Cyber Consulting Room

Did you know that your organization's security culture could be its strongest defense—or its weakest link? In today's digital landscape, where cyber threats lurk around every corner, relying solely on technological safeguards isn't enough. Building a resilient security culture within your organization is paramount.

This episode of The Cyber Consulting Room Podcast features part one of an insightful conversation between host Gordon Draper and Helen Patton, a distinguished cybersecurity executive advisor and former CSO of Cisco.

During the conversation, Helen shares her fascinating journey into cybersecurity, highlighting the crucial role of intentional certifications and mentorship. The discussion dives into her unique approach to building robust organizational security cultures, revealing how she harnesses her extensive industry connections to convert cybersecurity efforts into tangible business success across various sectors. Helen's vast experience in shaping public policy offers invaluable insights into creating a more secure and trustworthy digital landscape.

Throughout the episode, Helen shares her strategies for fostering effective security cultures and discusses the evolving role of security in driving business objectives. She underscores the power of communication, storytelling, and networking within the cybersecurity community. This episode is packed with valuable insights on influencing public policy, bridging departmental gaps, and the critical importance of benchmarking and metrics in advancing meaningful security discussions.

Join them for a compelling conversation brimming with practical advice and visionary ideas to elevate your organization's security framework.

In This Episode:

• (00:08) Introduction to Helen Patton
• (01:25) Helen’s accidental entry into cybersecurity
• (02:40) Education and certifications
• (04:06) Advice on the intentional use of certifications
• (06:05) Advice for someone starting out in cybersecurity
• (09:16) The perception of cybersecurity
• (22:23) Metrics for board and C-suite
• (25:24) Common cybersecurity challenges
• (29:21) Impact of SEC regulations
• (36:40) Benefits of engaging in the security community
• (41:03) Finding and expanding professional connections

Notable Quotes

• [06:18] “Rather than thinking about what kind of security you want to do, think about what kind of problem you want to solve.”-Helen Patton
• [10:15] “The purpose of security isn't security. Actually, the end isn't to be as secure as possible.” -Helen

Our Guest
Helen Patton is an accomplished CISO and business leader with extensive experience in transforming security teams and cultures across various industries. She has held pivotal roles, including CISO at Cisco and The Ohio State University, where she earned the 2018 ISE North American Academic/Public Sector Executive of the Year award. Helen advocates for industry collaboration, improved diversity, and mentorship in security. She holds a master’s in public policy and serves on multiple cybersecurity advisory boards, teaching security leadership and risk management.

Resources and Links

Cyber Consulting Room

• Cyber Consulting Room

Gordon Draper

• https://cybermarket.com/
• https://www.linkedin.com/in/gordondraper/

Helen Patton

• https://www.cisohelen.com/
• For more episodes like this visit https://cyberconsultingroom.com
• You can find more information about Cyber Consulting Room Podcast Host at https://www.linkedin.com/in/gordondraper/

In this engaging episode of The Cyber Consulting Room, host Gordon Draper engages in a compelling discussion with Ger van Hees, a distinguished Trusted Information Security Advisor and the Managing Director of "Van Hees Consulting." With a career dedicated to guiding organizations on their path to optimizing information security and reducing risk, Ger brings a wealth of experience and expertise to the forefront. He has a track record of advising boards and executives on balancing cyber risk with innovative progress, aligning security strategy with organizational goals, and facilitating the seamless integration of modern technology while maintaining robust security governance. Drawing from his deep understanding of information security across various industries, including finance, education, and business services, Ger helps organizations identify security risks and offers strategic advice on mitigating those risks. He's a strong advocate for fostering a risk-aware culture within organizations and optimizing information security to enhance resilience. By sharing his insights, Ger empowers modern organizations to achieve greater profitability, resilience, and a stable workplace culture – making this episode a must-listen for those seeking expert guidance on the path to enhanced information security and risk reduction.

• For more episodes like this visit https://cyberconsultingroom.com
• You can find more information about Cyber Consulting Room Podcast Host at https://www.linkedin.com/in/gordondraper/

In this episode of The Cyber Consulting Room, host Gordon Draper dives into a compelling conversation with the Director and Principal Consultant of Mercury Information Security Services, Edward Farrell. Based in the bustling cyber landscape of Sydney, Australia, Edward brings over two decades of expertise to the table. As a trusted figure in the field of cyber security, he shares his unique journey and unravels the intricacies of his extensive career, shedding light on the ever-evolving world of cyber security consulting. Discover how Edward's deep knowledge has shaped his approach to securing organizations in a digital age, and gain insights into the industry's past, present, and future. Whether you're a seasoned professional or just embarking on a career in cyber security, this episode promises to be a treasure trove of wisdom and a deep dive into the mind of an industry leader. So, join us for a fascinating exploration of Edward Farrell's remarkable journey in The Cyber Consulting Room.

• For more episodes like this visit https://cyberconsultingroom.com
• You can find more information about Cyber Consulting Room Podcast Host at https://www.linkedin.com/in/gordondraper/

Are cybersecurity conferences just another industry event, or are they the driving force behind the next big leap in the field? When you think about the future of cybersecurity, do you consider the role of gatherings like Black Hat USA and DEF CON?

In this episode of the Cyber Consulting Room podcast, host Gordon Draper explores the recent Black Hat USA and DEF CON conferences. He is joined by Edward Farrell, an offensive security expert and owner of Mercury Information Security Services, and Shanna Daly, an incident response specialist with Khrushchev. Edward discusses his career in vulnerability hunting and the importance of mentorship, while Shanna shares her experiences as a speaker coach and Call for Papers review board member. They reflect on conference highlights, emerging cybersecurity trends, and the value of community engagement and networking in the ever-evolving field of cybersecurity.

In This Episode:

• (01:07) Guests introduction
• (01:34) Mentorship in cybersecurity
• (19:23) Themes from the conferences
• (19:36) Black Hat research focus
• (20:28) Vendor tools at Black Hat
• (24:11) AI in cybersecurity discussions
• (27:08) Threat intelligence insights
• (31:56) Conference attendance strategy
• (39:39) Managing health at conferences
• (40:34) Post-conference recovery
• (41:21) Sensory overload in Vegas
• (43:14) Defcon badge discussion
• (46:38) Volunteering at Defcon
• (49:39) Future of cybersecurity innovation
• (51:35) Consolidation in cybersecurity practices
• (53:02) Human element in cybersecurity

Notable Quotes

• [00:02:14] "The reward for me wasn't necessarily gaining knowledge or imparting it as I have done in previous years, but mentoring a brand new speaker at B-Sides and supporting my own team who attended DEF CON." — Edward Farrell
• [00:09:52] "You don't need to prove anything to anyone at this point. The fact that you got selected is already a really, really, really awesome thing. Now you just tell your story." — Shanna Daly

Our Guests

• Shanna Daly, with 20+ years in information security, excels in data breach investigations and leading expert consulting teams.
• Edward Farrell, a cyber security consultant with 14 years of experience, leads Mercury and has managed over 900 audits and incident responses. With IRAP accreditation and board roles at ISC2 and CREST, he excels in technical, operational, and strategic consulting. Edward also presents globally and develops training materials for the Australian Defence Force.

Resources and Links

Cyber Consulting Room

• Cyber Consulting Room

Gordon Draper

• https://cybermarket.com/
• https://www.linkedin.com/in/gordondraper/

Shanna Daly

• https://www.linkedin.com/in/shannadaly/
• https://mercuryiss.com.au/

Edward Farrell

• https://www.linkedin.com/in/31337au/?originalSubdomain=au
• https://mercuryiss.com.au/
• For more episodes like this visit https://cyberconsultingroom.com
• You can find more information about Cyber Consulting Room Podcast Host at https://www.linkedin.com/in/gordondraper/

Did you know that Australian businesses are facing a rapidly evolving cybersecurity landscape? In this episode of the Cyber Consulting Room podcast, host Gordon Draper interviews cybersecurity expert Simona Dimovski. Simona shares her journey into the field, emphasizing the importance of understanding business strategy and the human element in technology. She offers advice for aspiring cybersecurity professionals, stressing continuous learning and networking. The discussion covers current trends and challenges in Australian cybersecurity, including regulatory compliance and ransomware. Simona also discusses her roles in the Australian Information Security Association and as a New South Wales Cyber Ambassador, focusing on raising cybersecurity awareness and promoting best practices.

In This Episode:

• (00:02) Introduction of Simona Dimovski
• (01:08) Simona's journey into cybersecurity
• (02:39) Advice for aspiring cybersecurity professionals
• (03:35) Networking opportunities at conferences
• (04:22) Redefining networking
• (06:15) Mentorship and community support
• (08:25) Current trends in cybersecurity
• (17:36) Cyber awareness initiatives
• (23:10) Secure by design
• (24:52) Cultural shift in security practices
• (34:34) Ongoing security awareness initiatives
• (53:59) Challenges of transitioning to local government
• (57:52) Impact of COVID-19 on digital transformation
• (59:02) Closing remarks and contact information

Notable Quotes

• [01:21] "My journey into cybersecurity was a natural progression from technology and risk management, and as I took on more leadership roles, I saw how integral cybersecurity was to business continuity and success." — Simona Dimovski
• [34:34] "Security is actually everyone's responsibility. It's not something you can just assign to one person to take care of the whole organization." — Simona Dimovski

Our Guests
Simona Dimovski is a visionary executive with over 20 years of experience in digital and data strategy development. She excels in optimizing business strategies, driving innovation, and transforming business models. Simona creates high-performing teams, fostering a culture of collaboration, trust, and continuous development. As a humanistic designer of solutions, she sets a futurist strategy for customer experience through digital enablement, leveraging her passion for technology to drive business value and growth.

Resources and Links

Cyber Consulting Room

• Cyber Consulting Room

Gordon Draper

• https://cybermarket.com/
• https://www.linkedin.com/in/gordondraper/

Simona Dimovski

• https://au.linkedin.com/in/simona-dimovski-100
• For more episodes like this visit https://cyberconsultingroom.com
• You can find more information about Cyber Consulting Room Podcast Host at https://www.linkedin.com/in/gordondraper/