starting to get the attention it so desperately deserves. This is in part thanks to security leaders like Kirsten Davies, CISO at Unilever, stepping forward. On today’s episode, host David Puner talks with Davies about some of her passions, including the humanization of the teams in our cybersecurity community. She's equally passionate about being an innovative cyber protector and finding solutions to the multitude of challenges high-level CISOs face on a daily basis. The timing of the episode is apropos because October is both Cybersecurity Awareness Month and Depression and Mental Health Awareness and Screening Month. Time to elevate this critical conversation, advocate against stigma, and bring awareness to the various resources available to those who need them.

EP 13 - Cyber Fundamentals: Where Things Fall Apart

CyberArk — Tue, 11 Oct 2022 06:59:00 -0400

Even when looking at layered enterprise solutions designed to thwart attacks and contain them, we must always go back to cybersecurity basics at the individual level. And that’s what, on today's episode, guest Bryan Murphy, CyberArk’s Senior Director of Architecture Services and Incident Response stops by to talk with host David Puner about. Murphy also dives into the importance of cyber hygiene as an essential preventive measure for protecting identities, as part of a defense-in-depth strategy. It’s a perfect fit for October, which happens to be Cybersecurity Awareness Month (CSAM). Raise your awareness and give it a listen!

EP 12 - K-12 Schools in Ransomware Crosshairs w/ Matt Kenslea, Director of State, Local and Education at CyberArk

CyberArk — Tue, 27 Sep 2022 06:59:00 -0400

U.S. government agencies are warning that ransomware actors are "disproportionately targeting the education sector," especially K-12. That’s because sensitive student data, overworked staff and competing priorities make investing in cybersecurity talent and tools a major challenge. On today's episode, host David Puner checks in with Matt Kenslea, CyberArk's Director of State, Local and Education (SLED), for a discussion about these targeted cyberattacks, the challenges they pose – and what schools can do.

EP 11 - Step Away From the QR Code and Listen to This w/ Len Noe, Technical Evangelist & White Hat Hacker at CyberArk

CyberArk — Tue, 13 Sep 2022 06:59:00 -0400

Len Noe – our favorite cyborg and CyberArk resident technical evangelist and white hat hacker – is back! On today’s episode, he’s talking with host David Puner about risky QR codes. On first blush it may seem like a simple subject, but attackers are having a field day with them and there seems to be a general lack of awareness about it. Help stop the havoc-wreaking and find out what you can do to protect yourself.

EP 10 - Skating to Where the Cyber Puck’s Going, Not Where it’s Been w/ Clarence Hinton, CyberArk Chief Strategy Officer, Head of Corporate Development

CyberArk — Tue, 30 Aug 2022 06:58:00 -0400

Sports, at their highest levels, are shaped by lifetimes dedicated to practicing, strategizing and anticipating. The same goes for cybersecurity. Although, in our world, it's not a game and there are no set parameters. On today’s episode, host David Puner speaks with Clarence Hinton, CyberArk Chief Strategy Officer, Head of Corporate Development about looking into the future and preparing for the unknown. Like hockey, it’s about skating to where the puck’s going – not where it’s been.

EP 9 - Living and Breathing Telecom Trust w/ Thomas Tschersich, CSO of Deutsche Telekom and CTO of Telekom Security

CyberArk — Tue, 16 Aug 2022 06:51:00 -0400

If you're in the business of collecting consumer data these days, you better be in the business of protecting that data. Or you could find yourself with no business. On today's episode, host David Puner talks with Thomas Tschersich, Chief Security Officer of Deutsche Telekom (parent company of T-Mobile) and Chief Technical Officer of Telekom Security, about the new rules of data privacy and protection and how telecommunication providers must live and breathe trust as they operate critical infrastructure.

Ep 8 - Seeing the Big Picture with Identity Security w/ Udi Mokady, Founder, Chairman and CEO of CyberArk

CyberArk — Tue, 02 Aug 2022 07:05:00 -0400

For every me or you, there are now 45 machine identities. That's 45 machine identities for every single human identity, according to the CyberArk 2022 Identity Security Threat Landscape Report. And 68% of those machine identities have some level of sensitive access. Attackers know this, and are doing their best to take advantage of those odds. Host David Puner sits down with Udi Mokady, Founder, Chairman and CEO of CyberArk, shortly after the wrap of the company’s Impact 2022 conference, for a talk about Identity Security – where CyberArk has been, where it's going – and a little about guitar playing too.

Ep 7 - Cyber Attack Cycle Deconstruction w/ Lavi Lazarovitz, Head of Security Research at CyberArk Labs

CyberArk — Tue, 19 Jul 2022 07:00:00 -0400

How do we stand a chance against emerging cyber threats? It's because, in large part, there are researchers at the cutting edge – dedicated to the pursuit and understanding of novel threats and vulnerabilities – by thinking just like attackers. That's the world in which Lavi Lazarovitz, CyberArk Labs’ Head of Security Research, lives and thrives. Lazarovitz leads an elite group of white hat hackers, intelligence experts and cybersecurity practitioners. Host David Puner talks with Lazarovitz about deconstructing the attack cycle and various ways to better understand how threat actors operate – in the ongoing effort to stay ahead of them.

EP 6 - Protecting Critical Infrastructure w/ Carla Donev, VP & CISO at NiSource

CyberArk — Tue, 05 Jul 2022 07:00:00 -0400

Securing critical infrastructure that powers our way of life can be a sleepless job. But sometimes that's the cost of being a protector... Today's guest, Carla Donev, is no stranger to working round-the-clock. As Vice President and Chief Information Security Officer at NiSource, she leads security operations for one of the largest utilities in the country, which delivers gas and electricity to millions of citizens across six states. Host David Puner talks with Donev about the evolving threat landscape and how building safer, more resilient operations is key to preserving trust.

EP 5 - Preparing for the Cyber Unknown w/ Shay Nahari, CyberArk VP of Red Team Services

CyberArk — Tue, 21 Jun 2022 06:48:00 -0400

You may have heard the famous Mike Tyson quote, “Everybody has a plan until they get punched in the face.” Applied to the context of cybersecurity, the message is – when things get real, what will you do? How will you react? You can attempt to prepare for seemingly every scenario under the sun, but you still can’t know when or how or where you'll actually get punched.

So how do you prepare for the unknown – for that metaphorical Iron Mike punch to the face? And what do you do when it happens? That's what host David Puner gets into with today's guest Shay Nahari, CyberArk’s VP of Red Team Services.

EP 4 - How Diversity Can Help Combat Cyber Attacker Innovation w/ Royal Bank of Canada’s Melissa Carvalho

CyberArk — Tue, 07 Jun 2022 06:47:00 -0400

Fighting attacker innovation requires a level of innovation that can only be achieved through a collaborative approach. One that brings diverse backgrounds, perspectives and solutions together to strengthen cyber resilience from every angle. Melissa Carvalho, Vice President of Identity and Access Management at Royal Bank of Canada, speaks with host David Puner on the importance of diversity and inclusion in cybersecurity and how it has factored into the evolution of her role.

EP 3 - Why Technology is Key to Restoring Trust in Healthcare w/ Takeda Pharmaceuticals' Mike Towers

CyberArk — Tue, 24 May 2022 06:49:00 -0400

While COVID-19 strained the healthcare system in every possible way, it also sparked a revolution. By emphasizing trust’s central role in every interaction – between patients and clinicians and across interconnected IT ecosystems – the pandemic brought clarity and opportunity to rebuild. Mike Towers, Chief Digital Trust Officer at Takeda Pharmaceuticals, speaks with host David Puner on technology’s growing role in building transparent, equitable healthcare systems and driving better outcomes for all.

EP 2 - Transhumanism: Charting the Cybersecurity Frontier w/ Len Noe

CyberArk — Tue, 10 May 2022 03:01:00 -0400

In our cyber world identities are typically split into two distinct categories: human and machine. But there's one notable intersection: cyborg. On today's episode, host David Puner talks with Len Noe, technical evangelist, white hat hacker – and CyberArk's resident transhuman.

EP 1 - Talking Ransomware w/ Andy Thompson

CyberArk — Tue, 26 Apr 2022 00:01:00 -0400

Today, thanks to cheap plug-and-play ransomware kits, anyone with a credit card can get into the cyber extortion action. No special training or skills required. So, what can we do? In the premiere episode of the Trust Issues™ podcast, David Puner talks about this and more with Andy Thompson, advisor & evangelist at CyberArk Labs.

Trust Issues Trailer

CyberArk — Wed, 13 Apr 2022 16:52:57 -0400

Trailer for CyberArk's Trust Issues™ podcast. Debuting spring 2022.