Dark Reading Unveils Inaugural Podcast Featuring Cybersecurity Insights

Dark Reading launches its first podcast, "Dark Reading Confidential," discussing the complex relationship between the SEC and CISOs in publicly traded companies. The inaugural episode features top cybersecurity practitioners sharing their experiences and insights on the SEC's new rules and disclosure requirements.

Nitish Verma
New Update
Dark Reading Unveils Inaugural Podcast Featuring Cybersecurity Insights

Dark Reading Unveils Inaugural Podcast Featuring Cybersecurity Insights

Dark Reading, a prominent cybersecurity publication, has launched its first-ever podcast, "Dark Reading Confidential," hosted by Senior Editor Becky Bracken. The inaugural episode, released on May 11, 2024, brings together top cybersecurity practitioners to share their stories, experiences, and insights on the increasingly complex relationship between the Security and Exchange Commission (SEC) and the role of Chief Information Security Officers (CISOs) within publicly traded companies.

Why this matters: The new SEC rules and increased scrutiny of CISOs have significant implications for the cybersecurity industry, as companies must navigate the complexities of disclosure and risk assessment. This development also highlights the growing importance of cybersecurity in the corporate world, where a single breach can have far-reaching consequences for companies and their stakeholders.

The first episode, titled "The CISO and the SEC," features Frederick Flee Lee, CISO of Reddit; Beth Burgin Waller, a practicing cyber attorney; and Ben Lee, Chief Legal Officer of Reddit. The discussion revolves around the SEC's new rules announced in July 2023, which require companies to disclose a "material incident" or breach within four days. However, the SEC did not provide clear criteria for what constitutes a material incident or when the disclosure clock starts ticking.

The new SEC rules also mandate that companies discuss their assessment of material risks from cyber threats in their annual reports. This development comes at a time when two high-profile CISOs have made headlines for negative reasons in the past year. Joe Sullivan, former Uber CISO, was convicted of two felonies related to the 2016 Uber data breach, while Tim Brown, CISO of SolarWinds, was charged by the SEC for misconduct related to the disclosure of their 2020 supply chain attack.

Kelly Jackson Higgins, Editor-in-Chief of Dark Reading, highlights the challenges CISOs now face: "We're about almost a full year now into the SEC announcing its new rules requiring disclosure within four days of a quote material incident or breach." She adds, "It's gotten really complicated... And actually, in the last this past year, we've had two CISOs in the headlines not for good reasons."

CISOs are now tasked with the dual challenge of properly interpreting the SEC's rules and managing their own personal liability, adding to the already stressful nature of the job. Frederick Flee Lee, CISO of Reddit, shares his perspective: "So you know, at least from an experience standpoint, it does make you a little bit more nervous... Like, the job in and of itself is already stressful as you had mentioned."

"Dark Reading Confidential" aims to provide a platform for cybersecurity professionals to share their stories and insights from both professional and personal perspectives. The podcast offers listeners a unique opportunity to hear directly from experts in the field, gain a deeper understanding of the industry's latest news and trends, and learn about the challenges and solutions faced by CISOs.

The launch of "Dark Reading Confidential" marks a significant milestone for Dark Reading as it expands its offerings to include audio content. The podcast is available on major platforms, including Apple Podcasts, Spotify, Amazon Music, Audible, Pocket Casts, and Deezer. With its focus on the human stories behind cybersecurity, the podcast has the potential to promote knowledge sharing and raise awareness about the importance of responding quickly to regulatory changes and implementing appropriate security measures.