"Phishing for Trouble," is the cybersecurity podcast from ISMS.online that demystifies compliance and information security in your business.
In the final episode of the series, Rebecca Harper and David Holloway are here to recap some top tips for cyber compliance in your business.
But before that, they’re reflecting on ideas from our expert guests and discussing some of the trends, questions, challenges and opportunities for information security professionals in the near future.
Whether it’s looking at changes to cyber law enforcement or policy, how to keep up with the changes in tech as a business and how you can start to get AI compliant and grow your business, explore how you can step ahead and stay ahead with great information security.
To find out more about how ISMS.online can help your business master information security compliance, visit our website for a self-guided tour.
Love this podcast? Share it with your colleagues and help businesses like yours learn more and stay secure online.
#Informationsecuritypodcast
#infosecpod
#cyberattackcasestudies
#UKAIpolicyandinfosec
#growyourbusiness #cybersecuritypodcast #AIandinfosec
Music from #Uppbeat (free for Creators!):
https://uppbeat.io/t/barry-dallas/turn-it-up
License code: DRP9E1ZZYQJDJ1DS
"Phishing for Trouble," is the cybersecurity podcast from ISMS.online that demystifies compliance and information security in your business.
Back in May 2017, a cryptoworm virus made it into some Microsoft computing systems, locking away the data of global organisations and demanding a ransom. In panic some people paid up only to find their data never returned. The knock-on effect to health services, including hospitals, was dramatic.
So what do you do if you’re faced with such a scenario? In this episode, David Holloway and Rebecca Harper talk about the right and wrong things to do in the face of a ransomware or other cyber attack.
Plus they’re joined by the experts to look at how we can all plan better for the worst – so that when a data breach or cyber attack takes place, your business and your people are in the best position to recover quickly.
Leading infosec thinkers Ash Patel of ECI Partners and Chloé Messdaghi, founder of Sustain Cyber and leader in responsible AI and cybersecurity, share their wisdom, as well as some hopeful advice for information security teams in the future.
To find out more about how ISMS.online can help your business master information security compliance, visit our website for a self-guided tour.
Love this podcast? Share it with your colleagues and help businesses like yours learn more and stay secure online.
#Informationsecuritypodcast
#infosecpod
#cyberattackcasestudies #cybersecuritypodcast #disastermitigationpodcast
"Phishing for Trouble," is the cybersecurity podcast from ISMS.online that demystifies compliance and information security in your business.
How can you protect your business from hackers? Whilst no company is safe from IT security attacks, the way your company develops, manages and uses software is key. Staying up to date with the latest advice and patches, raising awareness of hacker tactics and educating your people on how to use platforms safely is all a part of the puzzle.
Rebecca Harper and David Holloway share stories of how even the biggest names can be tripped up by poor software security and how infosec and compliance is everyone’s responsibility.
The brilliant Troy Hunt shares his insights into why infosec is about people, psychology and behaviour as much as it is technology, and why so many of us are still getting caught out by simple tactics. On the bright side, we also look at some of the tools and approaches you can use to minimise your chance of being one of them.
To find out more about how ISMS.online can help your business master information security compliance, visit our website for a self-guided tour.
Love this podcast? Share it with your colleagues and help businesses like yours learn more and stay secure online.
#Informationsecuritypodcast
#infosecpod
#cyberattackcasestudies
#cybersecuritypodcast #Compliancepodcast
"Phishing for Trouble," is the cybersecurity podcast from ISMS.online that demystifies compliance and information security in your business.
If you’re unsure about how intellectual property can be exploited or misused in cyberspace, you could be vulnerable in the eyes of the law. Whether it’s protecting the intellectual property you handle on behalf of your customers and partners, or the security of your own IP, we’re here to help.
In this episode the Privacy Professor Rebecca Herold and distinguished cyber leader Wendy Nather are here to help you understand why IP protection is a vital part of your business security.
They’ll share examples to help you identify how technology and privacy can intersect around IP in your organisation as well as strategies for protecting and auditing this.
And Rebecca Harper and David Holloway unpick some real-life examples of how organisations have been caught out, so you can learn from them.
To find out more about how ISMS.online can help your business master information security compliance, visit our website for a self-guided tour.
Love this podcast? Share it with your colleagues and help businesses like yours learn more and stay secure online.
#Informationsecuritypodcast
#dataprivacy
#intellectualproperty
#ipandtech #cybersecuritypodcast #Compliancepodcast
"Phishing for Trouble," is the cybersecurity podcast from ISMS.online that demystifies compliance and information security in your business.
How was one of the world’s biggest media companies brought to its knees by a cyber hack? This time we hear how hackers gained access to Sony Pictures in 2014 by manipulating the sociology and psychology of staff.
The truth is, a company can invest millions in cybersecurity technology, but social engineering tactics can allow hackers to gain access to an organisation’s IT through the individuals that work there.
Plus, it’s not just big organisations that can be exposed to ransomware and other attacks. Whatever size your business is and whatever sector, you could be vulnerable.
So how can a company overcome the enormous threat social engineering poses to its data and information security? Becca and Dave bring you expert insights and advice into what you should be doing in your business today, supported by ISO 27001 frameworks.
Geoff White is an author and investigative journalist with a special interest in organised crime and technology. He says that tech companies need to think about ALL the ways their products can be used, be that for good or harm.
Javvad Malik returns with advice for anyone faced with phishing and vishing communications, and Dr Jessica Barker discusses how hacking groups can target individuals to have a devastating impact on their lives.
Professor Keith Martin from Royal Holloway University is leading research into information security that could inform the tools and practises of business in the future. But one thing all our guests agree on is the power of people and culture to protect a business. They discuss how to engage staff in information security on a day-to-day basis.
To learn more about how ISMS.online can help your business master information security compliance, visit our website for a self-guided tour.
Love this podcast? Share it with your colleagues and help businesses like yours learn more and stay secure online.
#Informationsecuritypodcast
#whatisphishing
#socialengineering
#whatisvishing
#sonyhack #cybersecuritypodcast #Compliancepodcast
"Phishing for Trouble," is the cybersecurity podcast from ISMS.online that demystifies compliance and information security in your business.
This time we’re delving into best practises for IT leaders looking to prevent data breaches through third party access. Don’t know what that is? David and Becca will be unveiling more high profile slip-ups and mishaps and exploring how you can protect against cyberattacks.
How clued up are you on who has access to sensitive information, networks or other data in your business? What about individuals who have left the business and contractors with temporary access?
It’s so easy to leave the door open to a cyber hack via third-parties, but it’s also easy to make a few changes that minimise the risks to your business and customers. There’s plenty of guidance around the ISO standards in this podcast too.
Steve Wright is the founder of Privacy Culture, an organisation that works with global clients on data protection, privacy and cybersecurity. Steve’s 30 years in the business has given him a broad perspective on how people can adapt to changing technology and IT to stay compliant.
Ash Patel of ECI Partners returns to share how businesses large and small can be prey to attacks and why compliance around third-party access is so important to investors. If your business is going to survive, cybersecurity is a part of every leader’s toolkit.
To learn more about how ISMS.online can help your business master information security compliance, visit our website for a self-guided tour.
Love this podcast? Share it with your colleagues and help businesses like yours learn more and stay secure online.
#Informationsecuritypodcast
#thirdpartyaccess
#thirdpartycompliance #cybersecuritypodcast #Compliancepodcast
"Phishing for Trouble," is the cybersecurity podcast from ISMS.online that demystifies compliance and information security in your business.
Thought cybersecurity was just about tech? Think again, because human beings are the biggest asset you have in keeping your business secure. In this episode Dave and Becca find out how social engineering tactics have caught out even the biggest organisations, and how you can learn from them. As always, some of the smartest minds in infosec are here to share their wisdom:
Dr Jessica Barker MBE, founder of Cygenta, witnessed the MGM cyber hack of 2023 from her home in Las Vegas. She explains how behavioural economics plays a role in cyber attacks.
Javvad Malik is a security awareness advocate for KnowBe4 and is passionate about connecting knowledge between the IT industry and the people using technology every day.
Have you been Pwnd? Troy Hunt is founder of the Data Breach Notification Service “Have I Been Pwnd” which helps you find out if your data has been leaked in cyber attacks. He reflects on the increasing sophistication of social engineering.
But help is at hand! All our guests agree that empowering people with knowledge in this space can help prevent hackers getting the better of you, and Javvad and Jessica take us through their steps to avoid and respond to an attack on your business.
To learn more about how ISMS.online can help your business master information security compliance, visit our website for a self-guided tour.
Love this podcast? Share it with your colleagues and help businesses like yours learn more and stay secure online.
#Informationsecuritypodcast
#cybersecuritypodcast
#Compliancepodcast
"Phishing for Trouble," is the cybersecurity podcast that demystifies compliance and information security in your business.
Data protection doesn’t have the most exciting reputation but it can be pretty dramatic when you miss it off your compliance list! From the legal consequences of data breaches to human error, not having a prevention or response plan in place can land even the biggest companies in hot water.
In this podcast Dave and Becca explore the different between personal and sensitive information and what makes a strong password. Plus they share tips on how you can use compliance frameworks to help secure your organisation against cyberattacks and hacks.
As always they’re joined by expert guests from the world of cybersecurity, compliance and information security:
Gary Hibberd is a security consultant who runs “Consultants Like Us” He shares his tips on how to build a data protection policy that doesn’t cost you a penny.
Steve Wright is the CEO and Founder of Privacy Culture. He has 30 years of cybersecurity experience and he explains just how vital it is for organisations to protect their customer data through robust processes and frameworks.
Ash Patel works for ECI partners and knows just how important it is to continuously evolve your information compliance and security. In fact, he says it’s a crucial part of managing change.
Links Mentioned in this episode:
The General Data Protection Act
"Phishing for Trouble," is the cybersecurity podcast that demystifies compliance and information security in your business.
We know any cyber hack is bad for business. But what about the customers and networks that rely upon the services it provides?
Dave and Becca delve into the Colonial Pipeline attack of 2021. Thousands of miles of US fuel supply came to a halt for days after the company was hit with a ransomware attack. There were massive economic impacts from this cybersecurity incident. Under immense pressure, bosses made the decision to pay up on the $4.4million bitcoin ransom. They later had to explain this decision in court.
So what went wrong in CP’s information security and compliance procedures? If a company that invests millions annually in cybersecurity AND provides such a fundamental national resource got caught out, is there hope for the rest of us? How did hackers get into the network and what can we all learn and action in our own businesses?
Rob Lee from SANS institute reflects upon learnings from his career in protecting national cybersecurity in this podcast. He’s passionate about educating and empowering organisations to take action and protect themselves there.
Rob explains how he move from the Air Force Academy to National Cybersecurity and today still advises the US government on the tech side of cyber intrusions and capabilities.
For more insights into how to stay compliant and secure, visit ISMS.online to explore the ISO 27001 framework and take a tour of our platform.
#cybersecurity #compliance #informationsecurity #podcast #business #dataprotection #cyberattack #casestudy
"Phishing for Trouble," is the cybersecurity podcast that demystifies compliance and information security in your business.
How do laws protect businesses from data breaches, software failures, and IT mishaps—and when do they leave you liable? In this first episode, Dave and Becca tackle the fundamentals of compliance and information security. They explore how businesses like yours can safeguard sensitive data and avoid common pitfalls that lead to negligence.
The episode features a deep dive into the CrowdStrike incident, in which a software update caused a ‘boot loop’ malfunction for a small percentage of customers—but that small percentage included critical industries like airlines and financial services. Dave and Becca unpack the ripple effect of one technical error and what could have been done to prevent such a major IT outage. What can we all learn to help improve information security and compliance in business?
Joining the conversation is technology and compliance lawyer Jonathan Armstrong, who sheds light on the latest changes in data protection laws and how legislation is adapting to today’s evolving tech landscape. His insights help businesses navigate the fine line between legal protection and liability in an increasingly digital world.
For more insights into staying compliant and secure, visit ISMS.online to explore the ISO 27001 framework and tour our platform.
#cybersecurity #compliance #informationsecurity #podcast #business #dataprotection #cyberattack #casestudy
"Phishing for Trouble" is the cybersecurity podcast that demystifies compliance and information security in your business, starting on 19th November 2024.
Technology and software are the backbone of modern business, simplifying daily operations and driving innovation.
But when it comes to cybersecurity and compliance, it’s no longer just an IT problem—it’s everyone’s responsibility. Are you confident your business is protected from threats like data breaches, cyberattacks, or faulty software updates? How secure is your information security?
Rebecca Harper and David Holloway bring together industry-leading experts to break down high-profile cyber and information security incidents, exploring what went wrong and, crucially, how you can avoid the same pitfalls.
From strengthening your information security practices to leveraging robust frameworks for cybersecurity, compliance and risk management, we’ll guide you through every step to help your business stay secure and resilient.
Stay ahead of the curve with insights into ISO 27001, NIS 2, and the latest compliance standards.
To learn more about how ISMS.online can help your business master information security compliance, visit our website for a self-guided tour.
#cybersecurity #compliance #informationsecurity #podcast #business #dataprotection #cyberattack #casestudy
