Data Security Decoded

Detecting Adversary Intent: Analyzing Behavioral Tells in Admin Logs with Allison Wikoff

Tue, 14 Apr 2026 07:00:00 -0000

Adversaries are already logging into your network using your own admin credentials. In this episode, Caleb Tolin sits down with Allison Wikoff to move past the identity clichés and analyze the specific behavioral signals that separate routine IT maintenance from state-sponsored sabotage. They dissect why resilience is not a flash of genius during a crisis, but a mindset that organizations can adopt to stay ahead of dynamic threat actors.

The conversation explores how attackers are increasingly bypassing traditional controls like MFA and leveraging non-human identities such as service accounts, APIs, and AI agents. These identities often operate with persistent access and elevated privileges, making them highly attractive targets. As AI continues to lower the barrier to entry, adversaries are moving faster and blending more effectively into normal activity, making detection significantly more challenging.

The episode also examines how ransomware, espionage, and sabotage offer different behavioral tells, with data exfiltration now central across multiple threat types. In parallel, organizations must begin preparing for long-term risks like quantum computing, where encrypted data stolen today could be exposed in the future (i.e., “harvest now, decrypt later”_.

Throughout the discussion, practical strategies take center stage. From strengthening identity hygiene and segmentation to improving visibility across users, systems, and third parties, the fundamentals remain critical. The key takeaway is clear. While the threat landscape is evolving, organizations that focus on identity, preparedness, and resilience will be best positioned to reduce risk and recover effectively.

What You’ll Learn

How attackers bypass MFA and blend in using legitimate credentials
Which non-human identities are high-risk targets
How threat actors are leveraging AI to lower the barrier to entry for cybercrime
The difference between ransomware, espionage, and sabotage intent signals
What “harvest now, decrypt later” means for quantum risk
The three hygiene practices that still stop most attacks

Episode Highlights

[00:00:00] The Limits of MFA Why attackers are starting to work around multi-factor authentication

[00:02:00] The Explosion of Non-Human Identities Service accounts, APIs, and AI agents as new attack surfaces

[00:04:00] AI and the Speed of Threats How AI is accelerating reconnaissance and malware creation

[00:05:00] Ransomware vs. Espionage Why data exfiltration is now central to both

[00:06:00] Healthcare Under Pressure Why critical sectors face compounded cyber risk

[00:08:00] Quantum Threats Explained Understanding “harvest now, decrypt later”

[00:11:00] Identity Recovery Challenges Why restoring trust is harder than restoring systems

[00:14:00] The 3 Security Fundamentals Identity hygiene, segmentation, and visibility

Downtime in Healthcare is Fatal: Achieving Resilience in Health & Life Sciences

Tue, 07 Apr 2026 07:00:00 -0000

Cybersecurity in healthcare is undergoing a critical shift. What was once viewed as a back-office IT concern is now directly tied to patient safety and clinical outcomes. In this episode of Data Security Decoded, host Caleb Tolin sits down with John Fokker, Vice President of Threat Intelligence Strategy at Trellix, to explore new findings that reveal a significant increase in inpatient mortality rates following cyberattacks on hospitals, reframing cybersecurity as a life-or-death issue.

The conversation dives into how attackers infiltrate healthcare environments, often through familiar entry points like email, before moving laterally across interconnected systems. From HVAC units to supply chain logistics, even nonclinical systems can disrupt care delivery when compromised. The discussion highlights how adversaries blend into hospital networks using legitimate tools, making detection increasingly difficult.

We also examine the alarming dwell times seen in healthcare environments and what defenders can do to identify subtle anomalies before they escalate. The episode outlines practical strategies, including stronger email defenses, network segmentation, and proactive threat hunting.

Finally, we confront two uncomfortable truths: apolitical healthcare and humanitarian organizations remain prime targets, and AI introduces both powerful defenses and new risks. The takeaway is clear. Cyber resilience is not optional. It is essential to maintain trust, ensure continuity, and ultimately save lives.

What You’ll Learn

Why cyberattacks in healthcare directly impact patient mortality
How nonclinical systems can disrupt critical care delivery
What long dwell times reveal about attacker behavior
How threat actors use legitimate tools to evade detection
The most effective ways to reduce healthcare attack surfaces
Why email remains the primary entry point for attackers
How to reframe cybersecurity as a patient safety priority

Episode Highlights

00:00 – A Shocking Statistic A 29 percent increase in mortality reframes cyber risk

02:30 – From IT to Patient Safety Why CISOs now have a stronger voice at the board level

05:10 – The Backdoor Problem Nonclinical systems and third parties as attack vectors

09:00 – Living in the Network Understanding long dwell times and stealthy attackers

13:45 – Spotting the Signals Key behavioral indicators defenders should watch

18:20 – Three Steps to Resilience Email security, segmentation, and attack surface reduction

23:10 – Two Inconvenient Truths AI risk and the myth of healthcare immunity

27:00 – Final Takeaway Cybersecurity as operational resilience

AI Takes Over RSAC Conference (Now What?) with Dave Bittner.

Tue, 31 Mar 2026 07:00:00 -0000

In this RSAC Conference recap, Dave Bittner, Host of The CyberWire Daily, joins Data Security Decoded host Caleb Tolin from the guest seat to unpack the biggest theme dominating the conference: artificial intelligence, and, more specifically, agentic AI.

From wall-to-wall AI messaging across San Francisco to in-depth conversations with security leaders and analysts, one thing became clear: the industry has moved past debating whether AI will take hold. It already has. Now, the focus has shifted to making it safe.

Dave shares insights from discussions with vendors, researchers, and intelligence professionals, highlighting a growing consensus around the need for strong guardrails, identity controls, and governance frameworks. As organizations begin deploying AI agents capable of acting autonomously, concerns around misuse, manipulation, and “machine-speed” attacks are accelerating.

The conversation also explores the rise of “shadow AI,” where employees use AI tools outside official oversight, and why banning these tools may backfire. Instead, organizations must embrace visibility and collaboration to manage risk effectively.

Ultimately, this episode captures a pivotal moment for cybersecurity: a transition from experimentation to operational reality. The tools are powerful, the risks are real, and the path forward requires balancing innovation with control while, as Dave puts it, doing everything possible to “limit the blast radius.”

What You’ll Learn

Why AI adoption in cybersecurity has shifted from optional to inevitable
What “agentic AI” means and why it’s a game changer
How identity is becoming the core security layer for AI systems
Why “machine speed” is forcing defenders to rethink workflows
The real risks of AI misuse, including manipulation and prompt injection
How “shadow AI” is emerging inside organizations—and why it matters
Practical ways companies are thinking about AI guardrails and governance

Episode Highlights

[00:00] – Role Reversal at RSA Dave steps into the interviewee seat and kicks things off with a lighthearted karaoke discussion.

[02:15] – RSA Energy Check Why this year’s conference felt more optimistic despite industry uncertainty.

[04:10] – AI Everywhere From billboards to conversations—AI dominates RSA.

[06:00] – Agentic AI Arrives Why autonomous AI agents are no longer theoretical.

[08:30] – Guardrails & Identity How security leaders are thinking about controlling AI behavior.

[11:15] – When AI Goes Wrong A real-world example of AI being manipulated—and what it reveals.

[14:00] – Machine-Speed Threats Why defenders must move faster than ever before.

[17:30] – The Big Shift AI is inevitable—now the focus is containment.

[19:30] – Shadow AI Risk Why employees using AI outside oversight is a growing concern.

Your Backups Are Talking — Are You Listening?

Tue, 17 Mar 2026 07:00:00 -0000

Security teams spend enormous effort chasing the latest threats, yet often overlook one of the most revealing sources of truth already in their environment: backups. In this episode of Data Security Decoded, host Caleb Tolin sits down with Kyle Fiehler, Transformation Analyst at Rubrik Zero Labs, to explore why backup data has become a critical — and largely ignored — form of security telemetry.

Kyle explains how secure, immutable backups act as a historical record of attacks that evaded traditional detection tools, capturing digital fingerprints left behind by sophisticated adversaries. From hypervisor-level threats to long-dwell state-backed actors, backups often reveal what endpoint and network tools miss. And attackers know it. As Kyle outlines, ransomware groups like Evil Corp and Storm-0501 deliberately target backups and identity infrastructure to maximize leverage and accelerate payouts.

The conversation also challenges how organizations think about recovery and Mean Time to Response (MTTR). Rather than treating MTTR as a single metric, Kyle advocates breaking recovery into phases — scoping compromise, validating clean recovery, and restoring identity — to pinpoint where resilience actually breaks down. The result is a more actionable, operational view of cyber readiness.

This episode offers a clear message for security and IT leaders alike: resilience isn’t just about preventing attacks. It’s about using every available signal, drilling recovery before incidents occur, and recognizing that backups are no longer passive insurance — they’re active intelligence.

What You’ll Learn

Why secure backups function as a record of threats other tools miss
How ransomware groups deliberately target backups and identity systems
Where organizations commonly fail to extract security value from backup data
How to rethink MTTR by breaking recovery into measurable phases
Why identity infrastructure is central to modern recovery strategies
Three concrete steps to operationalize backup intelligence today

Episode Highlights

[00:00] Backups as Digital Fingerprints Why immutable backups reveal threats that evade traditional security tools.

[04:30] The Telemetry Everyone Ignores How organizations overlook backups as a source of threat intelligence.

[07:45] Who Owns Backup Security? The growing shift from IT ownership to security accountability.

[10:30] MTTR Is Broken Why recovery metrics fail — and how phased recovery fixes that.

[12:45] Threat Actors Targeting Backups How groups like Evil Corp and Storm-0501 maximize leverage.

[15:00] Three Actions Security Teams Can Take Today Practical steps to extract real value from backup data.

AI Moves Fast. Privacy Has to Move Faster.

Tue, 03 Mar 2026 08:00:00 -0000

AI promises speed, scale, and efficiency—but it also magnifies privacy risk in ways many organizations aren’t prepared for. In this episode, Caleb Tolin welcomes Ojas Rege of OneTrust for a practical, wide-ranging conversation on how data privacy and governance must evolve alongside enterprise AI adoption.

Ojas explains why AI fundamentally changes the privacy conversation: the same systems that enable organizations to move faster can also cause harm faster when guardrails aren’t in place. From agentic AI systems that dynamically repurpose data to general-purpose models that blur traditional notions of “intended use,” the challenge isn’t just compliance—it’s trust.

The discussion dives deep into purpose limitation under GDPR and the EU AI Act, clarifying where organizations commonly misunderstand consent and where AI training introduces entirely new risks. Ojas emphasizes a simple but powerful test: are you using personal data for the same purpose you originally received consent for—or has AI quietly expanded that purpose?

The conversation then shifts to cloud and data sovereignty, particularly for European organizations navigating geopolitical uncertainty. Ojas outlines why data mapping, prioritization, and software supply chain visibility matter more than ever—and why perfection is less realistic than smart prioritization.

Ultimately, this episode reframes governance as an enabler. When privacy and data governance are embedded early, organizations can innovate faster, build lasting trust, and deploy AI with confidence in an increasingly complex global environment.

What You’ll Learn

Why AI scales privacy risk just as fast as business value
How purpose limitation breaks down with general-purpose AI models
When AI use requires new consent—and when it doesn’t
Why transparency is foundational to long-term customer trust
How data sovereignty concerns extend beyond cloud providers
Where software supply chains create hidden privacy blind spots
How good governance can accelerate, not block, AI deployment

Episode Highlights
[00:02:00] AI Scales the Good—and the Bad How AI accelerates both innovation and privacy harm.
[00:04:00] Purpose Limitation Meets AI Reality Why general-purpose models challenge traditional consent frameworks.
[00:06:30] Trust as a Business Risk Why transparency matters as much as legal compliance.
[00:07:30] Cloud & Data Sovereignty Explained What European organizations can do today to reduce risk.
[00:10:30] The Software Supply Chain Blind Spot Why third parties make sovereignty harder in the AI era.
[00:12:30] Data as Economic Power How nations now view citizen data as an AI asset.

[00:14:00] Governance That Enables Speed Why governing early helps organizations move faster later.

The Real Risks of Agentic AI in the Enterprise

Tue, 17 Feb 2026 10:00:00 -0000

As enterprises race to adopt AI, many are discovering that traditional security models no longer hold. In this episode of Data Security Decoded, host Caleb Tolin is joined by Camille Stewart-Gloster, CEO of CAS Strategies and former Deputy National Cyber Director, to unpack how AI is redefining cyber risk at every layer of the organization.

Camille explains why identity-based attacks are so effective and how non-human identities (from APIs to AI agents) are quietly expanding the attack surface. She emphasized how critical MFA is for organizations to enable as they scale up AI operations., and why conditional access and governance must be foundational, not optional.

The conversation also tackles ethical AI head-on. Camille argues that AI ethics and AI security are inseparable, and that removing humans from the loop introduces both legal and operational risk. From shadow AI to agent autonomy, she offers a clear-eyed framework for deploying AI systems that augment human teams rather than replace them.

This episode is a practical guide for security leaders and learners navigating AI adoption, focused on resilience, trust, and long-term enterprise readiness.

What You’ll Learn

Why identity has become the dominant attack surface
How AI agents and non-human identities increase risk
Where EDR falls short in Identity-driven attacks
Why AI ethics is foundational to AI security
How governance enables secure AI deployment
When AI should augment—not replace—security teams

Episode Highlights

[00:03:00] Cyber offense and the evolving national strategy

[00:07:30] Identity eclipses malware as the primary threat

[00:10:00] AI systems as high-value targets

[00:12:30] Human judgment vs. automated response

[00:14:00] The ethics–security connection

[00:15:30] Why AI governance can’t be an afterthought

When Hacktivists Target Water Utilities: Inside a Russian-Aligned OT Attack

Tue, 03 Feb 2026 10:00:00 -0000

Russian-aligned hacktivist groups are increasingly targeting industrial control systems and OT environments—and sometimes it’s shockingly easy. In this episode, Daniel dos Santos, VP of Research at Forescout, walks through how his team used a honeypot to observe an attack against a simulated water treatment facility. We explore attacker motivations, common entry points, and what defenders must prioritize now.

What You’ll Learn

How honeypots can uncover real-world hacktivist tactics and behaviors
Why exposed HMIs remain one of the weakest entry points in OT environments
How Telegram has become a primary platform for hacktivist attack claims
The evolving motivations behind Russian-aligned hacktivist groups
Why visibility across all networked devices is critical to defense
How opportunistic attacks differ from targeted nation-state operations
Practical steps to avoid becoming “easy prey” for attackers

Episode Highlights

00:02:30 – How the Attack Was Discovered Spotting the honeypot activity through Telegram claims
00:04:00 – The Entry Point Explained Default credentials and exposed HMIs
00:06:45 – Hacktivist Motivation Shift From activism to geopolitics and profit
00:10:50 – Why OT Attacks Are Hard to Eradicate Hidden devices and lateral movement

00:14:20 – The Core Defensive Takeaway Don’t ignore opportunistic threats

Episode Resources

Forescout Research Reports
Telegram (hacktivist communications platform)
Canadian Government OT Security Alert

Shodan (internet-exposed asset scanning tool)

How Rubrik Zero Labs Uses LLMs to Analyze Malware at Machine Speed

Tue, 20 Jan 2026 09:59:00 -0000

AI is changing how malware is built—and how it’s caught. In this episode, Caleb Tolin is joined by Amit Malik, Staff Security Researcher at Rubrik Zero Labs, to unpack how large language models are transforming malware analysis, enabling defenders to sift through thousands of samples and surface truly novel threats. From Chameleon malware abusing WSL to AI-generated attack code, this conversation explores what real data resilience looks like in an AI-driven threat landscape.

What You’ll Learn

How LLMs help analysts move from syntax-level review to intent-based malware analysis

Why processing thousands of samples daily requires AI-assisted triage and clustering

How attackers are abusing WSL and cloud-native environments to evade detection

What AI-generated, dynamically delivered malware code means for traditional defenses

Where LLMs excel—and where human validation remains essential

Why resilience matters more than speed in AI-driven security operations

Episode Highlights

[00:00] AI-generated malware and shrinking attacker footprints

[03:30] Why Rubrik Zero Labs built an LLM-driven malware analysis system

[05:45] Scaling from 6,000 samples to 20 worth investigating
[07:40] Extracting malware “business logic” before sending code to LLMs

[10:05] Chameleon malware abusing Windows Subsystem for Linux

[13:00] APT-linked Linux RATs and what sophistication signals intent

[15:00] LLM hallucinations and the need for human verification

Episode Resources

Rubrik Zero Labs Research Reports

Ransomware, Remote Access, and the OT Reality Check

Tue, 06 Jan 2026 09:59:00 -0000

In this episode of Data Security Decoded, Cybersecurity veteran Dawn Cappelli joins host Caleb Tolin to unpack the rapidly evolving threat landscape facing operational technology environments. With decades of experience spanning CERT, Rockwell Automation, and now Dragos, Dawn breaks down how geopolitical conflicts, empowered hacktivists, and ransomware are reshaping OT risk. She shares the five critical ICS controls every organization should prioritize and discusses why community-driven defense models are now essential for resilience. A must-listen for leaders responsible for critical infrastructure, manufacturing, and industrial cybersecurity.

What you'll learn:

How global conflicts have dissolved previous norms that protected critical infrastructure from cyber retaliation.
Why hacktivist groups are becoming more dangerous — and how state actors quietly support them.
The five highest-impact ICS security controls and where most organizations fail.
Why OT environments remain decades behind IT security — and what leaders must immediately address.
How ransomware operators target manufacturing and critical infrastructure for maximum leverage.
The risks of insecure remote access and unmanaged third-party connections.
How OT-CERT and community defense can uplift organizations with limited resources.

Episode Highlights:

00:00 – Opening + Guest Introduction Caleb introduces Dawn and frames her decades of OT and insider threat leadership.

02:00 – Dawn’s Early Journey into OT and Security How nuclear engineering, the CDC bioterrorism portal, and 9/11 sparked her cybersecurity mission.

05:00 – Founding the CERT Insider Threat Center Inside the origin story and its impact on insider risk theory.

07:00 – Moving to Rockwell: The Hidden OT Backdoor Risk Why insider sabotage in OT environments was a turning point in her career.

08:00 – The Geopolitical Shift in OT Threats How Russia–Ukraine changed everything about attacking critical infrastructure.

10:00 – The Rise of State-Aligned Hacktivists Why groups like Cyber Avengers now have real disruption capability.

13:00 – The SANS Five ICS Controls Dawn breaks down the controls that prevent and detect most attacks.

17:00 – Ransomware Trends in OT Why manufacturing is a prime target and how attacks are evolving.

19:00 – The Promise and Peril of Agentic AI in OT Why autonomous agents could cause catastrophic outcomes.

21:00 – OT-CERT: Free Global Resources How Dragos is empowering organizations worldwide with practical support.

Episode Resources:

Information on OT-CERT: OT-CERT
Register for OT-CERT: Register for Dragos OT-CERT | Dragos
Information on Community Defense Program: Community Defense Program | Dragos
Register for Community Defense Program: Register for Dragos Community Defense Program | Dragos
SANS Five ICS Cybersecurity Critical Controls: The Five ICS Cybersecurity Critical Controls

The Hidden Risk in Your Stack

Tue, 16 Dec 2025 10:00:00 -0000

In this episode of Data Security Decoded, host Caleb Tolin sits down with Hayden Smith, CEO of Hunted Labs, as he breaks down how software supply chain attacks really work, why open source dependencies create unseen exposure, and what modern threat actors are doing to exploit trust at scale. Caleb and Hayden dive deep into real-world attacks, emerging TTPs, AI-powered threat hunting, and what organizations must do today to keep pace. Listeners walk away with a clear picture of the problem—and a practical blueprint for reducing supply chain risk.

What You’ll Learn

How modern attackers infiltrate open source ecosystems through fake accounts and counterfeit package contributions.
Why dependency chains dramatically amplify both exposure and attacker leverage.
How to use threat intelligence and threat hunting to proactively evaluate upstream packages before adoption.
Where AI-powered code analysis is changing the ability to discover hidden vulnerabilities and suspicious patterns.
Why dependency pinning, SBOM discipline, and continuous monitoring now define a strong supply chain posture.

Episode Highlights

00:00 — Welcome + Why Software Supply Chain Risk Matters

02:00 — Hayden’s Non-Cyber Passion + Framing Today’s Topic

03:00 — Why Open Source Powers Everything—and Why That Creates Exposure

06:00 — The Real Attack Vector: Contribution as Initial Access

08:00 — Inside the Indonesian “Fake Package” Campaign

10:30 — How to Evaluate Code + Contributor Identity Together

12:00 — Threat Hunting and AI-Enabled Code Interrogation

15:00 — The Challenge of Undisclosed Vulnerabilities in Widely Used Components

16:30 — How Recovery Works When Malware Is Already in Your Stack

19:00 — Continuous Monitoring as the Foundation of Modern Supply Chain Security

22:00 — Pinning, Maintainer Analysis, and Code Interrogation Best Practices

24:00 — Where to Learn More About Hunted Labs

Episode Resources
- Hunted Labs — https://huntedlabs.com
- Hunted Labs Entercept
- Hunted Labs “Hunting Ground” research blog
- Open Source Malware (Paul McCarty)

Top CISO Priorities and Global Digital Trust with Morgan Adamski

Tue, 02 Dec 2025 11:00:00 -0000

Welcome to Data Security Decoded. Join host Caleb Tolin in conversation with Morgan Adamski who leads Cyber, Data, and Tech Risk at PwC and is a former US national security leader who spent 16 years tracking nation-state threats inside the US government. Coming out of a career spent inside secure facilities without windows or phones and working to address China’s prepositioning in US critical infrastructure, Morgan shares a direct view of how geopolitics is now shaping cyber risk decisions in boardrooms.

What You'll Learn:

Why only 24% invest in proactive defense, even while 60% call cyber a top priority
How AI agents are cutting breach timelines to under 80 days
Why cyber insurance is now a hygiene scorecard, not just financial protection
The real reason leaders lack confidence in resilience
Where legacy systems and supply chain dependencies expose blind spots
How public–private collaboration changed the response to China’s infrastructure campaign
What CISOs must confront now to avoid being blindsided by the next crisis

The conversation gives security leaders and decision-makers a clear view of where current strategies fall short and the choices required to build real resilience before the next crisis forces it.

Episode Highlights:

[03:43] Why China prepositions inside US critical infrastructure to trigger disruption and panic in a crisis

[04:20] Collective defense in action: how victims and industry exposed the campaign

[09:27] The truth behind cyber budgets: only 24% invest in proactive defense

[11:57] How AI agents are shortening breach lifecycles to under 80 days

[13:07] Why cyber insurance is now a security scorecard, not a safety net

Episode Resources

Caleb Tolin on LinkedIn
Morgan Adamski on LinkedIn

PwC’s 2026 Global Digital Trust Insights report

Agentic AI and Identity Sprawl

Tue, 18 Nov 2025 13:00:00 -0000

In this episode of Data Security Decoded, join host Caleb Tolin as he welcomes back Joe Hladik, Head of Rubrik Zero Labs, to unpack the findings from their new report, Identity Crisis: Understanding & Building Resilience Against Identity-Driven Threats, Joe breaks down how the explosion of non-human identities, from API keys to AI agents, is rewriting the threat landscape and forcing security leaders to rethink the perimeter itself.

He explains why identity resilience is the new foundation of cyber defense, how to prioritize recovery when every system matters, and what steps teams can take now to stay ahead of emerging agentic AI-driven attacks.

What You'll Learn:

Why identity has replaced the network as the modern security perimeter
How non-human identities outnumber humans 82 to 1, and what that means for control and monitoring
Practical steps to build recovery plans around dependency mapping and minimal viable operations
Why ransom payments remain high and how better resilience planning can reverse that trend
How threat actors exploit backup systems to gain total business leverage
What agentic AI really means for cyber defense and how to prepare for its impact

The episode offers a clear framework for leaders to transform identity resilience from a reactive measure into a proactive pillar of enterprise security.

Episode Highlights:

[05:13] The 82:1 Ratio: Why Non-Human Identities Now Define Risk

[07:03] Prioritizing Recovery: Building for Minimal Viable Operations

[10:53] Declining Recovery Confidence and the Rise of Ransom Payments

[15:46] Backups Under Attack: How Threat Actors Seize Business Control

[16:32] Agentic AI and the Shifting Nature of Cyber Threats

[25:32] What Defenders Can Do Now to Build Identity Resilience

Episode Resources

Caleb Tolin on LinkedIn

Joe Hladik on LinkedIn

Rubrik Zero Labs report, Identity Crisis: Understanding & Building Resilience Against Identity-Driven Threats

Secure by Design, Secure by Default, Secure by Demand

Tue, 04 Nov 2025 11:00:00 -0000

Welcome to Data Security Decoded. Join host Caleb Tolin in conversation with Lauren Zabierek, Senior Vice President for the Future of Digital Security at the Institute for Security and Technology. A former CISA leader and long-time national security professional, Lauren unpacks the principles of Secure by Design, Secure by Default, and Secure by Demand and how these frameworks are reshaping the software supply chain.

What You'll Learn:

Why security must be a business decision led by executives rather than a technical afterthought
How Secure by Design principles inspired more than 300 companies to eliminate entire classes of vulnerabilities
The economic incentives that drive insecure software and what must change to realign the market
How customers can evaluate vendors and ask the right questions to ensure secure authentication and transparent practices
The role of Secure by Demand in helping buyers assess software safety before and after adoption
Why initiatives like #ShareTheMicInCyber are essential for expanding diversity and innovation across cybersecurity policy

The conversation offers a practical roadmap for executives, CISOs, and technology leaders to integrate secure development practices into business strategy, turning software security from a compliance checkbox into a competitive advantage.

Episode Highlights:

[08:46] Inside CISA’s Secure by Design Pledge

[09:41] The Three Pillars: Secure by Design, Default, and Demand

[11:59] Why Security Is an Economic Issue, Not Just Technical

[15:41] How Customers Can Drive Change Through Secure by Demand

[18:23] The Story and Impact of #ShareTheMicInCyber

Quotes:

"Security has to be a business decision led by business leaders in the company. It should not be an afterthought. It shouldn't just be left to the security team to sort of try to convince the rest of the company that they should do this. It's the company leadership that should say, this is a priority and therefore orient the different resources and priorities around that particular topic."

"Having more secure software is not a technical impossibility. The companies right now are acting rationally in a misaligned market. Secure by Design, at its core, is about shifting those incentives in order to drive a change in behavior."

"Software is what economists would refer to as a credence good. It's very hard to assess the quality of a product or a service both before you consume it and after you consume it. We don't have the criteria or benchmarks to fully assess that, and that’s a problem."
"We looked at really how to provide guidance, and then we also created the Secure by Design pledge. And at the time when we launched it in 2024 at RSA, we had 68 software companies sign on… And then by the time we left, we had over 300 companies sign on. Now this pledge, you know, it addressed certain things like eliminating entire classes of vulnerability. It talked about enabling multifactor authentication by default across product lines. It talked about a vulnerability disclosure policy. Those are just a few things, but you can see that they're very concrete, measurable actions that lead to better outcomes."

Episode Resources
Caleb Tolin on LinkedIn
Lauren Zabierek on LinkedIn
Institute for Security and Technology (IST)
Secure by Demand Guide from CISA

Three Threats Reshaping Financial Services: Identity, Supply Chain, and AI

Tue, 14 Oct 2025 10:00:00 -0000

Cyber resilience in financial services is often treated as a checklist of tools and controls, rather than what it truly is: a system of people, intelligence, and collaboration working together.

In this episode of ⁠Data Security Decoded⁠, join ⁠Caleb Tolin⁠ as he sits down with ⁠Troy Wells⁠, Intelligence Officer at FS-ISAC and former U.S. Army intelligence officer, to explore how principles like teamwork, trust, and preparation, forged in national security, translate directly into protecting the global financial system. From using fire-safety lessons to explain prevention, detection, and response, to breaking down the difference between AI models and AI agents, Troy shares practical guidance for banks and financial institutions building resilience in the face of evolving threats.

What You’ll Learn:

Why prevention, detection, and response are strongest when treated as a cycle, not silos
How AI models act as “calculators” while AI agents act as “interns,” and what oversight each requires
The guardrails that financial institutions should set before deploying AI tools at scale
How cloud misconfigurations in even major enterprises reveal the need for security-first design
The three threat trends that will shape financial services in the next 12–24 months: identity attacks, supply chain compromises, and AI-enabled adversaries

Episode Highlights:

[00:22] Troy’s path from Army intelligence officer to FS-ISAC[03:20] Fire-safety lessons: framing prevention, detection, and response in cybersecurity[08:15] The difference between AI models and AI agents, and how to guide each[12:22] Four principles for adopting AI securely in financial institutions[17:00] Cloud misconfigurations and why resilience must be built into architecture[21:39] The top three threats to watch in the next 12–24 months: identity, supply chain, and AI-driven attacks[27:35] Why speed and sophistication make resilience and collaboration essential

Episode Resources:

Caleb Tolin on LinkedIn
Troy Wells on LinkedIn

Scattered Spider: the Evolution of Identity-Based Ransomware

Tue, 23 Sep 2025 10:00:00 -0000

Identity-based ransomware is no longer a fringe tactic; it’s becoming the playbook of today’s most dangerous adversaries. Scattered Spider, a financially motivated e-crime group, has shifted the model from smash-and-grab encryption to a far more devastating combination of double extortion, social engineering, and hypervisor encryption attacks.

In this episode of Data Security Decoded, host Caleb Tolin welcomes back Joe Hladik, Head of Rubrik Zero Labs, to unpack how Scattered Spider is evolving the ransomware playbook. From double extortion and identity compromise to hypervisor encryption and legacy system exploitation, Joe explains why these tactics succeed where traditional defenses fail and why building cyber resilience, not just detection and response, is the critical next step for security leaders.

What You’ll Learn:

How Scattered Spider leverages ransomware-as-a-service and double extortion to maximize payouts
Why identity compromise and social engineering make traditional defenses ineffective
How “living off the land” techniques and vulnerable drivers bypass signature-based tools
Why legacy infrastructure and outdated backup systems are prime targets for exploitation
What cyber resilience really means and how to build recovery into your security posture

Episode Highlights:

[00:30] Joe on Scattered Spider’s financial motivations and shift to double extortion

[06:53] Why identity compromise and social engineering bypass traditional defenses

[08:49] Disabling EDR with “living off the land” techniques and vulnerable drivers

[13:06] Hypervisor encryption: how attackers can take entire backup systems offline

[16:21] Cyber resilience as the future: assuming breach and restoring trusted systems

Episode Resources:

Caleb Tolin on LinkedIn
Joe Hladik on LinkedIn

Five-Year Plans, Forever Wars: China's Blueprint for Cyber Dominance

Tue, 26 Aug 2025 10:00:00 -0000

Chinese state-backed cyber operations are often misunderstood as a single, centrally controlled machine. In reality, they are fragmented, diverse, and strategically aligned with China’s national objectives, from economic development to critical infrastructure positioning.

In this episode of ⁠Data Security Decoded⁠, join ⁠Caleb Tolin⁠ as he sits down with ⁠Mei Danowski⁠, Co-Founder of Natto Thoughts and expert in geopolitical intelligence, to explore how China’s cyber ecosystem operates and how it is shaped by cultural, political, and economic structures.

What You’ll Learn:

Why Chinese cyber operations are fragmented and decentralized, and why that matters for defenders
How private companies in China are tied to the Communist Party and mobilized for cyber objectives
The strategic difference between China, Russia, North Korea, and Iran in their cyber operations
How China’s targeting priorities have shifted toward telecom, energy, water, and transport infrastructure
Three intelligence-driven approaches defenders can use to counter Chinese operations
What the 14th Five-Year Plan achieved in cyberspace, and what to expect in the 15th

Highlights:

[01:50] The fragmented reality of Chinese state-backed cyber operations

[05:28] How cultural and political structures shape threat actor behavior

[08:47] Comparing China’s cyber strategy to Russia, North Korea, and Iran

[12:45] Why telecom, energy, and water systems are top targets

[21:24] China’s 14th Five-Year Plan successes and projections for the 15th

Episode Resources:

Caleb Tolin on LinkedIn
Mei Danowski on LinkedIn
Natto Thoughts website

Breaking the Intelligence-Defense Divide with Scott Scher

Wed, 13 Aug 2025 10:00:00 -0000

Cyber threat intelligence is often misunderstood, seen as a niche reporting function instead of the connective tissue that links defenders, leaders, and strategy. In this episode of ⁠Data Security Decoded⁠, join ⁠Caleb Tolin⁠ as he sits down with ⁠Scott Scher⁠, a cyber threat intelligence (CTI) expert with an unconventional backstory, to explore how his off‑grid years shaped his view on resilience, why CTI should be seen as “counter‑threat intelligence,” and how intelligence defenders, and policy teams can work as one to turn raw data into actionable security decisions.

What You’ll Learn:

The mindset shift from cyber threat intelligence to cyber counter-threat intelligence
Why threat intel must not just inform, but recommend actions for defenders
How intelligence insights serve as “cover” for defenders, offering justification and prioritization for security decisions
Why we should think of intelligence, defenders, and policy teams as part of a formula, not opposing forces
How Scott’s off-grid lifestyle shaped his view on resilience, preparedness, and technology dependency

Episode Highlights:

[00:01] Scott’s unconventional path from off‑grid homesteading to cybersecurity

[03:47] Breaking the “versus” mindset: How intelligence, defenders, and policy work as a formula

[08:19] What CTI and defenders really need to understand about each other

[12:45] CTI as “cover”: Giving defenders justification and prioritization for key decisions

[17:45] How CTI helps organizations protect their most sensitive data

Episode Resources:

Caleb Tolin on LinkedIn
Scott Scher on LinkedIn

The Geopolitical Security Playbook: When Nations Clash in Cyberspace

Thu, 31 Jul 2025 10:00:00 -0000

In this episode of ⁠Data Security Decoded⁠, host ⁠Caleb Tolin⁠ sits down with ⁠Dustin Droullard⁠, a cyber threat intelligence expert and former Army intelligence analyst, to discuss how global conflict is increasingly playing out in cyberspace, from digital espionage to civilian-targeted cyber operations. This episode highlights why organizations must rethink their cyber risk strategies in light of modern geopolitical threats and growing digital exposure.

What You’ll Learn:

How influence operations are used to confuse, divide, and destabilize
Understanding your organization’s role in geopolitical conflicts
What basic cybersecurity practice still gets overlooked
Where small businesses can find free resources to improve security posture and resilience
How anthropology, business, and literature studies can power cyber careers
The gap in current cyber education and how to fix it with critical thinking and specialization

Episode Highlights:

[00:00:33] From Army Intelligence to Cyber Operations
[00:02:45] Espionage vs. Effects: Cyber Tactics in Geopolitical Conflict
[00:06:38] Influence Operations and Psychological Warfare
[00:10:39] Why Every Business is a Target, Whether They Know It or Not
[00:13:21] Cybersecurity on a Budget: Resources for Underserved Organizations
[00:15:57] Anthropology in Cyber: Understanding the Human Behind the Hack
[00:20:33] Non-Tech Majors That Thrive in Cybersecurity
[00:23:03] What Cyber Schools Are Missing: Business, Collaboration & Critical Thinking

Episode Resources:

Caleb Tolin on LinkedIn
Dustin Droullard on LinkedIn
CISA – Cybersecurity and Infrastructure Security Agency

HIPAA 2.0, Minimum Viable Hospitals, and Strategies for Cyber Resilience within Healthcare

Tue, 15 Jul 2025 10:00:00 -0000

Welcome to the ⁠Data Security Decoded⁠ podcast, brought to you by ⁠Rubrik Zero Labs⁠. In each episode, we discuss cybersecurity with thought leaders and industry experts, getting their take on trends, themes, and how they see data security evolving. This is a must-listen for security and IT leaders looking to better understand trends shaping data security and how they can achieve cyber resilience.

In this episode, our host, ⁠Caleb Tolin⁠, is joined by ⁠Errol Weiss⁠, Chief Security Officer at ⁠Health-ISAC⁠ and former cybersecurity leader at ⁠Citi⁠ and ⁠Bank of America⁠. Errol shares his journey from the NSA to building one of the most collaborative threat intelligence networks in healthcare, discussing cyber recovery, the minimum viable hospital model, and why culture and community matter in achieving true resilience.

Errol Weiss has been a driving force in advancing cybersecurity resilience across critical sectors, beginning with his early work at the National Security Agency and later leading security programs at Citi and Bank of America. As Chief Security Officer at Health-ISAC, he built a threat operations center from the ground up, delivering original threat intelligence to healthcare organizations that often lack the resources to do it alone. With deep experience across consulting, finance, and healthcare, Errol has become a leading voice in shifting the conversation from protection to recovery, promoting a resilience-first mindset, collaborative intelligence sharing, and a human-centric security culture.

Join Caleb and Errol as they explore what makes healthcare cybersecurity unique, how to embed security into clinical culture, and why building a “human firewall” is just as critical as any technical control in today’s evolving threat landscape.

Episode Highlights:

00:00 - Intro
01:33 - Moving from consulting and finance to healthcare cybersecurity
02:12 - What ISACs are and how Health-ISAC supports threat sharing
04:39 - Building a threat operations center from scratch
06:38 - Collaboration differences between finance and healthcare ISACs
07:24 - Shifting from disaster recovery to cyber recovery and resilience
09:12 - Why HIPAA 2.0 is unlikely to advance and what’s happening instead
11:58 - How policy mandates collide with healthcare’s talent and budget challenges
13:01 - Biking, mental clarity, and leadership outside of work
14:26 - Embedding security into healthcare culture and creating a human firewall
16:43 - The rise of the minimum viable hospital concept
18:20 - Why Errol remains optimistic about AI and the future of cybersecurity

Episode Resources:

Health-ISAC Official Site
National Council of ISACs website
Rubrik Zero Labs website
Caleb Tolin on LinkedIn
Errol Weiss on LinkedIn

Securing the Software Supply Chain

Tue, 24 Jun 2025 20:30:00 -0000

Navigating Modern Cybersecurity: From Supply Chain Risks to AI Evolution. In this episode of ⁠Data Security Decoded⁠, ⁠Allison Wikoff⁠, a 20-year veteran in information security and threat intelligence, explores current cybersecurity challenges, emerging threats, and practical defensive strategies for organizations of all sizes.

What You'll Learn:

How to prioritize vulnerability management by focusing on critical edge devices and access points
Why understanding your network architecture is crucial for effective threat defense
The reality of AI in cyber attacks: current uses, limitations, and practical defense strategies
How to build supply chain resilience through vendor assessment and backup supplier planning
Why older vulnerabilities remain a primary attack vector and how to address them effectively
The framework for developing an actionable threat profile tailored to your organization's needs

Key Insights:

Threat actors increasingly target known vulnerabilities over sophisticated zero-day exploits
Supply chain security requires understanding vendor access levels and maintaining secondary suppliers
AI adoption in cyber attacks remains focused on basic tasks like improving phishing emails and code generation
Organizations should prioritize patching vulnerabilities in edge devices like VPNs and WAFs
Building an effective security strategy starts with understanding your organization's specific threat profile
Partnering with vendors and suppliers can help smaller organizations enhance their security capabilities

Highlights:

[00:00:00] Vulnerability Exploitation Trends

Allison Wikoff reveals that vulnerability exploitation has become a dominant attack vector across both criminal and state-sponsored threat actors. The shift marks a departure from traditional assumptions that mainly espionage-focused groups leveraged vulnerabilities.

[04:30] Supply Chain Security Essentials

Wikoff emphasizes that modern supply chain security requires looking beyond just your own organization's defenses. Organizations must thoroughly understand their vendors' access levels and potential impact on operations.

[07:23] AI in Cybersecurity: Reality vs Hype

Tolin shares that while AI adoption by threat actors is increasing, it hasn't revolutionized attack tactics as many feared. Current AI usage focuses mainly on improving phishing email quality and assisting with malware code generation.

[14:08] Threat Profile Development

Tolin advocates for organizations to start by understanding what assets would interest attackers rather than chasing every new threat. The rapidly changing threat landscape makes it impossible to defend against everything, requiring a focused approach based on your specific risk profile.

Episode Resources:

Caleb Tolin on LinkedIn
Allison Wikoff on LinkedIn
PwC website
PwC - Year in Retrospect Report 2024
Rubrik Zero Labs website

AI-Driven Cyber Defense in Action: How AI Agents Are Saving SOC Analysts From Burnout

Wed, 04 Jun 2025 10:00:00 -0000

AI-powered SOC platforms are revolutionizing cybersecurity by dramatically reducing false positives and enabling analysts to focus on high-value security work. In this episode of ⁠Data Security Decoded⁠, join ⁠Caleb Tolin⁠ as he sits down with ⁠Grant Oviatt⁠, Head of Security Operations at Prophet Security, to explore how AI agents are transforming security operations centers (SOCs) and reshaping the future of cyber defense.

What You'll Learn:

How AI agents achieve a 95% reduction in false positive alerts while maintaining high investigation accuracy
Why AI won't replace SOC analysts but will elevate their roles by eliminating tedious tasks
The framework for building trust in AI security tools through evidence-backed investigations and transparent decision-making
How AI is lowering barriers to entry for cybersecurity careers by focusing on analytical thinking over technical expertise
The critical balance between AI automation and human context in security operations.
How to evaluate and implement AI security solutions, including key criteria for testing accuracy and effectiveness

Highlights:

[02:57] Dramatic Reduction in False Positives Through AI-Driven Investigation

[07:21] AI Augmentation vs. Replacement: Elevating Security Roles

[09:34] Lowering Barriers to Entry in Cybersecurity

[17:41] Building Trust Through Transparent AI Operations

[21:58] Strategic Implementation of AI Security Solutions

Episode Resources:

Caleb Tolin on LinkedIn
Grant Oviatt on LinkedIn
Prophet Security website
Rubrik Zero Labs website

Making Generative AI Transparent

Tue, 20 May 2025 11:27:00 -0000

In this episode of ⁠Data Security Decoded⁠, host ⁠Caleb Tolin⁠ sits down with ⁠Gabrielle Hibbert⁠, a social policy expert and researcher, about her innovative work developing a nutrition labeling system for generative AI tools. This framework aims to bridge the gap between complex AI technology and consumer understanding, while addressing critical transparency and data privacy concerns.

What You'll Learn:

How nutrition labels for AI tools can make complex technology accessible to non-technical users
Why current privacy policies fail to protect consumers, with 93% of users unable to understand them
The three-pillar approach to AI transparency: general usage information, safety measures, and potential risks
How companies can balance corporate sensitivity with consumer transparency in AI tool deployment
Why Generation Z and Millennial users feel increasingly burdened by technology, and how transparency can help
The regulatory framework needed to standardize AI tool labeling across industries
How iterative processes and APIs can keep AI nutrition labels current with rapid technological changes
The importance of multi-stakeholder collaboration in developing effective AI transparency standards

Episode Highlights:

[00:00:55] Creating Consumer-Friendly AI Transparency Labels
[04:58] Building Universal Understanding Across Technical Levels
[22:13] Regulatory Framework Integration
[27:21] Dynamic Updates Through API Integration

Episode Resources:

Caleb Tolin on LinkedIn
Gabrielle Hibbert on LinkedIn
FCC Broadband Labeling System
New America – Translating the Artificial Report Page
FDA Nutrition Label Design Standards

The State of Data Security: A Distributed Crisis

Tue, 22 Apr 2025 12:00:00 -0000

Welcome to the ⁠Data Security Decoded⁠ podcast by Rubrik Zero Labs. In this episode, our host ⁠Caleb Tolin⁠ speaks with ⁠Joe Hladik⁠, a veteran security expert with two decades of experience, to explore the evolving landscape of cybersecurity, incident response, and the critical challenges of data security in today's distributed environments.

What You'll Learn:

How the cybersecurity landscape has evolved from traditional nation-state threats to modern ransomware operations
Why data sprawl creates complex security challenges as sensitive information moves across platforms and users
The real-world challenges organizations face when managing vulnerability patches and business continuity
How identity management has become more complex than just "the new perimeter" in cloud environments
Why data security posture management is crucial for protecting sensitive information across distributed systems
The ways modern threat actors combine financial and political motivations in sophisticated attack campaigns

The conversation draws from "The State of Data Security: A Distributed Crisis," a new report from Rubrik Zero Labs, and provides practical insights into how organizations can better manage their data security posture while addressing emerging threats in an increasingly complex digital landscape.

Episode Highlights:

[20:05] Understanding Data Sprawl and Security Posture Management

[27:05] Identity Management as a Dynamic Security Challenge

[08:40] The Evolution of Cyber Threats and Motivations

[32:28] The Future of Security Research and Response

Episode Resources:

Caleb Tolin on LinkedIn
Joe Hladik on LinkedIn
The State of Data Security: A Distributed Crisis, Rubrik Zero Labs Report

Data Weaponization: How Cyber Attacks Impact the Vulnerable

Tue, 08 Apr 2025 15:42:00 -0000

Welcome to the ⁠Data Security Decoded⁠ podcast by Rubrik Zero Labs. In this episode, our host ⁠Caleb Tolin⁠ speaks with ⁠Pavlina Pavlova⁠, a researcher and cybersecurity advocate focusing on data weaponization and its disproportionate impact on vulnerable populations.

Pavlina defines data weaponization as using data to manipulate, deceive, coerce, or attack someone to inflict harm. Her research investigates why cyber attacks and their impacts often have gendered dimensions, with certain populations experiencing more severe consequences.

The conversation explores how attacks on critical infrastructure, particularly healthcare, create immediate impacts. While cyber attacks aren't becoming more sophisticated, they're growing more vicious. Ransomware attacks against healthcare facilities disproportionately affect women, who often serve as caregivers and rely more heavily on healthcare services.

Pavlina examines the geopolitical dimensions of cybercrime, noting how certain nations harbor cybercriminals aligned with their foreign policy goals. These sanctuary jurisdictions make accountability difficult and contribute to attacks aimed at disrupting societal resilience.

Join Caleb and Pavlina as they discuss policy frameworks addressing gender dimensions of data weaponization, explore international cooperation efforts, and share practical advice for under-resourced organizations to improve their cyber resilience despite limited funding. They also examine the critical role of responsible data collection and the importance of donors specifically allocating cybersecurity funding when supporting vulnerable organizations.

Episode Highlights:

[01:02] Defining Data Weaponization
[04:11] Critical Infrastructure Targeting
[09:29] Geopolitical Dimensions of Cybercrime
[13:24] Policy Frameworks and International Cooperation
[19:31] Resources for Under-resourced Organizations

Episode Resources:

Caleb Tolin on LinkedIn
Pavlina Pavlova on LinkedIn
New America report by Pavlina Pavlova
Cyber Peace Institute
United Nations Cybercrime Convention

Civilian Cyber Corps: Protecting Underfunded Organizations

Thu, 27 Mar 2025 10:00:00 -0000

Welcome to the ⁠Data Security Decoded⁠ podcast by Rubrik Zero Labs. In this episode, our host, ⁠Caleb Tolin⁠, is joined by ⁠Michael Razeeq⁠, a cybersecurity policy researcher specializing in advocating for Civilian Cyber Corps (C3s). Michael shares insights into how these volunteer forces, C3s, are transforming community cyber defense, addressing workforce shortages, and providing both preventive and reactive cybersecurity services to underfunded organizations.

Michael's research provides a unique perspective on the emergence of the Civilian Cyber Corps across various models, from university cyber clinics to state-level programs. These task forces address gaps in cybersecurity defense where resource constraints leave organizations vulnerable. As a ⁠2024 #ShareTheMicInCyber Fellow at New America⁠ and 2025 Fellow at UC Berkeley ⁠CLTC⁠, he advocates for a "whole society" approach to cybersecurity, highlighting successful implementations in states like Ohio and drawing inspiration from Estonia's cyber defense unit.

Join Caleb and Michael as they explore the operational frameworks of C3s, discuss the challenges of recruiting and vetting volunteers, examine legal considerations for establishing programs, and share insights on measuring both quantitative and qualitative impacts of these initiatives. They also look at the future of C3s through increased collaboration and partnerships like the Cyber Resilience Core.

Episode Highlights:

[01:30] The Rise of Civilian Cyber Corps (C3s)
[13:11] Pathways to Establishing C3 Programs
[19:47] Left of Boom vs Right of Boom Services
[26:49] Addressing C3 Implementation Challenges

Episode Resources:

Caleb Tolin on LinkedIn
Michael Razeeq on LinkedIn
“Civilian Cyber Corps: A Model Law for States” by Michael Razeeq for New America
New America’s #ShareTheMicInCyber Fellowship Program
UC Berkeley Center for Long-Term Cybersecurity Program
CISA Cybersecurity Resources for High-Risk Communities

How to Effectively Train Your Employees on Cybersecurity

Tue, 18 Mar 2025 11:18:00 -0000

Welcome to the Data Security Decoded podcast. In this episode, our host, ⁠Richard Cassidy⁠, is joined by ⁠Carolin Desirée Toepfer⁠, founder of ⁠Cyttraction⁠ and CISO as a Service for multiple organizations across Europe and North America. Carolin shares her journey from building websites and online communities to becoming a cybersecurity leader, offering insights into the unique challenges of European cybersecurity, AI security frameworks, and transforming cybersecurity training into data integrity training that better aligns with business needs.

Carolin's unique position as a CISO for multiple organizations gives her exceptional perspective on cybersecurity challenges across different industries and company sizes. Her approach focuses on addressing gaps in the European cybersecurity landscape where, according to Cisco studies, only 2% of companies are well-prepared. As founder of Cyttraction, an edtech company focused on cybersecurity training, she advocates for reframing security training to emphasize data integrity and digital identity protection, making it more relevant to business stakeholders.

Join Richard and Carolin as they explore the evolution of the CISO role in Europe, discuss the global skills shortage in cybersecurity, examine cultural differences in security awareness between North America and Europe, and share insights on effective training strategies that accommodate modern attention spans and learning preferences.

Episode Highlights:

00:02 - Introduction and CISO as a Service Role
01:57 - European Cybersecurity Landscape and Challenges
03:26 - Path to Becoming a CISO
06:17 - Regional Differences in Cybersecurity Approaches
09:53 - AI Governance and Business Impact
14:39 - Reframing Security Training for Business Alignment
19:20 - Measuring Training Effectiveness
24:01 - Future Outlook for Cybersecurity

Episode Resources:

Richard Cassidy on LinkedIn
Carolin Desirée Toepfer on LinkedIn
Cyttraction Learning Platform
The State of Data Security: The New Rules Breaking the Banks report from Rubrik Zero Labs

Regulatory Readiness and Resilience with Kris Lovejoy, Global Security and Resilience Practice Leader at Kyndryl

Tue, 21 Jan 2025 10:00:00 -0000

Welcome to the ⁠Data Security Decoded⁠ podcast, brought to you by ⁠Rubrik Zero Labs⁠. In each episode, we discuss cybersecurity with thought leaders and industry experts and get their take on trends, themes, and how they see data security evolving. This is a must-listen for security and IT leaders looking to better understand trends shaping data security and how they can achieve cyber resilience.

In this episode, our host, ⁠Ghazal Asif⁠, Global VP of Channels, Alliances, and Inside Sales at Rubrik, is joined by ⁠Kris Lovejoy⁠, Global Security and Resilience Practice Leader at ⁠Kyndryl⁠. With over two decades of leadership experience, Kris has built a career focused on advancing technology ecosystems that drive human progress. At Kyndryl, she leads initiatives to design, manage, and safeguard the world's most reliable technology infrastructure.

Previously, Kris served as EY’s Global Cybersecurity Leader, where she worked with diverse teams across 150+ countries to solve complex cybersecurity challenges. She has also held leadership roles at IBM, including VP of IT Risk and Chief Information Security Officer (CISO), and served as CEO of BluVector, a Comcast company. Kris also sits on the board of Dominion Energy, where she supports efforts to achieve Net Zero emissions by 2050.

Join Ghazal and Kris as they explore actionable strategies for integrating cyber resilience into business operations, the importance of regulatory readiness for global organizations navigating new compliance frameworks, and how diverse teams drive innovative problem-solving in cybersecurity.

Episode Highlights:

00:00 - Intro
03:45 - Evolving Perspectives on Compliance and Regulation
07:25 - Why Diversity in IT and Security Teams Drives Better Solutions
09:59 - Cybersecurity vs. Cyber Resilience
14:25 - Practical Strategies for Building Cyber Resilience
17:40 - Communicating Security Strategies to Non-Technical Leaders
20:25 - The Paradox of Per Capita Spend
26:09 - Regulatory Readiness in a Complex Global Landscape
28:09 - Preparing for Cyber Threats: The Critical Role of Basic Hygiene
30:18 - Looking Forward: Optimism for the Future of Cybersecurity

Episode Resources

Rubrik Zero Labs The State of Data Security: Measuring Your Data's Risk report
Ghazal Asif on LinkedIn
Kris Lovejoy on LinkedIn

Bridging Cyber Policy Gaps for Rural and Underserved Communities with Nicole Tisdale

Tue, 07 Jan 2025 10:00:00 -0000

Welcome to the ⁠Data Security Decoded⁠ podcast, brought to you by Rubrik Zero Labs⁠. In each episode, we discuss cybersecurity with thought leaders and industry experts, getting their take on trends, themes, and how they see data security evolving. This is a must-listen for security and IT leaders looking to better understand trends shaping data security and how they can achieve cyber resilience.

In this episode, our host, ⁠Travis Rosiek⁠, Public Sector CTO at Rubrik, is joined by ⁠Nicole Tisdale⁠, Founder of Advocacy Blueprints, former Director of Legislative Affairs for the National Security Council, and author of ⁠Right to Petition⁠. Nicole shares her journey from rural Mississippi to national security leadership, offering insights into cybersecurity equity, workforce development, and public policy's critical role in addressing underserved communities' unique challenges.

Nicole’s leadership has been instrumental in shaping transformative policies, including spearheading The White House’s advocacy that secured a $1 billion cybersecurity grant program and the nation’s first cyber incident reporting law. Representing the United States in global policy dialogues across 30 nations, she has been a prominent voice in advancing security and equity on the international stage. Now as the Founder of Advocacy Blueprints, Nicole continues to champion cybersecurity and civic engagement, equipping organizations and individuals with the tools to influence policy effectively. She is also the author of Right to Petition, a practical guide for empowering citizens in advocacy.

Join Travis and Nicole as they delve into the challenges of bridging policy gaps for underserved communities and her vision for equitable cybersecurity policies that prepare, respond, and recover in today’s digital landscape.

Episode Highlights:

00:00 - Intro
02:57 - Advocacy for Underserved Communities
06:21 - Addressing Cybersecurity Gaps in Rural and Low-Income Communities
07:17 - Defensive vs. Offensive Cybersecurity Policy
12:10 - The Role of Proactive Policy in Cyber Resilience
18:35 - The Importance of Cybersecurity Workforce Development
21:41 - Regional Nodes for Workforce Growth and Local Cybersecurity Defense
25:48 - Connecting Workforce Development to Community Economic Stability
30:05 - The Ripple Effects of Cyberattacks on Healthcare Systems
34:57 - Cybersecurity as Critical Infrastructure Protection: The Rural Perspective
38:39 - Advocacy Blueprints: Empowering Communities to Influence Policy
45:15 - Effective Advocacy: Known Information and Resource Alignment in Cyber Policy
48:03 - Advice for Government Leaders During Leadership Transitions
55:59 - Optimism About Cybersecurity’s Future

Episode Resources:

Rubrik Zero Labs The State of Data Security: Measuring Your Data's Risk report
Travis Rosiek on LinkedIn
Nicole Tisdale on LinkedIn
Right to Petition by Nicole Tisdale

Bridging the Gap Between IT and Security with Marcela Escobar-Alava and Joe Stenaka, CIO and CISO of the U.S. Social Security Administration

Wed, 18 Dec 2024 10:00:00 -0000

Welcome to the ⁠Data Security Decoded⁠ podcast, brought to you by ⁠Rubrik Zero Labs⁠. In each episode, we discuss cybersecurity with thought leaders and industry experts, and get their take on trends, themes, and how they see data security evolving. This is a must-listen for security and IT leaders looking to better understand trends shaping data security and how they can achieve cyber resilience.

In this episode, our host, ⁠Mike Tornincasa⁠, Chief Business Officer at Rubrik, is joined by ⁠Marcela Escobar-Alava⁠, CIO of the Social Security Administration⁠, and ⁠Joe Stenaka⁠, SSA’s CISO for an insightful conversation on IT and cybersecurity collaboration. Marcela Escobar-Alava is a seasoned technology executive with deep expertise in building high-performing teams and aligning technology solutions with business objectives. Known for her ability to innovate under tight deadlines, Marcela brings years of experience in managing global application development, transforming organizational operations, and driving impactful business outcomes. Her strategic leadership and problem-solving approach have made her a trusted leader in rapidly evolving environments.

Joe Stenaka, the Associate Commissioner and CISO at SSA, has spent decades protecting critical information systems across government agencies, including the Department of Veterans Affairs and the National Security Agency. With a pragmatic leadership style, Joe emphasizes collaboration and enabling secure IT solutions while minimizing risks. As an educator and industry thought leader, he is committed to fostering the next generation of cybersecurity professionals.

Together, Marcela and Joe share how their unique partnership ensures operational efficiency and robust security for one of the largest independent government agencies, serving over 64 million Americans.

Episode Highlights:

00:00 - Intro
00:58 - Marcela’s role as CIO: Bridging strategic and operational objectives
02:59 - Joe’s leadership in advancing SSA’s cybersecurity framework
05:12 - Establishing lockstep collaboration between IT and security
10:30 - Balancing the speed of IT innovation with robust security measures
18:14 - Lessons from Marcela’s past: Ransomware scars and fostering vigilance
24:15 - The rise of AI: Ethical considerations, security risks, and opportunities
29:27 - Reflections on leadership: From cryptology to servant leadership
32:12 - The future of cybersecurity: Opportunities and challenges

Episode Resources:

Rubrik Zero Labs The State of Data Security: Measuring Your Data's Risk report
Marcela Escobar-Alava on LinkedIn
Joe Stenaka on LinkedIn
Mike Tornincasa on LinkedIn

Navigating Cybersecurity Through Leadership Transitions with Maria Roat, Former US Deputy Federal CIO

Tue, 03 Dec 2024 10:00:00 -0000

In this episode, our host, ⁠Travis Rosiek⁠, Public Sector CTO at Rubrik, is joined by Maria Roat⁠, former Deputy Federal CIO of the United States, and a seasoned Information Technology and Cybersecurity Executive with over three decades of experience. Maria has led transformative initiatives across federal agencies, including launching the FedRAMP program, which standardized cloud security protocols across government, and helping government agencies remain resilient through administration changes.

Maria’s leadership during the COVID-19 pandemic was instrumental in enabling a large-scale remote workforce and deploying resilient platforms that supported the rapid distribution of $300 billion in relief funds. Her efforts modernized outdated systems, reduced technical debt, and streamlined operations across the Small Business Administration, transforming it into an agile organization prepared to address emerging challenges.

Join Travis and Maria as they explore her extraordinary journey in cybersecurity and technology leadership, the evolution of FedRAMP, and her insights on aligning innovation with mission-driven goals.

Episode Highlights:

00:00 - Intro
04:00 - Navigating Large-Scale Federal Technology Transformation
05:30 - Insights on Leadership in Technology from the Navy to Federal CIO
10:00 - Leadership Challenges as a Woman in Tech
18:16 - The Evolution of FedRAMP and Cloud Security Standards
34:05 - Addressing Cyber Threats in Transition Periods
37:19 - Building a Culture of Zero Trust and Cyber Resilience
42:00 - Cybersecurity Lessons for Healthcare Organizations

Episode Resources:

Rubrik Zero Labs The State of Data Security: Measuring Your Data's Risk report
Travis Rosiek on LinkedIn
Maria Roat on LinkedIn

Embracing Conscious Leadership and AI Integration with Aysha Khan, CIO and CISO at Treasure Data

Tue, 26 Nov 2024 10:00:00 -0000

In this episode, our host, ⁠John Murphy⁠, Global Field Chief Security Officer at Rubrik, is joined by ⁠Aysha Khan⁠, CIO and CISO at ⁠Treasure Data⁠, a customer data platform (CDP) that combines batch and real-time data to personalize journeys with Al. She has over 20 years of experience managing Information Technology and Security at Fortune 500 companies. She is passionate about aligning strategy with agile execution to drive business results and customer satisfaction. She has successfully built and led technology, security, compliance, risk, and operations functions from scratch, as well as transformed disjointed organizations into cohesive and collaborative teams.

Aysha is also an advisor with Silicon Valley CISOs Investments, a Clear Ventures CXO council member, an investor in many early-stage startups, a DEIB (diversity, equity, inclusion, and belonging) executive, a speaker, and a life coach who strongly believes in connecting people, purpose, and performance to bring the best out of others and achieve sustained and predictable results.

Join John and Aysha as they discuss the dual challenges of enabling innovation while maintaining security and navigating the rapidly evolving landscape of AI.

Episode Highlights:

00:00 - Intro
00:20 - Integrating Conscious Leadership into Cybersecurity Strategy
05:19 - Navigating AI Integration and Innovation
08:05 - Understanding Organizational Context and Building Relationships
21:25 - Balancing Business Risks and IT Security Alignment
29:54 - Developing Security Practices in SaaS Organizations
32:19 - Building Teams and Fostering Growth Mindsets
35:58 - Empowering Business Leaders to Be the Example
38:17 - Optimistic Outlook on the Future of AI and Cybersecurity

Episode Resources:

Rubrik Zero Labs The State of Data Security: Measuring Your Data's Risk report
Aysha Khan on LinkedIn
John Murphy on LinkedIn

Cultivating a Year-Round Cybersecurity Culture: Data Security Decoded Greatest Hits

Thu, 07 Nov 2024 10:00:00 -0000

Welcome to the ⁠Data Security Decoded⁠ podcast, brought to you by ⁠Rubrik Zero Labs⁠. In each installment, we discuss cybersecurity with thought leaders and industry experts to get their take on trends, themes, and how they see data security evolving. This is a must-listen for security and IT leaders looking to better understand trends shaping data security and how they can achieve cyber resilience.

In this special episode, we wrap up Cybersecurity Awareness Month and look back on some of the most illuminating conversations from previous episodes. Tune in to hear ⁠Candy Alexander⁠, CISO & Security Practice Lead at ⁠NeuEon⁠, on navigating the complexities of data governance, and ⁠Sue Bergamo⁠, CISO and CIO at ⁠BTE Partners⁠, delve into the world of senior leadership in global cybersecurity. ⁠Renata Spinks⁠, Former SES - Deputy CIO IC4, US Marine Corps, and current CEO at CyberSec International explores the major changes in cyber threats over the last 20 years, while ⁠Anahi Santiago⁠, Chief Information Security Officer at ⁠ChristianaCare⁠, highlights the challenges facing healthcare cybersecurity, and ⁠Wendi Whitmore⁠, Senior Vice President, Unit 42 at ⁠Palo Alto Networks⁠, considers various types of cyber threats, including ransomware, cryptocurrency theft, and underreported nation-state attacks. Additionally, ⁠Sandra Joyce⁠, VP of Google Threat Intelligence at Google, discusses the importance of well-being among cybersecurity professionals, and ⁠Marene Allison⁠, former CISO at Johnson & Johnson, notes the tendency for organizations to overqualify candidates, highlighting the value of giving individuals a chance to grow into their roles.

Episode Highlights:

00:00 - Intro
06:32 - Marene Allison on hiring for potential, not perfection
07:26 - Wendi Whitmore on overcoming institutional challenges
08:09 - Renata Spinks on diversity in the workplace
08:32 - Sandra Joyce on why ‘crew rest’ is essential for mission-driven professionals
08:57 - Sue Bergamo on balancing operational needs of IT and the demands of cybersecurity
11:41 - Anahi Santiago on fostering a culture of cybersecurity awareness in healthcare organizations
14:39 - Candy Alexander on why security is everyone’s responsibility
20:32 - Candy Alexander on advice for organizations

Episode Resources:

Rubrik Zero Labs The State of Data Security: Measuring Your Data's Risk report
Candy Alexander on LinkedIn
Sue Bergamo on LinkedIn
Renata Spinks on LinkedIn
Anahi Santiago on LinkedIn
Wendi Whitmore on LinkedIn
Marene Allison on LinkedIn
Sandra Joyce on LinkedIn

Navigating Data Governance and Compliance Challenges with Candy Alexander, CISO & Security Practice Lead at NeuEon

Tue, 15 Oct 2024 09:00:00 -0000

Welcome to the ⁠Data Security Decoded⁠ podcast, brought to you by ⁠Rubrik Zero Labs⁠. In each installment, we discuss cybersecurity with thought leaders and industry experts, and get their take on trends, themes, and how they see data security evolving. This is a must-listen for security and IT leaders looking to better understand trends shaping data security and how they can achieve cyber resilience.

In this episode, our host, ⁠John Murphy⁠, Global Field Chief Security Officer at Rubrik, is joined by ⁠Candy Alexander⁠, CISO & Security Practice Lead at NeuEon⁠, a strategic technology advisor. Candy leads NeuEon's Cyber Risk Practice to provide executive-level cyber risk and security services, guiding clients through the process of protecting their environments and meeting regulatory requirements based on specific business needs.

Join John and Candy as they discuss navigating the complexities of data governance, the impact of AI on business security, and the importance of aligning IT initiatives with organizational goals.

Episode Highlights:

00:00 - Intro
05:59 - Evolving Strategic Leadership
16:37 - Aligning IT with Business Strategy for Optimal Impact
18:01 - Broadening Skill Sets to Increase Value
21:39 - The Importance of Networking
30:26 - Taming Data Storage Risks in Finance and Tech
32:56 - Navigating AI Data Challenges
38:59 - AI Adoption Pitfalls for Organizations
42:23 - Tailoring Security Conversations for Business Leaders
46:48 - Operational Mindset for Tech Leaders
51:20 - Regulatory Challenges in Cybersecurity
56:43 - Optimistic and Pessimistic Views on Cybersecurity
58:20 - Proactive Approach Towards AI and New Technologies

Episode Resources:

Rubrik Zero Labs The State of Data Security: Measuring Your Data's Risk report
Candy Alexander on LinkedIn
John Murphy on LinkedIn

Building a Cyber Resilient Healthcare System with Anahi Santiago, Chief Information Security Officer at ChristianaCare

Tue, 01 Oct 2024 09:00:00 -0000

Welcome to the Data Security Decoded⁠ podcast, brought to you by ⁠Rubrik Zero Labs⁠. In each installment, we discuss cybersecurity with thought leaders and industry experts, and get their take on trends, themes, and where they see the sector going next. This is a must-listen for security and IT leaders looking to better understand trends shaping data security and how they can achieve cyber resilience.

In this episode, our guest host, ⁠Rick Bryant⁠, Field CTO for Healthcare at Rubrik, is joined by ⁠Anahi Santiago⁠, Chief Information Security Officer at ⁠ChristianaCare⁠, a healthcare organization centered on improving health outcomes, making high-quality care more accessible, and lowering health care costs. She is also a Member Board of Directors at Health-ISAC (Health Information Sharing and Analysis Center), a global, non-profit, member-driven organization where health sector stakeholders coordinate, collaborate and share vital physical and cyber threat intelligence and best practices with each other. Anahi serves as an Advisory Council Member at CISO ExecNet, a peer-to-peer learning community for Chief Information Security Officers.

Join Rick and Anahi as they explore the challenges facing healthcare cybersecurity, the need for regulatory frameworks, and the role of information sharing in improving security measures.

Episode Highlights:

00:00 - Intro
02:13 - Anahi’s introduction to cybersecurity
04:11 - The most pressing issues facing healthcare systems
05:47 - Risk management
07:41 - Managing data growth
11:21 - Fostering a culture of cybersecurity awareness
14:47 - Organizational resiliency
19:28 - The next five years
24:47 - More regulations vs better enforcement of existing regulations

Episode Resources:

Anahi Santiago on LinkedIn
Rick Bryant on LinkedIn
Rubrik Zero Labs The State of Data Security: Measuring Your Data's Risk report

Measuring Your Data’s Risk Exposure with Bipul Sinha, CEO, Chairman, and Co-Founder of Rubrik

Tue, 17 Sep 2024 09:32:00 -0000

Welcome to the ⁠Data Security Decoded⁠ podcast, brought to you by ⁠Rubrik Zero Labs⁠. In each installment, we discuss cybersecurity with thought leaders and industry experts, and get their take on trends, themes, and where they see the sector going next. This is a must-listen for security and IT leaders looking to better understand trends shaping data security and how they can achieve cyber resilience.

We're excited to continue with our series of special episodes featuring highlights from the recent ⁠Rubrik Zero Labs Virtual Summit⁠. This series offers a unique look into the critical conversations happening around data security. ⁠Steve Stone⁠ is taking on a different role in these special episodes. Instead of guiding us through our usual discussions, he'll be leading in-depth conversations with industry experts.

In the third episode, we’re diving deep into data security strategy. Steve is joined by Bipul Sinha, CEO of Rubrik. Join them as they explore how organizations can effectively navigate the reset phase after a crisis event and create cyber resilience, valuable insights into the unique challenges faced by the healthcare industry, and the technological advancements that can enhance data security.

About Bipul Sinha:

Bipul Sinha is an entrepreneur, engineer and venture capitalist. He is the CEO, Chairman and Co-founder of Rubrik, Inc., a comprehensive data security platform. Bipul is also a Venture Partner at Lightspeed Venture Partners, a multi-stage venture capital firm. Before Lightspeed, Bipul worked at Blumberg Capital, where he was the founding investor and board member of Nutanix and Hootsuite.

Episode Highlights:

00:00 - Intro
01:46 - Importance of risk
03:26 - Risk and CEO engagement
04:52 - Challenges in risk reset
06:07 - Cybersecurity resilience
09:25 - Post-attack planning and resilience
12:20 - Data realities in healthcare
15:01 - Technological maturity

Episode Resources:

Bipul Sinha on LinkedIn
Steve Stone on LinkedIn
Rubrik Zero Labs The State of Data Security: Measuring Your Data's Risk report

Preparing for Breaches: the Importance of Incident Response Plans and Exercises

Tue, 10 Sep 2024 13:33:00 -0000

Welcome to the ⁠Data Security Decoded⁠ podcast, brought to you by ⁠Rubrik Zero Labs⁠. In each installment, we discuss cybersecurity with thought leaders and industry experts, and get their take on trends, themes, and where they see the sector going next. This is a must-listen for security and IT leaders looking to better understand trends shaping data security and how they can achieve cyber resilience.

We're excited to continue with our series of special episodes featuring highlights from the recent Rubrik Zero Labs Virtual Summit. This series offers a unique look into the critical conversations happening around data security. ⁠Steve Stone⁠ is taking on a different role in these special episodes. Instead of guiding us through our usual discussions, he'll be leading in-depth conversations with industry experts.

In the second episode, we’re exploring the cost of unpreparedness to businesses in the face of ransomware attacks. Steve is joined by Heather Hughes, the Vice President of Engagement Management at Aon Cyber Solutions. Join them as they discuss misconceptions surrounding breaches, the need for tools such as multi-factor authentication and endpoint detection and response, as well as reliable and recoverable backups, and the importance of proactive measures and investment in cybersecurity.

About Heather Hughes:

Heather brings over twenty-five years experience in privacy, data security and cyber security to her role as Vice President of Engagement Management at Aon Cyber Solutions. She is also a frequent speaker and author on HIPAA privacy and security, ransomware and cyber best practices.

Episode Highlights:

00:00 - Intro
01:55 - Ransomware attack recovery: lengthy, intense, and resource-heavy
04:31 - Outside counsel in managing the impacts of cyber attacks
10:54 - The importance of backups
15:11 - What catches organizations off-guard
19:31 - How to maximize preparedness

Episode Resources:

Heather Hughes on LinkedIn
Steve Stone on LinkedIn
Rubrik Zero Labs The State of Data Security: Measuring Your Data's Risk report

The Impact of Cyber Events on Patient Care

Fri, 30 Aug 2024 10:00:00 -0000

Welcome to the ⁠Data Security Decoded⁠ podcast, brought to you by ⁠Rubrik Zero Labs⁠. In each installment, we discuss cybersecurity with thought leaders and industry experts, and get their take on trends, themes, and where they see the sector going next. This is a must-listen for organizations and individuals looking to secure their data and achieve cyber resilience.

We're excited to kick off a series of special episodes featuring highlights from the recent Rubrik Zero Labs Virtual Summit. This series offers a unique look into the critical conversations happening around data security. ⁠Steve Stone⁠ is taking on a different role in these special episodes. Instead of guiding us through our usual discussions, he'll be leading in-depth conversations with industry experts.

In this first special episode, we're focusing on data security in healthcare. Steve sits down with ⁠Rick Bryant⁠, Rubrik's healthcare CTO, who brings over three decades of experience in healthcare technology to the table. Join them as they discuss the findings from the Zero Labs report on securing healthcare and minimizing risk, exploring the challenges of securing healthcare data, the misconceptions surrounding healthcare data security, and the need for increased investment in cybersecurity in the healthcare industry.

They also highlight the growing amount of sensitive data in healthcare and the impact of cyber events on patient care.

RIck is an IT leader with over thirty years of healthcare experience. He is currently the Healthcare Chief Technical Officer at Rubrik, an American cloud data management and data security company.

Before working at Rubrik, Rick served as Healthcare Chief Technical Officer at Veritas Technologies, and Chief Information Officer at Texas Children’s Hospital. He also created and managed all client IT services for First Data Corporation.

Episode Highlights:

00:00 - Intro
02:21 - Ransomware attack recovery: lengthy, intense, and resource-heavy
05:00 - Outside counsel in managing the impacts of cyber attacks
11:27 - The importance of backups
15:47 - What catches organizations off-guard
20:09 - How to maximize preparedness

Episode Resources:

Rick Bryant on LinkedIn
Steve Stone on LinkedIn
Rubrik Zero Labs The State of Data Security: Measuring Your Data's Risk report

What CISOs Must Consider During a Breach with Amy Bogac, CISO at Elevate Textiles

Tue, 06 Aug 2024 09:00:00 -0000

Welcome to the Data Security Decoded⁠ podcast, brought to you by ⁠Rubrik Zero Labs⁠. Each episode features senior cybersecurity leaders and other luminaries with unique perspectives about the current state of data security. We explore rising trends and themes across cybersecurity and unpack what that means for organizations looking to secure their data and achieve cyber resilience.

In this episode, your host, ⁠Steve Stone⁠, is joined by ⁠Amy Bogac⁠, CISO at Elevate Textiles and a member of the Technical Advisory Board at Radiant Security. Join us as we discuss the importance of backups and data recovery, the collaboration between IT and OT, the role of AI in the SOC, and Amy's experiences as a leader during breaches.

We also explore the complexities of modern environments, the challenges of implementing change in the aftermath of a crisis and sharing knowledge with others to proactively address vulnerabilities.⁠

Amy Bogac⁠ is a security leader with over twenty years of experience in information security, IT governance, and compliance. She is currently CISO at Elevate Textiles and a member of the Technical Advisory Board at Radiant Security, an “AI-powered SOC co-pilot that boosts SOC analyst productivity, detects real attacks, & improves response times.”

She holds an MBA from Lake Forest Graduate School of Management and a CISSP certification from ISC2. Before working at Radiant Security, Amy was Chief Information Security Officer at The Clorox Company and Head of Information Security at CF Industries.

Episode Highlights:

[10:04] Data recovery and backups
[17:19] IT and OT teamwork
[20:47] AI and SOC
[25:59] Being in charge during breaches
[30:39] Implementing change after a crisis
[45:04] Working with underrepresented communities

Episode Resources:

Amy Bogac on LinkedIn
Elevate Textiles Website
Radiant Security Website
Steve Stone on LinkedIn
Rubrik, Inc Website

Ransomware: A Major Threat to Data Security with Renata Spinks of CyberSec International

Tue, 23 Jul 2024 11:55:00 -0000

Welcome to the ⁠Data Security Decoded⁠ podcast, brought to you by ⁠Rubrik Zero Labs⁠. Each episode features senior cybersecurity leaders and other luminaries with unique perspectives about the current state of data security. We explore rising trends and themes across cybersecurity and unpack what that means for organizations looking to secure their data and achieve cyber resilience.

In this episode, your host, ⁠Steve Stone⁠, is joined by⁠Renata Spinks⁠, Former SES - Deputy CIO IC4, US Marine Corp, and current CEO at CyberSec International. In the second of two episodes, Steve and Renata highlight the importance of understanding an organization's data assets and utilizing them properly, and discuss the value of continuous training, collaboration with industry partners, and staying proactive in the face of evolving threats.

They also explore the talent shortage in cybersecurity, and why organizations need to have the vision to tap into underrepresented and under-resourced areas.

Renata has over twenty-five years of experience in cybersecurity, program management, and public service. She is currently the CEO of CyberSec International, a global leader in providing cutting-edge solutions and services to protect and enhance their clients’ and partners’ cyber resilience.

Before starting CyberSec International, Renata served as the Acting Senior Information Security Officer and Cyber Technology Officer (CTO) for the U.S. Marine Corps. She also has a Master of Science in Information Technology, a Certificate in Information Technology Project Management, and multiple awards and honors for her achievements and contributions to the field.

Episode Highlights:

00:39 - Defending against ransomware
07:21 - The talent shortage in cybersecurity
15:40 - Bringing underrepresented communities into prominent, visible roles
25:49 - Reflecting on the past and anticipating the future of cybersecurity

Episode Resources:

Renata Spinks on LinkedIn
Renata Spinks Website
CyberSec International Website
Steve Stone on LinkedIn
Rubrik, Inc Website

War Fighting in Cybersecurity: Lessons from the Military with Renata Spinks, Former SES - Deputy CIO IC4, US Marine Corp

Tue, 09 Jul 2024 09:00:00 -0000

In this episode, your host, ⁠Steve Stone⁠, is joined by ⁠Renata Spinks⁠, Former SES - Deputy CIO IC4, US Marine Corp, and current CEO at CyberSec International. In the first of two episodes, join us as we explore why all individuals in an organization need to have a proactive mindset towards cyber threats, the importance of being adaptable, flexible, and open-minded in the field of cybersecurity, and the major changes to threats over the last 20 years.

We also discuss building a security culture, and some advice for new security leaders.

Before working for CyberSec International, Renata served as the Acting Senior Information Security Officer and Cyber Technology Officer (CTO) for the U.S. Marine Corps. She also has a Master of Science in Information Technology, a Certificate in Information Technology Project Management, and multiple awards and honors for her achievements and contributions to the field.

Episode Highlights :

Renata’s path towards cybersecurity
Why cybersecurity is a collective effort
The value of extensive training and remaining flexible
Major changes in threats over the last twenty years
Building a security culture

Episode Resources:

Renata Spinks on LinkedIn
Renata Spinks Website
CyberSec International Website
Steve Stone on LinkedIn
Rubrik, Inc Website

Driving Strategic Excellence in Cybersecurity: Insights from Sue Bergamo, CISO and CIO at BTE Partners

Tue, 21 May 2024 12:54:00 -0000

In this episode, your host, ⁠Steve Stone⁠, is joined by ⁠Sue Bergamo⁠, CISO and CIO at ⁠BTE Partners⁠. Join us as we delve into the world of senior leadership in cybersecurity. Sue shares her journey from system administrator to CIO and CISO at BTE Partners while emphasizing the need for strategic excellence in defending against cyber threats on a global scale.

We also discuss the challenges of managing at a global level, the evolving role of the CISO, and the impact of new SEC regulations. Sue also explores the importance of mentorship and diversity in the cybersecurity industry. Don't miss out on this insightful conversation!

Sue is an experienced global executive who is passionate about connecting people and helping companies build innovative and secure technologies. Her proven track record speaks to the resilience needed to effectively transform people, processes, and technology to meet business resilience needs.

Her expertise includes Cybersecurity Strategy, Assessment, Implementation, Operations, Compliance, Risk Management and Certifications. She is a Board Member at BTE Partners and an advisor on Strategic Planning, Transformation, and organizational change. Sue is a best-selling author and blogger and a sought-after keynote speaker.

Episode Highlights:

Introduction to Sue Bergamo's journey in cybersecurity and technology
Challenges of leading and managing cybersecurity at a global level
Balancing the operational needs of IT and cybersecurity
The evolving role of the CISO and its challenges
Challenges posed by compliance and regulatory initiatives
Importance of mentorship and diversity in the cybersecurity industry
Future of cybersecurity and optimism about combating cybercrime

Episode Resources:

Sue Bergamo on LinkedIn
BTE Partners Website
Steve Stone on LinkedIn
Rubrik, Inc Website

The Impact of Ransomware on Hospitals and Patient Care with Hannah Neprash, PhD of the University of Minnesota, School of Public Health

Fri, 03 May 2024 17:43:00 -0000

Welcome to the ⁠Data Security Decoded⁠ podcast, brought to you by ⁠Rubrik Zero Labs⁠. Each episode of the podcast features senior cybersecurity leaders and other luminaries with unique perspectives about the current state of data security. We explore rising trends and themes across cybersecurity and unpack what that means for organizations looking to secure their data and achieve cyber resilience. Come and join us on this journey.

In this episode, your host and Head of Rubrik Zero Labs, ⁠Steve Stone⁠, is joined by Hannah Neprash, PhD, Assistant Professor at the ⁠University of Minnesota School of Public Health⁠. Join them as they discuss the impact of ransomware attacks on hospitals and patient care, highlighting the severe consequences when these organizations lose sensitive patient data records and their access to systems. They emphasize the importance of collaboration between healthcare and cybersecurity professionals to align on a clear path forward and the need for clear policy solutions. This conversation provides valuable insights into the intersection of healthcare and cybersecurity.

Hannah has done her doctoral studies in health policy with an economic track from Harvard University. She is focused on how healthcare organizations respond to financial and non-financial incentives. Her research uses novel sources of data to examine how physician decision-making drives utilization, spending, access, and quality in healthcare. She is particularly interested in research questions that will inform evidence-based policy during a time of rapid transformation in healthcare payment and delivery systems.

In addition to her academic career, she has experience in federal and state health policy – including time at the Medicare Payment Advisory Commission (MedPAC), the Health Subcommittee of the U.S. House of Representatives Ways & Means Committee, and the Massachusetts Health Policy Commission.

Episode Highlights:

Introduction to the intersection of healthcare and cybersecurity
Hannah's interest in health economics and ransomware attacks
Creating a comprehensive dataset of ransomware attacks on healthcare organizations
Findings on the impact of ransomware attacks targeting sensitive patient data
Implications of the research for future healthcare policies
Challenges in the cybersecurity and data security industries
Data security maturity across healthcare
Importance of collaboration and awareness in healthcare cybersecurity

Episode Resources:

Hannah Neprash on LinkedIn
University of Minnesota, School of Public Health Website
Steve Stone on LinkedIn
Rubrick, Inc Website

Communicating Cyber Risk to Executives and Boards with Shamane Tan

Thu, 29 Feb 2024 16:44:00 -0000

In this episode of Cyber Security Decoded from Rubrik Zero Labs, host Steve Stone is joined by Chief Growth Officer at Sekuro and Best-Selling Author Shamane Tan to discuss differences in the cybersecurity landscape between the US and APAC, communication strategies for CISOs, building trust for better cybersecurity outcomes, improving organizational resilience, and diversity in the cybersecurity field. For more information on the State of Data Security from Rubrik Zero Labs, read the report here: https://rbrk.co/47rYcWH

How Generative AI Will Accelerate Cybersecurity with Sherrod DeGrippo

Wed, 10 Jan 2024 22:04:00 -0000

In this episode of Cyber Security Decoded, host Steve Stone, Head of Rubrik Zero Labs, is joined by Sherrod DeGrippo, Director of Threat Intelligence Strategy at Microsoft to discuss the cyber threat landscape. In this episode, you'll hear insights on: - How AI will act as a catalyst and accelerate everything security and IT teams are doing - The (debatable) value of Threat Models - If threat intelligence teams will realistically be able to join forces to fight the true adversaries Rubrik Zero Labs' “The State of Data Security: The Journey to Secure an Uncertain Future" report provides a timely view into the increasingly commonplace problem of cyber risks and the challenge to secure data across an organization’s expanding surface area. See the report here: https://rbrk.co/47rYcWH

The Evolving Role of the CISO and the Language of Resilience with Marene Allison

Tue, 31 Oct 2023 13:45:00 -0000

In this episode of Cyber Security Decoded, Steve Stone, Head of Rubrik Zero Labs, is joined by a former CISO at Johnson & Johnson to discuss the ever-evolving role of the CISO. They discuss what she has learned from the biggest threat intrusions in her career, how the role of the CISO is evolving to adapt to new cyber threats, and what we can tactically do to empower more professionals from different backgrounds to pursue a career in cybersecurity.

About Marene Allison:
Marene Allison is the former CISO for Johnson & Johnson where she was responsible for protecting the company’s information technology systems and business data worldwide. Prior to Johnson & Johnson, she served as an FBI Special Agent and in the US Army and graduated from West Point in the first class to include women. Allison also currently sits on the board of West Point Women.

What you'll learn in this episode:
– Misconceptions emerging security and IT leaders have about the role of the CISO
– How the cyber threat landscape has evolved over the past several decades
– The questions CISOs need to think about in terms of cyber resilience and posture
If you're a CISO, security leader, or anyone interested in the future of cybersecurity, this episode is a must-listen.

Call to action:
1. Subscribe to the podcast to stay up-to-date on the latest cybersecurity trends and insights.
2. Learn more about our findings in the State of Data Security report here: https://rbrk.co/3GrzWsu

Manipulating Science for the Greater Good with Kavitha Mariappan

Wed, 20 Sep 2023 14:30:00 -0000

Hear from Steve Stone, Head of Rubrik Zero Labs, and Kavitha Mariappan, EVP of Customer Experience and Transformation at Zscaler, as they discuss the cybersecurity landscape, Rubrik and Zscaler's partnership and integration, and what security transformation has looked like over recent years for various organizations.

In this episode, you'll learn about:

The latest threats and trends in cybersecurity
How Rubrik and Zscaler are working together to help organizations protect their data
Case studies of how organizations have successfully transformed their security posture
Tips for leaders on how to start their own security transformation journey

If you're interested in learning more about how to protect your organization from cyber threats, this episode is a must-listen.

Call to action:

Subscribe to the podcast to stay up-to-date on the latest cybersecurity trends and insights.
Learn more about our findings in the State of Data Security report here: https://rbrk.co/3GrzWsu

The Hard Truths of Data Security with Wendi Whitmore

Mon, 05 Jun 2023 14:57:00 -0000

Hear from Steve Stone, Head of Rubrik Zero Labs, and Wendi Whitmore, SVP of Unit 42 at Palo Alto Networks, as they discuss the cyber threat landscape, what security and IT teams must prioritize to build cyber resilient organizations, and how important it is to bring awareness to cybersecurity as a career option to diversify and expand the security workforce.

In this episode, you'll learn about:

The latest threats and trends in cybersecurity
How to build a cyber-resilient organization
The importance of diversity and inclusion in the cybersecurity workforce
How to inspire younger generations to work towards a career in cybersecurity

If you're interested in learning more about how to protect your organization from cyber threats and build a strong security team, this episode is a must-listen.

Call to action:

Subscribe to the podcast to stay up-to-date on the latest cybersecurity trends and insights.
Dive into the latest report from Rubrik Zero Labs, outlining the hard truths of data security, here: https://rbrk.co/3zEz3sY

Leading A Cybersecurity Organization Through Periods of Burnout with Sandra Joyce

Fri, 07 Apr 2023 16:00:00 -0000

Steve Stone, Head of Rubrik Zero Labs, is joined by Sandra Joyce, VP of Mandiant Intelligence at Google Cloud, to discuss leading mission-driven teams through periods of burnout, the gaps private sector cybersecurity teams experience in partnering with the public sector, information sharing on cyberattacks, and more.

About Sandra Joyce:

Sandra Joyce is a cybersecurity leader and has been head of Mandiant Intelligence since 2017. She oversees threat research activities and operations of the Mandiant Intelligence organization and joined Google in 2022, following Google’s acquisition of Mandiant.

Joyce is a highly accomplished and respected cybersecurity professional with over 20 years of experience in the field. She has held senior leadership positions at Mandiant, FireEye, and the U.S. Air Force. Joyce is also a member of the Aspen Institute Cybersecurity Working Group, sits on the strategic council of the Silverado Policy Accelerator, and is a member of the Institute for Security and Technology’s Ransomware Task Force Steering Committee. She is regularly featured in international print and broadcast media including CNN, NBC, Bloomberg, BBC World, Today Show, NPR, Wall Street Journal, Deutsche Welle, and others.

What you'll learn in this episode:

How to lead mission-driven teams through periods of burnout
The challenges of partnering between the private and public sectors in cybersecurity
The importance of information sharing in the fight against cyberattacks
And more!

If you're interested in learning more about how to lead a cybersecurity organization through burnout, the gaps between the private and public sectors in cybersecurity, and the importance of information sharing, this episode is a must-listen.

Call to action:

Subscribe to the podcast to stay up-to-date on the latest cybersecurity trends and insights.
Gain more valuable insights on the hard truths of data security here: https://rbrk.co/3zEz3sY

Making Cyber Resilience Accessible to Every Organization with Suzette Kent

Wed, 08 Feb 2023 15:10:00 -0000

In this episode, Steve Stone, Head of Rubrik Zero Labs, is joined by Suzette Kent, former Federal CIO and current Partner at McKinsey & Company, to discuss private sector and public sector cybersecurity partnerships, the transformation over the past decade on security and IT priorities, key considerations for CIOs and CISOs to help their organizations achieve cyber resilience, and more.

About Suzette Kent:

Suzette Kent is a global business transformation executive. She served as the Federal Chief Information Officer for the United States from 2018 until July 2020. Kent’s career has included leadership roles ranging from partner at Accenture and EY to managing director at JP Morgan. She currently leads her own advisory business through which she continues strategic transformation work with clients around the world, across industries, and in the public and private sectors. Throughout her career, her focus has always centered on technology transformation, cybersecurity, digital enablement, workforce development, and ways that technology can be leveraged to solve challenges. Suzette is a strategic advisor to organizations, including serving on the Boards of a bank, and a public university, and works with many companies on their Advisory Boards and as a subject matter senior advisor.

What you'll learn in this episode:

The importance of private sector and public sector cybersecurity partnerships
How security and IT priorities have transformed over the past decade
Key considerations for CIOs and CISOs to help their organizations achieve cyber resilience
And more!

If you're interested in learning more about how to improve cybersecurity collaboration between the private and public sectors, the latest trends in security and IT priorities, and how to achieve cyber resilience, this episode is a must-listen.

Call to action:

Subscribe to the podcast to stay up-to-date on the latest cybersecurity trends and insights.
Read about the State of Data Security here: https://rbrk.co/3sZOR6q

Dissecting The Human Impact of Cybercrime with Wendi Whitmore

Tue, 20 Dec 2022 17:00:00 -0000

In this inaugural episode of Cyber Security Decoded, Steve Stone, Head of Rubrik Zero Labs, is joined by Wendi Whitmore, SVP of Unit 42 at Palo Alto Networks. In this episode, Steve and Wendi discuss the findings in Rubrik Zero Labs' very first State of Data Security report, the cybersecurity implications of conflicts like the war in Ukraine, the need for information sharing between threat intelligence agencies, and much more.

About Wendi Whitmore:

Wendi Whitmore serves as senior vice president for Unit 42 at Palo Alto Networks. She is a globally recognized cybersecurity leader, with two decades of experience building incident response and threat intelligence teams that have helped clients solve some of the world’s largest breaches. Wendi leads Unit 42, a team of elite incident responders and world-renowned threat researchers. The combined team helps organizations tackle the most complex cyber threats — from ransomware to state-sponsored espionage.

She began her career as a Special Agent conducting computer crime investigations with the Air Force Office of Special Investigations. Wendi regularly meets with executive leadership teams and boards to advise them on strengthening their security programs to address their most pressing threats. She is a frequent speaker at high-profile technical conferences and has taught graduate-level computer science and cybersecurity courses at Carnegie Mellon University and The George Washington University.

What you'll learn in this episode:

The key findings in the State of Data Security report from Rubrik Zero Labs
The cybersecurity implications of conflicts like the war in Ukraine
The importance of information sharing between threat intelligence agencies
And more!

If you're interested in learning more about the latest trends in data security, the cybersecurity implications of global conflicts, and the importance of information sharing, this episode is a must-listen.

Call to action:

Subscribe to the podcast to stay up-to-date on the latest cybersecurity trends and insights.
Read about the State of Data Security here: https://rbrk.co/3sZOR6q