• Bridging Cybersecurity and Finance for Better Insurance Outcomes | 7 Minutes on ITSPmagazine From HITRUST Collaborate 2024 | A HITRUST Short Brand Innovation Story with Monica Shokrai
    Nov 22 2024

    In this Brand Story episode, recorded live at the HITRUST Collaborate Conference 2024, host Sean Martin sits down with Monica Shokrai, Head of Risk and Insurance for Google Cloud. The topic of conversation centers around cyber insurance, a crucial area impacting organizations across sectors.

    Monica Shokrai leads the charge in managing risk and procuring insurance for Google Cloud, a role that integrates closely with both the finance and security teams. She highlights the unique dual approach of her team, which not only secures coverage for Google but also strategizes on how to leverage insurance to assist Google Cloud customers in mitigating risks.

    A key point discussed is the interdisciplinary nature of cyber insurance. Traditionally managed by the finance or legal departments, Shokrai emphasizes its growing collaboration with cybersecurity teams. She notes that the standard organizational structure often sees a communication divide between finance and security departments. However, the evolving cyber insurance market is pushing these groups closer together, fostering a more integrated risk management strategy.

    Shokrai also shares insights on how Google approaches risk exposure and posture. By modeling risk in-house and leveraging an actuarial team, Google can quantify risks accurately and work closely with security teams. This model not only helps in securing better insurance terms but also aids in understanding and integrating security measures within the organization.

    Another significant point is Google’s innovative approach to automating the cyber insurance process. Through their Risk Protection Program, Google allows security metrics to be shared with insurance partners like Allianz in Munich. This method simplifies the underwriting process and promotes a data-driven approach to evaluating cybersecurity risks, aligning insurers and security teams toward a common goal.

    Overall, the discussion underscores the importance of a cohesive strategy that bridges finance and cybersecurity through innovative risk management and insurance practices. With leaders like Monica Shokrai at the helm, Google Cloud is at the forefront of integrating these critical functions, ultimately benefiting both the company and its customers.

    Learn more about HITRUST: https://itspm.ag/hitrusi2it

    Note: This story contains promotional content. Learn more.

    Guest: Monica Shokrai, Head of Risk and Insurance, Google Cloud [@lifeatgoogle]

    On LinkedIn | https://www.linkedin.com/in/monicashokrai/

    Resources

    Simplified Cyber Insurance for Organizations with a HITRUST Certification: https://itspm.ag/hitrusp5x6

    Learn more and catch more stories from HITRUST: https://www.itspmagazine.com/directory/hitrust

    Learn more about 7 Minutes on ITSPmagazine Short Brand Story Podcasts: https://www.itspmagazine.com/purchase-programs

    Newsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/

    Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-up

    Are you interested in telling your story?
    https://www.itspmagazine.com/telling-your-story

    Show More Show Less
    7 mins
  • Pre Event Coverage | Unveiling Cybersecurity's Future: Joe Sullivan's Keynote Journey to Australian Cyber Conference 2024 in Melbourne | On Location Coverage with Sean Martin and Marco Ciappelli
    Nov 20 2024
    Guest: Joe Sulllivan, CEO at Ukraine Friends [@UkraineFriends_]On Linkedin | https://www.linkedin.com/in/joesu11ivan/____________________________Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast & Audio Signals PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesThe discussion begins with Sean and Marco humorously chatting about sunsets in California versus those on the other side of the world, as they prepare for their trip. With excitement in the air, they highlight the conference’s stellar lineup, especially keynote speaker Joe Sullivan, joining the conversation from Sydney. Already immersed in the Australian vibe, Sullivan shares his anticipation for the event and comments on the sunny weather awaiting them.Sullivan’s career is a fascinating intersection of technology, law, and leadership. From his days as a cybercrime prosecutor to leading security efforts at Facebook and Uber, he offers a unique perspective on the evolution of cybersecurity as both a profession and a global necessity.Joe Sullivan's Career JourneyReflecting on his career path, Sullivan describes his journey as a "Jenga pile" built on diverse and dynamic experiences. He recalls his transition from government service to the tech industry during the dot-com boom, driven by curiosity and a hunger for new challenges. His work at companies like eBay, PayPal, and Facebook involved pioneering projects such as building security teams from scratch and shaping policies like responsible disclosure programs.The Role of Regulation in CybersecuritySullivan and the hosts delve into the crucial topic of regulation in cybersecurity. Drawing on his experiences, Sullivan underscores the disparity in resources between regulated and unregulated sectors, pointing to financial services and healthcare as examples. He advocates for smart, balanced regulations to ensure cybersecurity initiatives are well-funded and effective, emphasizing that structure is key to protecting industries and consumers alike.Connecting with Security Professionals GloballyThrough his global speaking engagements and commitment to attending conferences in full, Sullivan has gained valuable insights into the shared challenges facing security professionals worldwide. He highlights the universal nature of these challenges and the importance of collaboration across borders. His passion for fostering connections within the cybersecurity community resonates strongly in today’s interconnected world.Humanitarian Efforts Beyond CybersecurityBeyond his professional endeavors, Sullivan shares his inspiring humanitarian work, particularly his efforts to support Ukraine through laptop donations. These initiatives, born from his professional network, illustrate the profound impact the cybersecurity community can have on broader global issues. By using technology to aid children’s education in conflict zones, Sullivan underscores the power of tech to bring hope and stability to those in need.ConclusionAs the Australian Cyber Conference 2024 approaches, Joe Sullivan’s insights set a compelling tone for discussions about the future of cybersecurity. His message of resilience, adaptability, and global cooperation will undoubtedly inspire attendees. For those ready to engage and learn, Sean Martin and Marco Ciappelli warmly invite you to join them in Melbourne for this transformative event — and of course, follow them subscribing to their podcast if you cannot be there.____________________________This Episode’s SponsorsTHREATLOCKER: https://itspm.ag/threatlocker-r974____________________________Learn more and catch more stories from Australian Cyber Conference 2024 coverage: https://www.itspmagazine.com/australian-cyber-conference-melbourne-2024-cybersecurity-event-coverage-in-australiaBe sure to share and subscribe!____________________________ResourcesLearn more about HITRUST Collaborate 2024 and register for the conference: https://itspm.ag/asia24UkraineFriends: https://ukrainefriends.org/Learn more about and hear more stories from HITRUST: https://www.itspmagazine.com/directory/hitrust____________________________Catch all of our event coverage: https://www.itspmagazine.com/technology-cybersecurity-society-humanity-conference-and-event-coverageTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastTo see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcastWant to tell your Brand Story as part of our event coverage?Learn More 👉 https://itspm.ag/evtcovbrf
    Show More Show Less
    28 mins
  • Black Hat Announces Content Lineup for Black Hat Europe 2024 | 2 Minutes on ITSPmagazine
    Nov 20 2024

    Black Hat, the cybersecurity industry’s most established and in-depth security event series, today announced the release of its content lineup for Black Hat Europe 2024. The live, in-person event will take place at the ExCeL London from December 9 to December 12, and feature 41 Briefings hand selected by the Black Hat Europe Review Board, four days of Trainings, 25 Sponsored Sessions, and 64 in-person tool demos and three labs at Black Hat Arsenal.

    Briefings highlights include:

    ● SpAIware & More: Advanced Prompt Injection Exploits in LLM Applications

    ● SysBumps: Exploiting Speculative Execution in System Calls for Breaking KASLR in macOS for Apple Silicon

    ● WorstFit: Unveiling Hidden Transformers in Windows ANSI!

    Trainings highlights include:

    ● Assessing and Exploiting Control Systems and IIoT [4105]

    ● Fundamentals of Cyber Investigations and Human Intelligence [2111]

    ● Attacking DevOps Pipelines [2108]

    ● Offensive Mobile Reversing and Exploitation [4108]

    ● Advanced Cloud Incident Response in Azure and Microsoft 365 [2103]

    Black Hat Arsenal at Black Hat Europe 2024 tool demo highlights include:

    ● Campus as a Living Lab: An Open-World Hacking Environment

    ● Pandora: Exploit Password Management Software To Obtain Credential From Memory

    ● Morion - A Tool for Experimenting with Symbolic Execution on Real-World Binaries

    For registration and additional information on Black Hat Europe 2024, please visit www.blackhat.com/eu-24

    Note: This story contains promotional content. Learn more.

    Resources

    Press Release: https://www.blackhat.com/html/press/2024-11-06.html

    Catch all of our On Location Stories: https://www.itspmagazine.com/technology-and-cybersecurity-conference-coverage

    Learn more about 2 Minutes on ITSPmagazine Short Brand Story Podcasts: https://www.itspmagazine.com/purchase-programs

    Show More Show Less
    2 mins
  • SecTor 2024 Announces Record-Breaking Attendance Following Successful Close of Toronto Event | 2 Minutes on ITSPmagazine
    Nov 18 2024

    SecTor, Canada’s largest cybersecurity conference, today announced the successful completion of the in-person component of SecTor 2024. The event welcomed 5,000 unique attendees joining in-person from October 22 to October 24 at the Metro Toronto Convention Centre in downtown Toronto.

    Show highlights for 2024 included:

    ● Keynotes: This year’s event featured two Keynote presentations. The opening Keynote was presented by Leigh Honeywell, founder and CEO of Tall Poppy, and the second Keynote was presented by Omkhar Arasaratnam, Distinguished Engineer for Security at LinkedIn.

    ● Business Hall: This year’s Business Hall showcased the latest products and technologies from more than 140 of the industry’s leading cybersecurity solution providers. The Business Hall also featured areas for attendee, vendor, and community engagement through Exhibitor Booths, Arsenal, Sponsored Sessions, Bricks & Picks, and the Community Lounge.

    ● Summits: On Tuesday, October 22, the event featured a full day of Summit content, including the ninth annual SecTor Executive Summit, the inaugural The AI Summit at SecTor, and the ninth annual Cloud Security Summit at SecTor.

    ● Scholarships: As a way to introduce the next generation of security professionals to the SecTor community, SecTor awarded a total of 37 complimentary SecTor 2024 Briefings passes. Black Hat holds its own annual Student and Veteran Scholarship programs, and partners with a variety of associations on additional scholarship opportunities.

    Note: This story contains promotional content. Learn more.

    Resources

    Press Release: https://www.businesswire.com/news/home/20241030638106/en/SecTor-2024-Announces-Record-Breaking-Attendance-Following-Successful-Close-of-Toronto-Event

    Learn more and catch more stories from SecTor Cybersecurity Conference Toronto 2024: https://www.itspmagazine.com/sector-cybersecurity-conference-2024-cybersecurity-event-coverage-in-toronto-canada

    Learn more about 2 Minutes on ITSPmagazine Short Brand Story Podcasts: https://www.itspmagazine.com/purchase-programs

    Show More Show Less
    2 mins
  • Leveraging Data for Cyber Insurance to Bring Consistency and Clarity in Underwriting | 7 Minutes on ITSPmagazine From HITRUST Collaborate 2024 | A Trium Cyber Short Brand Innovation Story with Josh LaDeau
    Nov 16 2024

    In this episode of Short Brand Story recorded during the HITRUST Collaborate 2024 conference, Sean Martin sits down with Josh LaDeau, a prominent figure in the world of cyber insurance. Josh, who represents Trium Cyber, illuminates the crucial aspects of cyber insurance, from data integrity to market challenges. Trium Cyber is known for its specialty in providing cyber property, E&O, and miscellaneous coverages.

    Josh emphasizes the importance of data in the insurance industry, explaining how accurate, structured data provided by HITRUST aids in underwriting processes. The partnership with HITRUST brings a unique advantage by ensuring data consistency and structure. This elevates the underwriting process by reducing ambiguities in policy applications and promoting data security. Josh highlights that this collaboration allows clients to present their data in a more uniform manner, making it easier for insurers to assess and underwrite policies accurately.

    Moreover, the HITRUST R2 framework is particularly beneficial for clients, offering a higher quality of data that leads to better coverage options and advantageous premium pricing. Josh points out that a third-party attestation by HITRUST not only assures data integrity but also qualifies clients for a dedicated credit, further enhancing their position in the market.

    The episode underscores the value Trium Cyber brings to its clients, focusing on technological acumen and a keen understanding of the cyber insurance landscape. This partnership is poised to make a significant impact in making cyber insurance more accessible and reliable for businesses.

    Learn more about Trium Cyber: https://itspm.ag/hitrusi2it

    Note: This story contains promotional content. Learn more.

    Guest: Josh LaDeau, CEO, Trium Cyber

    Resources

    Learn more and catch more stories from Trium Cyber: https://www.itspmagazine.com/directory/hitrust

    Learn more about HITRUST: https://itspm.ag/itsphitweb

    Learn more about 7 Minutes on ITSPmagazine Short Brand Story Podcasts: https://www.itspmagazine.com/purchase-programs

    Newsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/

    Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-up

    Are you interested in telling your story?
    https://www.itspmagazine.com/telling-your-story

    Show More Show Less
    7 mins
  • A New People-Centric Approach to Determining an Organization's Exposure to a Third-Party Data Breach | A SecTor Cybersecurity Conference Toronto 2024 Conversation with Christine Dewhurst and Dr. Thomas Lee | On Location Coverage
    Nov 9 2024
    Guests:Christine Dewhurst, Partner, NSC TechOn LinkedIn | https://www.linkedin.com/in/christine-dewhurst-262867a9/At Sector | https://www.blackhat.com/sector/2024/briefings/schedule/speakers.html#christine-dewhurst-48706Dr. Thomas Lee, CEO, Vivo SecurityOn LinkedIn | https://www.linkedin.com/in/thomas-lee-phd-b7766b10/At Sector | https://www.blackhat.com/sector/2024/briefings/schedule/speakers.html#dr-thomas-lee-48707____________________________Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesIn this episode of the On Location with Sean and Marco as part of our coverage of SecTor Information Security Conference in Toronto, Canada, Sean Martin and Marco Ciappelli spoke with notable guests Christine Dewhurst and Dr. Thomas Lee. This episode centers on innovative approaches to assessing an organization's risk related to third-party data breaches. Christine Dewhurst and Dr. Thomas Lee present a compelling new people-centric model for determining an organization's exposure to third-party data breaches.Dr. Lee, who holds a PhD in biophysics and operates in California's Silicon Valley, initially approached cybersecurity from a scientific standpoint. He explains that their research focuses on using empirical regression modeling to quantify and predict data breach probabilities based on staffing levels and certifications. His emphasis is on the importance of having enough trained and certified personnel, which includes CISSPs and CISAs, as key indicators of security posture.Christine Dewhurst, based in Toronto, partners with Dr. Lee in applying these mathematical models in practical scenarios. She underscores the critical role of understanding the workforce's capacity to manage and protect data. Dewhurst explains that their model evaluates five key staffing metrics to predict data breach risks, emphasizing that having the right quantity and quality of staff is crucial for robust security. She highlights their unique approach which differs from traditional methods focusing solely on technical controls.The discussion also touches on the surprising significance of audit certifications (CISA) being equally important as technical security certifications (CISSP). This understanding bridges the gap between cybersecurity practices and business management strategies, providing a holistic overview of enterprise security health based on human resources. Christine Dewhurst and Dr. Thomas Lee offer fresh insights into how organizations can strategically enhance their defenses against third-party data breaches.____________________________This Episode’s SponsorsHITRUST: https://itspm.ag/itsphitweb____________________________Follow our SecTor Cybersecurity Conference Toronto 2024 coverage: https://www.itspmagazine.com/sector-cybersecurity-conference-2024-cybersecurity-event-coverage-in-toronto-canadaOn YouTube: 📺 https://www.youtube.com/playlist?list=PLnYu0psdcllSCvf6o-K0forAXxj2P190SBe sure to share and subscribe!____________________________ResourcesA New People-Centric Approach to Determining an Organization's Exposure to a Third-Party Data Breach (Session): https://www.blackhat.com/sector/2024/briefings/schedule/index.html#a-new-people-centric-approach-to-determining-an-organizations-exposure-to-a-third-party-data-breach-41396Learn more about SecTor Cybersecurity Conference Toronto 2024: https://www.blackhat.com/sector/2024/index.html____________________________Catch all of our event coverage: https://www.itspmagazine.com/technology-cybersecurity-society-humanity-conference-and-event-coverageAre you interested in sponsoring our event coverage with an ad placement in the podcast?Learn More 👉 https://itspm.ag/podadplcWant to tell your Brand Story as part of our event coverage?Learn More 👉 https://itspm.ag/evtcovbrfTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastTo see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcast
    Show More Show Less
    27 mins
  • First of its Kind Cyber Insurance Product Exclusively Available to HITRUST-Certified Customers | A Brand Story Conversation From HITRUST Collaborate 2024 | A HITRUST Story with Blake Sutherland and Robert Booker
    Nov 8 2024
    In this Brand Story episode, Sean Martin brings together the team from HITRUST, Robert Booker and Blake Sutherland, to discuss the topic of cyber insurance and its current state in the industry. Both guests bring a wealth of experience and insight, with Robert Booker overseeing strategy, research, and innovation at HITRUST, and Blake Sutherland serving as the EVP of Market Engagement.A significant portion of the discussion centers around the role of cyber insurance in today's business environment. Cyber insurance is not just a safety net but a critical aspect of a complete risk management strategy. As Robert Booker points out, it’s an essential service, historically used to cover residual risk after companies have applied their own security measures. However, the market has changed considerably, with new capabilities and approaches evolving over the past several years, making it a dynamic area.Blake Sutherland further elaborates on the issues that organizations face in acquiring cyber insurance today. The process is often cumbersome, involving extensive questionnaires and varied requirements from different underwriters. This can be particularly challenging for mid-market companies that may lack the internal resources to manage these complexities.The episode highlights that HITRUST is addressing these challenges with their R2 certification, which provides an objective, quantifiable measure of an organization’s cybersecurity posture. This certification helps companies not only in fortifying their own security but also in streamlining the insurance acquisition process by offering a standardized measure that underwriters can rely on. According to Robert Booker, this quantified approach can make a significant difference, offering confidence to both the insured and the insurer.Another important aspect discussed is the role of brokerage in this process. Brokers traditionally guide companies through the insurance process, and an R2 certification from HITRUST can greatly assist them in securing better terms and conditions, as it is recognized as a testament to a company's robust security posture. This can also translate into potentially lower premiums and more reliable coverage, addressing one of the largest pain points in securing cyber insurance.The HITRUST Shared Risk Facility is made available exclusively through licensed brokers and can be accessed by any company holding an R2 certification, with plans to extend to I1 and E1 levels in the future. This facility aims to simplify the process, reduce the administrative burden on companies, and provide greater reliability in the insurance coverage.The episode wraps up with an invitation for organizations, brokers, and underwriters to engage with HITRUST to explore these innovative solutions. It’s a call to improve the overall confidence in the insurance landscape through verified, independent measures of cybersecurity maturity, ultimately benefiting all parties involved in the cyber insurance ecosystem.Explore how HITRUST’s R2 certification can enhance your organization's cybersecurity posture and streamline your cyber insurance process.Learn more about HITRUST: https://itspm.ag/itsphitwebNote: This story contains promotional content. Learn more.Guests: Blake Sutherland, EVP Market Adoption, HITRUST [@HITRUST]On LinkedIn | https://www.linkedin.com/in/blake-sutherland-38854a/Robert Booker, Chief Strategy Officer, HITRUST [@HITRUST]On LinkedIn | https://www.linkedin.com/in/robertbooker/ResourcesHITRUST 2024 Trust Report: https://itspm.ag/hitrusi2itLearn more and catch more stories from HITRUST: https://www.itspmagazine.com/directory/hitrustView all of our HITRUST Collaborate 2024 coverage: https://www.itspmagazine.com/hitrust-collaborate-2024-information-risk-management-and-compliance-event-coverage-frisco-texasAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story
    Show More Show Less
    31 mins
  • Bringing a Consistent, Personable and Hands-On Approach to Compliance | 7 Minutes on ITSPmagazine From HITRUST Collaborate 2024 | A IS Partners Short Brand Innovation Story with Ian Terry and Robert Godard
    Nov 7 2024

    In this episode of 7 Minutes on ITSPmagazine from HITRUST Collaborate 2024, Sean Martin is joined by Ian Terry and Robert Godard from IS Partners to discuss the importance of compliance in modern corporations. Ian and Robert share their insights from the HITRUST Collaborate event, shedding light on their company's unique approach to cybersecurity and auditing.

    Robert Godard explains that IS Partners was founded with a startup mentality, emphasizing collaboration and a fun work environment. This culture aims to make compliance efforts less daunting for both their team and their clients. Ian Terry adds that fostering an enjoyable work atmosphere is crucial for engaging and committed outcomes, especially in the dynamic world of information security.

    One significant point discussed is the balance between fun and professionalism. Ian highlights that while the job can be stressful during cybersecurity incidents, the focus on industry changes and continuous learning keeps the work interesting and rewarding. The duo also touches on how IS Partners assists clients in navigating complex compliance frameworks. Their tailored approach ensures clients not only meet regulatory requirements but also achieve their business goals.

    The episode concludes with a note on the importance of events like HITRUST Collaborate for networking and professional growth.

    Learn more about IS Partners: https://itspm.ag/isparto2jk

    Note: This story contains promotional content. Learn more.

    Guests:

    Ian Terry, Principal, Cybersecurity Services, IS Partners [@ISPartnersLLC]

    On LinkedIn | https://www.linkedin.com/in/ian-terry/

    Robert Godard, Partner, IS Partners [@ISPartnersLLC]

    On LinkedIn | https://www.linkedin.com/in/robert-godard-cpa-cisa-hitrust-ccsfp/

    Resources

    Learn more and catch more stories from IS Partners: https://www.itspmagazine.com/directory/is-partners

    Learn more about HITRUST: https://itspm.ag/itsphitweb

    Learn more about 7 Minutes on ITSPmagazine Short Brand Story Podcasts: https://www.itspmagazine.com/purchase-programs

    Newsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/

    Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-up

    Are you interested in telling your story?
    https://www.itspmagazine.com/telling-your-story

    Show More Show Less
    7 mins