Prabh Nair

• Cyberwarfare Strategies That Actually WORK in 2025

  What is Cyber Warfare? Cyber warfare is defined as an ongoing warfare between most countries today. It affects common citizens when critical services collapse—electricity goes off, mobile signals fail, and payment systems stop working, paralyzing daily life. The core target is a nation's critical information infrastructure (CII), including telecom, banking, financial services, power, medical, defense, and government operators.Key Insights & Topics Covered:• The Fifth Domain: Why cyber is rightly termed the fifth domain of warfare, unlike land, sea, air, and space, because it has no fixed boundary, making attribution extremely difficult.• Cyber Attack Strategy (The Playbook): Colonel Joshi explains the structured process of a nation-state attack using the Russia-Ukraine conflict as a primary case study. This process involves: 1. Reconnaissance and mapping the adversary's digital systems. 2. Identifying a supply chain vulnerability (e.g., exploiting accounting software like ME do). 3. Launching the exploit. 4. Lateral Movement across the entire government setup. 5. Integrating the cyber attack with kinetic military operations for a "multi-blow shock".• The Evolution of Conflict: Cyber warfare evolved from simple curiosity (1990s), to financial gains (ransomware/DDoS in late 1990s), to espionage (Ghost Net), and now to full-fledged state-level economic and public infrastructure decimation.• APTs and Hacktivism: Understand the role of Advanced Persistent Threats (APTs), who are often government-funded and work with political agendas, leveraging costly zero-day exploits.• The Weakest Link: Discussing the threat of "honey traps" and emotional compromise of citizens via dating sites and compromised apps, using people as a weakness against their own country.• Small Actors, National Costs: How small organizations (third-party vendors like Solar Winds) or small nations (like North Korea) can cause massive national disruption, including details on the historic Stuxnet program targeting nuclear reactors.• Cyber Fencing & Prioritization: The challenges of creating a "cyber fence" against malicious traffic mixed with legitimate data (like medical reports or remittances). Discover the critical asset prioritization during wartime: Hospitals are Priority #1, followed by banking/finance, and then power.• Future Convergence: Analyzing the massive security risks associated with the rise of AI in cyber defense and offense, the vulnerability of massive data stored on the Cloud and Satellites (Starlink), and the imminent threat of Quantum computing breaking current encryption standards (Hack Now, Decrypt Later philosophy).• Fighting Deepfakes: How geopolitical tensions fuel narrative warfare. We discuss the example of the deepfake video of President Zelensky and provide three essential checks citizens can use before sharing content.Colonel Joshi emphasizes the necessity of technological self-reliance (Atmanirbhar Bharat / Make in India) to mitigate vulnerabilities caused by high dependency on foreign-owned proprietary tools, hardware, and software (like Google, Facebook, and chips)#cybersecurity #cyberwarfare #infosec #cyberattack

  --------  

  14:36

  --------

  14:36
• Building Cyber Resilience Program for Airport and Port Security

  How to build a Cyber Resilience Program for Airport and Maritime SecurityIn this special episode, Mr. Bithal Bhardwaj , a seasoned CISO and cybersecurity leader, reveals how to design and build cyber resilience systems for critical infrastructure — from airport terminals and air-side systems to maritime vessels and port operations.We go beyond theory with a live miniature model that simulates an airport environment — demonstrating how OT and IT systems connect, where vulnerabilities hide, and how a single USB can trigger a chain reaction across an entire city.https://www.linkedin.com/in/bithal-bhardwaj-622a523/What cyber resilience really means for national security and critical infrastructureThe difference between IT, OT, and IoT layers in airports and portsReal-world cyber-attack simulation: how a $20 USB can cause a blackoutMaritime cyber security challenges and the rise of vessel-level resilienceCISO lessons: influencing skills, crisis management, vendor control, and communicationPractical steps to build a cyber resilience program under NIS2, IEC 62443, and IMO 2024Why every security professional must understand aero + maritime business contexVideo Producer = Mukul UjjainPodcast Coordinator = Shreya Mrinal CISO talkshttps://www.youtube.com/playlist?list=PL0hT6hgexlYwPTD-wC3oFBe27VGEiizg1OT Securityhttps://www.youtube.com/watch?v=kp6F90MH48U&list=PL0hT6hgexlYxfESpTsLNKXUh6m-G6A-LoNIST Serieshttps://www.youtube.com/watch?v=VcC_KabV_Ho&list=PL0hT6hgexlYy0vBwMv0eteiyAxB48RQzy&pp=gAQBiAQBGRC Serieshttps://www.youtube.com/watch?v=mq_vSLHm4r0&list=PL0hT6hgexlYztA41j1bceTfVagP9mtq28&pp=gAQBISO 27001 Videohttps://www.youtube.com/watch?v=sQqJH2naU6I&t=1454s&pp=ygUeaXNvIDI3MDAxIGltcGxlbWVudGF0aW9uIHN0ZXBzISO 27001 Implementation Guidehttps://www.youtube.com/watch?v=GBfwk10Hh-o&pp=ygUeaXNvIDI3MDAxIGltcGxlbWVudGF0aW9uIHN0ZXBzGRC Practical Serieshttps://www.youtube.com/playlist?list=PL0hT6hgexlYztA41j1bceTfVagP9mtq28GRC Interviewhttps://www.youtube.com/playlist?list=PL0hT6hgexlYz1Usn1Nrnur6OzVoz59zylInternal Audithttps://www.youtube.com/playlist?list=PL0hT6hgexlYyNWBcGYfabwumCr0GKmLWvStudy with MeTelegram Grouphttps://t.me/Infoseclearning#CyberResilience #AirportSecurity #MaritimeSecurity #OTSecurity #AviationCybersecurity #otsecurity

  --------  

  1:09:15

  --------

  1:09:15
• CGRC ISC Masterclass Secrets You Need to Know for 2025 Success

  Welcome to the CGRC Masterclass 2025 — your one-stop practical guide to mastering the ISC2 Certified in Governance, Risk, and Compliance (CGRC) exam.In this detailed session, Prabh Nair, cybersecurity mentor and CISO by profession, breaks down NIST RMF, FedRAMP, FIPS 200, and CNSSI 1253 using real exam-style “Coffee Short” questions, GRC logic, and real-world context.CGRC Study Prephttps://www.youtube.com/watch?v=eisY3jq_r1I&pp=ygUKY2dyYyBwcmFiaA%3D%3DForget rote learning. This masterclass focuses on understanding how governance, risk, and compliance actually work inside organizations — the same thinking ISC2 expects from every certified CGRC professional.☕ What You’ll Learn✅ The full NIST RMF lifecycle (Prepare → Monitor) explained practically✅ How authorization boundaries, control inheritance, and risk tolerance shape real systems✅ FedRAMP Authorization & Reciprocity: What every CGRC must understand✅ FIPS 199 vs FIPS 200 vs CNSSI 1253 — how to never confuse them again✅ Real examples of AO decisions, continuous monitoring strategy, and POA&M✅ Why “Assessor Independence” and “Automation” are key to efficiency✅ Bonus: 50+ Coffee Short Questions decoded to teach how ISC2 tests your thought process#CGRCMasterclass #CGRCCertification #ISCCGRC #NISTRMF #FedRAMP #FIPS200 #CNSSI1253 #POAM #RiskManagement #CyberGovernance #GRCTraining #ContinuousMonitoring #CyberRisk #CGRCPrep

  --------  

  1:00:19

  --------

  1:00:19
• AI Strategy That Drive REAL Business Outcomes

  In this episode, I speaks with Shaista, a global program leader at Philips with deep experience in AI-driven digital transformation. We break down how to connect AI strategy to real business results—from forming the right cross-functional teams to building governance, prioritizing use cases, and handling the human side of decision-making.You’ll hear practical frameworks for AI readiness, data and platform choices (build vs buy vs partner), roles and skills for AI execution, and how to move from prototype to productization—without losing speed, safety, or value. What You’ll LearnAI strategy, not buzzwords: Tie AI to revenue, cost, risk, and customer outcomesEveryday AI vs transformation: Efficiency wins vs step-change impactHow to start: Core team design—data, design, business, and engineering working as oneGovernance that scales: Playbooks, guardrails, AI readiness and completeness referencesPrioritization that works: Pick solvable, high-value use cases before moonshotsBuild / buy / partner: Where to differentiate, where to leverage the ecosystemData realities: Latency, context, and dashboards that link work to outcomesPeople and decisions: Escaping the “consensus conundrum,” making tough calls with clarityRoles and skills: What great AI strategists do and why they’re rare (and highly paid)Healthcare lessons: Balancing innovation with safety and compliance in regulated environments🎯 Who This Is ForBusiness and tech leaders building an AI roadmapCIO / CDO / CPO / Head of Data & AI and product leadersAI Strategists, Program Managers, PMs, ArchitectsTeams moving from POCs to production and scale✅ Actionables From The EpisodeForm a core AI team across business, data, design, and engineeringDefine the “why/what/where/how” in an AI strategy doc (goals, opportunities, priority matrix)Start with smaller, winnable projects to earn trust and fund the next waveEstablish AI governance (guardrails, playbooks, decision rights) without killing agilityClarify build vs buy vs partner for each capability; protect proprietary valueInstrument dashboards that map team and program metrics to business outcomesInvest in AI strategist capability (internal or hire) to translate tech → valueCommit to continuous learning—the pace of change demands itGEN AI Securityhttps://www.youtube.com/watch?v=aTJPKifa1VMAI Governancehttps://www.youtube.com/watch?v=LgFBi5XD-Ow&t=5668s&pp=ygUNYWkgZ292ZXJuYW5jZQ%3D%3DCISO talkshttps://www.youtube.com/playlist?list=PL0hT6hgexlYwPTD-wC3oFBe27VGEiizg1NIST Serieshttps://www.youtube.com/watch?v=VcC_KabV_Ho&list=PL0hT6hgexlYy0vBwMv0eteiyAxB48RQzy&pp=gAQBiAQBGRC Serieshttps://www.youtube.com/watch?v=mq_vSLHm4r0&list=PL0hT6hgexlYztA41j1bceTfVagP9mtq28&pp=gAQBISO 27001 Videohttps://www.youtube.com/watch?v=sQqJH2naU6I&t=1454s&pp=ygUeaXNvIDI3MDAxIGltcGxlbWVudGF0aW9uIHN0ZXBzISO 27001 Implementation Guidehttps://www.youtube.com/watch?v=GBfwk10Hh-o&pp=ygUeaXNvIDI3MDAxIGltcGxlbWVudGF0aW9uIHN0ZXBzGRC Practical Serieshttps://www.youtube.com/playlist?list=PL0hT6hgexlYztA41j1bceTfVagP9mtq28GRC Interviewhttps://www.youtube.com/playlist?list=PL0hT6hgexlYz1Usn1Nrnur6OzVoz59zylInternal Audithttps://www.youtube.com/playlist?list=PL0hT6hgexlYyNWBcGYfabwumCr0GKmLWvStudy with MeTelegram Grouphttps://t.me/Prabhstudy#aigovernance #cio #informationtechnology #ciso #ai #ml #artificialintelligence #machinelearning #aiforbusiness #AIStrategy #AIGovernance #DigitalTransformation #AIProductization #AIReadiness #AILeadership #DataAndAI #BusinessOutcomes #HealthcareAI #CrossFunctionalTeams

  --------  

  1:01:44

  --------

  1:01:44
• AI Security Architecture Secrets You Need to Know NOW

  If you’re scaling GenAI beyond prototypes, this episode is your blueprint. Mayank and Prabh walk through a practical, cloud-ready AI security architecture—how to protect data, models, prompts, and pipelines while staying compliant with EU AI Act, NIST AI RMF, and ISO 42001. We cover what changes when models become crown-jewel assets, how to apply Zero-Trust to training and inference, and how to ship safely without slowing delivery.Documenthttps://docs.google.com/document/d/17k3PzijdvtTRHKbOaqvibI6Acte7Hv7gbQSvgJTdJDs/edit?usp=drivesdkWhat you’ll learnAI security vs traditional security: new attack surface across data, models, prompts, toolsData protection playbook: encryption, access control, lineage, validation, auditabilityModel safety in production: adversarial testing, prompt/response controls, drift monitoringZero-Trust for AI: identity-first design, micro-segmentation, least-privilege IAM, JIT accessThird-party & supply chain risk: vendor due diligence, red-line data, output monitoring, exit plansAI incident response: detect, contain, investigate, and recover from poisoning and abuseGovernance that works: risk tiers, model cards, policy guardrails, human-in-the-loopBuild vs buy: platforms, guardrails, and controls without blocking product velocityFuture-proofing: modular MLOps, retrain/swap agility, transparent governanceWho this is forCISOs, security architects, ML leaders, platform teams, and founders running GenAI in regulated or high-risk environments.GEN AI Securityhttps://www.youtube.com/watch?v=aTJPKifa1VMAI Governancehttps://www.youtube.com/watch?v=LgFBi5XD-Ow&t=5668s&pp=ygUNYWkgZ292ZXJuYW5jZQ%3D%3DCISO talkshttps://www.youtube.com/playlist?list=PL0hT6hgexlYwPTD-wC3oFBe27VGEiizg1NIST Serieshttps://www.youtube.com/watch?v=VcC_KabV_Ho&list=PL0hT6hgexlYy0vBwMv0eteiyAxB48RQzy&pp=gAQBiAQBGRC Serieshttps://www.youtube.com/watch?v=mq_vSLHm4r0&list=PL0hT6hgexlYztA41j1bceTfVagP9mtq28&pp=gAQBISO 27001 Videohttps://www.youtube.com/watch?v=sQqJH2naU6I&t=1454s&pp=ygUeaXNvIDI3MDAxIGltcGxlbWVudGF0aW9uIHN0ZXBzISO 27001 Implementation Guidehttps://www.youtube.com/watch?v=GBfwk10Hh-o&pp=ygUeaXNvIDI3MDAxIGltcGxlbWVudGF0aW9uIHN0ZXBzGRC Practical Serieshttps://www.youtube.com/playlist?list=PL0hT6hgexlYztA41j1bceTfVagP9mtq28GRC Interviewhttps://www.youtube.com/playlist?list=PL0hT6hgexlYz1Usn1Nrnur6OzVoz59zylInternal Audithttps://www.youtube.com/playlist?list=PL0hT6hgexlYyNWBcGYfabwumCr0GKmLWvStudy with MeTelegram Grouphttps://t.me/Prabhstudy#AISecurity #GenAI #ZeroTrust #AIGovernance #EUAIAct #NISTAI #ISO42001 #MLOps #LLMSecurity #DataSecurity #ModelRisk #AdversarialML #IncidentResponse #SecurityArchitecture #CloudSecurity #SupplyChainRisk #PromptSecurity #AICompliance #ThreatDetection

  --------  

  1:19:46

  --------

  1:19:46

More Technology podcasts

Trending Technology podcasts

About Prabh Nair