Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecurityManagementSecurity Enterprise ServicesSecurity Leadership and Management

The Cybersecurity and Geopolitical Podcast— Morality and cyber risk, role of a CISO, and governmental anti-cybercrime — Episode 7

Cybersecurity and Geopolitical Podcast Episode 7
October 18, 2021

This month, we hear about the inaugural International Cyber Expo, which was postponed multiple times due to the pandemic and focuses on cybersecurity on an international scale. Ian Thornton-Trump, the Chief Information Security Officer (CISO) at Cyjax, and Tristan de Souza present a retrospective on the exposition, which took place in London this year.

Security magazine brings enterprise security and risk professionals this entertaining and illuminating video podcast on the latest challenges and intriguing flashpoints within cybersecurity and the geopolitical landscape.

You can listen to the audio version right here below! You can also listen on the go anytime via our Spotify and Apple podcast channels: The Security Podcasts.


Your browser does not support the audio element.


Much of the discussion centers on the importance of accepting the reality that a data breach is almost certain to affect a company at some point. With this mindset, says Thornton-Trump, CISOs and the entire C-suite can move toward preparing for “what we do after we get breached.” While preventing a breach must be a part of the plan, cyber-realism must also come into play.

And clearly breaches are not the only threat to organizations these days: ransomware stalks the landscape. After a summer of serious ransomware attacks, it seems the Biden administration may be considering taking the fight to the threat actors themselves. Thornton-Trump notes that by sanctioning the companies that are responsible for processing the ransom payments, as well as the cybercriminals themselves, the administration may finally be putting the squeeze on ransomware.

CISOs now are seeing information security from a political lens, a cyber lens and traditional security concerns around fraud. CISOs at different companies have different worries — some are focusing on recovering from data breaches, while others focus more heavily on prevention. Thornton-Trump and de Souza discussed a combination of these two focuses — breaches are inevitable, so structures must be in place to respond to them.

A CISO position is an advisory role, and they need to make sure that they are equipped with all relevant information for the organization to resume normal business operations after a data breach. Part of the panel discussion Thornton-Trump participated in also circled around the CISO role as customer-facing. That level is an interesting spin on the job — now, CISOs are expected to be the point person on cyber incidents for clients and customers.

One topic that trended at the show was the NSO Group exhibition. The NSO Group is known for their Pegasus software, which is implicated in the death of journalist Jamal Khashoggi and the release of over 50,000 phone numbers from politicians and activists. The group presented at the International Cyber Expo, and Ian noted that the NSO Group has a problem with public relations and morality, which they need to fix before they’re welcome in the cybersecurity environment.

Another trending topic was the physical security presence at the Expo — Thornton-Trump remarks that physical security organizations oftentimes seemed more engaged and excited about new developments in the field compared to their cyber counterparts. One reason for this could be the sense of disappointment felt by cybersecurity leaders who have been let down by vendors in the past. The business side of the CISO role involves a lot of negotiation — fighting for budget increases that fund necessary security upgrades is an integral part of the job. Having business know-how and the ability to frame security spending as a savings tool in the long run are keys to being a successful CISO. “As cybersecurity becomes more about a risk to the organization, you need to be able to make business cases,” Thornton-Trump says. A good CISO doesn’t approach budget discussions alone — working alongside the financial and/or marketing departments can improve budget negotiations by educating other company members on the importance of security.

Looking to the future, our hosts discuss the reasoning behind inviting organizations like the NSO Group to exhibit on an international scale. Although there is a legitimate use of surveillance software provided by the NSO Group, we’ve seen many examples of software being used in the criminal market and against activists and human rights advocates, like Cobalt Strike. The video podcast also speaks about rehabilitation —being a good internet citizen needs to be seen as advantageous to their organization. The NSO Group’s inclusion in the exposition is a step towards that mentality.

When we look at the use of cybersecurity tools by bad actors, considering the humanitarian implications of those usages are important for the cybersecurity sphere. With Pegasus allowing users to see everything that someone does on the internet, the scope of the moral question around their technology must include its potential for nefarious use. When it comes to data privacy, large companies like Google and Apple also use surveillance to monitor internet activities. These uses raise similar questions as the NSO Group’s Pegasus software — can we separate intent from risk when it comes to cybersecurity tools?

Criminal use of malware generates funds that organizations put towards the development of stronger malware — a circular problem that continues to further itself. A start in the fight against ransomware is to target companies emanating from countries on the U.S. sanctions list on a financial level, which involves restricting their use of cryptocurrency and could decrease the amount of malware globally.

As cyberattackers like BlackMatter target pieces of critical infrastructure, the United States is poised to go after future attackers in the strongest possible way. The Biden administration’s redefinition of critical infrastructure to include food and product supply chains positions the government to respond to the recent cyberattack on the New Cooperative. The U.S. government’s support of businesses facing cyberattacks could play an integral role in their fight against cybercrime.

A final takeaway from the International Cyber Expo reveals that organizations are gaining a collective level of cyber awareness, which is the first step to defending against future threats. Circling back to the disappointment some cyber executives feel after being let down by aspirational vendors who ultimately don’t deliver, Thornton-Trump offers some advice: engage in collaborative efforts with security researchers to secure your product.

Watch the video version here or listen to the audio podcast version now!

KEYWORDS: c-suite Chief Information Security Officer (CISO) cyber attack cyber security cybersecurity and geopolitical podcast data breach enterprise cyber security geopolitical risk and resilience risk management supply chain

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Security Enterprise Services
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Security Leadership and Management
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Logical Security
    By: Charles Denyer
Manage My Account
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Sureview screen
    Sponsored bySureView Systems

    The Evolution of Automation in the Command Center

  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

Popular Stories

Rendered computer with keyboard

16B Login Credentials Exposed in World’s Largest Data Breach

Verizon on phone screen

61M Records Listed for Sale Online, Allegedly Belong to Verizon

Security camera

40,000 IoT Security Cameras Are Exposed Online

Security’s 2025 Women in Security

Security’s 2025 Women in Security

Red spiderweb

From Retail to Insurance, Scattered Spider Changes Targets

2025 Security Benchmark banner

Events

July 17, 2025

Tech in the Jungle: Leveraging Surveillance, Access Control, and Technology in Unique Environments

What do zebras, school groups and high-tech surveillance have in common? They're all part of a day’s work for the security team at the Toledo Zoo.

August 7, 2025

Threats to the Energy Sector: Implications for Corporate and National Security

The energy sector has found itself in the crosshairs of virtually every bad actor on the global stage.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • Cybersecurity and Geopolitical Podcast Episode 8

    Check out Episode 8 of The Cybersecurity and Geopolitical Podcast — China’s Role in Cybersecurity: Opportunity, Manufacturer or Threat?

    See More
  • Cybersecurity and Geopolitical podast

    The Cybersecurity and Geopolitical podcast - Cyber warfare, cyber mischief and the cost to nation-states, Episode 6

    See More
  • Cybersecurity and Geopolitical Podcast Episode 9

    Check out Episode 9 of The Cybersecurity and Geopolitical Podcast — Russia: The Global Protagonist

    See More

Related Products

See More Products
  • 1119490936.jpg

    Solving Cyber Risk: Protecting Your Company and Society

  • 9780367339456.jpg.jpg.jpg

    Cyber Strategy: Risk-Driven Security and Resiliency

  • security culture.webp

    Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing