Intersections IT Security One2One Summit and Security Current Podcast Series

David Cass, CISO IBM Cloud & SaaS CISO, and James Beeson, CISO GE Capital Americas, Discuss the Changing and Increasingly Destructive Nature of Cyberattacks

In the series brought to you by Intersections IT Security ONE2ONE Summit and Security Current you will hear CISOs discuss today’s most critical issues in IT Security.

This episode features David Cass, IBM Cloud & SaaS CISO, and James Beeson, GE Capital America’s CISO, who discuss how the nature of attacks has fundamentally changed and are becoming more destructive, for example with ransomware, which impacts corporations and individuals.

In this podcast you’ll also hear about organized crime and the traditional bad actors and how it is much easier to recruit because of the economics of it. David and James discuss how cybercrime has become so ‘mainstream’ that support is even offered on malware that easily purchased online. They also talk about what they think needs to be done to help combat today’s increasing attacks.



Intersections IT Security One2One Summit and Security Current Podcast Series

David Cass, IBM Cloud & SaaS CISO, and David Hahn, Hearst Corporation CISO, Discuss the Biggest Security Challenges Facing Media Corporations

In the series you will hear CISOs discuss today’s most critical issues in IT Security.

The first episode features David Cass, IBM Cloud & SaaS CISO, and David Hahn, Hearst Corporation CISO, who discuss today’s biggest security and associated business problems facing media corporations and how they are  leading to billions of dollars in lost revenue.

In this podcast you’ll hear about malvertising, how it works, the absence of regulations and government intervention, and the Sony breach and its implications.



CISOs of IBM Cloud & SaaS and Deloitte Touche Tohmatsu Discuss Cybersecurity Convergence

In today’s digital age, there are more connected devices than ever before. A look at the history of the digital universe shows that, like the real universe, it is expanding. From a single device meeting our needs—starting with the PC, then moving to laptops and phones–we seem poised on the brink of a technological “big bang” resulting in an ever-more-diffuse array of gadgets, monitors, appliances, and communications all working in tandem to enhance our personal and professional lives. And with the convergence of technologies more data is being generated than ever.

The question arises as to how then will we secure our networks and data?

As you’ll hear in this interview with David Cass, IBM Cloud & SaaS CISO, who speaks with Dr. J.R. Reagan, Deloitte Touche Tohmatsu Limited CISO, the way enterprises approach security likely may require new ways of thinking. They discuss how security has transformed from managing things to managing data in order to protect the enterprise. Dr. Reagan provides 3 key takeaways for security executives in today’s digital age.

Read Dr. JR Reagan’s article on Cybersecurity Convergence


Cloud Security Alliance Talks Challenges, and CISO Trends

Cloud security continues to be a key consideration for CISOs with them weighing in on the pros and cons of whether or not to migrate to the cloud and if so, best practices for migrating.

A recent report issued by the Cloud Security Alliance (CSA), a member-driven organization chartered with promoting the use of best practices, touches on the key concerns facing adoption today. In this podcast recorded at the RSA 2016 Conference with Security Current’s Vic Wheatman, CSA Chief Technology Officer Daniele Catteddu discusses the current and future state of the cloud.



Social Media and Cyberterrorism – A Conversation with  Cybercrime Expert Morgan Wright

Morgan Wright is an internationally recognized cybersecurity, cyberterrorism and identity theft expert.

He’s testified in front of congress, advised the U.S. State Department and served in law enforcement.  In this conversation with Security Current’s Vic Wheatman, Morgan speaks about ISIS-inspired cyber terrorism, ransomware, and social engineering as a tool for enabling spear phishing to steal credentials and corrupt business systems.

Training, policy and philosophy are critical, even before security technologies are implemented.  As you’ll hear from Wright: “Think before you click the link.”



Security and Network Access Control at Barnabas Healthcare

With vast amounts of personal information and Internet-enabled medical equipment, health care faces unique security requirements. Some are a result of regulatory mandates such as HIPAA while others are because of the critical clinical equipment found in hospitals and doctors offices.

Gaining visibility into the variety of platforms present while positioning for future needs becomes a challenge.  Technologies such as Network Access Control (NAC) can provide a needed overview into the security environment.  In this podcast with Security Current’s Vic Wheatman, Barnabas Health’s CISO Hussein Syed and Dominic Hart, the health care system’s manager of information security architecture discuss their approach to this complex environment.



Of Encryption and Backdoor Access: A Conversation with a CISO

Encryption is fundamental to business today. But encryption also allows evildoers to plan nefarious criminal or terrorist acts.  Law enforcement, intelligence agencies and political interests have proposed “back doors” to enable them to do their jobs.  Shades of the cryptographic device, The Clipper Chip and the Skipjack algorithm!  Look it up!

CISOs need to work with stakeholders to find the right balance between their responsibilities in protecting sensitive data and cooperation with law enforcement and Homeland Security.  These and other  issues are discussed  in this conversation between Security Current’s Vic Wheatman and Greg Schaffer, FirstBank VP and Information Security Officer.



Bug Bounty Programs: Trends in Developing Secure Software with SANS John Pescatore

In the push to launch mission critical applications, insecure software often makes it into production. Sometimes hackers find the gaps and exploit vulnerabilities. Now new approaches are leading to continuous vulnerability testing – by ‘hackers.’

Based on crowdsourcing and by offering bug bounties, Secure Systems Development Life Cycle (SDLC) principles are being enhanced and developers’ mindsets are being changed.

Code quality improvements resulted and efficiency improved. In this conversation, SANS Institute Director of Emerging Security Trends John Pescatore tells Security Current’s Vic Wheatman what some CISOs and application developers have found by moving in this direction.



Looking at Cybersecurity in the New Year with Roota Almeida, Delta Dental Head of Information Security 

Each year is a new opportunity to use what we’ve learned in the past in order to address the future and anticipate what the bad actors may do next to breach our information security.

Here, the head of information security at Delta Dental of New Jersey addresses what we can expect as we enter 2016, discusses the role of cyber insurance, warns about how old source code can be exploited and highlights how Identity and Access Management and Managed Security Service Providers can help plan the future state of our information security.

Listen to Delta Dental of New Jersey’s Roota Almeida in conversation with Security Current’s Vic Wheatman.



Addressing the Growing Cybersecurity Threat in 2016 with Jason Witty, US Bancorp CISO

The overall cost of cyber crime in 2015 to the world economy as a whole was estimated at a conservative $575 billion, according to research. Breaches are growing in number and sophistication.

According to Jason Witty, Executive Vice President and CISO at US Bancorp, there are five major sources of information security threats and they are continuing to evolve dramatically.

He identified five high-level classifications that include: insider threats, organized crime, hactivists, terrorists, and nation states.

But as Witty tells Security Current’s Vic Wheatman there is a light at the end of the tunnel. Using security frameworks and taking advantage of new legislation that supports threat information sharing among organizations are some of the most viable approaches to combating the increasingly sophisticated and emerging threats.  Hear about these topics, as well as the growth in business email compromise fraud, in this conversation.