Aligning Cybersecurity Strategies: Zero Trust with Fadi Daood
In this episode of the Entropy Podcast, host Francis Gorman speaks with Fadi Daood, Zero Trust Strategy Lead at Swift, about the evolving landscape of cybersecurity and the concept of Zero Trust. Fadi shares his journey into cybersecurity, emphasizing the importance of aligning security strategies with business needs and the misconceptions surrounding Zero Trust. The conversation delves into the role of change management, the necessity of embedding Zero Trust principles into organizational processes, and the impact of emerging technologies like generative AI on cybersecurity. During the conversation Francis also highlights the importance of human resilience and critical thinking in navigating the complexities of modern cyber threats.TakeawaysZero Trust is seen as an opportunity to do the right thing in cybersecurity.Aligning cybersecurity with business needs is crucial for effective strategy.Change management is essential for successful implementation of security measures.Technology is only a small part of the cybersecurity equation; people and processes are key.Zero Trust should be embedded in organizational processes for sustainability.Generative AI is changing the landscape of cyber threats and defenses.Understanding the 'why' behind security measures can foster better compliance.Common sense approaches are often overlooked in cybersecurity practices.Stakeholder engagement is vital for aligning security with business objectives.Human resilience and critical thinking are necessary to combat evolving cyber threats.Sound Bites"Zero Trust is an opportunity.""Never assume you know the business.""Our job is to protect the business.""Common sense is not so common.""Technology is just 20% of the job.""We need to show them the why.""We are not here to make your job difficult."
--------
37:26
Left of Boom The Intelligence Edge with Michael Freeman
In this episode, Francis Gorman speaks with Michael Freeman, Head of Threat Intelligence at Armis, about his career path from working in U.S. intelligence and cryptography to co-founding the cybersecurity company CTCI. The discussion explores how Michaels approach to threat intelligence led to the early identification of significant vulnerabilities such as Log4j, sometimes months before they were publicly known.The episode covers:- Michaels background in crypto analysis and offensive security- His perspective on post-quantum cryptography and emerging risks- The founding and approach behind CTCI, including identifying active vulnerabilities before others in the industry- The challenge of false positives in commercial threat feeds- The importance of asset visibility and contextual vulnerability management- The role of AI in both enhancing cybersecurity operations and in aiding attackers- Michaels thoughts on modern election security, influence operations, and the broader geopolitical implications of technology- Risks of over-reliance on AI for critical thinking and decision-makingThe conversation emphasizes practical insights into how organizations can better understand and secure their environments in the face of rapidly evolving threats.
--------
36:45
From Frustration to Innovation Application Security with Francesco Cipollone
In this episode of the Entropy Podcast, host Francis Gorman speaks with Francesco Cipollone, founder and CEO of Phoenix Security. They discuss the evolution of application security, the challenges faced in the industry, and the innovative approaches taken by Phoenix Security to address these issues. Francesco shares insights on the importance of collaboration between security teams and engineers, the role of AI in enhancing security measures, and the necessity of prioritizing vulnerabilities in a rapidly changing digital landscape. The conversation also touches on the reality of cybersecurity solutions and the need for organizations to adapt to new threats and technologies.TakeawaysFrancesco Cipollone's journey to founding Phoenix Security.The friction between security teams and engineering during cloud transformations.The importance of gamifying security objectives at the business level.AI can augment human capabilities but cannot replace them in decision-making.Organizations must prioritize vulnerabilities effectively to keep pace with threats.The need for a comprehensive understanding of application security beyond just tools.The obsession with software bill of materials may distract from core security issues.Collaboration between security and engineering is crucial for effective vulnerability management.The rapid evolution of threats necessitates a proactive approach to security.Understanding the fundamentals of security is essential for effective risk management.Disclaimer: The views and opinions expressed in this podcast are solely those of the host and guests, based on personal experiences. They do not represent facts and are not intended to defame or harm any individual or business. Listeners are encouraged to form their own opinions.
--------
33:10
Exploring Cybersecurity in Open Radio Access Networks with Mark Megarry
In this episode, Francis Gorman interviews Mark Megarry, a PhD student specializing in 6G open radio access networks. They discuss Mark's journey into cybersecurity, the implications of 6G technology, and the security risks associated with open radio access networks. The conversation also covers the role of machine learning in future networks, the real-world consequences of insecure networks, and the importance of public speaking and community engagement in the cybersecurity field. Mark shares insights from his Capture the Flag competitions and emphasizes the need for resilience in network security.TakeawaysMark transitioned from electronics to cybersecurity through hands-on experience.Curiosity drives the field of cybersecurity and research.6G networks will focus on enabling new applications beyond just speed.Security risks in open radio access networks often stem from misconfigurations.Machine learning is becoming integral to the development of future networks.Insecure networks can lead to serious privacy breaches and data theft.Public speaking can be improved by sharing topics you are passionate about.Community engagement is crucial for personal and professional growth in cybersecurity.Capture the Flag competitions provide practical experience and learning opportunities.Quantum security is a significant concern for future network specifications.
--------
29:18
Probing Low Carbon Electricity with Dr. James Merrick
In this episode of the Entropy Podcast, Francis Gorman speaks with Dr. James Merrick about the challenges and opportunities in achieving low carbon electricity in Ireland and globally. They discuss Ireland's 2030 emissions reduction targets, the role of technology in addressing climate change, and the impact of agriculture on emissions. The conversation also explores the importance of small countries in leading climate initiatives, innovative projects in electrical systems, and the need for a rethinking of grid design to accommodate renewable energy sources. Finally, they touch on future innovations in energy generation and the translation of academic theory into practical solutions.TakeawaysIreland's commitment to a 51% reduction in greenhouse gases is ambitious but may only achieve a 29% reduction.Economic growth in Ireland has outpaced emissions reductions, showcasing a positive trend.Decoupling economic growth from emissions is a significant achievement.Small countries can show leadership in climate initiatives despite global challenges.Agriculture's role in emissions is complex and requires nuanced understanding.Technological advancements in agriculture can help reduce emissions.The grid design needs to adapt to the increasing use of renewable energy sources.Local energy solutions can mitigate the strain on the grid.Nuclear power should be reconsidered as a viable option for decarbonization.Innovative projects can lead to more efficient energy generation and consumption.
Nibble Knowledge is delighted to bring you "The Entropy Podcast"—hosted by Francis Gorman. The Entropy Podcast centers on cybersecurity, technology, and business, featuring conversations with accomplished professionals who share real-world knowledge and experience. Our goal is simple: to leave you better informed and inspired after every episode.We chose the name “Entropy” because it symbolizes the constant flux and unpredictability in cybersecurity, technology, and business. By understanding the forces that drive change and “disorder,” we can create better strategies to adapt and thrive in an ever-evolving technology and geo political landscape.Disclaimer: The views and opinions expressed on all episodes of this podcast are solely those of the host and guests, based on personal experiences. They do not represent facts and are not intended to defame or harm any individual or business. Listeners are encouraged to form their own opinions.