State Of Security

In this episode (~45 minutes), I answer questions from the audience around blockchain and smart contract security considerations. I cover some of the reasons why I think these technologies are important, what their potential impacts are likely to be and how information security teams should prepare. Some of the questions drift into changes around store of value, investment insights and other closely related topics. This episode is sponsored by MachineTruth™ - a new passive, analytics-based solution for network inventory, traffic analysis and security baselining. Learn more at  http://www.machinetruth.net.

This episode is a tidbit episode, weighing in just under 20 minutes. I sat down last week with Megan Mayer (@Megan__Bytes) in the lobby bar of the Hyatt during the Central Ohio Security Summit. Pardon the background noise, but we riffed on what Megan believes are the top 3 things that every security manager or infosec team should do this week. She had some great insights and I think her points are fantastic. Give it a listen, and as always, if you have feedback or have someone in mind that you'd like to have interviewed on the podcast or a topic that you'd like to see covered, drop me a line (@lbhuston).  As always, thanks for listening and stay safe out there!

In this episode, the tables get turned on me and I become the one being interviewed. The focus is on honeypots, intrusion deception and bounces from technology to industry and to overall trends. This is a great conversation with an amazing young man, Vale Tolpegin, a student from Georgia Tech with an amazing style and a fantastic set of insights. He really asks some great questions and clarifying follow ups. This young man has a bright future ahead! Tune in and check it out! Let me know on Twitter (@lbhuston) what you liked, hated or what stuck with you. 

In this tidbit episode (just under 30 mins), I interview Jeffrey McClure ("3gg") about his work at the Holocaust Musuem and his background. I also discuss helping the state Boards of Election and a few other topics. Check it out, and let me know on Twitter what you think! 

This is a tidbit episode, and comes in just under 35 minutes. This time around, I walk through a presentation I gave to the Central Ohio CIO/CISO group. The topic is Questions for Cloud Providers and deals with unusual security questions you should be asking beyond the usual SLA. Following that, I talk through an update on what I have been working on, where some of my research is going and what I have been up to over the winter. I plan to balance between these roughly half hour tidbit episodes, the longer form podcasts which often include interviews or detailed topic dives and quick "flash" episodes which should come in under 15 minutes.  That means, hopefully, more episodes at a more rapid pace and with a variety of content.  I hope you dig it. I love making these podcasts, but the real joy is when people tell me they like them. Stay safe out there! 

This episode completes 2016 and in it, I answer questions from listeners. I cover topics such as the DNC hack, working with mentees, the idea of a "Great Firewall" for the USA and a variety of others. Weighing in at around an hour, there is some very cool stuff here, if I do say so myself. :) 

The State of Security Podcast is BACK! This time around, we discuss changes to the format and some of the upcoming changes in content we will be experimenting with over the next few months. We also decided to release more than one episode a month, when possible. The sound quality is now much improved and we have retained a firm to do post audio processing for us, so hopefully, the sound will now be amazing! :) This episode features an interview with @thetokenfemale (Lisa Wallace) as she tears into the history of malware, her memories of early days of AV and some advice for women in infosec. Check it out! As always, thanks for listening, and spread the word - State of Security is back with a vengeance! :) 

In this episode, I ask some of my friends and members of the infosec community a simple question - "What was the single biggest thing you learned about infosec in 2015?". Some of the answers are very personal, all are insightful and everyone was very kind to share their thoughts with the world. Thanks to all who participated!This is the first episode made with call-ins and Garage Band. More will follow. Thanks for listening! 

This episode runs around an hour and features a very personal interview with me in the hot seat and the mic under control of @AdamJLuck. We cover topics like security history, my career, what I think is on the horizon, what my greatest successes and failures have been. He even digs into what I do every day to keep going. Let me know what you think, and as always, thanks for listening! 

This time around we riff on Ashley Madison (minus the morals of the site), online privacy, OPSec and the younger generation with @AdamJLuck. Following that, is a short with John Davis. Check it out and let us know your thoughts via Twitter - @lbhuston. Thanks for listening! 

This episode is a great interview with Mark "Phork" Carey. We riff on the future of technology & infosec, how machine learning might impact security in the long term, what it was like to build the application-centric web with Sun, lessons learned from decades of hardware hacking and whole lot more! The short for this month is with @pophop, so check out what the self-proclaimed "elder geek" has to say as he spreads some wisdom. Let us know what you think and send in ideas for other folks you would like to hear on the podcast. You can reach me on Twitter here. 

This time around, we get one of the most personal episodes yet - a behind the curtain look of what it is like to manage the incident response team in a highly publicized breach, under strict regulation, for 6+ months. The insights here and examinations of the personal and professional impacts are profound. We also close this episode with our new "shorts" segment - this time with an insight from @sempf. Thanks for listening, and as always, let us know what you think on Twitter - @microsolved or @lbhuston. Stay safe out there! 

This is one of my favorite episodes so far! I spend about 45 minutes with Josh Anderson, who riffs on IT and ICS/SCADA security threats, career advice, how he compares his life to characters on TV's "24" and a whole lot more. Very relaxed, generous in time and content, this interview with one of America's Premier ICS Security Gurus (I just gave him that title...) is fun and lively. Special shout out to Kent King for his mentorship in this episode, as well. Let us know what you think on StateOfSecurity.com or via Twitter. Thanks for listening! 

In this episode, I am joined by John Davis from MicroSolved, Inc. We riff on techniques for developing modern security policies that users actually read, rational risk assessment, ideas for crowd sourcing policy/process management, and a bit of history.Give it a listen and let us know what you think!

In this episode, I sit down for a chat with @Sempf to discuss application security, working with development teams and more. Bill goes so far as to suggest two (2!) simple steps to help increase the security effectiveness of organizations. Check it out!As always, you can read more on StateOfSecurity.com or engage with us on Twitter (@microsolved, @lbhuston) and let us know what you think.

In this episode we sit down with Mark Tomallo, from Panopticon Labs, and RSA's Kevin Flanagan. We discuss mentoring, online crime, choosing infosec as a career and even dig out some tidbits from Mark about online gaming fraud and some of the criminal underground around the gaming industry. I think this is a very interesting and fun episode, so check it out and let us know what you think on Twitter (@microsolved, or @lbhuston). Thanks for listening! 

This episode is about 45 minutes in length and features an interview with Dave Rose (@drose0120) and Helen Patton (@OSUCISOHelen) about ethics in security, women in STEM roles and career advice for young folks considering Infosec as a career. Have feedback, let me know via Twitter (@lbhuston).As always, thanks for listening and reading stateofsecurity.com!