As we realize the transformative power of the cloud, AI and machine learning, has our culture of responsibility and ethics kept pace? How do we harness our new technological capabilities to the understanding of how to use them well?

In the last episode of the year, Diana Kelley and guests will discuss the trends we've seen over the last 12 months, the news stories that dominated our screens - and security strategies - and what learnings we should take from 2024, to apply to the year ahead.

2024 Recap: IT Security Trends and Insights

Join Diana Kelley and guests as they deep dive into Infrastructure as Code (IaC), what it is, how it impacts organisational risk and its business benefits.

Infrastructure as Code (IaC): What it is and How it Impacts Risk

Bug bounty programs allow companies to leverage the potential of ethical hacking by offering monetary rewards to those who successfully discover and report any weaknesses or vulnerabilities within their digital assets.

Join Diana Kelley and guests as they deep dive into bug bounty programs, how they work, and whether they are right for your organization.

Bug Bounty Programs: What Are They and Do You Need One?

Join Diana Kelley and guests as they explain the value of risk registers for your business, why so many organizations overlook them, and how to create your own risk register.

Risk Registers: The Most important Thing You're Not Doing

We've all heard the phrase 'not if, but when' - and with that in mind, creating a strategy to prevent a security incident from snowballing is imperative. 

f you can't prevent 100% of all attacks, you can control how they impact the rest of your organization. 

Join Diana Kelley and guests as we deep dive into:
-  Attack containment in the cloud
-  Why attack containment is so important in 2024 
-  Creating your attack containment strategy 
-  And much more!

Attack Containment: Limiting the Blast Radius in the Cloud

The concept of composability has become a hot topic in business and architectural circles. Rather than creating large, monolithic projects that can lead to costly redundancy and inefficiency, organizations are looking to create business plans and strategic architectures that are agile and modular. 

Composability also extends to the software space, where developers leverage prewritten libraries and micro-services to speed development and functionality. 

It's time for security to embrace the concept of composability to support composable business systems. But what exactly does that mean? And how can organizations put the ideas into practice? 

Join Diana Kelley and guests in this session as we deep dive into:
-  An overview of composable security, which is modular and flexible
-  How composable security can meet the needs of modern companies
-  Benefits of composable security - from business risk analysis to hardware and software risk management

The panel will supply case study examples of what a composable security program looks like and provide recommendations on how the audience can implement and adopt these concepts in their own organizations.

Composable Security: What it is and Why you Need It

Businesses have spent the best part of the last three years riding the 'Zero Trust' wave, but where do Zero Trust practices stand now? 

In this month's instalment of The (Security) Balancing Act, Diana Kelley and panellists will explore what we have we learned about Zero Trust implementation over the past few years, and where do we stand for the years to come. 

Join us as we discuss:
-  What ZTA adoption looks like in 2024
-  The state of Zero Trust, and what does the future have in store?
-  The impact of widespread Zero Trust implementation 
-  And much more!

Zero Trust Maturity or Bust: Update on ZTA Adoption Patterns

What is MLSecOps? How do businesses begin to implement MLSecOps? Why now? 

In this month's episode of The (Security) Balancing Act, Diana Kelley and guests will deep dive into why it's imperative that security leaders build security into their machine learning and artificial intelligence. 

Join panellists as they discuss: 
-  What MLSecOps looks like today 
-  The evolution of MLSecOps - and where it's going 
-  Setting up your own MLSecOps implementation - and why you should start now
-  And much more!

MLSecOps Explained: Building Security Into ML & AI

AI has had a massive impact in industries and businesses across the globe - and this doesn't stop at sustainability. 

Join Diana Kelley and guests as they discuss:
-  How to centre sustainability within your IT
-  Understanding measurability, and how to equate your impact to the environement
-  How the age of AI is impacting our carbon footprint 
-  Advancements in AI to champion green initiatives 
-  Much more!

Green and Sustainable Considerations for IT in the age of AI

CISOs and business leaders understand the value of education when it comes to ensuring employees maintain cyber hygiene, to keep corporate data safe.

But how do we go beyond basic education, and instead foster a 'security aware culture'? 

Join Diana Kelley and guests as they deep dive into:
-  Reimagining employee education for ultimate employee cyber hygiene 
-  The common threats your workforce will encounter in 2024
-  The evolution of password management 
-  Developing an incident response strategy
-  And much more!

How To Create a Security Aware Culture

As the threat landscape continues to shift, the role of the CISO shifts with it. As we look at the year ahead of us, it's a great time to consider how the role of the CISO will adapt to the changing cybersecurity landscape. 

Join Diana Kelley and guests as they discuss:
-  What's next for CISOs? 
-  What will the role of the CISO look like in 2024?
-  How will the role evolve?

CISO-lution: The Role of the CISO in 2024

In the first episode of the year, Diana Kelley and guests deep dive into their top predictions for the year ahead, the obstacles they expect businesses to face, and how to overcome these challenges for business success.

-  What will security leaders be juggling in 2024? 
-  What trends do we expect to emerge throughout the year?
-  Is there any way to get ahead of the curve now to ensure your business won’t fall behind?

Join us as we discuss all this and much more!

Make sure to bring your own predictions for our live Q&A.

Understanding Enterprise Security in 2024

2023 has seen the security landscape shift enormously. From threat exposure management to the advancement of generative AI - security leaders have had a lot on their plate.

 In the final episode of the year, Diana Kelley and guests will discuss the most notable security trends from 2023, and how to apply these learnings to our security strategy in 2024.

Join us as we discuss: 
-  GenAI mania: security of GenAI, ethics and privacy considerations
-  Is it time to talk about quantum?
-  The evolution of zero trust 
-  Visibility in light of new regulations
-  Operational resilience 
-  And much more! 

Make sure to bring your own 2023 trends and predictions for 2024 for our panellists to explore!

Secure Your Business in 2024: Top Trends, Tips and Tricks

In our 50th episode special, Diana Kelley and guests will investigate why 2023 has been the year of Hacktivism, the surge of geopolitical cyber-attacks, and what the future holds for Hacktivists. 

Join us as Diana Kelley and guests discuss: 

-  Hacktivism explained
-  Hacktivism vs. nation state and espionage
-  Most common attack techniques: DDoS, defacements, commenting/water hole
-  Types of websites and organizations targeted
-  Geopolitical considerations

Understanding Hacktivism in 2023

Join Diana Kelley and guests in the 49th episode of The Security Balancing Act as they examine cross-cloud management, and explore the best way to approach cloud management, in a way that allows for secure data sharing across cloud providers.

-  What it means to be cross-cloud
-  Native tools vs. 3rd party for continuous monitoring
-  Normalizing reporting and controls across clouds
-  Managing SIGs, STIGs, and CIS in a multi-cloud world

A Guide To Cross Cloud Risk Management

Low code and no code platforms are not immune to risk. Join Diana Kelley and guests in the 48th episode of The Security Balancing Act as we discuss the security considerations for low code/no code. 

-  Low code explained
-  Where and how it is used in organizations
-  Risks associated with unmanaged adoption
-  Do low code/no code projects need to be part of the SDLC?
-  Tips for deploying securely without impeding adoption

Security Considerations for Low Code/No Code

Join Diana Kelley in the 47th episode of The Security Balancing Act as we discuss whether there's more to a career in cyber beyond a CISO role.

As the cybersecurity industry continues to grow, opportunities are vast and ever changing. In this episode of The Security Balancing Act, we'll deep dive into: 

-  Understanding the differences between a CSO and CISO
-  Security adjacent leadership roles (ex: Chief Compliance Officer, Chief Risk Officer)
-  Emerging security roles: Chief Product Security Officer, Chief Data Security Officer)
-  Leading as an individual contributor
-  Security advisory roles
-  "Field" and thought leadership roles in security

Grow Your Cyber Career: Where Do You Go if You Don't Want To Be a CISO?

After the success and interest in our first cyber myth busting episode, we’re bringing a second instalment to this topic - answering your hot questions, and diving into common cyber misconceptions.

In this special episode of The (Security) Balancing Act, Diana Kelley and cyber experts will sit down, and deep dive into the common cyber myths.

 What misconceptions drive you crazy? Bring your best myths and join Diana Kelley and guests as we decipher common cyber myths in a bid to clear up the confusion.

Blasting Cyber Myths: Part Two

Cyber Myth Busting: Blasting Common Misconceptions

2021 Readiness: Balancing Security in a Post-COVID World

Deceiving the Attacker

Securing Identity - 1 Year Check-In

Life on the Front Lines - Staying Sane in the SOC

Supply Chain Security

Protecting Your Business from Nation State Attacks

Securing the Remote Workforce

Balancing Security on Premise and In The Cloud

Balancing the Security Workforce

Social Engineering Threats to Enterprise Security

How To Prevent Bias in Machine Learning

When NOT To Release and Hold Out for Better Security

Why Today’s Attacker is Focused on Identities

Balancing Security and Privacy

ORIGINALS: The (Security) Balancing Act

Smaller businesses have a common problem when it comes to cybersecurity - limited expertise, resources and budget.  

The board is asking for, clients are demanding to know whether the company is secure, IT team can't articulate the cybersecurity program, because there isn't one. 

Cybersecurity is sometimes an afterthought for a start-up, or delegated to one engineer. There's a tendency to think of cybersecurity as a set of tactical, technical implementations to cover obvious threats rather than a business problem.

We'll discuss the role of the CISO in terms of providing the leadership and strategy for a cohesive, risk based program.  Ideally, the role is not a technician.  

With an ever-evolving threat landscape and a growing business, where does a business start to build and maintain an affordable program? We'll discuss a baseline program, technologies required, focusing on fewest technologies for maximum benefit.

This episode is part of The (Security) Balancing Act series with Diana Kelley. Viewers are encouraged to ask questions during the live Q&A.

Cybersecurity Strategy and Leadership for the SMB

Presented by

About this talk

More from this channel