As we realize the transformative power of the cloud, AI and machine learning, has our culture of responsibility and ethics kept pace? How do we harness our new technological capabilities to the understanding of how to use them well?

In the final episode of the year, Diana Kelley and guests will discuss the most notable security trends from 2023, and how to apply these learnings to our security strategy in 2024.

Secure Your Business in 2024: Top Trends, Tips and Tricks

In our 50th episode special, Diana Kelley and guests will investigate why 2023 has been the year of Hacktivism, the surge of geopolitical cyber-attacks, and what the future holds for Hacktivists. 

Join us as Diana Kelley and guests discuss: 

-  Hacktivism explained
-  Hacktivism vs. nation state and espionage
-  Most common attack techniques: DDoS, defacements, commenting/water hole
-  Types of websites and organizations targeted
-  Geopolitical considerations

Understanding Hacktivism in 2023

Join Diana Kelley and guests in the 49th episode of The Security Balancing Act as they examine cross-cloud management, and explore the best way to approach cloud management, in a way that allows for secure data sharing across cloud providers.

-  What it means to be cross-cloud
-  Native tools vs. 3rd party for continuous monitoring
-  Normalizing reporting and controls across clouds
-  Managing SIGs, STIGs, and CIS in a multi-cloud world

A Guide To Cross Cloud Risk Management

Low code and no code platforms are not immune to risk. Join Diana Kelley and guests in the 48th episode of The Security Balancing Act as we discuss the security considerations for low code/no code. 

-  Low code explained
-  Where and how it is used in organizations
-  Risks associated with unmanaged adoption
-  Do low code/no code projects need to be part of the SDLC?
-  Tips for deploying securely without impeding adoption

Security Considerations for Low Code/No Code

Join Diana Kelley in the 47th episode of The Security Balancing Act as we discuss whether there's more to a career in cyber beyond a CISO role.

As the cybersecurity industry continues to grow, opportunities are vast and ever changing. In this episode of The Security Balancing Act, we'll deep dive into: 

-  Understanding the differences between a CSO and CISO
-  Security adjacent leadership roles (ex: Chief Compliance Officer, Chief Risk Officer)
-  Emerging security roles: Chief Product Security Officer, Chief Data Security Officer)
-  Leading as an individual contributor
-  Security advisory roles
-  "Field" and thought leadership roles in security

Grow Your Cyber Career: Where Do You Go if You Don't Want To Be a CISO?

After the success and interest in our first cyber myth busting episode, we’re bringing a second instalment to this topic - answering your hot questions, and diving into common cyber misconceptions.

In this special episode of The (Security) Balancing Act, Diana Kelley and cyber experts will sit down, and deep dive into the common cyber myths.

 What misconceptions drive you crazy? Bring your best myths and join Diana Kelley and guests as we decipher common cyber myths in a bid to clear up the confusion.

Blasting Cyber Myths: Part Two

No one is a stranger to the complexity of cyber. And with confusion, comes misconception.

In this special episode of The (Security) Balancing Act, Diana Kelley and cyber experts will sit down, and deep dive into the common cyber myths.

Does compliance equal security? Is data safer on-prem than in the cloud? Will AI take our jobs? What misconceptions drive you crazy? Bring your best myths and join Diana Kelley and guests as we decipher common cyber myths in a bid to clear up the confusion.

Cyber Myth Busting: Blasting Common Misconceptions

API and App Security is no joke. As the volume of API use increases, so does the likelihood of an attack. APIs are powerful tools for developers but when they are left vulnerable, easy targets for cybercriminals they are essentially passageways to business-critical data, and this year, bad bots are becoming a bigger threat for APIs than ever before.

In this month’s episode of The (Security) Balancing Act, we’ll be deep diving into API risk, and how to navigate this growing threat. Join us as we discuss:

-  Defending against DDoS attacks
-  Why it’s crucial to manage your app & API security in one place
- Why API keys must be protected
- Top API security vulnerabilities
-  Understanding how to manage and mitigate risk in a changing climate
-  Future API Security trends
-  And much more!

Secure Your APIs, Secure Your Business

ChatGPT has been all over the news over the past few months. It is a great example of generative AI, and uses “deep learning techniques to generate human-like responses to text inputs in a conversational manner”. ChatGPT offers a range of benefits to users from all industries - but does it pose any risk? And what of the other AI chat tools being released like Google Bard?

According to Blackberry, though business leaders recognise its innate value, 51% of IT leaders believe there will be a successful cyber attack credited to ChatGPT within the year.

So where does this leave us? How can we leverage OpenAI tools while also remaining secure?

Join us in this month’s episode of The (Security) Balancing Act as we discuss:
-  AI tools, what’s on offer and how to stay secure
-  Risks of chatbot "overconfidence" even when wrong
-  How to leverage Generative tools safely 
-  Investments from MSFT, and what this tells us about ChatGPT
-  The future of AI, machine learning and natural language processing
-  And much more!

Understanding ChatGPT Risk: Do You Need to Worry?

In an age of the digital footprint, where data is being produced at such a rapid pace that we almost can’t keep up, decentralised identity offers an escape from data surveillance. 

Decentralised identity gives back control to the consumer by putting them back in control of their data credentials in an environment of greater identity trust. Not only that, but we know that identity data is often exposed when it comes to security breaches. These kinds of breaches can have knock on effects, from financial stability, to trust, to brand reputation. 

Join us in this session as we break down decentralised identity and discuss: 
-  Why decentralised identity is so key today 
-  The role of DIDs (Decentralised Identifiers) 
-  How to create and sustain trust 
-  Getting started with decentralised identity
-  And much more!

Decentralised Identity: Giving Control Back to the Consumer

With a new year comes new challenges, new trends, and new solutions. There’s no better time to consider these trends and predictions, and how they will impact your business and key security decision-making.

In the first episode of the year, we’ll be thinking about lessons from 2022 and how to apply them to the year ahead. We’ll discuss key trends in all areas of cyber security, from the boom of Internet of Things, to protecting against international state-sponsored attackers to the increased role of AI. 

Join us as we discuss: 
-  The evolution of the C-Suite in 2023
-  Creating a year-long plan, and what you should consider when doing so 
-  Building cyber awareness within your organisation 
-  How the threatscape is shifting, and what to be on the lookout for
-  And much more!

Hello 2023! Key Cyber Security Trends

In 2022, we’ve seen all sorts of shifts in the cybersecurity world. Nation state attacks, phishing and the growth of AI are only three out of the myriad of trends. In many ways, it’s been an unpredictable year, and security leaders have had to think on their feet to keep up with the wave of change. 

As the year comes to an end, it’s beneficial to evaluate the key trends we’ve experienced in the past 12 months, to truly consider and begin to understand what’s in store for us in the year ahead, and to plan for the unexpected. 

Join us in the final panel of 2022 as we discuss: 
-  Top security predictions for 2023
-  Balancing security and privacy
-  The evolution of the C-Suite 
-  And much more

Top Cybersecurity Predictions for 2023

There is no way to sugar coat it. We are living through a time of worker change: some call it the Great Resignation, others view it as a Reshuffle. According to a recent survey by Microsoft, globally, 41% of workers are considering leaving their jobs. In the cybersecurity industry alone, more than half of professionals are contemplating leaving (Cobalt).

How does this impact the cyber world? Does it leave businesses open to attack? What can leaders in the industry do to ensure that employees remain content and satisfied?

Join us in this discussion as we consider:
-  The impact of the Great Resignation/Reshuffle on the cybersecurity industry
-  Whether the Great Resignation/Reshuffle is broadening the attack surface
-  What's lost when employees turn over?
-  How to retain talent during turbulent times
-  Is this shift due to the pandemic, or was it always coming?
-  And more!

Cyber Talent and the Great Resignation

When it comes to operational security, a forward-facing approach is essential. Having a high-level yet comprehensive cybersecurity strategy is a great way to understand your attack surface and navigate risk. But how can you plan long-term when incidents are taking attention every day and technology and attacks continue to evolve?

Being forward facing means moving away from a reactive cybersecurity strategy towards a proactive plan. However, creating a 3-year plan is no easy feat. It takes continuous monitoring, agility, and the ability to plan for the unexpected.

In this episode of The (Security) Balancing Act, Diana Kelley and guests will discuss:
-  The benefits of a long-term cybersecurity strategy
-  Key considerations when building out a program or strategy
-  Balancing immediate and urgent tasks with long-term planning
-  Getting Board by-in for strategic goals
-  How to monitor your strategy to ensure it remains effective
-  The first step to building your 3-year plan
-  And much more!

How To Build a 3 Year Cybersecurity Program

According to research by Capgemini, two thirds of businesses now understand that AI is a necessary component in the race to secure your organisation. The attack surface in 2022 is larger and more sophisticated than ever before, with ransomware and breaches at an all time high. The ability to detect cyber threats quickly, to have proactive security measures and to detect new, malicious threats, is more critical than ever. 

In this month’s episode of The (Security) Balancing Act, we’ll ask, ‘is AI the answer to the evolution of the threatscape?’ 

Join us in this session as we discuss: 

-  Use cases for AI in cyber - where does it fit and where it doesn’t
-  Can AI replace cyber analysts?
-  The importance of resilient AI
-  What we mean by predictive intelligence, and why it’s important 
-  How to implement AI into your security 
-  The technology AI can leverage to improve your security posture 
-  The future of AI in the cybersecurity space

Cybersecurity and AI: Managing the Evolution of the Threatscape

The development and evolution of IoT has shifted the world of technology forever, creating new ways for technology to deliver value. Businesses, governments, and healthcare and financial institutions have begun to leverage the benefits of IoT. However, it has also opened up opportunities for data to be lost, stolen and manipulated. In fact, according to Gartner, over 25% of enterprise attacks involve IoT.

Balancing the rate of innovation and risk assessment is key. But where do we start? Do we begin securing the device, or the network? How can we secure IoT in a proactive, holistic way? 

Join us in this episode as we discuss: 

-  Understanding the scope of IoT
-  Considerations when IoT and IIoT meet
-  Where to start when securing enterprise IoT 
-  In a WFA world is securing consumer IoT a requirement
-  Emerging technologies available to enable IoT protection
-  The future of IoT in the security landscape

Securing the IoT Landscape

Gartner predicts that 60% of large enterprises will implement passwordless methods by the end of the year. Going passwordless reduces the risk of password-based threats, improves usability and reduces operational cost. 

When weak and stolen passwords are responsible for 61% of all data breaches (Verizon), is it time to ask ourselves whether going passwordless is the future, and in 2022, are we ready to remove passwords altogether? 

Join us in this episode as we discuss: 

-  Hype-free explanation of what passwordless really means
-  Why going passwordless and effective password management go hand in hand 
-  Passwordless authentication and SSO
-  Challenges to adoption
-  Building your passwordless implementation roadmap
-  The industries embracing going password free 
-  Is passwordless the future?

Can We Go Passwordless in 2022?

The BISO (Business Information Security Officer) role originated in the financial services space but has now grown to be a part of many large organizations. BISOs are charged with connecting security to larger business interests. It is a relatively new senior role and represents a need for greater integration of security into business operations.

Because the role is new to many companies, it can be hard to know if you need a BISO. How do BISOs collaborate with the CISO? And are they truly necessary?

Join Diana Kelley and guests as we discuss:
-  How the BISO came to be - was there a gap in the workforce?
-  The role of the BISO
-  How to determine if your organisation needs a BISO
-  What is the correct scope and organizational model for BISO teams?
-  What makes for a stellar BISO?
-  And much more!

Introducing the BISO: Who Are They, and Do You Need One?

Presented by

About this talk

More from this channel