Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
Player FM - Internet Radio Done Right
Checked 8d ago
Vor fünf Jahren hinzugefügt
Inhalt bereitgestellt von mnemonic. Alle Podcast-Inhalte, einschließlich Episoden, Grafiken und Podcast-Beschreibungen, werden direkt von mnemonic oder seinem Podcast-Plattformpartner hochgeladen und bereitgestellt. Wenn Sie glauben, dass jemand Ihr urheberrechtlich geschütztes Werk ohne Ihre Erlaubnis nutzt, können Sie dem hier beschriebenen Verfahren folgen https://de.player.fm/legal.
Ähnelt mnemonic security podcast
This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
The power of Data is undeniable. And unharnessed - it’s nothing but chaos. Making data your ally. Using it to lead with confidence and clarity. Host Jess Carter is solving problems in real-time to reveal what’s possible. Helping communities and people thrive. This is Data Driven Leadership, a show brought to you by Resultant.
…
continue reading
BBC Radio 5 live’s award winning gaming podcast, discussing the world of video games and games culture.
…
continue reading
1
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
Jerry Bell and Andrew Kalat
5k
200
Defensive Security is a weekly information security podcast which reviews recent high profile cyber security breaches, data breaches, malware infections and intrusions to identify lessons that we can learn and apply to the organizations we protect.
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
Investor Shayle Kann is asking big questions about how to decarbonize the planet: How cheap can clean energy get? Will artificial intelligence speed up climate solutions? Where is the smart money going into climate technologies? Every week on Catalyst, Shayle explains the world of climate tech with prominent experts, investors, researchers, and executives. Produced by Latitude Media.
…
continue reading
Material is a weekly discussion about the Google and Android universe. Your intrepid hosts try to answer the question, “What holds up the digital world?” The answer, so far, is that it’s Google all the way down. Hosted by Andy Ihnatko and Florence Ion.
…
continue reading
TechStuff is getting a system update. Everything you love about Tech Stuff now twice the bandwidth with new hosts, Oz Woloshyn (Sleepwalkers) and Karah Preiss (Sleepwalkers). Oz and Karah bring humour and wit to the table as they break down what's happening in tech...and what it says about us. TechStuff is the podcast where technology meets culture. We speak to the folks building the future to understand what tomorrow will look like and how our technology is changing us: how we live, how we ...
…
continue reading
Tom Merritt and the team help you stay up to date with an independent, authoritative and trustworthy tech news briefing. Become a member at https://plus.acast.com/s/dtns. Hosted on Acast. See acast.com/privacy for more information.
…
continue reading
Player FM - Podcast-App
Gehen Sie mit der App Player FM offline!
Gehen Sie mit der App Player FM offline!
))
Daily Deals
Podcasts, die es wert sind, gehört zu werden
GESPONSERT
We made it— 300 episodes of This Is Woman’s Work ! And we’re marking this milestone by giving you something that could seriously change the game in your business or career: the skill of pitching yourself effectively. Whether you’re dreaming of being a podcast guest, landing a speaking gig, signing a client, or just asking for what you want with confidence—you’re already pitching yourself, every day. But are you doing it well? In this milestone episode, Nicole breaks down exactly how to pitch yourself to be a podcast guest … and actually hear “yes.” With hundreds of pitches landing in her inbox each month, she shares what makes a guest stand out (or get deleted), the biggest mistakes people make, and why podcast guesting is still one of the most powerful ways to grow your reach, authority, and influence. In This Episode, We Cover: ✅ Why we all need to pitch ourselves—and how to do it without feeling gross ✅ The step-by-step process for landing guest spots on podcasts (and more) ✅ A breakdown of the 3 podcast levels: Practice, Peer, and A-List—and how to approach each ✅ The must-haves of a successful podcast pitch (including real examples) ✅ How to craft a pitch that gets read, gets remembered, and gets results Whether you’re new to pitching or want to level up your game, this episode gives you the exact strategy Nicole and her team use to land guest spots on dozens of podcasts every year. Because your voice deserves to be heard. And the world needs what only you can bring. 🎁 Get the FREE Podcast Pitch Checklist + Additional Information on your Practice Group, Peer Group, and A-List Group Strategies: https://nicolekalil.com/podcast 📥 Download The Podcast Pitch Checklist Here Related Podcast Episodes: Shameless and Strategic: How to Brag About Yourself with Tiffany Houser | 298 How To Write & Publish A Book with Michelle Savage | 279 How To Land Your TED Talk and Skyrocket Your Personal Brand with Ashley Stahl | 250 Share the Love: If you found this episode insightful, please share it with a friend, tag us on social media, and leave a review on your favorite podcast platform! 🔗 Subscribe & Review: Apple Podcasts | Spotify | Amazon Music…
mnemonic security podcast
Alle als (un)gespielt markieren ...
Manage series 2805538
Inhalt bereitgestellt von mnemonic. Alle Podcast-Inhalte, einschließlich Episoden, Grafiken und Podcast-Beschreibungen, werden direkt von mnemonic oder seinem Podcast-Plattformpartner hochgeladen und bereitgestellt. Wenn Sie glauben, dass jemand Ihr urheberrechtlich geschütztes Werk ohne Ihre Erlaubnis nutzt, können Sie dem hier beschriebenen Verfahren folgen https://de.player.fm/legal.
The mnemonic security podcast is a place where IT Security professionals can go to obtain insight into what their peers are working with and thinking about.
136 Episoden
Teilen
Alle als (un)gespielt markieren ...
Manage series 2805538
Inhalt bereitgestellt von mnemonic. Alle Podcast-Inhalte, einschließlich Episoden, Grafiken und Podcast-Beschreibungen, werden direkt von mnemonic oder seinem Podcast-Plattformpartner hochgeladen und bereitgestellt. Wenn Sie glauben, dass jemand Ihr urheberrechtlich geschütztes Werk ohne Ihre Erlaubnis nutzt, können Sie dem hier beschriebenen Verfahren folgen https://de.player.fm/legal.
The mnemonic security podcast is a place where IT Security professionals can go to obtain insight into what their peers are working with and thinking about.
136 Episoden
Alle Folgen
×
In this episode, Robby speaks with Harry Wetherald, Co-Founder and CEO of the security platform Maze, about the current wave of LLM innovation in security and how to separate real progress from marketing fluff. Drawing on his experience building security products, Wetherald shares how large language models are changing the way we approach vulnerability management, what to ask vendors about their "AI" claims, and why UX may be just as important as the models themselves. Send us a text…
In this episode of the mnemonic security podcast, Robby speaks with Knut Elde Johansen and Øyvind Bergerud from Storebrand about their transformation from early cloud challenges to established cloud maturity. They discuss how Storebrand shifted from outsourced IT to building a modern, in-house cloud infrastructure, and how security evolved alongside it. From implementing policy as code to enabling developers through threat modelling, purple teaming, and CNAPP, Knut and Øyvind share hard-earned lessons from building a secure, cloud-native environment. They also explore the changing threat landscape and how Storebrand prepares for attackers who are becoming just as cloud-savvy as defenders. Send us a text…
In this episode of the mnemonic security podcast, Robby is joined by Ricardo Ferreira, CISO EMEA at Fortinet, to explore the power of policy as code and its role in technical resilience. Ferreira explains how organisations can move beyond manual processes to automate security policies, reduce complexity, and enhance agility. They discuss cloud transformation, the challenges of enforcing policy at scale, and why automation and cultural change are essential for security teams. Plus, the growing role of AI and what the future holds for policy-driven security. You can find his book Policy Design in the Age of Digital Adoption, here: https://www.amazon.com/Policy-Design-Digital-Adoption-transformation-ebook/dp/B09WJBQ7L7 Send us a text…
In this episode of the mnemonic security podcast, Robby is joined by Bernard Montel, EMEA Technical Director & Security Strategist at Tenable, to break down the evolution of vulnerability management into exposure management. Bernard explains how security has shifted from traditional vulnerability scanning to a broader approach that considers misconfigurations, attack paths, and identity risks. They discuss why most breaches stem from a toxic combination of exposures, the growing complexity of cloud security, and how organisations can prioritise real risks instead of drowning in vulnerability lists. Plus, how AI is changing the game for both defenders and attackers. Send us a text…
Audio-visual (AV) equipment is everywhere – meeting rooms, auditoriums, and control centres – but how often do we think about its security? In this episode of the mnemonic security podcast, Robby talks to Øystein Stadskleiv from Leteng, about the overlooked risks of AV systems. They discuss real-world attack scenarios, common vulnerabilities, and practical steps to secure AV infrastructure. Send us a text…
In this episode of the mnemonic security podcast, Robby is joined by Emil Vaagland, Security Manager at FINN.no, Norway’s leading online marketplace. They discuss the unique security challenges of a cloud-first, developer-heavy organisation, covering everything from vulnerability management and secure coding, to fraud detection and access control. Vaagland shares insights into their approach to bug bounties, DevSecOps, and balancing security with developer efficiency. Send us a text…
In this episode of the mnemonic security podcast, Robby is joined by Dustin Childs, Head of Threat Awareness at Trend Micro’s Zero Day Initiative (ZDI). Dustin explains the ZDI’s role in purchasing and analysing vulnerabilities to provide early protection for customers and how zero days – previously unknown vulnerabilities – become "n-days" once disclosed or patched. The conversation highlights the critical importance of timely patching, the risks posed by bad patches, and the concept of virtual patching as a defence strategy. Dustin also delves into attack surface monitoring, the evolving threat landscape, and the ongoing challenges of balancing security and usability in modern networks. Send us a text…
In this episode of the m nemonic security podcast , Robby is joined by Eirik Nordbø and Marius Kotlarz from Equinor, as well as Haakon Staff from mnemonic. Together, they discuss the world of Capture the Flag (CTF) competitions, exploring their origins, structure, and benefits. CTFs, as they explain, are “hacking” contests featuring challenges such as cryptography and reverse engineering, where participants solve tasks to uncover "flags" and earn points. The discussion highlights the educational value of CTFs, particularly in helping developers, pentesters, and other IT professionals refine their skills and master advanced techniques. The group also addresses the logistical challenges of hosting a CTF—such as the Equinor CTF—from infrastructure setup to stress testing, while emphasizing the passion and expertise required to organize a successful event. Finally, they explore how CTFs can serve as a valuable recruitment tool for identifying and attracting top security talent. Send us a text…
To kick off 2025, Robby chats with Duncan Ogilvie, a renowned expert in Reverse Engineering (RE), the creator of x64dbg (a popular open-source x64/x32 debugger for Windows), and the mind behind 100+ other cool projects. Their conversation covers the evolving field of RE, discussing common challenges, practical techniques, and how professionals navigate the landscape. Duncan also shares his insights on the current tools shaping the field, explores the role of "AI" in RE, and speculates on what the future might hold for the industry niche. Listeners will also get a sneak peek into Duncan’s upcoming course, scheduled for February 20-21 in Oslo. The course will focus on using LLVM for binary analysis and is designed to help intermediate reverse engineers sharpen their skills. If you’re interested, sign up here! https://www.mnemonic.io/resources/events-webinars/exclusive-training-with-duncan-ogilvie-LLVM-IR-and-binary-lifting/ Send us a text…
In this episode of the mnemonic security podcast, Robby is joined by Tony Fergusson, CISO EMEA at Zscaler. They start with a market update on Zero Trust and discuss the challenges relating to adoption that he has observed (ever heard of the Popcorn Theory?). Fergusson then introduces the concept of risk hunting – a proactive strategy to identify and mitigate risks before they escalate into breaches – and explains how it relates to threat hunting. He emphasizes the importance of least privilege, continuous evaluation, and what Zero Trust looks like for users and workloads. Send us a text…
In this episode of the mnemonic security podcast, Robby is joined by Scott Piper from Wiz and Håkon Sørum from O3 Cyber to talk cloud security. They cover the evolution of cloud security products since Amazon's release of S3 and EC2 in 2006 and how the market has matured into the CNAPP we know today. They chime in on most of the buzzwords associated with CNAPP, including Cloud Security Posture Management (CSPM), Cloud Workload Protection Platform (CWPP), Cloud Infrastructure Entitlement Management (CIEM), and Cloud Detection and Response (CDR), as well as other key areas of CNAPP such as vulnerability scanning, "shift-left" security, cloud data security, and compliance. They explain the definition and challenges of "cloud-native attacks" and misconfigurations and discuss whether third-party SOCs can add context and enhance detection capabilities. Send us a text…
In this episode, Robby is joined by Maximilian Heinemeyer, Chief Product Officer at Darktrace. The conversation focuses on Max's perspective on detection engineering and the use of machine learning. He shares his opinion on the limitations of traditional, signature/behaviour-based detection methods and the challenges organisations face when building complex detection engineering systems. Max contrasts these traditional approaches with the unsupervised machine learning techniques used by Darktrace, and describes the "aha moments" he experienced when seeing this technology work in its early days. Send us a text…
In this new episode of the mnemonic security podcast, Robby Peralta is joined by Leonid Rozenberg, a cybersecurity expert and dark web researcher at Hudson Rock, to discuss infostealers. Rozenberg provides a brief history of infostealers, which began with Zeus in 2007, a malware initially designed to steal only banking information. Today, infostealers have evolved to capture all types of personal and sensitive data, including passwords, cookies, and cryptocurrency information. Infostealer malware can be bought on the dark web as a turnkey solution, or "mass malware as a service," for as little as $99 per month. Rozenberg emphasises the importance of cybersecurity education and debunks common misconceptions about antivirus protection, complex passwords, and multi-factor authentication. He also highlights the ongoing threat of infostealers and their adaptability in bypassing security measures. Send us a text…
Joe Slowik, ATT&CK CTI Lead at MITRE, joins the latest episode of the mnemonic security podcast to share his insights on the complexities of securing critical infrastructure. With a background in cyber threat intelligence, incident response, and detection engineering, Joe discusses with Robby the challenge of defining and prioritising what's truly "critical" in a landscape where every sector claims importance. They explore the difficulty in distributing security investments across industries and the growing need for organisations of all sizes to adopt a mindset of self-defence. Joe also addresses the potential consequences of large-scale cyberattacks, such as those by Volt Typhoon, emphasising the need for coordinated incident response and leadership during crisis scenarios. He concludes with a strong call for resilience and highlights the vital role CEOs play in ensuring organisational preparedness. Send us a text…
KraftCERT trusselvurdering 2024 | In Norwegian only In this episode, Robby is joined by Espen Endal and Bjørn Tore Hellesøy from KraftCERT/InfraCERT - the Norwegian CERT for the energy and petroleum sectors. The trio discuss the Threat Assessment report recently published by KraftCERT/InfraCERT, and the unique challenges the Norwegian energy sectors are facing. They touch into topics such as threat evaluation, insider threats, countermeasures, and the importance of maintaining robust security practices despite evolving digital landscapes. The conversation emphasises the contextualization of national threat assessments to be practical for energy production companies, stressing the balance between emerging technologies like AI and Digital Twins and their associated risks. The Threat Assessment 2024 report is available at: https://www.kraftcert.no/filer/KraftCERT-ThreatAssessment2024.pdf Send us a text…
In this episode, Robby speaks with Jens Christian Vedersø, Head of Cyber Risk Management at Vestas, one of the world’s largest wind turbine manufacturers. Jens is a former Navy and intelligence officer and recovering regulator. Before managing cyber risk in the renewable energy sector, Jens helped develop energy sector legislation and cyber preparedness at the Danish Energy Agency, and served as a subject matter expert for SCADA, OT, ICS and IoT at the Danish Center for Cyber Security. In the discussion Jens shares his unique perspective on how security acts as both an enabler and a potential barrier in the transition towards renewable energy transition, and how the industry needs to move from a reactive, compliance-driven approach towards a more proactive, risk-based model. Jens also shares insights into the threat landscape, potential motivations of state actors, and how Vestas is working to quantify cyber risk and empower customers to better understand and control their own cyber risks. Send us a text…
In this episode of the mnemonic security podcast, Robby is joined by Matt Cooke from Proofpoint. They discuss the evolving landscape of email security, emphasising the need for a multi-layered approach beyond traditional prevention methods, as well as the importance of pre-delivery, post-delivery, and click-time protection to combat phishing and business email compromise (BEC) attacks. Matt notes that 76% of data breaches involve human error, and stresses the significance of threat intelligence and machine learning in detecting and mitigating threats. The conversation also touches on the role of AI in enhancing email security, the importance of DMARC for email authentication, and the concept of "very attacked people" (VAPs) to prioritise security efforts. Send us a text…
In this special, celebratory 100th episode of the mnemonic security podcast, Robby speaks with author and industry legend - Jon DiMaggio. Jon is the Chief Security Strategist at Analyst1 and has over 15 years of experience hunting, researching, and writing about advanced cyber threats. As a specialist in enterprise ransomware attacks and nation-state intrusions, Jon authored several investigative reports, including Robby´s favourite, “The Ransomware Diaries”, and also wrote the award-winning book “The Art of Cyberwarfare.” Jon has gone as far as to go develop relationships with some of the world’s most notorious ransomware gangs, for example LockBit, and exposed the interworkings of cartels behind major ransomware attacks. Their conversation explores the operational models of ransomware groups, which often function through a web of partnerships, specialised roles, and profit-sharing structures. DiMaggio provides his unique perspective on building relationships with cybercriminals to gather intelligence while navigating the ethical dilemmas and personal risks. Most importantly, he answers Robby´s burning question: “What’s your opinion of the bad guys?” Send us a text…
In this week's episode, Robby talks with his friend Keven Hendricks, a law enforcement veteran with extensive experience in dark web and cryptocurrency investigations. They explore topics like dark web forums, cryptocurrency's role in illegal activities, and the difficulties law enforcement encounters when monitoring these areas, especially with privacy coins like Monero. Keven emphasizes the need for companies to take a ‘boots on the ground’ approach to monitoring dark web activities, rather than depending only on third-party tools. «Keep your friends close, but your enemies closer,» right? Keven also touches on the potential value of having a ‘Chief Intelligence Officer’ (CINO) to actively investigate emerging threats. Send us a text…
Many are familiar with cybersecurity penetration testing – ethical hacking to uncover digital weaknesses. But what about the real-world threats to your company's physical security? How confident are you in your locks, cameras, and physical security measures to protect your sensitive data or equipment? In this episode, Robby speaks with Brian Harris, a leading expert in physical penetration testing as a part of Black Teaming. Black Teaming is a type of security assessment that simulates an attack on an organisation, including tactics such as physical intrusion and social engineering. Brian, Chief Instructor for the Covert Access Team, has conducted hundreds of these physical pen tests, helping organisations identify and fix vulnerabilities that could lead to corporate espionage and other threats. They provide real-world examples, discuss the limitations of common security measures, and touch on methods for improvement. These methods can include gamifying security by incentivizing employees to take an active role in physical security, for instance by keeping an eye on suspicious activity in the office. Send us a text…
Have you ever worked alongside a machine learning engineer? Or wondered how their world will overlap with ours in the "AI" era? In this episode of the podcast, Robby is joined by seasoned expert Kyle Gallatin from Handshake to enlighten us on his perspective on how collaboration between security professionals and ML practitioners should look in the future. They discuss the typical workflow of an ML engineer, the risks associated with open-source models and machine learning experimentation, and the potential role of "security champions" within ML teams. Kyle provides insight into what has worked best for him and his teams over the years, and provides practical advice for companies aiming to enhance their AI security practices. Looking back at our experience with "DevSecOps" - what can we learn from and improve for the next iteration of development in the AI era? Send us a text…
Operationalising threat intelligence is back on topic for the mnemonic security podcast! Making a return to the podcast is Joe Slowik from MITRE Corporation, where he is the CTI Lead for MITRE ATT&CK and also Principal Engineer for Critical Infrastructure Threat Intelligence. Also joining is Jeff Schiemann, an industry veteran and CISO at one of the world's first crypto banks. The conversation ventures across how security teams are currently using threat intelligence, the importance of frameworks and standardisation, and the role AI and automation may play for defenders and adversaries. The trio also share their thoughts on a future where threat intelligence decisions can be automated in real-time, and what might take to get us there. Send us a text…
When we talk about securing an organisation’s assets, we most often mean its data, devices, servers, or accounts, but are we doing enough to secure the group of people leading the company? Or the ones doing high risk work on behalf of the organisation? To discuss the importance of securing high-risk individuals, like journalists, politicians and executives, Robby is joined by an expert in this field, Runa Sandvik, journalist, security researcher and founder of Granitt. At Granitt, Runa works with digital security for journalists and other at-risk people, building on her experiences working at The New York Times, Freedom of the Press Foundation and The Tor Project. During the conversation, they talk about how to secure devices when travelling to high-risk countries, what tools to use and at what time, and how threat actors usually target individuals. Runa also shares how she works to secure accounts and devices for her clients. Send us a text…
For this episode, Robby is once again joined by Eoin Wickens, Technical Research Director at HiddenLayer, an organisation doing security for Machine learning (ML) and Artificial Intelligence (AI). It is not too long ago since Eoin last visited the podcast, (only 7 months,) but lots has happened in the world of AI since. During the episode, he talks about some of the most significant changes and developments he’s seen the last months, how models are getting smarter, smaller and more specific, and he revisits his crystal ball predictions last episode. Robby and Eoin discuss potential security risks posed by using AI tools, how to secure AI powered tools, and what you should think about before using them. Eoin also gives some new crystal ball predictions and recommendations to organisations starting to utilise AI adjacent technologies. Send us a text…
Data Brokers and Data Removal Services What does the process of removing your online presence look like? And how would you handle the data brokers that have collected your personal information with just a few clicks of the mouse to sell to other companies? To answer this, we’re joined by an expert in this field; Darius Belijevas, Head of Incogni, a service that automates user personal data removal from data brokers. Darius shares from his research on data brokers and their business models, and explains what a typical data broker looks like, the most commons methods they use to collect our data, and who some of the most popular data brokers are. This brings the conversation to the growing market for data removal services, and the two also talk about new legislative measures that might be changing the landscape these organisations operate in. Send us a text…
For this episode, Robby is joined by Levi Gundert, Chief Security Officer at the cybersecurity company Recorded Future and author of the book The Risk Business – what leaders need to know about intelligence and risk-based security. Levi shares from his decades of experience in the threat and risk space – and Robby picks his brain about a broad set of security topics ranging from telling the risk story and categorising risk, to darknet monitoring and infiltration, and using chatbots for security analysis and risk management. Send us a text…
Ethical social engineering Even the best pentesters out there can be fooled by a social engineering attempt under the right circumstances. But how do we treat the ones that have been tested and failed? Ragnhild «Bridget» Sageng, Senior Security Advisor at Norwegian Customs, has several years of experience from the IT and cybersecurity industry, and hands-on experience working as an ethical hacker specialising in social engineering. In her conversation with Robby, she shares what goes through her head during social engineering assignments, and discusses the importance of company culture and management expectations when doing these kinds of assessments. Ragnhild is particularity interested in the other side social engineering and how we should meet the humans that are involved in these assignments. During this episode she explores what ethical responsibilities we have, what a pentester should demand from a company before accepting an assignment, and what a company should demand back from a pentester. Send us a text…
How will AI impact the next generation of people working with computer science? This question is probably relevant for anyone making their way through school now, in all fields of study. Without looking for a definite answer, but to help him navigate this question, Robby has invited two people with quite different backgrounds: Richard Stiennon, author of Security Yearbook 2023 and Founder and Chief Research Analyst at IT-Harvest, and High School Junior, Athena Contos. Athena was recently visiting colleges, together with her father Brian Contos, a long-time veteran of the mnemonic security podcast. They both noticed a lot of excitement and concern regarding AI amongst those about to embark on their higher education, and questions about how AI will impact their choices of schools, majors, careers, and ultimately their future. In this episode, Athena and Richard share their perspectives on AI’s potential in education, the ethics of using AI in this context, and how we can go from combating the use of AI in the classroom to making it a useful tool for learning. Send us a text…
How does cybersecurity play a part in ensuring food security? As part of the ISACA series of the mnemonic security podcast, we’re welcoming Karianne Kjønås, Cyber & Privacy Associate at PwC Norway. Karianne recently won the ISACA master’s thesis award with her thesis on how cybersecurity incidents can affect Norwegian food production. During her conversation with Robby, she shares some of her major research findings, and how data, automation, IoT and AI play an important role in food production these days. They also discuss the state of cybersecurity in farming technologies and some of the most common cybersecurity threats to the food supply chain. Send us a text…
Conflictual coexistence Today’s guest, Raymond Andrè Hagen, holds over 20 years of experience in cybersecurity and information security, and is currently researching advanced persistent threats for his PhD in Computer and Information Systems Security. He also has experience as a Security Specialist at the Norwegian Digitalization Agency (Digdir), including being Chief Security Officer at Altinn, the Norwegian authorities' solution for reporting and dialogue with business and industry. In his conversation with Robby, Raymond shares from his threat research on predicting APT attack behaviour, including his hypothesis, prediction models and some preliminary findings. Raymond and Robby also discuss conflictual coexistence between nation states, especially US-China and US-Russia relationships, and how this has affected the cyber landscape historically, and will continue to affect it in the future. Send us a text…
To join Robby for this episode on Russian cybercrime and ransomware, we’re welcoming Sam Flockhart, Cyber Threat Intelligence Manager at Santander UK. Sam has a background in military intelligence from the British army, where he has spent a large part of his career looking at Russian influence in Eastern Europe. Including experience from the British army’s support mission to Ukraine. Sam goes through his presentation “From Russia with ransomware” presented at FS-ISAC EMEA Summit last month. Robby and Sam discuss ransomware groups with direct relationships with Russian intelligence services, their tactics, and how likely it is that ransomware will be used as a weapon in the short – medium term. To watch Sam’s presentation, visit the video episode on our YouTube channel: youtube.com/mnemonic Send us a text…
m
mnemonic security podcast
Metaverses Have you been to the metaverse yet? And are you among the 78% that believe the metaverse will provide a significant value to their organisation in the future? To join Robby for this episode, we’re welcoming Julia Hermann, Senior Technology and Innovation Manager at Giesecke+Devrient, where she works on identifying opportunities in the metaverse. Julia shares what companies are utilising metaverses well, and where she sees the most opportunities in enterprise, commercial and industrial metaverses. They also talk about ethical dilemmas in, and fair and equal access to metaverses. As well as limitation to the current metaverses, and their technical challenges and cybersecurity risks. Send us a text…
Defending EVE Online How does combatting botting, hacking, and fraud in a virtual game relate to fighting real cybercrime? To share his take on this, Maksym Gryshchenko joins us to share how he works as a Security analyst at CCP Games, a leading game developer based in Iceland, and the developers behind the sci-fi role-playing game EVE Online. EVE Online is known for having an immensely complex market economy system for the game's internal industry and trade between players, and Maks explains to Robby how he and his team works to maintain the integrity of this economy and the game itself. And in the case of EVE, this means more than catching cheaters. Send us a text…
Last year, threat researchers all over the world got a sneak peek into the inner workings of the Russian defence contractor NTC Vulkan. The Vulkan files leak provided an interesting behind the scenes look at Russian cyber capabilities and scalability, and the ways state sponsored organisation work. Joe Slowik, managing threat intelligence at the cybersecurity company Huntress, joins Robby to talk about how he worked through the hundreds of pages of data from the leak, and what he learned from them. Send us a text…
m
mnemonic security podcast
Cryptology is fundamental for the way the internet works today. But what exactly is modern cryptology, and what are the most common areas in which it’s being used? To guide us through this complex area, Robby’s joined by Bor de Kock, PhD. in Cryptology and Assistant Professor at NTNU. They talk about some of the main challenges to cryptology these days, encryption security and its limitations, and how Bor expects quantum computing to affect cryptology. Bor also shares what makes him both optimistic and pessimistic when it comes to the future of internet security. Send us a text…
Physical penetration testing | ISACA series For this episode that is part of our ISACA series, we’re joined by Rob Shapland, Ethical Hacker/Head of Cyber Innovation at Falanx Cyber. Rob talks about what he’s learned from his 15 years of testing physical and cyber security for his clients, including more than 200 building intrusions assignments. He explains how these kind of testing assignments work, what usually does work – and what happened the one time he actually didn’t get in. Robby and Rob talk about the evolution of security testing, and how testing techniques have had to adapt and become more subtle especially the last five years. They also go into the importance of training after assignments like these. Send us a text…
m
mnemonic security podcast
Artificial intelligence (AI) and machine learning (ML) models have already become incorporated into many facets of our lives. In this episode, we discuss what happens if these models are attacked. How can the models that AI and ML are built upon be attacked? And how can we defend them? Eoin Wickens, Senior Adversarial ML Researcher at HiddenLayer, an organisation doing security for AI and ML, joins Robby to talk about this often overlooked aspect of AI. During the episode, they also discuss the power AI/ML has to augment how we work in security, and the amount of community collaboration within these fields. Eoin also shares what he spends the majority of his time talking to customers about today, and what he believes he will be using most of his time on in the future. Send us a text…
m
mnemonic security podcast
What do you really know about your vendors? And about your vendors' vendors? To talk about supply chain attacks, and how to best mitigate and meet these risks, Robby is joined by a pair with a lot of experience on this topic: Roger Ison-Haug, CISO of StormGeo, and Martin Kofoed, CEO of Improsec. Martin and Roger discuss what a supply chain attack looks like these days, how to prepare for when a compromise happens, and how to get an overview of your organization's exposure. They also highlight the importance of knowing what happens if someone accesses your infrastructure, and fixing your basics. Send us a text…
How to succeed with bug bounties Responsible disclosure and vulnerability reporting have come a long way in recent years, and have gone from being feared and even something you took legal action against, to something that is appreciated for its value. Ioana Piroska, Bug Bounty Program Manager at Visma, joins Robby to share how Visma has succeeded with their bug bounty program. She talks about Vismas’ approach to these kind of programs, and the actual value they receive from them. Ioana and Robby discuss the difference between penetration testing and a bug bounty program, and how they complement each other. And how Visma also uses their live hacking competitions and public responsible disclosure program to improve their vulnerability detection capabilities. Video version (with presentation) available on our YouTube channel! Send us a text…
m
mnemonic security podcast
Influencing the board What are some of the most effective methods of gaining a board’s support, and how do you maintain this trust and improve it over time? Our guest today has worked with a lot of boards, and joins us to share his experiences providing boards with the tools to ask the right questions when it comes to cybersecurity, and conveying to them why cybersecurity is important for their organisation. Roger Ison-Haug has worked in IT for close to 30 years and is now working as the CISO & DPO at the data science and weather intelligence provider StormGeo. He is also currently working on his PhD in cybersecurity and leadership. Roger and Robby discuss the most common challenges that boards experience, and what kind of questions they usually ask. They also talk about what it’s actually like being a board member, Roger’s best advice to security people wanting to influence a board, and what kind of questions security people usually aren’t very good at answering – but should be. Send us a text…
m
mnemonic security podcast
KraftCERT trusselvurdering 2023 | In Norwegian only Our podcast guest this week is Espen Endal, previous mnemonic colleague and currently OT Security Analyst at the Norwegian energy sector CERT: KraftCERT/InfraCERT. InfraCERT is an ISAC (Information Sharing and Analysis Center) and an IRT (Incident Response Team). Mainly working to update their members about relevant vulnerabilities and threats to make them able to better detect and respond to digital attacks. They are also part of the Norwegian national response organisation. During their conversation, Robby and Espen discuss KraftCERT/InfraCERT's annual threat report, what they consider the most serious threats for their member organisations, both long term and short term, and what techniques they often see being used against their members. Espen also talks about the push to the cloud, the trade-off this entails particularly in these sectors, as well as the impact NIS and eventually NIS2 will have on their members. Send us a text…
Avoiding overload and managing stress in cybersecurity For today’s episode, Robby’s joined by Lisa Ventura, Cybersecurity Specialist, Author, and qualified Mental Health First Aider. After many years of experience from the industry, she’s become particularly interested in the human aspects of cybersecurity, especially when it comes to mental health issues, stress, and burnouts. During their conversation, Lisa explains how common stress and burnouts are in InfoSec and cybersecurity, and discuss how the pandemic impacted these numbers. As well as what the main factors contributing to stress and burnout in our industry is, and how these symptoms manifest themselves. She also shares some advice on how to combat overload and stress both on an individual and organisational level. If you’d like to also see Lisa’s presentation, feel free to visit our YouTube channel to watch the full recording of the episode. Send us a text…
m
mnemonic security podcast
Asset Intelligence Imagine a scenario where your organisation discovers that a threat actor currently possesses more knowledge about your environments than you do. Let’s find a way to make sure we don’t end up there - but how? For this episode, Robby is joined by a serial entrepreneur and serial guest at the mnemonic security podcast. For the fourth time, we’re welcoming Brian Contos. Today, to discuss his latest role as Chief Strategy Officer at Sevco, a company specialising in asset intelligence. Brian talks about the importance of having an accurate and comprehensive understanding of your assets' security and compliance status, especially in the governance, risk, and compliance (GRC) landscape. As well as how asset intelligence is gaining renewed attention in the industry. Send us a text…
m
mnemonic security podcast
Operationalising Threat Intelligence What can you do to get the most out of your threat intelligence initiatives? A good place to start, is picking Kyle Wilhoit’s brain. Kyle’s the Director of Threat Research at Palo Alto Network's Unit 42, and author of the book Operationalizing Threat Intelligence: A guide to developing and operationalizing cyber threat intelligence programs. During his chat with Robby, he provides some advice on how organisations should be handling their threat intelligence, what you can leverage from your vendors and partners, and what you need to do yourself to achieve full value from your threat intelligence. He also shares the major trends that Unit 42 are seeing when it comes to hacking tools, attack frameworks, campaigns, malware, and ransomware. Send us a text…
m
mnemonic security podcast
Crypto Finance How does a crypto finance agency work with security? To answer this question, and provide insight into security in the world of crypto, we’re joined by Dr. Dominik Raub. He has more than 10 years of experience from the financial industry, a Doctor of Sciences in Cryptography, and works as CISO at Crypto Finance AG, an organisation providing crypto and blockchain services to institutional clients. Dominik talks about the threat landscape they are in, the adversaries in the space, and what he’s learned about their TTPs. As well as the mechanisms his organisation uses to help them distinguish bad transactions and stop large-scale issues. Robby and Dominik also discuss the recent developments in the crypto finance market, and Dominik shares what he predicts will happen in the market in the years to come. Send us a text…
Willkommen auf Player FM!
Player FM scannt gerade das Web nach Podcasts mit hoher Qualität, die du genießen kannst. Es ist die beste Podcast-App und funktioniert auf Android, iPhone und im Web. Melde dich an, um Abos geräteübergreifend zu synchronisieren.
Daily Deals
Ähnelt mnemonic security podcast
Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
This is the audio podcast version of Troy Hunt's weekly update video published here: https://www.troyhunt.com/tag/weekly-update/
…
continue reading
The power of Data is undeniable. And unharnessed - it’s nothing but chaos. Making data your ally. Using it to lead with confidence and clarity. Host Jess Carter is solving problems in real-time to reveal what’s possible. Helping communities and people thrive. This is Data Driven Leadership, a show brought to you by Resultant.
…
continue reading
BBC Radio 5 live’s award winning gaming podcast, discussing the world of video games and games culture.
…
continue reading
1
Defensive Security Podcast - Malware, Hacking, Cyber Security & Infosec
Jerry Bell and Andrew Kalat
5k200
Defensive Security is a weekly information security podcast which reviews recent high profile cyber security breaches, data breaches, malware infections and intrusions to identify lessons that we can learn and apply to the organizations we protect.
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
Investor Shayle Kann is asking big questions about how to decarbonize the planet: How cheap can clean energy get? Will artificial intelligence speed up climate solutions? Where is the smart money going into climate technologies? Every week on Catalyst, Shayle explains the world of climate tech with prominent experts, investors, researchers, and executives. Produced by Latitude Media.
…
continue reading
Material is a weekly discussion about the Google and Android universe. Your intrepid hosts try to answer the question, “What holds up the digital world?” The answer, so far, is that it’s Google all the way down. Hosted by Andy Ihnatko and Florence Ion.
…
continue reading
TechStuff is getting a system update. Everything you love about Tech Stuff now twice the bandwidth with new hosts, Oz Woloshyn (Sleepwalkers) and Karah Preiss (Sleepwalkers). Oz and Karah bring humour and wit to the table as they break down what's happening in tech...and what it says about us. TechStuff is the podcast where technology meets culture. We speak to the folks building the future to understand what tomorrow will look like and how our technology is changing us: how we live, how we ...
…
continue reading
Tom Merritt and the team help you stay up to date with an independent, authoritative and trustworthy tech news briefing. Become a member at https://plus.acast.com/s/dtns. Hosted on Acast. See acast.com/privacy for more information.
…
continue reading
Player FM - Podcast-App
Gehen Sie mit der App Player FM offline!
Gehen Sie mit der App Player FM offline!
))
