29 FEB 2024 · The Payment Card Industry Data Security Standard 4.0 (PCI DSS 4.0) is barreling down on us. Michal Tutko, a Qualified Security Assessor (QSA) talked with us about new requirements of PCI DSS 4.0. Anyone who touches payment card data is required to be certified. The QSA is the one who attests to a company’s compliance. What the QSA says goes.Changes to the standard not only matter to companies handing cardholder data, but one change in particular opens a door to companies selling cutting edge technologies. This has never been permitted before. There are also implications for pen testers who may need to test against newer technologies. Due to the amount of important information concerning the subject, this is a 2 part podcast.

14 FEB 2023 · With the increasing number of cyber threats and data breaches, organizations are strengthening the security stack to protect sensitive information and assets. We welcome Mike Spanbauer, CTO of Juniper Networks, to share insights into the different components of a viable security stack and how they work together to provide comprehensive security. Additionally, we dive into the latest trends in security solutions, cloud technology implementation, and how to optimize a security stack that is aligned with your organization's specific needs. Take a deep dive with us into the world of solution-focused approach for enterprises and security professionals looking to bring out the best in their people and security technology.

13 JAN 2023 · The world has shifted to remote work. Video conferencing platforms like Zoom have become essential tools for staying connected with colleagues and friends. However, as Zoom's usage has exploded, so too have concerns about the security of the platform. In this discussion, Jonathan Poon, Head of Threat and Vulnerability Management at Zoom, shares insights into some measures Zoom takes to keep users' data secure. In addition to new technologies, and increased global presence, we discuss the importance of a well-supported and motivated security team.

12 OCT 2022 · Easily deployable yet vastly underutilized, Content Disarm and Reconstruction (CDR) technology moves beyond standard malware solutions. Assuming all incoming files are malicious, CDR scans to remove violating data while rebuilding healthy files minus any known and unknown security risks. This month Reining in the Cloud welcomes George Prichichi, Director of Product Management at OPSWAT, and renowned expert in scalable security solutions to discuss this budding technology. Highlighting OPSWAT's Deep CDR product, we discuss disarming malicious files layer by layer, reconstructing without risk, and how zero-trust applies in CDR execution. Listen in on Reining in the Cloud as we explore how CDR addresses the ubiquitous malware detection and security gap.

20 MAY 2022 · This month on Reigning in the Cloud, we look at the exciting events unfolding for SecureIQLab and the cyber security landscape. Joined by a very special guest, David Ellis, VP of Sales and Corporate relations of SecureIQLab, we highlight the benefits of testing security products and what's in store for SecureIQLab’s 2022 CyberRisk Validation projects. David’s deep bench knowledge in cyber security and product testing offers insight into the next phase of testing for SecureIQLab. David has an analytical background and previous experience at security vendors and test labs. He currently serves as an Anti-Malware Testing Standards Organization (AMTSO) board member, providing knowledge to progress the testing field. David knows his security. Objectively a cyber security specialist and avid martial arts enthusiast, David knows all about bridging and guarding against risk before engaging in the final takedown of real threats. Join us as we as we highlight SecureIQLab innovations in security product validation and next steps for vendors and enterprises ready to bridge the cloud security gap.

5 APR 2022 · Vincent Weafer on Cyber Insurance during times of crisis. On this week's episode of Reining in the Cloud, we welcome insurance expert Vincent Weafer, Chief Technology Officer of Corvus Insurance. Join the discussion on premiums, coverage expectations, and optimal plans to add to your security investment plan. Vincent joins us as global cybersecurity risk is at an all-time high. With more than two and a half decades of cybersecurity experience, which includes the management, development, and implementation of cyber security solutions, Vincent knows a thing or two about covering for unknown crises and management of cyber risk. Learn more about Corvus Insurance by visiting www.corvusinsurance.com or visit your local broker for more information on cyber and additional insurances to cover your business needs. Dive into the conversation and share your thoughts with Reining in the Cloud on Spreaker, Spotify, and Google Podcasts! Find more information on SecureIQLab at https://secureiqlab.com

8 MAR 2022 · On this week’s episode of Reining in the Cloud, we’re tackling an underrepresented approach to managing cyber risk. Joining us is Chief Recruitment and Marketing Officer of Cyber Threat Alliance, Jeannette Jarvis, to discuss the implications of information sharing to strengthen the digital ecosystem. Holding Director positions with prominent organizations such as Fortinet, McAfee, and Intel, Jeannette is no stranger to managing risk at the highest level. As a leader within CTA, which celebrates five years of cyber threat collaboration, Jeannette advocates community-driven intelligence sharing for the greater good. Learn more about CTA at www.cyberthreatalliance.org for educational resources, extensive cyber reports, and membership information. Dive into the conversation and share your thoughts with Reining in the Cloud on Spreaker, Spotify, and Google Podcasts! Find more information on SecureIQLab at https://secureiqlab.com

13 NOV 2021 · As more and more women enter STEM fields, the influx of diversity in experience and thought is expanding innovation in tech. With an estimated less than 30% of all tech positions held by women, we still have a way to go before we can claim victory over the gender gap. In this week’s episode, we are joined by two amazing women hailing from OPSWAT, a global leader in Critical Infrastructure Protection solutions, to share their stories of triumph and success entering and maintaining thriving careers in technology. We welcome Laura Ellis, VP of Products, Secure Access. With over 30 years of accomplishments in technology, Laura shares her methods to success when fewer opportunities existed for women, and Kira Parisi, Quality Assurance Engineer, with three years in the tech industry, her upbringing in a technology-driven world opened a clear path into engineering. Both women discuss their shared challenges while highlighting the importance of young women accessing alternative educational routes and exploring the growing networks for women and girls entering tech. Resources Mentioned: Girls Who Code - girlswhocode.com OPSWAT Academy - opswatacademy.com Women of Security (WoSEC) - womenofsecurity.com Women in Technology (WIT) – womeintechnology.org Women in Technology International (WITI) - witi.com Additional Resources: Ambitious Ladies in Tech (ALT) - ambitiousladiesin.tech Citrix User Group Community Women in Tech program - mycugc.org/community/women-in-tech Women Entering & Staying in Tech (West Mentorship Program) – joinwest.org Women in Technology - Empowering Girls & Women in STEAM – mywit.org Follow @SecureIQLab on Twitter, Facebook, and LinkedIn.

21 SEP 2021 · In our inaugural episode, we discuss liabilities organizations take on when leveraging third-party vendor services and the increased demand for due diligence as a standard practice. As CISO’s across the industry seek to meet growth demands by entering into agreements with third-party vendors, the need for oversight increases; with additional cooks in the security kitchen, risk assessment becomes the question and the answer. Vice President and CISO, Tom Garrubba, of Shared Assessments joins Randy and Amber for a lively discussion on the necessity of due diligence when calculating third-party risk. Tom boasts extensive expertise as, including but not limited to, an IT professional, blogger, lecturer, head instructor for the Certified Third Party Risk Professional (CTPRP) certification program and standing membership on Forbes Technology Council. With over 20 years of experience in IT security and compliance across various industries, Tom is sure to keep you enthralled with his passion and enthusiasm for third-party risk-assessment.