If we want to manage cyber risks that involve people, such as social engineering attacks which can lead to ransomware, theft, fraud, insider attacks, and system compromises - we need clear insights!

In this episode of the Cybersecurity Vault, host Matthew Rosenquist engages with cybersecurity experts Wade Baker, Ashley Rose, and Sumona Banerji to explore the critical role of human behavior in cybersecurity. They discuss the significant impact of human error on security breaches, the importance of cognitive security, and the need for a cultural shift in how organizations approach cybersecurity training and awareness. The conversation highlights the necessity of continuous monitoring, understanding cognitive vulnerabilities, and leveraging data insights to manage human risk effectively. The experts emphasize the importance of visibility, communication, and creating a supportive environment to foster a strong security culture.

00:51 Panel Introduction

01:57 Understanding the Human Factor in Cybersecurity

06:36 Cognitive Vulnerabilities and Cybersecurity

09:34 The Role of Data in Human Risk Management

14:12 Analyzing Risky User Behavior

18:20 Cognitive Traits and Cyber Behavior

23:32 Adaptive Training and Continuous Monitoring

30:19 Evolving Threat Landscapes Post-COVID

34:21 Cognitive Security and Behavioral Resilience

39:52 Building a Strong Security Culture

44:04 Measuring Success in Human Risk Management

48:54 Actionable Insights for Cybersecurity Professionals

Risky Business – State of Human Cyber Risk Report: https://www.livingsecurity.com/2025-human-risk-report-key-cybersecurity-insights

Cyentia Institute: https://www.cyentia.com/

Living Security: https://www.livingsecurity.com/

MindShield Institute: https://www.mindshield.org/

The Cybersecurity Vault - episode 35, with guest Mikko Hypponen.

Some of the most aggressive cyber attacks originate out of Russia. The 2022 invasion of Ukraine was a pivotal moment for nation state attacks. Mikko is close to the front lines and one of the best sources of current research and perspectives. Listen to his pragmatic insights and let’s separate the fear from reality.

2025 cybersecurity insights with Gary Hayslip!  Gary provides his insights to the challenges and opportunities the cybersecurity industry will face in 2025!

In this podcast series we talk with the best experts who share their insights on the most relevant changes to #cybersecurity.  Gary is the Chief Information Security Officer for SoftBank Investment Advisors and basically a legend in the community.

Discussion Topics:
1. How attackers are maneuvering
2. How business conditions are changing
3. How technology innovation is impacting cybersecurity
4. What cybersecurity professionals should be doing now to prepare!

The Cybersecurity Vault - episode 34, with guest Chase Cunningham.

We take a hard look at when organizations make big cybersecurity mistakes, how the attackers see those as opportunities, and how they will maneuver to take advantage.

The Cybersecurity Vault - episode 32, with guest Ian Thornton Trump.

In this episode, we discuss one of the most divisive and contentious topics in cybersecurity - should victims of ransomware be allowed to pay the cybercriminals? With the continuing rise of digital extortion, such as ransomware, the world has realized that typical security practices cannot keep pace and the impacts are threatening the critical infrastructure sector. That has significant ramifications to the security and safety of entire nations. The idea of criminalizing digital extortion payments, to choke the money going to cybercriminals and thereby deter them, is a contentious idea that has the community polarized. I welcome back Ian Thorton Trump, the CISO at Cyjax Limited and the CTO at Octopi Managed Services to constructively discuss a path forward to address the growing threat.

The Cybersecurity Vault - episode #30, with guest Lisa Forte . Effectively responding to cybersecurity crisis events is crucial, yet many organizations lack a mature capability.

I speak with Lisa Forte, a legend when it comes to helping organizations prepare for handling cybersecurity crisis events, who shares her rich insights and recommendations.

Lisa’s LinkedIn profile: https://www.linkedin.com/in/lisa-forte/

Follow Matthew on LinkedIn: https://www.linkedin.com/in/matthewrosenquist/

Visit Cybersecurity Insights at https://www.cybersecurityinsights.us

Subscribe to the Cybersecurity Insights channel: https://www.youtube.com/CybersecurityInsights

The cybersecurity community is in an uproar over the recently announced SEC case against SolarWinds and their CISO. I talk with Ira Winkler, a longtime respected veteran of the industry, to debate the various issues of this SEC fraud and Internal Control Failures.

SEC press release: https://www.sec.gov/news/press-release/2023-227

SEC Compliant (.pdf) https://www.sec.gov/files/litigation/complaints/2023/comp-pr2023-227.pdf

Ira Winkler’s LinkedIn Profile: https://www.linkedin.com/in/irawinkler/

Follow Matthew on LinkedIn: https://www.linkedin.com/in/matthewrosenquist/

Subscribe to the Cybersecurity Insights channel: https://www.youtube.com/CybersecurityInsights