Explorez tous les épisodes du podcast The Security Collective Podcast
| Titre | Date | Durée | |
|---|---|---|---|
| ‘In Case You Missed It’ - Season 11 mashup | 01 Feb 2023 | 00:28:51 | |
Today we are recapping some of the great episodes from season 11 'In Case You Missed' them! We have put together a snippet of the best parts from each guest for you, and if you like what you hear, click below to listen to the full episode, or head to wherever you enjoy our podcast, and check out the full back catalogue. Links: For the full episode, transcript please visit our website | |||
| 113. Transforming with Samm MacLeod | 18 Jan 2023 | 00:23:39 | |
It’s our last episode for the season, and we are joined by a very good friend of Claire’s and of the podcast, Samm MacLeod. Samm and Claire discuss what's been happening since we caught up with her 12 months ago in season eight, when Samm generously shared her CISO journey through burnout and recent sabbatical. She's now back CISO-ing, and this time they covered digital transformations and security transformations. Samm MacLeod is an experienced Information Security Executive with experience across multiple industry verticals including tech, financial services, and critical infrastructure. Having led several cybersecurity transformation programs, Samm helps organisations imbed effective security practices through cyber security strategy, security operating models, and risk management frameworks. Samm’s experience with boards, audit & risk committees, and executives allows her to bring a unique set of experiences and perspective to the management of technology and cyber risk and the delivery of security best practice. She is currently an appointed Netskope Security Board Advisor and has previously held non-executive positions on a critical infrastructure board (AEMO Cybersecurity Board), securitisation & financial services board (MEPM) and Information Security education and research board (Deakin Executive Board). Based on the Bellarine Peninsula, Samm is an industry speaker and writer, and an advocate for diversity in cyber. Links: For the full episode transcript, please visit our website. The Security Collective podcast is proudly brought to you in partnership with LastPass, the leading password manager. | |||
| 104. The next frontier of cyber controls with Marc Bown | 26 Oct 2022 | 00:34:03 | |
The first episode for this season we welcome Marc Bown the CISO and Enterprise Technology lead at Immutable, a web3 gaming scale up. Claire and Marc discuss the culture versus tech debate, exactly what web3 gaming is, and Marc shared his thoughts on what we as a security industry are still trying to get right. Prior to Immutable, Marc helped found the security teams at Sportsbet, Fitbit and Afterpay. Passionate about building empowered, high-performing teams, he believes that good security is as much about culture as it is technology. Links: The Security Collective podcast is proudly brought to you in partnership with LastPass, the leading password manager. For the full episode transcript please visit our website. | |||
| 25. Paul Chapman, Global CIO, Box | 25 Mar 2020 | 00:19:51 | |
Paul Chapman is the Global Chief Information Officer at Box, where he is responsible for leading the company’s global information technology strategy, cyber risk and compliance practices and customer advocacy. Prior to Box, Paul was the CIO of HP Software for HP. Paul also served as Vice President of Global Infrastructure and Cloud Operations and Vice President of Enterprise In this episode, Paul will share his hiring process and describe the characteristics that make a good candidate. He’ll provide insight into the potential conflict between a CIO and CISO, and its necessity in managing an effective decision-making process. Paul discusses Box's requirements for candidates with a strong personal brand, reputation in the market and having the respect of others in the community and why this is critical to the role, as well as finding a good cultural fit. He also shares the ways that Box invests in a number of different dimensions in security to ensure the highest level of security function and structure. Links: Time Stamps:
| |||
| 24. Finding Common Ground with Tamara Martin | 18 Mar 2020 | 00:17:00 | |
Tamara Martin commenced her career as a qualified lawyer and then transitioned into consulting in Crisis, Emergency, and physical security management, servicing a broad range of global and domestic and critical infrastructure organisations. After gaining a well-rounded skill set through her consulting experience and first client-side role with Jemena, Tamara decided to take up a newly created full-time position within the AGL Energy Security team. Since commencing at AGL in mid-2017, Tamara has developed high-end skills and expertise in business resilience, specifically intelligence, strategic, physical security, crisis management, travel security, and aspects of cyber security During this episode, Tamara will provide insights into finding common ground amongst those within your diverse organisation. Listen as she reveals the most valuable lessons she has learned through her transition into the cyber security industry. Tamara shares her knowledge on the skills gained in other industries and professions that are transferable to cyber security, as well as the traits that can identify a candidate that may be new to cyber but has the potential to enhance your team.
Link: Time Stamps:
| |||
| 23. Damien Scalzo, CIO, Mercedes Benz Financial Services | 11 Mar 2020 | 00:19:43 | |
Damien Scalzo is the CIO of Mercedes-Benz Financial Services Australia/New Zealand. For over 15 years, Damien has combined his business and technology experience as a CIO, Management Consultant, Systems Integrator and Chartered Accountant to help organisations use technology to add value to their core and new business processes across industries including Financial Services, Manufacturing, Utilities, and Public sector. Damien is passionate about technology and also spends time mentoring startups to grow and scale In this episode, Damien will share his tips on managing cyber security at the executive level. As a mentor for startups, Damien is able to share with us exactly when startups should be considering their security strategy. Using his experiences from a combination tech leadership and security background, Damien shares various effective reporting structures for security leaders. Find out how Damien keeps his knowledge on current security trends updated, and how he uses this information to protect the organisation Links: Time Stamps:
| |||
| 22. Victoria Kluth, CEO, Araza | 04 Mar 2020 | 00:27:13 | |
Victoria Kluth is the CEO of Araza, a technology company that specialises in the implementation of complex solutions including cloud-based applications and enterprise systems integration. Victoria is recognised as one of Australia’s most successful entrepreneurs and has won the Optus Business Leader of the Year award and ARN Entrepreneur of the Year. Her organisation has been presented multiple technical awards, and is on multiple 'fast' lists in Asia and Australia. During this episode, Victoria will share the guiding principles that have allowed Araza to achieve fast growth. Listen and learn about the Araza Women in Cyber program, developed to help address gender diversity within the cybersecurity industry. Discover how the program is providing entry-level female cybersecurity candidates with experience to launch their cyber careers. Links: Time Stamps:
| |||
| 21. Anna Leibel, CIO, UniSuper | 18 Dec 2019 | 00:36:15 | |
Anna Leibel is the Chief Information Officer of UniSuper, an Australian superannuation fund that provides superannuation services to employees of Australia's higher education and research sector. She has spent two decades building and leading teams to deliver business transformation, and has been successful in launching new businesses, expansion into Asia, enterprise technology, global sales, and start-ups. During this episode, Anna will share her business technology and transformation strategy for Cyber Security leaders in this digital transformation age. Learn the non negotiable traits a successful security leader must have. Gain insight into the gender diversity in the workplace and the strategy for an internal or external security breach. Links: Time Stamps:
| |||
| 20. Family Friendly Security Startups with Fatemah Beydoun | 11 Dec 2019 | 00:15:37 | |
Fatemah Beydoun is a founding team member of Secure Code Warrior, a secure coding company with innovative solutions helping AppSec Managers and DevSecOps to not only shift left but start left. As VP of Customer Success and Operations, Fatemah is responsible for turning SCW’s customers into its biggest advocates, improving Customer Success maturity, and leading the Customer Success teams globally. During this episode, Fatemah will discuss a family-friendly policy that will allow you to finally find your work & family balance. You’ll also hear insight into why the organisation attracts so many passionate employees. Lastly, find out how to retain quality staff during the ‘skills crisis.’ Links: Time Stamps:
| |||
| 19. Career Growth Through Industry Volunteering with Kathleen Smith | 04 Dec 2019 | 00:25:47 | |
Kathleen Smith, CMO for CyberSecJobs.Com and ClearedJobs.Net, has coached thousands of job seekers and employers on how to better connect and work together to achieve the mutual goal of employment. Kathleen presents at several conferences each year on recruiting and job search. Some of the conferences she has presented at as a sole presenter or moderator include BSidesLV, BSidesTampa, BSidesSATX, DerbyCon, CircleCityCon, FedCyber, and CyberSecureGov. Kathleen is Director of HireGround, BSidesLV’s two-day career track. During this episode, Kathleen shares how industry volunteering can help career progression within your company. Learn to solve the cybersecurity skills shortage within your organization. Lastly, find out how to promote employee retention with quality security employees in the security market. Link: Time Stamps:
| |||
| 18. William Confalonieri, Chief Digital and Information Officer, Deakin University | 27 Nov 2019 | 00:16:29 | |
William Confalonieri is Deakin University’s Chief Digital and Information Officer, appointed in January 2012. He has postgraduate qualifications in Computer Science, Business, Negotiation, and Economics, is a certified Enterprise Architect and a graduate from the Australian Institute of Company Directors. William was awarded Australian CIO of the Year by IT News in 2014 and 2018, and by the CEO Magazine in 2016 and 2018 (runner-up). During this episode, William will identify and overcome the challenges you may face when building a quality security team. Learn the strategies for developing a cohesive cyber security team including his best advice for aspiring security team leaders. Links: Time Stamps:
| |||
| 17. Justin Davies, CIO, Ovato | 21 Nov 2019 | 00:16:10 | |
Justin Davies is the CIO at Ovato, Australasia's leading media, marketing, and printing company. Justin has over 30 years of professional experience in the Media and IT industry, holding a broad mix of functional skills including business management, consulting, sales, product, project office, and IT management. During this episode, Justin will share how to get your network and security teams working together. Overcome common obstacles when building a security function and a secure way of doing business. Learn to find growth opportunities while understanding the different advantages of internal and external recruitment. Links: Time Stamps:
| |||
| 16. Security Teams and the Board with Megan Haas | 13 Nov 2019 | 00:21:52 | |
Megan Haas is a former Cyber and Forensic Services Partner at PricewaterhouseCoopers (PwC) with over 30 years’ experience in Information Risk Management and Assurance and core competencies centered around Governance, Risk, Information Technology and Cyber Security. After spending many years advising audit committees and specialising in business and Information Technology processes and controls, she turned her focus to increasing stakeholder confidence and governance of cyber security and privacy, anti-fraud and corruption risks, compliance and post-incident remediation. Her current board roles include RMIT University, Development Victoria and the Advisory Board of the University of Melbourne Academic Centre for Cyber Security Excellence. During this episode, Megan will share insight into her 30+ years of experience working in the cyber security sector. Learn how organisations can retain long-term high caliber talent while attracting an appropriate level of gender diversity in the workplace. Find out ways board members can better understand security teams' roles and responsibilities.
Link:
Time Stamps:
| |||
| Season 11 Teaser | 19 Oct 2022 | 00:01:15 | |
Listen as Claire provides a quick overview of what to expect this upcoming season on The Security Collective podcast - kicking off next Thursday 27 October. The Security Collective podcast is proudly brought to you in partnership with LastPass, the leading password manager. You can read the full transcript on our website | |||
| 15. Dan Giesen-White, CIO, McMillan Shakespeare | 06 Nov 2019 | 00:18:11 | |
Dan Giesen-White is the Chief Information Officer at McMillan Shakespeare Limited, a trusted, market-leading provider of salary packaging, novated leasing, asset management, and related financial products and services. He has over 20 years’ experience in IT and 15 years’ strategic analysis and program management experience with a strong track record of leading change in IT and across the business. During this episode, Dan will share how you can source the proper staff with the level of maturity your company needs to succeed. Find out what it means to build a security capability rather than just another team. Learn how ASIAL has helped lead his security team including the best advice for new security leaders.
Link:
Time Stamps:
| |||
| 14. From Security Architecture to Senior Leadership with Dan Maslin | 30 Oct 2019 | 00:19:25 | |
Dan Maslin is the Head of Cyber Security for RACV, a key strategic role with accountability across several functions including strategy, architecture, operations, audit, compliance, risk, advisory and awareness & outreach, in a diverse and rapidly changing business. He has two decades of enterprise IT experience across various roles and industries in Australia and the UK, and holds the Certified Information Systems Security Professional (CISSP), Certified in Risk and Information Systems Control (CRISC) and Certified Information Security Manager (CISM) security certifications. During this episode, Dan will share the team management skills you need to lead and build your security team. Learn why your approach to hiring may be improved including a strategic diversity plan for new team hires. Find out how to strike a balance between your insource and outsource talent. Links: Time Stamps:
| |||
| 13. Cameron McLean, CIO, Yarra Valley Water | 23 Oct 2019 | 00:19:56 | |
Cameron McLean is the Chief Information Officer at Yarra Valley Water, Melbourne's largest retail water utility, providing essential water and sanitation services to more than 1.8 million people. He developed his knowledge of and passion for Cyber Security during his time as CTO and General Manager of a credit card payments organisation, and this has stood him in good stead for the challenges facing his current industry. During this episode, Cameron will share how to implement new strategies without disrupting your organisation. Learn from his hands-on experiences with security breaches and bring your security team together while fitting the needs of the leader and organisation. Find out ways to accept ongoing challenges for long term success and apply practical yet powerful advice as a new Cyber Security leader.
Links:
Time Stamps:
| |||
| Season 2 is coming, and we are going LIVE! | 11 Oct 2019 | 00:01:15 | |
On the back of the success of season 1 of The Secure CIO Podcast, host Claire Pales presents a quick taste of season 2, and shares information on the upcoming LIVE recording of The Secure CIO Podcast! Hitting the road in Melbourne on 23rd October 2019. Secure your tickets at thesecurecio.com.
| |||
| 12. The Cybersecurity 'Roles' Crisis with Nick Ellsmore | 21 Aug 2019 | 00:32:02 | |
Nick Ellsmore is Co-Founder of Hivint, now a part of Trustwave, an Optus company, and creator of cyber-security collaboration portal Security Colony. He was previously co-founder of SIFT and Stratsec, and has served on boards and forums including the Internet Industry Association, the NATA AAC for Software Testing, UNSW Advisory Boards, and the APEC TEL Security & Prosperity Steering Group. During this episode, Nick will share the component to selecting employees who will fit well in your organization. Find out how great leaders create and share a positive vision and successful team atmosphere. Learn the benefits of focusing on diversity in the workplace and what it takes to become a great Security Leader. Links: Discussed: Time Stamps:
| |||
| 11. Skills, Capabilities and Benchmarking with Louise Smith | 14 Aug 2019 | 00:35:01 | |
Louise Smith is the Australian computer society director for workforce development and education. She is a business capabilities specialist with over 15 years of experience consulting to individual businesses and governments on the skill needs within their organization. During this episode, Louise will discuss the SFIA Framework and its application to organizations. Find out how individuals can define their current skill set in the cybersecurity workforce. Learn if your organization can benefit from a variety of skills and experience amongst your team.
Links:
Time Stamps:
| |||
| 10. Cohesive Teams with David Jorm | 07 Aug 2019 | 00:26:11 | |
David Jorm is the Senior Manager at Commonwealth Bank, a business that offers a full range of financial services to help all Australians build and manage their finances. David has been working in the tech industry for 20 years, with a focus on managing security teams for the last 7 years. His experience has spanned government, corporate, and startup environments in several countries. During this episode, David will talk about the skills a CIO should be looking for if they want to advance a technical person into a leadership role. Learn the challenges of hiring and retaining staff including ways to building an effective team through diversity. Find out what you need to know about working with a third-party recruiter.
Links:
Time Stamps:
| |||
| 9. Tuning In with Karen Worstell | 31 Jul 2019 | 00:29:38 | |
Karen Worstell is the CEO of W Risk Group, a Denver based cybersecurity consultancy focused on helping companies demonstrate due diligence to a defensible standard of care. Karen has also been the CEO of AtomicTangerine, a Silicon Valley startup, and tenure as Chief Information Security Officer (CISO) at Microsoft Corporation, AT&T Wireless, and Russell Investments. During this episode, Karen will share how leaders can build and cultivate a successful security team through her diversity and sourcing plans. Follow the discussed core principles when building and aligning your security team. Learn how the ‘skills crisis’ is effecting the hiring process and the impact the ‘Be an ally’ program has on the tech industry.
Links:
| |||
| 8. Lateral Career Moves with Craig Templeton | 24 Jul 2019 | 00:25:15 | |
Craig Templeton is CISO at REA Group Limited, a leading digital business specializing in property. Craig brings over 23 years experience in the security field, having worked for a variety of blue-chip organizations globally including IBM, Deloitte and ANZ Bank. He sits on a number of Executive Board advisory committees, has association with research institutes in London, Canberra, Sydney and Melbourne and also participates in several cyber security start-up mentoring programs including CyRise. During this episode, Craig will share how to attract and retain high caliber talent to your organization. Learn what skills are needed to run a small business and what type of tasks to outsource. Listen to the end for crucial advice for new startups in the industry.
Links:
Time Stamps:
| |||
| 7. Security Leadership; Manager v Maker, with Caroline Wong | 17 Jul 2019 | 00:38:21 | |
Caroline Wong is the Chief Security Strategist at Cobalt.io, a PTaaS platform that transforms yesterday's broken pen test model into a data-driven vulnerability management engine. Caroline is a dynamic cybersecurity expert with more than a decade of industry experience as a day-to-day manager at eBay and Zynga, product manager at Symantec, and managing consultant at Cigital (now Synopsys). She also holds positions on multiple industry advisory boards, including the North American Advisory Council for ISC2 and the RSA Conference Advisory Board. During this episode, Caroline will share how to transition from managing yourself to managing others. Learn to become a great security leader and encourage others to grow and lead. Match potential candidates with jobs that need to be filled, work with remote teams, and address compensation expectations.
Links:
Time Stamps:
| |||
| 'In Case You Missed It' - Season 10 mashup | 31 Aug 2022 | 00:16:45 | |
We've taken some clips of wisdom from five of our guests this season and brought them together in a neat package for you. This season in partnership with LastPass, we focused heavily on third party risk and supply chain security. For the full episode transcript, please visit our website. The Security Collective podcast is proudly brought to you in partnership with LastPass, the leading password manager.
| |||
| 6. Growing Teams from Scratch, with Darren Argyle | 10 Jul 2019 | 00:40:49 | |
Darren Argyle is the co-founder of Cyber Resilience which delivers executive cyber leadership programs to support the next generation of cyber leaders and emerging CISO’s. Darren is an accomplished executive with close to 20 years of international cyber risk and security experience and broad expertise in providing hands-on leadership, strategic C-level/board direction and program execution. He was named in the top 100 Chief Information Security Officers globally in 2017 and the top 100 Global IT Security Influencers in 2018. During this episode, Darren will share how to navigate the global skills crisis in search of highly experienced and well-rounded security team members. Learn when to utilize an outsourced model and when to work with permanent in-house hires. Listen for ways to overcome the biggest challenges in the cybersecurity space including his major lessons learned over his career.
Links:
| |||
| 5. You Can’t Teach Attitude, with Michelle Price | 03 Jul 2019 | 00:33:37 | |
Michelle Price is the CEO at Aust Cyber, a company that supports the development of a vibrant and globally competitive cyber security sector. Before joining AustCyber, Michelle was the first Senior Adviser for Cyber Security at the National Security College within The Australian National University. In this role, she established an integrated approach to the College’s cyber security program across executive and postgraduate education and policy engagement. During this episode, Michelle will discuss the skills and qualities that employers must look for in security staff in order to build a truly successful team. Listen as she encourages others to increase diversity in the cyber security workforce and continue to inspire people with the possibilities of cyber innovation.
Links: AustCyber:
Time Stamps:
| |||
| 4. Establishing Essential Hiring Criteria with Jo McCatty | 26 Jun 2019 | 00:24:14 | |
Jo McCatty is a recruitment leader with expertise across different sectors serving the UK, EU and APAC markets. Her key interest is driving success and delivery of outcomes through people, technology and change/transformation (aka ambiguity). Jo also has an interest in working on Complex People Projects , and she is passionate about Candidate Attraction , Engagement & Management, Acquisition as well as Coaching. Currently working onsite with ANZ in their NICHE Sourcing squad, Jo is working to attract engineering talent into the business during an exciting time of change in the world of Technology. During this episode, Jo will share how to overcome the top challenges when hiring staff in cybersecurity including ways to build and grow your team. Learn the role diversity plays in your hiring and sourcing plans. Find out how leaders and employees should harness the power of mentorship for long term success.
Links:
Time Stamps:
| |||
| 3. Security Sourcing: Cracking The Code with Craig Searle | 19 Jun 2019 | 00:30:53 | |
Craig Searle is the co-founder of Australian cybersecurity consultancy, Hivint, and the security collaboration platform, Security Colony – both of which were acquired by Trustwave, an Optus company, in December 2018. Craig has over 12 years of experience in the security industry, working in the finance, government, telecommunications and infrastructure sectors. He has been directly responsible for the delivery of a number of strategically-critical security programs for a range of clients, including a $10m PCI DSS compliance program for one of Australia’s leading health insurers, achieving compliance on-time and on budget. During this episode, Craig offers a unique perspective on the shortage of talent in the cybersecurity industry and ways to create a proper solution. Find out if we are losing potential in house professionals to cybersecurity startups. Learn the best practices for new hire onboarding and enable your team to succeed long term.
Links:
| |||
| 2. Finding the Time To Find the Talent with Samm MacLeod | 12 Jun 2019 | 00:36:30 | |
Samm MacLeod is the CISO at AGL, Australia's leading energy company offering electricity, gas, solar and renewable energy services to homes and businesses. Samantha is an accomplished professional with more than 20 years’ experience supporting business strategies through technology enablement, risk management, security, and governance. In her role as CISO at AGL, Samantha is accountable for aligning Cybersecurity strategy with business strategic initiatives and integrating security practices across the organization. During this episode, Samantha will bring light to the obstacles you may face when sourcing for security teams. Listen for her suggested immediate hiring needs and why you should strategically create employee longevity. Find out if the cybersecurity talent gap is really an industry crisis and how encouraging a diverse team of talented professionals may be the solution to a successful team.
Links:
Time Stamps:
| |||
| 1. Security in Context with Jonathan Werrett | 06 Jun 2019 | 00:26:35 | |
Jonathan Werrett is the head of information security at FitBit and prior to that, he ran product security at Palantir. Jonathan has spent the last decade building infosec teams and maturing security operations. His roles have spanned security engineering in Silicon Valley, pentesting in APAC, and devops/SRE in Europe. During this episode, Jonathan will share core principles to follow when hiring and building a team in information security. Learn to find ideal leadership even when the talent pool is subpar and explore the importance diversity plays in the hiring process. Listen to the end to hear some of Jonathan's hardest lessons learned during his 15+ years in the industry.
Links:
Time Stamps:
| |||
| 103. The Future of Third Party Cyber Risk with Alla Valente | 24 Aug 2022 | 00:27:31 | |
Following the success of our recent webinar, Claire is again joined by Alla Valente, this time they discuss the role of procurement, talk about supply chain risk as an enterprise wide risk and discuss who might own this risk. They covered how businesses are struggling to give third parties limited access to data and systems, and the flow on effects of managing the right level of access to get the job done. Alla Valente is a senior analyst at Forrester serving security and risk professionals. She covers GRC, third-party risk (TPRM), supply chain risk (SCRM), and contract lifecycle management (CLM) strategy, best practices, and technology. Her research includes coverage of key regulatory compliance issues; risk management, ethics, and trust in digital transformation; and operational resilience. In this role, she helps Forrester clients build and mature a comprehensive programs that maximises business opportunity and performance while minimising risk and protecting the organisation’s brand. Links: For the full episode transcript, please visit our website The Security Collective podcast is proudly brought to you in partnership with LastPass, the leading password manager. | |||
| 102. Cyber in local government with Paul Barrett | 17 Aug 2022 | 00:17:20 | |
Claire is joined by Paul Barrett as they talk about cyber culture in local government, how the governance model for cyber is changing for the better, and Paul shares why he sees audits as a gift. It is great hearing Paul's view on cyber and getting a glimpse into being a CIO and local government. Paul Barrett is an experienced an IT professional with nearly 15 years industry experience and 7 years local Government experience. His technical background is in network and security with a transition into people leadership, governance and information management over the last 6 years. Paul has a passion for implementing tangible change within organisations and place business process improvement at the core of technology solutions, and enjoys building high performing teams, hiring character ahead of technical ability. Links: For the full episode transcript, please visit our website The Security Collective podcast is proudly brought to you in partnership with LastPass, the leading password manager. | |||
| 101. Crisis Talks with Grant Chisnall | 10 Aug 2022 | 00:21:33 | |
Claire is joined by Grant Chisnall a crisis trainer, advisor and podcaster, who has a passion for leadership communication and decision making. In this episode they covered a lot of ground including the escalation from incident response to crisis management, and talk about business collaboration before an incident, and how to plan for resilience while mopping up a cyber incident. Grant has supported some of the world's leading organisations through crisis events ranging from cyber attacks to coronavirus; activism to air crashes; and from Natural disasters to workplace fatalities. His podcast ‘Crisis Talks’ tells the extraordinary stories of people who have led through crises and their stories of leadership and resilience in the face of adversity. Grant’s aim is to help leaders prepare for the worst-case scenarios and respond proactively and with confidence to any incidents that threaten their people, operations or reputation. Links: For full episode transcript please visit our website. The Security Collective podcast is proudly brought to you in partnership with LastPass, the leading password manager. | |||
| 100. Celebrating 100 episodes! | 03 Aug 2022 | 00:08:21 | |
To celebrate the 100th episode and recently hitting 30,000 downloads, Claire wanted to honour some of the guests that have given their time and thought leadership so generously. So here's a little trip down memory lane, which we hope that you enjoy. For the full episode transcript, please visit our website. The Security Collective podcast is proudly brought to you in partnership with LastPass, the leading password manager. | |||
| 99. The challenges & risks of supply chain security with Alla Valente & Vijay Krishnan - part 2 | 27 Jul 2022 | 00:25:25 | |
In part 2 of Claire’s webinar with Alla Valente and Vijay Krishnan they cover software supply chain, how to navigate fourth party risk and talked about offshore supply chain risks such as privacy and data sovereignty, as well as some great audience questions. they cover software supply chain, how to navigate fourth party risk and talked about offshore supply chain risks such as privacy and data sovereignty. They also covered some great audience questions. Alla Valente is a senior analyst at Forrester serving security and risk professionals. She covers GRC, third-party risk (TPRM), supply chain risk (SCRM), and contract lifecycle management (CLM) strategy, best practices, and technology. Her research includes coverage of key regulatory compliance issues; risk management, ethics, and trust in digital transformation; and operational resilience. In this role, she helps Forrester clients build and mature a comprehensive programs that maximises business opportunity and performance while minimising risk and protecting the organisation’s brand. Vijay Krishnan is the CISO at UniSuper leading Security Operations, Security Governance, Risk & Compliance, Security Strategy, Architecture & Design, Identity & Access Management, and Enterprise Observability. In his role, he leads a multi-year security program to reduce UniSuper security risk thus protecting UniSuper members. Vijay has extensive experience in negotiating clear and concise security and technology outcomes in regulatory, policy and outsourcing agreements delivering value creation opportunities. He has large, diverse national and international experience with extensive executive and Board level exposure. Links: Episode #48 The value of great boss with Vijay Krishnan+ Questions for Alla's upcoming recording with Claire For the full episode transcript, please visit our website The Security Collective podcast is brought to you in partnership with LastPass, the leading password manager. | |||
| 98. The challenges and risks of supply chain security with Alla Valente and Vijay Krishnan -part 1 | 20 Jul 2022 | 00:27:10 | |
Earlier this week Claire hosted a live webinar with Alla Valente and Vijay Krishnan as they shared their insights on supply chain security versus third party risk. In part 1 Vijay covers APRA's CPS234 and the need for effective security controls, not just compliant ones. We also cover the role of legal and procurement in the third party assurance process. There's a tonne of great insights to be gleaned from both Alla and Vijay in this ever present risk. Alla Valente is a senior analyst at Forrester serving security and risk professionals. She covers GRC, third-party risk (TPRM), supply chain risk (SCRM), and contract lifecycle management (CLM) strategy, best practices, and technology. Her research includes coverage of key regulatory compliance issues; risk management, ethics, and trust in digital transformation; and operational resilience. In this role, she helps Forrester clients build and mature a comprehensive programs that maximises business opportunity and performance while minimising risk and protecting the organisation’s brand. Vijay Krishnan is the CISO at UniSuper leading Security Operations, Security Governance, Risk & Compliance, Security Strategy, Architecture & Design, Identity & Access Management, and Enterprise Observability. In his role, he leads a multi-year security program to reduce UniSuper security risk thus protecting UniSuper members. Vijay has extensive experience in negotiating clear and concise security and technology outcomes in regulatory, policy and outsourcing agreements delivering value creation opportunities. He has large, diverse national and international experience with extensive executive and Board level exposure. Links: Episode #48 The value of great boss with Vijay Krishnan Questions for Alla's upcoming recording with Claire For the full episode transcript, please visit our website The Security Collective podcast is brought to you in partnership with LastPass, the leading password manager. | |||
| The challenges and risks of supply chain security - webinar | 13 Jul 2022 | 00:01:23 | |
Join us Tuesday 19 July 2022 at 10:30am (AEST) as we are going live for The Security Collective podcast in partnership with LastPass. We've invited Vijay Krishnan from UniSuper and Alla Valente from Forrester to join Claire in a conversation about supply chain security. You can learn more on our website Register for the event here | |||
| 112. Security as a differentiator with Jamie Newman | 11 Jan 2023 | 00:21:46 | |
Jamie Newman has a refreshing take on security and joins Claire as they chat about understanding the security posture in diverse organisations, they discuss about third party contracts, how much money you should be spending on compliance and what meaningful metrics might look like. Jamie is an experienced IT Leader with more than 20 years experience in applications and infrastructure transformation in varying national and regional roles. His career started in HR, but then quickly moved into a technology path in the late 90's and has worked predominantly in Manufacturing, Retail and B2B environments, working in Singapore, Japan and the Middle East. Jamie moved into senior management in 2008, and has been in C level roles for the last 10 years. Links: For the full episode transcript please visit our website The Security Collective podcast is proudly brought to you in partnership with LastPass, the leading password manager. | |||
| 97. The reality of cyber incident response with Ellis Brover | 06 Jul 2022 | 00:24:51 | |
Claire chats with former Toyota Australia CIO Ellis Brover, as he shares his thoughts on incident response through the lens of the CIO. They discuss how security maturity can dictate reporting lines, how organisations should seek to test the reality of systems being shut down because of an incident, and really how moral support goes a long way during a cyber incident. Ellis Brover is a recognised IT leader with a track record over three decades of building and leading world-class IT organisations, driving transformational change, and delivering tangible business value. His experience spans a range of roles and industries, across a range of organisational scales from startups to multi-nationals. Most recently Ellis was CIO of Toyota Australia, where he led a transformation of the IT function from an internally-focussed service provider to a strategic enabler, driver of innovation, and role model for outstanding customer service. Ellis grew and led a team of 300+ that delivered an industry-leading digital business capability as well as a rapid transformation in cyber security maturity, whilst dramatically improving efficiency and contributing to business growth. Ellis is now pursuing advisory and consulting opportunities, aiming to add value to the business success of organisations and the development of their people through his extensive experience. Links: For the full episode transcript, please visit our website The Security Collective podcast is proudly brought to you in partnership with LastPass, the leading password manager. | |||
| 96. Securing managed IT services with Jeremy Herbert | 29 Jun 2022 | 00:23:14 | |
Claire chats with Jeremy Herbert, the CIO of Premier Technology Solutions. They covered how small businesses were affected during COVID, and what organisations of all sizes need to consider when it comes to the partners they need to manage cyber risk. On the podcast, we don't often cover cyber risk for organisations as small as maybe just a handful of people, so it was so great to change things up a bit and hear about the challenges that Jeremy and the Premier team are managing for smaller business. Jeremy Herbert is the CIO of Premier Technology Solutions with a unique approach to technology. As a CIO of a Technology Managed Service Provider, he is not only focused on the strategic business direction for Premier but also focused on the strategic direction for the clients that Premier support. Links: Premier Website For the full episode transcript, please visit our website. The Security Collective podcast is proudly brought to you in partnership with LastPass, the leading password manager. | |||
| 95. Build your third party cyber fitness with Susie Jones | 22 Jun 2022 | 00:30:20 | |
We are back with our 10th season of the podcast, and to kick it off Claire is joined by Susie Jones from Cynch Security. Susie and Claire discuss supply chain risk, small business cyber fitness and the recent changes to security legislation. Susie also shared her thoughts on the role of government in securing all businesses. Susie Jones is an experienced leader and risk manager who spent years specialising in the people and process elements of general and cyber risk management, and is passionate about bringing big solutions to the small business market. Before co-founding Cynch in 2018, Susie's previous roles included Head of Cyber Security Business Services at Australia Post. Links: For the full episode transcript, please see our website. The Security Collective podcast is proudly brought to you in partnership with LastPass, the leading password manager. | |||
| Season 10 preview | 20 Jun 2022 | 00:01:21 | |
We are thrilled to be bringing you Season 10 of The Security Collective podcast, with the first episode out this Thursday 23 June. Take a listen for a preview of what is to come this season. The Security Collective podcast is proudly brought to you in partnership with LastPass, the leading password manager. | |||
| In Case You Missed It - Season 9 mashup | 04 May 2022 | 00:14:20 | |
This season on The Security Collective podcast we have invited guests to speak specifically about how we can change the behaviours of our staff when it comes to their cybersecurity habits and actions. This is a mashup episode where Claire wanted to cover some really important points that some of the guests made, and encourage you to go back and listen to the full episodes if you find these nuggets of gold to be incredibly interesting, and you want to hear what else these guests had to say. Quick link to guest episode: For this full episode transcript, please visit our website | |||
| 94. The role of technology in cyber culture change with Chris McNaughton | 27 Apr 2022 | 00:19:39 | |
Closing out the theme of this season Claire is joined by Chris McNaughton and they discuss how data protection and security awareness are linked, the challenges of insider threat, and how leaders across your business can promote more secure behaviours. Chris is a Director of SECMON1. Chris’ career commenced in law enforcement, where he was a recognised expert in digital forensics and management of electronic evidence. Moving into the corporate world in 2007, Chris accepted a global role with General Electric (GE) Capital where he was responsible for electronic discovery, digital forensics and investigations. In his position at GE, Chris implemented and managed a number of e-discovery platforms for GE Capital as well as reviewing and improving the Corporate e-discovery platform. In his current role Chris provides advisory services to Government and corporate clients in the cyber security areas of Insider Risk, Data Analytics, Digital Forensics and Workplace Investigations. For full episode transcript, please visit our website This season we have partnered with Lastpass -the leading password manager – and we are discussing behaviour and influence when it comes to cybersecurity. | |||
| 93. Empowering the Board with Ian Yip | 20 Apr 2022 | 00:23:52 | |
Claire is joined by Ian Yip, Founder and CEO of Avertro, the cyber-why company. They discuss cyber culture at the board level and talk about the impact of security leadership on the culture within cyber teams. Ian talks about the value of using the business's language in your cybersecurity discussions at the board level, and about bringing meaningful information to directors and doing so proactively. They also discuss that you have to rock the boat sometimes to make real change and the burnout that can come from this. Avertro is a venture-backed cybersecurity software company based out of Sydney, Australia. Ian has two decades of cybersecurity experience in a variety of leadership, advisory, strategy, sales, marketing, product management and technical roles across Asia Pacific and Europe in some of the world’s leading companies including McAfee, Ernst & Young, and IBM. Links: For the full episode transcript please visit our website This season we have partnered with Lastpass -the leading password manager – and we are discussing behaviour and influence when it comes to cybersecurity. | |||
| 92. Cyber communications for the greater good with Olivia Grandjean-Thomsen | 13 Apr 2022 | 00:23:34 | |
Olivia Grandjean-Thomsen is passionate about designing and implementing internal and external communication and stakeholder engagement strategies for the private, public and not-for-profit sectors. Olivia joins Claire and shares what good long-term communications planning can look like, how to measure cybersecurity communications programmes, and they talk about some of the grand scale comms activities Olivia has led. Olivia currently works as the Head of Communication, Media, Events and Brand at Stone & Chalk Group, which includes AustCyber – an Industry Growth Centre aimed at driving innovation, productivity and competitiveness in the cyber security sector by focusing on areas of competitive strength and strategic priority. Previously, she was the Strategy Lead and Head of Content at My Health Record – a high profile digital transformation project at the Australian Digital Health Agency. She has worked as a Senior Communications Strategist at contentgroup, and for Global Access Partners – a public policy think-tank that initiates strategic discussions on pressing social, economic and structural issues to increase stakeholder participation in the development of government policy. Links: For the full episode transcript, please visit our website This season we have partnered with Lastpass -the leading password manager – and we are discussing behaviour and influence when it comes to cybersecurity. | |||
| 91. Communicating about Privacy (without the boring bits) with Kate Monckton | 06 Apr 2022 | 00:31:07 | |
Claire talks with Kate Monckton, a Partner in Cyber Risk at Deloitte, about the difference between cyber and privacy, and why we should never apologise for cyber or privacy being boring. Kate joined Deloitte in February 2022 as a Partner in Cyber Risk. Prior to this she spent over ten years as part of the Security Senior Leadership team at nbn. Before joining nbn, Kate held security roles at Symantec and Microsoft both in Australia and the UK. In December 2021 she was named 'Australia's Most Outstanding Woman in IT Security' at the Australian Women in Security Awards. Kate was a member of the Board of the International Association of Privacy Professionals ANZ for five years, including two as the President. She is also a co-founder of the Security Influence and Trust (SIT) Group. Links: For the full episode transcript, please visit our website. This season we have partnered with Lastpass -the leading password manager – and we are discussing behaviour and influence when it comes to cybersecurity. | |||
| 90. The impact of COVID on cyber engagement with Amy Ertan | 30 Mar 2022 | 00:29:25 | |
In Claire’s chat with Cyber Security Fellow Amy Ertan, whose research focus is on the security implications of emerging technologies as well as themes relating to the human aspects of cybersecurity, they talk about her recent findings post COVID lockdowns. Amy shares the impact of COVID on security behaviours and her research into how psychological safety, company loyalty and culture all play a part. They talk about whether phishing exercises work, and who Amy believes is doing security influence well. Amy's commitment to cyber through her studies and what she gives back to the industry is commendable. Amy Ertan is a Cybersecurity Fellow at the Harvard Kennedy School’s Belfer Center for Science and International Affairs, an Information Security Doctoral Candidate at Royal Holloway, University of London, and a Visiting Researcher at the NATO Cooperative Cyber Defence Centre of Excellence. Her research interests focus on the security implications of emerging technologies as well as themes relating to the human aspects of cybersecurity. Amy has published UK government-affiliated reports on organisational cybersecurity behaviours, engaging C-suite colleagues with cyber risk management themes, and on the impact of pandemic-driven remote working in organisations. She holds CISSP and CREST Threat Intelligence qualifications and has previously worked in roles in areas including cyber intelligence, strategy and policy research, cyber wargame design and execution, and security risk management. Links: For the full episode transcript - please visit our website This season we have partnered with Lastpass -the leading password manager – and we are discussing behaviour and influence when it comes to cybersecurity. | |||
| 111. Modernising compliance with Paul Wenham | 14 Dec 2022 | 00:25:36 | |
Paul Wenham joined Claire to talk about the what, how, and why he started Assurance Lab. They also cover the value of auditing, how compliance can be the foundation stone for startups and his new book, which he is making open source for others to contribute to; and talked about the fact that Assurance Lab is a B Corp, and why that is so important to Paul and his team. Paul has worked in cybersecurity audits and compliance for over 11 years. His past roles have spanned professional services at PwC, leading the cybersecurity and compliance program for a global software company Qstream, and governance over third-party cyber standards at Westpac and Mercer. Paul founded Assurance Lab in 2018, a Regtech software and audit services firm now working with over 150 cloud software companies across 12 countries. AssuranceLab supports their security and compliance programs to meet global standards (SOC 1, SOC 2, ISO 27001, HIPAA, Consumer Data Right, CSA STAR, GDPR, CCPA, and ESG reporting). Assurance Lab has a broad network of partners in the cybersecurity industry, leveraging the natural synergies of AssuranceLab's independence as an audit firm. Links: Website Episode 102. Cyber in Local Government with Paul Barrett For the full episode transcript, please visit our website. The Security Collective podcast is proudly brought to you in partnership with LastPass, the leading password manager. | |||