Cyber Security Sauna brings you expert guests with sizzling insight into the latest information security trends and topics. WithSecure's Janne Kauhanen hosts the show to make sure you know all you need to about the hotter-than-ever infosec game. Join us as we sweat out the hot topics in security.
…
continue reading
1
086| Why showing value is more important for CISOs than ever
38:29
38:29
Mais Tarde
Mais Tarde
Listas
Like
Curtido
38:29
CISOs find themselves at the forefront of safeguarding sensitive information, ensuring regulatory compliance, and protecting their organizations from constantly evolving cyber risks. Today, we are joined by Cybersecurity Strategist and Eclipz.io Inc. CISO Matthew Rosenquist and WithSecure CISO Christine Bejerasco to discuss why making senior leader…
…
continue reading
1
085| NIST Cyber Security Framework V.2 – Help or Hindrance?
44:04
44:04
Mais Tarde
Mais Tarde
Listas
Like
Curtido
44:04
The NIST Cyber Security Framework has helped secure organizations for nearly a decade and while it’s proven to be an invaluable tool, it’s gotten a bit long in the tooth for a cyber security landscape that never stays static. Enter V.2 which goes a long way in identifying the increasing cyber risk in organizations and implementing more governance, …
…
continue reading
A successful cyber defense should protect an organization's critical assets from today's threats, not yesterday's. For this episode, we sat down with threat intelligence analysts Stephen Robinson and Ziggy Davies, two such people responsible for keeping tabs on threats and recent developments, to discuss updates on the threats currently affecting o…
…
continue reading
The term Shifting Left has not been traditionally associated with cyber security. In this episode, WithSecure CISO Christine Bejerasco lays out the case for how shifting left can evolve beyond its origins in software development to be a powerful tool for successful security and business outcomes. Recorded on-site at #SPHERE23.…
…
continue reading
1
082| Hyped and Hacked - AI in Cyber Security
13:38
13:38
Mais Tarde
Mais Tarde
Listas
Like
Curtido
13:38
As Mikko Hyppönen said recently, we are indeed in the midst of the hottest AI summer ever, and the hype level is off the charts. Yes, AI presents amazing opportunities, but unfortunately, also threats. Nowadays, practically anyone with a passing interest in using it has a lot of power at their fingertips - no PhD is necessary. Naturally, we must vi…
…
continue reading
1
081| Mudge - the man, the myth, the mythbusting
12:54
12:54
Mais Tarde
Mais Tarde
Listas
Like
Curtido
12:54
We have the pleasure of being joined by the one and only Peiter "Mudge" Zatko, network security expert, open-source programmer, writer, and hacker, with a rapid-fire discussion on some myths in the cyber security industry that could do with busting, sprinkled with some truths that could do with trusting. This episode was recorded on-site at #SPHERE…
…
continue reading
1
080| The Power Of Putting Security Outcomes First
16:19
16:19
Mais Tarde
Mais Tarde
Listas
Like
Curtido
16:19
As security is primarily about stopping bad things from happening, victories are often silent. At the same time, failures are often very public, so how can organizations tell when their security is paying off? In this episode, we are joined by guest speaker Laura Koetzle, Vice President and Group Director at Forrester and Robin Oldham, CEO of consu…
…
continue reading
1
079|(Mind the) Detection and Response Gap
31:17
31:17
Mais Tarde
Mais Tarde
Listas
Like
Curtido
31:17
The time that an attacker spends on a network before attempting to achieve their objective is decreasing rapidly, making many organizations’ typical detection and response solutions ineffective. Speed is the key, but unfortunately the gap between detection and response is growing. In this episode, we are joined by WithSecure’s Threat Hunter Jojo O'…
…
continue reading
1
078| John Grant on the relationship between sustainability and cyber security
13:29
13:29
Mais Tarde
Mais Tarde
Listas
Like
Curtido
13:29
The development of new sustainable technologies undoubtedly benefits society, but it also opens the door to new cyber security challenges. For this episode, we were on-site at SPHERE23 with author John Grant to discuss the challenges for organizations to be sustainable and secure.
…
continue reading
1
077| Jessica Berlin and Stephen Robinson on the cyber front
16:59
16:59
Mais Tarde
Mais Tarde
Listas
Like
Curtido
16:59
Russia's invasion of Ukraine changed the entire geopolitical landscape. For this episode, we were on-site at SPHERE23 with security and foreign policy analyst Jessica Berlin, and threat intelligence analyst Stephen Robinson, to discuss the use of cyber attacks and disinformation as policy instruments in the wake of the invasion.…
…
continue reading
1
076| What we get wrong (and right) about APTs
40:55
40:55
Mais Tarde
Mais Tarde
Listas
Like
Curtido
40:55
Advanced persistent threats, or APTs, are generally seen as a sort of apex predator in the cyber threat landscape. And while they’re certainly noteworthy, their reputation can distort what makes them unique, and what they may have in common with other adversaries. In this episode, we’re joined by Senior Threat Intelligence Analyst Stephen Robinson,…
…
continue reading
1
075| Winning with outcome-based security
41:26
41:26
Mais Tarde
Mais Tarde
Listas
Like
Curtido
41:26
Security protects organizations from cyber attacks. However, studies show that limiting your understanding of security to this basic premise can hinder protection efforts or even other business goals. Instead of spending more and more on security to simply keep things running, maybe it’s time for a different approach. In this episode, we are joined…
…
continue reading
Vulnerabilities and security gaps are increasingly being identified in software and applications daily. Attackers are often quick to act when any vulnerabilities are made known - even within minutes. You may have heard of the term patching in cyber security, but what is it exactly, and how does it figure into an organization's security posture? Wit…
…
continue reading
In our last episode, we were joined by cyber security advisor Paul Brucciani and WithSecure Intelligence Researcher Andy Patel to discuss some notable 2022 infosec developments. Now that 2022 is in the rear-view mirror, all eyes are turning to the year ahead. What should we expect? Is there some disaster on the horizon for which we need to prepare?…
…
continue reading
As the year draws to a close, it’s time for us to review and reflect on notable infosec events and trends from 2022, and also what might happen in 2023. In this episode we’re joined by cyber security advisor Paul Brucciani and WithSecure Intelligence Researcher Andy Patel to hear their thoughts on the impact of Russia’s invasion of Ukraine on cyber…
…
continue reading
1
071| Deepfakin it: AI content in cyber attacks
22:41
22:41
Mais Tarde
Mais Tarde
Listas
Like
Curtido
22:41
Until recently, AI-generated synthetic content has been more commonly used for gaming and art creation, where the tech is still relatively new, and pixel perfection is unnecessary. However, with the tech rapidly advancing in complexity and speed, it's probably only a matter of time before it's genuinely challenging to determine if something is fake…
…
continue reading
1
Cyber Security Sauna: Breaking Views – The Vastaamo case
31:55
31:55
Mais Tarde
Mais Tarde
Listas
Like
Curtido
31:55
In this Cyber Security Sauna special edition podcast, we cover new developments in the data breach of Finnish Psychotherapy provider Vastaamo in 2020. This case has recently hit the news again, with the Finnish authorities arresting a suspect in absentia. The suspect in the breach and subsequent leaking of patient data is a 25-year-old Finnish citi…
…
continue reading
1
070| Crowdsourcing Security with Bug Bounties
42:53
42:53
Mais Tarde
Mais Tarde
Listas
Like
Curtido
42:53
Bug bounties (also known as vulnerability reward programs) crowdsource security expertise to address vulnerabilities in products or services before attackers exploit them. Many companies have adopted reward programs and sometimes offer hefty rewards for finding vulnerabilities. It's a great way for white hat hackers to make some money and showcase …
…
continue reading
1
069| Cyber conflicts, Corporations and Collateral damage
31:59
31:59
Mais Tarde
Mais Tarde
Listas
Like
Curtido
31:59
Geo-political conflicts are increasingly being played out in cyberspace, and organizations, whether they are aware or not, are often caught in the crossfire. Janne Taalas and Johannes Laaksonen from CMI - Martti Ahtisaari Peace Foundation and WithSecure™ Chief Technology Officer Christine Bejerasco joined us to discuss how we can resolve these conf…
…
continue reading
1
SPHERE SESSION | Johanna Småros on winning the algorithmic retail
9:32
9:32
Mais Tarde
Mais Tarde
Listas
Like
Curtido
9:32
Co-founder & CMO at RELEX Solutions, Johanna Småros, joined us in our cyber sauna recording booth at SPHERE22, the world's first co-security unconference, for a discussion on supply chain management, both in retail and in a broader aspect.
…
continue reading
1
SPHERE SESSION | Matthew Rosenquist on why value is the cybersecurity blindspot
13:01
13:01
Mais Tarde
Mais Tarde
Listas
Like
Curtido
13:01
CISO and cybersecurity Strategist, Matthew Rosenquist, joined us in our cyber sauna recording booth at SPHERE22, the world's first co-security unconference, for a discussion on why we should aim to maximise value in cybersecurity.
…
continue reading
1
068|The other TTPs: Tools, technologies, and people
25:40
25:40
Mais Tarde
Mais Tarde
Listas
Like
Curtido
25:40
In this episode, we’re joined by Frank Fransen, Senior Scientist in Cyber Security at TNO, and Technical Coordinator of the EU’s SOCCRATES project, which is developing a new cybersecurity-oriented decision-making platform, and John Rogers, Global Head of Incident Response for WithSecure™, to discuss the role automation can and should play in cyber …
…
continue reading
1
SPHERE SESSION | Sari Stenfors on AI, humanness and positive futures
9:25
9:25
Mais Tarde
Mais Tarde
Listas
Like
Curtido
9:25
Serial entrepreneur, scientist and futurist, Sari Stenfors, joined us in our cyber sauna recording booth at SPHERE22, the world's first co-security unconference, for a discussion on the importance of looking to the future with a positive mindset.
…
continue reading
1
SPHERE SESSION | Risto Siilasmaa on trust as the building block for businesses
9:18
9:18
Mais Tarde
Mais Tarde
Listas
Like
Curtido
9:18
Chairman and Founder of F-Secure & WithSecure, Risto Siilasmaa, joined us in our cyber sauna recording booth at SPHERE22, the world's first co-security unconference, for a discussion on why trust is the foundation upon which successful and meaningful business partnerships are formed.
…
continue reading
1
SPHERE SESSION | Christine Bejerasco on the development of ransomware
8:56
8:56
Mais Tarde
Mais Tarde
Listas
Like
Curtido
8:56
WithSecure CTO, Christine Bejerasco, joined us in our cyber sauna recording booth at SPHERE22, the world's first co-security unconference, for a discussion on how she has seen the development of ransomware families throughout her career.
…
continue reading
1
067| How Mikko Hypponen learned to stop worrying and love the internet
32:17
32:17
Mais Tarde
Mais Tarde
Listas
Like
Curtido
32:17
Mikko Hyppönen is one of the world's most renowned cyber security experts and has investigated cybercrime for over 25 years. From the days of naughty, nuisance, but ultimately harmless viruses to the very serious cyber threats society faces today, he's seen it all. In addition to his many accomplishments, he is also an author, and he dropped in to …
…
continue reading
1
SPHERE SESSION | Simone Giertz on building useless things
11:55
11:55
Mais Tarde
Mais Tarde
Listas
Like
Curtido
11:55
Swedish inventor and world-famous YouTuber, Simone Giertz joined us in our cyber sauna recording booth at SPHERE22, the world's first co-security unconference, for a discussion about building useless things, and if they are actually useless...
…
continue reading
1
SPHERE SESSION | Carole Cadwalladr on threats to democracy
10:32
10:32
Mais Tarde
Mais Tarde
Listas
Like
Curtido
10:32
TED speaker and Pulitzer-nominated journalist Carole Cadwalladr joined us in our cyber sauna recording booth at SPHERE22, the world's first co-security unconference, for a discussion about threats to democracy.
…
continue reading
1
SPHERE SESSION | Philip Ingram on nation-state threats
13:39
13:39
Mais Tarde
Mais Tarde
Listas
Like
Curtido
13:39
Spymaster-turned-journalist Philip Ingram joined us in our cyber sauna recording booth at SPHERE22, the world's first co-security unconference, for a quick chat about nation-state threats.
…
continue reading
1
066| Co-security: collaboration, cooperation and cyber security
32:48
32:48
Mais Tarde
Mais Tarde
Listas
Like
Curtido
32:48
There’s many different ways to collaborate on infosec problems. There’s no shortage of associations, conferences, and other frameworks that organizations can use to find others to work with. And there’s a healthy supply of security companies to choose from. But do any of these offer concrete benefits to organizations? Will organizations somehow ach…
…
continue reading
1
065| Security for non-profit organizations
36:40
36:40
Mais Tarde
Mais Tarde
Listas
Like
Curtido
36:40
Non-profit organizations play a crucial role in our well-being. In many parts of the world, they’re a major source of education, health care, social services, and more. And while they’re not in it for the money, they remain a target for cyber attacks, just like other organizations. Why is this case? What can and should be done about this? In this e…
…
continue reading
With 2021 now behind us, it’s time to revisit the highs and lows of the past 12 months, and look ahead to what we can expect in the months ahead. To mark the year’s end, we recorded a special two-part episode of Cyber Security Sauna. F-Secure’s Chief Research Officer Mikko Hypponen, Security Consultant Adriana Verhagen, and AI researcher Andy Patel…
…
continue reading
2021 is drawing to a close, and it’s time to look back on the events of the past year. At the same time we look ahead to the brand new year to come. Welcome to part one of a special two-part episode of Cyber Security Sauna. In this episode we’re joined by F-Secure’s Chief Research Officer Mikko Hypponen, Security Consultant Adriana Verhagen, and AI…
…
continue reading
1
062| Log4j Zero Day: What It Means for Your Org
17:46
17:46
Mais Tarde
Mais Tarde
Listas
Like
Curtido
17:46
The remotely exploitable Log4j zero day vulnerability disclosed just a few days ago has been called one of the most serious vulnerabilities to date. So what is it all about, and what does it mean for organizations? How is it being exploited? What are the risks, and what can you do if you're waiting for a patch? F-Secure CISO Erka Koivunen joins Jan…
…
continue reading
1
061| AppSec, According to Two Guys Named Antti
42:57
42:57
Mais Tarde
Mais Tarde
Listas
Like
Curtido
42:57
The topic of application security has never been more important. So how are companies approaching appsec? What should companies do to ensure appsec gets the attention it needs? Antti Tuomi, who works in Japan, and Antti Vaha-Sipila (known as AVS), from Finland, join the show to share their thoughts on changes in application security, shifting left,…
…
continue reading
1
060| Biometrics: Privacy, Problems and Possibilities
37:52
37:52
Mais Tarde
Mais Tarde
Listas
Like
Curtido
37:52
Biometrics have gotten a lot of attention in recent years. Biometric authentication systems have the potential to take the place of passwords, streamlining the user login experience. But there are a lot of considerations before taking these systems into use. When should they be used, and how? What are the risks, and when should biometrics be approa…
…
continue reading
1
059| Keeping Your Latest Tech from Becoming the Latest Threat
35:48
35:48
Mais Tarde
Mais Tarde
Listas
Like
Curtido
35:48
Cyber crime is a constantly evolving game. As soon as new technology is introduced, attackers start figuring out how to exploit it for malicious purposes. No one understands this better than F-Secure Chief Technology Officer Christine Bejerasco. Christine joins Janne to discuss the changing world of cyber crime, and how companies can avoid having t…
…
continue reading
Data breaches and other security incidents have become a frequent, severe problem for organizations. But with incident responders in short supply, there are fewer professionals available to help organizations in their hour of need. We're joined this episode by F-Secure incident response consultant Eliza Bolton, who successfully transitioned to cybe…
…
continue reading
1
057| Dark Web: The Good, the Bad, and the Ugly
31:30
31:30
Mais Tarde
Mais Tarde
Listas
Like
Curtido
31:30
After data breaches and ransomware attacks, we often hear that customer information was leaked to the dark web. This obviously can have serious implications for both companies and individuals, but for many of us, the dark web is as mysterious as it sounds. So what is the dark web all about, and what's happening there? How does it affect companies a…
…
continue reading
1
056| To Ban or Not to Ban? Ransomware Payment Regulation
35:50
35:50
Mais Tarde
Mais Tarde
Listas
Like
Curtido
35:50
Ransomware payment amounts have skyrocketed over the past year. As threat actors keep getting richer, they have more resources to fuel their operations. Many people argue that the way to discourage ransomware is to implement an outright ban on ransom payments. Is this suggestion idealistic or realistic? How would such a ban affect companies, and wh…
…
continue reading
AI and machine learning are shaping our online experience, from product recommendations, to customer support chatbots, to virtual assistants like Siri and Alexa. These are powerful tools for enabling business - but powerful doesn't mean perfect. F-Secure data scientist Samuel Marchal and security consultant Jason Johnson join Janne for this episode…
…
continue reading
1
054| Ransomware Incident Response and the Role of Readiness
37:11
37:11
Mais Tarde
Mais Tarde
Listas
Like
Curtido
37:11
The fallout from a ransomware attack is every organization's worst nightmare. But it doesn't necessarily have to be, if you can respond to an attack effectively. As our guests explain, there are things companies can be doing in advance to ensure a proactive response to ransomware when it happens, and to reduce the impact to the company. Incident re…
…
continue reading
1
053| How to Secure Networks and Influence People
33:37
33:37
Mais Tarde
Mais Tarde
Listas
Like
Curtido
33:37
The role of a chief information security officer demands technical knowledge, but it also requires soft skills of leading and influencing - especially over the past year as cybersecurity has grown in visibility for companies. So how can CISOs get their security message across to boards, the business, employees and the security team? Joining Janne a…
…
continue reading
Cloud computing was one of the last decade's most transformative technologies. It helped organizations launch exciting new applications and services, as well as innovate the way they operate. However, moving critical parts of IT infrastructure and operations outside of organizations' perimeters has significant security implications. The cloud is de…
…
continue reading
1
051| Looking at Phishing Through the Intrusion Kill Chain
35:50
35:50
Mais Tarde
Mais Tarde
Listas
Like
Curtido
35:50
Phishing is the number one vector leading to data breaches. It's an easy, effective way for attackers to trick users into giving up credentials or running malicious code. While organizations cannot stop motivated attackers from trying to phish their employees, they can make it harder to succeed. F-Secure's director of consulting, Riaan Naudé, calls…
…
continue reading
1
050| Getting the Most out of Infosec Conferences
34:30
34:30
Mais Tarde
Mais Tarde
Listas
Like
Curtido
34:30
Infosec conferences give cybersecurity professionals a chance to network, hear the latest research, exchange ideas, and demo hacks and new tools. But with so many conferences, how do you decide which ones to attend? How can you get the most out of your experience? Are they worth your time and money? What's it like to be a presenter, or even an orga…
…
continue reading
1
049| Ransomware 2.0, with Mikko Hypponen
32:23
32:23
Mais Tarde
Mais Tarde
Listas
Like
Curtido
32:23
We thought locking up data and demanding a ransom to decrypt it was bad. But ransomware criminals have stooped even lower and now, threats of public data exposure on top of multimillion-dollar ransoms are routine tactics. What's next? Where's ransomware going in 2021? Joining us to give his take is F-Secure's chief research officer and CISO MAG's C…
…
continue reading
2020 has been a year no one predicted. COVID-19 made remote work the norm and shook up the attack landscape. Through it all, breaches and ransomware attacks continued to plague organizations. In this episode we're looking back at some of the trends that defined the cyber world in 2020 with F-Secure's Tom Van de Wiele and Nick Jones. Also in this ep…
…
continue reading
With the holiday season upon us, the already accelerated pace of online shopping is picking up even more. And more online transactions means more reasons to be careful about protecting your data from fraud like identity theft and account takeover. ID theft claims millions of victims per year, but how does it happen and how can you avoid being a vic…
…
continue reading
1
046| 10 Burning Mobile Security Questions, Answered
34:35
34:35
Mais Tarde
Mais Tarde
Listas
Like
Curtido
34:35
Is iOS really more secure than Android, and why? What are the pros and cons of biometric authentication? How can you know which apps are safe to use, anyway? In this episode we dive into a range of mobile security issues. Who better to answer our questions than a couple of mobile experts? F-Secure's Ken Gannon and Ben Knutson join the show to discu…
…
continue reading