Name: The DOGE-effect on Cyber: What's happened and what's next?
Start: 2025-04-08T15:00:00Z
End: 2025-04-08T15:01:00.000Z
Location: BrightTALK
Rating: 3.9

Today’s security leaders are busy managing the increasingly complicated relationship between security and privacy. As the CISO role evolves, they're not only security leaders but strategists and negotiators, often working to keep other employees safe while ensuring their cybersecurity plans align with business goals. In this series we’ll highlight security trends and share insights from industry thought leaders on cyber security strategies, best practices, and important compliance regulations. 

Our world is becoming increasingly digitized and automated, from the cars we drive to the energy we use. Introducing technology to previously-manual processes can bring efficiency and greater ease of use, but it also opens up new risk areas. If the technology fails, access to critical utilities could be lost – to devastating effect. We are already seeing challenges with the water supply in many areas of the United States; hindering public access to water through technical issues only compounds an existing problem. Access to safe water must be protected, but how can we do this?

It’s not just technical error that can cause problems; more concerning is the ability for cybercriminals to target these municipal services, as a way to disable an entire geographical area. One of the most precious resources to secure in this new landscape must be water. So how can this utility and others be protected?

In the June episode of CISO Insights, hosts Dan and Earl will be joined by a panel of experts to break down what it will take to keep the water safe and ensure access to our most critical utilities.

Securing Utilities and Keeping the Water Safe

Technology continues to be one of the most exciting sectors for young professionals to enter and for veterans to conquer – but the rules are constantly changing. What was true for the class of 2022 is no longer true for today’s graduates, let alone those who entered the market a few years before. And what about those who have been in the industry for a while now, but are still unsure about the next step in their career? As companies invest in new technology areas and prioritize different programs, the roles they need and the jobs they are hiring for also change. 

It is reported that there are approximately 3 million cyber jobs available, but what do those roles actually entail? Who is hiring and which segments are seeing the most professional opportunity? How can current professionals adapt to this shifting industry and position themselves for years of future success?

Join Dan Lohrmann and Earl Duby in this latest episode of CISO Insights, as they are joined by a panel of industry experts to reflect on the current state of cybersecurity jobs.

Where Are the 3 Million Cyber Jobs? Cyber Careers & Your Next Tech Role

Ransomware is a constant thorn in the side of CISOs everywhere. No matter how we adapt our security measures, these cybercriminals are similarly devoted to finding a way through and causing grievous harm. It can feel like running on a hamster wheel, but it is imperative that cybersecurity teams don’t become complacent or fall into a false sense of security. In 2025, ransomware must be taken as seriously as in the years before.

Cybercriminals have more advanced weapons but modern CISOs can be equally well-equipped. The key is to keep evolving. In this new world of ransomware, of ransomware 3.0, what does it take to stop a cyber attack in its tracks? How can IT teams safeguard their operations from the most persistent and dangerous criminals? Can anything truly stop these bad actors?

Join Dan, Earl and their panel of guests to deep dive into the current state of ransomware, pinpoint how it’s changed in 2025 and learn what security teams can do to stay one step ahead.

Ransomware 3.0: Can Anything Stop These Bad Actors?

It has never been easier to spread information across our interconnected world, but with information comes disinformation. The advancement of generative AI and its increasing accessibility are making it hard to tell truth from fiction on the internet – and this will only become more challenging as the tools improve. Even the most discerning netizens can find themselves falling for deepfakes and disinformation, especially when the sheer volume of material makes fact checking a mammoth task.

What is the role of governance in this new environment? Is it the responsibility of our institutions to enact laws and bans to control the spread of disinformation, or should we be taking this on as individuals? What does it mean for the internet if we cannot trust what we find there to be real? 

In this episode of CISO Insights, hosts Dan and Earl will be joined by an expert panel to look at what practically can be done to combat deepfakes and disinformation – and ask what should be done.

Deepfakes and Disinformation: Will Laws and Bans Stop the Flow?

The cybersecurity landscape is constantly evolving and no one can truly know what lies ahead… but we can make informed predictions about the industry in 2025. Those who have a good sense of what’s around the corner will be better prepared to respond to arising challenges – and opportunities. The key is to pay attention to the right data and the right industry experts.

The predictions market is about more than looking at clear trends and buzzy innovations: The most useful ones take into account current pain points and growth areas; they analyze current global players and review the latest research on global security incident trends; and they invite the perspectives of fellow industry veterans, to collate the most comprehensive and well-developed forecast. We may not be able to pin down the future exactly, but we can come close.

Join series hosts Dan Lohrmann and Earl Duby as they open 2025 with their beloved annual predictions episode. In this conversation, the panel will look at the most exciting areas of development in cybersecurity and predict what may lie ahead, so that we all might feel more prepared for the future.

For an advance look at Dan Lohrmann's security predictions for 2025, you'll find his online post, "The Top 25 Security Predictions for 2025 (Part 1)," now linked in the attachments section.

Episode Guests:
Sravish Sridhar, CEO & Founder of TrustCloud
Tabice Ward, Cybersecurity Executive and Adjunct Lecturer at the University of Detroit Mercy

The Top 25 Security Predictions for 2025

Modern conflict increasingly centers around technology and digital infrastructure. The battlefield is no longer solely a physical stretch of terrain between territories; war is waged behind enemy lines, within their networks and inside their security systems. Cyber attacks can be hugely debilitating when launched successfully, causing widespread damage and incapacitating many functions. How can entities protect their operations from opponents, particularly in this new landscape of warfare?

Following several years of international conflict and discord, this episode will look at what we have learned about cyber warfare and what we should take with us to greater protect our digital terrain. While we cannot always avoid the battle, there are steps that can be taken to reduce the harm inflicted.

Join Dan Lohrmann, Earl Duby and their expert guests, Richard Stiennon and Michael McLaughlin, in the final CISO Insights webinar of 2024, for a thoughtful conversation around the key takeaways of cyber warfare to date.

Guest Panelists:
Richard Stiennon's impressive career in cybersecurity includes authoring two key texts on cyber warfare: "Surviving Cyberwar" (2010) and "There Will Be Cyberwar" (2015). An established leader in the field, Stiennon is also the Chief Research Analyst for IT Harvest, the industry analyst firm that he founded in 2005. His newest book is Security Yearbook 2024.
https://www.linkedin.com/in/stiennon/

Michael McLaughlin is currently the Co-Leader of the Cybersecurity & Data Privacy Practice Group and a Principal Policy Advisor at Buchanan Ingersoll & Rooney PC. His vast career history includes experience in cybersecurity, government contracting, and national security, and he authored the notable book, "Battlefield Cyber: How China and Russia are Undermining our Democracy and National Security."
https://www.linkedin.com/in/michael-g-mclaughlin/

Cyber Warfare: What We’ve Learned From Past Conflict

With a new election around the corner and last election's voting dramas still in our minds, security concerns around digital voting booths are at an all time high. Not only does a democracy require a secure voting system to function at all, but the voting public must be able to feel confident that the election has been handled safely and honestly. Without this trust, our nation’s public institutions could find themselves vulnerable.

Despite concerns about criminal interference, a software-powered ballot box remains the most efficient and accessible form of voting that we have – and one that doesn’t look like it will go away any time soon. So how can we strengthen this system and foster confidence in the voting system? What does a truly secure ballot box look like? And is this something that should be modernized or improved upon for future elections?

Join hosts Dan Lohrmann and Earl Duby in this election-themed episode of CISO Insights, to hear them and their expert guests take a sharp look at defending the ballot box.

Defending the Ballot Box: What It Takes to Digitally Protect an Election

Hosts: Dan Lohrmann, Presidio; Earl Duby, Auxiom
Speakers: Jennifer Tisdale, Grimm; Moe Yassine, Stealth AI Startup

Concern for the environment and a move away from fossil fuels has supercharged the growth of the electric vehicle market. While in many ways this is a sign of progress, the explosion of electric transport has placed new demands on local infrastructure and created new security risks. The digitization of a previously analog process has opened the door to a new kind of cyber crime, which in turn has prompted a new kind of cyber security.

What does it look like to install and secure charging stations across the country? How can electric vehicles be safeguarded against cyber attacks, particularly ones that feature self-driving functionality? What does it mean to secure the future of mobility in this new electric landscape?

In this latest episode of CISO Insights, hosts Dan Lohrmann and Earl Duby will be joined by expert guests to review the security concerns of electric transport – and discuss what it will take to protect it.

Securing Software Defined Vehicles

As local public infrastructures become increasingly digital and "smart", protecting these systems poses a new security challenge. Depending on whether these programs are run by local government or outsourced to corporate entities, there may be varying levels of existing security protocols – and varying amounts of investment available. But the stakes are higher than ever: Once a town or city digitizes its public environment, every resident is now an active participant in this smart landscape.

To address these new and growing security concerns, municipal services and cyber security providers must work together. Defending smart cities will be an evolving process, as new service features are introduced and new threats are detected. For security professionals, this could be an exciting, if high-stakes, challenge for both today and the future. But where should cities begin? And where are the biggest risks?

Join CISO Insights hosts Dan Lohrmann and Earl Duby in this latest webinar, as they take a closer look at what it really takes to defend smart cities with their expert guests.

Defending Smart Cities: How to Protect Local Infrastructure in a Digital World

Every organization is concerned about cyber crime and their security protocol, which can be a source of stress – but also a great source of opportunity for security professionals. The industry is full of new challenges and investment, yet not every company is approaching cyber security in the same way and with the same resources. As a security professional, there is clearly opportunity to thrive, but it’s not always clear where those opportunities lie. How can you know when to stay put and when to move onto the next role?

Cyber security jobs range from service providers and developers, to in-house teams and consultants. The nature of each position will also vary depending on the size of the organization, the amount of investment available and the organization’s approach to security. For professionals, this landscape might be overwhelming – or inspiring.

In this next installment of CISO Insights, hosts Dan Lohrmann and Earl Duby will be joined by cybersecurity experts to look into the cyber job market and assess what your next move should be.

The Cyber Job Market: When to Stay and When to Move

What will come next in our world of cybersecurity as we head into 2024? What will be hot, and what will not?
The best security predictions do much more than just make educated guesses at what might happen in the next year or two. They examine the vendors who study global security incident trends; analyze what’s working and what’s not; consider new cyber solution alternatives, and use science and data to gaze into the future and make forecasts.
Join series hosts Dan Lohrmann and Earl Duby and their guests for the annual security predictions episode. The expert panel will draw from the perspectives of top cybersecurity industry companies, thought leaders, tech executives and journalists to put together the ultimate predictions guide.
Come explore the future – from a cyber perspective.

The Top 24 Security Predictions for 2024

"If there has been a single dominant topic of discussion in 2023, it has to be the rapid rise of generative AI. New developments in the technology have drawn mass attention and it seems like everyone is trying to figure out how best to deploy generative AI in their own organizations. This presents a great opportunity to optimize existing machine learning efforts and automate operations even further – but it also opens the door to dangerous gaps in governance. Without the right protocols, companies can become vulnerable to a host of problems, from data loss and increased attack surface area to copyright issues and misinformation. 

The technology is so new that many organizations won’t yet have clear policies in place around the use of generative AI. And while there are licensed, regulated generative AI tools available, many people are currently using the vast array of free apps that have not been scrutinized from a compliance standpoint. How can teams take advantage of these new opportunities created by generative AI, while maintaining their standards of security and governance? How can teams protect themselves from the risks of shadow IT and create clear governance policies?

Tune into this latest episode of CISO Insights to hear Dan Lohrmann, Earl Duby and guest experts discuss how to govern data and balance the dual threat and opportunity of generative AI.

Threat & Opportunity: Governing Data in the Age of Generative AI

Security audits can feel like necessary evils, especially for overburdened security teams. When done effectively, an audit can identify potential problems before they cause real damage, which saves money, protects privacy and keeps organization’s compliant. It’s not surprising that audits are recommended at least every six-twelve months. Yet they can feel like resource drains, especially when operations are running smoothly. Why devote hours of time and effort to verify what you already know?

The simple truth is that while each organization will benefit differently from a security audit, there is something to be gained by instituting a systematic review of company information systems. Each business will need to determine the frequency and criteria that work best for them, in order to maximize impact without compromising on speed or efficiency. Figuring out this balance will be the critical challenge, but one with substantial payoff.

In this episode of CISO insights, series hosts Dan Lohrmann and Earl Duby will be joined by industry experts to break down the good, the bad and the need to know about security audits.

Audits & Auditors: The Good, The Bad & The Need to Know

Cybersecurity is so often focused on securing enterprise infrastructures from external threats – for good reason. Cyber attacks are always evolving alongside security protocols, so organizations must stay vigilant. Yet when so many resources are devoted to protecting operations from the outside, it is easy to leave yourself at risk of another kind of attack: insider threats. In fact, a 2023 study from Cybersecurity Insiders found that 74% of organizations are at least moderately vulnerable to insider threats.

Insider threats require an entirely different security approach, especially as they bring up an entirely new problem: accidental or unintentional threats. Not all internal damage is done maliciously, with many incidences tied more to human error than criminal intent. The Ponemon’s Institute’s “2022 Cost of Insider Threats Global Report” found that over half of insider threats (56%) came from employee or contractor negligence. Creating an internally secure environment for your organization therefore requires a multi-pronged strategy that can protect against both intentional and unintentional attacks.

In this episode of CISO Insights, series hosts Dan Lohrmann and Earl Duby will be joined by security experts to break down what it takes to tackle insider threats.

From Inside the House: Tackling Intentional & Unintentional Insider Threats

Cybersecurity threats have been growing year on year, with 2022 seeing ransomware attacks increase by 87% against industrial organizations, according to a Dragos report. These breaches can come at a high cost if successful; ransomware extortion totalled $456.8 million in 2022, after a high of $765.6 million in 2021. But is cyber insurance the answer?

Unlike other forms of insurance, cyber insurance language is not standardized and this can lead to significant variations in policy coverage. Certain offenses, like cyber warfare, are often excluded from coverage, while individual insurers may disagree on what constitutes an approved “loss event.” Yet is it worse to be left without any protection at all?

In the latest installment of the BrightTALK Original series CISO Insights, industry experts will look at how to navigate the question of cyber insurance in 2023.

Tune in to hear more about:
— The real stakes of cyber security right now
— What comprises a robust cyber insurance policy 
— How the market has changed in 2023
— And much more

Episode speakers:
Dan Lohrmann, Presidio
Earl Duby, XFactor.io
Maria Thompson, AWS
Bridget Kravchenko, HNI Corp.

Risk & Reward: Navigating Cyber Insurance in 2023

There are few worse places to be in cybersecurity than reacting to a successful cyberattack. When a threat actor is in the network, they hold all the cards. With ransomware, phishing, and other attacks on the rise, an organization without a proactive plan is playing with fire. 

As we move into an ever more connected and online world, it is tantamount that CISOs and their teams craft and implement a strategic security plan. Cybersecurity teams that are prepared can save their organizations millions of dollars, and prevent hours, or even days, of downtime. 

Join us in this episode of CISO Insights as we explore how cybersecurity experts can build out a strategic security plan that works for their teams and their companies. 

Topics for Discussion Include:
- The evolution of threats CISOs face
- Why a strategic security plan is more important than ever
- How teams can use proven strategies to build a plan that fits their unique requirements
-And more

Staying on the Front Foot with Strategic Security Planning

As hybrid workplaces thrived in 2022, the security landscape has had to constantly evolve to accommodate a growing number of devices and workplaces. The expansion of endpoints and networks this entails will continue to challenge CISOs, but that’s not the only threat CISOs are expected to face in the new year. The Internet of Things grows day by day, and the estimated 43 billion devices that Gartner predicts will be connected to the internet need to be secured.  

Join us in our third annual forecasting webinar as we take a deep dive into 2023 security trends and discuss:

— Dan Lohrmann’s 2023 security predictions - visit the attachment section for the full article! 
— How the ‘New Normal’ of work and IOT are affecting the security posture of organizations
— The expansion of AI and its ramifications for CISOs and IT Departments 
— And more

Top Workspace Security Predictions for 2023

Since Elon Musk’s DOGE was formed, the Cybersecurity and Infrastructure Agency (CISA) has been gutted and top CISOs from numerous agencies have been fired. A further 32 (and counting) cybersec contracts with the CFPB have also been cancelled.

What do these unprecedented moves mean for the cyber safety of the USA’s citizens and its national security?

Join cybersec experts Dan Lohrmann and Earl Duby as they speak to guests about:

- DOGE's current cybersecurity setup following the changes made 
- How not having cybersecurity as top of mind can open the door to insider threats, foreign intelligence services and cyber criminals
- What's next: potential impacts from hacks, fraud, and privacy breaches
- And more

The DOGE-effect on Cyber: What's happened and what's next?

Endpoint Security

Security

IT Security

Cyber Security

Cyber Defence

Network Security

Enterprise Architecture

Enterprise Security

Connectivity

Satellites

The IT security community on BrightTALK is composed of more than 200,000 IT security professionals trading relevant information on software assurance, network security and mobile security. Join the conversation by watching on-demand and live information security webinars and asking questions of experts and industry leaders.

As an IT professional, many of the problems you face are multifaceted, complex and don’t lend themselves to simple solutions. The information technology community features useful and free information technology resources. Join to browse thousands of videos and webinars on ITIL best practices, IT security strategy and more presented by leading CTOs, CIOs and other technology experts.

The DOGE-effect on Cyber: What's happened and what's next?

Presented by

About this talk

More from this channel