The Core Podcast

• VPNs: Very Predictable Nightmares!

  Join Core to Cloud with Adam stepping in for Kelly this week, discussing the dawn of Work From Home and the implications it has had on the security of businesses. Joined by Simon Eappariello Senior VP at iboss who has been spearheading the move to Zero Trust Network Architecture for years. What sort of security risks do legacy VPNs pose? How easy are they to break into and move laterally? Is Zero Trust Network Architecture a valid resoponse? And how on earth do we make the transition?Take a listen and learn all the answers! Hosted on Acast. See acast.com/privacy for more information.

  --------  

  36:39
• Invisible Emissions: The Growing Environmental Impact of Cloud Computing

  SummaryIn this episode, Kelly sits down with Sophia Willows to explore the environmental impact of cloud computing and the wider internet. They discuss the significant energy demands of data centres, the role of network communication in energy consumption, and the tech industry’s innovative efforts to reduce its carbon footprint. Focusing on algorithmic and software improvements, sustainable development practices, and real-world examples, this episode offers valuable insights into how tech professionals can contribute to a greener future.Kelly and Sophia delve into the efficiency of hardware and software in cutting carbon emissions, citing examples like upgrading to PHP 7 and optimising Uber’s garbage collector. They highlight the lack of awareness and consumer demand for climate-friendly software and underscore the need for ethical considerations in software engineering. The discussion covers the energy consumption of AI models, the importance of adopting renewable energy sources, and the necessity for companies to prioritise climate-friendly features. This episode emphasises the critical need for raising awareness and taking action to create a more sustainable digital future.Connect with us and our guests:Follow our main LinkedIn: / core-to-cloudFollow our Podcast: / the-core-cyber-podcastKelly Allen: / Kelly AllenSophia Willows: Sophia WillowsProduction Credits:Production Manager: / Daniel AldredAudio Engineering and Editing: / Adam TitmussWant to be a guest?Register here: Hosted on Acast. See acast.com/privacy for more information.

  --------  

  58:15
• How AI and Deepfakes can Steal your Identity

  SummaryIn this gripping episode, a Brooklyn couple receives a distressing call from the wife’s mother-in-law, demanding money for her safety. The husband, a law enforcement officer, tries to buy time by engaging the caller and following instructions to transfer money. Later, they uncover that the caller used AI to replicate their loved one’s voice.As AI scams and deepfake technology become more common, new challenges arise in cybersecurity. Jake Moore shares his firsthand experience with AI voice cloning, where he successfully mimicked a CEO’s voice to convince someone within the company to transfer money to his account. This incident highlights the importance of trust and the difficulties in combating voice scams.Jake and Kelly explore the broader implications of AI-generated content, discussing issues like identity theft, social media oversharing, and deepfake technology’s impact. They also cover the challenges of verifying information on platforms like TikTok and the need for robust cybersecurity measures.Jake stresses the importance of educating children about AI and misinformation, while Kelly discusses AI’s implications for dating and political propaganda. This episode underscores the critical need for increased awareness and vigilance in our digital age. Join us for an insightful conversation on the risks and precautions necessary to navigate today’s cybersecurity landscape.Key Takeaways:1: AI-Driven Scams: Scammers are using AI to replicate voices and create convincing deepfakes, leading to increased fraud and misinformation. Individuals must stay vigilant and verify suspicious requests through multiple communication channels.2: Importance of Trust and Verification: Trust plays a critical role in voice scams, making it essential to implement robust procedures, policies, and validation processes to prevent fraudulent activities and protect sensitive information.3: Cybersecurity Awareness: Oversharing personal information on social media and the challenge of verifying content on platforms like TikTok underscore the need for heightened cybersecurity measures and awareness.4: Educational Imperative: Educating adults and children about AI, deepfakes, and misinformation is crucial for safely and responsibly navigating the digital world.Connect with us and our guests:Follow our main LinkedIn: / core-to-cloudFollow our Podcast: / the-core-cyber-podcastKelly Allen: / Kelly AllenJake Moore: / Jake MooreProduction Credits:Production Manager: / Daniel AldredAudio Engineering and Editing: / Adam TitmussWant to be a guest?Register here: Hosted on Acast. See acast.com/privacy for more information.

  --------  

  1:02:05
• Avoid Getting Hacked: Lessons from NASA's 1999 Cyber Attack

  SummaryIn this conversation, Kelly Allen interviews Andy Schneider about the illusion of security preparedness. They discuss Andy's background in cybersecurity, the NASA cyber attack in 1999, the importance of cloud security posture, and best practices for enhancing security in the cloud. They also touch on the talent shortage in the cybersecurity industry and the need for continuous detection capabilities. Andy shares the story of the NotPetya cyber attack as an example of the impact of cybersecurity on geopolitical events. The conversation covers various topics related to cybersecurity, including the impact of cyber attacks, the evolving nature of cybersecurity, the importance of human connection, and the role of technology in defense. The guest, Andy Schneider, emphasizes the need for continuous learning in the cybersecurity field and highlights the different career opportunities available. He also provides recommendations for building a comprehensive cybersecurity tool stack and selecting the right technology partner.Chapters00:00: The Evolution of Cyber Warfare: From 1999 to the Present03:56: Unveiling the Illusion of Security Preparedness: A Cybersecurity Journey09:41: The Role of Cloud Security Posture Management in Cyber Defense36:08: Human Connection and Trust in Cybersecurity50:02: Continuous Learning and Adaptation in the Cybersecurity IndustryTakeawaysThe evolution of cyber warfare has led to a shift in the nature of cyber attacks and the actors involved.The NASA cyber attack of 1999 serves as a relevant case study highlighting the impact of cyber attacks and the vulnerabilities of digital infrastructure.Cloud security posture management (CSPM) is a crucial aspect of cybersecurity, but it is not the only defense mechanism needed to protect against cyber threats.The cybersecurity industry faces a talent shortage, and there is a need for upskilling and adapting to the evolving landscape.Human connection and trust play a significant role in cybersecurity, and the industry requires continuous learning and adaptation to stay ahead of cyber threats. Keywordssecurity preparedness, cybersecurity, illusion, NASA cyber attack, cloud security posture, talent shortage, detection capabilities, NotPetya cyber attack, cybersecurity, cyber attacks, evolving nature, human connection, technology, defense, continuous learning, career opportunities, tool stack, technology partner Hosted on Acast. See acast.com/privacy for more information.

  --------  

  51:16
• Exposing Insider Threats: Expert Secrets from Cyber Risk Expert

  SummaryJoin Kelly as she sits down for an illuminating conversation with none other than James Moncrieff, the Global Cyber Risk Lead at GFK, who shares his journey from being a police officer to transitioning into the information security field. The two discuss James' childhood dream of becoming a firefighter and how he accidentally ended up in the police force. James also highlights his challenges in entering the cybersecurity industry and the importance of persistence and self-belief.In this conversation, James discusses the importance of understanding the risk of shadow IT and the need to shift from a culture of exception to accountability in cybersecurity. He highlights the complexity of insider threats and the different types of insiders that businesses must be aware of. James also stresses the limitations of security controls and the importance of preventing small attacks from escalating. He explains the role of human intelligence in cybersecurity and the process of sanitising intelligence for protection.Finally, we explore the importance of creating a culture of trust and protection and the opportunities available in cybersecurity.Chapters00:00 The Journey from Law Enforcement to Cybersecurity16:36 The Power of Persistence and Self-Belief in Career Transition27:07 Stepping Outside Your Lane: Understanding Security Principles33:55 The Strategic Role of GRC in Cybersecurity34:25 The Foundation of InfoSec: GRC Work and Risk Management36:21 Navigating Insider Threats and Human Intelligence in Cybersecurity01:04:09 Embracing Diversity and Unique Backgrounds in InfoSecTakeawaysTransitioning from law enforcement to information security can be challenging, requiring persistence and self-belief.Diversity in problem-solving and different perspectives can lead to innovative solutions in the cybersecurity field.Understanding security principles and stepping outside one's lane can enhance the effectiveness of security professionals.The role of GRC (Governance, Risk, and Compliance) in cybersecurity goes beyond checklists and policies, requiring a broader understanding and strategic approach. GRC work is the foundation of InfoSec, encompassing risk management, governance, policies, and coordination of security development.Understanding the impact of systemic issues on the business is crucial for effective risk management and security posture.Insider threats are complex and can range from accidental to malicious, requiring a nuanced approach to detection and prevention.Human intelligence plays a vital role in cybersecurity, and a process to protect and utilize intelligence from individuals on the ground is needed.Diversity in InfoSec is essential, and individuals with unique backgrounds and skills bring valuable perspectives and problem-solving abilities to the industry.Keywordscybersecurity, career transition, police officer, persistence, self-belief, diversity, problem-solving, security principles, GRC, challenges, GRC work, risk management, governance, policies, vulnerability management, security development, SOC, insider threats, human intelligence, cybersecurity, diversity, unique backgrounds, InfoSec Hosted on Acast. See acast.com/privacy for more information.

  --------  

  1:09:18

More Technology podcasts

Trending Technology podcasts

About The Core Podcast