Caffeinated Risk

Risk conversations; Awkward, Unpopular and Essential - with Joshua Copeland

Joshua Copeland's cyber security moniker is "The Unpopular Opinion Guy",  while most of us in security roles have been that person with an unpopular opinion at least a time or two, Copeland turned it into both a book and a bit of a movement through numerous posts on Linkedin about many of the challenges in our industry.That said, this is not a mud slinging episode,  Joshua had numerous, pragmatic examples of both the problem space and ways to address them. There are a lot of misconceptions about cyber security but there are also a wide array of real world impacts in our daily lives making this a very difficult area to master.  Mr. Copeland has some of the unlock codes, making for another compelling episode. 

Cyber Security, the legal perspective with Brent Arnold

"Legal and Regulatory" is a common receptor category  in most enterprise risk matrices but with any luck most organizations have limited direct experience with cyber litigation matters.  This episode jumps right into the deep end with one of Canada's preeminent cyber lawyers,  Brent Arnold.  Business law has evolved over hundreds of years, cybersecurity precedents began to appear on the legal landscape in the late 1980s and AI is the new kid on the block, barely out of diapers. While this episode can not be considered legal advice the chance to listen in on the ideas and opinions of from someone on the frontlines of this emerging risk vector should not be missed.

Cyber Resilience, a National Solution with Herbert Fensury

Cyber crime is now a daily fact of life and a significant concern in both the private and public sectors but our response capabilities do not seem to be keeping up.  This episode dives deep into one organization that is combatting this problem with a combination of academic research, industry expertise and hands-on training with the founder and CEO, Herbert Fensury. While cyber security is a global problem, economics and politics dictate different solution requirements. The Canadian Cyber Assessment, Training and Experimentation (CATE) Centre is both cutting edge and focused on Canadian cyber resilience at both a regional and national level. 

Integrated Assurance with Patrick Hayes

20 years after their paths first crossed, three Canadian security professionals regroup to discuss a new risk management strategy book based on hard won field experience.  Patrick Hayes was a security strategist before organizations knew this was success differentiator. For decades he has been guiding organizations large and small, public, private and government on balancing business objectives with security.  Mr. Haye's new book "Integrated Assurance: Unified Risk Strategy" is destined to become a reference for others tasked with supporting enterprise security and he has recently added a Substack series on the emerging threats of AI, again from the focus of an adversary intent on mission interruption. 

The Summer Show - 2025, (pt 2)

Part 2 of this summer break episode takes a bit of a light hearted look at the cyber security industry predictions that become the norm in late December and early January.  Eight or nine months later, how accurate where they? Take a listen, there are a couple surprises.The conversation uncovers a few ongoing challenges with the cyber security industry, from the digital divide associated with aging to organizational shifts away from engineering principles. A book by security pioneer Bruce Schneier is mentioned late in the show and Doug managed to mangle the title twice, but did read, and does recommend the book.