Security Insights

• Calm under fire: the importance of cyber resilience

  Cybersecurity is changing its focus. Increasingly, it is less about defence and more about resilience. Organisations have to be able to withstand and recover from an attack. It's no longer about preventing breaches: the sheer volume of cyberattacks means that is no longer possible. Instead, security teams and boards should assume an attack will happen, prepare keep the organisation operating during an incident, and aim to recover as quickly as possible. Our guest is James Blake, VP of global cyber resilency strategy and consulting services at Cohesity. He argues that this means integrating  business continuity and disaster recovery with cybersecurity. And organisations should rehearse for cyber incidents, training staff to operate under what can be extreme pressure. A good playbook, Blake suggests, is not enough. Interview by Stephen Pritchard.

  --------  

  29:55

  --------

  29:55
• Insights Interview: Chris Dimitriadis, ISACA

  This year has not been easy for cybersecurity teams. Businesses continue to face cybercrime and state-sponsored attacks, especially ransomware. AI is proving to be a double-edged sword, helping both defenders and malicious actors. And there are the ongoing issues of skills, recruitment and retention. How, then, do cybersecurity professionals navigate their way through all these challanges? And what should they prioritise for 2026? For this episode, we're pleased to welcome back Chris Dimitriadis, chief global strategy officer at ISACA. Interview by Stephen Pritchard

  --------  

  29:55

  --------

  29:55
• Ukraine, cyberwar and CNI

  Critical infrastructure is on the front line of the war in Ukraine. And as the conflict approaches its fourth year, there is little sign of that changing. Strikes against infrastructure, though, are only part of the picture. Since Russia’s full-scale invasion, and even before, Ukraine’s defenders have waged an equally intense, but less visible, cyber war. What lessons can we draw from Ukraine’s experience? And how can states and businesses protect their critical national infrastructure during war and conflict? And how do the public and private sector deal with the prospect of both kinetic and cyber threats? We discuss this with Mihoko Matsubara, author, associate fellow at the International Institute of Strategic Studies and chief cybersecurity strategist at NTT Corporation.

  --------  

  29:55

  --------

  29:55
• Bug bounties: risks and rewards

  A growing number of organisations now offer "bug bounties", paying hackers or security researchers rewards for finding vulnerabilities. But how do these programmes operate, and how do CISOs ensure that they are run ethically? What are the risks of inviting researchers to hack your organisation? How do bug bounties stack up against other methods of security testing? And what are the benefits to security researchers themselves, as the programmes cannot work without hackers? We cover the pros and cons of bug bounties with Ottilia Westerlund, hacker engagement manager at bug bounty platform Intigriti, and herself a former software engineer and published security researcher.

  --------  

  29:55

  --------

  29:55
• DDoS, geopolitics and AI

  DDoS – or distributed denial of service attacks – remain a serious source of disruption across the internet. DDoS attacks continue to grow in their frequency and volume. And increasingly, they’re aligned to geopolitical events. A driver is sites offering “DDoS for hire”. The groups behind these sites even offer DDoS as a service attacks for free. But cybercrime groups are making use of AI too. This is leading to what researchers at NETSCOUT describe as a “digital battlefield", with DDoS attacks overwhelming underprepared defenders. Our guest is Richard Hummel, director of threat intelligence at NETSCOUT.  

  --------  

  29:55

  --------

  29:55

More Technology podcasts

Trending Technology podcasts

About Security Insights