New Episode of The Cyber Show: #048 | S6 | In The Chair | Positive Security Thinking

In this episode of The Cyber Show, we are pleased to welcome Danny Jenkins, co-founder and CEO of ThreatLocker, a leading company in cybersecurity solutions. Danny shares his unique journey, from his beginnings as an ethical hacker to the creation of ThreatLocker, a company that advocates for a positive security model. Danny starts by recounting his journey, marked by a difficult childhood where he learned to program batch files to erase his classmates' homework. After leaving school at 15, he began his career in IT as an apprentice. It was only after selling an email security company in 2013-2014 that he ventured into ethical hacking, an activity that quickly led him to help companies recover from ransomware attacks. One of the key moments in his journey was when he helped an Australian company recover from a ransomware attack. This experience pushed him to develop ThreatLocker, a solution that blocks any unapproved software and limits the permissions of approved software. The goal is to minimize damage in case of an intrusion. Danny emphasizes the importance of not just detecting threats but implementing controls to limit potential damage. The podcast also addresses the issue of resilience in the face of cyberattacks. Danny stresses that companies must adopt a "when, not if" attitude towards attacks. It is crucial to set up systems that allow for quick recovery and limit damage. He compares this to a home alarm system: the first line of defense is to lock the door, but it is also important to have a response plan in case of a breach. Danny also discusses the importance of community and collaboration in the field of cybersecurity. He mentions the importance of having a rapid response team and being able to rely on friends and colleagues in times of crisis. He emphasizes that security should not be siloed between technical teams and management teams but should be integrated at all levels of the company. The podcast also explores the relationship between identity and trust, and how behaviors can change. Danny insists on the importance of giving employees only the access necessary for their role and monitoring abnormal behaviors. He mentions that trust should not be blind but should be based on appropriate controls and monitoring. Finally, Danny shares his thoughts on the impact of AI on cybersecurity. He emphasizes that AI can be a valuable tool to improve products and services, but it should not be used to replace human decisions. He warns against the risks of manipulation and misuse of AI and insists on the importance of using it to complement, rather than replace, human decisions. In conclusion, Danny offers advice to companies on how to treat their employees, attract and retain talent, and build a strong company. He emphasizes the importance of believing in the company's mission and surrounding oneself with people who share this vision. He also highlights the importance of training and developing talent internally, rather than just looking for experienced profiles. To learn more, listen to the full episode at http://cybershow.uk/episodes.php?id=48