In this episode of the NextLabs Expert Series, Alex Sharpe joins us to discuss The CISO’s Role in Ensuring the Safety and Security of AI. In the first part of the episode, he covers how to build guardrails without stifling innovation and shares some security-specific resources for managing AI risks. In the second part of the episode, he covers the critical AI security efforts CISOs should watch closely. 

Mr. Sharpe is a long-time Cybersecurity, Governance, and Digital Transformation expert with real-world operational experience. Mr. Sharpe has run business units and has influenced national policy. He has spent much of his career helping corporations and government agencies create value while mitigating cyber risk. This gives him a pragmatic understanding of the delicate balance between Business realities, Cybersecurity, and Operational Effectiveness.

Part 1

Part 2

In this episode of the NextLabs Expert Series, Matthew Rosenquist shares his insights on Generative AI: The Dual-Edged Sword in Cybersecurity. He covers how cyber attackers are leveraging Generative AI to enhance attacks, the role of GenAI in in developing more effective security protocols, and how regulations address GenAI risks in cybersecurity. 

Matthew Rosenquist has over 35 years as a CISO, cybersecurity strategist, operational leader, and technologist in the cyber, physical, and information security fields. He is a respected authority and advocate in the field. As a keynote speaker, author, thought leader, and podcast host, he is one of the industry’s most recognized influencers, earning numerous awards for his work in making digital technology secure and trustworthy. 

In this episode of the NextLabs Expert Series, Nipun Mahajan shares his insights on Securing AI for SAP. 

He covers how AI enhances SAP functionalities, the challenges and considerations of integrating AI with SAP, the benefits and ROI of implementing AI in SAP systems, and more. 

Nipun Mahajan is a Senior Cybersecurity Analyst at Lonza.  With a robust technical background in SAP Cybersecurity and Cloud Services, Nipun has demonstrated expertise in security management, vulnerability assessments, risk management, and delivering transformative security solutions at large organizations.

In this episode of the NextLabs Cybersecurity Expert Series, Director of the NIST National Cybersecurity Center of Excellence (NCCoE), Cherilyn Pascoe joins us to discuss the NIST Cybersecurity Framework (CSF) 2.0 that was released earlier this year.

Cherilyn dives deep into the NIST NCCoE’s collaborative approach to cybersecurity, key updates to CSF 2.0, and how the NCCoE will help organizations implement CSF 2.0.

In this episode of the NextLabs Cybersecurity Expert Series, Jordan Aburumman shares his insights on Safeguarding SMEs in a Digital World.

He covers how SMEs can ensure compliance while integrating emerging technologies into their operations, and some of the best practices organizations should take to minimize the risk of data breaches while ensuring compliance with information security standards.

Jordan is a Managing Principal Consultant at Cyber Elite Australia with over 18 years’ experience of Networking and Cybersecurity for Government, Academia & Industry.

In episode 17 of the NextLabs Cybersecurity Expert Series, Christophe Foulon shares his insights on The Role of Cybersecurity in Ensuring a Secure Digital Transformation. 

He covers how cybersecurity plays a crucial role in digital transformation efforts, what roles regulatory compliance and data privacy regulations play in shaping cybersecurity requirements, and much more. 

Christophe is the founder and coach at CPF Coaching with more than 15 years of experience in the cybersecurity industry. 

In the 16th of the NextLabs Cybersecurity Expert Series, Brian Gallagher, dives into how to achieve a secure software supply chain.

He covers why a secure software supply chain is important for software development, how DevSecOps plays into software supply chain security, and much more.

Brian is the CEO and Co-Founder at Codelock.

In episode 15 of the NextLabs Cybersecurity Expert Series, Narendra Sahoo shares his insights on how to ensure compliance for global multinational enterprises that are subject to a variety of privacy regulations 

He covers the common challenges faced in achieving and maintaining privacy data regulatory compliance and shares some recommendations on how to ensure compliance with a variety of privacy data regulations. 

Narendra is the Founder and Director of VISTA InfoSec with more than 30 years of experience in the IT Industry, with expertise in Information Risk Consulting, Assessment, & Compliance services. 

In this episode of the NextLabs Cybersecurity Expert Series, Shruti Kulkarni shares her insights on the benefits and risks when navigating Open Source Software.

She covers the do’s and don’t when using Open Source Software and shares the precautions organizations can take to implement it securely.

Shruti is a cybersecurity architect at 6point6 with several years of experience in the field of cybersecurity.

In the 14th installment in the NextLabs Cybersecurity Expert Series, expert Rajan Raorane joins us to discuss how enterprises embarking on a digital transformation should safeguard data for improved cybersecurity and compliance.

Rajan is a data security expert with experience designing data architectures for intricate enterprise solutions in the interest of keeping sensitive business-critical data secure. Currently, Rajan works as Director for Yulan Fall Limited.

In the twelfth episode of the NextLabs Cybersecurity Expert Series, Janne Nurmi dives into the limitations of traditional authorizations in the SAP space.

He covers how ABAC can solve this issue, whether ABAC will replace RBAC, the Zero-Trust Principle for SAP, and more.

Janne Nurmi is a Principal Director at Accenture Europe SAP IPT H&PS with over 20 years of experience in IT.

In the 11th episode of the NextLabs Cybersecurity Expert Series, Giles Dalton shares his insights on using dynamic authorization and zero trust in controlled environments.

He covers the limitations and risks of traditional techniques for protecting controlled data, what the conjunction of dynamic authorizations and zero trust bring, and more.

Giles Dalton is the operations director at Prolinx Limited, a UK-based company that offers secure cloud services. He has extensive experience delivering mission-critical secure platform as a service solutions.

In the tenth episode of the NextLabs Cybersecurity Expert Series, Alexandru Ghinea shares his insights on securing microservices to prevent cybersecurity attacks.

He covers what a microservices architecture looks like, what threats this architecture may pose, and how to implement a data-centric security approach with this architecture.

Alexandru Ghinea is a DevOps Engineer for the Societe Generale. Alexandru has over 8 years of experience in the cybersecurity field.

In the ninth episode of the NextLabs Cybersecurity Expert Series, Michal Davidson shares her insights on the challenges faced when implementing a Zero-Trust architecture. Michal also covers the difficulties in adapting a ZTA to a multi-cloud environment, as well as where vulnerabilities are commonly identified in a security review process.

Michal Davidson is a Principal Software Architect for Dell Technologies. Michal has over 16 years of experience in the security field, working in a variety of domains including mobile security and end-to-end security. 

In the eighth episode of the NextLabs Cybersecurity Expert Series, Maria Teigeiro shares her insights on how the role of firewalls in data security has evolved over time. Maria covers the early history of firewalls, their evolution, what their role is in today’s rapidly evolving digital landscape, and how zero-trust and data-centric security can extend firewall security.

Maria Teigeiro is a Solutions Architect who has over 25 years of experience in the security field. A self-described “security magician,” Maria specializes in helping organizations out of their old access-centric, black and white perimeter security days, and into a data-centric security model.

In the seventh episode of the NextLabs Cybersecurity Expert Series, Emre Koksal, shares his insights on the concept of zero trust down to a file. Emre covers what it means to have zero trust on the file-level, why we need it, how zero trust on the file-level strengthens data security, and more. 

Emre Koksal is the CEO and founder of Anchor. He is also a Professor of Electrical and Computer Engineering at The Ohio State University. Emre received S.M. and Ph.D. degrees from MIT in 1998 and 2003, respectively, in Electrical Engineering and Computer Science. His areas of expertise include wireless communication, information security, communication networks, and information theory. 

In this episode of the NextLabs Cybersecurity Expert Series, Alper Kerman and Bill Newhouse discuss what approaches an enterprise can leverage to begin implementing a Zero-Trust Architecture (ZTA), as well as how ZTA intersects with data classification.

Both Alper and Bill work as security engineers at the NIST National Cybersecurity Center of Excellence. (NCCoE). The NCCoE is a part of the Applied Cybersecurity Division of NIST’s Information Technology Laboratory. The NCCoE brings together members of private industry, government agencies, and academia. Together they create practical, standards-based solutions that organizations of all types and sizes can use to protect their assets, people, and data.

With the increase of global cybersecurity threats in the last few years, it has never been more important to properly secure your company’s sensitive data.

Advisory Director at KPMG’s SAP Security and GRC group, Charlie Singh, is familiar with the importance of cybersecurity in today’s S/4HANA transformations. Charlie has over 20 years of global security experience and compliance and has been with KPMG for a year, specializing in the life sciences, utilities and industrial fields.

As we dive into the fifth installment of our NextLabs Cybersecurity Expert Series, Charlie will share his insights on cybersecurity within the SAP landscape and key risks to consider during S/4HANA migrations or transformations.

In the fourth episode of the cybersecurity expert series, Nitin Aggarwal dives into what has caused the shift in the need for dynamic data protection and how ABAC can enable dynamic data protection.

Nitin Aggarwal is an Associate Partner with Infosys Consulting. He has been working with Infosys for over 12 years. He is currently leading the Enterprise Security, Risk and Compliance Practice at Infosys Consulting. He has been helping clients achieve sustainable compliance and also move to new ways of managing security in an enterprise, specifically around attribute-based access controls.

In the third episode of the cybersecurity expert series, Sowmya Narayanan Deenadayalan discusses the recent paradigm shift to ZTA, how ZTA impacts authentication and authorization, along with how ABAC and dynamic authorization technologies can enhance ZTA.

Sowmya is a Senior Manager in Deloitte’s Risk Advisory group, and has 17 years of experience in Risk, Controls, Cyber and GRC implementation and optimization programs.  At Deloitte, he has led transformation roadmaps for multiple global Fortune 500 organizations for Identity, access and process controls transformations and helped organization supplement their GRC, access controls & Identity and Access management (IAM) solutions frameworks.

In the second episode of the NextLabs Cybersecurity Expert Series, our guest Alper Kerman dives into what Zero-Trust Architecture is, its efficacy, core components, and deployment options. 

Zero trust is the term for an evolving set of cybersecurity paradigms that move defenses from static, network- based perimeters to focus on users, assets, and resources. Zero trust assumes there is no implicit trust granted to assets or user accounts based solely on their physical or network location or based on asset ownership.

More information on implementing ZTA:

• NIST NCCoE: Implementing a ZTA

In part two of Data Security and Ransomware Defense, NIST Security Engineer Bill Fisher dives deeper into the topic of mitigating ransomware risk. He also covers the resources NIST offers to help manage risk.

Bill Fisher works at the NIST National Cybersecurity Center of Excellence (NCCoE). The NCCoE brings together members of private industry, government agencies, and academia.

Resources mentioned in this video:

• Cybersecurity Framework by NIST

In the first episode of the NextLabs Cybersecurity Expert Series, our guest Bill Fisher dives into data security and ransomware defense. Bill’s experience working as a security engineer with NIST at the National Cybersecurity Center of Excellence has given him expertise in dealing with ransomware threat.

In Part I of his two-part episode, Bill covers what ransomware attackers are trying to accomplish, how ransomware is distinct from other types of malware, and why ransomware is still so prevalent today.

Resources mentioned in this video:

• National Cybersecurity Center of Excellence

Interested in learning more about the NextLabs Expert Series?

Sign up to receive more information on the Expert Series.