Skip to main content
Future of Cyber Security

Future of Cyber Security

By Rasool Irfan
Cyber security is dynamic and fast changing. Keep up-to-date with the latest news, vulnerabilities, threats and new research. For latest cyber security blogs, visit rasoolirfan.com and tweet @ → twitter.com/rasoolirfan
Listen on
Where to listen
Apple Podcasts Logo

Apple Podcasts

Breaker Logo

Breaker

Castbox Logo

Castbox

Google Podcasts Logo

Google Podcasts

Overcast Logo

Overcast

Pocket Casts Logo

Pocket Casts

PodBean Logo

PodBean

RadioPublic Logo

RadioPublic

Spotify Logo

Spotify

TuneIn Logo

TuneIn

Episode 36 - Vulnerability Management Maturity Assessment Program
Ensuring that existing vulnerability management program works well to enhance the operational maturity require assessment. Leverage external professionals to conduct assessments based on defined framework across building blocks and act to mature your vulnerability management program. Listen to this podcast for more details
06:05
April 4, 2021
Episode 35 - Threat Hunting Capability Development Framework
With increased adoption to digital by business and technology advancements consumed by bad actors makes threat hunting a ‘must to have’ program. Cyber threat intelligence enables security analysts with data enrichment, however good programming and coding skills helps threat hunter to uncover the unknowns.
06:49
January 30, 2021
Episode 34 - Cyber security table top exercise (TTX)
Organizational business continuity program should mandate CISO or CIO to have TTX periodically to rehearse the cyber security incident response plans. The level of participation and greater audience with variety of expertise to combat cyber security incidents quantify the TTX success. 
09:50
January 23, 2021
Episode 33 - Microsoft Endpoint DLP use cases
Microsoft Endpoint DLP helps organizations to adopt data protection strategies with most common use cases such as protecting sensitive data based on regulatory compliance, prevent unintentional or accidental exposure of critical data and restricting unwanted activities on windows devices.  
05:15
November 15, 2020
Episode 32 - Azure Information Protection - Getting Started and Best Practices
Enterprise today face data protection challenges to secure sensitive information across its life cycle and exploring solutions. Microsoft Azure Information Protection has been widely purchased by many customers, but struggling to find ways to get started and require assistance in adopting best practices. Let's explore it in this podcast.
10:57
October 26, 2020
Episode 31 - Multi cloud SIEM deployment cost considerations with IBM QRadar and Splunk
Cloud business leaders prefers multi cloud deployment strategies either within the region or across regions to have cost effective solution. IT security managers require security event management solutions prefers to have deployed on the cloud environment or either prefer SaaS offerings IBM QRadar and Splunk are the leading vendors in the market today offers wide range of SIEM use-cases. It require design and cost considerations to make it effective and fit for business purpose. 
07:56
October 19, 2020
Episode 30 - Microsoft E5 can replace 16 Security vendors
Microsoft clients with E5 license can evaluate the below 16 functional domains to utilize the security use-cases and replace security vendors. However, if customer’s have unique requirements that are achievable only with marketplace security products should continue to leverage other security solutions.
07:01
September 28, 2020
Episode 29 - Simplify network security with SASE
SASE (Security access service edge) concept is to have all the functional components of network and security required for enterprise available on cloud based services that are globally accessible for the digital business
06:45
September 21, 2020
Episode 28 - People is the most critical vulnerability in any organization
Every organization will have opportunity to learn from their security incidents. While performing root cause analysis, often organization fail to analyze deeper to figure-out the human element associated with it. 
07:06
July 24, 2020
Episode 27 - Five ideas to enhance the cyber immune system
IT security leaders are looking for cost effective security programs that enhance their cyber security immune systems. Listen to this podcast to learn those five key ideas. 
05:36
July 22, 2020
Episode 26 - CISO should redefine corporate security strategy
Cyber risk is business risk – CISO representation at board level is important to provide business solutions. Hence in the year 2020 – CISO’s should redefine the corporate security strategy.
10:19
June 29, 2020
Episode 25 - Social media addiction is injurious to mental health
Increased adoption of digital make all generations to prey to social media platforms. With increase fake news or misinformation and lack of knowledge to perform fact check, mostly kids and adults are mentally affected and targeted for cyber bulling and online harassment. 
07:48
May 17, 2020
Episode 24 - Develop self defensing capabilities in applications
In mobile first market, organizations need to develop mobile applications that has self defensing capabilities. As the in-app protection technologies are new - DevOps leaders should invest time to learn and adopt implementing it for their high value applications. Listen to the self defensing capabilities here. 
08:22
May 10, 2020
Episode 23 - Protection from Maze Ransomware
Maze is a file encrypting virus and also a successor to ChaCha. Organizations need to have protection strategies from being victim of similar cyber attacks. Listen to this podcast for more details
05:32
May 4, 2020
Episode 22 - Recommendations to adopt Zero Trust principles
Organizations need to define zero trust strategy to enforce the security controls across the ‘defense in depth’ layers. Security in continuous process and require constant learning as the attacks are sophisticated and targeted. Adopting to Zero Trust principles keep the business safe from any breaches.
06:53
April 28, 2020
Episode 21 - India - The personal data protection bill, 2019
The Personal data protection bill, 2019 mandates to implement cyber security controls such as de-identification, encryption, protect integrity, prevent misuse, unauthorized access to modify, disclose or destruct of personal data. The bill has obligations to take prompt and appropriate action in response to a data security breach. It shall be liable to a penalty which may extend to five crore rupees or two per cent. of its total worldwide turnover of the preceding financial year, whichever is higher. 
10:53
April 20, 2020
Episode 20 - Cyber security leaders need fraud prevention to protect their digital business
In this digital economy, online fraud detection systems are a necessary component in any security architecture and augment the basic application protection capabilities offered by a web application firewall and identity management solutions. Cyber security leaders need to know more about fraud management solutions. In this episode you'll hear key 45 solution providers operating in this space.  
11:18
April 13, 2020
Episode 19 - Digital business require ‘tailored’ security services
Every business is unique in its own way and adopting cyber security services that are ‘tailor-made’ with two-way communications will help address risks and challenges to safe-guard from data breaches.
08:01
April 7, 2020
Episode 18 - Understand the MSSP (Managed Security Service Provider) services better
Enterprise prefer to outsource their IT security and believes that its cyber security operations are managed well. But - how well you understood their service descriptions. Listen to this episode to learn certain basic that are required for this digital business needs?
04:43
March 31, 2020
Episode 17 - Enterprise can't protect threats, if they don't see it.
Data residency, compliance issues, and the need for visibility and monitoring of data continue to drive organizations to adopt data loss prevention capabilities. Enterprise can't protect threats, if they don't see it. Listen this podcast
08:42
February 7, 2020
Episode 16 - How to bring 'WOW' factor in SOC visits
Experience is all about sense of feel, taste, music to ears, seeing and believing. Listen to this podcast that helps 'How to make the SOC visit as experience to bring the ‘wow’ factor'. 
09:55
December 7, 2019
Episode 15 - Digital workplace security for social media generations
Organizations need to have futuristic security strategy programs to enable digital workplace safe from cyber breaches. Business can’t expect that GenZ will only use emails channels for exchanging messages. They shall use social media platforms. Hence digital workplace security program should seamlessly identify, detect, protect and respond to cyber threats and allowing employees to securely work anytime, from anywhere
06:46
October 23, 2019
Episode 14 - Machine first security operations delivery model
Machine first security delivery model require clear understanding of automation use cases and well document incident response playbooks. Organizations today finding ways and means to utilize both humans and machines in cyber security operations
03:31
October 13, 2019
Episode 13 - Zero Trust Network Access
Zero Trust is taken from the principle of “never trust, always verify,” can achieve using micro segmentation by limiting the lateral movements between the network segments and only intended application access from outside.  Trust security framework / Zero trust architecture helps customers to prevent unauthorized access, contain breaches, and reduce the risk of an attacker’s lateral movement through your network. 
05:39
July 10, 2019
Episode 12 - 72 hours for data breach notification
According to Article 33 – EU GDPR – “Notification of a personal data breach to the supervisory authority”;  the controller shall without undue delay and, where feasible, not later than 72 hours after having become aware of it.   Unless organization has not prepared for data breach – it’s impossible to achieve the timeline of 72 hours notification and but them in risk in front of regulatory bodies.  
06:24
July 3, 2019
Episode 11 - Deepfake – Seeing is no longer believing
Deepfakes exploit this human tendency using generative adversarial networks (GANs), in which two machine learning (ML) models duke it out.  Deepfake technology is now being used to create high-fidelity phishing attacks where the phishing target, identity protection and fraud that're yet to come.
05:41
June 27, 2019
Episode 10 - Enterprise should adopt active cyber defense strategy
Active cyber defense strategies unless do not violate regulation and law of the land are considered now as appropriate direct action to counter threats.  Today’s security business function should have everything it needs to mount a competent defense of the ever-changing enterprise landscape 
05:49
May 24, 2019
Episode 9 - Unpatched vulnerabilities; Is it problem worth solving?
Organization continue to have ageing vulnerabilities remained unpatched and its serious problem that need solution that are effective to reduce the time that vulnerability discovered and patched.  Listen to the four key strategic recommendations.
05:03
May 17, 2019
Episode 8 - Cyber threat intelligence feeds for security operations
Organization need to detect the threat quickly and do not want to waste time investigating false negative alerts, thereby remediate the vulnerabilities and mitigating the attack vector more quickly.  There are many cyber threat intelligence service providers in the market, and the number appears to be growing. Not all services that are marketed as threat intelligence actually provide that type of content, so it is important to understand what problem customers are trying to solve 
07:53
May 9, 2019
Episode 7 - Application visibility is key for data center micro segmentation
 Perimeter-based security approaches are no longer sufficient. The starting point for devising a micro-segmentation is discovering and identifying all the application flows within the data center. Listen to this podcast to understand it better. 
06:43
April 11, 2019
Episode 6 - Amazon focus on cyber security areas are AWS & Smart home security
Studies have indicated that most security breaches in the cloud (such as AWS) are due to settings errors, which a data breach costing an average of $6.5M, according to Cloudnosys.  Amazon has two primary areas of focus for cybersecurity and data protection: Amazon Web Services (AWS) and smart home security. 
05:52
April 9, 2019
Episode 5 - What Facebook doing to address cyber security gaps
After several cyber security and privacy issues reported against Facebook, its time to re-look their process, people and technology. Facebook began revamping its privacy policy, has restricted data access to various APIs, implemented a more stringent review process, and announced the hiring of an estimated 10,000 new employees who will focus on combating data breaches and monitoring content. 
06:03
April 8, 2019
Episode 4 - Internet of things and cyber security recommendations
Internet connectivity is a two-way street. With these devices becoming a gateway to our homes, workplaces, and sensitive data, they also become targets for attacks. Lets learn what industry is doing with it and what recommendations are to be kept in mind while building security strategies. 
05:44
April 5, 2019
Episode 3 - Importance of security operational metrics and reports
Most organizations operate with limited financial and resource constraints, they need to prioritize security activities to maximize business benefits.  When communicating to board on security financial reporting, its important to provide visibility beyond security operations and infrastructure. The measurements, metrics and reporting are vital in any security business. Read more in my blog - https://rasoolirfan.com/2019/04/04/importance-of-security-operational-metrics-and-reports/
07:16
April 4, 2019
Episode 2 - Chronicle cyber security
Backstory will become the backbone of many managed security service providers. In this episode, lets learn about Chronicle (Google Alphabet's project X moon shot) contribution to cyber security. Read my blog for more details https://rasoolirfan.com/2019/03/26/revolutionary-threat-hunting-platform-for-massive-data/ 
06:07
March 30, 2019
Episode 1 - Cyber security with MITRE ATT&CK
MITRE evaluates cybersecurity products using an open methodology based on our ATT&CK™ framework. In this podcast, lets get some basic knowledge on MITRE's contribution to industry with ATT&CK framework.
07:04
March 29, 2019