In this episode of the Trust Issues podcast, host David Puner interviews Brad Jones, CISO and VP of Information Security at Seagate Technology. They delve into cloud security challenges, including protecting data in a constantly shifting technological landscape. Jones discusses the importance of establishing trust as a data company and implementing rigorous controls to safeguard sensitive information. Then, they take a deep dive into the evolving external threat landscape, the role of AI in...

In today’s Trust Issues episode, Dusty Anderson, a managing director of Global Digital Identity at the consulting firm Protiviti, digs into all things DevSecOps and cautions against a one-size-fits-all approach. In conversation with host David Puner, Anderson emphasizes the significance of strategic planning and well-defined goals – demonstrating how bite-sized steps can add up to major security wins and bottom-line benefits over time. And she sheds light on how the intricate web of...

Andy Thompson, Offensive Security Research Evangelist at CyberArk Labs, returns to Trust Issues for a dive with host David Puner into the latest developments in the world of ransomware. With ransomware events on the rise, Thompson sheds light on the alarming trend of data exfiltration and double extortion. But what's causing this surge? Thompson connects the dots between the rise of digital identities and the increasing frequency of ransomware attacks. As more organizations adopt cloud and...

We all accept a certain degree of risk in our lives. So, to varying degrees, we’re all operating – to use cybersecurity parlance – with an assume breach mindset. Meaning, we accept that attacks are inevitable and, as such, we focus time and effort on protecting the assets that matter most.    In short, we buckle up for safety.    And risk is something that today’s guest Larry Lidz, who’s Vice President and Chief Information Security Officer (CISO) for Cisco CX Cloud, thinks about a lot. On...

Quantum computing is coming and it has the potential to be both exciting and terrifying... On today's episode of Trust Issues, host David Puner speaks with cryptographer Dr. Erez Waisbard, CyberArk’s Technology and Research Lead, about quantum computing innovation and its cybersecurity implications – from data encryption to surveillance and privacy.  Dr. Waisbard breaks down how encryption works, why it’s so important for safeguarding our data, and how quantum computers will break the methods...

Today's guest is Den Jones, who's Chief Security Officer (CSO) at Banyan Security, a startup Zero Trust network access solution (and a CyberArk technology partner). Jones spent almost 19 years at Adobe, followed by a stop at Cisco, before landing at Banyan in 2021. As his Twitter bio tells it, he's a “Large Scale Zero Trust Deliverer,” which is part of his multifaceted CSO charge. In this episode, host David Puner talks with Jones about his singular cybersecurity career path – beginning with...

Today's episode is part two of our conversation with former White House CIO, bestselling author and founder and CEO of Fortalice Solutions, Theresa Payton. If you missed part one, you can start here and go back to that episode. Or, you can start there and come back to this one – but you're already here, so maybe just stick around?  In this episode, host David Puner and Payton continue their discussion, diving into the implications of AI and tools like ChatGPT for the cyber threat landscape –...

Since the earliest digital days, cyberattackers have targeted identities in their quests for riches, chaos and even revenge. So, what if we could hop into a flux capacitor-equipped DeLorean, hammer-down to 88 mph, and go back in time to better understand how yesterday’s threats influence today’s landscape – and what history can teach us about outpacing adversaries? Today, we do that – and a whole lot more – with a fantastic guest: Theresa Payton.    Payton is the first woman to have served as...

Even if you've been living under a super-sized rock for the last few months, you've probably heard of ChatGPT. It's an AI-powered chatbot and it's impressive. It's performing better on exams than MBA students. It can debug code and write software. It can write social media posts and emails. Users around the globe are clearly finding it compelling. And the repercussions – good and bad – have the potential to be monumental. That's where today's guest Eran Shimony, Principal Security Researcher...

In this episode of the Trust Issues podcast, host David Puner interviews Nigel Miller, Director of Security Operations and Engineering at Maximus, a company that provides process management and tech solutions to help governments improve their health and human service programs. Nigel discusses his role in keeping the company's nearly 40,000 employees cyber-trained and secure. And, as you'll hear, Nigel highlights the similarities between football and cybersecurity and that understanding one's...

We're starting the new year with a conversation focused on securing critical infrastructure. The issue, of course, is that we're seeing increased threats and cyberattacks on critical infrastructure. Not to mention the war in Ukraine. This collective threat is a rallying point, bringing together cyber professionals from around the world, as well as their respective countries. On today’s episode, host David Puner talks with David Higgins, who’s a Senior Director in CyberArk‘s Field Technology...

Too often when we think of the human element in cybersecurity it's the insider threats. But more often it's the hardworking protectors inside the organization who, while passionate about their jobs, would rather work to live rather than live to work. Although that reality can easily flip due to the nature of the cyber world. That's where today's guest Omar Khawaja, who’s been the CISO at Highmark Health for nine years, comes into the picture. As you'll hear, Khawaja’s been on the cutting edge...

Today's episode is a bit of a year-end cybersecurity fortune cookie. Its focus is an attack trend that's surged in 2022: Cookie hijacking (aka stolen cookies). Session cookies, that is. And it’s an attack trend CyberArk Labs researchers predict will continue to flourish in 2023. To dig into the stolen cookies trend and what's coming next, host David Puner talks with VP of CyberArk Red Team Shay Nahari, and Research Evangelist of CyberArk Labs, Andy Thompson, both of whom have spent a...

In the spring of 2022, Costa Rica was hit with a series of large-scale, long-lasting ransomware attacks, which wreaked havoc on the government and healthcare system – and paralyzed imports and exports. The ripple effects were far-reaching and the economy was crippled. President Rodrigo Chaves declared a national state of emergency. Trust was shaken. On today’s episode, Vinicio Chaves Alvarado, acting CISO at BAC Credomatic, the Costa Rica-based international bank, talks with host David Puner...

Being a Chief Information Security Officer is a tough job. CISOs are on the front lines, protecting against the unknown day after day, week after week. It's no wonder mental health issues such as depression and anxiety are surging in our industry. There are a lot of things that need to change, but on a positive note, this once-taboo subject is starting to get the attention it so desperately deserves. This is in part thanks to security leaders like Kirsten Davies, CISO at Unilever, stepping...

Even when looking at layered enterprise solutions designed to thwart attacks and contain them, we must always go back to cybersecurity basics at the individual level. And that’s what, on today's episode, guest Bryan Murphy, CyberArk’s Senior Director of Architecture Services and Incident Response stops by to talk with host David Puner about. Murphy also dives into the importance of cyber hygiene as an essential preventive measure for protecting identities, as part of a defense-in-depth...

U.S. government agencies are warning that ransomware actors are "disproportionately targeting the education sector," especially K-12. That’s because sensitive student data, overworked staff and competing priorities make investing in cybersecurity talent and tools a major challenge. On today's episode, host David Puner checks in with Matt Kenslea, CyberArk's Director of State, Local and Education (SLED), for a discussion about these targeted cyberattacks, the challenges they pose – and what...

Len Noe – our favorite cyborg and CyberArk resident technical evangelist and white hat hacker – is back! On today’s episode, he’s talking with host David Puner about risky QR codes. On first blush it may seem like a simple subject, but attackers are having a field day with them and there seems to be a general lack of awareness about it. Help stop the havoc-wreaking and find out what you can do to protect yourself.

Sports, at their highest levels, are shaped by lifetimes dedicated to practicing, strategizing and anticipating. The same goes for cybersecurity. Although, in our world, it's not a game and there are no set parameters. On today’s episode, host David Puner speaks with Clarence Hinton, CyberArk Chief Strategy Officer, Head of Corporate Development about looking into the future and preparing for the unknown. Like hockey, it’s about skating to where the puck’s going – not where it’s been.

If you're in the business of collecting consumer data these days, you better be in the business of protecting that data. Or you could find yourself with no business. On today's episode, host David Puner talks with Thomas Tschersich, Chief Security Officer of Deutsche Telekom (parent company of T-Mobile) and Chief Technical Officer of Telekom Security, about the new rules of data privacy and protection and how telecommunication providers must live and breathe trust as they operate critical...

For every me or you, there are now 45 machine identities. That's 45 machine identities for every single human identity, according to the CyberArk 2022 Identity Security Threat Landscape Report. And 68% of those machine identities have some level of sensitive access. Attackers know this, and are doing their best to take advantage of those odds. Host David Puner sits down with Udi Mokady, Founder, Chairman and CEO of CyberArk, shortly after the wrap of the company’s Impact 2022 conference, for...

How do we stand a chance against emerging cyber threats? It's because, in large part, there are researchers at the cutting edge – dedicated to the pursuit and understanding of novel threats and vulnerabilities – by thinking just like attackers. That's the world in which Lavi Lazarovitz, CyberArk Labs’ Head of Security Research, lives and thrives. Lazarovitz leads an elite group of white hat hackers, intelligence experts and cybersecurity practitioners. Host David Puner talks with Lazarovitz...

Securing critical infrastructure that powers our way of life can be a sleepless job. But sometimes that's the cost of being a protector... Today's guest, Carla Donev, is no stranger to working round-the-clock. As Vice President and Chief Information Security Officer at NiSource, she leads security operations for one of the largest utilities in the country, which delivers gas and electricity to millions of citizens across six states. Host David Puner talks with Donev about the evolving threat...

You may have heard the famous Mike Tyson quote, “Everybody has a plan until they get punched in the face.” Applied to the context of cybersecurity, the message is – when things get real, what will you do? How will you react? You can attempt to prepare for seemingly every scenario under the sun, but you still can’t know when or how or where you'll actually get punched. So how do you prepare for the unknown – for that metaphorical Iron Mike punch to the face? And what do you do when it...

Fighting attacker innovation requires a level of innovation that can only be achieved through a collaborative approach. One that brings diverse backgrounds, perspectives and solutions together to strengthen cyber resilience from every angle. Melissa Carvalho, Vice President of Identity and Access Management at Royal Bank of Canada, speaks with host David Puner on the importance of diversity and inclusion in cybersecurity and how it has factored into the evolution of her role.