ITSPmagazine Podcasts

By: ITSPmagazine Sean Martin Marco Ciappelli
  • Summary

  • ITSPmagazine Podcast Network Broadcasting Ideas. Connecting Minds. A Modern Innovative Multi-Media Platform. A Globale Space Where Intellectual Exchange Is Encouraged. Musing on: Technology | Cybersecurity | Society & Culture | Business | Space | Science | Leadership | Environment | Healthcare & Wellness | Storytelling & Storytellers | Artificial Intelligence & Generative AI | Ethics & Philosophy | Policy & Regulations | Hacking | Software Development | Sociology & Psychology | Founders & Start-Ups | Conferences & Events | Mentoring
    © Copyright 2015-2024 ITSPmagazine Inc. | All Rights Reserved
    Show more Show less
activate_Holiday_promo_in_buybox_DT_T2
Episodes
  • Bridging Cybersecurity and Finance for Better Insurance Outcomes | 7 Minutes on ITSPmagazine From HITRUST Collaborate 2024 | A HITRUST Short Brand Innovation Story with Monica Shokrai
    Nov 22 2024

    In this Brand Story episode, recorded live at the HITRUST Collaborate Conference 2024, host Sean Martin sits down with Monica Shokrai, Head of Risk and Insurance for Google Cloud. The topic of conversation centers around cyber insurance, a crucial area impacting organizations across sectors.

    Monica Shokrai leads the charge in managing risk and procuring insurance for Google Cloud, a role that integrates closely with both the finance and security teams. She highlights the unique dual approach of her team, which not only secures coverage for Google but also strategizes on how to leverage insurance to assist Google Cloud customers in mitigating risks.

    A key point discussed is the interdisciplinary nature of cyber insurance. Traditionally managed by the finance or legal departments, Shokrai emphasizes its growing collaboration with cybersecurity teams. She notes that the standard organizational structure often sees a communication divide between finance and security departments. However, the evolving cyber insurance market is pushing these groups closer together, fostering a more integrated risk management strategy.

    Shokrai also shares insights on how Google approaches risk exposure and posture. By modeling risk in-house and leveraging an actuarial team, Google can quantify risks accurately and work closely with security teams. This model not only helps in securing better insurance terms but also aids in understanding and integrating security measures within the organization.

    Another significant point is Google’s innovative approach to automating the cyber insurance process. Through their Risk Protection Program, Google allows security metrics to be shared with insurance partners like Allianz in Munich. This method simplifies the underwriting process and promotes a data-driven approach to evaluating cybersecurity risks, aligning insurers and security teams toward a common goal.

    Overall, the discussion underscores the importance of a cohesive strategy that bridges finance and cybersecurity through innovative risk management and insurance practices. With leaders like Monica Shokrai at the helm, Google Cloud is at the forefront of integrating these critical functions, ultimately benefiting both the company and its customers.

    Learn more about HITRUST: https://itspm.ag/hitrusi2it

    Note: This story contains promotional content. Learn more.

    Guest: Monica Shokrai, Head of Risk and Insurance, Google Cloud [@lifeatgoogle]

    On LinkedIn | https://www.linkedin.com/in/monicashokrai/

    Resources

    Simplified Cyber Insurance for Organizations with a HITRUST Certification: https://itspm.ag/hitrusp5x6

    Learn more and catch more stories from HITRUST: https://www.itspmagazine.com/directory/hitrust

    Learn more about 7 Minutes on ITSPmagazine Short Brand Story Podcasts: https://www.itspmagazine.com/purchase-programs

    Newsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/

    Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-up

    Are you interested in telling your story?
    https://www.itspmagazine.com/telling-your-story

    Show more Show less
    7 mins
  • The 3-2-1 Rule for Cyber Resiliency | 7 Minutes on ITSPmagazine | An Apricon Short Brand Innovation Story with Kurt Markley
    Nov 21 2024
    Companies, organizations and governments have massive volumes of data, and the primary focus for its security is placed on that which is stored in the cloud, but many are not following best practices of taking the extra steps necessary to ensure their backed up data is secure, complete and uncorrupted. This story is to talk about using the 3-2-1 rule for cyber resiliency (keep three copies of data, on two different formats–both encrypted, one of which is stored off-site and offline) and discuss anecdotes of what can happen when cyber resilience plans are not put in place or followed.Data is the most important asset an organization has, whether it’s a business, organization or a government. At the same time, the frequency of cyber attacks that compromise data are increasing. Ransomware continues to be a plague, with some reports showing more than 14 publicly claimed attacks daily for the first half of 2024. Having a plan to thwart cyberattack is only part of the strategy. Equally important is how to rapidly recover and restore operations after a ransomware disruption has occurred. Share anecdote about OVHcloud data center that burned down in 2021 with backups in it – all assets destroyed and websites down for days. also might be good to mention the latest ransomware attack on university of texas healthcare that is still not fully operational, 3 weeks after the attack and counting. it is unknown if they paid the ransom, but if they did and they’re still not operational, that goes to show how unreliable the ransomed data is. Apricorn’s own research shows that only half of U.S. respondents are conducting automatic backups to both a central repository AND a personal repository. Additionally, more than 25% of survey respondents were unable to recover all of their data successfullyIf attackers are successfully breaching data and holding it for ransom, organizations have to be able to recover complete backups of their data in order to a) avoid paying the ransom and b) assure the original data needed for restoration of operations is complete and intact, which statistics show, frequently is corrupted and incomplete when ransom is paid. One of the easiest and most effective ways to rapidly restore operations after a ransomware attempt is to keep multiple copies of integrity-checked data so you can fully recover it if it’s compromised. The 3-2-1 rule is a proven cyber resilience best practice. The 3-2-1 rule calls for keeping at least three copies of your data on two different types of media, with one being encrypted and offsite. This is where Apricorn comes into play - we make the highest grade, portable data encryption products on the market. Our products are security focused - 100% software free, FIPS certified, non-Chinese chips and so many unique features such as admin AND user forced enrollment, programmable PIN lengths, brute force defense, self destruct PINS and more.Learn more about Apricorn: https://itspm.ag/apricomebvNote: This story contains promotional content. Learn more.Guest: Kurt Markley, Managing Director, America's, Apricorn [@apricorn_info]On LinkedIn | https://www.linkedin.com/in/kurt-markley-1596054/ResourcesSecuring Data with Hardware Encrypted USB Drives: https://itspm.ag/apricoy0dmLearn more and catch more stories from Apricorn: https://www.itspmagazine.com/directory/apricornLearn more about 7 Minutes on ITSPmagazine Short Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story
    Show more Show less
    7 mins
  • Cyber Heroes in Action: Delivering Advanced Security Measures for Modern Businesses | A ThreatLocker Story with Danny Jenkins
    Nov 20 2024

    In this Brand Story episode, Marco Ciappelli and Sean Martin sit down with Danny Jenkins, CEO and co-founder of ThreatLocker, to uncover the fascinating journey and innovative approach of ThreatLocker in the cybersecurity realm. The episode sheds light on the company’s mission, the challenges it faces, and the transformative solutions it offers.

    Danny Jenkins recounts the origin story of ThreatLocker, beginning with his early career in IT and his fortuitous stumble into cybersecurity. He explains how witnessing firsthand the devastating impact of ransomware led to the inception of ThreatLocker. His experience with ethical hacking and ransomware recovery highlighted a critical need for more effective IT security solutions, enabling Jenkins to spearhead the development of ThreatLocker with a central philosophy: deny by default.

    ThreatLocker’s primary goal is to help organizations implement a zero trust framework by making it as simple and automated as possible. Jenkins emphasizes that effective security requires blocking untrusted software and limiting what trusted software can do. He articulates the importance of learning the intricacies of each environment ThreatLocker protects, from small businesses to massive enterprises like JetBlue. By examining each endpoint and understanding the specific software and dependencies, ThreatLocker ensures that systems remain secure without disrupting daily operations.

    One of the key aspects discussed is ThreatLocker’s unique human element combined with technological innovation. Jenkins introduces the concept of their 'cyber hero' team, dedicated to providing 24/7 support. This team is crucial, especially when onboarding new clients or assisting those already affected by ransomware. This commitment to customer service underscores ThreatLocker’s philosophy of not only providing top-tier solutions but ensuring they are successfully implemented and maintained.

    Jenkins also touches upon the broader industry challenges, specifically the common pitfalls enterprises fall into by relying on endpoint detection and response (EDR) systems alone. He argues that such systems are often reactive, addressing symptoms rather than root causes. ThreatLocker’s approach, focusing on proactive prevention and least privilege access, aims to mitigate vulnerabilities before they can be exploited.

    Finally, Jenkins discusses the future vision for ThreatLocker, highlighting continued growth and innovation. The company’s commitment to maintaining high support levels while expanding its product offerings ensures it remains at the forefront of cybersecurity solutions. Events like Zero Trust World serve as educational opportunities for clients to deepen their understanding and enhance their security postures.

    Overall, this episode provides an in-depth look at ThreatLocker’s strategic approach to cybersecurity, emphasizing the importance of proactive prevention, customer service, and continuous improvement.

    Learn more about ThreatLocker: https://itspm.ag/threatlocker-r974

    Note: This story contains promotional content. Learn more.

    Guest: Danny Jenkins, CEO of ThreatLocker [@ThreatLocker]

    On LinkedIn | https://www.linkedin.com/in/dannyjenkinscyber/

    Resources

    Zero Trust World Conference: https://itspm.ag/threat5mu1

    Learn more and catch more stories from ThreatLocker: https://www.itspmagazine.com/directory/threatlocker

    View all of our HITRUST Collaborate 2024 coverage: https://www.itspmagazine.com/hitrust-collaborate-2024-information-risk-management-and-compliance-event-coverage-frisco-texas

    Are you interested in telling your story?
    https://www.itspmagazine.com/telling-your-story

    Show more Show less
    37 mins

What listeners say about ITSPmagazine Podcasts

Average customer ratings

Reviews - Please select the tabs below to change the source of reviews.