ISF Podcast25 Nov 2025

S36 Ep12: Steve Durbin - Cyber Governance in Transition: What Boards Should Do Next

In today's episode, Steve sits down with journalist Nick Witchell for a conversation focused on what business leaders can learn from this year's major cyber attacks and the recent AWS outage. The two also discuss cyber regulations and the challenge of operating global enterprise during significant geopolitical turmoil.

Key Takeaways:

Boards and senior executives understand there is a threat, but many still lack knowledge of how to deal with it.
We are too reliant on technology; for the sake of business continuity, a backup plan must be in place.
High-quality simulation exercises are a crucial step toward more cyber resilience.

Tune in to hear more about:

The role of policy and regulation (3:17)
Why cyber simulation exercises are so important (5:45)
Steve’s thoughts on the recent AWS outage (7:54)

Standout Quotes:

“Now, in the boardroom itself, in companies themselves, we have seen over the past few years an increasing awareness of the threat that these kinds of things can bring to really the future of an organization. But the challenge I think we now face is really helping boards, senior executives to transition from, yes, I get there's a threat, but what should I actually be doing about it?” - Steve Durbin
“I think that in the main, cloud service providers are still probably far better equipped to provide the level of service that most companies need than you'd be able to do yourself. However, we do need to take into account that things will go wrong. And we have to plan for that. So if you are an organization that can quite happily exist without access to data in a cloud provider, it doesn't have to be Amazon, it could be anybody else, then fine. I would question why you're using them in that case. If on the other hand, you are dependent on them, you have to have some backup in place.” - Steve Durbin
“All too often I'm seeing people particularly in the area of, say, cyber simulation exercises, because they're viewing it as a compliance exercise, going for least cost. That to me is a bit like saying I've just moved into an area where I know the burglary rate is quite high. What's the cheapest lock and door that I can get on my front door? It's madness. Not many of us would do it. We would try to work within our budget. We'd try to really figure out how important things were in our house. That's the mentality we have to adopt. So yes, you can get some of these things done very cheaply and you can tick a box, but it's not going to help you when things go wrong.” - Steve Durbin

Read the transcript of this episode
Subscribe to the ISF Podcast wherever you listen to podcasts
Connect with us on LinkedIn and Twitter

From the Information Security Forum, the leading authority on cyber, information security, and risk management.

Denne episoden er hentet fra en åpen RSS-feed og er ikke publisert av Podme. Den kan derfor inneholde annonser.

Episoder(343)

343: Peter Hinssen - The New Never Normal: AI, the Future of Business and the Leaders We Need

Today, one of our favorite guests returns: Peter Hinssen. A renowned keynote speaker, author and serial entrepreneur, Peter is one of the most sought-after thought leaders on radical innovation, leade...

2 Jun 28min

342: Betsy Cooper - The Policy Gap: Navigating AI, Risk and Regulation

In this episode, Steve is in conversation with Betsy Cooper, director of the Aspen Policy Academy at the Aspen Institute. As an expert in cyber and tech policy, Betsy shares her thoughts on how policy...

19 Mai 26min

341: Dr. Keith Morneau - AI & the Resilient Workforce: Thriving in the Next Decade

Today’s guest is Dr. Keith Morneau, an experienced cybersecurity professional who currently serves as Dean of Computer and Information Science at ECPI University. Steve and Kieth discuss the future of...

12 Mai 24min

340: John "Jock" Brocas - Gut Instinct: The Intuitive Edge in Cyber Security

In today’s episode, Steve sits down with John “Jock" Brocas, a former military member who is now an executive mentor and strategic intuitive intelligence advisor to the C-suite. Jock is far from your ...

5 Mai 23min

S36 Ep27: Emily Holyoake - Beyond Infrastructure: The Case for Putting People First

Today’s episode might sound a little bit different, but it’s a really important conversation. Steve sits down with Emily Holyoake, co-founder of Not A Standard and the brain behind the FRAME Network, ...

28 Apr 24min

S36 Ep26: Brett Johnson - From Most Wanted to Most Valuable: Inside the Cybercrime Landscape

Today we bring back one of our favorite guests: former US most-wanted cybercriminal Brett Johnson. It’s been seven years since he was last on the show, and much has happened in the world of cyber. Bre...

21 Apr 26min

S36 Ep25: Steve Durbin - Global Threats, UK Blind Spots: Cyber Resilience in a Volatile World

Today, Steve returns to Business Matters with Juliette Foster. The war continues to rage in Iran, and with it comes an increasing threat of cyber attacks. Steve shares his thoughts on what the conflic...

14 Apr 29min

S36 Ep24: Special edition – From Awareness to Action: Prostate Cancer, Community and the Case for Early Detection

Today’s episode is a special one, recorded to announce an exciting and important new partnership between ISF and the organisation Prostate Cancer Research. Joining the show is PCR CEO Oliver Kemp, who...

31 Mar 30min