Page de couverture de ISF Podcast

ISF Podcast

ISF Podcast

Auteur(s): Information Security Forum Podcast
Écouter gratuitement

À propos de cet audio

 The ISF Podcast brings you cutting-edge conversation, tailored to CISOs, CTOs, CROs, and other global security pros. In every episode of the ISF Podcast, Chief Executive, Steve Durbin speaks with rule-breakers, collaborators, culture builders, and business creatives who manage their enterprise with vision, transparency, authenticity, and integrity. From the Information Security Forum, the leading authority on cyber, information security, and risk management.263000 Développement commercial et entrepreneuriat Entrepreneurship Gestion et leadership Économie
Épisodes
  • S36 Ep14: Steve Durbin - Emerging Threats 2026

    S36 Ep14: Steve Durbin - Emerging Threats 2026
    Dec 16 2025
    Today, Steve looks toward the horizon, at the threats and challenges that enterprises and business leaders will face in 2026 and beyond. He also gives advice on how everyone, from the board to the practitioner, can meet these challenges, and answers some of the questions he’s received this year.

    Key Takeaways:
    1. Steve’s four key drivers of cyber risk heading into 2026 are AI, supply chain, quantum, and geopolitical instability.
    2. Crucial to cyber resilience are strong governance and a security-conscious culture.
    3. Adaptive governance and adaptive security are keys to managing the challenges of 2026 and beyond.
    Tune in to hear more about:
    1. Steve’s four key drivers of cyber risk heading into 2026 (2:23)
    2. Questions to ask, whether you’re a board member, an executive, or practitioner (16:14)
    3. The changing role of the board (18:54)
    Standout Quotes:
    1. “ Resilience really needs an organizational wide holistic approach that takes technology, it takes governance, it takes operational readiness, and really importantly, it takes people into account.” - Steve Durbin
    2. “I think boards need to really take it upon themselves to absolutely recognize that cyber risk is a national risk. It is a business ending risk, and they need to ensure that they don't just have incident response and resilience in place, but that they also have a tried and tested plan, so this is good old fashioned BCP — business continuity planning — with a cyber flavor.” - Steve Durbin
    3. “Cyber risk reporting has to be business outcome oriented. Boards, business executives understand revenue, operations, customer impact, legal exposure. That's the way we have to be reporting cyber risk. It's not about how many attacks we repelled, it's not about how good our systems might be. You need to translate it into business language. If you can do that, not only will you get buy-in, but you'll also have a much richer conversation about the role that cyber and therefore cybersecurity and cyber resilience play in the business.” - Steve Durbin
    Read the transcript of this episode
    Subscribe to the ISF Podcast wherever you listen to podcasts
    Connect with us on LinkedIn and Twitter

    From the Information Security Forum, the leading authority on cyber, information security, and risk management.
    Voir plus Voir moins
    28 min
  • S36 Ep13: Steve Durbin - Preparing for AI-Generated Cyber Intrusions

    S36 Ep13: Steve Durbin - Preparing for AI-Generated Cyber Intrusions
    Dec 2 2025
    In the second part of his interview with journalist Nick Witchell, Steve and Nick delve into the world of AI and cyber. Steve shares his thoughts on autonomous cyber defense and argues that major actors like the ISF, large private enterprises, and the UK’s National Cyber Security Centre, must lead the way and support small and medium-sized businesses in keeping pace with technological advancements. The two also discuss the future of AI, cautioning that we aren’t as prepared as we need to be…

    Key Takeaways:
    1. Small and medium-sized businesses must receive support to stay up-to-date with new technologies.
    2. As more automation is introduced into business operations, understanding of one’s crown jewels and how to protect them is increasingly important.
    3. AI is advancing rapidly with evermore funding, and globally society is not preparing as well as it needs to for what’s to come.
    Tune in to hear more about:
    1. Steve’s view on autonomous cyber defense (00:55)
    2. The National Cyber Security Centre and its role in the cyber resilience of UK businesses (3:36)
    3. How AI will impact jobs in cyber (7:55)
    Standout Quotes:
    1. “You'll never get me going into an autonomous car. I just won't do it. And people will say, ‘Yes, they're being looked after by some bloke in a tower somewhere who's watching it.” I'm not buying it. I've been working in technology for far too long to know that it is fallible. And so I think we have to really move toward much more transparency in our understanding of where the AI tool is active, the data that it's using, the decisions it's making.” - Steve Durbin
    2. “We are looking for large private enterprise to be working collaboratively with people like the NCSC, with people like the ISF, to really help some of these smaller organizations that don't have the luxury or resources available to them to keep a pace with [technology].” - Steve Durbin
    3. “If you go back to the internet, we didn't do a good enough job of trying to forecast the way in which the internet was going to be used. We put it out there and we said, ‘Let everybody use it and let's see where it goes.” We are doing, I fear, a similar kind of thing with AI.” - Steve Durbin
    Read the transcript of this episode
    Subscribe to the ISF Podcast wherever you listen to podcasts
    Connect with us on LinkedIn and Twitter

    From the Information Security Forum, the leading authority on cyber, information security, and risk management.
    Voir plus Voir moins
    14 min
  • S36 Ep12: Steve Durbin - Cyber Governance in Transition: What Boards Should Do Next

    S36 Ep12: Steve Durbin - Cyber Governance in Transition: What Boards Should Do Next
    Nov 25 2025
    In today's episode, Steve sits down with journalist Nick Witchell for a conversation focused on what business leaders can learn from this year's major cyber attacks and the recent AWS outage. The two also discuss cyber regulations and the challenge of operating global enterprise during significant geopolitical turmoil.

    Key Takeaways:
    1. Boards and senior executives understand there is a threat, but many still lack knowledge of how to deal with it.
    2. We are too reliant on technology; for the sake of business continuity, a backup plan must be in place.
    3. High-quality simulation exercises are a crucial step toward more cyber resilience.
    Tune in to hear more about:
    1. The role of policy and regulation (3:17)
    2. Why cyber simulation exercises are so important (5:45)
    3. Steve’s thoughts on the recent AWS outage (7:54)
    Standout Quotes:
    1. “Now, in the boardroom itself, in companies themselves, we have seen over the past few years an increasing awareness of the threat that these kinds of things can bring to really the future of an organization. But the challenge I think we now face is really helping boards, senior executives to transition from, yes, I get there's a threat, but what should I actually be doing about it?” - Steve Durbin
    2. “I think that in the main, cloud service providers are still probably far better equipped to provide the level of service that most companies need than you'd be able to do yourself. However, we do need to take into account that things will go wrong. And we have to plan for that. So if you are an organization that can quite happily exist without access to data in a cloud provider, it doesn't have to be Amazon, it could be anybody else, then fine. I would question why you're using them in that case. If on the other hand, you are dependent on them, you have to have some backup in place.” - Steve Durbin
    3. “All too often I'm seeing people particularly in the area of, say, cyber simulation exercises, because they're viewing it as a compliance exercise, going for least cost. That to me is a bit like saying I've just moved into an area where I know the burglary rate is quite high. What's the cheapest lock and door that I can get on my front door? It's madness. Not many of us would do it. We would try to work within our budget. We'd try to really figure out how important things were in our house. That's the mentality we have to adopt. So yes, you can get some of these things done very cheaply and you can tick a box, but it's not going to help you when things go wrong.” - Steve Durbin
    Read the transcript of this episode
    Subscribe to the ISF Podcast wherever you listen to podcasts
    Connect with us on LinkedIn and Twitter

    From the Information Security Forum, the leading authority on cyber, information security, and risk management.
    Voir plus Voir moins
    14 min
Pas encore de commentaire