We engage in a dynamic discussion our guests who will share their experiences in cyber and thoughts on the cyber risks for small businesses where there is a crucial gap in the cybersecurity market. Focusing on the unmet needs of small businesses, guests will discuss the importance of providing support and solutions tailored to this underserved sector accompanied by use cases and real-world examples. Speakers: Tiffiny Bryant, Information Security Analyst, Shipt Inc. Nick Gipson, CEO, Gipson...

Diversity, Equity, and Inclusion (DEI) has long been talked about in an effort to diversify the workforce, but what are organizations really doing to change organizational culture. Understanding different perspectives on inclusion is key to informing how to create effective change to help attract and retain talent. Join this podcast to learn about the findings of inclusion research that Women in CyberSecurity (WiCys) have conducted. Speakers: Lynn Dohm, Executive Director, Women in...

Tune in as RSAC 2024 DevSecOps Program Committee Members discuss the trends pulled out from the DevSecOps track. Join this podcast to hear the latest trends, their significance, and what track submissions are telling us about today’s cybersecurity landscape and much more. Speakers: Akira Brand, Application Security Engineer, Akira Brand Consulting Jennifer Czaplewski, Senior Director, Target Chris Romeo, Chief Executive Officer, Devici Tatyana Sanchez, Content & Program Coordinator, RSA...

How can we ensure we drive product security from the get go? How can we provide security assurance throughout the protect detect and response lifecycle of our services and solutions? How can AI empower our defenders? Leaders from Microsoft and Google will share insights on how AI can improve security efficiencies for the entire product lifecycle. We review real world examples from cloud security solution providers that can benefit the broad security community and defenders. Speakers: Heather...

This podcast shares research that reveals how many of the most common cloud security risks—despite being tied to basic security guidelines such as the Principle of Least Privilege—are widely overlooked in organizations of all sizes, even in those with a high maturity level in terms of cloud security. We'll explain why that is and investigate approaches to reduce your risk. Speakers: Neil Carpenter, Principal Technical Evangelist, Orca Security Bar Kaduri, Research Team Leader, Orca...

Many organizations have fallen victim to data breaches and exposure. It is crucial to strengthen security as the rise of cyberattacks increases. What are some strong measurements to reduce the risk of data exposure? Join the RSAC 2024 Governance, Risk, and Compliance Program committee as they discuss what decision-makers need to think about from a compliance perspective. Speakers: Elliott Franklin, Chief Information Security Officer, Fortitude-RE James Lugabihl, VP Security - Governance Risk...

Protecting data is a critical key when developing products, systems, or services. What are some privacy measures to consider? Join us for a discussion on the overview of Privacy By Design and how to implement it into practice. Speakers: Kim Wuyts, Manager Cyber & Privacy, PwC Belgium Tatyana Sanchez, Content and Programming Coordinator, RSAC

With differing privacy approaches that expand many geographies, more organizations are focused on building a strong privacy program. Is it time for Privacy by Design? And where exactly is the intersection between privacy and security? Join the RSAC 2024 Privacy & Data Protection Program Committee for insights into why privacy was a strong trend in the RSAC 2024 submissions. Speakers: John Elliott, Principal Consultant, Withoutfire & Pluralsight Author Laura Koetlze, VP, Group...

What does the cybersecurity workforce of the future looks like, and more importantly, how do we get there? Join us for a discussion on embracing the resilience and brilliance of black women is cyber, all part of the Black Women in Cyber Collective, who are working to protect our privacy and secure our world while also fostering opportunities to expand open pathways into cyber careers. Speakers: Shinesa Cambric, Principal Product Manager, Microsoft Mari Galloway, CEO & Founding Board...

Recent studies have found that SMS users increasingly do not trust the confidentiality and integrity of SMS, with users also reporting that they can not trust the true identity of the sender. Cybercriminals are able to exploit the weaknesses of this authentication tool, yet it continues to be a technology widely used and relied upon for perceived security in mobile messaging. Join this podcast to learn more about the weaknesses in SMS texting and why it might be time to move on to more robust...

Zero Trust Security is often associated with network access and identity access management. However, while those solutions are important and necessary, the evolution in infrastructure and the onset of new attack surfaces require us to expand our perspective and include the API layer in security strategies. Join this podcast to hear industry influencers speak to the origins and evolution of the Zero Trust Framework, why Zero Trust must include the API layer for holistic and resilient security,...

For years, the cybersecurity industry has supported the narrative that there is a major skills gap, but some have been questioning whether the issues is an actual dearth of qualified candidates who possess the skills needed to fill open roles or an abundance of candidates with some transferable skills who aren't being given an opportunity to gain experience. Join this podcast in which we'll engage in the great debate of whether there actually is a cybersecurity skills gap.

Cyber leaders are unique in their necessity to share.  Building community, leveraging best practices with organizations in the same industry is paramount to successfully protecting from threats. This podcast will delve into the world of the cybersecurity community and share some strategies, technologies, and best practices that CISOs can use to enhance the overall security posture of the organization. We'll focus on the importance of collaboration, communication, and relationship-building in...

In the race to develop the most powerful generative AI tools, businesses must take steps to avoid the inherent risks of this emerging tech. AI involves sharing massive quantities of data, so even a single misconfiguration can have serious repercussions. What are the new risks and broader business implications of AI that arise as organizations venture to harness its power? This podcast will examine that question and discuss the recent leak of 38 terabytes of data by AI engineers, as well as...

Threat modeling is a process that is essential for organizations to use to combat threats, and for mitigating risks. Threat intelligence is a component that can be applied as a method for use with threat modeling to ensure that all risks and vulnerabilities are being properly assessed and techniques are used to protect assets. In this podcast, we'll discuss threat modeling and implementing threat intelligence to identify threat behavior and eliminate risks. Speakers: Tanisha L. Turner,...

Cyberattacks have been growing in frequency and severity over the past decade and have increased exponentially with the adoption of cloud-native technology. The pressure is on for organizations to prioritize building and implementing a security testing strategy to avoid becoming the latest cyberattack headline. Speakers: Caroline Wong, Chief Strategy Officer, Cobalt Kacy Zurkus, Senior Content Manager, RSAC

Threat modeling at an enterprise scale can be costly to implement, scale and maintain, but there are ways in which you can curtail spend in two key areas – threat modeling toolsets cost and resourcing cost. This podcast will discus key spend considerations including purchase model for OOTB software and services as well as resource allocation and required updates. Speakers: Karen Harris, Architect, Threat Modeling Program Lead, JP Morgan Chase Kacy Zurkus, Senior Content Manager, RSA Conference

What is threat modeling and where does it fit in to the overall development process? In this podcast, we'll discuss what threat modeling is, when threat modeling activities are essential, and the skills needed to become a threat modeling expert. Speakers: Ashwini Siddhi, Senior Principal Product Security Advisor, Dell Technologies Kacy Zurkus, Senior Content Manager, RSAC

The Department of Defense (DoD) is implementing a 3rd Party Supply Chain Risk Management program that will require companies that receive their sensitive information to implement NIST SP 800-171 and then undergo a 3rd Party Cybersecurity Maturity Model Certification (CMMC) event. This podcast will discuss the ripple effects of the requirements and the extent of the impacts. Speakers: Matthew Titcombe, CEO, Peak InfoSec Kacy Zurkus, Senior Content Manager, RSAC

Password Managers are required by for employees at most companies, but are they designed to encourage good password hygiene? We conducted a comprehensive study with users who trusts the most popular passwords managers offered in the industry. We discovered that many users are still ignoring password reset notification from their Password Managers and aim to explain why that is the case. Speakers: David Ng, Director of Product Management, Salesforce Jacky Ho, Director of Technology Regulatory...

Well-known frameworks and lots of advice exist to help people protect data, privacy, and devices, but minimize the implication of human factors. This podcast will discuss the PCSF and highlight the ways in which it will help organizations move one step closer to having people recognized as the new enterprise edge. The PCSF complements, and does not replace, an organization’s risk management process and cybersecurity program. Speakers: Lucia Milică Stacy, VP, Global Resident Chief Information...

The cybersecurity community has had lots of conversations about workforce development, but it's time to take action. Learn about the efforts to bring cybersecurity education to the K-12 sector as part of the effort to narrow the skills gap and build the next generation of cyber defenders. Speakers: Laurie Salvail, Executive Director, CYBER.ORG Kacy Zurkus, Senior Content Manager, RSA Conference

In order to mitigate the risks in telehealth devices, healthcare delivery organizations need to identify threats. Join this podcast to hear practical steps to implement a more robust security strategy rooted in standards and best practices that include how to use NIST Frameworks and the work being done by the NCCoE Healthcare team. Speakers: Anahi Santiago, CISO, ChristianaCare Kacy Zurkus, Senior Content Manager, RSAC This podcast is sponsored by Quantinuum. Quantinuum uses the power of...

The White House published the US National Cybersecurity Strategy that outlines a five-pillared approach to dismantling threat actors, enabling partnerships, and investing in resilience. But what does all that mean for cyber defenders? This podcast will examine the strategy in depth to help listeners both realize the vision and understand roles, responsibilities, and resources in cyber. Speakers: Brandon Pugh, Director, Cybersecurity and Emerging Threats, R Street Institute Megan Stifel,...