Welcome to our podcast.
In each episode we dive into cyber security and management of your security efforts. We'll help you succeed with frameworks, templates, and experts who have tried it before.
There's plenty of podcasts about technology and cyber security.
So that's not us.
Instead, we'll focus on the human aspect of cyber security and processes and frameworks you can use to create effect security work in your company.
Your host is Anders Bryde Thornild from www.cyberpilot.io.
Each episode, he'll invite guests to talk about important cyber security topics.
📻 Siste episoder av Coffee and Cyber Security
Her er de nyeste episodene tilgjengelige via RSS-feeden:
21. How to Use Microsoft Defender to Strengthen Your Phishing Security (With Benjamin Pomerleau - Product Owner at CyberPilot) (00:29:03)
Microsoft Defender is a hidden gem of features if you use Office365. A lot of companies don't really use it even though it's a part of there plan with Microsoft. Today we dive into how you can use it to get better security when it comes to handling phishing emails. It: Simplifies the phishing reporting for end usersMake it easier for IT admins to get a good overview and take actionMakes people better at spotting phishingAll big wins. So why not get started?
20. Why you should do Security Awareness Training and how to get started (With Fredrik Nielsen - Partner and Product Owner at CyberPilot) (00:27:47)
Fredrik Nielsen who is partner in CyberPilot joins the podcast.He talks about why you should do Security Awareness Training. He comes across:Why Security Awareness training shouldn't just be for complianceWhy culture and behavioral change should be the goalWhy you should care about your employees when doing training3 principles to implement in your trainingWhy you might need to accept that not all employees act perfectlyListen along and click subscribe if you like what you here. Feel free to rank the podcast where you listen to it.You can always write us, if you have any feedback. We would love to hear from you.Write me, your host, right here: abt@cyberpilot.dk
19. What is good security awareness training? How you can make great courses for your company (With Tue Saltofte Lund - Digital Learning Specialist at CyberPilot) (00:18:49)
We have a new podcast episode live after a winter break.This time, we got digital learning specialist Tue Saltofte Lund in the studio to discuss what makes good security awareness training is. This means you can listen to a lot of gold nuggets about: - Why your courses must be practical for your employee's everyday life- How we structure courses and the thoughts behind it - Why you shouldn't assume you know what people knowWe hope you enjoy.
18. The 3 things most companies struggle with, when it comes to building a good security culture (00:27:37)
In this episode i'm joined by Julie Dolleris. She's our security culture expert in CyberPilot. She's been measuring the security cultures in a bunch of companies. This has created quite a few learnings that we thought would be interesting to share with you all. Because what are learnings worth if not shared?She dives into:What it is that we've measured.What the learnings are across all companiesWhat surprised us and the companiesHow you can get started building a strong security cultureHope you enjoy.If you are interested in learning more about security cultures, you can read more right here:https://www.cyberpilot.io/security-culture
17. The 8 tells of a phishing email you and your colleagues should know - or else... (With Benjamin Pomerleau - Product owner at CyberPilot) (00:23:29)
What are the social engineering methods and tricks scammers use in their phishing emails? It might be easy to spot a phishy URL or a badly spoofed email address. But what if these things look legit? Then what are the tells you and your colleague should look for?Benjamin Pomerleau joins the podcast to discuss about the 8 tells he sees all the time in phishing emails. If you and your colleague can spot these tells, then you have a great chance of spotting the phishing emails before they do any harm.
16. Here's the challenges most SMEs face when it comes to Cyber Security (With Bjarke Petersen - Founder of CyberSales & CyberMinds) (00:23:21)
In this episode, we are joined by Bjarke Petersen, the founder of CyberSales and CyberMinds. Rumour has it that he has a third startup coming up. Bjarke talks with many companies about cyber security, which makes him the perfect one to ask about the challenges many companies face and what they can do about them.Two of the biggest challenges he talks about are: - Budget - Overview and prioritizationHe also mentions a few tools that might be worth diving into. These are: - Passbol - Bitwarden - WazuhWe hope you enjoy the episode.
15. 5 Misconceptions about Security Awareness Training we see everyday (With Jonas Klærke Hejlskov - Customer Succes Manager at CyberPilot) (00:19:09)
In today's episode, I've invited my dear colleague, Jonas Klærke Hejlskov, into the studio. He's here to talk about 5 misconceptions about security awareness training we see all the time.The misconceptions are:1. A Few Big Events Are Enough for your security training2. Grouping Training Topics By Category3. Training Alone Makes You Secure4. Training is a "Set It and Forget It" Process5. Over-Customizing Training for Every EmployeeI hope you enjoy. PS: You can also read about the misconceptions right here:https://www.cyberpilot.io/cyberpilot-blog/5-misconceptions-about-effective-security-awareness-training
14. Here's the questions you need to answer to get a cyber insurance (With Kim Theilgaard - fairside) (00:24:43)
We already talked with Kim Theilgaard once. And the response was, that you all want more. In the first episode (episode 12 of the podcast), Kim mentioned the 20-50 questions they ask all companies to determine whether they are ready for cyber insurance. In this episode, we dive a bit deeper into these questions which are focused on five different areas. We don't have time to go through all questions but we do give an introduction to what is in those five areas.Do you want to know what all the questions are, feel free to write Kim and he will send them to you. His email is: kt@fairside.dk-------Besides the questions we couldn't help it but to quickly go through a breakdown like Crowdstrike - If a breakdown like that affects your business, does cyber insurances cover it? Well... It depends.... Listen how, in the episode.
13. How anthropology can strengthen your cyber security (With Laura Lynggaard Nielsen - Senior Security Anthropologist at Alexandra Instituttet) (00:25:44)
Anthropology and cyber security might not be the first two words you would connect in an association game. But maybe they should. We've invited Laura Lynggard Nielsen who works at Alexandra Instituttet as a Senior Security Anthropologist. She uses methods from anthropology to uncover how organizations can create stronger cyber security. You can learn a lot from looking at the social aspects of cyber security, as all your initiatives are impacted by and impact your organization's culture. In this episode, Laura talks about how to use anthropology and gives us a few examples of useful cases.
12. What a cyber insurance is and how to get one (With Kim Theilgaard - Partner at fairside) (00:17:24)
We've invited Kim Theilgaard on to our podcast.Kim is partner at fairside. fairside help and advise companies in insurances. One of these insurances is cyber insurances which is becoming more and more popular.In the episode Kim tells me about:What a cyber insurance isWhat it covers and what it doesn't coverWhat you need to have in place to get oneWhat to consider before getting oneCyber insurances is not a replacement for good cyber security but it can be... Yeah, an insurance. Just like your house, you still need to lock it.We hope you enjoy the episode. If you want to check out Kim and fairside, you can find his LinkedIn right here: https://www.linkedin.com/in/kim-theilgaard/
11. Beyond Security Awareness: From awareness to action (With Sarah Aalborg - CISO at Tivoli) (00:25:24)
In this episode, I'm joined by Sarah Aalborg - CISO at Tivoli, Keynote speaker, and soon-to-be author. She's a cyber security expert and a behavioral science expert.Which makes her the perfect guest for this podcast. In the podcast, we talk about:Why Security Awareness might be dead as a termWhy you need to think about behavior when you think about cybersecurity3 things you can do to create stronger cybersecurity amongst your colleaguesI hope you enjoy the episode and make sure to follow Sarah on LinkedIn to make sure you don't miss all her wisdom:https://www.linkedin.com/in/sarah-aalborg-bb348a1/
10. NIS2 is coming. Here's what you need to know (with Sarah Hofmann - Product and Policy Specialist) (00:19:04)
NIS2 is coming, but many people and companies don't know what it means for them. Therefore, we've invited Sarah Hofmann into the studio to talk about:What NIS2 isWho it apply toWhat happens if you don't complyHow you can get started working with the NIS2 requirementsIn the episode we also mention a blog post, you can find it right here:https://www.cyberpilot.io/cyberpilot-blog/what-is-the-nis2-and-how-will-it-impact-your-organisationWe also mention that we are creating a FREE course on NIS2 for management, the board, and IT. You can sign up to get access when it goes live here:https://www.cyberpilot.io/early-bird-signup-nis2-courseWe hope you enjoy the episode.
09. Why a security culture is so damn important and how to create one (with Julie Dolleris - Digital Learning Specialist at CyberPilot) (00:19:04)
Why is a security culture important? And how do you create one?Julie has gone through a lot of research to answer those questions. And as she says at the beginning of the episode: "It's a cool topic". In this episode, Julie will tell us all: Why aware employees are not enough to drive secure cyber behavior in your companyWhy you need to convince leadership before trying to change cultureWhy you need feedback from your co-workers to create the best cultureIt's an important topic. And once again, it's not only up to IT. You need your leaders and HR on board to create a strong cyber security -> so maybe pass on this episode to whoever needs to hear it ;) Hope you enjoy. If you do, please rate the show in your streaming app and subscribe.
08. Why phishing is dangerous and what you can do about it - with Benjamin Pomerleau (00:26:22)
In this episode, I've invited Benjamin Pomerleau to talk about phishing!He's our product owner of our service: Phishing Training. This means, he's getting paid to phish our customers and teach them how to spot them, which makes him perfect to talk about phishing.Benjamin talks about why technical solutions are not enough despite spam filters, two-factor and anti-virus systems probably can guard you against 99,9999% of all attacks.He talks about how creating a general interest in social engineering might be the way to go. He talks about why phishing-reporting and helping each other is key.And much more. So tune in, and I hope you enjoy it. And remember to subscribe if you don't want to miss another episode!
07. Why Psychological Safety and cyber security goes hand in hand and how you get started (With Line Hansen - Head of People and Culture from CyberPilot) (00:16:24)
In this episode of Coffee and Cyber Security, we've invited our own Head of People and Culture: Line Hansen. She's here to talk about psychological safety and how it relates to cyber security. She tells: - What psychological safety is - How it relates to cyber security - How you can get started working with psychological safety as an IT DepartmentJoin us in the talk and click subscribe if you don't want to miss the next episode.
06. 11 Tips to Succeed with Security Awareness Training (00:14:51)
In this episode Sarah is here to talk about 11 concrete and actionable tips on how to succeed with security awareness training. It sounds simple, but at the same time it takes work.The 11 tips are:Get your employees on boardGet leadership buying and make them endorse the trainingCreate both personal and organizational awarenessKeep it simpleGive it in small piecesOnly relevant contentMake it interactiveConvenience is keyUse varied learning methodsDo it continuouslyFollow up with your employeesListen to Sarah talk about all 11 tips and why they are important in the episode.
05. Different ways you can create cyber awareness in your company (00:18:41)
There's a bunch of way you can create awareness in your company. Some are better than others, but none of them are bad. All PR is good PR, you know. In this episode we'll talk about pro's and con's from different awareness methods, and what you should focus on.Again, i've invited Sarah to talk with me about it, as she is an expert on this matter.
04. Why aware employees are crucial for your cyber security (00:15:21)
In this episode, I'm talking about why aware employees are so damn important to your cyber security. To do that, I've invited Sarah Hofmann who is our product and policy expert at CyberPilot.She knows quite a bit about this topic. We'll touch upon, why you can't see cyber security as something that doesn't include employees. 8 out of 10 security breaches include a human element. Employees are CRUCIAL.
03. The foundation of your cyber security work: The IT security policy (00:22:14)
For the third time in a row, Rasmus is in the studio. This time, he's here to talk about why an IT Security Policy is crucial for your security work.We'll also talk about how you can actually do one, and what's important to be aware of. In the podcast, we mention a template to do one.You can find it right here: https://www.cyberpilot.io/it-security-policy-download
02. How to make sure your cyber security projects work (PDCA Cycle) (00:18:08)
Once again, I've been joined by Rasmus. This time to talk about how to run cyber security projects and make sure, that they work. To do this we use the Plan-Do-Check-Act Cycle framework. This framework is straight forward in theory, but can be difficult to remember in everyday life.But it's important, that we do.
01. Risk Analysis: How to make sure you are working on the right threats (00:22:38)
In this episode, I've been joined by Rasmus, the CEO of CyberPilot. Rasmus has a lot of experience when it comes to implementing a risk based approach to cyber security. Therefore, he is here to talk about, what a risk analysis is and how it can be used. We take you through the 4 steps of how to do one and hopefully you'll be ready working with a risk based approach in your organization. In the podcast, we mention a template. It can be found right here: https://www.cyberpilot.io/risk-analysis-download
00. Introduction to Coffe and Cyber Security (00:02:24)
Welcome to our podcast. The goal of this podcast is to help you with your cyber security work. We'll talk about how to run security projects how to make people cyber awarehow to get leadership buyingAnd much much moreSo, pour some coffee in your cup and join us for a small listen.
