The goals and needs of IT and Cybersecurity are different. IT is more focused on uptime and keeping systems running. Cybersecurity is focused on reducing the risk of data breaches, ransomware and other negative impacts from threat actors.

The holistic approach to balance these elements can be accomplished with effective Governance, Risk and Compliance (GRC). In this episode we discuss what benefits GRC solutions can bring to companies, how a vCISO can help, and more. Our guest is Cipher's Kevin Kurzawa, who leads GRC in the United States.

For more information on Cipher's GRC services, visit www.cipher.com/grc.

The US government has made cybersecurity a key focus for national security. As such, different organizations within the Government have issued guidance related to to cybersecurity standards. The impact of these actions and what it means for private organizations is a complex topic. We break it down with TrustMAPP CTO and CISO Allan Alford.

The blockchain, cryptocurrency, tokenization, social media, gaming, and the metaverse have created a new class of assets unique to the digital world. These assets have made many rich, but they are vulnerable to theft and fraud. We discuss this topic with Prosegur Global Director of Innovation and Product Development José Daniel García Espinel.

Organizations should understand what happens when they are breached, in order to measure the value or their tools and understand how long it takes for them to detect threat actors. SCYTHE is an Adversary Emulation tool that enables organizations to do this in a repeatable and secure way.

CTO Jorge Orchilles joins the episode to discuss how this methodology and tool differs from other cybersecurity practices, how it can help organizations improve, and what a Purple Team is.

Learn more about SCYTHE at www.scythe.io.

We covered the top trends and stories from 2021 in the world of cybersecurity and related topics in this episode. Read the accompanying blog for links to the articles mentioned and charts of the trends: https://cipher.com/blog/year-in-cybersecurity-recap.

LogRhythm recently released a report on 'Security and the C-Suite: Making: Security Priorities Business Priorities'. In the report, they evaluated the influence of security leaders in enterprise organizations. LogRhythm Chief Security Officer and VP of R&D  James Carder joins the episode to give his expert insights into the topic. 

Read the report at https://logrhythm.com/making-security-priorities-business-priorities. 

The term Secure Access Service Edge (SASE) was coined in 2019 to describe an emerging security and network framework. Since then, the term has taken off with many companies marketing their solutions as part of the SASE concept.

Our guest for today’s episode is Nate Smolenski who is the Head of Cyber Intelligence Strategy at Netskope.  Netskope is touted as the SASE Leader. We cut through the acronym soup of the cyber world to identify how organizations benefit by implementing SASE concepts, in terms of both security and productivity.

The first week of November is Netskope SASE Week. During this week, cybersecurity professionals can join a variety of free workshops and sessions led by industry experts. 

Nearly every computer that runs Windows has Active Directory (AD). This structure helps organizations manage user identities, privileges, and much more. The power that AD has means threat actors are often targeting it to execute attacks.

Our guest for the episode is Christopher Keller, who is Senior Security Engineer at Tenable. We cover the common mistakes admins make with AD, how hackers take advantage, and what companies can do to improve.