securityinsights

Security Insights

A podcast that takes a deeper look at today’s most important issues in cyber security, and beyond.

Author

securityinsights

Category

Technology

Podcast website

securityinsights.co.uk

Latest episode

Jul 9, 2026

Where to listen?

Podcasts in the app Replaio Radio Coming soon

Podcasts are coming to the app soon. Install now and be the first to see a whole new take on podcasts

Get it on Google Play Install for free Android 5M+ downloads · 4.8 rating iOS soon

Episodes

Non-human identities: the rise of the machines 03.07.2025

Non-human identities now vastly outnumber human actors on the internet, perhaps by as many as 50 to one. APIs, online devices and service calls now dominate internet traffic, and access requests. And this is only set to increase, with the rise of AI and AI agents. Could we even see "robot wars" as AI agents take on AI defenders? A lack of visibility, and a lack of control over machine identities i...

Balancing risk and security: Rich Seiersen 19.06.2025

Managing cybersecurity is increasingly about managing risk. It's not possible to stop every attack or prevent every breach. So CISOs need to link the likelihood and impact of an incident to the damage it does to the organisation. But do security teams understand business risk? And do business leaders fully appreciate the threat from cyber attacks? Our guest is Richard Seiersen , chief risk technol...

Cyber Security Foundations: security by the book 05.06.2025

Can a book hold the answers to our cybersecurity challenges? Perhaps not. But a new book from the Information Security Group at Royal Holloway, University of London, sets out to act as a primer on cybersecurity. The target audience is both those setting out on a career in the sector, or general readers who want to understand the core principles of cybersecurity. The book is called Cyber Security F...

Verizon's DBIR: tracking security threats 22.05.2025

Verizon's Data Breach Investigations Report is one of the longest-running research studies in the industry. This year's report is the 18th and tracks over 20,000 incidents and 12,000 breaches. What changes are we seeing, and what can CISOs learn from the data? Our guest is Ashish Khanna, who runs the security solutions and consulting practice at Verizon Business. Interview by Stephen Pritchard

Beyond the Titanic: Cybersecurity in Northern Ireland 08.05.2025

In this episode, we look at the growth of the cybersecurity industry in Northern Ireland. What are the reasons for its success, and why does cyber play an important part in Northern Ireland's post-industrial future? And why should CISOs look there for a source of talent? Our guest is Simon Whittaker, chair of the steering committee for NI Cyber, and CEO of Vertical Structure, now part of Instil.

CISO Interview: Mandy Andress, Elastic 24.04.2025

Our guest this week is Mandy Andress is CISO at Elastic. Elastic describes itself as a “search AI company”, and is very much at the forefront of modernising enterprise technology. A host of businesses use Elastic's tools behind the scenes to manage their data, for security and, of course, for AI. As CISO, Mandy Andress has the dual responsibilities of keeping Elastic secure, and advising customers...

Insights Interview: Claudia Natanson, UK Cyber Security Council 10.04.2025

Dr Claudia Natanson is CEO at the UK Cyber Security Council. The Council, which is funded by the Government's Department for Science, Innovation and Technology, acts as an umbrella body for a range of professional bodies in cybersecurity. It is the organisation behind chartered status for cybersecurity professionals, sets standards and publishes an ethics code, and acts as a voice of the industry:...

Episode 125: Insights Interview, with James Bore 26.03.2025

Our guest for the 125th episode of Security Insights is James Bore. A well-known industry figure and speaker on cybersecurity, James runs the family consultancy firm Bores. He's also an author, book publisher, cyber skills trainer and volunteer. In this Insights Interview, he shares his forthright -- and sometimes controversial -- views on the way forward for cybersecurity, with editor Stephen Pri...

Why CISOs quit: cyber's leadership crisis 13.03.2025

Are CISOs leaving the industry in droves? One survey suggests that as many as one in four senior cybersecurity leaders plans to leave the profession. The causes include growing responsibilities, increasingly severe threats and ever-greater regulatory burdens. The result is stress and burn out, with CISOs constantly fighting fires. As one of our guests says, CISOs suffer from an "invisibility of su...

Stress testing cyber defences 27.02.2025

How far should you push security tests? Sometimes, the answer is "to the limit". In this episode we look at stress testing in cybersecurity. Putting systems under pressure is the only true way to check that they will work, as intended, during a cyber attack. But how does stress testing differ from pentesting and cyber exercises? How far is too far, and how do security teams capture the right lesso...

Fighting Ransomware, with Raj Samani 13.02.2025

Ransomware remains one of the greatest cyber threats to organisations. Certainly, it is the threat at the top of most boards' agendas. The reasons are clear enough: ransomware damages reputations, as well as the balance sheet. in the worst case scenario, a business might never recover from an attack. And ransomware itself is becoming more sophisticated, and so more dangerous. Groups have moved on...

The eye of the storm: dealing with a cyber crisis 23.01.2025

What happens when a cyber attack hits? What is it like to be in the eye of the storm, and how can security teams prepare? A cyber attack is inevitably a highly stressful situation for everyone involved. But planning and exercising goes a long way to at least manage that stress. Our guest for this episode is Dan Potter, senior director for resilience and cyber drills at Immersive Labs. He also has...

CISO Interview: Jack Mersey Westbury Street Holdings 09.01.2025

In a new series of interviews with cybersecurity leaders, we meet Jack Mersey, CISO at Westbury Street Holdings. In an in-depth interview, he discusses threats -- from nation states to business email compromise -- security awareness and culture, and the challenges of ensuring security to a highly distributed business with 26,000 people and over 1000 sites that operates around the clock. How does a...

Hacktivism's changing faces 19.12.2024

Hacktivist groups have been around almost as long as the public internet. But their make up, and their goals, have changed. Hacktivism is no longer about "hacker" or counter culture or protest. Instead, it appears increasingly aligned with political objectives. And some of today's  groups at the very least aligned to, if not sponsored, by nation states. Perhaps hacktivism is no longer the right te...

Security and AI: Jon France, CISO, ISC2 05.12.2024

AI poses risks to security, through possible flaws in the applications themselves, and by AI being used by threat actors to develop malware and improve their targeting.   But there’s also plenty who argue that AI offers a chance to improve security. Certainly there are plenty of vendors promoting AI-enhanced versions of their products, promising to react faster, and pick up more threats. Which sid...

Cyber stress: are we burning out? 21.11.2024

Is stress unavoidable, if you work in cyber? And does workplace stress in the industry threaten security? Stress and burnout among cyber teams are now a real worry for CISOs. And our guest for this episode argues that they should be a concern for boards too. Stressed-out operators underperform and make mistakes. Burned out staff are more likely to leave, forcing firms to spend more on hiring and t...

Insights Interview: Geopolitics and cyber threats, with the ISF's Steve Durbin 07.11.2024

Geopolitics is increasingly influencing cybersecurity. The growth of online espionage, the potential for attacks by state actors, and governments turning a blind eye to cybercrime are all increasing risk. At the same time, our growing dependency on connectivity, in government, in critical infrastructure and for day to day business, makes cyberspace an attractive target. But it's not always been th...

Deepfakes: uncovering the security risks 24.10.2024

There's a lot being said (and written) about deepfakes. And there is no doubt that they can now be very convincing, to the point where they can deceive the human eye. But are deepfakes just a bit of fun, or do they pose real security risks? Do the dangers lie in manipulating public opinion through fake news, or can deepfakes be used to breach security systems. Our guest, Dr Andrew Newell, academic...

SaaS and security: shared responsibility, or hidden risks? 11.10.2024

Software as a service, or SaaS, has been a huge success. There are now some 30 thousand SaaS applications on the market worldwide. These cover everything from niche requirements to running entire businesses. The SaaS revolution has certainly brought benefits to businesses. But are SaaS applications secure and robust enough? Supporters of SaaS argue that their applications are actually safer and mo...

Investing in cyber: should we follow the money? 26.09.2024

Europe's cybersecurity industry is worth some $50bn and is growing at 10% a year. It's also pretty fragmented – at least when it comes to vendors. Europe -- even more so than the US -- is now ready for market consolidation. Some of that is being driven by acquisitions by the large technology firms, as they look to broaden their cybersecurity offerings. But firms, and their investors, are looking f...

Cyber escape rooms - and experiential learning 12.09.2024

Conventional security training leaves a lot to be desired. So what can CISOs do, to deliver training and security awareness in a way that is effective, and engaging? Over the last few episodes we've discussed both the psychology, and human factors, around cybersecurity. To finish the series, in this programme we will look at experiential learning, or learning by doing. Our guest is Amy Stokes-Wate...

Human Risk Management: tackling cybersecurity's weak spot 30.08.2024

How do we manage the risks posed by human behaviour? In this, the second of our short series exploring the links between human behaviour and security, we look at the emerging field of human risk management. The statistics are quite frightening: 90 per cent of security breaches involve human error or social engineering. But how do we, at a business level, categorise those risks? If we don’t underst...

Mind games: the psychology of cybersecurity 15.08.2024

How important is human behaviour in cybersecurity? How well do we know our people, and do we understand the risks posed by individuals' actions? Research suggests that the overwhelming majority of cyber breaches start with human error or poor practice. But despite investments in security training and security awareness, we still make mistakes. Over the next three episodes, we will examine some of...

AI: chatbots, cut and paste, and data leaks 01.08.2024

Our guest for this episode is Tim Freestone, of Kiteworks. He’s a long-standing expert in data protection and data privacy. And he's been following the growth of AI, and what it means for data privacy, security and confidentiality. Even data specialists have been surprised by the rapid take up of generative AI and its benefits. But do we have the measure in place to guard against the potential sec...

IT, OT, and CNI: a hidden threat? 19.07.2024

Any advanced economy relies on the smooth running of its infrastucture. And whether it’s transport, logistics, healthcare, the banking system, manufacturing – even food production – industrial and operational systems are what keeps it all running. Those systems are now being targeted by malicious actors. Both state-sponsored and criminal groups are looking closely at operational technology and ind...

Listen to the Security Insights podcast in Replaio

Radio and podcasts in one app - free, with no sign-up. Install today and do not miss the launch

Get it on Google Play

Replaio is not a podcast publisher; show names, artwork and audio belong to their authors and are distributed through public RSS feeds.