Mark Eggleston, CISO/CPO of Health Partners Plans, speaks with leaders about cyber resiliency, the return to the workplace, combatting nation-state cyber threats, pandemic lessons to fuel digital innovation, and mental health in InfoSec. With panelists Anahi Santiago, CISO, ChristianaCare; Joshua Cloud, Director of Information Security, NFI; Nick Falcone, CISO, University of Pennsylvania; Todd Bearman, CISO, TE Connectivity. Trend Micro, Preventing Ransomware While Working from Home:...

Social engineering professor, entrepreneur, and author Christopher Hadnagy shares social engineering case studies and explains how these attacks are evolving and how you can protect yourself and your end-users. Hadnagy draws from decades of human behavioral research and his time as "Chief Human Hacker" at Social-Engineer, LLC. Plus, Trend Micro on the evolution of social engineering attacks: https://www.trendmicro.com/vinfo/us/security/definition/social-engineering/ 

Discover lessons learned from a CISO who led the way on her company's business continuity plan (BCP) and pandemic plan. Milinda Rambel Stone is VP and CISO at Provation Medical. She shares a first-hand account of the planning, implementation, and takeaways from her organization's BCP. Security teams face more changes ahead as we emerge from the pandemic. Trend Micro paper, "Security 101: Virtual...

We are discussing a hotly debated topic in cybersecurity: best in breed point solutions versus an all in one type of security platform. Which is the best approach for your organization? And how is this part of the security landscape changing? Our guest is Greg Young, VP of Cybersecurity and Corporate Development at Trend Micro. RESOURCES: •  Connect with Greg Young: https://www.linkedin.com/in/🅶🆁🅴🅶 🆈🅾🆄🅽🅶-9125683 •  Trend Micro XDR Platform: http://bit.ly/TM_XDR

We are talking about how to align information security with the business. And our guest, ISSA International President Candy Alexander, says we may be thinking about this strategy in the wrong way. She is not afraid to be controversial, and in this episode she shares what security and business alignment should look like. Candy is also CISO at NeuEon. [Resource Link] Download Trend Micro's Cloud App Security Threat Report 2020: http://bit.ly/TM_Cloud_AppSec

We start with a dramatization of a ransomware attack, which leads us to the ransomware lifecycle in real life. What is a ransomware attack incident response really like? How should you respond in the first hours? What does a 72-hour ransomware response look like? What should you do in the weeks and months following? Hear real examples and learn best practices from cyber attorney Shawn Tuma. And don't miss Trend Micro's 2020 State of Ransomware report, available for free download:...

When an Iowa Sheriff arrested Coalfire pentesters Gary DeMercurio and Justin Wynn on the job, it sent shockwaves through the cybersecurity field. They faced felony charges, jail time, and the possibility of a criminal record for doing what they were hired to do. And InfoSec pros faced a possible chilling effect around a common strategy for testing defenses. Now, Gary and Justin tell their story in a candid interview. RESOURCE: Trend Micro, "15 Years of the Zero Day Initiative":...

We are asking questions about the SolarWinds data breach fallout. How did the breach impact everything related to legal and compliance? And how does it change the way you should look at Vendor Risk Management? We get answers from Glenn Kapetansky, CSO & Technology Capability Lead, at Trexin Group; and Rebecca Rakoski, Co-Founder & Managing Partner, at XPAN Law Partners, a cybersecurity law firm. Also, don't miss Trend Micro's Incident Response Playbook, available for free download:...

"We were not prepared for a SolarWinds type of supply chain attack," says Cedric Leighton, CNN Analyst and U.S. Air Force Colonel (Ret.). In this episode, Leighton examines how wide the impact of the SolarWinds cyberattack might be, possible collateral damage from the attack, and the most likely nation-state behind it all. Plus, Leighton explains the top nation-state cyber threats during 2021. RESOURCE: Trend Micro report, "Turning the Tide: Security Predictions for 2021":...

Long-term predictions are risky, but Rik Ferguson likes to predict things a decade into the future. Rik is VP of Security Research at Trend Micro. Building off his Project 2020, Rik is now working on Project 2030. We get a glimpse of the future of AI, malware, wearables, ransomware, and more. Also, we discuss implications of the 2020 SolarWinds data breach. If predictions are your thing, do not miss this episode! Trend Micro report fact check, Project 2020 in Review (PDF):...

What does the 2021 cyber law and privacy law landscape look like? Our first guest is attorney Jordan Fischer of Beckage Law. And how can you ensure total data discovery and then manage that big data with security and compliance in mind? Our second guest is Arun Gandhi, Senior Director of Product Marketing at 1touch.io, which specializes in this area. Also, we have new research from Trend Micro about 2021 cyber threat trends. See the report here: https://bit.ly/TM_Tide

What does a resilient and secure organization look like? What are key strategies and technologies these organizations should have? How does a resilient organization empower its employees? In this episode, we glean insights from Adam Leisring, Chief Information Security Officer at Paycor. And we have new research from Trend Micro. The report is called "Inside the Bulletproof Hosting Business: Cybercriminal Methods and OpSec," and it's a fascinating read. See it here:...

We hear from CISO Yaron Levi about modern cybersecurity leadership. He shares about what security professionals need to do now to lead. Why is InfoSec mainly reactive instead of proactive? Why do most organizations view security as a technology problem instead of a business risk problem? Why do so many organizations lack a clear security strategy? And why do security leaders fall back on "silver bullet" solutions? Trend Micro report on SLUB Malware Watering Hole: https://bit.ly/TM_SLUB

Interview with Mark Nunnikhoven, VP of Cloud Research at Trend Micro, on securing the cloud into the future. How do we make cloud security usable and stable? What is the state of DevSecOps? What can we do about misconfigurations in the cloud? What are cloud security opportunities and challenges? Are cloud platform security tools enough to secure your data? •  Trend Micro Cloud Migration Best Practices: https://bit.ly/TM_CloudMigration •  Trend Micro Cloud One Conformity:...

We talk to cybersecurity leaders in the oil and natural gas industry, as experts from the ONG-ISAC answer: What does the cyber threat landscape look like for the petroleum industry, and what are the potential impacts? What are barriers to sharing threat intelligence and benefits of doing so? How do you see cyber threats evolving in 2021 and beyond for the energy sector? Also, details on Trend Micro's whitepaper on security vulnerabilities for the water and energy sectors. http://bit.ly/TM_WE

We talk to James Goepel about the Cybersecurity Maturity Model Certification (CMMC). He discusses this important new certification for supply chain security within the U.S. Department of Defense (DoD) system. Why was the CMMC created, who needs it, how will it work, and will it spread beyond the DoD? James is a former member of the CMMC Accreditation Body Board of Directors, and is now CEO of Fathom Cyber. Also, Trend Micro shares details of its Midyear Security Roundup:...

Interview with Julia Voo, one of the authors of the newly published National Cyber Power Index 2020. Which country is the most powerful in cyberspace? The NCPI takes a "whole of country" approach to measuring cyber power, ranking 30 countries in the context of seven national objectives. Voo is a Cyber Fellow at the Belfer Center at the Harvard Kennedy School. The National Cyber Power Index 2020 report: http://bit.ly/NCPI2020 Trend Micro Cyber Risk Index: http://bit.ly/TM_CRI

In this episode, we hear from Don McKeown, Information Security Manager at Wolters Kluwer Health. He talks about the various levels of culture within an organization, and the culture of security. Plus, approaches to security: blocking and tackling programs, compliance-based information security programs, and risk-based InfoSec programs. RESOURCE LINKS: •  Don McKeown on LinkedIn: https://www.linkedin.com/in/donspage/ •  Trend Micro ransomware best practices: http://bit.ly/TM_RFH

In this episode, we hear from attorney Daniel Pepper, Partner on BakerHostetler's Privacy and Data Protection team. He frequently handles security incidents, interacting with federal and state agencies and forensic service providers, and has overseen investigations including many cases of ransomware. How are attackers launching their ransomware attacks? Should you pay the ransom or not? Is it legal to pay a hacker's ransom demand? He answers these questions and more.

We're partnering with Cybercrime Support Network (CSN) to raise awareness as part of its Youth and Cybercrime Week. We interview Cam, who was arrested for cyberattacks at age 14 and now works as a cybersecurity professional. How did he get into cybercrime and then into a role defending against it? And Kristin Judge of CSN shares how we can help direct kids to use their hacking and cyber skills for good. She also discusses how kids, teens, and even college students are becoming victims of...

We share part of a SecureWorld presentation by Sandy Silk, Director of Information Security Education and Consulting at Harvard University. In her presentation, titled "Hey, InfoSec: Be Part of the Digital Transformation or Be Left Behind!," Silk discusses how security teams need to evolve to deliver the same digital transformation (Dx) value and benefits as other technology and data initiatives in their organizations. Plus, details on Trend Micro's Close the Gap initiative:...

CISO Milinda Rambel Stone and Human Resources VP Susan Hanson of Provation Medical developed a pandemic plan just as COVID-19 hit the U.S. They discuss: How does a pandemic plan fit with a Business Continuity Plan (BCP)? How did the business, including information security, communicate during this time? How was the plan communicated to executive leadership? How has the BCP helped cybersecurity and other parts of the business work together? What if your BCP needs some work or you don't have...

Interview with Joshua Cloud, Director of Information Security at NFI, who answers three important questions: 1. What is Artificial Intelligence (AI)? 2. What is Machine Learning (ML)? 3. How can we use AI and ML in cybersecurity and cyber defense? Cloud uses unique, real-world parallels to help us understand AI and ML. Also, new research, just published by Trend Micro, our premiere podcast partner, on unveiling critical security flaws in programmable industrial machines. https://bit.ly/TM_IP

Cybersecurity and technology influencer Chuck Brooks discusses emerging technologies that can help you defend your organization in cyberspace. Brooks covers everything from the future of quantum computing and the encryption debate to China in tech, election cybersecurity, 5G concerns, and low-hanging cybersecurity fruit companies should address now. Also, new research on device and supply chain security in healthcare from our podcast sponsor, Trend Micro: https://bit.ly/TM_hospitals

In this episode, we hear from Joe Zurba, Chief Information Security Officer at Harvard Medical School. He details the challenging Identity and Access Management landscape the school faces and how it navigates IAM. Zurba was a keynote speaker at the 2020 SecureWorld Boston virtual conference. Also, updates on ThiefQuest, the quickly-evolving macOS malware. We’re sharing new research from Trend Micro, our premiere podcast partner, available here: https://bit.ly/TM_Thief.