Secure & Simple — Podcast for Consultants and vCISOs on Cybersecurity Governance and Compliance
Secure & Simple — Podcast for Consultants and vCISOs on Cybersecurity Governance and Compliance
Podcast Description
“Secure & Simple” demystifies governance and compliance challenges faced by consultants, as well as professionals acting as fractional CISOs in companies. The podcast is hosted by Dejan Kosutic, an expert in cybersecurity governance, ISO 27001, NIS2, and DORA. The episodes present topics in an easy-to-understand way and provide you with insight you won’t be able to find elsewhere.
To provide comments, suggest topics for the next episodes, or express your interest in participating in the show, contact us at [email protected].
Learn more about ISO 27001, NIS2, and DORA at https://advisera.com.
Podcast Insights
Content Themes
The podcast covers various themes related to cybersecurity governance, ISO standards, and consulting practices. Key topics include the integration of ISO 27001 and GDPR, leveraging online courses for consulting success, the trends impacting certification bodies, and the strategic role of content marketing in establishing a consultancy. Episode examples include discussions on AI's role in consulting, building personal brands, and insights into supplier security frameworks.
“Secure & Simple” demystifies governance and compliance challenges faced by CISOs, consultants, and other cybersecurity professionals. The podcast is hosted by Dejan Kosutic, an expert in cybersecurity governance, ISO 27001, NIS2, and DORA. The episodes present topics in an easy-to-understand way and provide you with insight you won’t be able to find elsewhere.
To provide comments, suggest topics for the next episodes, or express your interest in participating in the show, contact us at [email protected].
Learn more about ISO 27001, NIS2, and DORA at https://advisera.com.
In this Secure & Simple Podcast episode, host Dejan Kosutic (Advisera) talks with Hugo Huang, Product Director at Canonical and author of a Harvard Business Review article, about why conventional cybersecurity tools and patching alone are insufficient for AI systems. Huang shares research conducted with Canonical, IDC, and Google Cloud, highlighting leaders’ concerns about shadow AI usage, opaque and costly AI agents, and securing new hardware like GPUs, IPUs, and TPUs. They discuss AI-specific threats such as data poisoning, adversarial prompting, and model inversion attacks. Huang argues for hardening architecture with confidential computing (e.g., Intel TDX, AMD SEV, Nvidia H100) and for managerial changes, including CEO-level ownership, HR planning for scarce AI-security talent, supplier strategy to avoid vendor lock-in, and using frameworks like NIST’s AI risk management framework to guide policies and governance.
Links from the episode:
– Conformio software to streamline and scale ISO 27001 implementation and maintenance for your clients: https://advisera.co/Conformio-software
– White label documentation toolkits for NIS2, DORA, ISO 27001, and other ISO standards to create all the required documents for your clients: https://advisera.co/page-all-toolkits
– Accredited Lead Auditor and Lead Implementer courses for various standards and frameworks to show your expertise to potential clients: https://advisera.co/Consultant-Courses
– Company Training Academy with numerous videos for NIS2, DORA, ISO 27001, and other frameworks to organize training and awareness programs for your client’s workforce: https://advisera.co/page-Company-Training-Account
– Beginner’s Course for ISO, Cybersecurity, and AI Consultants:https://www.youtube.com/playlist?list=PLHwD3nQun7caKFq80LxNNYKIabATlyA7t
– How to Grow Your Cybersecurity, ISO, or AI Consultancy: Advanced Course:https://advisera.co/GrowYourConsultancyTraining
- (00:00) – Interview with Hugo Huang
- (04:34) – Three Executive Fears
- (07:58) – New AI Attack Types
- (11:59) – Patching Is Not Enough
- (14:33) – Confidential Computing Basics
- (17:00) – TPUs Market Shift
- (19:46) – Management Must Change
- (28:26) – Security Protects Brand
- (33:34) – Suppliers Vendor Lock-in
- (41:31) – Advisera Resources
Disclaimer
This podcast’s information is provided for general reference and was obtained from publicly accessible sources. The Podcast Collaborative neither produces nor verifies the content, accuracy, or suitability of this podcast. Views and opinions belong solely to the podcast creators and guests.
For a complete disclaimer, please see our Full Disclaimer on the archive page. The Podcast Collaborative bears no responsibility for the podcast’s themes, language, or overall content. Listener discretion is advised. Read our Terms of Use and Privacy Policy for more details.