infosec.live

Join our host with the most, Jake Bernardes who will be joined by Geoff Chiang and Chad Brustin for a “Risking it all” Christmas special Part 2! As we hit the run up to Christmas Jake has gone for the most light hearted people he knows in security for a session full of humour, meme culture, socks and Santa.  Of course they will talk cyber news, careers, back stories and everything else in between as stress of being in cyber (in vendors) over the festive period & the complexities of regulation in growing companies. We will also discuss the best presents we've received, what you give a GRC guy for Christmas and what traditions should be started - I promise you'll laugh (or you lack a funny bone)! Chad is a seasoned technology leader with a deep experience building and transforming security functions at tech startups. As the first security hire at multiple companies, he has hands-on experience establishing information security programs from the ground up.  Known for his collaborative and team-oriented approach, Chad excels in team building, security transformation, and guiding companies through startup and growth phases. His creative, disciplined, and methodical methods have driven successful outcomes in challenging environments. Geoff started his career as a software engineer, and largely fell into GRC through a series of questionable career decisions.  Today, he runs Canva's security risk and compliance efforts, leading a small team responsible for overseeing Canva's ISMS and maintaining Canva's small but growing collection security compliance credentials. In his little free time, he spends his time diminishing his personal brand by making fun of vendor risk management practices on LinkedIn. This one will be festive, funny and well worth a watch! #cybersecurity #leadership 

Join Jake Bernardes, Troy Fine, Jeff Schiess and David F. for a “Risking it all” Christmas special! We got 3 VERY opinionated auditors into a room to talk all things wrong with assurance, SOC and ISO., what a festive gift! No holds barred, no disallowed questions, no protected vendors. In this special episode we look at why many think assurance is broken, what SOC in a Box really means, how we got here & how we get out. Jake will ask if SOC 2 should be done away with completely, if auditors have a real future and what the difference is between revenue enablement and real assurance. I can promise there will be disagreements (maybe arguments), some angst, a few memes and a lot of laughs from some grumpy old(ish) men on the state of audit and assurance. Troy is a Director at Geels Norton in SOC & ISO Assurance Services. Prior to this role he has vast experience in both consulting and product as an auditor, advisor and practitioner across a host of security and GRC domains. Outside of this he is well known throughout the industry as an SME, "King of Memes", the voice of GRC & host of the successful podcast GRC: Unleashed. David Forman is the Chief Executive Officer at Mastermind, a certification body accredited to assess and certify governance programs against standards established by the International Organization for Standardization (ISO). Mastermind is the first company in the United States to focus exclusively on ISO certifications, one of the most trusted forms of third-party assurance used by technology service providers. Before founding Mastermind, David began his career at EY and later built the Global Assurance team at Coalfire, where he increased the practice's revenue by more than 30x over a 7-year period, transforming the in-house certification body into one of the largest assessment practices in North America. David is a certified Lead Auditor for ISO 27001 (information security), ISO 9001 (quality), ISO 27701 (data privacy), ISO 22301 (business continuity), and ISO 42001 (artificial intelligence). Beyond his professional achievements, David has a deep passion for sushi and is an enthusiastic world traveler having visited 49 countries. Jeff Scheiss is a Managing Director with Schellman, bringing a wealth of experience to the firm. Before joining Schellman in 2012, Jeff served as a cybersecurity assessor at a leading global audit firm. Since then, Jeff has been an integral member of the Schellman team, specializing in performing System Organization Controls (SOC 1 and 2) reporting, Health Insurance Portability and Accountability Act (HIPAA) compliance, and International Organization for Standardization (ISO) 27001 projects, and NIST Cybersecurity Assessments. DO NOT MISS THIS EPISODE! It will be the best 45 minutes you spend if you have an interest in the audit & assurance space! #cybersecurity #leadership

Back in the studio tomorrow folks 👇

Join our host Jake Bernardes for the next episode of Risking it all in Cybersecurity where he is joined by Megan E.. Megan & Jake will do the standard about lives, hobbies, family & roles & as ever battle through some recent cyber events in a news round then turn their focus to some diverse topics covering how you transition from military combat to desk roles, the importance of near diversity & human psychology in leadership, whether cyber diversity is finally happening & how we deal with fear & pressure.  Megan is an open book so this will be a fascinating insight in to a number of areas many of us are currently talking about.  A bit about our guest: Megan Epperson is the Senior Leader of Cybersecurity Risk and Assurance (GRC) at Axonius, where she drives enterprise risk management, cyber risk mitigation, vendor risk oversight, customer assurance, contract reviews, audit compliance, and ongoing GRC program enhancements.  Prior to joining Axonius, Megan was the Director of Cyber Risk & Resiliency at S&P, where she led critical initiatives in cyber risk management, business continuity, crisis management, and disaster recovery.  She played a pivotal role in establishing a comprehensive operational resiliency framework through strategic planning and effective resource management.  Tune in live & don’t miss the chance to engage with Jake and Megan in the open Q&A! #cybersecurity #leadership 

LIVE at 1pm GMT today!

Join our founder Simon Linstead with special guest Scott Deluke from Abnormal Security for a deep dive into The Hidden Dangers of Phishing-as-a-Service & Invoice Scams. In 2023, phishing remained the most prevalent email threat, accounting for 74% of attacks. As attackers constantly evolve their tactics, organizations face a rising tide of credential phishing, Phishing-as-a-Service (PhaaS), and invoice fraud. Credential phishing lures employees into unknowingly handing over sensitive login information, leading to devastating consequences like business email compromise (BEC). Meanwhile, Phishing-as-a-Service platforms provide easy access to powerful phishing kits, enabling even less-skilled cybercriminals to carry out targeted attacks. One particularly costly form of BEC is invoice fraud, where attackers manipulate payment details in legitimate-looking invoices to divert funds. In this live YouTube session on infosec.live, Abnormal Sr. Solutions Engineer Manager Scott Deluke explores these threats in depth and share strategies to safeguard your organization against evolving the threat landscape. Join Scott and infosec.live Founder Simon L. at this powerful session to: Understand how credential phishing leads to business email compromise and other serious threats. Learn about the rise of Phishing-as-a-Service platforms that lower the barrier for launching sophisticated phishing attacks. Discover how invoice fraud works and practical measures to prevent financial losses caused by fraudulent vendor invoices. Join us LIVE for the AMA! #cybersecurity #leadership #phishing #paas 

Join us in welcoming Dan Gray to the team at infosec.live as our Chief Transformation Officer ! Hear from Dan below why he is excited to join the team! “I’ve followed Simon for several years and have always admired his passion for the cybersecurity community. With my background in IT managed services, I’ve dealt with my share of cyber incidents, even leading major ones. At my core, I’m a problem solver, and I’m excited to give back to a cause I truly believe in. Now that I’m out on my own, I have more time to dedicate to great initiatives like this. What do I bring to the table? Take a look at my profile. My main contributions will be designing processes, automating workflows, and supporting the growth of this incredible community!” Please join us in giving Dan HUGE welcome!

Join our host Jake Bernardes for the next episode of Risking it all in Cybersecurity, where he is joined by Adam Arellano. Jake & Adam will do the normal chatter about lives, hobbies, family and roles, and as ever battle through some recent cyber events in a news round but this week the core focus will be on why Adam does blue hair instead of a blue suit!  He also loves exclamation marks which is why we included one (or two)! We will delve in to why we need to break norms & why diversity is more than gender, race or sexuality.  Building on that they will talk about how soft skills are key to any leader and why understanding mental well being (Adam is a qualified counsellor) is fundamental to working with people. This one will be interesting for sure! A bit about our guest: Adam is a forward-thinking technology executive with over 15 years of experience in cloud, AI, and information security innovation.  He excels at building scalable, secure information architectures and leading cybersecurity programs and teams. Known for empowering cross-functional groups,  Adam is a pragmatic leader who leverages the interaction between people and systems to create unique technology solutions. A devoted father of six in Charlotte, NC, Adam enjoys cooking (though not cleaning) and is passionate about helping transitioning service members, foster care, and adoption services in his community. Join them LIVE for an open Q&A. #cybersecurity #leadership

Join Simon Linstead and Chimeria G. for an exclusive cybersecurity leadership-focused webinar, proudly sponsored by Abnormal Security. This session is designed to help cybersecurity professionals at all levels recognize and combat the growing challenges of burnout and overwhelm in today’s demanding work environments.   During this insightful webinar, we will explore:   ✅ Techniques to identify the early signs of burnout and overwhelm ✅ Effective coping strategies for managing stress ✅ How to set and maintain healthy boundaries in high-pressure roles ✅ The importance of self-care for long-term success and well-being ✅ Strategies for building a resilient workforce that can thrive in challenging times ✅ Guidance on when and how to seek professional help when needed   Don’t miss this opportunity to gain valuable leadership insights and tools that will empower you and your team to maintain peak performance without sacrificing well-being. Join us and connect with other leaders committed to fostering resilience and a healthy work culture in the cybersecurity field.   Register now, spaces are limited to ensure our attendees gain maximum benefit from the session. Please note this session is aimed at people who manage teams or individuals irrespective of role. #leadership #cybersecurity #infosec #burnout

Join our host Jake Bernardes for the next episode of Risking it all in Cybersecurity where he is joined by Jake Martens, Monday 14th at 12pm EST | 5pm BST. Jake and Jake will discuss the importance of security & compliance in gaming, the nuances of the industry & the challenges it currently faces. In an industry where risk calculation is the basis for the entire operation it will be interesting to hear if this is the industry where compliance comes first. A bit about our guests: Jake Martens - Visionary business, trust, and technology leader who brings a strong combination of proven transformation experience, demonstrable top-tier results, and compelling storytelling to multinational tech companies. Significant experience across a huge variety or sectors and industries he has most recently led and overseen the whole security program at Aristocrat, a global leader in the gaming industry, Join them LIVE for an open Q&A. #cybersecurity #leadership #ciso #gaming