Security Sessions Podcast
Remote Access Challenges and Insider Threat Security
Episode 1: Real Threats for Real People – What has the pandemic taught us?
Are businesses being forced into digital transformation too quickly and therefore cutting corners? How to businesses adapt to the changing threat vectors as more valuable data gets pushed further out into the infrastructure due to remote working? These are some of the questions we are exploring with guests Rick Robinson and Todd Moore.
I am a serious podcast consumer.
Many times, like most people, I listen to the same podcasts, but every now and then, I look for something new.
So I was delighted to be invited to host the new Thales Security Sessions podcast and in my first episode I tackled some of the threats that are emerging as a result of the global Covid-19 pandemic.
My guests for this episode were Todd Moore and Rick Robinson. Todd is the head of encryption products at Thales, and Rick is the principal and trusted advisor at Goldbug Technology Consulting.
We discussed the changing ways that corporations are working, and the threats surrounding this new remote office model. Some of the problems, such as the insider threat challenge have been extended far beyond the corporate perimeter. What can be done to counter this attack vector? Rick offered some specific, actionable steps towards reducing this attack path.
How has the pandemic affected the way a business must prepare for a disaster? Is it any different than any other disaster scenario? Too often, risk managers create plans that try to specify every possible contingency, both imaginable and fanciful. Rick and Todd offered some sound advice to keep your organization's disaster recovery plan from running off the rails. In any instance, an effective business continuity plan should already cater for this scenario.
How can an InfoSec team make sure that the networks of their remote workforce are secure? What about all the possible data sprawl that can occur when your workforce is outside of the corporate network? What industry is most likely to be targeted as a result of the pandemic, and what do the threats look like? What are three topics that a CISO should be looking at as a priority?
These questions were answered directly in a brisk and engaging exchange of ideas. If you are a security podcast junkie, or are just starting to seek good security debate, you will not be disappointed with this new podcast.
I hope you enjoy listening to Episode 1: Real Threats for Real People. What Has the Pandemic Taught Us? and stay tuned for forthcoming episodes…they promise to be just as engaging!
Our Host
Neira advises organisations of all sizes on payments, fintech, regtech, cybercrime, information security, regulations (e.g. PSD2, GDPR, AML) & digital innovation. With more than 20 years in financial services & technology, she believes in change through innovation & partnerships and always strives to demystify the hype surrounding current issues. She enjoys her work as a strategic board advisor and non-executive director. She also provides coaching, training/e-learning, speaking, payment security expert witness services, and helps with M&As cybersecurity due diligence. She likes engaging on social media & regularly addresses global audiences in person or virtually.
She is the 1st Advisory Committee member for PCI-Pal, a global leader in secure payments & chairs the Advisory Board for mobile innovator Ensygnia. She is proud to be an Ambassador for the Emerging Payments Association and a friend of the Global Cyber Alliance. You'll find her on the Refinitiv list of Top 100 Influencers in Financial Services, the Planet Compliance Top 50 RegTech Influencers, the SC Magazine list of the UK's 50 Most Influential Women in Cyber-Security 2019, the Cybersecurity Ventures Women Know Cyber 2019 (100 Fascinating Women Fighting Cybercrime), the Jax Finance Top 20 Social Influencers in Fintech 2017, the City AM Powerful Women in the City List, the Richtopia Top 100 Most Influential People in Fintech. Tripwire nominated her "Top Influencer in Security To Follow on Twitter" in January 2015, CEOWorld Magazine nominated her Top Chief Security Officer to Follow on Twitter in April 2014, she is the Merchant Payments Ecosystem Acquiring Personality of the Year 2013, the SC Magazine Information Security Person of the Year 2012 and is an InfoSecurity Europe Hall of Fame alumni. She was voted to the Top 10 Most Influential People in Information Security by SC Magazine & ISC2 in 2010 & has served on the PCI SSC Board of Advisors for 4 years. She is a British Computer Society Fellow.
Neira has previously worked for Barclaycard, Santander, Abbey National, Oracle Corp. and Unisys. Her clients span industry sectors, including financial services, fintech, retail, legal, consulting, information security & technology.
She loves technology and cars...
twitter.com/neirajones
www.linkedin.com/in/neirajones
Our Guest Speakers
Rick is the former Offering Manager for Encryption and Key Management for the Data Security Group at IBM Security, regular speaker at IBM conferences, and a contributor to SecurityIntelligence.com.
Throughout his career, he has worked in the defense, retail, financial, manufacturing, communications, and data security industries, addressing the changing needs of information security and analytics. He has consulted with customers on security and key management architectures for security data at rest, data at transit, and data in use for real-time and high-velocity applications with a particular emphasis on problems that involve PKI and the use and management of certificates and SSH keys.
Rick has authored or co-authored thirteen patents, many in the area of computer security and cryptography. Rick holds a Bachelor and Master of Science Degrees in Electrical Engineering as well as an MBA. In addition, he holds certifications from the Information Systems Security Certification Consortium (ISC2), is a member of the Storage Network Industry Association Storage Security Industry Forum (SNIA-SSIF), participates on the OASIS-KMIP technical committee, is a past Section Chair of IEEE, and past participant in the IETF. Amongst other volunteering activities, he chairs the election committee and manages bi-annual elections at K-12 school in Colorado.
Todd Moore is a respected cybersecurity professional, with over 28 years' experience in helping organizations protect their most sensitive data.
In his role as Vice President of Encryption Solutions, Todd drives strategy for the company's data encryption portfolio – bringing together a set of well-known security brands (SafeNet, Vormetric and Thales eSecurity) together, into a single data protection business line that addresses existing and new customer needs.
Todd joined Thales through a series of acquisitions from his prior roles; these predominantly entailed product leadership positions for both SafeNet and then Gemalto. He had already gained deep understanding of security challenges and technologies within the defence industry, having spent almost two decades with Harris Corporation. Over his career, Todd has a proven track record of developing business cases and market analysis for new security products and delivering them to market. He routinely develops strategies for new product development and execution, as well as negotiating strategic relationships and alliances.
With a rich combination of technology, product and customer understanding, Todd has frequently offered insights and commentary to media on topics such as hybrid cloud, encryption and cryptographic agility. Recent media contributions include the likes of IoT Now, Finextra and BankInfo Security.
Security Sessions Podcast
For the latest on cloud & data security
This podcast series explores the technologies, people, and processes behind information security. We’ll delve into topics like data security, remote access and digital transformation, as well as the people and technology that make it all work behind the scenes. We’ll speak to Thales and industry experts to bring you fresh perspectives on how to navigate the world of cloud security.
We invite you to subscribe to Security Sessions, a podcast bringing you insights from industry experts on the latest cloud & data security news and trends.
Listen to Previous Podcasts
Episode 1: Real Threats for Real People – What has the pandemic taught us?
Are businesses being forced into digital transformation too quickly and therefore cutting corners? How to businesses adapt to the changing threat vectors as more valuable data gets pushed further out into the infrastructure due to remote working? These are some of the questions we are exploring with guests Rick Robinson and Todd Moore.
Learn More About Remote Access Challenges and Insider Threat Security
Episode 2: More digital, more risk: where is the trust?
More digital, means more ecommerce, more digital payments, more financial fraud and cybercrime and ultimately more risk. Many organisations within the payment sector are being pushed into digitisation more quickly as they move to operate online to keep cash flow – without doing necessary due diligence on the best solution or vendor and with security not really on their agenda. These are some of the issues we are exploring with guests Arthur van der Merwe and Simon Keates.
Episode 3: Do you know who I am? The digital identity challenge
More digital also means more interactions where the various parties are interacting without knowing each other. This is linked to the much needed focus on digital identity, IAM, CIAM, authentication, behavioural analytics. Has the pandemic forced people’s perception of digital identity to change as they have been forced to accept the digital transformation in their own lives? Our host Neira Jones discussed this topic with guests Sundaram Lakshmanan and Francois Lasnier.
Episode 4: Time for the crystal ball – What to expect in 2021
In this episode we are looking ahead at what we can expect in 2021 and reviewing how 2020’s remote working, separation from family and teams have changed us. Have a listen to some of the interesting insights from Neira’s guests, Troels Oerting, Chairman of the Board of the World Economic Forum’s Centre for Cybersecurity (C4C) and Ashvin Kamaraju, CTO and Vice President Engineering at Thales Cloud Protection & Licensing.
Episode 5: The Challenges of Digital Transformation
Many businesses have been forced to accelerate their digital transformation strategies due to the pandemic and doing it successfully has become a major challenge. What do organisations do to transform their infrastructure to where it needs to be from a technology standpoint? The new threats are here to stay – so what is the best DX practice from a technology point of view? How do you focus on the technology process and preservation of your infrastructure?
Episode 6: Data Beyond Borders: The Schrems II Aftermath
Are the current rules and regulations for securing information and maintaining privacy fit for purpose when you think about the future? Do you think work and lifestyle changes brought about by Covid-19 will have a regulatory impact that we need to plan for? Neira discusses these questions with Enza Iannopollo, Senior Analyst at Forrester and Thales’ own Mukesh Chandak, Business Development Director.