Redefining CyberSecurity Podcast
Hosted by Sean Martin, CISSP
Have you ever thought that we are selling cybersecurity insincerely, buying it indiscriminately, ...
The Irreversible Impact of Technology: The Ethical Dilemmas We Face When We Can’t Uninvent Our Creations | An Australian Cyber Conference 2024 in Melbourne Conversation with Mikko Hypponen | On Location Coverage with Sean Martin and Marco Ciappelli
Guest: Mikko Hypponen, Chief Research Officer (CRO) at WithSecure [@WithSecure]On LinkedIn | https://www.linkedin.com/in/hypponen/On Twitter | https://twitter.com/mikkoHosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast & Audio Signals PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesDuring the AISA CyberCon 2024 in Melbourne, Sean Martin and Marco Ciappelli sat down with Mikko Hypponen to discuss the irreversible nature of technology, the challenges it presents, and its impact on society. The discussion focused not on the event itself but on broader issues and ideas that shape our relationship with technological innovation.The Irreversible Nature of InnovationMikko emphasized that once a technology is invented, it cannot be uninvented. Strong encryption was one of his key examples: it secures communication for individuals and organizations, yet it is also used by criminals to evade detection. This duality underscores the reality that every innovation carries benefits and drawbacks. Mikko noted, “Even if we wanted to get rid of strong encryption, it’s not possible. Criminals would still use it.”The conversation also touched on artificial intelligence. Mikko highlighted how innovations build on past advancements. Decades of progress in digitizing information, developing the internet, and creating cloud infrastructure have made today’s AI capabilities possible. He reflected on how large technological revolutions often take longer than anticipated to develop but eventually surpass expectations in scope.Technology as a Double-Edged SwordThe group explored societal challenges posed by technology, such as the impact of social media on youth and ethical questions around ransomware. Mikko pointed to the breach of the Vastamo psychotherapy center in Finland, where hackers stole sensitive patient records and demanded ransoms from both the clinic and its patients. He argued that, in some cases, paying the ransom might result in less harm, even though it contradicts the principle of not funding criminal activity.Marco raised the issue of preparing young people for social media, comparing it to teaching a child to drive before handing over car keys. The discussion emphasized the importance of gradually introducing tools and systems while fostering understanding of their risks and responsibilities.Building on the PastMarco noted how foundational technologies, like the internet, enable further innovations. Mikko agreed, citing how AI’s rapid rise was made possible by decades of previous work. He stressed that each technological leap requires the groundwork laid by earlier developments, creating platforms for new ideas to flourish.The group also discussed the limitations of regulation. For example, cryptocurrencies, built on mathematical principles, cannot be fundamentally altered by laws. Instead, regulation can only address interactions between real-world currencies and blockchain systems. Mikko observed, “Math doesn’t care about your laws and regulations.”Closing ThoughtsThe conversation underscored that innovation is inherently a trade-off. Every advancement brings both opportunities and challenges, and society must navigate these complexities thoughtfully. Mikko highlighted that while the benefits of technologies like encryption, AI, and the internet are significant, they also create new risks.Sean, Marco, and Mikko’s discussion emphasized the importance of understanding and adapting to technological change. While we can’t control the pace of innovation, we can shape how it integrates into our lives and institutions. This ongoing dialogue remains essential as society continues to grapple with the implications of progress.____________________________This Episode’s SponsorsThreatlocker: https://itspm.ag/threatlocker-r974____________________________ResourcesLearn more and catch more stories from Australian Cyber Conference 2024 coverage: https://www.itspmagazine.com/australian-cyber-conference-melbourne-2024-cybersecurity-event-coverage-in-australiaBe sure to share and subscribe!____________________________Catch all of our event coverage: https://www.itspmagazine.com/technology-cybersecurity-society-humanity-conference-and-event-coverageTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastTo see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcastWant to tell your Brand Story Briefing as part of our event coverage?Learn More 👉 https://itspm.ag/evtcovbrf
--------
23:59
Human Factors in Cyber Security: Cultivating Cybersecurity Culture and Cyber Skills Gap | An Australian Cyber Conference 2024 in Melbourne Conversation with Leanne Ngo | On Location Coverage with Sean Martin and Marco Ciappelli
Guest: Leanne Ngo, Associate Professor, La Trobe UniversityOn LinkedIn | https://www.linkedin.com/in/leanne-ngo-86979042/Hosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast & Audio Signals PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesDuring AISA Cyber Con 2024 in Melbourne, Sean Martin and Marco Ciappelli sat down with Dr. Leanne Ngo to discuss cyber resilience, community impact, and the role of culture in cybersecurity. Their conversation explored the intersection of technology, education, and human connection in the pursuit of a safer and more secure society.Dr. Ngo shared her perspective on resilience, highlighting its evolving definition. While digital tools increase opportunities for connection, she emphasized that face-to-face interaction remains vital, especially for vulnerable communities. Her work in promoting cybersecurity awareness involves building trust and understanding among diverse groups, tailoring approaches to their unique needs and cultural contexts.The discussion turned to the importance of culture in cybersecurity, with Dr. Ngo describing it as a gradual process of change driven by action and integration into everyday life. She stressed that cyber awareness—often focused on knowledge—must evolve into behavioral transformation, where secure practices become second nature both at work and in personal lives. This requires understanding the subcultures within organizations and communities and adapting strategies to resonate with their specific dynamics.Sean also brought up the concept of belief as a cornerstone for driving cultural change. Dr. Ngo agreed, emphasizing that confidence and a growth mindset are essential in fostering resilience. Drawing on her experience as a mentor and educator, she described how instilling belief in individuals’ capacity to contribute to a secure society empowers them to take ownership of their role in cybersecurity.The conversation explored practical ways to bridge the gap between technical solutions and human-centered approaches. Dr. Ngo highlighted her work with the Australian government’s "Stay Safe, Act Now" campaign, which focuses on localizing cybersecurity education. By adapting materials to the values and practices of various communities—such as the South Sudanese and Cambodian populations—her initiatives create relatable and impactful messaging that goes beyond surface-level translations.Education and workforce development also emerged as key themes. Dr. Ngo underscored the importance of short, targeted training programs, like micro-credentials, in addressing the growing skills gap in cybersecurity. Such programs offer accessible pathways for individuals from all backgrounds to contribute meaningfully to the industry, supporting Australia's ambition to be the most cyber-resilient country by 2030.Closing the discussion, Dr. Ngo reinforced that cybersecurity is fundamentally about people. By fostering empathy, understanding, and a collaborative spirit, society can build resilience not just through technology but through the collective effort of individuals who care deeply about protecting one another. This belief in human potential left an enduring impression, inspiring attendees to think beyond traditional approaches and embrace the human element at the core of cybersecurity.____________________________This Episode’s SponsorsThreatlocker: https://itspm.ag/threatlocker-r974____________________________ResourcesLearn more and catch more stories from Australian Cyber Conference 2024 coverage: https://www.itspmagazine.com/australian-cyber-conference-melbourne-2024-cybersecurity-event-coverage-in-australiaBe sure to share and subscribe!____________________________Catch all of our event coverage: https://www.itspmagazine.com/technology-cybersecurity-society-humanity-conference-and-event-coverageTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastTo see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcastWant to tell your Brand Story Briefing as part of our event coverage?Learn More 👉 https://itspm.ag/evtcovbrf
--------
25:58
Data Sovereignty and Security Challenges in the APAC Region: Simplifying Security with Zero Trust and AI-Driven Solutions | An Australian Cyber Conference 2024 in Melbourne Conversation with Abbas Kudrati | On Location Coverage
Guest: Abbas Kudrati, Asia’s SMC Regional Chief Security, Risk, Compliance Advisor, Microsoft [@Microsoft]On LinkedIn | https://www.linkedin.com/in/akudrati/On Twitter | https://twitter.com/askudratiHosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast & Audio Signals PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesDuring the On Location series at AISA Cyber Con 2024 in Melbourne, a significant conversation unfolded between Sean Martin, Marco Ciappelli, and Abbas Kudrati about key cybersecurity themes and strategies relevant to the Asia-Pacific region.Abbas Kudrati, a seasoned cybersecurity professional and cloud advocate, shared insights into the state of cybersecurity in the region. He highlighted that ransomware remains one of the top threats, particularly in Asia and Australia. This persistent issue underscores the importance of robust data governance and access control. Abbas emphasized that organizations must establish strong security foundations, including data classification and access management, to prepare for the complexities introduced by AI. Without these measures, companies risk exposing sensitive information when leveraging generative AI solutions.The discussion also touched on data sovereignty, a critical topic for governments and defense organizations in Australia. Abbas noted the growing number of localized data centers built by major cloud providers to meet sovereignty requirements. While private sector organizations tend to be less stringent about data location, government entities require data to remain onshore. Frameworks like IRAP and Essential Eight are instrumental in ensuring compliance and guiding organizations in implementing consistent security practices.Zero Trust emerged as a transformative concept post-pandemic. According to Abbas, it simplified cybersecurity by enabling secure remote work and encouraging organizations to embrace cloud solutions. He contrasted this with the rise of generative AI, which has introduced both opportunities and challenges. AI's potential to streamline processes, such as analyzing security alerts and automating vulnerability management, is undeniable. However, its unbounded nature demands new strategies, including employee education on prompt engineering and responsible AI use.Sean Martin and Marco Ciappelli explored how AI can revolutionize operations. Abbas pointed out that AI tools like security copilots are making cybersecurity more accessible, allowing analysts to query systems in natural language and accelerating incident response. He stressed the importance of using AI defensively to match the speed and sophistication of modern attackers, noting that attackers are increasingly leveraging AI for malicious activities.The conversation concluded with a forward-looking perspective on AI’s role in shaping cybersecurity and the importance of maintaining agility and preparedness in the face of evolving threats. This dynamic exchange provided a comprehensive view of the challenges and advancements influencing cybersecurity in the Asia-Pacific region today.____________________________This Episode’s SponsorsThreatlocker: https://itspm.ag/threatlocker-r974____________________________ResourcesLearn more and catch more stories from Australian Cyber Conference 2024 coverage: https://www.itspmagazine.com/australian-cyber-conference-melbourne-2024-cybersecurity-event-coverage-in-australiaBe sure to share and subscribe!____________________________Catch all of our event coverage: https://www.itspmagazine.com/technology-cybersecurity-society-humanity-conference-and-event-coverageTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastTo see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcastWant to tell your Brand Story Briefing as part of our event coverage?Learn More 👉 https://itspm.ag/evtcovbrf
--------
24:27
Australia's Global Opportunity and Responsibility: Shaping a More Secure Region and a Safer Digital World | An Australian Cyber Conference 2024 in Melbourne Conversation with Ambassador Brendan Dowling | On Location Coverage
Guest: Ambassador Brendan Dowling, Ambassador for Cyber Affairs and Critical Technology, DFATOn LinkedIn | https://www.linkedin.com/in/brendan-dowling-7812b4261/AT AU Cyber Con | https://canberra2024.cyberconference.com.au/speakers/brendan-dowlingHosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast & Audio Signals PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesThis conversation with Brendan Dowling gave us a glimpse into the strategies, challenges, and collaborations shaping Australia’s digital future—and reminded us all that the cyber frontier is not just a technical battlefield but a deeply human one.The Role of a Cyber AmbassadorDowling began by discussing the unique responsibilities of a Cyber Ambassador, a role that integrates cybersecurity into foreign policy at the highest levels. He emphasized how this position, once viewed as an innovative experiment, has become a strategic necessity for national security. As cyber threats grow increasingly complex and borderless, cyber diplomacy has emerged as a critical tool for fostering stability and trust on the global stage.Strengthening Global CollaborationDuring the discussion, Dowling highlighted the collaborative nature of Australia’s cybersecurity efforts. He explained how cooperation within government agencies and partnerships with international allies are key to staying ahead of emerging threats. These relationships enable critical information-sharing, strategic alignment, and unified responses to incidents, underscoring the interconnectedness of today’s digital ecosystem.Navigating AI and Ethical ChallengesThe conversation turned to artificial intelligence and its growing role in society. Dowling addressed the ethical considerations of AI development and deployment, stressing the importance of balancing innovation with responsibility. He described Australia’s approach to advocating for ethical design and policy frameworks that protect privacy and human rights while maximizing AI’s benefits.Building Resilience in Critical InfrastructureCritical infrastructure was another focal point of the discussion. Dowling acknowledged the increasing complexity of protecting vital systems, from industrial control processes to supply chains. He emphasized resilience—not only in preventing attacks but in responding swiftly and effectively when incidents occur. This approach ensures that essential services, such as energy and manufacturing, can continue to operate even under pressure.Cultural Contexts in CybersecurityDowling also reflected on the role of cultural differences in shaping cybersecurity strategies. He shared experiences from his international work, where addressing issues like online safety and disinformation often requires sensitivity to local norms and values. Tailoring cybersecurity approaches to diverse cultural contexts, he noted, is vital for fostering trust and collaboration across regions.Conclusion:As the conversation concluded, Dowling reaffirmed the need for continued cooperation, innovation, and cultural understanding in tackling global cyber challenges. Sean Martin and Marco Ciappelli expressed their gratitude, leaving listeners with a clear message: cybersecurity is not just a technical issue—it’s a global, ethical, and deeply human challenge that requires collective effort.____________________________This Episode’s SponsorsThreatlocker: https://itspm.ag/threatlocker-r974____________________________ResourcesAustralia's global opportunity and responsibility: shaping a more secure region and a safer digital world (Session): https://canberra2024.cyberconference.com.au/sessions/australias-global-opportunity-and-responsibility-shaping-a-more-secure-region-and-a-safer-digital-worldLearn more and catch more stories from Australian Cyber Conference 2024 coverage: https://www.itspmagazine.com/australian-cyber-conference-melbourne-2024-cybersecurity-event-coverage-in-australiaBe sure to share and subscribe!____________________________Catch all of our event coverage: https://www.itspmagazine.com/technology-cybersecurity-society-humanity-conference-and-event-coverageTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastTo see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcastWant to tell your Brand Story Briefing as part of our event coverage?Learn More 👉 https://itspm.ag/evtcovbrf
--------
16:23
How Do We Make Decisions in Cyber Security? Operational, Tactical, and Strategic Decision-Making in the Age of AI | An Australian Cyber Conference 2024 in Melbourne Conversation with Ivano Bongiovanni | On Location Coverage
Guest: Ivano Bongiovanni, General Manager / Sr Lecturer, AusCERT / UQOn LinkedIn | https://www.linkedin.com/in/ivano-bongiovanni-cybersecurity-management/At AU Cyber Con | https://melbourne2024.cyberconference.com.au/speakers/ivano-bongiovanni-ibtppHosts: Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast & Audio Signals PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________Episode NotesThis AISA Cyber Con 2024 On Location podcast episode recorded in Melbourne spotlights critical discussions led by Ivano Bongiovanni, General Manager for AUSCERT and Senior Lecturer in Cybersecurity at the University of Queensland. The dialogue centers on pivotal issues shaping organizational approaches to cybersecurity, from decision-making factors to data governance and regulatory influences.Bongiovanni discusses his research on decision-making in cybersecurity, conducted across six large organizations. By interviewing professionals at operational, tactical, and strategic levels, the study examines the multifaceted factors driving decisions, such as configuring security systems or choosing cyber insurance. The research identifies four primary influence levels: industry, organizational, team, and individual. Key drivers include regulations at the industry level, organizational culture, and access to collaborative professional forums. These insights aim to provide decision-makers with a reflective framework to ensure comprehensive and informed choices.Another prominent focus is data governance. Bongiovanni emphasizes its role as both a foundation for robust cybersecurity and a potential avenue for organizational value creation. He highlights the challenges organizations face in mapping, managing, and securing their data. While traditionally viewed through a lens of loss prevention, he argues that effective data governance can unlock operational efficiencies and new business opportunities. This aligns with a broader industry shift to link cybersecurity investments to strategic value creation, rather than purely protective measures.The episode also touches on evolving regulatory landscapes. Bongiovanni outlines the increasing scrutiny on board members and CISOs (Chief Information Security Officers) regarding cybersecurity accountability. While Australia is still catching up with global trends, parallels are drawn to the U.S., where regulations like the SEC’s proposed cyber disclosures link leadership liability to organizational cybersecurity practices. In Australia, existing duties of care under the Corporations Act are becoming focal points for regulatory expectations.Information-sharing frameworks, such as ISACs (Information Sharing and Analysis Centers), also feature in the discussion. Bongiovanni underscores their importance in fostering collaboration, particularly in sectors like higher education and healthcare. He notes the ongoing cultural shift encouraging organizations to share threat intelligence securely, which is essential for collective resilience.Through Bongiovanni’s contributions, this episode highlights both the challenges and opportunities in cybersecurity decision-making, emphasizing a nuanced understanding of regulatory, cultural, and technical dynamics.____________________________This Episode’s SponsorsThreatlocker: https://itspm.ag/threatlocker-r974____________________________ResourcesFuture is now: Cautious reflections and bold predictions on cyber security in the years to come (Session): https://melbourne2024.cyberconference.com.au/sessions/session-FsEVnuge9uHow do we make decisions in cybersecurity? Operational, tactical, and strategic decision-making in the age of AI (Session): https://melbourne2024.cyberconference.com.au/sessions/session-BdOGZjahUeThe executive playbook: Elevate your cyber security through data governance (Workshop): https://melbourne2024.cyberconference.com.au/workshops/workshop-rxAAQPTLUJLearn more and catch more stories from Australian Cyber Conference 2024 coverage: https://www.itspmagazine.com/australian-cyber-conference-melbourne-2024-cybersecurity-event-coverage-in-australiaBe sure to share and subscribe!____________________________Catch all of our event coverage: https://www.itspmagazine.com/technology-cybersecurity-society-humanity-conference-and-event-coverageTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit: https://www.itspmagazine.com/redefining-cybersecurity-podcastTo see and hear more Redefining Society stories on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-society-podcastWant to tell your Brand Story Briefing as part of our event coverage?Learn More 👉 https://itspm.ag/evtcovbrf
Redefining CyberSecurity Podcast
Hosted by Sean Martin, CISSP
Have you ever thought that we are selling cybersecurity insincerely, buying it indiscriminately, and deploying it ineffectively?
For cybersecurity to be genuinely effective, we must make it consumable and usable. We must also bring transparency and honesty to the conversations surrounding the methods, services, and technologies upon which businesses rely. If we are going to protect what matters and bring value to our companies, our communities, and our society, in a secure and safe way, we must begin by operationalizing security.
Executives are recognizing the importance of their investments in information security and the value it can have on business growth, brand value, partner trust, and customer loyalty.
Together with executives, lines of business owners, and practitioners, we are Redefining CyberSecurity.