The power of Data is undeniable. And unharnessed - it’s nothing but chaos. Making data your ally. Using it to lead with confidence and clarity. Host Jess Carter is solving problems in real-time to reveal what’s possible. Helping communities and people thrive. This is Data Driven Leadership, a show brought to you by Resultant.
…
continue reading
Player FM - Internet Radio Done Right
Checked 5M ago
Ditambah two tahun yang lalu
Kandungan disediakan oleh Compromising Positions. Semua kandungan podcast termasuk episod, grafik dan perihalan podcast dimuat naik dan disediakan terus oleh Compromising Positions atau rakan kongsi platform podcast mereka. Jika anda percaya seseorang menggunakan karya berhak cipta anda tanpa kebenaran anda, anda boleh mengikuti proses yang digariskan di sini https://ms.player.fm/legal.
Sama dengan Compromising Positions - A Cyber Security Podcast
BBC Radio 5 live’s award winning gaming podcast, discussing the world of video games and games culture.
…
continue reading
Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
For more than a dozen years, the Stack Overflow Podcast has been exploring what it means to be a software developer and how the art and practice of programming is changing our world. From Rails to React, from Java to Node.js, join the Stack home team for conversations with fascinating guests to help you understand how technology is made and where it’s headed.
…
continue reading
Investor Shayle Kann is asking big questions about how to decarbonize the planet: How cheap can clean energy get? Will artificial intelligence speed up climate solutions? Where is the smart money going into climate technologies? Every week on Catalyst, Shayle explains the world of climate tech with prominent experts, investors, researchers, and executives. Produced by Latitude Media.
…
continue reading
Catalyst, a Launch by NTT DATA podcast, puts humans at the front and center of digital transformation. Each week, we feature thought leaders who share their insights on reinventing digital experiences, enhancing customer journeys, and driving innovation in the enterprise. From platform transformation to the latest advancements in AI, our guests delve into the challenges and triumphs of digital transformation, emphasizing the critical role of human ingenuity and leadership. Learn more about L ...
…
continue reading
The Partnership Economy explores the power of partnerships through candid conversations and stories with industry leaders. Our hosts, David A. Yovanno, CEO and Todd Crawford, Co-founder, of impact.com, unpack the future of partnerships as a lever for scale and an opportunity to put the consumer first.
…
continue reading
Flash Forward is a show about possible (and not so possible) future scenarios. What would the warranty on a sex robot look like? How would diplomacy work if we couldn’t lie? Could there ever be a fecal transplant black market? (Complicated, it wouldn’t, and yes, respectively, in case you’re curious.) Hosted and produced by award winning science journalist Rose Eveleth, each episode combines audio drama and journalism to go deep on potential tomorrows, and uncovers what those futures might re ...
…
continue reading
Talk Python to Me is a weekly podcast hosted by developer and entrepreneur Michael Kennedy. We dive deep into the popular packages and software developers, data scientists, and incredible hobbyists doing amazing things with Python. If you're new to Python, you'll quickly learn the ins and outs of the community by hearing from the leaders. And if you've been Pythoning for years, you'll learn about your favorite packages and the hot new ones coming out of open source.
…
continue reading
Player FM - Aplikasi Podcast
Pergi ke luar talian dengan aplikasi Player FM !
Pergi ke luar talian dengan aplikasi Player FM !
))
Daily Deals
EPISODE 30: SAY GOODBYE TO ‘GIT BLAME’: BUILDING COLLABORATIVE AND SECURE SOFTWARE DEVELOPMENT LIFECYCLES
Manage episode 421076493 series 3517973
Kandungan disediakan oleh Compromising Positions. Semua kandungan podcast termasuk episod, grafik dan perihalan podcast dimuat naik dan disediakan terus oleh Compromising Positions atau rakan kongsi platform podcast mereka. Jika anda percaya seseorang menggunakan karya berhak cipta anda tanpa kebenaran anda, anda boleh mengikuti proses yang digariskan di sini https://ms.player.fm/legal.
This week we are joined by James Charlesworth, a seasoned Director of Engineering at Pendo with 15 years of experience in software engineering. James is also the creator of the Train to Code YouTube channel, where he shares a wealth of excellent training videos on software development.
In this episode, Say Goodbye to ‘Git Blame’: Building Collaborative and Secure Software Development Lifecycles, we dive into some great topics aimed at saying goodbye to the blame game and hello to good app and product sec!
James talks us through his process of building up cross-functional empathy between his engineering function and the security team; why the engineering team might not be the best team to speak to if you’ve got a lot of vulnerable code and a step-by-step guide on how he excels in delivering product security in his organisation.
Key Takeaways:
Empathy-Driven Collaboration: James emphasises the importance of empathy when aligning priorities across inter-departmental teams. Whether it’s engineering or cybersecurity, understanding why people request specific tasks is crucial.
Shared Ownership of the Codebase: Forget the notion of “that engineer’s code.” James advocates for a hyper-collaborative approach where everyone takes responsibility for the codebase. Avoid the blame game (say goodbye to ‘Git Blame!’) and recognise that collective ownership leads to better outcomes.
Coding Literacy for All: Should security professionals learn to code? Absolutely! While not everyone needs to be an expert, having a basic understanding of coding helps bridge communication gaps. It enables security teams to comprehend technical issues and collaborate effectively with developers.
What is Product Security?: Product security isn’t an afterthought; it’s embedded throughout the development process. Prioritising security ensures a robust and reliable end product.
Learning from Errors: James encourages learning from coding errors early in the software development lifecycle.
Cowboy Coders and Robust Processes: James shares his thoughts on “cowboy coders”—those who cut corners.
SHOW NOTES
ABOUT JAMES CHARLESWORTH
James is a Director of Engineering at Pendo, where he also serves as the site lead for the Sheffield office. With 15 years of experience in software engineering, he is committed to Pendo's mission to elevate the world's experience with software. An author and public speaker, James is passionate about diversifying the tech industry and actively works to help individuals from various backgrounds enter the field of software engineering. In addition to his role at Pendo, he also organizes the Sheffield AI Meetup, further fostering a community around artificial intelligence. James is not just a lifelong computer nerd; he's a leader committed to making an impact in technology and community.
LINKS FOR JAMES CHARLESWORTH
James’ website
James’ LinkedIn
56 episod
KongsiManage episode 421076493 series 3517973
Kandungan disediakan oleh Compromising Positions. Semua kandungan podcast termasuk episod, grafik dan perihalan podcast dimuat naik dan disediakan terus oleh Compromising Positions atau rakan kongsi platform podcast mereka. Jika anda percaya seseorang menggunakan karya berhak cipta anda tanpa kebenaran anda, anda boleh mengikuti proses yang digariskan di sini https://ms.player.fm/legal.
This week we are joined by James Charlesworth, a seasoned Director of Engineering at Pendo with 15 years of experience in software engineering. James is also the creator of the Train to Code YouTube channel, where he shares a wealth of excellent training videos on software development.
In this episode, Say Goodbye to ‘Git Blame’: Building Collaborative and Secure Software Development Lifecycles, we dive into some great topics aimed at saying goodbye to the blame game and hello to good app and product sec!
James talks us through his process of building up cross-functional empathy between his engineering function and the security team; why the engineering team might not be the best team to speak to if you’ve got a lot of vulnerable code and a step-by-step guide on how he excels in delivering product security in his organisation.
Key Takeaways:
Empathy-Driven Collaboration: James emphasises the importance of empathy when aligning priorities across inter-departmental teams. Whether it’s engineering or cybersecurity, understanding why people request specific tasks is crucial.
Shared Ownership of the Codebase: Forget the notion of “that engineer’s code.” James advocates for a hyper-collaborative approach where everyone takes responsibility for the codebase. Avoid the blame game (say goodbye to ‘Git Blame!’) and recognise that collective ownership leads to better outcomes.
Coding Literacy for All: Should security professionals learn to code? Absolutely! While not everyone needs to be an expert, having a basic understanding of coding helps bridge communication gaps. It enables security teams to comprehend technical issues and collaborate effectively with developers.
What is Product Security?: Product security isn’t an afterthought; it’s embedded throughout the development process. Prioritising security ensures a robust and reliable end product.
Learning from Errors: James encourages learning from coding errors early in the software development lifecycle.
Cowboy Coders and Robust Processes: James shares his thoughts on “cowboy coders”—those who cut corners.
SHOW NOTES
ABOUT JAMES CHARLESWORTH
James is a Director of Engineering at Pendo, where he also serves as the site lead for the Sheffield office. With 15 years of experience in software engineering, he is committed to Pendo's mission to elevate the world's experience with software. An author and public speaker, James is passionate about diversifying the tech industry and actively works to help individuals from various backgrounds enter the field of software engineering. In addition to his role at Pendo, he also organizes the Sheffield AI Meetup, further fostering a community around artificial intelligence. James is not just a lifelong computer nerd; he's a leader committed to making an impact in technology and community.
LINKS FOR JAMES CHARLESWORTH
James’ website
James’ LinkedIn
56 episod
Tutti gli episodi
×
1 EPISODE 55: Hack the Movies! The Best and WorsT Hacker Movies Part 2! 1:20:05
1:20:05 
Main Kemudian 
Main Kemudian 
Senarai 
Suka 
Disukai1:20:05
Main Kemudian Main Kemudian Senarai Suka DisukaiDid you know the best way to bring down hackers is to punch them in the face? That if you don’t have a seven screen set up you’re a rogue amateur? Or that the best hackers have fins? This Episode we are joined by Simon Painter a senior software engineer with nearly 20 years of experience in the industry and author of the book Functional Programming with C# . In this episode, Hack The Movies! The Best And Worst Hacker Movies Part 2! Our regular programming has been hijacked to bring you a discussion on the best, and worst, hacker movies! In this episode we cover The Beekeeper (2024), Swordfish (2001), Jonny Mnemonic (1995), Paper Man (1971) and The Italian Job (1969). So boot up that modem, turn off the lights and enter the deepest darkest web of hacker forums, and try not overload your memory bank, as we explore this sometimes brilliant and sometimes bonkers sub-genre! Show Notes A Developer Goes to The Movies! Simon’s fantastic history on how technology features in films Paper Man (1971) About SIMON PAINTER With nearly 20 years of software engineering experience across various industries, Simon is a Senior Software Engineer at Talos360. Simon is also a Microsoft Most Valuable Professional (MVP) since 2023, an O'Reilly technical book author, and a public speaker at IT events worldwide. His core competencies include C#, JavaScript, React.js, and Microsoft Azure, as well as ITIL and computer security. LINKS FOR SIMON PaINTER Simon’s Website Simon’s Linkedin Simon’s Book, Functional Programming with C#…
1 EPISODE 54: CFO Secrets: How to Secure Your Cybersecurity Budget 41:14
41:14 Main Kemudian Main Kemudian Senarai Suka Disukai41:14
Main Kemudian Main Kemudian Senarai Suka DisukaiWe all know running a cybersecurity function is expensive and many of us have a hard time successfully negotiating the budgets we need to keep our organisation safe. But what if we let you in on the secrets of successfully securing your cybersecurity budget? This week we are joined by Scott Robertson, CFO of CreateFuture and he gives us the insights on what you should ask for when it comes to your next yearly budget, how to ask for it and crucially (because timing is everything when it comes to money!) when to ask for it! Key Takeaways: What Does a CFO do? A CFO is not just about managing financials but also safeguarding assets and ensuring future stability through effective risk management. Time Your Requests Strategically: Discover the optimal timing to approach your CFO for budget increases and how to align your requests with the organisation's financial planning. Quantify the Cost of Risk: Learn how to effectively communicate the potential financial impact of cyberattacks and the value of preventive measures. Build Strong Relationships: Cultivate relationships with key stakeholders, including the CFO and other executives, to foster trust and support. Prioritise and Justify: Identify critical security needs, prioritise investments, and present a compelling business case to secure the necessary budget.…
1 EPISODE 53: Whose Responsibility Is It To Protect The Data? The Data Team Or The Cybersecurity Team? 43:46
43:46 Main Kemudian Main Kemudian Senarai Suka Disukai43:46
Main Kemudian Main Kemudian Senarai Suka DisukaiThe data landscape is changing faster than ever, and with it, the security threats - so whose responsibility is it to make sure your data is safe? Is it the data team? Or is it the cyber team? We tackle this question and more with Head of Data at AND Digital, Tim Hatton. From leveraging AI to secure data to the importance of real user testing, to how Tim threat models his client’s data capability, you won’t want to skip this ever-important topic! We also talk about ‘ data mesh ’ and if you’re not familiar with that term - it’s a data management framework that decentralises data ownership and responsibility to the teams that use the data. The idea is to make data more accessible and available to business users by directly connecting data owners, data producers, and data consumers. So you can see why we thought that was an important topic to cover because, with this model, comes a lot of trust in others doing the right thing when it comes to data security! So you won’t want to ‘mesh it up’ if people are following this framework in your organisation. Key Takeaways: Test User Journeys with Real People: Assumptions don't cut it—Tim emphasizes the importance of validating user journeys with real-world testing to ensure effective data usage. AI and the Data Deluge: Friend or Foe? We explore the booming trend of AI in data management, but also ask the tough questions: Can AI be used for good in cybersecurity? Can it even help solve cold cases? Holistic Data Security Assessments: Discover Tim's approach to assessing clients' data capabilities and security, involving both data and cybersecurity teams for comprehensive protection. Maturity Matters: Responsibility for Data Protection. Tim reveals a surprising trend - immature organizations might have stricter controls! Discover how your organization's maturity level defines data security ownership. The Future of Self-Sovereign Data: Explore the concept of self-sovereign data and why it might be the future of personal data management and security. Show Notes Book - Wicked Beyond Belief (The one I mistakenly said was Helter Skelter) An Article on Self-Sovereign Data About Tim Hatton Tim Hatton has been working in digital since before it was called digital. Over the course of his career, he has worked on data and digital transformation projects for some of the biggest companies in the world. He joined AND Digital in 2016 and is currently Head of Data. At AND he has worked on data strategy projects for clients in industries including finance, travel, publishing and retail as well as for several government departments. Tim joined AND from Accenture Digital, and prior to this Tim ran his own digital marketing agency for many years, and co-founded a number of dotcom start-ups during the 1990s, none of which made him a millionaire but all of which taught him a great deal. Tim is a regular speaker on digital topics at AND Digital events, for AND’s clients and in the media. LINKS FOR Tim Hatton Tim’s LinkedIn…
1 EPISODE 52: People Don’t Follow Companies, They Follow People: How To Build Your Personal Brand On LinkedIN 49:30
49:30 Main Kemudian Main Kemudian Senarai Suka Disukai49:30
Main Kemudian Main Kemudian Senarai Suka DisukaiLinkedIn is very divisive! Some people love it, and others hate it and everything it stands for. And if you’ve ever hangout on the subreddit, LinkedIn lunatics, then you can see why. Now for all the braggarts and the ‘what working during my wedding taught me about b2b sales’ posts, there is a lot to like about LinkedIn and many opportunities to be had…if you do it right! We can all learn how to be good LinkedIn citizens, So if you’re LinkedIn has two followers, or 20,000, there is plenty to be getting your ears around in this conversation with John Moore -the question is…have you endorsed me yet? Key Takeaways: Why Humour Makes You Human (and Helps You Get Hired): Ditch the cringe! Learn how humour can break the ice and make your cybersecurity expertise more relatable. Building Your Personal Brand Brick by Brick: Discover John's three-pronged approach to building a lasting LinkedIn legacy (think Time, Effort, and Commitment!). Embrace the Journey: Failure is Fertilizer (But Not Fertilizer for Your Profile): Don't shy away from sharing lessons learned. The Power of Storytelling: Learn how to craft compelling narratives that resonate with your audience and build genuine connections. LinkedIn as Your Digital Shopfront: Make sure your profile shines! Show Notes Negotiate Anything Podcast Humour is Serious Business in Cybersecurity Compliance About John Moore John C. Moore brings over two decades of dynamic experience in recruitment and operations management to his role at TekBank. With a keen eye for talent assessment and acquisition, John has mastered the art of full-cycle recruitment, excelling in sourcing, screening, and onboarding top-tier candidates. His expertise extends across diverse areas, including IT recruitment for commercial and government sectors. LINKS FOR John Moore John’s LinkedIn TekBank…
1 EPISODE 51: Cha, Cha, Cha, Changes! How to get excited about organisational change (re-release) 43:38
43:38 Main Kemudian Main Kemudian Senarai Suka Disukai43:38
Main Kemudian Main Kemudian Senarai Suka DisukaiNo new episode this week because we’re are both speaking at the AI for the Rest of Us conference this week. So instead we’ve hit up the vaults for the wonderful Paula Cizek , Chief Research Officer at Nobl. She guides leaders and teams through the change management process, from assessing the organization’s readiness for change to implementing initiatives. In this episode, we explore the fascinating topic of Corporate Change and how its lessons can be applied to cybersecurity. Normal service resumes next week but for now keep secure! Show Notes Asana’s guide to running Project Pre-mortems How to “Start with the Skateboard” - Spotify Explaining Fail save vs Safe to Fail changes - NOBL Barriers to Change - NOBL How long does it take to make organisational change? NOBL Complexity Science Explained - Complexity Explained An introduction to Network theory Blending Complexity Science and Network Theory Disentangling Risk and Uncertainty: When Risk-Taking Measures Are Not About Risk Negotiation Tips - Getting Comfortable being Uncomfortable Psychological Safety - McKinsey About Paula Cizek Paula Cizek is the Chief Research Officer of NOBL , where she guides organizations through large-scale transformation. A thought leader in change management and change resistance, she specializes in translating complex concepts into simple, practical tactics that deliver immediate and meaningful change. Before joining NOBL, she was Innovation Manager at the IPG Media Lab, advising brand and media clients on emerging technology. Prior to that, she was Senior Innovation Consultant at Mandalah, where she led consumer behavior and brand strategy research for brands around the world. She's worked with a diverse roster of clients including Warner Bros., Chanel, Capital One, Bayer Pharmaceuticals, Airbnb, Chipotle, Grupo Bimbo, and more, and she's been published or quoted in publications like BrandingMag and Women's Wear Daily. She graduated from Georgetown University, majoring in Marketing and International Business. LINKS FOR Paula Cizek Paula’s LinkedIn NOBL…
1 EPISODE 50: Tips On How To Be A Top-Class Cybersecurity Student And Get Your First Cybersecurity Job! 42:24
42:24 Main Kemudian Main Kemudian Senarai Suka Disukai42:24
Main Kemudian Main Kemudian Senarai Suka DisukaiDreaming of a career in Cybersecurity? Currently a Student and wondering how to succeed? In this episode, we are joined by Dr. Thalita Vergilio. Thalita is a passionate technologist and cybersecurity expert dedicated to demystifying complex concepts. This episode is for those dreaming of a thrilling career in cybersecurity as Thalita gives her roadmap for success from cybersecurity student to your first job in cyber. She also highlights where cybersecurity professionals can do better now that she’s on the other side, working with developers as a consultant at Create Future. So it’s not just an episode for students! Key Takeaways: From Consultant to Lecturer to Consultant Again!: Thalita shares her unconventional path, including hacking into the university system as part of her job interview! Are Universities REALLY Preparing Students for the Real World of Cyber? Spoiler alert: It's a complex issue, and Dr. Vergilio spills the tea and makes a bee-line for lecturer of the year (in our opinion!) What Qualities Do The Best Cybersecurity Students Have? : Learn about the skills and experiences that make a good cybersecurity student, including passion for the subject, tenacity, and resilience. From Academic to Action: Industry Skills You NEED to Know to Get Your First Job in Cyber: Your education is just the start, so in this competitive market, what are you going to do to stand out? Bridging the Cyber-Engineering Gap: Developers must be aware of the security implications of their code to avoid vulnerabilities, so how do you go about doing that? Show Notes About Dr. Thalita Vergilio Dr. Thalita Vergilio is a passionate technologist and cybersecurity expert dedicated to demystifying complex concepts. Her extensive experience in organisational transformations and streamlining large-scale systems provides a unique perspective on the intersection of engineering and cybersecurity. Having previously worked as a Senior Lecturer, Thalita is keen to share her knowledge and insights, making complex technical concepts accessible to a broad audience. Her doctoral research focused on developing a vendor-agnostic, multi-cloud solution for big data stream processing, showcasing her expertise in innovative and efficient data management strategies. Through this podcast, she aims to explore the fascinating world of cybersecurity, drawing on her PhD research and teaching background to offer valuable perspectives and practical insights. LINKS FOR Dr. Thalita Vergilio LinkedIn…
1 EPISODE 49: Are Our Cybersecurity Controls Inclusive? Going Beyond Hiring When It Comes To Diversity In Cybersecurity 47:40
47:40 Main Kemudian Main Kemudian Senarai Suka Disukai47:40
Main Kemudian Main Kemudian Senarai Suka DisukaiThis episode we are joined by Marcy Charollois. Marcy is a socialtech writer, content strategist , and the founder of Merci Marcy and The Safe Place . Her mission is to enable teams to embody a culture of genuine inclusion beyond superficial measures. This week we explore the complex, important, and under-discussed topic of diversity, equity and inclusion in cybersecurity. As an industry, we do an alright job talking about hiring diversity in cyber, but that is not where the topic should end. With more and more people from a wide range of backgrounds and abilities interacting with our security controls, we need to think about whether the security measures we put in place are accessible . We explore how can make a more accessible cybersecurity user journey , design inclusive password patterns, how to be an ally in this space and make sure that we always act ethically when we think about security. This episode is a must-listen for anyone interested in creating a more equitable and effective cybersecurity landscape . Key Takeaways: Inclusive Security Controls : Marcy explains why diversity and inclusion should be integral to our security controls. It’s not just about who we hire but how we design our systems to be inclusive for all users. Purposeful Technology : Avoid creating technology for technology’s sake. Always consider the end-users and their diverse needs to ensure the technology serves everyone effectively. Inclusive Passwords: Traditional password systems can be exclusionary. Marcy discusses how we can make password fields more accessible and inclusive, particularly for those with disabilities. The Coded Gaze : Our current coding practices often reflect a narrow societal view, excluding many groups. Marcy urges the adoption of accessible design practices to create better security solutions. Allyship and Continuous Improvement : Being an ally involves continuous learning, listening, and taking concrete actions. Marcy provides a recipe for inclusive UX to help check biases and improve user experiences for marginalised communities. Show Notes Marcy’s Talk at WebDevCon - Racism Fuels User Experiences Unmasking AI: My Mission to Protect What is Human in a World of Machines by Joy Buolamwini Alba Villamil’s LinkedIn W3.Org’s Accessibility Standards for Authentication About Marcy Charollois Marcy Charoloois is a social tech writer, content strategist, and the founder of Merci Marcy and The Safe Place. She served as the editor-in-chief of WeLoveDevs for two years, where she made history as the first woman, as well as the first racialised and LGBTQIA+ woman, to be hired. Recognising the lack of representation for people like herself in the tech industry, Marcy took a committed stance to promote diversity. She is dedicated to breaking through the pretence of corporate values and advocating for real cohesion within teams. Her mission is to enable teams to embody a culture of genuine inclusion beyond superficial measures. LINKS FOR Marcy CHarollois LinkedIn Blue Sky…
1 EPISODE 48: It’s So Hard To Commit A Crime These Days! Surveillance, Dishonesty, Fraud And Other Pink-Collar Flags 54:15
54:15 Main Kemudian Main Kemudian Senarai Suka Disukai54:15
Main Kemudian Main Kemudian Senarai Suka DisukaiIn this Episode we are joined by Kelly Paxton . Kelly Paxton has more than 20 years of investigative experience. Kelly is a Certified Fraud Examiner , author, and podcast host-founder of Fraudish . This week’s episode asks why it is so hard to commit a crime these days ! But when people do, what is their motivation behind it! We also look at the nature of surveillance , how it can be used to catch criminals but also the implications of being willing to bring in surveillance devices into your home and life - yes I’m looking at you iPhone! How fraud in the workplace happens, what are the signs to spot for and how to prevent it happening and how sometimes it’s not so pretty in pink, as we explore Kelly’s specialism, Pink Collar Crime ! Key Takeaways: I Always Feel Like Somebody’s Watching Me: From personal devices to public spaces, surveillance is a constant presence in our lives. While it can deter crime, it also presents opportunities for criminals to exploit our vulnerabilities. The Impact of Dishonesty : Delving into the profound repercussions of workplace dishonesty on trust and employee behaviours. Pink-Collar Crime: Often committed by low to medium-level employees, primarily women, pink-collar crime is more prevalent than you might think. These crimes are usually subtle, with fraudsters blending seamlessly into their environments. The Impact of Tone at the Top: A company's culture and leadership play a crucial role in influencing employee behavior. Ethical leadership and a positive work environment can discourage dishonest actions. Show Notes The BeeKeeper Film LinkedIn page for Avi Klein Artist uses CCTV cameras to selfies back to their Instagram page - VICE LinkedIn page for Mish Aal Number Go Up: Inside Crypto’s Wild Rise and Staggering Fall by Zeke Faux Nobody’s Fool: Why We Get Taken In and What We Can do About It by Daniel Simons and Christopher Chabris About Kelly Paxton Kelly Paxton is a Certified Fraud Examiner, Private Investigator, and Professional Speaker. She also is the founder of the Fraudish (formerly Great Women in Fraud) podcast. She published Embezzlement: How to Prevent, Detect and Investigate Pink-Collar Crime in December, 2020. LINKS FOR Kelly Paxton LinkedIn Pink Collar Crime Website Kelly’s Podcast Fraudish…
1 EPISODE 47: Hacking Our Capacity To Think: The Philosophy Of Trust, Cybersecurity And AI 50:20
50:20 Main Kemudian Main Kemudian Senarai Suka Disukai50:20
Main Kemudian Main Kemudian Senarai Suka DisukaiIn this Episode we are joined by Dr. Rebekka Reinhard . Dr Reinhard is a philosopher and the founder and editor-in-chief of Human magazine, which aims to holistically address the impact of AI beyond the technical to include the cultural and the human. In this episode, Hacking Our Capacity to Think - The Philosophy of Trust, Cybersecurity and AI , we explore these topics and more within the lens of philosophy. We discuss the importance of an interdisciplinary dialogue between tech experts and humanities experts. How AI is Impacting democracy and our concept of trust and safety within the context of cybersecurity, and new threats like deepfakes and misinformation . Key Takeaways: The Human Element of AI: AI is not just technology; it's a reflection of human values and biases. Understanding its impact requires an interdisciplinary approach that considers philosophy, ethics, and technology. AI and Democracy : Technology poses a threat to democratic processes. AI's ability to manipulate our thoughts and behaviours poses a significant threat to our autonomy and critical thinking. It's essential to be aware of these dangers and develop strategies to protect ourselves. The Importance of Trust: Trust is a fundamental building block of society, and it's equally crucial in the context of AI. Building trust in AI systems requires transparency, accountability, and ethical considerations. The Dangers of Individualism: In the digital age, individualism can lead to echo chambers and biased information. It's vital to foster a sense of collective responsibility and work together to address global challenges. The Need for Reflection and Accountability: Leaders and creators of AI tools must be held accountable for the potential harms their creations may cause. Show Notes London School of Economics - https://www.lse.ac.uk/study-at-lse/online-learning/courses/ethics-of-ai A list of Dr Reinhard’s Books via Amazon BlueDot AI Safety Alignment course AI Pretends to Pick up a Ball ChatGPT is Bullshit Deepfake Documentary, Another Body About Dr Rebekka Reinhard Dr. Rebekka Reinhard is the founder and editor-in-chief of „human“. T he magazine, both in print and digital formats (German and English editions // quarterly), it is the first of its kind to holistically address the impact of AI on the economy, politics, society, and culture, while keeping a strong focus on the human aspect. LINKS FOR Dr Rebekka Reinhard LinkedIn LinkedIn for Human Magazine Instagram Instagram for Human Magazine Where to buy the Magazine Keywords: cybersecurity, ai ethics, trust, philosophy, deepfakes, ethics, democracy…
1 EPISODE 46: Sometimes, We Are The Villains: Tech Ethics In Software Development 51:11
51:11 Main Kemudian Main Kemudian Senarai Suka Disukai51:11
Main Kemudian Main Kemudian Senarai Suka DisukaiIn this Episode we are joined by Sergès Goma , a Paris-based software developer specialising in JavaScript. In this episode, Sometimes, we are the Villains - Tech ethics in software development , we dive deep into the ethical dilemmas we face as workers and creators of technology. Heroes are few and far between in this tech landscape, even if we don’t like to admit it, and that includes us in cybersecurity! So it is important we have these conversations and look inward at our industry and the impact it has on culture and society. We also talk about why developers always seem to top the leader board when it comes to phishing simulation click rates, the complexity of the word ‘privacy’ in different countries, and ask if we are heading towards a more regulated industry and what that might mean for innovation and creativity. Key Takeaways: Uncovering the Dark Truth: Discover why those working in tech may not be the heroes we perceive them to be. The Perils of Overconfidence: Learn how the tech-savviness of developers can lead to risky behaviours and potential security breaches. From Feature-Focused to Security-Savvy: Learn how training and awareness can empower developers to become active participants in building secure software. Regulation vs. Innovation : We examine the challenges and opportunities of ethical frameworks in the tech industry. Global Perspectives on Privacy: Gain insights into how privacy is perceived differently across the world and the impact of cultural nuances on ethical considerations in tech. Links to everything we discussed in this episode can be found in the show notes and if you liked the show, please do leave us a review . Follow us on all good podcasting platforms and via our YouTube channel, and don't forget to share on LinkedIn and in your teams . It really helps us spread the word and get high-quality guests, on future episodes. We hope you enjoyed this episode - See you next time, keep secure, and don’t forget to ask yourself, ‘Am I the compromising position here?’ Show Notes Evil Tech: How Devs Became Villains Background on the Nestle Milk Scanda l The Untold Story of the 2018 Olympics Cyberattack, the Most Deceptive Hack in History by WIRED Paris Olympics Security Warning—Russian Hackers Threaten 2024 Games by Forbes Clean Code: A Handbook of Agile Software Craftsmanship by Robert Martin About Sergès Goma Sergès Goma is a Paris-based software developer specialized in JavaScript. When she's not fixing codebases, she gives motivational speeches mostly aimed at junior and would-be developers as well as participating in the tech women's empowerment online community Motiv'Her. LINKS FOR Sergès Goma LinkedIn X Account Keywords: cybersecurity, tech ethics, ethics, software development, privacy…
1 EPISODE 45: Can Cybersecurity Teams Actually Do Scrum? 49:40
49:40 Main Kemudian Main Kemudian Senarai Suka Disukai49:40
Main Kemudian Main Kemudian Senarai Suka DisukaiThis episode we are joined by the awesome Steve Trapps . Steve is the co-owner of Scrum Facilitators , an experienced Scrum Master, and a Professional Scrum Trainer with 20 years plus of experience in delivering complex products in many different business sectors. This week we answer that age old question, Can Cybersecurity Teams Actually Do Scrum? To answer that, we do a deep dive into when you should and shouldn’t use scrum in your cybersecurity teams and of course, we will learn exactly what a scrum master does! Together we will explore how scrum can be used to foster better conversations, create transparency and help you achieve your goal; what it takes to be an A1 facilitator, like Steve, as well as how not to get caught up in the dogma of ‘the scrum guide’! Key Takeaways: What is Scrum? How do I become a Scrum Master? More than just overseeing daily stand ups and organising Jira tickets we unveil the multifaceted responsibilities of a Scrum Master, including coaching, mentoring, and facilitating effective teamwork. Scrum for the Unknown, Not the Mundane: Scrum shines in situations with complexity and uncertainty, perfect for tackling emerging threats! But for routine tasks (BAU), consider alternative approaches. Ditch the "Scrum Guide Says" Mindset: Focus on the purpose of Scrum - fostering conversations, transparency, and clear outcomes. Don't get bogged down in dogma! How To Spot a Bad Meeting? Well you’re sweet for asking but… Links to everything we discussed in this episode can be found in the show notes and if you liked the show, please do leave us a review . Follow us on all good podcasting platforms and via our YouTube channel, and don't forget to share on LinkedIn and in your teams . It really helps us spread the word and get high-quality guests, on future episodes. We hope you enjoyed this episode - See you next time, keep secure, and don’t forget to ask yourself, ‘Am I the compromising position here?’ Keywords: cybersecurity, agile, scrum, scrum master, coaching, facilitation, kanban Show Notes Visual Thinking: The Hidden Gifts of People Who Think in Pictures, Patterns and Abstractions by Temple Grandin Radical Candor: How to Get What You Want by Saying What You Mean by Kim Scott Creativity, Inc.: an inspiring look at how creativity can - and should - be harnessed for business success by the founder of Pixar by Ed Catmull About Steve Trapps Steve Trapps is the co-owner of Scrum Facilitators, an experienced Scrum Master, and a Professional Scrum Trainer with 20 years plus of experience in delivering complex products in many different business sectors. He started his career as a software developer, working for Nestle before working for Sky, building applications & websites for many of the English Premier League football teams. Previously being a developer, Steve has worked in various teams (Scrum and none Scrum) so he comes packed with real-life stories, from Start-Ups building the next social media network up to large corporations handling thousands of transactions a second. If you want to learn from someone who has been there, then Steve can share experiences to help you on your way. Steve focuses on helping individuals & teams reach their full potential through professional development coaching and professional training. LINKS FOR Steve Trapps Steve’s LinkedIn Scrum Facilitators…
1 EPISODE 44: Embracing Failure in Cybersecurity by Learning Through Trial and Error 53:16
53:16 Main Kemudian Main Kemudian Senarai Suka Disukai53:16
Main Kemudian Main Kemudian Senarai Suka DisukaiThis episode we are joined by the brilliant Stefan Gaillard , the co-founder and current chair of the Journal of Trial & Error , a journal dedicated to highlighting the importance of trial and error in scientific practice and scholarship. Trial and error is part of the scientific method but most of us are risk averse because we are so afraid of failure or we take great lengths to cover up anyone finding out that we have failed. There is so much shame around admitting to failure, especially in cybersecurity when, lets face it, most of us will experience the failure of our security controls eventually. But to hide from failure, not only from ourselves but also our peers, means missing out on important learning opportunities. We need to change this! If we don’t think about failure more, we are doomed to keep failing. This episode we explore the importance of removing the stigma from failure, the benefits AND the dangers of tech’s ‘ fail-fast’ mentality, what it’s like to live in the information overload age and finally, the importance of trial and error . Key Takeaways: Removing the Stigma of Failure : Learn why it’s crucial to view failure as a stepping stone rather than a setback. Stefan discusses how changing our perception of failure can lead to more innovative solutions. Blame the System, Not the Individual : Discover the importance of considering human factors in cybersecurity incidents. Stefan explains why blaming individuals is often counterproductive and how systemic changes can prevent future errors. The Information Overload Age: We’ve left the "Information Age" behind and entered the era of "Information Overload." With so much data and misinformation circulating, how do we stay focused and make informed decisions? Stefan shares his thoughts on how to navigate this landscape while avoiding cognitive overload. Fail Fast, Innovate Faster: What are the pros and cons of a "fail-fast" mentality in tech? Stefan takes us through the benefits of quick iteration and the dangers of overpromising, using examples from AI winters and the current AI hype cycle. Understanding when to abandon a product or pivot can be the difference between success and stagnation. Changing your mind is part of progress. Don’t fear shifting narratives when presented with new facts. Keywords: cybersecurity, trial and error, testing, failure, experimentation Show Notes The Journal of Trial and Error The British Library’s Cybersecurity Incident Review Countering the Cognitive, Linguistic, and Psychological Underpinnings Behind Susceptibility to Fake News: A Review of Current Literature With Special Focus on the Role of Age and Digital Literacy Overpromising in science and technology: An evaluative conceptualization Ten simple rules for failing successfully in academia About Stefan Gaillard Stefan Gaillard is the co-founder and current chair of the Journal of Trial & Error , a journal dedicated to highlighting the importance of trial and error in scientific practice and scholarship. For this work he was selected for the Forbes 30 Under 30 list of 2024 . Besides chairing the journal, Gaillard is currently pursuing a PhD in ‘Philosophy and Science Studies’. His research focuses on overpromising – what is it, how can we recognize it and when does science fail to correct it? In addition, he is project coordinator at The New Utrecht School , an interdisciplinary platform for urgent discussions on the interaction between the health domain, the arts, and the sciences and humanities. The New Utrecht School and the Journal of Trial and Error are currently hosting a series of lunch lectures and publishing a special issue on ‘Scientific failure and uncertainty in the health domain’. LINKS FOR Stefan Gaillard Stefan’s LinkedIn Stefan’s X Account…
1 EPISODE 43: Not Everybody Does It Like US…So Hire Anthropologists in Cybersecurity! 51:55
51:55 Main Kemudian Main Kemudian Senarai Suka Disukai51:55
Main Kemudian Main Kemudian Senarai Suka DisukaiThis episode we are joined by the wonderful Jamie Sherman , a cultural anthropologist and principal UX researcher at ESRI. We explore how words like ‘security and privacy’ are slippery and that can lead to a lot of confusion and misunderstanding. How to ask better questions to really understand how to protect the people and our customers in an organisation and how to create the perfect ‘sniff test’ in our organisations so people feel more able to trust their intuition rather than relying on crap passwords. And Finally we unpack the importance of hiring more anthropologists in cybersecurity because not everybody does it like us. Key Takeaways: Anthropology in Cybersecurity: A Game-Changer Anthropology isn’t just the study of ancient cultures—it’s about understanding how people make meaning in their lives today. Anthropologists, through methods like ethnography and participant observation, can uncover the human side of cybersecurity, ensuring that security measures align with real-world behaviours, not just technical protocols. What does ‘Security’ actually mean? Words are Slippery We don’t always have a shared meaning for terms like “security” and “privacy.” Misunderstandings can lead us down the wrong path, creating a sense of betrayal. It’s essential to ask, “What is security to you?” and make security visible without overwhelming users with cognitive load. Sniff the milk, is it off? Traditional security measures, like passwords and phishing awareness, often overload users with cognitive demands. But what if we focused on building intuition instead? We can help users develop a gut sense of when something feels wrong—an essential skill in a world where data is constantly on the move and always at risk by triggering the same responses when we sniff off milk! Asking the Right Questions : Better questions lead to better security controls and a deeper understanding of user needs. Links to everything we discussed in this episode can be found in the show notes and if you liked the show, please do leave us a review . Follow us on all good podcasting platforms and via our YouTube channel, and don't forget to share on LinkedIn and in your teams . It really helps us spread the word and get high-quality guests, on future episodes. We hope you enjoyed this episode - See you next time, keep secure, and don’t forget to ask yourself, ‘Am I the compromising position here?’ Show Notes Pumping Iron - Give it a watch! Over Half of Cybersecurity Professionals Engage in Risky Behaviours at Work - KnowBe4 Purity and Danger: An Analysis of Concepts of Pollution and Taboo - Mary Douglas About Jamie Sherman Jamie Sherman is a cultural anthropologist and principal UX researcher at ESRI. She holds a PhD in anthropology (Princeton, 2011) and has been in the technology and UX space since joining Intel Labs in 2012, where she worked on a range of existing and emerging technologies, including wearable tech, virtual reality, and content creation. Her most recent focus is on the use of data and analytics to do things, from making movies to making maps. LINKS FOR Jamie Sherman Jamie’s LinkedIn Keywords: cybersecurity, anthropology, user behaviour, privacy, UX…
1 EPISODE 42: Mind Science - Cyber Psychology 101 1:03:05
1:03:05 Main Kemudian Main Kemudian Senarai Suka Disukai1:03:05
Main Kemudian Main Kemudian Senarai Suka DisukaiThis Episode we’re heading back into the vaults to bring you the unabridged version of our fantastic and extremely popular interview with Bec McKeown, a chartered psychologist with extensive experience in carrying out applied research for organisations including the UK Ministry of Defence and the founder and director of Mind Science , an independent organisation that works with cybersecurity professionals. Ever wanted to know the psychology behind cybersecurity? Bec takes us an a fascinating journey into the mind as we get acquainted with a smorgasbord of psychological concepts to help you understand your cybersecurity posture - especially during a dreaded cybersecurity incident! Key Takeaways: The curse of knowledge : Understanding what it's like to not understand cybersecurity from a technical perspective can be an advantage in helping you communicate better. By putting yourself in the shoes of the listener, you can convey complex ideas in a way that is easy to understand and relatable Microlearning : Nobody wants to sit in training for three hours! Microlearning helps by breaking up information into bite-sized chunks that are easy to digest. It's also important to account for different learning styles and provide information in various formats. Amygdala hijacking : Cybercriminals leverage amygdala hijacking, which occurs when the amygdala activates the fight-or-flight response when there is no serious threat to a person's safety. It's essential to recognize the contextual cue that led you to act that way and develop strategies to deal with it before it happens. Awareness does not equal change in behaviour: One size doesn't fit all, and quantitative is usually valued over qualitative, which needs to change. Focus on Impact Skills, Not Just Technical Knowledge: Decision-making, communication, and collaboration are the foundational skills needed to navigate complex cyber threats. Show Notes Immersive Labs Bec’s Article in Immersive Labs on Workforce Resiliency Christian Hunt’s episode - Compromising Positions Article on Theory X and Theory Y - Mind Tools Influence by Robert Cialdini Actionable Gamification - Yu-Kai Chou Kirkpatrick Model - Mind Tools Copywrite movies. Privacy is a Crime Video The software Lianne used on her tabletop exercise to get anonymous responses: Mentimeter and Slido About Bec McKeown Bec McKeown CPsychol is the Founder and Director of Mind Science , an independent organisation that works with cyber security professionals. She helps businesses to advance the human aspect of system resilience, so a collaborative culture of innovative thinking and an agile threat response becomes the norm. As a Chartered Psychologist with extensive experience of carrying out applied research for organisations including the UK Ministry of Defence, Bec has gained a unique perspective on the ways humans react in times of crisis. She works at both operational and strategic levels, with a focus on situational awareness, decision-making and problem-solving in complex environments. LINKS FOR Bec McKeown Bec’s LinkedIn Mind Science LTD…
1 EPISODE 41: Empathy Over Ego: Why We're Angry At The Wrong People In Cybersecurity - The Cyber Empathy Podcast 59:38
59:38 Main Kemudian Main Kemudian Senarai Suka Disukai59:38
Main Kemudian Main Kemudian Senarai Suka DisukaiWe’re still on a summer break but in the meantime we are delighted to share with you an episode from friend of the show, Cyber Empathy which Lianne appeared on earlier this year. In this episode Lianne discussed how she hates the term ‘weakest link’ when talking about our colleagues, how the language that we use in cybersecurity can be incredibly harmful to our cybersecurity posture, and how she applies her skills as an anthropologist to her organisation. Key Takeaways: Why Anthropology and Cybersecurity Make for Good Bedfellows - Cybercriminals are most successful when they aim for the human element. Knowing what it means to be human continues to be very important for facing emerging cybersecurity threats! When Was the Last Time You Gave a Gift? Lianne discusses how the giving of ‘gifts’ in your organisation might just lead people to bond with your message through the principle of reciprocity. Trust Issues? In cybersecurity our whole schtick is trust issues, but does it have to be that way? If we trusted people a little more, could they help us in the fight against cybersecurity criminals? Tell Me a Story - Storytelling is the crux of human existence and one of our main drivers of our evolution - and yet in cybersecurity, despite having exciting stories to tell, we instead drone on about MFA! Lets make cybersecurity interesting again through storytelling! Show Notes Full show notes can be found at the source on Cyber Empathy About Andra Zaharia Andra is a cybersecurity communication manager focused on organic growth and fighting infosec marketing cliches to make content that people actually enjoy. She is also the creator of the award-winning podcast Cyber Empathy where she shares stories of kindness, curiosity and connections that show how humans shape online security and privacy. LINKS FOR Andra Zaharia Andra’s Website Andra’s Podcast Andra’s LinkedIn Thank you kindly to Cyber Empathy for giving us permission to share this episode! Keywords: cybersecurity, storytelling, trust, anthropology, empathy, reciprocity…
Selamat datang ke Player FM
Player FM mengimbas laman-laman web bagi podcast berkualiti tinggi untuk anda nikmati sekarang. Ia merupakan aplikasi podcast terbaik dan berfungsi untuk Android, iPhone, dan web. Daftar untuk melaraskan langganan merentasi peranti.
Daily Deals
Daily Deals
Sama dengan Compromising Positions - A Cyber Security Podcast
The power of Data is undeniable. And unharnessed - it’s nothing but chaos. Making data your ally. Using it to lead with confidence and clarity. Host Jess Carter is solving problems in real-time to reveal what’s possible. Helping communities and people thrive. This is Data Driven Leadership, a show brought to you by Resultant.
…
continue reading
BBC Radio 5 live’s award winning gaming podcast, discussing the world of video games and games culture.
…
continue reading
Android Backstage, a podcast by and for Android developers. Hosted by developers from the Android engineering team, this show covers topics of interest to Android programmers, with in-depth discussions and interviews with engineers on the Android team at Google. Subscribe to Android Developers YouTube → https://goo.gle/AndroidDevs
…
continue reading
Show notes are at https://stevelitchfield.com/sshow/chat.html
…
continue reading
For more than a dozen years, the Stack Overflow Podcast has been exploring what it means to be a software developer and how the art and practice of programming is changing our world. From Rails to React, from Java to Node.js, join the Stack home team for conversations with fascinating guests to help you understand how technology is made and where it’s headed.
…
continue reading
Investor Shayle Kann is asking big questions about how to decarbonize the planet: How cheap can clean energy get? Will artificial intelligence speed up climate solutions? Where is the smart money going into climate technologies? Every week on Catalyst, Shayle explains the world of climate tech with prominent experts, investors, researchers, and executives. Produced by Latitude Media.
…
continue reading
Catalyst, a Launch by NTT DATA podcast, puts humans at the front and center of digital transformation. Each week, we feature thought leaders who share their insights on reinventing digital experiences, enhancing customer journeys, and driving innovation in the enterprise. From platform transformation to the latest advancements in AI, our guests delve into the challenges and triumphs of digital transformation, emphasizing the critical role of human ingenuity and leadership. Learn more about L ...
…
continue reading
The Partnership Economy explores the power of partnerships through candid conversations and stories with industry leaders. Our hosts, David A. Yovanno, CEO and Todd Crawford, Co-founder, of impact.com, unpack the future of partnerships as a lever for scale and an opportunity to put the consumer first.
…
continue reading
Flash Forward is a show about possible (and not so possible) future scenarios. What would the warranty on a sex robot look like? How would diplomacy work if we couldn’t lie? Could there ever be a fecal transplant black market? (Complicated, it wouldn’t, and yes, respectively, in case you’re curious.) Hosted and produced by award winning science journalist Rose Eveleth, each episode combines audio drama and journalism to go deep on potential tomorrows, and uncovers what those futures might re ...
…
continue reading
Talk Python to Me is a weekly podcast hosted by developer and entrepreneur Michael Kennedy. We dive deep into the popular packages and software developers, data scientists, and incredible hobbyists doing amazing things with Python. If you're new to Python, you'll quickly learn the ins and outs of the community by hearing from the leaders. And if you've been Pythoning for years, you'll learn about your favorite packages and the hot new ones coming out of open source.
…
continue reading
Player FM - Aplikasi Podcast
Pergi ke luar talian dengan aplikasi Player FM !
Pergi ke luar talian dengan aplikasi Player FM !
))
