IBM recently reported a 71% year-over-year increase in attacks using valid credentials. This continued use of stolen credentials is also evident through ongoing public incidents like the string of attacks targeting Snowflake's customers that resulted in breaches at AT&T and Advanced Auto Parts. Lynsey Wolf, Team Lead and Insider Threat Analyst at DTEX Systems believes that users' psychological and behavioral traits are being overlooked when it comes to defending against credential misuse. In this episode, we discuss how best to mitigate such threats using a proactive approach to insider risk management by focusing on user behavior and indicators rather than just incident response.

To access and download the entire podcast summary with discussion highlights --

https://www.dchatte.com/episode-76-from-reactive-to-proactive-how-behavioral-psychology-is-transforming-enterprise-security/

Latest Press Release:

Cybersecurity Readiness Podcast by Dr. Dave Chatterjee Reaches 10,000 Downloads Globally, Business Insider/Markets Insider, Dec 10, 2024.

Press Release — Dr. Dave Chatterjee Hosts Global Podcast Series on Cyber Readiness, Marketers Media, Dec 12, 2024.

Connect with Host Dr. Dave Chatterjee and Subscribe to the Podcast

Please subscribe to the podcast so you don't miss any new episodes! And please leave the show a rating if you like what you hear. New episodes are released every two weeks.

Connect with Dr. Chatterjee on these platforms:

LinkedIn: https://www.linkedin.com/in/dchatte/

Website: https://dchatte.com/

Cybersecurity Readiness Book: https://www.amazon.com/Cybersecurity-Readiness-Holistic-High-Performance-Approach/dp/1071837338

https://us.sagepub.com/en-us/nam/cybersecurity-readiness/book275712

Latest Publications:

Ignorance is not bliss: A human-centered whole-of-enterprise approach to cybersecurity preparedness

"Getting Cybersecurity Right,” California Management Review — Insights, July 8, 2024.

Published in USA Today — “Dave Chatterjee Drops the Cybersecurity Jargon, Encouraging Proactiveness Rather than Reactiveness,” April 8, 2024

Preventing...

Accelerating into the cloud without caution often brings complexities that can cause more harm than good. Gartner has noted that cloud configuration errors cause 95% of cybersecurity breaches. With the rapid pace of cloud adoption, less time is spent ensuring systems are built and operated effectively with proper cyber hygiene. In this episode, Dale Hoak, Director of Information Security at RegScale, joins me in discussing cloud compliance-related challenges and best practices. Here are some terrific Dale Hoak one-liners:

"Compliance is essentially where fun went to die."

"Nobody steals your work. So, we need to use automation to do the work."

"Compliance is a key driver of trust in our world."

To access and download the entire podcast summary with discussion highlights -- https://www.dchatte.com/episode-75-compliance-in-the-cloud-challenges-and-best-practices/

Connect with Host Dr. Dave Chatterjee and Subscribe to the Podcast

Please subscribe to the podcast so you don't miss any new episodes! And please leave the show a rating if you like what you hear. New episodes are released every two weeks.

Connect with Dr. Chatterjee on these platforms:

LinkedIn: https://www.linkedin.com/in/dchatte/

Website: https://dchatte.com/

Cybersecurity Readiness Book: https://www.amazon.com/Cybersecurity-Readiness-Holistic-High-Performance-Approach/dp/1071837338

https://us.sagepub.com/en-us/nam/cybersecurity-readiness/book275712

Latest Publications:

Ignorance is not bliss: A human-centered whole-of-enterprise approach to cybersecurity preparedness

"Getting Cybersecurity Right,” California Management Review — Insights, July 8, 2024.

Published in USA Today — “Dave Chatterjee Drops the Cybersecurity Jargon, Encouraging Proactiveness Rather than Reactiveness,” April 8, 2024

Preventing Security Breaches Must Start at the Top

Mission Critical --How the American Cancer Society successfully and securely migrated to the cloud amid the pandemic

Latest Webinars & Podcasts with Dr. Chatterjee as the Guest

Cybersecurity Readiness: Essential Actions For CXOs, August 12, 2024

In this podcast, I enjoyed talking with Chirag Shah, Model N's Global Information Security Officer and Data Privacy Officer, about creating a security-minded culture. Infusing a security culture within organizations starts with leadership buy-in and support. Chirag highlighted the need for interactive and engaging training programs tailored to specific departments, involving real-world examples and practical scenarios. He stressed the significance of fostering a security mindset among employees through daily reminders and reinforcement and leveraging free or low-cost resources to implement effective security awareness programs. Chirag also emphasized the need for a strategic approach to security and a security-minded culture where employees are empowered and responsible for maintaining a strong security posture.

To access and download the entire podcast summary with discussion highlights --

https://www.dchatte.com/episode-66-creating-a-security-minded-culture/



Connect with Host Dr. Dave Chatterjee and Subscribe to the Podcast

Please subscribe to the podcast, so you don't miss any new episodes! And please leave the show a rating if you like what you hear. New episodes release every two weeks.

Connect with Dr. Chatterjee on these platforms:

LinkedIn: https://www.linkedin.com/in/dchatte/

Website: https://dchatte.com/

Cybersecurity Readiness Book: https://www.amazon.com/Cybersecurity-Readiness-Holistic-High-Performance-Approach/dp/1071837338

https://us.sagepub.com/en-us/nam/cybersecurity-readiness/book275712

Latest Publications:

Published in USA Today — “Dave Chatterjee Drops the Cybersecurity Jargon, Encouraging Proactiveness Rather than Reactiveness,” April 8, 2024

Preventing Security Breaches Must Start at the Top

Mission Critical --How the American Cancer Society successfully and securely migrated to the cloud amid the pandemic

Latest Webinars:

How can brands rethink data security to maintain customer trust?

Cybersecurity Readiness in the Age of Generative AI and LLM

Student-led cybersecurity clinics are increasingly playing an essential role in strengthening the digital defenses of nonprofits, hospitals, municipalities, small businesses, and other under-resourced organizations in our communities while also developing a talent pipeline for cyber-civil defense. Sarah Powazek, Program Director - Public Interest Cybersecurity at the University of California, Berkeley Center for Long Term Cybersecurity (CLTC), sheds light on this important development. One of the highlights of the discussion was the recognition that the cybersecurity field is such a melting pot of different skill sets. In Sarah's words, "it's actually one of the biggest advantages we have; threats are changing every day. If we don't have folks from different backgrounds and different life experiences, we're really not going to be prepared; we're not going to be able to adapt."

To access and download the entire podcast summary with discussion highlights --

https://www.dchatte.com/episode-65-securing-the-future-inside-student-led-cybersecurity-clinics/

Connect with Host Dr. Dave Chatterjee and Subscribe to the Podcast

Please subscribe to the podcast, so you don't miss any new episodes! And please leave the show a rating if you like what you hear. New episodes release every two weeks.

Connect with Dr. Chatterjee on these platforms:

LinkedIn: https://www.linkedin.com/in/dchatte/

Website: https://dchatte.com/

Cybersecurity Readiness Book: https://www.amazon.com/Cybersecurity-Readiness-Holistic-High-Performance-Approach/dp/1071837338

https://us.sagepub.com/en-us/nam/cybersecurity-readiness/book275712

Latest Publications:

Published in USA Today — “Dave Chatterjee Drops the Cybersecurity Jargon, Encouraging Proactiveness Rather than Reactiveness,” April 8, 2024

Preventing Security Breaches Must Start at the Top

Mission Critical --How the American Cancer Society successfully and securely migrated to the cloud amid the pandemic

Latest Webinars:

How can brands rethink data security to maintain customer trust?

Cybersecurity Readiness in the Age of Generative AI and LLM

Developing and maintaining resilient and secure data centers is a huge part of cybersecurity readiness. Spiros Liolis, Chief Technologist and Managing Consultant, EYP Mission Critical Facilities, Part of Ramboll, joins me to discuss the challenges and best practices of creating and maintaining state-of-the-art data centers. Topics covered include a) elements and attributes of resilient data centers, b) creating and maintaining a resilient and adaptive data center, and c) the different types of risks – geological, meteorological, and human – that must be considered when building and maintaining the data centers.

To access and download the entire podcast summary with discussion highlights --

https://www.dchatte.com/episode-64-developing-resilient-and-secure-mission-critical-facilities-data-centers/

Connect with Host Dr. Dave Chatterjee and Subscribe to the Podcast

Please subscribe to the podcast, so you don't miss any new episodes! And please leave the show a rating if you like what you hear. New episodes release every two weeks.

Connect with Dr. Chatterjee on these platforms:

LinkedIn: https://www.linkedin.com/in/dchatte/

Website: https://dchatte.com/

Cybersecurity Readiness Book: https://www.amazon.com/Cybersecurity-Readiness-Holistic-High-Performance-Approach/dp/1071837338

https://us.sagepub.com/en-us/nam/cybersecurity-readiness/book275712

Latest Publications:

Published in USA Today — “Dave Chatterjee Drops the Cybersecurity Jargon, Encouraging Proactiveness Rather than Reactiveness,” April 8, 2024

Preventing Security Breaches Must Start at the Top

Mission Critical --How the American Cancer Society successfully and securely migrated to the cloud amid the pandemic

Latest Webinars:

How can brands rethink data security to maintain customer trust?

Cybersecurity Readiness in the Age of Generative AI and LLM

Insights for 2023, Cybersecurity Readiness with Dr. Dave Chatterjee

Application Programming Interfaces (APIs) play a vital role in modern software development, enabling the integration of services and facilitating the exchange of information. The ubiquity of APIs is a testament to their success in supporting many functions. However, their prominence has also made APIs a target for cyberattacks. Jeremy Snyder, Founder & CEO of Firetail.io, joins me in discussing how to secure APIs effectively. Our discussion revolves around the following questions:

What do we need APIs for? Why do we need API security? What are the consequences of lax API security?

What are the risks of APIs today? How can we remedy current API security issues?

To access and download the entire podcast summary with discussion highlights --

https://www.dchatte.com/episode-63-securing-application-programming-interfaces-apis/

Connect with Host Dr. Dave Chatterjee and Subscribe to the Podcast

Please subscribe to the podcast, so you don't miss any new episodes! And please leave the show a rating if you like what you hear. New episodes release every two weeks.

Connect with Dr. Chatterjee on these platforms:

LinkedIn: https://www.linkedin.com/in/dchatte/

Website: https://dchatte.com/

Cybersecurity Readiness Book: https://www.amazon.com/Cybersecurity-Readiness-Holistic-High-Performance-Approach/dp/1071837338

https://us.sagepub.com/en-us/nam/cybersecurity-readiness/book275712

Latest Publications:

Published in USA Today — “Dave Chatterjee Drops the Cybersecurity Jargon, Encouraging Proactiveness Rather than Reactiveness,” April 8, 2024

Preventing Security Breaches Must Start at the Top

Mission Critical --How the American Cancer Society successfully and securely migrated to the cloud amid the pandemic

Latest Webinars:

How can brands rethink data security to maintain customer trust?

Cybersecurity Readiness in the Age of Generative AI and LLM

Insights for 2023, Cybersecurity Readiness with Dr. Dave Chatterjee

Attackers have started increasingly targeting victims' backups to prevent organizations from restoring their data. Veeam's "2023 Ransomware Trends Report" found more than 93% of ransomware attacks specifically targeted backup data. My discussion with Gabe Gambill, VP of Product and Technical Operations at Quorum, revolves around the following questions:

• What vulnerabilities of data backups do ransomware hackers exploit?

• What are the common mistakes and barriers when recovering against a ransomware attack?

• How to successfully recover from a ransomware attack?

To access and download the entire podcast summary with discussion highlights --

https://www.dchatte.com/episode-62-the-last-line-of-defense-against-a-ransomware-attack/

Connect with Host Dr. Dave Chatterjee and Subscribe to the Podcast

Please subscribe to the podcast, so you don't miss any new episodes! And please leave the show a rating if you like what you hear. New episodes release every two weeks.

Connect with Dr. Chatterjee on these platforms:

LinkedIn: https://www.linkedin.com/in/dchatte/

Website: https://dchatte.com/

Cybersecurity Readiness Book: https://www.amazon.com/Cybersecurity-Readiness-Holistic-High-Performance-Approach/dp/1071837338

https://us.sagepub.com/en-us/nam/cybersecurity-readiness/book275712

Latest Publications:

Preventing Security Breaches Must Start at the Top

Mission Critical --How the American Cancer Society successfully and securely migrated to the cloud amid the pandemic

Latest Webinars:

How can brands rethink data security to maintain customer trust?

Cybersecurity Readiness in the Age of Generative AI and LLM

Insights for 2023, Cybersecurity Readiness with Dr. Dave Chatterjee

While tabletop exercises (TTX) are considered a proven tool for finding gaps in an organization’s security posture, they can be painstakingly challenging to plan and implement effectively. In a time where information security teams are understaffed and overworked, are TTX still worth the time and resources? Or are there other ways of ensuring incident response readiness? Navroop Mitter, the CEO of ArmorText, a mobile security and privacy startup, sheds light on the various aspects of tabletop exercises and their effectiveness as a preparedness tool.

To access and download the entire podcast summary with discussion highlights --

https://www.dchatte.com/episode-61-overcoming-the-stale-nature-of-tabletop-exercises/

Connect with Host Dr. Dave Chatterjee and Subscribe to the Podcast

Please subscribe to the podcast so you don't miss any new episodes! And please leave the show a rating if you like what you hear. New episodes are released every two weeks.

Connect with Dr. Chatterjee on these platforms:

LinkedIn: https://www.linkedin.com/in/dchatte/

Website: https://dchatte.com/

Cybersecurity Readiness Book: https://www.amazon.com/Cybersecurity-Readiness-Holistic-High-Performance-Approach/dp/1071837338

https://us.sagepub.com/en-us/nam/cybersecurity-readiness/book275712

Latest Publications:

Preventing Security Breaches Must Start at the Top

Mission Critical --How the American Cancer Society successfully and securely migrated to the cloud amid the pandemic

Latest Webinars:

How can brands rethink data security to maintain customer trust?

Cybersecurity Readiness in the Age of Generative AI and LLM

Insights for 2023, Cybersecurity Readiness with Dr. Dave Chatterjee

As artificial intelligence (AI) technologies continue to evolve and be leveraged, organizations need to make a concerted effort to safeguard their AI models and related data from different types of cyber-attacks and threats. Chris Sestito (Tito), Co-Founder and CEO of Hidden Layer, shares his thoughts and insights on the vulnerabilities of AI technologies and how best to secure AI applications.

To access and download the entire podcast summary with discussion highlights --

https://www.dchatte.com/episode-60-securing-artificial-intelligence-ai-applications/

Connect with Host Dr. Dave Chatterjee and Subscribe to the Podcast

Please subscribe to the podcast, so you don't miss any new episodes! And please leave the show a rating if you like what you hear. New episodes release every two weeks.

Connect with Dr. Chatterjee on these platforms:

LinkedIn: https://www.linkedin.com/in/dchatte/

Website: https://dchatte.com/

Cybersecurity Readiness Book: https://www.amazon.com/Cybersecurity-Readiness-Holistic-High-Performance-Approach/dp/1071837338

https://us.sagepub.com/en-us/nam/cybersecurity-readiness/book275712

Latest Publications:

Preventing Security Breaches Must Start at the Top

Mission Critical --How the American Cancer Society successfully and securely migrated to the cloud amid the pandemic

Latest Webinars:

How can brands rethink data security to maintain customer trust?

Cybersecurity Readiness in the Age of Generative AI and LLM

Insights for 2023, Cybersecurity Readiness with Dr. Dave Chatterjee

The latest disaster recovery statistics reveal that modern businesses still face costly interruptions due to a variety of threats, ranging from ransomware attacks to sudden hardware failures. The monetary costs of disasters and outages can be significant. According to results from Uptime Institute's "Annual Outage Analysis 2023" survey, 25% of respondents reported that their latest outage incurred more than $1 million in direct and indirect costs. In addition, 45% reported that the cost of their most recent outage ranged between $100,000 and $1 million. Another research report reveals that just over half of organizations have disaster recover plans and around 7% of organizations never test their disaster recovery plans. It was a real pleasure having Sagi Brody, Co-Founder and CTO at Opti9 on the podcast to shed light on the various aspects of disaster recovery and how to do it well.

To access and download the entire podcast summary with discussion highlights --

https://www.dchatte.com/episode-59-building-a-resilient-disaster-recovery-infrastructure/

Connect with Host Dr. Dave Chatterjee and Subscribe to the Podcast

Please subscribe to the podcast, so you don't miss any new episodes! And please leave the show a rating if you like what you hear. New episodes release every two weeks.

Connect with Dr. Chatterjee on these platforms:

LinkedIn: https://www.linkedin.com/in/dchatte/

Website: https://dchatte.com/

Cybersecurity Readiness Book: https://www.amazon.com/Cybersecurity-Readiness-Holistic-High-Performance-Approach/dp/1071837338

https://us.sagepub.com/en-us/nam/cybersecurity-readiness/book275712

Latest Publications:

Preventing Security Breaches Must Start at the Top

Mission Critical --How the American Cancer Society successfully and securely migrated to the cloud amid the pandemic

Latest Webinars:

How can brands rethink data security to maintain customer trust?

Cybersecurity Readiness in the Age of Generative AI and LLM

Insights for 2023, Cybersecurity Readiness with Dr. Dave Chatterjee

In a very thought-provoking discussion, Artificial Intelligence (AI) expert Tony Hoang, Ph.D., traced the evolution of Gen AI, highlighted the many benefits, and also shared his concerns about the irresponsible and abusive use of this technology. What got my attention were the following realities:

1. Innovators often prioritize speed over responsible AI development, leading to potential negative consequences.
2. How easy it is to create a software-generated duplicate of someone's voice or video avatar without their consent, using online content such as images and videos.
3. There are no current safeguards to prevent someone from exploiting AI-generated images of someone else, making it a challenge for parents to advise their children on how to protect themselves.

To access and download the entire podcast summary with discussion highlights --

https://www.dchatte.com/episode-58-unraveling-the-positive-and-negative-impacts-of-generative-ai/

Connect with Host Dr. Dave Chatterjee and Subscribe to the Podcast

Please subscribe to the podcast, so you don't miss any new episodes! And please leave the show a rating if you like what you hear. New episodes release every two weeks.

Connect with Dr. Chatterjee on these platforms:

LinkedIn: https://www.linkedin.com/in/dchatte/

Website: https://dchatte.com/

Cybersecurity Readiness Book: https://www.amazon.com/Cybersecurity-Readiness-Holistic-High-Performance-Approach/dp/1071837338

https://us.sagepub.com/en-us/nam/cybersecurity-readiness/book275712

Latest Publications:

Preventing Security Breaches Must Start at the Top

Mission Critical --How the American Cancer Society successfully and securely migrated to the cloud amid the pandemic

Latest Webinars:

How can brands rethink data security to maintain customer trust?

Cybersecurity Readiness in the Age of Generative AI and LLM

Insights for 2023, Cybersecurity Readiness with Dr. Dave Chatterjee

A 2023 State of Vulnerability Management Report finds that only half of the surveyed organizations (51%) have, at best, a moderate level of visibility into vulnerabilities. Several other vulnerability management metrics, such as maturity levels, frequency of vulnerability scans, and patch deployment speed, reveal an alarming and troublesome trend. In this episode, Ashley Leonard, CEO at Syxsense, joins me in reviewing the research report findings and discussing vulnerability management challenges and best practices.

To access and download the entire podcast summary with discussion highlights --

https://www.dchatte.com/episode-57-best-practices-for-overcoming-troublesome-vulnerability-management-trends/

Connect with Host Dr. Dave Chatterjee and Subscribe to the Podcast

Please subscribe to the podcast, so you don't miss any new episodes! And please leave the show a rating if you like what you hear. New episodes release every two weeks.

Connect with Dr. Chatterjee on these platforms:

LinkedIn: https://www.linkedin.com/in/dchatte/

Website: https://dchatte.com/

Cybersecurity Readiness Book: https://www.amazon.com/Cybersecurity-Readiness-Holistic-High-Performance-Approach/dp/1071837338

https://us.sagepub.com/en-us/nam/cybersecurity-readiness/book275712

Latest Publications:

Preventing Security Breaches Must Start at the Top

Mission Critical --How the American Cancer Society successfully and securely migrated to the cloud amid the pandemic

Latest Webinars:

How can brands rethink data security to maintain customer trust?

Cybersecurity Readiness in the Age of Generative AI and LLM

Insights for 2023, Cybersecurity Readiness with Dr. Dave Chatterjee

In this episode, Mike Manrod, the Chief Information Security Officer (CISO) of Grand Canyon Education, and Ori Eisen, the Founder and CEO of Trusona, joined me to discuss how best to reduce the risks of social engineering attacks on IT support and help desk personnel. This episode was motivated by the major cyber attack that brought MGM Resorts International's operations to a screeching halt. It was a social engineering attack where the attackers gained super administrator privileges by providing the MGM Help Desk with basic employee information.

To access and download the entire podcast summary with discussion highlights --

https://www.dchatte.com/episode-74-reducing-the-risk-of-social-engineering-to-exploit-it-help-desk/

Connect with Host Dr. Dave Chatterjee and Subscribe to the Podcast

Please subscribe to the podcast, so you don't miss any new episodes! And please leave the show a rating if you like what you hear. New episodes release every two weeks.

Connect with Dr. Chatterjee on these platforms:

LinkedIn: https://www.linkedin.com/in/dchatte/

Website: https://dchatte.com/

Cybersecurity Readiness Book: https://www.amazon.com/Cybersecurity-Readiness-Holistic-High-Performance-Approach/dp/1071837338

https://us.sagepub.com/en-us/nam/cybersecurity-readiness/book275712

Latest Publications:

"Getting Cybersecurity Right,” California Management Review — Insights, July 8, 2024.

Published in USA Today — “Dave Chatterjee Drops the Cybersecurity Jargon, Encouraging Proactiveness Rather than Reactiveness,” April 8, 2024

Preventing Security Breaches Must Start at the Top

Mission Critical --How the American Cancer Society successfully and securely migrated to the cloud amid the pandemic

Latest Webinars & Podcasts with Dr. Chatterjee as the Guest

Cybersecurity Readiness: Essential Actions For CXOs, August 12, 2024

Non-profits and Cybersecurity, a CAPTRUST podcast

While cloud computing has become a great digitization enabler to enterprises, multiple clouds—especially when intersecting with on-premises systems and one another—can produce some challenges. Many organizations can end up with an "identity gridlock" of competing identity systems and protocols since each cloud platform cannot exchange access policy data with other cloud providers. It was an absolute pleasure having Gerry Gebel, Head of Standards at Strata Identity, join me to discuss the significance of standardizing identity management.

To access and download the entire podcast summary with discussion highlights --

https://www.dchatte.com/episode-56-streamlining-and-improving-security-by-standardizing-identity-management/

Connect with Host Dr. Dave Chatterjee and Subscribe to the Podcast

Please subscribe to the podcast, so you don't miss any new episodes! And please leave the show a rating if you like what you hear. New episodes release every two weeks.

Connect with Dr. Chatterjee on these platforms:

LinkedIn: https://www.linkedin.com/in/dchatte/

Website: https://dchatte.com/

Cybersecurity Readiness Book: https://www.amazon.com/Cybersecurity-Readiness-Holistic-High-Performance-Approach/dp/1071837338

https://us.sagepub.com/en-us/nam/cybersecurity-readiness/book275712

Latest Publications:

Preventing Security Breaches Must Start at the Top

Mission Critical --How the American Cancer Society successfully and securely migrated to the cloud amid the pandemic

Latest Webinars:

How can brands rethink data security to maintain customer trust?

Cybersecurity Readiness in the Age of Generative AI and LLM

Insights for 2023, Cybersecurity Readiness with Dr. Dave Chatterjee

With the global cost of cybercrime expected to reach $10.5 trillion by 2025, cybersecurity has become a board-level imperative. According to the Diligent Institute survey 'What Directors Think,' board members ranked cybersecurity as the most challenging issue to oversee. Even though boards say cybersecurity is a priority, they have a long way to go to help their organizations become resilient to cyberattacks. Kayne McGladrey, Field CISO at Hyperproof and a senior IEEE member, sheds light on this important aspect of cybersecurity governance. The driving question being: How informed is the Board of Directors to provide effective oversight of cybersecurity governance?

To access and download the entire podcast summary with discussion highlights --

https://www.dchatte.com/episode-55-how-informed-is-the-board-of-directors-on-cybersecurity-risks/



Connect with Host Dr. Dave Chatterjee and Subscribe to the Podcast

Please subscribe to the podcast, so you don't miss any new episodes! And please leave the show a rating if you like what you hear. New episodes release every two weeks.

Connect with Dr. Chatterjee on these platforms:

LinkedIn: https://www.linkedin.com/in/dchatte/

Website: https://dchatte.com/

Cybersecurity Readiness Book: https://www.amazon.com/Cybersecurity-Readiness-Holistic-High-Performance-Approach/dp/1071837338

https://us.sagepub.com/en-us/nam/cybersecurity-readiness/book275712

Latest Publications:

Preventing Security Breaches Must Start at the Top

Mission Critical --How the American Cancer Society successfully and securely migrated to the cloud amid the pandemic

Latest Webinars:

How can brands rethink data security to maintain customer trust?

Cybersecurity Readiness in the Age of Generative AI and LLM

Insights for 2023, Cybersecurity Readiness with Dr. Dave Chatterjee

According to a 2023 IBM report, companies take 197 days to identify a breach and 69 days to contain one on average. The delay between infection, detection, and containment can cost businesses millions of dollars. Only 45% of the companies polled had an incident response plan in place. In this episode, Markus Lassfolk, VP of Incident Response, Truesec, and Morten von Seelen, Vice President of the Truesec Group, who have extensive hands-on experience in dealing with major cyber attack incidents, shed light on this very important subject matter.

To access and download the entire podcast summary with discussion highlights --

https://www.dchatte.com/episode-54-enhancing-incident-response-effectiveness/



Connect with Host Dr. Dave Chatterjee and Subscribe to the Podcast

Please subscribe to the podcast, so you don't miss any new episodes! And please leave the show a rating if you like what you hear. New episodes release every two weeks.

Connect with Dr. Chatterjee on these platforms:

LinkedIn: https://www.linkedin.com/in/dchatte/

Website: https://dchatte.com/

Cybersecurity Readiness Book: https://www.amazon.com/Cybersecurity-Readiness-Holistic-High-Performance-Approach/dp/1071837338

https://us.sagepub.com/en-us/nam/cybersecurity-readiness/book275712

Latest Publications:

Preventing Security Breaches Must Start at the Top

Mission Critical --How the American Cancer Society successfully and securely migrated to the cloud amid the pandemic

Latest Webinars:

https://us02web.zoom.us/rec/share/5H3vdv8eJgZRFMEa_w-JApCjpBczEcwpsqY6HRRZl6gOfanvhDLN1oiVnFA_qSE.kFJ0JGmlJt2d30Ip 

While large language models such as ChatGPT can be used to write malicious code, AI tools are increasingly used to proactively detect and thwart cyber-attacks. There is growing recognition of AI’s potential to fight cybercrime. Ian L. Paterson, CEO, Plurilock, sheds light on how AI has impacted the cybersecurity industry, especially how Generative AI is changing the industry. Describing the role of the AI as a co-pilot, he says, "The way I think about leveraging AI is typically having a human do the first 10%, and the last 10%, an AI is really good at doing the 80% in the middle. So it's not a replacement for the human, but it's an enabler for that human and allows them to do more with less."

To access and download the entire podcast summary with discussion highlights --

https://www.dchatte.com/episode-53-cybersecurity-in-the-age-of-ai/

Connect with Host Dr. Dave Chatterjee and Subscribe to the Podcast

Please subscribe to the podcast, so you don't miss any new episodes! And please leave the show a rating if you like what you hear. New episodes release every two weeks.

Connect with Dr. Chatterjee on these platforms:

LinkedIn: https://www.linkedin.com/in/dchatte/

Website: https://dchatte.com/

Cybersecurity Readiness Book: https://www.amazon.com/Cybersecurity-Readiness-Holistic-High-Performance-Approach/dp/1071837338

https://us.sagepub.com/en-us/nam/cybersecurity-readiness/book275712

Latest Publications:

Preventing Security Breaches Must Start at the Top

Mission Critical --How the American Cancer Society successfully and securely migrated to the cloud amid the pandemic

Latest Webinars:

https://us02web.zoom.us/rec/share/5H3vdv8eJgZRFMEa_w-JApCjpBczEcwpsqY6HRRZl6gOfanvhDLN1oiVnFA_qSE.kFJ0JGmlJt2d30Ip 

Cloud migration and remote work requirements are forcing organizations to modernize their applications and identity systems. Making the transition is both time-consuming and expensive using traditional software development practices. By decoupling applications from identity, orchestration can alleviate the burden while allowing companies to seamlessly mix and match different cloud providers as well as MFA and passwordless technologies. In this episode, Eric Olden, Co-founder and CEO at Strata Identity sheds light on identity orchestration strategies and best practices.

To access and download the entire podcast summary with discussion highlights --

https://www.dchatte.com/episode-52-identity-orchestration-strategies-and-best-practices/

Connect with Host Dr. Dave Chatterjee and Subscribe to the Podcast

Please subscribe to the podcast, so you don't miss any new episodes! And please leave the show a rating if you like what you hear. New episodes release every two weeks.

Connect with Dr. Chatterjee on these platforms:

LinkedIn: https://www.linkedin.com/in/dchatte/

Website: https://dchatte.com/

Cybersecurity Readiness Book: https://www.amazon.com/Cybersecurity-Readiness-Holistic-High-Performance-Approach/dp/1071837338

https://us.sagepub.com/en-us/nam/cybersecurity-readiness/book275712

Latest Publications:

Preventing Security Breaches Must Start at the Top

Mission Critical --How the American Cancer Society successfully and securely migrated to the cloud amid the pandemic

Latest Webinars:

https://us02web.zoom.us/rec/share/5H3vdv8eJgZRFMEa_w-JApCjpBczEcwpsqY6HRRZl6gOfanvhDLN1oiVnFA_qSE.kFJ0JGmlJt2d30Ip 

Recent cybersecurity workforce study reports reveal that a) there’s still a global shortage of 3.4 million workers in this field, and b) only 25% of the global cybersecurity workforce are women. In this episode, I had an engaging discussion with panelists Ashley Podhradsky, Vice President of Research and Economic Development at Dakota State University, and Kriti Arora, Security Global black belt, Threat Intelligence and External Attack Surface Management, Microsoft, North America, on attracting more talent, especially motivating and inspiring women to become cybersecurity professionals. One of the key messages that came out of the discussion was not to allow a certain stereotype or image to influence career decisions. A woman's innate traits and abilities, such as multitasking, problem-solving, organizational skills, curiosity, and the zeal to go above and beyond, will serve her very well as a cybersecurity professional.

Here are links to some useful cybersecurity training and awareness resources:

https://www.girlsecurity.org

https://www.sans.org

www.CybHER.org

Www.WiCyS.org

https://www.isc2.org

To access and download the entire podcast summary with discussion highlights --

https://www.dchatte.com/episode-51-identity-orchestration-strategies-and-best-practices/

Connect with Host Dr. Dave Chatterjee and Subscribe to the Podcast

Please subscribe to the podcast, so you don't miss any new episodes! And please leave the show a rating if you like what you hear. New episodes release every two weeks.

Dr. Chatterjee's Professional Profile and Media Kit: https://tinyurl.com/bdenv88p

Connect with Dr. Chatterjee on these platforms:

LinkedIn: https://www.linkedin.com/in/dchatte/

Website: https://dchatte.com/

Cybersecurity Readiness Book: https://www.amazon.com/Cybersecurity-Readiness-Holistic-High-Performance-Approach/dp/1071837338

https://us.sagepub.com/en-us/nam/cybersecurity-readiness/book275712

Latest Publications:

https://www.imd.org/ibyimd/magazine/preventing-security-breaches-must-start-at-the-top/

Research finds that there was a 44% increase in insider threat incidents across all types of organizations, and 56% of the reported incidents were due to negligence. Equally alarming is that the average annual cost to remediate a negligence incident was $6.6 million. Dr. Eric Lang, Ph.D., Director, Personnel and Security Research Center (PERSEREC), United States Department of Defense, draws upon his research to share some of the (science-based) commandments for understanding and countering insider threats. Emphasizing the criticality of human factors, Dr. Lang contends that "without individuals’ sincere commitments, the most extensive insider threat policies will fail."

To access and download the entire podcast summary with discussion highlights --

https://www.dchatte.com/episode-50-countering-insider-threats-seven-science-based-commandments/

Connect with Host Dr. Dave Chatterjee and Subscribe to the Podcast

Please subscribe to the podcast, so you don't miss any new episodes! And please leave the show a rating if you like what you hear. New episodes release every two weeks.

Dr. Chatterjee's Professional Profile and Media Kit: https://tinyurl.com/bdenv88p

Connect with Dr. Chatterjee on these platforms:

LinkedIn: https://www.linkedin.com/in/dchatte/

Website: https://dchatte.com/

Cybersecurity Readiness Book: https://www.amazon.com/Cybersecurity-Readiness-Holistic-High-Performance-Approach/dp/1071837338

https://us.sagepub.com/en-us/nam/cybersecurity-readiness/book275712

Latest Publications:

https://www.imd.org/ibyimd/magazine/preventing-security-breaches-must-start-at-the-top/

https://www.imd.org/ibyimd/strategy/mission-critical-how-the-american-cancer-society-successfully-and-securely-migrated-to-the-cloud-amid-the-pandemic/

Latest Webinars:

https://us02web.zoom.us/rec/share/5H3vdv8eJgZRFMEa_w-JApCjpBczEcwpsqY6HRRZl6gOfanvhDLN1oiVnFA_qSE.kFJ0JGmlJt2d30Ip 

Significant fines in excess of $2 billion have been levied on organizations in the financial services sector for failing to capture, retain and supervise communications. This crackdown on non-compliant communications is the clearest indicator yet that regulators have lost patience with firms that still haven't addressed supervision and record-keeping risks that were exacerbated by the pandemic. In this episode, Garth Landers, Director of Global Product Marketing at Theta Lake, discusses how businesses can mitigate risks from unmonitored communication channels.

To access and download the entire podcast summary with discussion highlights -

https://www.dchatte.com/episode-49-mitigating-risks-from-unmonitored-communication-channels/

Connect with Host Dr. Dave Chatterjee and Subscribe to the Podcast

Please subscribe to the podcast, so you don't miss any new episodes! And please leave the show a rating if you like what you hear. New episodes release every two weeks.

Dr. Chatterjee's Professional Profile and Media Kit: https://tinyurl.com/bdenv88p

Connect with Dr. Chatterjee on these platforms:

LinkedIn: https://www.linkedin.com/in/dchatte/

Website: https://dchatte.com/

Cybersecurity Readiness Book: https://www.amazon.com/Cybersecurity-Readiness-Holistic-High-Performance-Approach/dp/1071837338

https://us.sagepub.com/en-us/nam/cybersecurity-readiness/book275712

Latest Publications:

https://www.imd.org/ibyimd/magazine/preventing-security-breaches-must-start-at-the-top/

https://www.imd.org/ibyimd/strategy/mission-critical-how-the-american-cancer-society-successfully-and-securely-migrated-to-the-cloud-amid-the-pandemic/

Latest Webinars:

https://us02web.zoom.us/rec/share/5H3vdv8eJgZRFMEa_w-JApCjpBczEcwpsqY6HRRZl6gOfanvhDLN1oiVnFA_qSE.kFJ0JGmlJt2d30Ip 

Traditional authentication methods are outdated and need many layers of code, which can take time and resources away from developer teams. If developments like FIDO2, WebAuthn, and passkeys are to be the cornerstones of a passwordless future, then every application (not just Apple, Google, and Microsoft) needs an easy way to adopt these methods and weave them into current user authentication flows. Slavik Markovich, Co-founder and CEO, Descope, discusses current and future authentication trends and the importance of building a low-code/no-code passwordless authentication solution for app developers.

To access and download the entire podcast summary with discussion highlights --

https://www.dchatte.com/episode-48-implementing-secure-and-fast-authentication-processes/

Connect with Host Dr. Dave Chatterjee and Subscribe to the Podcast

Please subscribe to the podcast, so you don't miss any new episodes! And please leave the show a rating if you like what you hear. New episodes release every two weeks.

Dr. Chatterjee's Professional Profile and Media Kit: https://tinyurl.com/bdenv88p

Connect with Dr. Chatterjee on these platforms:

LinkedIn: https://www.linkedin.com/in/dchatte/

Website: https://dchatte.com/

Cybersecurity Readiness Book: https://www.amazon.com/Cybersecurity-Readiness-Holistic-High-Performance-Approach/dp/1071837338

https://us.sagepub.com/en-us/nam/cybersecurity-readiness/book275712

Latest Publications:

https://www.imd.org/ibyimd/magazine/preventing-security-breaches-must-start-at-the-top/

https://www.imd.org/ibyimd/strategy/mission-critical-how-the-american-cancer-society-successfully-and-securely-migrated-to-the-cloud-amid-the-pandemic/

Latest Webinars:

https://us02web.zoom.us/rec/share/5H3vdv8eJgZRFMEa_w-JApCjpBczEcwpsqY6HRRZl6gOfanvhDLN1oiVnFA_qSE.kFJ0JGmlJt2d30Ip 

It is well known that a proactive intelligence-driven approach to cyber governance is the way to go. But it is easier said than done. Embracing and sustaining such an approach requires high commitment, preparedness, and discipline. Kriti Arora, Security Global Black Belt, Threat Intelligence and Enterprise Attack Surface Management, Microsoft, shares her experiences guiding clients to adopt an intelligence-driven proactive approach to thwarting attacks. She also shares her passion for the field and the satisfaction of training and serving as a cyberwarrior.

To access and download the entire podcast summary with discussion highlights --

https://www.dchatte.com/episode-47-proactive-resilient-approach-to-cybersecurity/

Connect with Host Dr. Dave Chatterjee and Subscribe to the Podcast

Please subscribe to the podcast, so you don't miss any new episodes! And please leave the show a rating if you like what you hear. New episodes release every two weeks.

Connect with Dr. Chatterjee on these platforms:

LinkedIn: https://www.linkedin.com/in/dchatte/

Website: https://dchatte.com/

Cybersecurity Readiness Book: https://www.amazon.com/Cybersecurity-Readiness-Holistic-High-Performance-Approach/dp/1071837338

https://us.sagepub.com/en-us/nam/cybersecurity-readiness/book275712

Latest Publications:

https://www.imd.org/ibyimd/magazine/preventing-security-breaches-must-start-at-the-top/

https://www.imd.org/ibyimd/strategy/mission-critical-how-the-american-cancer-society-successfully-and-securely-migrated-to-the-cloud-amid-the-pandemic/

Latest Webinars:

https://us02web.zoom.us/rec/share/5H3vdv8eJgZRFMEa_w-JApCjpBczEcwpsqY6HRRZl6gOfanvhDLN1oiVnFA_qSE.kFJ0JGmlJt2d30Ip 

In this episode, Laurie Salvail, Ph.D., Executive Director of CYBER.ORG, joins me to discuss the importance of cybersecurity education for K-12 students. Primarily funded by the Cybersecurity and Infrastructure Security Agency (CISA), CYBER.ORG is a powerful and free resource available to K-12 students and educators in the United States. CYBER.ORG’s Range, a cloud-based virtual environment, empowers K-12 students with real-world cybersecurity skills in a secure platform.

To access and download the entire podcast summary with discussion highlights -- https://www.dchatte.com/episode-73-unlocking-cyber-potential-the-power-of-collaboration-in-k-12-cyber-education/

Connect with Host Dr. Dave Chatterjee and Subscribe to the Podcast

Please subscribe to the podcast so you don't miss any new episodes! And please leave the show a rating if you like what you hear. New episodes are released every two weeks.

Connect with Dr. Chatterjee on these platforms:

LinkedIn: https://www.linkedin.com/in/dchatte/

Website: https://dchatte.com/

Cybersecurity Readiness Book: https://www.amazon.com/Cybersecurity-Readiness-Holistic-High-Performance-Approach/dp/1071837338

https://us.sagepub.com/en-us/nam/cybersecurity-readiness/book275712

Latest Publications:

"Getting Cybersecurity Right,” California Management Review — Insights, July 8, 2024.

Published in USA Today — “Dave Chatterjee Drops the Cybersecurity Jargon, Encouraging Proactiveness Rather than Reactiveness,” April 8, 2024

Preventing Security Breaches Must Start at the Top

Mission Critical --How the American Cancer Society successfully and securely migrated to the cloud amid the pandemic

Latest Webinars & Podcasts with Dr. Chatterjee as the Guest

Cybersecurity Readiness: Essential Actions For CXOs, August 12, 2024

Non-profits and Cybersecurity, a CAPTRUST podcast

“While developed markets may today bear the brunt of cyber breaches, emerging markets are no less vulnerable. Their risks arise from weak processes and governance, the complexity of global supply chains, the need to remain low cost to attract investment, and the rapid adoption of technology without adequate cyber defenses.” Andre Keartland, Solutions Architect at Netsurit, Johannesburg, South Africa, speaks to these realities and offers guidance on managing cyber risks and implementing robust security solutions.

To access and download the entire podcast summary with discussion highlights --

https://www.dchatte.com/episode-46-the-challenges-and-best-practices-of-cyber-security-in-emerging-markets/

Connect with Host Dr. Dave Chatterjee and Subscribe to the Podcast

Please subscribe to the podcast, so you don't miss any new episodes! And please leave the show a rating if you like what you hear. New episodes release every two weeks.

Connect with Dr. Chatterjee on these platforms:

LinkedIn: https://www.linkedin.com/in/dchatte/

Website: https://dchatte.com/

Cybersecurity Readiness Book: https://www.amazon.com/Cybersecurity-Readiness-Holistic-High-Performance-Approach/dp/1071837338

https://us.sagepub.com/en-us/nam/cybersecurity-readiness/book275712

Latest Publications:

https://www.imd.org/ibyimd/magazine/preventing-security-breaches-must-start-at-the-top/

https://www.imd.org/ibyimd/strategy/mission-critical-how-the-american-cancer-society-successfully-and-securely-migrated-to-the-cloud-amid-the-pandemic/

Latest Webinars:

https://us02web.zoom.us/rec/share/5H3vdv8eJgZRFMEa_w-JApCjpBczEcwpsqY6HRRZl6gOfanvhDLN1oiVnFA_qSE.kFJ0JGmlJt2d30Ip 

In this episode, Pamela Senegal, President, Piedmont Community College, shares several best practices, including having an information technology presence in each of the college-wide committees. I had the pleasure of meeting Pamela at a cybersecurity symposium organized by the World View Program at the University of North Carolina-Chapel Hill. Charle LaMonica, the Director of UNC's World View Program, also shared her thoughts and perspectives during this very engaging discussion. Driven by the belief that students and instructors must actively engage in cybersecurity governance discussions, she and her team organized a conference to create such knowledge-sharing opportunities.

To access and download the entire podcast summary with discussion highlights -- https://www.dchatte.com/episode-45-cybersecurity-perspectives-of-a-community-college-president/

Connect with Host Dr. Dave Chatterjee and Subscribe to the Podcast

Please subscribe to the podcast, so you don't miss any new episodes! And please leave the show a rating if you like what you hear. New episodes release every two weeks.

Connect with Dr. Chatterjee on these platforms:

LinkedIn: https://www.linkedin.com/in/dchatte/

Website: https://dchatte.com/

Cybersecurity Readiness Book: https://www.amazon.com/Cybersecurity-Readiness-Holistic-High-Performance-Approach/dp/1071837338

https://us.sagepub.com/en-us/nam/cybersecurity-readiness/book275712

Latest Publication: https://www.imd.org/ibyimd/magazine/preventing-security-breaches-must-start-at-the-top/

In this episode, Brian Penders, Chief Information Security Officer, at the University of North Carolina Chapel Hill Medical School, shares his exciting but challenging journey from working as an engineering lab technician in the US nuclear submarine to being a law enforcement officer with the Vermont State Police and then gravitating to his current role of Chief Information Security Officer at a major academic institution. He sheds light on the principles driving the high-reliability organizational culture in the US Nuclear Navy Propulsion Program and how those experiences influenced and shaped his growth as a cybersecurity leader.

To access and download the entire podcast summary with discussion highlights --

https://www.dchatte.com/episode-44-from-law-enforcement-officer-to-chief-information-security-officer/

Connect with Host Dr. Dave Chatterjee and Subscribe to the Podcast

Please subscribe to the podcast, so you don't miss any new episodes! And please leave the show a rating if you like what you hear. New episodes release every two weeks.

Connect with Dr. Chatterjee on these platforms:

LinkedIn: https://www.linkedin.com/in/dchatte/

Website: https://dchatte.com/

Cybersecurity Readiness Book: https://www.amazon.com/Cybersecurity-Readiness-Holistic-High-Performance-Approach/dp/1071837338

https://us.sagepub.com/en-us/nam/cybersecurity-readiness/book275712

Latest Publication: https://www.imd.org/ibyimd/magazine/preventing-security-breaches-must-start-at-the-top/

Clinical psychologist Beatrice Cadet, Scientist Integrator at Netherland's Organization for Applied Scientific Research (TNO), draws upon multiple concepts such as 'learned helplessness' to explain why people still fall for phishing attacks despite the training. Beatrice emphasizes the need to factor in human behavioral traits and motivational triggers when developing social engineering solutions and training.

To access and download the entire podcast summary with discussion highlights --

https://www.dchatte.com/episode-43-to-trust-or-not-to-trust-the-overwhelming-challenge/

Connect with Host Dr. Dave Chatterjee and Subscribe to the Podcast

Please subscribe to the podcast, so you don't miss any new episodes! And please leave the show a rating if you like what you hear. New episodes release every two weeks.

Connect with Dr. Chatterjee on these platforms:

LinkedIn: https://www.linkedin.com/in/dchatte/

Website: https://dchatte.com/

Cybersecurity Readiness Book: https://www.amazon.com/Cybersecurity-Readiness-Holistic-High-Performance-Approach/dp/1071837338

https://us.sagepub.com/en-us/nam/cybersecurity-readiness/book275712

Latest Publication: https://www.imd.org/ibyimd/magazine/preventing-security-breaches-must-start-at-the-top/

In this episode, Patricia Muoio, Ph.D., Partner at SineWave Ventures and Former Chief of Trusted Systems Research Group, National Security Agency, sheds light on the cybersecurity technology landscape and emphasizes the need to develop technologies that are attack agnostic. Some of the questions driving the discussion include: a) what progress has been made in the development and use of cybersecurity technologies? b) What does it mean to be attack agnostic? c) how near or far are we from taking the burden off people trying to protect themselves from different cyber attacks? and d) the ideal government and industry partnership model to develop innovative solutions.

To access and download the entire podcast summary with discussion highlights --

https://www.dchatte.com/episode-42-useful-technology-should-be-attack-agnostic/

Connect with Host Dr. Dave Chatterjee and Subscribe to the Podcast

Please subscribe to the podcast, so you don't miss any new episodes! And please leave the show a rating if you like what you hear. New episodes release every two weeks.

Connect with Dr. Chatterjee on these platforms:

LinkedIn: https://www.linkedin.com/in/dchatte/

Website: https://dchatte.com/

Cybersecurity Readiness Book: https://www.amazon.com/Cybersecurity-Readiness-Holistic-High-Performance-Approach/dp/1071837338

https://us.sagepub.com/en-us/nam/cybersecurity-readiness/book275712

Latest Publication: https://www.imd.org/ibyimd/magazine/preventing-security-breaches-must-start-at-the-top/

Threat modeling is an intrinsic part of information security governance and needs to be done well. However, research finds that many organizations don't do it well, some are pretty haphazard or chaotic in their approach. In this episode, Marcos Lira, Lead Solutions Engineer at Halo Security, sheds light on how to do threat modeling the right way. The key questions driving the discussion were: a) what is the scope and purpose of threat modeling? b) what have people and organizations been getting wrong about threat modeling? c) what is the right way of doing threat modeling? and d) what is the future of threat modeling?

To access and download the entire podcast summary with discussion highlights --

https://www.dchatte.com/episode-41-do-you-see-what-attackers-see-threat-modeling-done-right/

Connect with Host Dr. Dave Chatterjee and Subscribe to the Podcast

Please subscribe to the podcast, so you don't miss any new episodes! And please leave the show a rating if you like what you hear. New episodes release every two weeks.

Connect with Dr. Chatterjee on these platforms:

LinkedIn: https://www.linkedin.com/in/dchatte/

Website: https://dchatte.com/

Cybersecurity Readiness Book: https://www.amazon.com/Cybersecurity-Readiness-Holistic-High-Performance-Approach/dp/1071837338

https://us.sagepub.com/en-us/nam/cybersecurity-readiness/book275712

Latest Publication: https://www.imd.org/ibyimd/magazine/preventing-security-breaches-must-start-at-the-top/

The Cybersecurity and Infrastructure Security Agency (CISA) recently (Oct 31, 2022) released fact sheets urging all organizations to implement phishing-resistant multi-factor authentication (MFA). In this episode, George Gerchow, Chief Security Officer and Senior Vice President of IT, Sumo Logic, and I have an in-depth discussion on this very important security subject matter. The scope of coverage ranges from providing an overview of MFA and its benefits to discussing the challenges and hurdles of implementing phishing-resistant MFA, recommended implementation approaches, and the future of MFA.

To access and download the entire podcast summary with discussion highlights --

https://www.dchatte.com/episode-40-implementing-phishing-resistant-multifactor-authentication/

Connect with Host Dr. Dave Chatterjee and Subscribe to the Podcast

Please subscribe to the podcast, so you don't miss any new episodes! And please leave the show a rating if you like what you hear. New episodes release every two weeks.

Connect with Dr. Chatterjee on these platforms:

LinkedIn: https://www.linkedin.com/in/dchatte/

Website: https://dchatte.com/

Cybersecurity Readiness Book: https://www.amazon.com/Cybersecurity-Readiness-Holistic-High-Performance-Approach/dp/1071837338

https://us.sagepub.com/en-us/nam/cybersecurity-readiness/book275712

Latest Publication: https://www.imd.org/ibyimd/magazine/preventing-security-breaches-must-start-at-the-top/

A recent Global SMB Ransomware survey finds that nearly half of small and medium-sized businesses (SMBs) have experienced a ransomware attack, yet the majority aren't sure they are a target, and most are not confident they can fend off such an attack. Since 60% of SMBs are known to go out of business within six months of being hacked, it is a very troubling state of affairs. In this episode, Grayson Milbourne, Security Intelligence Director at OpenText Security Solutions, joins me in discussing the security challenges faced by SMBs and sharing success factors and best practices.

To access and download the entire podcast summary with discussion highlights --

https://www.dchatte.com/episode-39-how-do-smbs-protect-themselves-from-ransomware-attacks/

Connect with Host Dr. Dave Chatterjee and Subscribe to the Podcast

Please subscribe to the podcast, so you don't miss any new episodes! And please leave the show a rating if you like what you hear. New episodes release every two weeks.

Connect with Dr. Chatterjee on these platforms:

LinkedIn: https://www.linkedin.com/in/dchatte/

Website: https://dchatte.com/

Cybersecurity Readiness Book: https://www.amazon.com/Cybersecurity-Readiness-Holistic-High-Performance-Approach/dp/1071837338

https://us.sagepub.com/en-us/nam/cybersecurity-readiness/book275712

Latest Publication: https://www.imd.org/ibyimd/magazine/preventing-security-breaches-must-start-at-the-top/

In this episode, Kal Sambhangi, Senior Vice President, Cybersecurity Strategy and Architecture at Truist, shares his vision of the future of cyber governance. According to him, the leadership mindset needs to change whereby they are optimistic and opportunistic about cybersecurity and view developing cybersecurity capabilities as a source of competitive advantage. Kal also emphasized the importance of attracting professionals from other fields. He said, “I think cyber security as a community should start embracing people with other skills. I think there is a lot of opportunity here, for people skilled in software development, program management, product management, and data analytics.”

To access and download the entire podcast summary with discussion highlights --

https://www.dchatte.com/episode-38-cybersecurity-as-a-strategic-opportunity/

Connect with Host Dr. Dave Chatterjee and Subscribe to the Podcast

Please subscribe to the podcast, so you don't miss any new episodes! And please leave the show a rating if you like what you hear. New episodes release every two weeks.

Connect with Dr. Chatterjee on these platforms:

LinkedIn: https://www.linkedin.com/in/dchatte/

Website: https://dchatte.com/

Cybersecurity Readiness Book: https://www.amazon.com/Cybersecurity-Readiness-Holistic-High-Performance-Approach/dp/1071837338

https://us.sagepub.com/en-us/nam/cybersecurity-readiness/book275712

Comprehensive asset discovery is foundational to robust and proactive cybersecurity governance. The Cybersecurity and Infrastructure Security Agency recently issued a directive (BOD 23-01) requiring federal enterprises (civilian executive branch) to perform automated asset discovery every 7 days. Among other things, the directive also requires federal enterprises to initiate vulnerability enumeration across all discovered assets, including all discovered nomadic/roaming devices (e.g., laptops), every 14 days. Huxley Barbee, Security Evangelist at runZero and former Cybersecurity Practice Lead at Cisco, discusses the various methods of comprehensive asset discovery and provides guidance in selecting an appropriate asset discovery tool.

To access and download the entire podcast summary with discussion highlights --

https://www.dchatte.com/episode-37-comprehensive-asset-discovery/

Connect with Host Dr. Dave Chatterjee and Subscribe to the Podcast

Please subscribe to the podcast, so you don't miss any new episodes! And please leave the show a rating if you like what you hear. New episodes release every two weeks.

Connect with Dr. Chatterjee on these platforms:

LinkedIn: https://www.linkedin.com/in/dchatte/

Website: https://dchatte.com/

Cybersecurity Readiness Book: https://www.amazon.com/Cybersecurity-Readiness-Holistic-High-Performance-Approach/dp/1071837338

https://us.sagepub.com/en-us/nam/cybersecurity-readiness/book275712

As machine learning algorithms continue to evolve, Large Language Models (LLMs) like GPT-4 are gaining popularity. While these models hold great promise in revolutionizing various functions and industries—ranging from content generation and customer service to research and development—they also come with their own set of risks and ethical concerns. In this episode, Rohan Sathe, Co-founder & CTO/Head of R&D at Nightfall.ai, and I review the LLM-related risks and how best to mitigate them.

To access and download the entire podcast summary with discussion highlights -- https://www.dchatte.com/episode-72-large-language-model-llm-risks-and-mitigation-strategies/



Connect with Host Dr. Dave Chatterjee and Subscribe to the Podcast

Please subscribe to the podcast, so you don't miss any new episodes! And please leave the show a rating if you like what you hear. New episodes release every two weeks.

Connect with Dr. Chatterjee on these platforms:

LinkedIn: https://www.linkedin.com/in/dchatte/

Website: https://dchatte.com/

Cybersecurity Readiness Book: https://www.amazon.com/Cybersecurity-Readiness-Holistic-High-Performance-Approach/dp/1071837338

https://us.sagepub.com/en-us/nam/cybersecurity-readiness/book275712

Latest Publications:

"Getting Cybersecurity Right,” California Management Review — Insights, July 8, 2024.

Published in USA Today — “Dave Chatterjee Drops the Cybersecurity Jargon, Encouraging Proactiveness Rather than Reactiveness,” April 8, 2024

Preventing Security Breaches Must Start at the Top

Mission Critical --How the American Cancer Society successfully and securely migrated to the cloud amid the pandemic

Latest Webinars & Podcasts with Dr. Chatterjee as the Guest

Cybersecurity Readiness: Essential Actions For CXOs, August 12, 2024

Non-profits and Cybersecurity, a CAPTRUST podcast

In a highly engrossing and in-depth discussion, Tej Patel, Vice President, and CIO at Stevens Institute of Technology sheds light on the various information security challenges that plague academic institutions and how best to deal with them. He talks about establishing a highly collaborative and security-centric culture, structuring an ideal CIO-CISO relationship, effective execution strategies, and more.

To access and download the entire podcast summary with discussion highlights --

https://www.dchatte.com/episode-36-is-cybersecurity-a-moving-target-at-academic-institutions/

Connect with Host Dr. Dave Chatterjee and Subscribe to the Podcast

Please subscribe to the podcast, so you don't miss any new episodes! And please leave the show a rating if you like what you hear. New episodes release every two weeks.

Connect with Dr. Chatterjee on these platforms:

LinkedIn: https://www.linkedin.com/in/dchatte/

Website: https://dchatte.com/

Cybersecurity Readiness Book: https://www.amazon.com/Cybersecurity-Readiness-Holistic-High-Performance-Approach/dp/1071837338

As more organizations embrace cloud-based services, securely migrating to the cloud is becoming an important capability. Keith Weller, former Vice President, Enterprise Technology Services, American Cancer Society (ACS), spearheaded a highly successful migration initiative where they transitioned a 5000-square-foot donation processing on-premise data center to the cloud. Keith and his team completed the implementation on time (in eight weeks), under budget, and helped the organization realize savings of $18 million in real estate and $2 million in technology costs (projected over three years). In this podcast, Keith shares some highlights of this cloud migration best practice.

To access and download the entire podcast summary with discussion highlights --

https://www.dchatte.com/episode-35-securely-migrating-to-the-cloud-insights-from-the-american-cancer-society-experience/

Connect with Host Dr. Dave Chatterjee and Subscribe to the Podcast

Please subscribe to the podcast, so you don't miss any new episodes! And please leave the show a rating if you like what you hear. New episodes release every two weeks.

Connect with Dr. Chatterjee on these platforms:

LinkedIn: https://www.linkedin.com/in/dchatte/

Website: https://dchatte.com/

Cybersecurity Readiness Book: https://www.amazon.com/Cybersecurity-Readiness-Holistic-High-Performance-Approach/dp/1071837338

Insider threats are often considered the biggest risk for organizations because they can cause the most destruction. Survey reports, and studies, have found that organizations have spent millions of dollars to recover from insider threat attacks. Proactively detecting and thwarting such threats is a critical aspect of robust information security governance. Doron Hendler, CEO, and Co-Founder at RevealSecurity, sheds light on a context-based detection model that analyzes activity sequences performed when using an application. According to Doron, this User Journey Analytics method is a ubiquitous detection model that can be applied to any SaaS and custom-built application. Since no rules are required, it eliminates the need to fully understand the application business logic.

To access and download the entire podcast summary with discussion highlights --

https://www.dchatte.com/episode-34-detecting-malicious-insider-threats-by-monitoring-user-journeys/

Connect with Host Dr. Dave Chatterjee and Subscribe to the Podcast

Please subscribe to the podcast, so you don't miss any new episodes! And please leave the show a rating if you like what you hear. New episodes release every two weeks.

Connect with Dr. Chatterjee on these platforms:

LinkedIn: https://www.linkedin.com/in/dchatte/

Website: https://dchatte.com/

Cybersecurity Readiness Book: https://www.amazon.com/Cybersecurity-Readiness-Holistic-High-Performance-Approach/dp/1071837338

The Security Operations Center (SOC) is at the heart of an organization's cyber defense system. Highly skilled and motivated personnel must work in these centers. James Risler, Senior Manager, Cisco Learning and Certifications, discussed the roles of the security engineer and the security analyst and the hard and soft skills needed to be effective in those functions. While the ability to code, learn computer forensics techniques, and know how to operationalize MITRE attacks are top skills, the ability to communicate effectively is equally important. Jim strongly recommends that academic institutions partner up with industry to provide hands-on training opportunities and also engage in security solutions-focused research.

To access and download the entire podcast summary with discussion highlights --

https://www.dchatte.com/episode-33-skilling-up-for-security-operations-center-roles/

Connect with Host Dr. Dave Chatterjee and Subscribe to the Podcast

Please subscribe to the podcast, so you don't miss any new episodes! And please leave the show a rating if you like what you hear. New episodes release every two weeks.

Connect with Dr. Chatterjee on these platforms:

LinkedIn: https://www.linkedin.com/in/dchatte/

Website: https://dchatte.com/

Cybersecurity Readiness Book: https://www.amazon.com/Cybersecurity-Readiness-Holistic-High-Performance-Approach/dp/1071837338

Daniela Almeida Lourenco, Chief Information Security Officer (CISO) at Tinka, firmly believes that CISOs have the very best of intentions -- "we all mean the best; we all want to protect the organization, and that is all we want to do." However, often the reality of the Board's lack of a cybersecurity mindset coupled with insufficient budget and resources results "in a reactive posture, unpreparedness, unclear risk management strategy, and low response maturity." She also highlights "the misinterpretation and implementation of the lines of defense model" to be another reason why right intentions do not get translated into good practices. Advocating for a more hands-on senior management role, Daniela says, "if you're on the second line of defense, you're not supposed to just sit on your highchair and disconnect from Operation." She also expresses concern about the excessive use of the 'fear factor' in cybersecurity communications. Finally, Daniela recommends against reinventing the current culture but making suitable adaptations by embedding new practices.

To access and download the entire podcast summary with discussion highlights --

https://www.dchatte.com/episode-32-bridging-the-gap-between-intentions-and-practicality-in-cybersecurity/



Connect with Host Dr. Dave Chatterjee and Subscribe to the Podcast

Please subscribe to the podcast, so you don't miss any new episodes! And please leave the show a rating if you like what you hear. New episodes release every two weeks.

Connect with Dr. Chatterjee on these platforms:

LinkedIn: https://www.linkedin.com/in/dchatte/

Website: https://dchatte.com/

Cybersecurity Readiness Book: https://www.amazon.com/Cybersecurity-Readiness-Holistic-High-Performance-Approach/dp/1071837338

With the growing move towards a hybrid and remote work environment, more and more people are relying on their smart devices to get work done. Keeping track of all of these devices, and ensuring that they are being used in a very secure manner, can be a challenging proposition. A recent survey finds organizations unprepared and overwhelmed with managing thousands or hundreds of thousands of these endpoint devices. Mike McNeill, CEO, Fleet Device Management, sheds light on some of these critical security issues and addresses questions such as: How does an organization manage its devices? Do they know if their devices are compliant and secure? Do they have ways to query them to learn more about their status in real-time? Mike also offers recommendations on how to prepare for the future of device management.

To access and download the entire podcast summary with discussion highlights --

https://www.dchatte.com/episode-31-preparing-for-the-future-of-device-management/

Connect with Host Dr. Dave Chatterjee and Subscribe to the Podcast

Please subscribe to the podcast, so you don't miss any new episodes! And please leave the show a rating if you like what you hear. New episodes release every two weeks.

Connect with Dr. Chatterjee on these platforms:

LinkedIn: https://www.linkedin.com/in/dchatte/

Website: https://dchatte.com/

Cybersecurity Readiness Book: https://www.amazon.com/Cybersecurity-Readiness-Holistic-High-Performance-Approach/dp/1071837338

With increasing digitization and the use of cloud-hosted assets, managing attack surfaces continues to be a major challenge. A recent survey report on the state of attack surface management (ASM) finds security teams drowning in a flood of legacy and ineffective tools with limited discovery capabilities. The need for ASM platforms with advanced digital asset detection capabilities is revealed in the survey findings. David Monnier, Team Cymru Fellow, sheds light on the latest ASM platform capabilities and discusses the implementation challenges and success factors.

To access and download the entire podcast summary with discussion highlights --

https://www.dchatte.com/episode-30-the-state-of-attack-surface-management/

Connect with Host Dr. Dave Chatterjee and Subscribe to the Podcast

Please subscribe to the podcast so you don't miss any new episodes! And please leave the show a rating if you like what you hear. New episodes release every two weeks.

Connect with Dr. Chatterjee on these platforms:

LinkedIn: https://www.linkedin.com/in/dchatte/

Website: https://dchatte.com/

Cybersecurity Readiness Book: https://www.amazon.com/Cybersecurity-Readiness-Holistic-High-Performance-Approach/dp/1071837338

"If you can plan for the zombie apocalypse, you can probably face just about anything," said Tim Callahan, Senior Vice President, and Global Chief Information Security Officer, Aflac during a talk in my Master's level class on cybersecurity readiness at Duke University. In this podcast, Tim describes the key elements of an effective crisis management framework and shares several best practices. Some of the highlights of a robust business resiliency and recovery posture include -- a) well thought-out and rehearsed plan that takes into consideration different scenarios; b) world-class forensics team; c) strong partnership with Legal, HR, Law Enforcement (local FBI and Secret Service), Department of Treasury, and independent agents; d) highly trained in-house teams focused on response and recovery; e) leveraging open-source and paid intelligence; f) CEO led strong commitment throughout the organization; g) honest and candid communication; h) rewards and incentive programs such as the Global Security Challenge Coin; and j) building a caring and empathetic work culture.

To access and download the entire podcast summary with discussion highlights --

https://www.dchatte.com/episode-29-global-security-and-post-breach-management-best-practices/

Connect with Host Dr. Dave Chatterjee and Subscribe to the Podcast

Please subscribe to the podcast so you don't miss any new episodes! And please leave the show a rating if you like what you hear. New episodes release every two weeks.

Connect with Dr. Chatterjee on these platforms:

LinkedIn: https://www.linkedin.com/in/dchatte/

Website: https://dchatte.com/

Cybersecurity Readiness Book: https://www.amazon.com/Cybersecurity-Readiness-Holistic-High-Performance-Approach/dp/1071837338

Security Operating Center (SOC) staff members are often consumed with tedious manual tasks that lead to burnout and can cost organizations millions of dollars in losses due to human error. Thomas Kinsella, Co-Founder & Chief Operating Officer at Tines discusses at length the challenges faced by SOC team members and makes actionable recommendations on how to decrease burnouts, increase retention, and create a better work environment for the security analysts.

To access and download the entire podcast summary with discussion highlights --

https://www.dchatte.com/episode-28-how-to-tackle-burnout-in-cybersecurity/

Connect with Host Dr. Dave Chatterjee and Subscribe to the Podcast

Please subscribe to the podcast so you don't miss any new episodes! And please leave the show a rating if you like what you hear. New episodes release every two weeks.

Connect with Dr. Chatterjee on these platforms:

LinkedIn: https://www.linkedin.com/in/dchatte/

Website: https://dchatte.com/

Cybersecurity Readiness Book: https://www.amazon.com/Cybersecurity-Readiness-Holistic-High-Performance-Approach/dp/1071837338

In a recent news release, Reuters reported that "United States has offered a $15 million reward for information on Conti ransomware group. The FBI estimates that more than 1,000 victims of the Conti group have paid a total in excess of $150 million in ransomware payments."  Victoria Kivilevich, Director of Threat Research at KELA Group, describes the cybercrime ecosystem and provides guidance on how to gain and leverage actionable intelligence from dark and deep web resources.

To access and download the entire podcast summary with discussion highlights --

https://www.dchatte.com/episode-27-actionable-threat-intelligence-and-the-dark-web/

Connect with Host Dr. Dave Chatterjee and Subscribe to the Podcast

Please subscribe to the podcast so you don't miss any new episodes! And please leave the show a rating if you like what you hear. New episodes release every two weeks.

Connect with Dr. Chatterjee on these platforms:

LinkedIn: https://www.linkedin.com/in/dchatte/

Website: https://dchatte.com/

Cybersecurity Readiness Book: https://www.amazon.com/Cybersecurity-Readiness-Holistic-High-Performance-Approach/dp/1071837338

The importance of maintaining uninterrupted services cannot be overemphasized, especially in light of the recent global IT outage fiasco. With the increasing dependence on cloud-based services, uninterrupted connectivity is essential to maintaining business continuity. Since identity providers control access to an organization's application and data, any downtime can shut down mission-critical operations. It was great to have Eric Olden, Co-Founder, Chairman, and Chief Executive Officer of Strata Identity, share his thoughts and perspectives on this critical topic.

To access and download the entire podcast summary with discussion highlights -- https://www.dchatte.com/episode-71-identity-continuity-in-multi-cloud-environments/



Connect with Host Dr. Dave Chatterjee and Subscribe to the Podcast

Please subscribe to the podcast, so you don't miss any new episodes! And please leave the show a rating if you like what you hear. New episodes release every two weeks.

Connect with Dr. Chatterjee on these platforms:

LinkedIn: https://www.linkedin.com/in/dchatte/

Website: https://dchatte.com/

Cybersecurity Readiness Book: https://www.amazon.com/Cybersecurity-Readiness-Holistic-High-Performance-Approach/dp/1071837338

https://us.sagepub.com/en-us/nam/cybersecurity-readiness/book275712

Latest Publications:

"Getting Cybersecurity Right,” California Management Review — Insights, July 8, 2024.

Published in USA Today — “Dave Chatterjee Drops the Cybersecurity Jargon, Encouraging Proactiveness Rather than Reactiveness,” April 8, 2024

Preventing Security Breaches Must Start at the Top

Mission Critical --How the American Cancer Society successfully and securely migrated to the cloud amid the pandemic

Latest Webinars & Podcasts with Dr. Chatterjee as the Guest

Cybersecurity Readiness: Essential Actions For CXOs, August 12, 2024

Non-profits and Cybersecurity, a CAPTRUST podcast

How do you make security a first-class citizen of the software development process? According to an industry report, “many information security engineers don’t understand software development—and most software developers don’t understand security. Developers and their managers are focused on delivering features and meeting time-to-market expectations, rather than on making sure that software is secure.” Harshil Parikh, CEO and Co-Founder Tromzo, shares best practices for reducing the disconnect between software development and information security engineers. One such practice is the establishing and automation of security guardrails for application development.

To access and download the entire podcast summary with discussion highlights --

https://www.dchatte.com/episode-26-reducing-the-disconnect-between-security-and-development-teams/

Connect with Host Dr. Dave Chatterjee and Subscribe to the Podcast

Please subscribe to the podcast so you don't miss any new episodes! And please leave the show a rating if you like what you hear. New episodes release every two weeks.

Connect with Dr. Chatterjee on these platforms:

LinkedIn: https://www.linkedin.com/in/dchatte/

Website: https://dchatte.com/

Cybersecurity Readiness Book: https://www.amazon.com/Cybersecurity-Readiness-Holistic-High-Performance-Approach/dp/1071837338

In a wide-ranging discussion, Vishal Salvi, CISO & Head of Cyber Practice at Infosys, sheds light on a range of topics from CISO empowerment to creating and sustaining a high-performance information security culture. He highlights the importance of "delivering on your agenda" for CISOs to gain trust and credibility. Vishal also recommends making the CISO role independent of the CIO, uniformly enforcing security policies across the organizational hierarchy, and operating at a high state of readiness.

To access and download the entire podcast summary with discussion highlights --

https://www.dchatte.com/episode-25-perspectives-of-a-global-chief-information-security-officer/

Connect with Host Dr. Dave Chatterjee and Subscribe to the Podcast

Please subscribe to the podcast so you don't miss any new episodes! And please leave the show a rating if you like what you hear. New episodes release every two weeks.

Connect with Dr. Chatterjee on these platforms:

LinkedIn: https://www.linkedin.com/in/dchatte/

Website: https://dchatte.com/

Cybersecurity Readiness Book: https://www.amazon.com/Cybersecurity-Readiness-Holistic-High-Performance-Approach/dp/1071837338

Using compelling stories and metaphors, Ted Harrington, author of Hackable: How To Do Application Security Right, and Executive Partner at Independent Security Evaluators, explains the process of hacking and the importance of being able to think like a hacker. He encourages leaders to get excited about information security investments and look for ways of gaining a competitive edge from those investments.

To access and download the entire podcast summary with discussion highlights --

https://www.dchatte.com/episode-24-thinking-like-a-hacker/

Connect with Host Dr. Dave Chatterjee and Subscribe to the Podcast

Please subscribe to the podcast so you don't miss any new episodes! And please leave the show a rating if you like what you hear. New episodes release every two weeks.

Connect with Dr. Chatterjee on these platforms:

LinkedIn: https://www.linkedin.com/in/dchatte/

Website: https://dchatte.com/

Cybersecurity Readiness Book: https://www.amazon.com/Cybersecurity-Readiness-Holistic-High-Performance-Approach/dp/1071837338

"The story of the RMS Titanic has served as a grim reminder that regulatory compliance does not guarantee safety or security. The ship was carrying 2,224 passengers and crew when it sank one April night in 1912, killing over 1,500 people. The designers of Titanic had followed the British Board of Trade by equipping it with 20 lifeboats, and even threw in four more than the regulations required." (securicon.com) Dixon Wright, Vice President, Vice President, Compliance Management and Automation Platform, Coalfire, speaks to the importance of moving beyond the check-the-box approach and engaging in substantive information security compliance efforts. He recommends the judicious adoption and use of appropriate compliance management and automation platforms.

To access and download the entire podcast summary with discussion highlights --

https://www.dchatte.com/episode-23-is-cybersecurity-regulatory-compliance-good-enough/

Connect with Host Dr. Dave Chatterjee and Subscribe to the Podcast

Please subscribe to the podcast so you don't miss any new episodes! And please leave the show a rating if you like what you hear. New episodes release every two weeks.

Connect with Dr. Chatterjee on these platforms:

LinkedIn: https://www.linkedin.com/in/dchatte/

Website: https://dchatte.com/

Cybersecurity Readiness Book: https://www.amazon.com/Cybersecurity-Readiness-Holistic-High-Performance-Approach/dp/1071837338