The Power of Security Awareness Training: Key Ingredients for Success, with David Shipley
11/06/23 • 40 min
This month we welcome David Shipley on the Cyber Insider podcast’s latest episode. David is a recognized global expert in cybersecurity, regularly speaking at public and private events around the world and frequently appears in national and regional media to address cybersecurity stories and topics. David co-founded Beauceron Security in 2016 with an innovative approach to cybersecurity awareness and risk management which empowers everyone within an organization to know more, and care more, about their key role in protecting against cyber-attacks. Beauceron Security now serves more than 700 clients across North America, Europe, and Africa with 650,000+ end-users. He continues to lead the company as CEO. Prior to co-founding Beauceron Security, David was the security lead for the University of New Brunswick and developed its incident response, threat intelligence and awareness practice. He is a Certified Information Security Manager (CISM) and holds a Bachelor of Arts in Information and Communications Studies, as well as a Master of Business Administration, from the University of New Brunswick. In 2023, David was awarded the Queen’s Jubilee Platinum Medal by the province of New Brunswick for his service in the Canadian Forces, work in cybersecurity, and for co-founding Beauceron Security. David is a former journalist and a Canadian Forces veteran.
Be sure to tune in and subscribe to The Cyber Insider to get your monthly inside scoop on cybersecurity.
Hosts:
Luke Connolly – partner manager at Emsisoft
Brett Callow – threat analyst at Emsisoft
Intro/outro music: “Intro funk” by Lowtone.
This month we welcome David Shipley on the Cyber Insider podcast’s latest episode. David is a recognized global expert in cybersecurity, regularly speaking at public and private events around the world and frequently appears in national and regional media to address cybersecurity stories and topics. David co-founded Beauceron Security in 2016 with an innovative approach to cybersecurity awareness and risk management which empowers everyone within an organization to know more, and care more, about their key role in protecting against cyber-attacks. Beauceron Security now serves more than 700 clients across North America, Europe, and Africa with 650,000+ end-users. He continues to lead the company as CEO. Prior to co-founding Beauceron Security, David was the security lead for the University of New Brunswick and developed its incident response, threat intelligence and awareness practice. He is a Certified Information Security Manager (CISM) and holds a Bachelor of Arts in Information and Communications Studies, as well as a Master of Business Administration, from the University of New Brunswick. In 2023, David was awarded the Queen’s Jubilee Platinum Medal by the province of New Brunswick for his service in the Canadian Forces, work in cybersecurity, and for co-founding Beauceron Security. David is a former journalist and a Canadian Forces veteran.
Be sure to tune in and subscribe to The Cyber Insider to get your monthly inside scoop on cybersecurity.
Hosts:
Luke Connolly – partner manager at Emsisoft
Brett Callow – threat analyst at Emsisoft
Intro/outro music: “Intro funk” by Lowtone.
Previous Episode
MSP Risk Landscape, Assume Breach Mindset and more, with Ryan Weeks
This month’s guest on the Cyber Insider is Ryan Weeks. As the former Chief Information Security Officer (CISO) for Datto, Ryan built and piloted Datto’s industry leading Information Security program prior to the 2023 acquisition of the company. Currently, Ryan is advising IT Channel cybersecurity startups and is the Partner and Director of Content for Right of Boom, a cybersecurity education company purpose built for MSPs. Ryan loves sharing his knowledge and experiences of all things cybersecurity almost as much as he loves his family, fishing and surfing.
The risk landscape for Managed Service Providers (MSPs) has undergone a significant transformation in recent years. Ryan highlights the pivotal year of 2018 when MSPs became a prime target for cyberattacks. He explains, "There was a large spate of attacks against MSPs, and it completely turned the risk landscape on its head." This shift in focus by threat actors towards MSPs has created unique challenges for the industry.
Ryan emphasizes the importance of understanding the threat landscape and the need for MSPs to adopt a threat-informed cyber defense approach. He states, "You can't have an effective cyber defense if you don't have some resemblance of an understanding of your adversary and how they might seek to compromise your business." MSPs must be aware of the industries they serve and the specific threats they face to build resilient cybersecurity programs.
Rather than viewing a breach as a failure, Ryan encourages organizations to see it as an opportunity for improvement. He states, "The breach isn't the bad thing; it's the motivation for us to make ourselves better so that when it happens, we're more prepared to operate through it." Adopting this mindset allows organizations to focus on building robust capabilities and response plans to mitigate the impact of cyber incidents.
Looking ahead, the future of cybersecurity relies on continuous education, collaboration, and the development of robust capabilities. As our guest aptly puts it, "The breach isn't the bad thing; it's what you do when you get breached that matters." With the right mindset, knowledge, and proactive measures, organizations can turn cyber incidents into opportunities for growth and improvement in the ever-changing world of cybersecurity.
All this and much more is discussed in this episode of The Cyber Insider podcast by Emsisoft, the award-winning cybersecurity company delivering top-notch security solutions for over 20 years.
Be sure to tune in and subscribe to The Cyber Insider to get your monthly inside scoop on cybersecurity.
Hosts:
Luke Connolly – partner manager at Emsisoft
Brett Callow – threat analyst at Emsisoft
Intro/outro music: “Intro funk” by Lowtone.
Next Episode
The Role of AI in Cybersecurity: Advantages, Risks, and Future Trends, with Ian Paterson
This month we welcome Ian L. Paterson on the Cyber Insider podcast. Ian is an entrepreneur with 10+ years of experience in leading and commercializing technology companies. Paterson has raised millions of dollars in private and public financing, completed international M&A transactions, and is co-inventor of 3 patents on digital identity and data analytics. As CEO of Plurilock, Paterson successfully built and grew Plurilock, leading to its successful public listing on the Toronto Stock Exchange Venture.
Previously Paterson served as founder and CEO of data monetization platform Exapik (acquired), and as Director of Insights for Terapeak (acquired), a venture-backed analytics firm. Paterson is a regular speaker, media commentator, and active angel investor.
Hosts Brett Callow and Luke Connolly discuss the role of artificial intelligence (AI) in cybersecurity with our expert guest. Ian explains that while AI has its strengths in processing large amounts of data and making determinations based on patterns, it also has its limitations in areas such as content sensitivity, context sensitivity, creativity, and innovation. However, he notes that AI is evolving rapidly and becoming more capable in areas like creativity, as seen with tools like ChatGPT and OpenAI's image creation tools. Ian emphasizes that AI is a valuable tool for processing large amounts of data in cybersecurity, particularly in areas like threat detection and response.
Regarding the ethical implications of AI in cybersecurity, our guest discusses the importance of data ownership and rights. He highlights the need for organizations to be cautious about the data they feed into AI systems and ensure they are not accidentally leaking or granting permission to sensitive information. He also mentions the use of data loss prevention tools to mitigate these risks.
"AI is an equal opportunity tool. It's not just going to be used by the good guys, it's going to be used by the bad guys as well."
In terms of future trends, Ian predicts that there will be multiple AI systems in use, both public and private, within organizations. He believes that each team, individual, and domain will have their own AI system, and organizations will have more control over the models and data used. He also anticipates the emergence of new applications and use cases for AI in cybersecurity that we may not have thought of yet.
All this and much more is discussed in this episode of The Cyber Insider podcast by Emsisoft, the award-winning cybersecurity company delivering top-notch security solutions for over 20 years.
Be sure to tune in and subscribe to The Cyber Insider to get your monthly inside scoop on cybersecurity.
Hosts:
Luke Connolly – partner manager at Emsisoft
Brett Callow – threat analyst at Emsisoft
If you like this episode you’ll love
Episode Comments
Generate a badge
Get a badge for your website that links back to this episode
<a href="https://goodpods.com/podcasts/the-cyber-insider-250053/the-power-of-security-awareness-training-key-ingredients-for-success-w-36176977"> <img src="https://storage.googleapis.com/goodpods-images-bucket/badges/generic-badge-1.svg" alt="listen to the power of security awareness training: key ingredients for success, with david shipley on goodpods" style="width: 225px" /> </a>
Copy