))
A weekly discussion of new developments and the latest cybersecurity threats, including ransomware, malware, phishing schemes, DDoS attacks and more, facing the U.S. industrial sector.
…
continue reading
A gumbo of insights and information about Cybersecurity and Data Protection
…
continue reading
The GDPR Guy - the podcast dedicated to all things privacy, hosted by Carl Gottlieb - the trusted privacy advisor to leading tech companies, helping them gain maximum advantage through the right privacy strategy. Each episode Carl will be providing information, insights and inspiration to help you on your privacy journey. You’ll find show notes and useful resources on the website, https://CarlGottlieb.com, as well as details for getting in touch with Carl directly.
…
continue reading
The International Association of Privacy Professionals is the largest and most comprehensive global information privacy community and resource, helping practitioners develop and advance their careers and organizations manage and protect their data. More than just a professional association, the IAPP provides a home for privacy professionals around the world to gather, share experiences and enrich their knowledge. Founded in 2000, the IAPP is a not-for-profit association with more than 70,000 ...
…
continue reading
Hosted by Accenture CISO Kris Burkhardt, the InfoSec Beat podcast is intended for cybersecurity and information security executives, and dives into current trends and tactics. In each episode, Kris and Accenture colleagues from InfoSec, IT and go-to-market teams discuss what it takes to keep client, business partner and enterprise data secure.
…
continue reading
Maybe you’re sick of hearing about phishing schemes and the way hackers are using this strategy to infiltrate your networks, access intellectual data, shut down production, or hold your assets for ransom. If that’s the case, then you’ve made a lot of hackers very happy. And based on Proofpoint’s 2024 State of Phish report, protecting against phishi…
…
continue reading
Pavel Duchovny, Lead Developer Advocate at MongoDB, discusses the role of AI stacks in modern application development. He explains how MongoDB integrates into the AI stack, focusing on operational and vector databases, and shares best practices for managing vector data and optimizing storage. He also covers MongoDB's innovative security features li…
…
continue reading
So, my daughters like to give me a hard time about growing old. Said another way, I’m a legacy asset - just like most of the devices many of you observe, manage and secure every day. Your machines are still in place because they work. While the technology around these assets has evolved, their core functionality and value to the production process …
…
continue reading
Simon Taylor, CEO of HYCU discusses the state of SaaS resilience and the critical need for SaaS data protection. We discuss insights from a recent report surveying over 417 IT decision-makers worldwide. Simon shares the shocking statistic that 61% of ransomware attacks occur through SaaS services, challenging the assumption that SaaS data is inhere…
…
continue reading
While the justifications for additional cybersecurity spending is easy to explain, getting buy-in at the C-level can be difficult. However, some recent research might help you win over those controlling the purse strings. SonicWall’s Mid-Year Cyber Threat Report found that their firewalls were under attack 125 percent of the time during a 40-hour w…
…
continue reading
1
268: How This CEO Grew a Cybersecurity Empire from His Brother’s Garage - Stimulus Technologies
25:27
Nathan Whittacre, CEO of Stimulus Technologies discusses evolving cybersecurity threats, strategies to safeguard businesses, and how companies can foster a culture of cybersecurity awareness. He shares insights on managing cross-site tokenization attacks, the role of AI in both generating and defending against cyber threats, and best practices for …
…
continue reading
As the U.S. enters the final stretch of the 2024 election cycle, we face a tight race at the presidential and congressional levels. With a razor-thin margin separating Vice President Kamala Harris and former president Donald Trump, we decided to take a look at the possible policy positions of each campaign with regard to privacy and artificial inte…
…
continue reading
One of the most common topics we explore here on Security Breach is the ongoing challenge of asset visibility in the OT landscape. It's frustrating because it would seem that the solution starts with basic inventory management approaches, i.e. the first step in developing frameworks and plans for everything from tool selection to attack response. O…
…
continue reading
The year 2024 proved to be another robust one for emerging U.S. state privacy law. Seven states joined the ranks, bringing the total up to 19. Unlike previous years, however, 2024 underwent a paradigm shift away from the standard framework influenced by the draft Washington State Privacy Act. For the Future of Privacy Forum's Keir Lamont, CIPP/US, …
…
continue reading
1
267: Why the Data Lakehouse Is the Future—But What’s Stopping It from Getting There? - Upsolver
26:37
Ori Rafael, CEO and co-founder of Upsolver explores the future of data management through data lakehouses. He explains the evolution of the lakehouse, a revolutionary architecture that combines the best of data lakes and warehouses. You will gain insights into key technologies like Apache Iceberg, how lakehouses enable advanced use cases such as AI…
…
continue reading
According to Veeam’s 2024 Ransomware Trends Report, cyber victims stated that they were unable to restore 43 percent of whatever data was affected by ransomware attacks. This reaffirms what a number of Security Breach guests have stated about trusting hackers after paying their extortion demands. Another finding shows that 63 percent of ransomware …
…
continue reading
The Privacy world has done a great job of over complicating things for engineers with conflicting definitions in the GDPR, CCPA, ISO and elsewhere. In this episode get to the heart of what you need to know for some of the main privacy terminology out there. Find out more at https://carlgottlieb.com.
…
continue reading
Scott McCrady, CEO of SolCyber discusses managed cybersecurity services, rising cyber insurance costs, and the impact of geopolitical conflicts on cybersecurity. He shares insights on how organizations can reduce risks and improve response strategies, especially in today's uncertain political and economic landscape. Scott also addresses the role of…
…
continue reading
The ongoing theme in industrial cybersecurity centers on two competing dynamics – the desire to expand our implementation of automation and Industry 4.0 technologies with the goal of using more and faster connections, along with the decision-making data each generates to improve the efficiency and quality of production. However, these goals now nee…
…
continue reading
Connecting with your audience as a compliance person can be tough, so we have the privacy champion model to save the day. Or so you’d think. In this episode I explain why privacy champions fail and what we should do instead to get the organisation engaged with privacy and loving you. Find out more at https://carlgottlieb.com.…
…
continue reading
1
265: Generative AI & Data Privacy: How Companies Can Build Consumer Trust in 2025 - DataGrail
23:37
Daniel Barber, CEO of DataGrail delves into the founding of DataGrail, the challenges enterprises face in managing privacy, and how regulations like GDPR and CCPA impact the collection and processing of personal data. The conversation highlights the significance of consent in the digital age, the role of generative AI in data processing, and the ne…
…
continue reading
We’re back to discuss an all-too-familiar topic – ransomware. Ironically enough, it seems the topics we describe in this manner become so familiar because we can’t figure out viable, long-term solutions. I think part of the challenge for industrial organizations dealing with ransomware is that we have to divide our energy and resources between prev…
…
continue reading
In this episode I talk about why privacy software seems to miss the mark so badly, why we all seem to hate it so much and whose fault it is that us privacy folk are so unhappy with it. I give some advice for vendors and privacy folk on how to make things better and explain what people on the front line with budget to spend want to see. Find out mor…
…
continue reading
Jake Moshenko, Co-founder and CEO of AuthZed discusses the challenges of application security, focusing on the critical difference between authorization and authentication, and how these play a role in modern cybersecurity. He also touches on topics like ransomware threats, AI in cybersecurity, and trends in the job market, providing insightful adv…
…
continue reading
A smarter, well-funded hacker community means embracing basic, yet daunting cyber challenges. In manufacturing, regardless of your role, avoiding downtime is an obvious priority, and one of the motivating factors driving investments in cybersecurity. In working to mitigate potential DDoS attacks or malware drops, manufacturers are tapping into more…
…
continue reading
It’s time to face reality, if your DPO is not technical then you’re missing out. In this episode I discuss why tech skills matter when it comes to privacy, why delegating tech responsibility isn’t ideal and what General Counsels should be looking for when it comes to hiring a DPO for their team. Find out more at https://carlgottlieb.com.…
…
continue reading
1
263: Immutable Data, Infinite Possibilities: The Decentralized Storage Revolution - Akave.io
28:07
Stefaan Vervaet, CEO of Akave.ai discusses the revolutionary impacts of decentralized compute, immutability, and blockchain technology in data storage and protection. Stefaan shares insights on how Akave.ai is leveraging blockchain to create a decentralized storage solution that ensures data integrity and immutability, making it particularly valuab…
…
continue reading
Sophos recently reported that 65 percent of manufacturing and production organizations were hit by ransomware last year, which, unlike other sectors, is an increase. Overall, these attacks have increased by 41 percent for manufacturing since 2020. Additionally, the cybersecurity firm found that 44 percent of computers used in manufacturing have bee…
…
continue reading
Should your DPO work full time? In this episode I discuss the pitfalls of full time roles, why fractional DPOs may be a better fit for you, and what distinct benefits a part-time DPO might bring. Find out more at https://carlgottlieb.com.
…
continue reading
1
262: The Intersection of Hiring Trends in Cloud, Cybersecurity, and Disaster Recovery - Arpio
19:05
Doug Neumann, co-founder and CEO of Arpio, discusses how Arpio differentiates itself by offering a turnkey disaster recovery solution that addresses modern cloud architectures. He shares insights on navigating economic turbulence, the evolution of cybersecurity threats, and how Arpio is leveraging AI to accelerate ransomware recovery.…
…
continue reading
I recently watched an interesting documentary called Turning Point: The Bomb and the Cold War on Netflix. Great watch – I’d highly recommend it. Essentially it positioned nearly every prominent geo-political event since World War II as fallout from the U.S. dropping the nuclear bomb on Japan to end World War II. Similarly, we can look at a number o…
…
continue reading
DPOs are great but should really hire one? In this episode I discuss why now is probably not the right time to go all in with a DPO and what you might want instead. And for when you are ready for a DPO, I provide some tips on how to start out on the right track. Find out more at https://carlgottlieb.com.…
…
continue reading
Jeremy Snyder, founder and CEO of FireTail, joins the show to discuss the rising importance of API security in a world where over 80% of internet requests are API calls. Jeremy shares his journey from launching FireTail to becoming a leading voice in cybersecurity, providing insights into how organizations can protect their APIs from increasingly c…
…
continue reading
In this episode I discuss what most organisations are getting wrong when it comes to establishing trust in their privacy practices. I provide insights into what it’s like as a DPO at tech companies on both sides of the due diligence battle. And I give tips on what you can do to beat the competition. Find out more at https://carlgottlieb.com.…
…
continue reading
When I was a kid, we always looked forward to my dad’s work picnic. He was a tool and dye maker for a leading caster manufacturer that would rent out a local park, make a ton of food and put on various games and activities for the families. One of the highlights of this day was a softball game pitting the office versus the shop. The good-natured sh…
…
continue reading
In May 2024, the U.S. National Institute for Standards and Technology launched a new program called ARIA, which is short for Assessing Risks and Impacts of AI. The aim of the program is to advance sociotechnical testing and evaluation of artificial intelligence by developing methods to quantify how a given system works within real-world contexts. P…
…
continue reading
1
260: How to Overcome the Hiring Trust Gap: Secrets from a Former Google Engineer - Morgan Latimer Consulting
26:19
Anthony Mays, a former Google software engineer and the founder of Morgan Latimer Consulting shares his inspiring journey from growing up in Compton and overcoming personal challenges to becoming a successful technologist. Discover the strategies that can be used to overcome the trust gap in hiring and land top roles. Learn how to build credibility…
…
continue reading
An ethical cyber researcher breaks down the 'tsunami of exposed data' he continues to uncover. When it comes to solving industrial cybersecurity's biggest challenges, I think we have to continue to ask questions that simultaneously tackle basic blocking and tackling concerns, as well as those that lead to bad news. Both prevent us from putting our …
…
continue reading
Vivek Ramachandran, the visionary founder of SquareX shares the origins of SquareX, highlighting how it aims to mitigate last-mile attacks by embedding security directly within the browser. The discussion delves deep into the importance of browser security in today's enterprise environments, addressing common threats such as ransomware, phishing, a…
…
continue reading
The landscape of industrial cybersecurity continues to change and evolve, and demands a vigilant monitoring of the next threat, vulnerability or potential soft spot in our defenses. That’s why we continue to produce Security Breach, and, by the way, continue to be so appreciative of the growth and support we’ve received from each of you. That said,…
…
continue reading
Leila Golchehreh, Co-Founder and Chief Strategy Officer at Relyance AI delved into AI governance, the importance of data integrity, and best practices for integrating AI technologies securely. Leila shared her journey and vision for creating a company that bridges the gap between privacy and technology, emphasizing the need for continuous monitorin…
…
continue reading
What is a zero-day vulnerability and what can organizations do about them? These two questions kick off an engaging discussion on this type of threat with Accenture Security colleagues Shawn Duffy, Global Lead for Threat Exposure Management, and David Williams, Global Lead of Advanced Threat Services. Discover what they have to say and learn more a…
…
continue reading
According to IBM’s Cost of a Data Breach Report, nearly 20 percent of the organizations surveyed stated that they have experienced a breach stemming from a compromise in their supply chain, or a vulnerability related to it. The average cost of these breaches was estimated at just under $4.5 million. Their data also found that attacks emanating from…
…
continue reading
Mike Bowers, Chief Architect at Faircom dives into the intricacies of database technology and its real-world applications. Mike shares insights on Faircom’s role in critical systems such as the U.S. stock market, FAA flight tracking, and even the International Space Station. We explore the evolution of data management, the impact of IoT, and the fu…
…
continue reading
Due to the rise in attacks on manufacturing and critical infrastructure, and the devasting impacts these attacks have on daily lives around the world, the World Economic Form recently unveiled a report entitled Building a Culture of Cyber Resilience in Manufacturing. This initiative not only identified the sector’s primary challenges for developing…
…
continue reading
Gene Leyzarovich, Founder at JetStor shares insights on the evolution of data storage from tapes and magnetic disks to modern flash and hybrid systems. We discuss the significant impact of the Broadcom and VMware acquisition on licensing costs, prompting many organizations to explore alternatives like Proxmox and Hyper-V.…
…
continue reading
When looking at industrial cybersecurity, more attention is being paid to how workers are logging in to access critical machinery, software or data. And according to Trustwave Threat Intelligence’s recent Manufacturing Threat Landscape report, 45 percent of attacks experienced by manufacturers stemmed from the bad guys accessing credentials. Whethe…
…
continue reading
Yasser Ali, CEO of Polymer Data Security discusses data security amidst the rise of AI and machine learning, highlighting the increasing complexity of managing data integrity and risks in AI governance. The discussion shifts to AI governance, where Yasser outlines the primary risks, including data leakage, model biases, and the challenge of deep fa…
…
continue reading
