Podcast 2 CISO Building KPI vs KRI 5mins Podcast
Podcast 1 Two CISOs: Operator vs Strategist
Unlock the secrets of SOC from a top Detection Engineer! Learn about threat detection and detection engineering for beginners in the real world.Join Prabh Nair for a no-fluff conversation with Adhokshaj Mishra, Staff Detection Engineer , as we crack open the daily reality of SOC threat detection and the art of detection engineering. From scrappy beginnings as a self-taught malware hobbyist to leading enterprise-scale detection logic, Adhok shares how deep technical chops, relentless curiosity and the right tools turn raw telemetry into life-saving alerts. We dissect the Log4j crisis response, false-positive tuning, SQL-powered data hunts, eBPF probes, OSQuery workflows and the tightrope walk between detection depth and system performance. Whether you’re planning a SOC career, refining your threat detection stack or curious about detection engineering fundamentals, this podcast delivers field-tested insights you won’t find in certification manuals. Stay to the end for book, tool and learning-path recommendations—and don’t forget to hit the comments with your top takeaways and future topic requests.CISO talkshttps://www.youtube.com/playlist?list=PL0hT6hgexlYwPTD-wC3oFBe27VGEiizg1NIST Serieshttps://www.youtube.com/watch?v=VcC_KabV_Ho&list=PL0hT6hgexlYy0vBwMv0eteiyAxB48RQzy&pp=gAQBiAQBGRC Serieshttps://www.youtube.com/watch?v=mq_vSLHm4r0&list=PL0hT6hgexlYztA41j1bceTfVagP9mtq28&pp=gAQBISO 27001 Videohttps://www.youtube.com/watch?v=sQqJH2naU6I&t=1454s&pp=ygUeaXNvIDI3MDAxIGltcGxlbWVudGF0aW9uIHN0ZXBzISO 27001 Implementation Guidehttps://www.youtube.com/watch?v=GBfwk10Hh-o&pp=ygUeaXNvIDI3MDAxIGltcGxlbWVudGF0aW9uIHN0ZXBzGRC Practical Serieshttps://www.youtube.com/playlist?list=PL0hT6hgexlYztA41j1bceTfVagP9mtq28GRC Interviewhttps://www.youtube.com/playlist?list=PL0hT6hgexlYz1Usn1Nrnur6OzVoz59zylInternal Audithttps://www.youtube.com/playlist?list=PL0hT6hgexlYyNWBcGYfabwumCr0GKmLWvStudy with MeTelegram Grouphttps://t.me/Infoseclearning#detectionengeering #soc #cybersecuritycompany #cybersecurity #cybersecuritycareers #infosec #socThreatDetectionPodcast#detectionEngineeringMasterclass#howToBecomeADetectionEngineer#realWorldSOCWorkflows#log4jDetectionCaseStudy#eBPFandOSQueryForSecurity#falsePositiveTuningTips#threatHuntingWithSQL#detectionEngineerCareerPath#malwareAnalysisFundamentals#socAnalystInterviewPrep#telemetryDataAnalysis#mitreATTACKDetectionMapping#edrvsmdrExplained#securityOperationsCenterInsights#buildingReliableDetectionRules#practicalCybersecurityPodcast#industrialScaleAlertingTactics#zeroToAlertHeroGuide#proToolsForThreatDetection#soc#threatDetection#detectionEngineering#detectionEngineer#socPodcast#log4j#eBPF#osquery#mdr#edr#malwareAnalysis#threatHunting#falsePositives#siem#alertTuning#sqlSecurity#mitreATTACK#telemetry#cybersecurityCareer#socAnalyst#securityOperationsCenter#prabhNair#adhokMishra#detectionRules#securityPodcast#cyberTools#redTeamDefense#realtimeAlerts#industrialSecurity#advancedSOC
Deploying AI responsibly isn’t about sprinkling policies on top of models—it’s a step-by-step AI Management System (AIMS) that anchors every idea, dataset and model to governance, controls and evidence. In this first-of-its-kind practical walk-through, I show you how to stand up an AIMS that meets the brand-new ISO 42001 standard and the EU AI Act—from executive mandate to post-market monitoring.We start with the basics—what an AIMS is and why ISO 42001 treats it like ISO 27001 for AI. Then we map each clause to EU AI Act risk tiers, so you know exactly which models need bias tests, human oversight or a full Technical File.Next, I unpack my 11-week roadmap: Due-diligence inventory, governance committee, razor-sharp policies, data-lineage gates, model-risk scoring, CI/CD compliance tests, runtime drift alerts and audit prep. You’ll see real artefacts—Asset Register, RACI matrix, Risk Assessment, Model Card—and watch them plug into automation so auditors get proof, not promises.Finally, we jump into post-market monitoring—capturing accuracy, drift and fairness gaps in production and feeding them back into continuous improvement loops required by Article 61 of the EU AI Act.Whether you’re a CISO, ML lead or startup founder, this master class hands you the templates, playbooks and metrics to certify faster, avoid fines and build AI users can trust.What is AI Governance Foundationhttps://youtu.be/LgFBi5XD-OwCISO talkshttps://www.youtube.com/playlist?list=PL0hT6hgexlYwPTD-wC3oFBe27VGEiizg1NIST Serieshttps://www.youtube.com/watch?v=VcC_KabV_Ho&list=PL0hT6hgexlYy0vBwMv0eteiyAxB48RQzy&pp=gAQBiAQBGRC Serieshttps://www.youtube.com/watch?v=mq_vSLHm4r0&list=PL0hT6hgexlYztA41j1bceTfVagP9mtq28&pp=gAQBISO 27001 Videohttps://www.youtube.com/watch?v=sQqJH2naU6I&t=1454s&pp=ygUeaXNvIDI3MDAxIGltcGxlbWVudGF0aW9uIHN0ZXBzISO 27001 Implementation Guidehttps://www.youtube.com/watch?v=GBfwk10Hh-o&pp=ygUeaXNvIDI3MDAxIGltcGxlbWVudGF0aW9uIHN0ZXBzGRC Practical Serieshttps://www.youtube.com/playlist?list=PL0hT6hgexlYztA41j1bceTfVagP9mtq28GRC Interviewhttps://www.youtube.com/playlist?list=PL0hT6hgexlYz1Usn1Nrnur6OzVoz59zylInternal Audithttps://www.youtube.com/playlist?list=PL0hT6hgexlYyNWBcGYfabwumCr0GKmLWvStudy with MeTelegram Grouphttps://t.me/Infoseclearning#AIGovernance#ISO42001#EUAIACT#AIManagementSystem#ResponsibleAI#AICompliance#AIRegulation#AIMS#ModelRiskManagement
Learn to dissect malware like a pro — even if you’re just starting out.In this step-by-step session, cyber-consultant Harpreet S. Arora shows how to combine static analysis, dynamic sandboxing, and AI-powered behavior tools to catch zero-day ransomware before it detonates.Linkedin Inhttps://www.linkedin.com/in/harpreet-s-arora/ What You’ll LearnMalware Types 101 — viruses, worms, Trojans, ransomware-as-a-serviceStatic analysis demo with HashMyFiles, HxD, Floss, and SHA-256 hashesDynamic analysis demo using Process Monitor & System Informer inside a safe sandboxZero-day workflow — why VirusTotal alone isn’t enoughTop 3 SOC logging sources for early malware detectionCareer path tips — moving from network troubleshooting → SOC → malware analystBeginner toolkit & book list to practice at homeTools & Links MentionedHashMyFiles — quick hash checkerHxD — hex editor for static inspectionFloss (FireEye) — extract obfuscated stringsVirusTotal — multi-engine malware scanProcess Monitor (ProcMon) — real-time system tracingSystem Informer — advanced task & memory viewerWireshark — packet capture and network forensics Recommended ReadingPractical Malware Analysis — Sikorski & HonigThe Art of Memory Forensics — Case & WaltersMalware Analyst’s Cookbook — Ligh et al.CISO talkshttps://www.youtube.com/playlist?list=PL0hT6hgexlYwPTD-wC3oFBe27VGEiizg1NIST Serieshttps://www.youtube.com/watch?v=VcC_KabV_Ho&list=PL0hT6hgexlYy0vBwMv0eteiyAxB48RQzy&pp=gAQBiAQBGRC Serieshttps://www.youtube.com/watch?v=mq_vSLHm4r0&list=PL0hT6hgexlYztA41j1bceTfVagP9mtq28&pp=gAQBISO 27001 Videohttps://www.youtube.com/watch?v=sQqJH2naU6I&t=1454s&pp=ygUeaXNvIDI3MDAxIGltcGxlbWVudGF0aW9uIHN0ZXBzISO 27001 Implementation Guidehttps://www.youtube.com/watch?v=GBfwk10Hh-o&pp=ygUeaXNvIDI3MDAxIGltcGxlbWVudGF0aW9uIHN0ZXBzGRC Practical Serieshttps://www.youtube.com/playlist?list=PL0hT6hgexlYztA41j1bceTfVagP9mtq28GRC Interviewhttps://www.youtube.com/playlist?list=PL0hT6hgexlYz1Usn1Nrnur6OzVoz59zylInternal Audithttps://www.youtube.com/playlist?list=PL0hT6hgexlYyNWBcGYfabwumCr0GKmLWvStudy with MeTelegram Grouphttps://t.me/Infoseclearning#MalwareAnalysis #StaticAnalysis #DynamicAnalysis #Ransomware #ZeroDay #CyberSecurity #SOC #IncidentResponse #MalwareAnalysisTools #CyberSecurityCareer
Build a security culture that ships safer systems without drama. In this podcast, Prabh and Sarang go deep on practical red teaming, how to work with blue teams, and how to avoid production landmines. We break down stealthy operations in live environments, legacy network scanning best practices, purple team exercises that actually improve detections, and the career path for aspiring red teamers who are starting with a small budget. You will learn how to document findings in plain English, pick representative samples instead of blasting whole networks, and present impact to leadership with context that earns trust.What we coverSecurity culture that reduces blame and builds collaborationRed vs blue to purple teaming that improves detections fastDaily life of a red teamer, ops tempo, and realistic reportingLegacy network scanning without outages, VLAN sampling, /24 tipsFoundational knowledge first: network architecture, ACL mapping, CVSSStealth in production vs aggressive testing in QAFree platforms to grow skills: Hack The Box, TryHackMeInterview strategies, hands-on challenges, and showcasing projectsBudget-friendly certs: CRT or CRTP as OSCP alternativesUsing LinkedIn for research, portfolios, and recruiter outreach Key takeawaysRed team vs blue team vs purple teaming: collaboration that actually worksFree hands‑on labs: Hack The Box, TryHackMe, VulnHubSafe network‑scanning best practices for legacy Cisco gear (avoid the /16 disaster)How to document findings in plain language that wins management supportBuilding a strong foundation in network architecture and core cybersecurity conceptsCrafting LinkedIn posts and portfolios that attract penetration testing recruitersAffordable certs that matter: CRT / CRTP vs OSCPLive interview tips: custom Hack The Box labs with no public write‑upsCISO talkshttps://www.youtube.com/playlist?list=PL0hT6hgexlYwPTD-wC3oFBe27VGEiizg1NIST Serieshttps://www.youtube.com/watch?v=VcC_KabV_Ho&list=PL0hT6hgexlYy0vBwMv0eteiyAxB48RQzy&pp=gAQBiAQBGRC Serieshttps://www.youtube.com/watch?v=mq_vSLHm4r0&list=PL0hT6hgexlYztA41j1bceTfVagP9mtq28&pp=gAQBISO 27001 Videohttps://www.youtube.com/watch?v=sQqJH2naU6I&t=1454s&pp=ygUeaXNvIDI3MDAxIGltcGxlbWVudGF0aW9uIHN0ZXBzISO 27001 Implementation Guidehttps://www.youtube.com/watch?v=GBfwk10Hh-o&pp=ygUeaXNvIDI3MDAxIGltcGxlbWVudGF0aW9uIHN0ZXBzGRC Practical Serieshttps://www.youtube.com/playlist?list=PL0hT6hgexlYztA41j1bceTfVagP9mtq28GRC Interviewhttps://www.youtube.com/playlist?list=PL0hT6hgexlYz1Usn1Nrnur6OzVoz59zylInternal Audithttps://www.youtube.com/playlist?list=PL0hT6hgexlYyNWBcGYfabwumCr0GKmLWvStudy with MeTelegram Grouphttps://t.me/Infoseclearning#RedTeam #CyberSecurity #HackTheBox #PurpleTeam #PenTesting #TryHackMe #OTSecurity #readteaming
End-to-End Practical Implementation of ISO 22301 (BCMS 22301) — this is the first complete 60-day roadmap that takes you from kickoff to certification with real-world templates, playbooks, and audit-ready evidence.BCP Introductionhttps://www.youtube.com/watch?v=qKFPa1Ce9U4&pp=ygUJYmNwIHByYWJoIn this video, I walks you through the Business Continuity Management System (BCMS) implementation journey using the ISO 22301:2019 standard. Unlike theory-based content, this is a step-by-step practical guide with activities, deliverables, and documentation for every stage.🔑 What You’ll LearnWhat ISO 22301 and BCMS actually mean for organizations10 ISO 22301 clauses explained in a practical wayDay-by-day implementation roadmap (kickoff to certification)Business Impact Analysis (BIA) workshops, risk assessments, strategiesCrisis Management, Communication, DR, and Function Continuity PlansHow to design, test, and improve your BCMS lifecycleInternal audit, management review, and certification prep explainedReal evidence examples: policies, RACI, BIA sheets, risk registers, CAPA logs🛠 Who This Video Is ForCISOs, BCM managers, compliance officers, and consultantsOrganizations preparing for ISO 22301 certificationStudents and professionals building career skills in BCMSAnyone seeking a practical guide beyond theory📌 Why WatchMost BCMS/ISO 22301 videos stay theoretical. This is the first end-to-end practical roadmap that shows you exactly what to do each day for 60 days — from kickoff to Stage 2 audit.Who this is for:CISOs, Deputy CISOs, Heads of Security, aspiring leaders, security architects, and SOC managers who need practical leadership tactics, not theory.CISO talkshttps://www.youtube.com/playlist?list=PL0hT6hgexlYwPTD-wC3oFBe27VGEiizg1NIST Serieshttps://www.youtube.com/watch?v=VcC_KabV_Ho&list=PL0hT6hgexlYy0vBwMv0eteiyAxB48RQzy&pp=gAQBiAQBGRC Serieshttps://www.youtube.com/watch?v=mq_vSLHm4r0&list=PL0hT6hgexlYztA41j1bceTfVagP9mtq28&pp=gAQBISO 27001 Videohttps://www.youtube.com/watch?v=sQqJH2naU6I&t=1454s&pp=ygUeaXNvIDI3MDAxIGltcGxlbWVudGF0aW9uIHN0ZXBzISO 27001 Implementation Guidehttps://www.youtube.com/watch?v=GBfwk10Hh-o&pp=ygUeaXNvIDI3MDAxIGltcGxlbWVudGF0aW9uIHN0ZXBzGRC Practical Serieshttps://www.youtube.com/playlist?list=PL0hT6hgexlYztA41j1bceTfVagP9mtq28GRC Interviewhttps://www.youtube.com/playlist?list=PL0hT6hgexlYz1Usn1Nrnur6OzVoz59zylInternal Audithttps://www.youtube.com/playlist?list=PL0hT6hgexlYyNWBcGYfabwumCr0GKmLWvStudy with MeTelegram Grouphttps://t.me/Infoseclearning#BCMS #ISO22301 #ISO22301Implementation#BCMSRoadmap #ISO22301Certification#BusinessContinuity #BusinessContinuityManagement#BCMSImplementation #ISO22301Training#BCMSAudit #ISOCertification#BCMSDocumentation #BusinessImpactAnalysis#ISO22301PracticalGuide #BCMS22301#ISOStandards#DisasterRecovery#CrisisManagement#ResilienceEngineering#PrabhNair
Launch your Operational Technology (OT) Security Program the right way. In this Master Class podcast, we walk through every critical step for securing industrial control systems, SCADA networks, and IIoT devices—without shutting down production.Video Producer = Mukul UjjainPodcast Coordinator = Shreya Mrinal Speaker Profile = https://www.linkedin.com/in/shivkataria/Link to His Youtube Channelhttps://www.youtube.com/@UCi5DRDiUgcE6YuezxrYoJQA https://topmate.io/shiv_katariaWHAT YOU’LL LEARNThe very first action to take when starting OT security from zeroKey differences between OT security programs and traditional IT programsSmart asset‑visibility tactics for legacy, unscannable PLCs and RTUsWhen and how to map controls to IEC 62443 and NIST CSF for OT environmentsTop five technical controls to deploy in Year 1 (network segmentation, access control, backup, patch governance, anomaly detection)Safe logging and monitoring options that avoid process interruptionsWHY THIS MATTERS• Industrial attacks like TRITON and Colonial Pipeline prove OT is a prime target• Most plants still run 1990s hardware with no patches, making visibility job #1• Early alignment to IEC 62443 or NIST CSF slashes audit pain and insurance costsCISO talkshttps://www.youtube.com/playlist?list=PL0hT6hgexlYwPTD-wC3oFBe27VGEiizg1NIST Serieshttps://www.youtube.com/watch?v=VcC_KabV_Ho&list=PL0hT6hgexlYy0vBwMv0eteiyAxB48RQzy&pp=gAQBiAQBGRC Serieshttps://www.youtube.com/watch?v=mq_vSLHm4r0&list=PL0hT6hgexlYztA41j1bceTfVagP9mtq28&pp=gAQBISO 27001 Videohttps://www.youtube.com/watch?v=sQqJH2naU6I&t=1454s&pp=ygUeaXNvIDI3MDAxIGltcGxlbWVudGF0aW9uIHN0ZXBzISO 27001 Implementation Guidehttps://www.youtube.com/watch?v=GBfwk10Hh-o&pp=ygUeaXNvIDI3MDAxIGltcGxlbWVudGF0aW9uIHN0ZXBzGRC Practical Serieshttps://www.youtube.com/playlist?list=PL0hT6hgexlYztA41j1bceTfVagP9mtq28GRC Interviewhttps://www.youtube.com/playlist?list=PL0hT6hgexlYz1Usn1Nrnur6OzVoz59zylInternal Audithttps://www.youtube.com/playlist?list=PL0hT6hgexlYyNWBcGYfabwumCr0GKmLWvStudy with MeTelegram Grouphttps://t.me/Infoseclearning#OTSecurity #IndustrialCyberSecurity #IEC62443 #NISTCSF #SCADASecurity #OTMasterClass
Aeroflot Cyber Meltdown 🇷🇺✈️ — 4‑Minute Breakdown in Simple English (Indian Lens)On 28 July 2025 Moscow’s Sheremetyevo boards flipped from ON TIME ➡️ CANCELLED as pro‑Ukraine hackers Silent Crow and Belarusian Cyber Partisans wiped 7 000 + servers and crippled Russia’s largest airline. In four minutes you’ll learn how one leaked director‑level password snowballed into a full‑scale aviation crisis—and what CISOs can do to prevent the next runway shutdown.
When you hear “hacker,” you imagine someone in a dark hoodie. But the true players in today’s conflict are nations — turning code into weapons, infrastructure into battlegrounds, and silence into power. This is cyberwarfare — and it’s shaping the next global frontiers.00:00 - 00:38 - Introduction 00:38 – 02:20 – What is Cyber Warfare?02:20 – 02:40 - How the country get ready for this kind of a cyber conflict?02:40 – 05:02 - Plan/Doctrine05:02 – 06:54 – Team06:54 – 09:38 – Tool09:38 – 11:18 - Getting Ready/Pre-Positioning11:18 – 13:20 - Practice/Integration13:20 – 14:19 - Future Role of AIWhat You’ll DiscoverThe chilling story of the Ukrainian blackout attacks — malware used to open circuit breakers remotelyThe five pillars of national cyber power: Plan, Team, Tools, Presence & PracticeHow zero-day exploits like EternalBlue were weaponized, leaked, and deployed globally“Pre-positioning” — the art of silently embedding malware in critical systemsAI’s role in cyber conflict — how attackers and defenders both gain from itCase studies: Pushdo, NotPetya, power grid hacks, and the dark evolution of malwareStrategic insight: managing politics, doctrine, and cyber investmentWhy This Video MattersCyberwarfare isn’t sci-fi. It’s here, now, and under your world. Our banking, power, water, and banking systems — they all sit on fragile code. If you care about privacy, infrastructure, or tech sovereignty, this video is your wake-up call.Think about this: the bomb that tampers with your electricity bill isn’t dropped — it’s compiled. And the key to decrypting war may lie in exploiting a tiny, unseen software bug.Threathunting Introductionhttps://www.youtube.com/watch?v=n97tgFcRZg8&t=1036s&pp=ygUUdGhyZWF0IGh1bnRpbmcgcHJhYmg%3Dhttps://www.youtube.com/watch?v=phq3FL-f1Ug&t=811s&pp=ygUUdGhyZWF0IGh1bnRpbmcgcHJhYmg%3DPractical Threat Huntinghttps://www.youtube.com/watch?v=RlZ4qhC5f-c&t=803s&pp=ygUUdGhyZWF0IGh1bnRpbmcgcHJhYmg%3DSOC Analyst Road Maphttps://www.youtube.com/watch?v=KxVEJ1GPgss&t=364s&pp=ygUUdGhyZWF0IGh1bnRpbmcgcHJhYmg%3D#Cyberwarfare #NationStateHacking #ZeroDay #MalwareEvolution #UkraineHack #CyberWeapons #ModernWar #ThreatIntelligence #InfrastructureAttack #AIDefense #CyberConflict
When you hear “hacker,” you imagine someone in a dark hoodie. But the true players in today’s conflict are nations — turning code into weapons, infrastructure into battlegrounds, and silence into power. This is cyberwarfare — and it’s shaping the next global frontiers.What You’ll DiscoverThe chilling story of the Ukrainian blackout attacks — malware used to open circuit breakers remotelyThe five pillars of national cyber power: Plan, Team, Tools, Presence & PracticeHow zero-day exploits like EternalBlue were weaponized, leaked, and deployed globally“Pre-positioning” — the art of silently embedding malware in critical systemsAI’s role in cyber conflict — how attackers and defenders both gain from itCase studies: Pushdo, NotPetya, power grid hacks, and the dark evolution of malwareStrategic insight: managing politics, doctrine, and cyber investmentWhy This Video MattersCyberwarfare isn’t sci-fi. It’s here, now, and under your world. Our banking, power, water, and banking systems — they all sit on fragile code. If you care about privacy, infrastructure, or tech sovereignty, this video is your wake-up call.Think about this: the bomb that tampers with your electricity bill isn’t dropped — it’s compiled. And the key to decrypting war may lie in exploiting a tiny, unseen software bug.Threathunting Introductionhttps://www.youtube.com/watch?v=n97tgFcRZg8&t=1036s&pp=ygUUdGhyZWF0IGh1bnRpbmcgcHJhYmg%3Dhttps://www.youtube.com/watch?v=phq3FL-f1Ug&t=811s&pp=ygUUdGhyZWF0IGh1bnRpbmcgcHJhYmg%3DPractical Threat Huntinghttps://www.youtube.com/watch?v=RlZ4qhC5f-c&t=803s&pp=ygUUdGhyZWF0IGh1bnRpbmcgcHJhYmg%3DSOC Analyst Road Maphttps://www.youtube.com/watch?v=KxVEJ1GPgss&t=364s&pp=ygUUdGhyZWF0IGh1bnRpbmcgcHJhYmg%3D#Cyberwarfare #NationStateHacking #ZeroDay #MalwareEvolution #UkraineHack #CyberWeapons #ModernWar #ThreatIntelligence #InfrastructureAttack #AIDefense #CyberConflict
How to build a Cyber Resilience Program for Airport and Maritime SecurityIn this special episode, Mr. Bithal Bhardwaj , a seasoned CISO and cybersecurity leader, reveals how to design and build cyber resilience systems for critical infrastructure — from airport terminals and air-side systems to maritime vessels and port operations.We go beyond theory with a live miniature model that simulates an airport environment — demonstrating how OT and IT systems connect, where vulnerabilities hide, and how a single USB can trigger a chain reaction across an entire city.https://www.linkedin.com/in/bithal-bhardwaj-622a523/What cyber resilience really means for national security and critical infrastructureThe difference between IT, OT, and IoT layers in airports and portsReal-world cyber-attack simulation: how a $20 USB can cause a blackoutMaritime cyber security challenges and the rise of vessel-level resilienceCISO lessons: influencing skills, crisis management, vendor control, and communicationPractical steps to build a cyber resilience program under NIS2, IEC 62443, and IMO 2024Why every security professional must understand aero + maritime business contexVideo Producer = Mukul UjjainPodcast Coordinator = Shreya Mrinal CISO talkshttps://www.youtube.com/playlist?list=PL0hT6hgexlYwPTD-wC3oFBe27VGEiizg1OT Securityhttps://www.youtube.com/watch?v=kp6F90MH48U&list=PL0hT6hgexlYxfESpTsLNKXUh6m-G6A-LoNIST Serieshttps://www.youtube.com/watch?v=VcC_KabV_Ho&list=PL0hT6hgexlYy0vBwMv0eteiyAxB48RQzy&pp=gAQBiAQBGRC Serieshttps://www.youtube.com/watch?v=mq_vSLHm4r0&list=PL0hT6hgexlYztA41j1bceTfVagP9mtq28&pp=gAQBISO 27001 Videohttps://www.youtube.com/watch?v=sQqJH2naU6I&t=1454s&pp=ygUeaXNvIDI3MDAxIGltcGxlbWVudGF0aW9uIHN0ZXBzISO 27001 Implementation Guidehttps://www.youtube.com/watch?v=GBfwk10Hh-o&pp=ygUeaXNvIDI3MDAxIGltcGxlbWVudGF0aW9uIHN0ZXBzGRC Practical Serieshttps://www.youtube.com/playlist?list=PL0hT6hgexlYztA41j1bceTfVagP9mtq28GRC Interviewhttps://www.youtube.com/playlist?list=PL0hT6hgexlYz1Usn1Nrnur6OzVoz59zylInternal Audithttps://www.youtube.com/playlist?list=PL0hT6hgexlYyNWBcGYfabwumCr0GKmLWvStudy with MeTelegram Grouphttps://t.me/Infoseclearning#CyberResilience #AirportSecurity #MaritimeSecurity #OTSecurity #AviationCybersecurity #otsecurity
In this episode, I speaks with Shaista, a global program leader at Philips with deep experience in AI-driven digital transformation. We break down how to connect AI strategy to real business results—from forming the right cross-functional teams to building governance, prioritizing use cases, and handling the human side of decision-making.You’ll hear practical frameworks for AI readiness, data and platform choices (build vs buy vs partner), roles and skills for AI execution, and how to move from prototype to productization—without losing speed, safety, or value. What You’ll LearnAI strategy, not buzzwords: Tie AI to revenue, cost, risk, and customer outcomesEveryday AI vs transformation: Efficiency wins vs step-change impactHow to start: Core team design—data, design, business, and engineering working as oneGovernance that scales: Playbooks, guardrails, AI readiness and completeness referencesPrioritization that works: Pick solvable, high-value use cases before moonshotsBuild / buy / partner: Where to differentiate, where to leverage the ecosystemData realities: Latency, context, and dashboards that link work to outcomesPeople and decisions: Escaping the “consensus conundrum,” making tough calls with clarityRoles and skills: What great AI strategists do and why they’re rare (and highly paid)Healthcare lessons: Balancing innovation with safety and compliance in regulated environments🎯 Who This Is ForBusiness and tech leaders building an AI roadmapCIO / CDO / CPO / Head of Data & AI and product leadersAI Strategists, Program Managers, PMs, ArchitectsTeams moving from POCs to production and scale✅ Actionables From The EpisodeForm a core AI team across business, data, design, and engineeringDefine the “why/what/where/how” in an AI strategy doc (goals, opportunities, priority matrix)Start with smaller, winnable projects to earn trust and fund the next waveEstablish AI governance (guardrails, playbooks, decision rights) without killing agilityClarify build vs buy vs partner for each capability; protect proprietary valueInstrument dashboards that map team and program metrics to business outcomesInvest in AI strategist capability (internal or hire) to translate tech → valueCommit to continuous learning—the pace of change demands itGEN AI Securityhttps://www.youtube.com/watch?v=aTJPKifa1VMAI Governancehttps://www.youtube.com/watch?v=LgFBi5XD-Ow&t=5668s&pp=ygUNYWkgZ292ZXJuYW5jZQ%3D%3DCISO talkshttps://www.youtube.com/playlist?list=PL0hT6hgexlYwPTD-wC3oFBe27VGEiizg1NIST Serieshttps://www.youtube.com/watch?v=VcC_KabV_Ho&list=PL0hT6hgexlYy0vBwMv0eteiyAxB48RQzy&pp=gAQBiAQBGRC Serieshttps://www.youtube.com/watch?v=mq_vSLHm4r0&list=PL0hT6hgexlYztA41j1bceTfVagP9mtq28&pp=gAQBISO 27001 Videohttps://www.youtube.com/watch?v=sQqJH2naU6I&t=1454s&pp=ygUeaXNvIDI3MDAxIGltcGxlbWVudGF0aW9uIHN0ZXBzISO 27001 Implementation Guidehttps://www.youtube.com/watch?v=GBfwk10Hh-o&pp=ygUeaXNvIDI3MDAxIGltcGxlbWVudGF0aW9uIHN0ZXBzGRC Practical Serieshttps://www.youtube.com/playlist?list=PL0hT6hgexlYztA41j1bceTfVagP9mtq28GRC Interviewhttps://www.youtube.com/playlist?list=PL0hT6hgexlYz1Usn1Nrnur6OzVoz59zylInternal Audithttps://www.youtube.com/playlist?list=PL0hT6hgexlYyNWBcGYfabwumCr0GKmLWvStudy with MeTelegram Grouphttps://t.me/Infoseclearning#aigovernance #cio #informationtechnology #ciso #ai #ml #artificialintelligence #machinelearning #aiforbusiness #AIStrategy #AIGovernance #DigitalTransformation #AIProductization #AIReadiness #AILeadership #DataAndAI #BusinessOutcomes #HealthcareAI #CrossFunctionalTeams
If you’re scaling GenAI beyond prototypes, this episode is your blueprint. Mayank and Prabh walk through a practical, cloud-ready AI security architecture—how to protect data, models, prompts, and pipelines while staying compliant with EU AI Act, NIST AI RMF, and ISO 42001. We cover what changes when models become crown-jewel assets, how to apply Zero-Trust to training and inference, and how to ship safely without slowing delivery.Documenthttps://docs.google.com/document/d/17k3PzijdvtTRHKbOaqvibI6Acte7Hv7gbQSvgJTdJDs/edit?usp=drivesdkWhat you’ll learnAI security vs traditional security: new attack surface across data, models, prompts, toolsData protection playbook: encryption, access control, lineage, validation, auditabilityModel safety in production: adversarial testing, prompt/response controls, drift monitoringZero-Trust for AI: identity-first design, micro-segmentation, least-privilege IAM, JIT accessThird-party & supply chain risk: vendor due diligence, red-line data, output monitoring, exit plansAI incident response: detect, contain, investigate, and recover from poisoning and abuseGovernance that works: risk tiers, model cards, policy guardrails, human-in-the-loopBuild vs buy: platforms, guardrails, and controls without blocking product velocityFuture-proofing: modular MLOps, retrain/swap agility, transparent governanceWho this is forCISOs, security architects, ML leaders, platform teams, and founders running GenAI in regulated or high-risk environments.GEN AI Securityhttps://www.youtube.com/watch?v=aTJPKifa1VMAI Governancehttps://www.youtube.com/watch?v=LgFBi5XD-Ow&t=5668s&pp=ygUNYWkgZ292ZXJuYW5jZQ%3D%3DCISO talkshttps://www.youtube.com/playlist?list=PL0hT6hgexlYwPTD-wC3oFBe27VGEiizg1NIST Serieshttps://www.youtube.com/watch?v=VcC_KabV_Ho&list=PL0hT6hgexlYy0vBwMv0eteiyAxB48RQzy&pp=gAQBiAQBGRC Serieshttps://www.youtube.com/watch?v=mq_vSLHm4r0&list=PL0hT6hgexlYztA41j1bceTfVagP9mtq28&pp=gAQBISO 27001 Videohttps://www.youtube.com/watch?v=sQqJH2naU6I&t=1454s&pp=ygUeaXNvIDI3MDAxIGltcGxlbWVudGF0aW9uIHN0ZXBzISO 27001 Implementation Guidehttps://www.youtube.com/watch?v=GBfwk10Hh-o&pp=ygUeaXNvIDI3MDAxIGltcGxlbWVudGF0aW9uIHN0ZXBzGRC Practical Serieshttps://www.youtube.com/playlist?list=PL0hT6hgexlYztA41j1bceTfVagP9mtq28GRC Interviewhttps://www.youtube.com/playlist?list=PL0hT6hgexlYz1Usn1Nrnur6OzVoz59zylInternal Audithttps://www.youtube.com/playlist?list=PL0hT6hgexlYyNWBcGYfabwumCr0GKmLWvStudy with MeTelegram Grouphttps://t.me/Prabhstudy#AISecurity #GenAI #ZeroTrust #AIGovernance #EUAIAct #NISTAI #ISO42001 #MLOps #LLMSecurity #DataSecurity #ModelRisk #AdversarialML #IncidentResponse #SecurityArchitecture #CloudSecurity #SupplyChainRisk #PromptSecurity #AICompliance
In this episode of Coffee with Prabh, I sit down with Chintan to uncover the real truths about building a career in cybersecurity — beyond what most training programs and job ads tell you. Whether you’re a beginner, student, or a professional looking to switch careers, this video will give you actionable insights to fast-track your journey.Chintan Profile https://www.linkedin.com/in/chintangurjar/https://chintangurjar.com/kickstartcareer/What You’ll Learn in This Video:Cybersecurity Career Pathways – Explore different disciplines, entry-level roles, and long-term career progression.Master’s Degree vs Skills – Do you really need a degree for cybersecurity jobs? Or should you focus on hands-on skills?Internship Strategies – How to maximize internship value by learning commercial tools, corporate processes, and soft skills.SMART Goals for Cybersecurity Beginners – Learn how to set goals that actually move your career forward.Communication for Cybersecurity – Overcome communication fears with practical tips, cheat sheets, and strategies.Weekly Learning Plan – A sustainable roadmap to stay updated on vulnerabilities, threat intel, and detection systems.Interview Preparation – How to align with job descriptions, prepare for SOC, offensive security, and analyst roles.Mentorship & Resume Tips – How to find the right mentor, structure your resume, and optimize it using AI tools.Job Search Strategy – Proven methods to research companies, apply effectively, and avoid burnout in the process. Why Watch This Video?Most people waste years jumping from one certification to another without direction. This podcast gives you the truth about cybersecurity careers — from real case studies, international job hunt tips, and growth hacks that only a few professionals talk about.If you’ve ever asked:Which cybersecurity path should I choose?Do I need a master’s to get into cybersecurity?How do I prepare for cybersecurity interviews?What’s the smart way to find internships and mentors?This video has your answers. Perfect For:Cybersecurity beginners and studentsProfessionals looking to switch careersJob seekers preparing for interviewsAnyone confused about cybersecurity domains & pathwaysSOC ANALYST LEARNING VIDEOhttps://www.youtube.com/watch?v=KxVEJ1GPgss&t=364sCISO talkshttps://www.youtube.com/playlist?list=PL0hT6hgexlYwPTD-wC3oFBe27VGEiizg1NIST Serieshttps://www.youtube.com/watch?v=VcC_KabV_Ho&list=PL0hT6hgexlYy0vBwMv0eteiyAxB48RQzy&pp=gAQBiAQBGRC Serieshttps://www.youtube.com/watch?v=mq_vSLHm4r0&list=PL0hT6hgexlYztA41j1bceTfVagP9mtq28&pp=gAQBISO 27001 Videohttps://www.youtube.com/watch?v=sQqJH2naU6I&t=1454s&pp=ygUeaXNvIDI3MDAxIGltcGxlbWVudGF0aW9uIHN0ZXBzISO 27001 Implementation Guidehttps://www.youtube.com/watch?v=GBfwk10Hh-o&pp=ygUeaXNvIDI3MDAxIGltcGxlbWVudGF0aW9uIHN0ZXBzGRC Practical Serieshttps://www.youtube.com/playlist?list=PL0hT6hgexlYztA41j1bceTfVagP9mtq28GRC Interviewhttps://www.youtube.com/playlist?list=PL0hT6hgexlYz1Usn1Nrnur6OzVoz59zylInternal Audithttps://www.youtube.com/playlist?list=PL0hT6hgexlYyNWBcGYfabwumCr0GKmLWvStudy with MeTelegram Grouphttps://t.me/Infoseclearning#CybersecurityCareerRoadmap#CybersecurityJobs2025#CybersecurityDomainsExplained#HowToStartACybersecurityCareer#CybersecurityResumeTips#CybersecurityMentorship#InternationalCybersecurityJobs#CybersecurityJobSearch#CyberCareerGuidance#CybersecurityMotivation
Join us in this podcast as Shrutirupa Banerjiee shares practical approaches and demonstrations of ransomware investigations. Learn the secrets top experts use daily!Rupabanerjee explains how ransomware, such as the Malox variant, often initiates through obfuscated batch loaders that execute a series of steps, including PowerShell scripts and base64 decoding, to ultimately deliver and run the malicious payload. The interview also covers methods for identifying ransomware infections by examining file extensions, recovery notes, and process monitoring tools, offering a detailed, hands-on perspective on cybersecurity analysis.Linkedin Profile https://www.linkedin.com/in/shrutirupa-banerjiee/Youtube Channel https://youtube.com/@CryptoWareCISO talkshttps://www.youtube.com/playlist?list=PL0hT6hgexlYwPTD-wC3oFBe27VGEiizg1NIST Serieshttps://www.youtube.com/watch?v=VcC_KabV_Ho&list=PL0hT6hgexlYy0vBwMv0eteiyAxB48RQzy&pp=gAQBiAQBGRC Serieshttps://www.youtube.com/watch?v=mq_vSLHm4r0&list=PL0hT6hgexlYztA41j1bceTfVagP9mtq28&pp=gAQBISO 27001 Videohttps://www.youtube.com/watch?v=sQqJH2naU6I&t=1454s&pp=ygUeaXNvIDI3MDAxIGltcGxlbWVudGF0aW9uIHN0ZXBzISO 27001 Implementation Guidehttps://www.youtube.com/watch?v=GBfwk10Hh-o&pp=ygUeaXNvIDI3MDAxIGltcGxlbWVudGF0aW9uIHN0ZXBzGRC Practical Serieshttps://www.youtube.com/playlist?list=PL0hT6hgexlYztA41j1bceTfVagP9mtq28GRC Interviewhttps://www.youtube.com/playlist?list=PL0hT6hgexlYz1Usn1Nrnur6OzVoz59zylInternal Audithttps://www.youtube.com/playlist?list=PL0hT6hgexlYyNWBcGYfabwumCr0GKmLWvStudy with MeTelegram Grouphttps://t.me/Infoseclearning#ransomware #ransomwareattacks #cybersecurity #infosec #cyberattack
Are you preparing for the CISSP exam and struggling with the (ISC)² Code of Ethics Canons? 🚀In this video, Prabh Nair breaks down the 4 ISC² Canons into simple, practical, and exam-focused insights with real-world case studies and Coffee Shot examples.You’ll learn:✅ Canon 1 – Protect society, the common good, and critical infrastructure.✅ Canon 2 – Act honorably, honestly, justly, responsibly, and legally.✅ Canon 3 – Provide diligent and competent service to principals.✅ Canon 4 – Advance and protect the profession.Domain wise coffee shothttps://docs.google.com/spreadsheets/d/1CcyKOrlKgTdwVUR0lsGjww1uIrxKyr7C/pubhtmlHappy to Release CISSP Domain 1 to Domain 4 podcast out in Spotify , Amazon , Apple and Google;Domain 1 : https://open.spotify.com/episode/6fggB2lwYA5kzmdmz7BsCh?si=ff488838799b4baeDomain 2 = https://open.spotify.com/episode/4RkQIHgpTUC87TR3UqmkHd?si=ca4f12aea1dc473aDomain 3 = https://open.spotify.com/episode/1b59qRq9vk0hvfa0UiqRm1?si=5f9da0b4cf6545d6Domain 3 Part 2 = https://open.spotify.com/episode/4ncdZBhZEtPCZQYzbLi03m?si=041114030f904c21Domain 3 Part 3 = https://open.spotify.com/episode/3F1S1M8PzVdWMt4egBKFR2?si=dfcdb502cc8049afDomain 4 Part 1 = https://open.spotify.com/episode/6yRGRfpK51II7Od438imNA?si=f94c058f77854f5eDomain 4 Part 2 = https://open.spotify.com/episode/2b3Z8hFII1ypWcVMjqBQlC?si=a16dfb96da6a4addDomain 5 : https://open.spotify.com/episode/1ouhqFPycKwBqMYAF9v4rO?si=u-I7VHQ7Q0CjGmOPfelnSwDomain 6 https://open.spotify.com/episode/0SjIzz6eWO1YKvMg5MVpVK?si=b6980db1afce41a2Domain 7 : https://open.spotify.com/episode/2Ov3RXtw8XMq5R1jJL3o5X?si=2e1bb4ce50fa4516#cisspexam #cissptraining #cissp
Dr. Eric Cole is one of the world’s leading cybersecurity experts, a former CIA cyber operative, CTO of McAfee, and founder of Secure Anchor. He has advised Fortune 500 companies, governments, and high-profile CISOs worldwide.https://www.youtube.com/watch?v=NlNsJzB7Lt8&list=PLXBue4eLfnFQDt-B4hyb7iivc7920DPSD&index=1CISO talkshttps://www.youtube.com/playlist?list=PL0hT6hgexlYwPTD-wC3oFBe27VGEiizg1NIST Serieshttps://www.youtube.com/watch?v=VcC_KabV_Ho&list=PL0hT6hgexlYy0vBwMv0eteiyAxB48RQzy&pp=gAQBiAQBGRC Serieshttps://www.youtube.com/watch?v=mq_vSLHm4r0&list=PL0hT6hgexlYztA41j1bceTfVagP9mtq28&pp=gAQBISO 27001 Videohttps://www.youtube.com/watch?v=sQqJH2naU6I&t=1454s&pp=ygUeaXNvIDI3MDAxIGltcGxlbWVudGF0aW9uIHN0ZXBzISO 27001 Implementation Guidehttps://www.youtube.com/watch?v=GBfwk10Hh-o&pp=ygUeaXNvIDI3MDAxIGltcGxlbWVudGF0aW9uIHN0ZXBzGRC Practical Serieshttps://www.youtube.com/playlist?list=PL0hT6hgexlYztA41j1bceTfVagP9mtq28GRC Interviewhttps://www.youtube.com/playlist?list=PL0hT6hgexlYz1Usn1Nrnur6OzVoz59zylInternal Audithttps://www.youtube.com/playlist?list=PL0hT6hgexlYyNWBcGYfabwumCr0GKmLWvStudy with MeTelegram Grouphttps://t.me/Infoseclearning#CISO #cisorole #cisoseries #cisos
Confused about where to start in cybersecurity—or how to move from beginner to your first role? In this episode, I and Chintan break down a practical, human-first roadmap: how to choose the right domain, whether a master’s is worth it, how to make internships count, set SMART goals and OKRs, build a weekly learning plan, and prepare for real interviews.
Chintan Profile https://www.linkedin.com/in/chintangurjar/https://chintangurjar.com/kickstartcareer/Here are all the files for your YouTube video details...Entry-Level Job Roles - Overview of entry-level cybersecurity roles, duties, and job titles.https://chintangurjar.com/files/entry-level-job-roles.pdfWeekly Learning Resources - Curated weekly resources to support structured cybersecurity learning.https://chintangurjar.com/files/weekly-learning-resources.xlsxWeekly Learning Timetable- A practical timetable to organize and track weekly study sessions.https://chintangurjar.com/files/weekly-learning-timetable.xlsxGoal Setting - SMART goals and OKRs tailored for entry-level pentesters and SOC analysts.https://chintangurjar.com/files/goal-setting-sample-document.pdfResume Sample- Professional resume showcasing 13+ years of offensive security expertise.https://chintangurjar.com/files/resume-sample.pdfEffective Communication - Visual guide on improving communication skills for cybersecurity roles.https://chintangurjar.com/files/effective-communication.pngWhat you’ll learnCybersecurity pathways: key disciplines, entry roles, and progressionMaster’s vs skills: when degrees help and when hands-on winsInternships that matter: commercial tools, people, process, soft skillsSMART goals + OKRs: templates for interns and entry-level rolesPortfolio + LinkedIn basics: what to show before you applyWeekly learning system: threat intel, vuln mgmt, detections, notesCommunication for beginners: reduce fear, speak with clarityInterview prep: JD analysis, role-specific topics (SOC, AppSec, Red Team)Company research: legit checks, culture signals, application strategyKey takeawaysUse the 10-question framework to pick your domain before buying coursesClarify internship scope, duration, outcomes, and reporting rhythmTrack goals weekly; log risks; publish progress to build credibilityDon’t rely on generic roadmaps—align study to real JDs you’ll apply forBuild a minimal portfolio: 2–3 proof projects tied to the role you wantPractice communication: concise updates, STAR stories, clear stakeholder languageWho this is forStudents, freshers, and career-switchers targeting cyber rolesInterns and entry-level analysts who want structure and momentumAnyone stuck between “more certs” vs “build real proof of skill”Suggested action itemsDownload or recreate a one-pager map of domains and target rolesDraft 3 SMART goals and 1 OKR for the next 30 daysBuild a weekly learning calendar and stick to it for 4 weeksPick one role (e.g., SOC Analyst) and tailor your CV to 3 live JDsShip one portfolio proof (lab, detection, or write-up) this weekSOC ANALYST LEARNING VIDEOhttps://www.youtube.com/watch?v=KxVEJ1GPgss&t=364sCISO talkshttps://www.youtube.com/playlist?list=PL0hT6hgexlYwPTD-wC3oFBe27VGEiizg1NIST Serieshttps://www.youtube.com/watch?v=VcC_KabV_Ho&list=PL0hT6hgexlYy0vBwMv0eteiyAxB48RQzy&pp=gAQBiAQBGRC Serieshttps://www.youtube.com/watch?v=mq_vSLHm4r0&list=PL0hT6hgexlYztA41j1bceTfVagP9mtq28&pp=gAQBISO 27001 Videohttps://www.youtube.com/watch?v=sQqJH2naU6I&t=1454s&pp=ygUeaXNvIDI3MDAxIGltcGxlbWVudGF0aW9uIHN0ZXBzISO 27001 Implementation Guidehttps://www.youtube.com/watch?v=GBfwk10Hh-o&pp=ygUeaXNvIDI3MDAxIGltcGxlbWVudGF0aW9uIHN0ZXBzStudy with MeTelegram Grouphttps://t.me/Infoseclearning#CybersecurityCareer #CyberJobs #CyberSecurityRoadmap #Internships #SMARTGoals #OKR #InterviewPrep #SOC #AppSec #ThreatIntel #VulnerabilityManagement #CyberLearning #Portfolio #LinkedInTips #CoffeeWithPrabh
In this episode, Prabh Nair and Ross dive deep into the security implications of Generative AI in software development. As AI tools like ChatGPT transform developers into prompt engineers, new cybersecurity, compliance, and data privacy risks emerge.Ross Yonghttps://www.linkedin.com/in/mrrossyoung/https://owasp.org/www-project-threat-and-safeguard-matrix/
We discuss:https://owasp.org/www-project-threat-and-safeguard-matrix/AI code security challenges – vulnerabilities in unvalidated AI-generated codeDefense-in-depth strategies for secure AI adoptionOWASP Threat & Safeguard Matrix (TSM/TASM) and its role in threat modelingBalancing productivity vs security in AI-enabled DevSecOps pipelinesCISO challenges – shadow AI, data security posture management, and data loss preventionAI governance frameworks – NIST AI RMF, EU AI Act, security-by-design and privacy-by-design practices💡 Key Takeaways:✔ Why organizations must scan and validate AI-generated code for vulnerabilities✔ How CISOs can embed AI security controls into CI/CD pipelines✔ The role of KPIs and business impact analysis in proving AI risk reduction to executive leadership✔ Best practices for integrating TASM into enterprise-wide threat modeling✔ Emerging tools like Encrypt AI for compliance scanningThis is a must-watch for CISOs, security architects, developers, and AI governance professionals preparing for the next wave of AI-powered cybersecurity risks.AI Governance https://www.youtube.com/watch?v=LgFBi5XD-Ow&pp=ygUNYWkgZ292ZXJuYW5jZdIHCQmyCQGHKiGM7w%3D%3DPractical ai governancehttps://www.youtube.com/watch?v=dQUML9vnlY4&t=542s&pp=ygUTYWkgZ292ZXJuYW5jZSBwcmFiaA%3D%3DAI Securityhttps://www.youtube.com/watch?v=JtkDwE_s178&pp=ygUVYWkgZ2VuIHNlY3VyaXR5IHByYWJo#genai #genaisecurity #infosec #cybersecurity