The COVID-19 pandemic introduced unprecedented volatility and uncertainty (VUCA) to global supply chains, forcing retailers to rapidly pivot their operational strategies to manage severe disruption. This episode explores interview findings revealing how supply chain professionals effectively utilized a blend of proactive strategies, such as digital technology adoption and supplier collaboration, with reactive contingency planning to maintain business continuity. We detail the critical importance of enhanced supply chain visibility, organizational agility, and strategic knowledge management in enabling organizations to recover quickly and achieve sustainable long-term resilience.
 
Sponsors:
https://vrm.cisomarketplace.services
https://vendorscope.cisomarketplace.com
 

Municipalities face escalating cyber threats like devastating ransomware attacks, which have cost cities like Atlanta millions of dollars in recovery and disrupted essential public services. This vulnerability is amplified by the mass deployment of interconnected IoT devices and the convergence of traditional IT with sensitive Operational Technology (OT), blurring security boundaries and expanding the potential attack surface. We explore essential strategies, from embracing Zero Trust Architecture to establishing integrated governance, vital for city leaders and IT teams seeking to build cyber-resilient communities and protect critical infrastructure.
 
Sponsor:
https://cybersafe.city
https://www.secureiot.house
https://www.secureiotoffice.world 

The simultaneous enforcement of the EU’s DORA (January 2025 deadline) and NIS2, alongside the U.S. SEC’s four-day disclosure rule (effective late 2023), has created an increasingly fragmented and high-stakes compliance landscape for global enterprises. This episode details how organizations can move beyond segregated checklists to build a unified compliance strategy by centralizing governance, implementing continuous third-party risk monitoring, and using integrated response plans to meet varying reporting timelines. Learn why streamlining efforts across these mandates is essential to maintain business continuity, minimize legal liability, and avoid steep penalties, which can reach up to 2% of global turnover.
 
Sponsor:
www.compliancehub.wiki 

This episode dissects critical risks specific to Large Language Models (LLMs), focusing on vulnerabilities such as Prompt Injection and the potential for Sensitive Information Disclosure. It explores how CISOs must establish internal AI security standards and adopt a programmatic, offensive security approach using established governance frameworks like the NIST AI RMF and MITRE ATLAS. We discuss the essential role of robust governance, including mechanisms for establishing content provenance and maintaining information integrity against threats like Confabulation (Hallucinations) and data poisoning.
 
Sponsor:
www.cisomarketplace.services 

Artificial intelligence has fundamentally reshaped the threat landscape, enabling attackers to deploy flawless, context-specific phishing emails and clone the voices of executives, leading to massive losses like the Hong Kong multinational firm that lost $25 million during a deepfake video call scam. With ransomware back on the rise and 77% of CISOs identifying AI-generated phishing as a growing concern, cybercriminals are trading generic lures for high-quality, persistence-based payloads that bypass traditional defenses. We break down the urgent shift required for organizations, from embracing resilient Zero Trust architecture to implementing stringent verification protocols and continuous employee education to survive this era of sophisticated, automated cyberattacks.
 
Sponsor:
www.cisomarketplace.com
www.cisomarketplace.services
podcast.cisomarketplace.com
www.microsec.tools
www.threatwatch.news 

RaaS (Ransomware-as-a-Service) has professionalized cybercrime, turning digital extortion into a resilient business where affiliates leverage sophisticated toolkits for high-stakes attacks on critical sectors. This episode details how threat actors circumvent defenses by compromising high-value systems like VMware ESXi hypervisors and Managed File Transfer solutions, and by utilizing EDR Killers to execute malicious actions undetected. We explore the necessary response, which involves employing advanced behavioral analysis, multi-factor authentication (MFA), network segmentation, and automated playbooks to dismantle the entire criminal supply chain.
 
Sponsor:
www.cisomarketplace.com 

The modern Chief Information Security Officer (CISO) role is evolving from a purely technical function to an enterprise risk leadership position, yet many leaders struggle to secure necessary resources due to a fundamental communication gap with the board. This podcast explores how security executives can master "Boardish"—the language of finance, strategy, and governance—by translating critical threats like ransomware and AI exposure into clear, actionable, financial, and business consequences. We share strategies to elevate security from a mere compliance checkbox to a business enabler, focusing on measuring cyber resilience and quantifying investment returns based on risk reduction to secure vital board support.
 
Sponsor: 
www.cisomarketplace.com
www.cisomarketplace.services 

Third-party relationships expose organizations to major threats across operational, strategic, and legal risk areas, including the significant danger of reputational damage and the potential for loss of intellectual property. Recent managed service provider (MSP) cyberattacks have resulted in catastrophic financial devastation, demonstrating that an organization cannot escape blame when a vendor fails. We analyze essential contractual controls—such as clear termination conditions, robust indemnification clauses, and the critical right to audit—that serve as the foundational mechanism for mitigating catastrophic liability exposure.
 
Sponsors:
www.cisomarketplace.com
https://vrm.cisomarketplace.services