ISF Podcast Podcast Por Information Security Forum Podcast arte de portada

ISF Podcast

ISF Podcast

De: Information Security Forum Podcast
Escúchala gratis

Obtén 3 meses por US$0.99 al mes
The ISF Podcast brings you cutting-edge conversation, tailored to CISOs, CTOs, CROs, and other global security pros. In every episode of the ISF Podcast, Chief Executive, Steve Durbin speaks with rule-breakers, collaborators, culture builders, and business creatives who manage their enterprise with vision, transparency, authenticity, and integrity. From the Information Security Forum, the leading authority on cyber, information security, and risk management.263000 Economía Exito Profesional Gestión Gestión y Liderazgo
Episodios
  • S36 Ep13: Preparing for AI-Generated Cyber Intrusions

    S36 Ep13: Preparing for AI-Generated Cyber Intrusions
    Dec 2 2025
    In the second part of his interview with journalist Nick Witchell, Steve and Nick delve into the world of AI and cyber. Steve shares his thoughts on autonomous cyber defense and argues that major actors like the ISF, large private enterprises, and the UK’s National Cyber Security Centre, must lead the way and support small and medium-sized businesses in keeping pace with technological advancements. The two also discuss the future of AI, cautioning that we aren’t as prepared as we need to be…

    Key Takeaways:
    1. Small and medium-sized businesses must receive support to stay up-to-date with new technologies.
    2. As more automation is introduced into business operations, understanding of one’s crown jewels and how to protect them is increasingly important.
    3. AI is advancing rapidly with evermore funding, and globally society is not preparing as well as it needs to for what’s to come.
    Tune in to hear more about:
    1. Steve’s view on autonomous cyber defense (00:55)
    2. The National Cyber Security Centre and its role in the cyber resilience of UK businesses (3:36)
    3. How AI will impact jobs in cyber (7:55)
    Standout Quotes:
    1. “You'll never get me going into an autonomous car. I just won't do it. And people will say, ‘Yes, they're being looked after by some bloke in a tower somewhere who's watching it.” I'm not buying it. I've been working in technology for far too long to know that it is fallible. And so I think we have to really move toward much more transparency in our understanding of where the AI tool is active, the data that it's using, the decisions it's making.” - Steve Durbin
    2. “We are looking for large private enterprise to be working collaboratively with people like the NCSC, with people like the ISF, to really help some of these smaller organizations that don't have the luxury or resources available to them to keep a pace with [technology].” - Steve Durbin
    3. “If you go back to the internet, we didn't do a good enough job of trying to forecast the way in which the internet was going to be used. We put it out there and we said, ‘Let everybody use it and let's see where it goes.” We are doing, I fear, a similar kind of thing with AI.” - Steve Durbin
    Read the transcript of this episode
    Subscribe to the ISF Podcast wherever you listen to podcasts
    Connect with us on LinkedIn and Twitter

    From the Information Security Forum, the leading authority on cyber, information security, and risk management.
    Más Menos
    14 m
  • S36 Ep12: Steve Durbin - Cyber Governance in Transition: What Boards Should Do Next

    S36 Ep12: Steve Durbin - Cyber Governance in Transition: What Boards Should Do Next
    Nov 25 2025
    In today's episode, Steve sits down with journalist Nick Witchell for a conversation focused on what business leaders can learn from this year's major cyber attacks and the recent AWS outage. The two also discuss cyber regulations and the challenge of operating global enterprise during significant geopolitical turmoil.

    Key Takeaways:
    1. Boards and senior executives understand there is a threat, but many still lack knowledge of how to deal with it.
    2. We are too reliant on technology; for the sake of business continuity, a backup plan must be in place.
    3. High-quality simulation exercises are a crucial step toward more cyber resilience.
    Tune in to hear more about:
    1. The role of policy and regulation (3:17)
    2. Why cyber simulation exercises are so important (5:45)
    3. Steve’s thoughts on the recent AWS outage (7:54)
    Standout Quotes:
    1. “Now, in the boardroom itself, in companies themselves, we have seen over the past few years an increasing awareness of the threat that these kinds of things can bring to really the future of an organization. But the challenge I think we now face is really helping boards, senior executives to transition from, yes, I get there's a threat, but what should I actually be doing about it?” - Steve Durbin
    2. “I think that in the main, cloud service providers are still probably far better equipped to provide the level of service that most companies need than you'd be able to do yourself. However, we do need to take into account that things will go wrong. And we have to plan for that. So if you are an organization that can quite happily exist without access to data in a cloud provider, it doesn't have to be Amazon, it could be anybody else, then fine. I would question why you're using them in that case. If on the other hand, you are dependent on them, you have to have some backup in place.” - Steve Durbin
    3. “All too often I'm seeing people particularly in the area of, say, cyber simulation exercises, because they're viewing it as a compliance exercise, going for least cost. That to me is a bit like saying I've just moved into an area where I know the burglary rate is quite high. What's the cheapest lock and door that I can get on my front door? It's madness. Not many of us would do it. We would try to work within our budget. We'd try to really figure out how important things were in our house. That's the mentality we have to adopt. So yes, you can get some of these things done very cheaply and you can tick a box, but it's not going to help you when things go wrong.” - Steve Durbin
    Read the transcript of this episode
    Subscribe to the ISF Podcast wherever you listen to podcasts
    Connect with us on LinkedIn and Twitter

    From the Information Security Forum, the leading authority on cyber, information security, and risk management.
    Más Menos
    14 m
  • S36 Ep11: Steve Durbin - Why Cybersecurity Should Be a Boardroom Conversation

    S36 Ep11: Steve Durbin - Why Cybersecurity Should Be a Boardroom Conversation
    Nov 11 2025
    Today’s special episode features Steve’s recent Business Matters broadcast interview with Juliette Foster, featuring conversation about critical cybersecurity challenges facing organizations today. Steve and Juliette discuss targeted phishing, the growing threat of Crime-as-a-Service, the increase in AI-driven cybercrime, and more.

    Key Takeaways:
    1. Cyber attacks will continue to increase, and businesses must adjust.
    2. Regulators must strike a balance to have clear guidelines without stifling businesses.
    3. To take advantage of new technologies like AI, businesses must invest in upskilling their employees.
    Tune in to hear more about:
    1. Why cyber crime is on the rise (2:17)
    2. How cyber criminals target their victims (4:00)
    3. Solving the cyber skills shortage (29:02)
    Standout Quotes:
    1. “The bad guys only need to get lucky once and they can cause havoc. And so the sorts of numbers you are seeing are them plugging away at it, trying to break down defenses, trying to find a way through. And on the defensive side, of course, we have to be at the top of our game 24/7, and that's just impossible.” - Steve Durbin
    2. “We also have very complex supply chains now that obviously are made up of small to mid-size companies. [...] So an easier way of accessing some of this high value information is often via the third party. So you don't necessarily need to be attacking the larger enterprise. You can target a smaller to mid-size, which probably doesn't have the same level of defense, maybe not the same level of awareness. And because it's in the supply chain and sharing information, you can then access through to the larger enterprise.” Steve Durbin
    3. “You have to invest in actually looking at the skill sets that you need within your organization and making some hard calls, I think, as to whether or not you do have the right capabilities within your organization. That doesn't necessarily mean that you have to get rid of a lot of people. It means you probably do need to invest significantly in upskilling and training and thinking very hard about how you're going to use some of that new technology.” - Steve Durbin
    Read the transcript of this episode
    Subscribe to the ISF Podcast wherever you listen to podcasts
    Connect with us on LinkedIn and Twitter

    From the Information Security Forum, the leading authority on cyber, information security, and risk management.
    Más Menos
    32 m
Todavía no hay opiniones