Welcome to another insightful episode of CISO Tradecraft! In this episode, host G Mark Hardy engages with Aimee Cardwell, an accomplished cybersecurity expert with an impressive portfolio including UnitedHealth Group, AMEX, eBay, and more. Tune in as they dive deep into the increasing concerns of privacy, the evolving role of AI in cybersecurity, and the importance of data governance. Learn practical strategies for managing the complexities of AI and privacy, explore the intersections between cybersecurity and privacy, and get invaluable tips for aspiring CISOs. Don't miss this episode packed with expert advice and forward-thinking perspectives! Aimee Cardwell's Linkedin - https://www.linkedin.com/in/acardwell/ Chapters 01:07 Guest Background and Career Journey 03:00 Cybersecurity and Privacy Integration 08:04 AI's Impact on Cybersecurity and Privacy 12:32 Data Retention Challenges and Solutions 17:56 Improving Data Visibility 19:28 GDPR Compliance and Data Breaches 19:55 Challenges of Data Management in Large Enterprises 21:02 AI and Cloud Governance 22:52 Encouraging AI Literacy in the Workplace 25:39 AI Policy and Legal Protections 28:56 AI's Limitations and Risks 31:48 The Importance of AI Literacy Across Functions 35:23 Final Thoughts and Advice for CISOs

Dive into an exciting discussion on CISO Tradecraft as host G Mark Hardy engages with DARPA's AI Cyber Challenge director, Andrew Carney. Learn about the world of autonomous systems capable of identifying and fixing vulnerabilities at an unprecedented speed and scale. Discover the highs and lows of AIxCC's two-year journey, its groundbreaking impact on cybersecurity, and the potential it holds for the future. Whether you're a seasoned CISO or just passionate about cybersecurity, this episode is packed with insights on leveraging AI to protect critical infrastructure and defend against cyber threats. Don't miss it! https://aicyberchallenge.com/

Join us in this captivating episode of CISO Tradecraft as host G Mark Hardy sits down with storytelling maestro Neal Foard. Learn the secrets of impactful storytelling straight from Neal, who shares an engaging story about an unforgettable lesson at the New Jersey State Fair. Delve into the importance of emotions in storytelling, glean tips for effective communication, and discover how being an inspiring leader can propel your cybersecurity career. Don't miss this opportunity to enhance your storytelling prowess and become a more effective cybersecurity leader!

Learn how to elevate Data Protection in the Age of AI with Ronan Murphy In this episode of CISO Tradecraft, host G Mark Hardy and guest Ronan Murphy, Chief Strategy Officer at Forcepoint, discuss the critical importance of data protection for enterprises in the age of AI. Discover expert insights on common mistakes CISOs make, how AI revolutionizes data security, and the evolving role of CISOs from enforcers to strategists. Learn about effective data governance, AI’s impact on data, and leveraging tools like DLP & CASB for robust cybersecurity.

Plus, hear about Forcepoint Aware 2025 and actionable strategies for elevating your organization's data security posture. https://www.forcepoint.com/aware

Chapters

00:00 Introduction: The Importance of Data Security

00:26 Meet the Expert: Ronan Murphy's Background

02:40 Challenges in Data Protection

04:01 The Role of AI in Data Security

06:26 Strategies for Effective Data Management

19:05 Understanding Data Loss Prevention (DLP)

20:36 Exploring Cloud Access Security Brokers (CASB)

24:37 Data Security Posture Management (DSPM)

38:36 The Future Role of CISOs

40:30 Conclusion and Upcoming Events

Join host G Mark Hardy on CISO Tradecraft as he welcomes Patrick Garrity from VulnCheck and Tod Beardsley from Run Zero to discuss the latest in cybersecurity vulnerabilities, exploits, and defense strategies. Learn about their backgrounds, the complexities of security research, and strategies for effective communication within enterprises. The discussion delves into vulnerabilities, the significant risks posed by ransomware, and actionable steps for CISOs and security executives to protect their organizations. Stay tuned for invaluable insights on cybersecurity leadership and management. Chapters

• 00:00 Introduction and Guest Welcome
• 00:57 Meet Patrick Garrity: Security Researcher and Skateboard Enthusiast
• 02:12 Meet Todd Beardsley: From Hacker to Security Research VP
• 03:58 The Evolution of Vulnerabilities and Patching
• 07:06 Understanding CVE Numbering and Exploitation
• 14:01 The Role of Attribution in Cybersecurity
• 16:48 Cyber Warfare and Global Threat Landscape
• 20:18 The Rise of International Hacking
• 22:01 Delegation of Duties in Offensive Warfare
• 22:25 The Role of Companies in Cyber Defense
• 23:00 Attack Vectors and Exploits
• 24:25 Real-World Scenarios and Threats
• 28:46 The Importance of Communication Skills for CISOs
• 31:42 Ransomware: A Divisive Topic
• 38:39 Actionable Steps for Security Executives
• 45:58 Conclusion and Final Thoughts

In this episode of CISO Tradecraft, host G Mark Hardy sits down with Tomas Roccia, a senior threat researcher at Microsoft, to delve into the evolving landscape of AI and cybersecurity. From AI-enhanced threat detection to the complexities of tracking cryptocurrency used in cybercrime, Tomas shares his extensive experience and insights. Discover how AI is transforming both defensive and offensive strategies in cybersecurity, learn about innovative tools like Nova for adversarial prompt detection, and explore the sophisticated techniques used by cybercriminals in high-profile crypto heists. This episode is packed with valuable information for cybersecurity professionals looking to stay ahead in a rapidly changing field.

Defcon presentation: Where is my crypto Dude? https://media.defcon.org/DEF%20CON%2033/DEF%20CON%2033%20presentations/Thomas%20Roccia%20-%20Where%E2%80%99s%20My%20Crypto%2C%20Dude%20The%20Ultimate%20Guide%20to%20Crypto%20Money%20Laundering%20%28and%20How%20to%20Track%20It%29.pdf

GenAI Breaches Generative AI Breaches: Threats, Investigations, and Response - Speaker Deck https://speakerdeck.com/fr0gger/generative-ai-breaches-threats-investigations-and-response

Transcripts: https://docs.google.com/document/d/1ZPkJ9P7Cm7D_JdgfgNGMH8O_2oPAbnlc

Chapters

• 00:00 Introduction to AI and Cryptocurrencies
• 00:27 Welcome to CISO Tradecraft
• 00:55 Guest Introduction: Tomas Roccia
• 01:06 Tomas Roccia's Background and Career
• 02:51 AI in Cybersecurity: Defensive Approaches
• 03:19 The Democratization of AI: Risks and Opportunities
• 06:09 AI Tools for Cyber Defense
• 08:09 Challenges and Limitations of AI in Cybersecurity
• 09:20 Microsoft's AI Tools for Defenders
• 12:13 Open Source AI Security: Project Nova
• 18:37 Community Contributions and Open Source Projects
• 19:30 Case Study: Babit Crypto Hack
• 22:12 Money Laundering Techniques in Cryptocurrency
• 23:01 AI in Tracking Cryptocurrency Transactions
• 26:09 Sophisticated Attacks and Money Laundering
• 33:50 Future of AI and Cryptocurrency
• 38:17 Final Thoughts and Advice for Security Executives
• 41:28 Conclusion and Farewell

In this episode of CISO Tradecraft, host G Mark Hardy sits down with Danny Jenkins, CEO and founder of ThreatLocker, live from the Black Hat conference. Danny shares insights into his technical background and explains how a customer-focused culture drives innovation and improvement at ThreatLocker. Learn about the company's unique practices, such as their 'control alt delight' sessions, 24/7 customer support, and how leadership at ThreatLocker leads by example. Danny also discusses the importance of learning from failures and removing obstacles for team members to help the company and its products continually evolve. Danny's LinkedIn - https://www.linkedin.com/in/dannyjenkinscyber/

ThreatLocker - https://www.threatlocker.com/

Transcripts -https://docs.google.com/document/d/1TOib3nTXwrWuwF6sJMlVjTFurgr-jc1b Chapters

• 00:00 Introduction and Welcome
• 00:27 Meet Danny Jenkins, CEO of Threat Locker
• 01:12 The Philosophy Behind Threat Locker
• 02:52 Customer-Centric Culture at Threat Locker
• 04:32 Technical Leadership and Personal Insights
• 08:55 Leadership Advice for Aspiring CISOs
• 11:22 Conclusion and Farewell

In this episode of CISO Tradecraft, host G Mark Hardy engages in an insightful conversation with Dave Lewis, Global Advisory CISO from 1Password, about AI governance and its importance in cybersecurity. They discuss AI policy and its implications, the evolving nature of AI and cybersecurity, and the critical need for governance frameworks to manage AI safely and securely. The discussion delves into the visibility challenges, shadow AI, the role of credentials, and the importance of maintaining fundamental security practices amidst rapid technological advancements. They also touch on the potential risks associated with AI, the misconceptions about its impact on jobs, and the need for a balanced approach to leveraging AI in a beneficial manner while safeguarding against its threats. This episode provides valuable guidance for cybersecurity professionals and organizations navigating the complexities of AI governance.

Chapters

• 00:00 Introduction to AI Governance
• 00:30 Guest Introduction: Dave Lewis
• 00:49 The Importance of AI Governance
• 01:42 Challenges in AI Implementation
• 03:20 AI in the Modern Enterprise
• 03:49 Shadow AI and Security Concerns
• 04:49 AI's Impact on Jobs and Industry
• 05:27 The Gartner Hype Cycle and AI
• 05:43 AI's Influence on the Stock Market
• 06:14 Historical Context of AI
• 06:32 AI and Credential Security
• 08:29 The Role of Governance in AI
• 12:47 The Future of AI and Security
• 18:36 Governance and Policy Recommendations
• 19:26 AI Governance and Ethical Concerns
• 20:01 AI Self-Preservation and Human Safety
• 20:18 Uncontrollable AI Applications
• 21:17 Vectors of AI Trouble
• 21:58 AI Hallucinations and Data Security
• 22:53 AI Vulnerabilities and Exploits
• 26:29 Deepfakes and AI Misuse
• 27:33 Historical Cybersecurity Incidents
• 29:04 Future of AI and Job Security
• 33:47 Managing AI Identities and Credentials
• 34:21 Conclusion and Final Thoughts