POPULARITY
4 episodes with cheryl biswas
3 episodes with cheryl biswas
Learn about the conference that is committed to helping the underrepresented in Information Security.The Diana Initiative features multiple speaker tracks, fully expanded villages with hands-on workshops, career support, and a CTF.______________________________GuestCheryl BiswasAdvisor & Founding Member of The Diana Initiative [@DianaInitiative]On Twitter | https://twitter.com/3ncr1pt3dOn LinkedIn | https://www.linkedin.com/in/cherylbiswas/______________________________HostChloé MessdaghiOn ITSPmagazine
It was the best of times, it was the worst of times, it was the age of wisdom, it was the age of foolishness, it was the epoch of belief, it was the epoch of incredulity, it was the season of light, it was the season of darkness, it was the spring of hope, it was the winter of despair. -- Charles Dickens, A Tale of Two Cities It’s that time again! Time to take a look back on the year that was. This episode takes a look at the time from January through the end of March. Ah yes… simpler times… still optimistic and curious. We chat about the value of design, electric motorcycles that go 200 mph, autonomous vehicles and the role of technology in a then newly blooming pandemic… among other things. The guests are some of the most important thinkers in the IT world. It’s interesting to hear their thoughts then, filtered through the prims of what we know now. Jordan DeVries: Yes Design Really is That Important Derek Dorresteyn: A 200 mph ELECTRIC Superbike? Damon Motorcycles Builds Those Ryan Permeh: Leading the AI Journey from Cylance to BlackBerry Kip Boyle: Virtual CISO at Your Service Richard Steinon: Security Yearbook 2020 Jeff Davis: Smart Mobility Is More than Just Autonomous Vehicles Joseph Menn: Malware Is More Interesting than I Thought Ted Claypoole: Does AI Have Rights? Dr Saif Abed: The Role of Technology in a Global Healthcare Crisis Dr Jessica Barker, Cheryl Biswas, Sherri Davidoff and Theresa Payton: Perspectives on the New Normal About Matt Stephenson Insecurity Podcast host Matt Stephenson (@packmatt73) leads the Broadcast Media team at BlackBerry, which puts me in front of crowds, cameras, and microphones all over the world. I am the regular host of the InSecurity podcast and video series at events around the globe. I have spent the last 10 years in the world of Data Protection and Cybersecurity. Since 2016, I have been with Cylance (now BlackBerry) extolling the virtues of Artificial Intelligence and Machine Learning and how, when applied to network security, can wrong-foot the bad guys. Prior to the COVID shutdown, I was on the road over 100 days a year doing live malware demonstrations for audiences from San Diego to DC to London to Abu Dhabi to Singapore to Sydney. One of the funniest things I've ever been a part of was blowing up a live instance of NotPetya 6 hours after the news broke... in Washington DC... directly across the street from FBI HQ... as soon as we activated it a parade of police cars with sirens blaring roared past the building we were in. I'm pretty they weren't there for us, but you never know... Every week on the InSecurity Podcast, I get to interview interesting people doing interesting things all over the world of cybersecurity and the extended world of hacking. Sometimes, that means hacking elections or the coffee supply chain... other times that means social manipulation or the sovereign wealth fund of a national economy. InSecurity is about talking with the people who build, manage or wreck the systems that we have put in place to make the world go round... Can’t get enough of Insecurity? You can find us at Spotify, Apple Podcasts and ThreatVector as well as GooglePlay, Gaana, Himalaya, I Heart Radio and wherever you get your podcasts! Make sure you Subscribe, Rate and Review!
Cheryl Biswas loves being a Threat Intel Analyst with TD Bank in Canada and assessing threat actors, vulnerabilities, and exploits. She is a Political Science graduate, ITIL certified, and took the long way to InfoSec. She actively shares her passion for security online as a speaker, volunteers at conferences, and champions diversity as a founding member of The Diana Initiative.Twitter: @3ncr1pt3dWebsites: whitehatcheryl.wordpress.com and www.linkedin.com/in/cherylbiswasCHAPTERS (use the chapter feature on your podcast player!)00:00:00 Intro00:01:02 Cheryl's Origin Story00:03:20 Twitter and the Kardashians of InfoSec00:04:20 Welcoming newbies, how awesome is @sn0ww00:05:20 Seriously... everyone loves @sn0ww00:07:45 Alice in Security Wonderland. https://www.linkedin.com/pulse/my-first-con-alice-security-wonderland-cheryl-biswas/)00:10:45 Diana Initiative Mission https://www.dianainitiative.org00:11:50 Cheryl's First talks, shoutout to @mainframed76700:18:05 DEFCON and Diana00:25:40Advice to a younger Cheryl00:27:00 Cheryl's COVID 19 observations00:32:30 Cheryl's favorite books: Countdown to Zero Day by @KimZetter00:34:55 Andy Greenburg's book "Sandworm”00:37:20"The Shadow War" by Jim Sciutto00:38:55 "Women in Tech" by Tarah Wheeler00:39:42 Life Hacks00:43:10 Toxic Behavior and Twitter00:47:50 Closing thoughts
Women in Cybersecurity: Perspectives on The New Normal Science is not a boy's game, it's not a girl's game. It's everyone's game. It's about where we are and where we're going. Space travel benefits us here on Earth. And we ain't stopped yet. There's more exploration to come -- Nichelle Nichols Tennis legend Serena Williams was once asked by a reporter about being considered “one of the greatest female athletes of all time,” She replied: “I prefer the words ‘one of the greatest athletes of all time." That made news for a week, which is embarrassing given the fact that Venus has more titles than Michael Jordan, Michael Schumacher and Cristiano Ronaldo… combined. How bout we just round up the some of the top people in the field for a discussion on what is happening in this crazy world right now? Sound good? Good. This week on Insecurity, Matt Stephenson speaks with an All-Star Cybersecurity panel of experts including Dr Jessica Barker, Cheryl Biswas, Sherri Davidoff & Theresa Payton. With COVID19 changing everything from industry conferences to the US Presidential Election process, what role does cybersecurity play in The New Normal and The Next Normal? Check it out… About Dr Jessica Barker Dr Jessica Barker (@drjessicabarker) is a leader in the human nature of cybersecurity. She has been named one of the top 20 most influential women in cybersecurity in the UK and awarded as one of the UK’s Tech Women 50. She is Co-Founder and Co-Chief Executive Officer of Cygenta, where she positively influences cybersecurity awareness, behaviors and culture in organizations around the world. Dr Barker is a popular keynote speaker and shares her expertise in the media, for example on BBC News, Sky News, Channel 4 News and in Grazia magazine and the Sunday Times. She is Chair of ClubCISO, a peer-based members forum of over 300 information security leaders. In the last year, Dr Barker has given cybersecurity outreach sessions to over 5,000 school students. Jessica’s new book Confident Cyber Security will be released on June 3rd, 2020, published by Kogan Page. About Cheryl Biswas Cheryl Biswas (@3ncr1pt3d) is a Strategic Threat Intel Analyst with a major bank in Toronto, Canada. Previously, she worked as a Cybersecurity Consultant with KPMG. Her experience includes strategic analysis of threat actors and campaigns, security audits and assessments, privacy, DRP, project management, vendor management and change management. Cheryl holds an ITIL certification and has a degree in political science. She is actively involved in the security community as a conference speaker and a volunteer, and encourages women and diversity in infosec as a founding member of the The Diana Initiative. About Sherri Davidoff Sherri Davidoff (@sherridavidoff) is the CEO of LMG Security and the author of Data Breaches: Crisis and Opportunity. As a recognized expert in cybersecurity, Davidoff has been called a “security badass” by the New York Times. She has conducted cybersecurity training for many distinguished organizations, including the Department of Defense, the American Bar Association, FFIEC/FDIC and many more. Sherri is an instructor for Black Hat, and the co-author of Network Forensics: Tracking Hackers through Cyberspace. Davidoff is a GIAC-certified forensic examiner (GCFA) and penetration tester (GPEN), and holds her degree in computer science and electrical engineering from MIT. She has been featured as the protagonist in the book, Breaking and Entering: The Extraordinary Story of a Hacker Called Alien. About Theresa Payton Theresa Payton (@TrackerPayton) is President and CEO of Fortalice Solutions, former White House CIO, star of the CBS hit show Hunted, and best-selling author of the book Privacy in the Age of Big Data. Payton is one of the nation’s most respected authorities on information security, cybercrime, fraud mitigation, and security technology implementation. As White House Chief Information Officer at the Executive Office of the President from 2006 to 2008, Payton administered the information technology enterprise for the President and 3,000 staff members. Theresa founded Fortalice in 2008 and lends her expertise to government and private sector organizations to help them improve their information technology systems. In 2010, Security Magazine named her one of the top 25 "Most Influential People in Security." Theresa’s new book, Manipulated: Inside the Cyberwar to Hijack Elections and Distort the Truth About Matt Stephenson Insecurity Podcast host Matt Stephenson (@packmatt73) leads the broadcast media team at Cylance, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecurity podcast and video series at events around the globe. Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Stephenson to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come Every week on the InSecurity Podcast, Matt interviews leading authorities in the security industry to gain an expert perspective on topics including risk management, security control friction, compliance issues, and building a culture of security. Each episode provides relevant insights for security practitioners and business leaders working to improve their organization’s security posture and bottom line. Can’t get enough of Insecurity? You can find us at ThreatVector InSecurity Podcasts, Apple Podcasts and GooglePlay as well as Spotify, Stitcher, SoundCloud, I Heart Radio and wherever you get your podcasts! Make sure you Subscribe, Rate and Review!
Cheryl Biswas: Diversifying Cybersecuity You better watch out Oh, what you wish for It better be worth it So much to die for Hey, so glad you could make it Yeah, now you've really made it Hey, there's only us left now --Hole – 1997, Celebrity Skin What if I told that… compared to men, higher percentages of women cybersecurity professionals are reaching some of the most sought after positions in security. Among the security workforce, the population of women in key spots is surging… Chief Technology Officer 7% of women vs 2% of men Vice President of IT 9% vs 5% IT Director 18% vs 14% C-level / Executive 28% vs 19% Women in cybersecurity are generally more educated and younger than their male colleagues. 44% of men in cybersecurity hold a post-graduate degree compared to 52% of women. Also, nearly half of women cybersecurity professionals surveyed are millennials – 45% compared to 33% of men. By contrast, Generation X men make up a bigger percentage of the workforce (44%) than women (25%) Now… what if I told you that the gender pay gap hasn't moved at all. Women still make less than men. according to the 2018 (ISC)2report, women make $5,000 less than men in security management positions. It is this environment that spurred a group of women to create The Diana Initiative. In this week’s episode of InSecurity, Matt Stephenson chats with Cheryl Biswas on why the time was right to co-create The Diana Initiative. Now, 4 years later, Diana has a new home and is key part of that stretch of August where the cybersecurity world convenes in Las Vegas to figure out how to save the world. Their mission is to encourage diversity and support women who want to pursue careers in information security, promote diverse and supportive workplaces, and help change workplace cultures. About The Diana Initiative It was the summer of 2015. Hackers from around the world had gathered in Las Vegas, NV for DEF CON 23. In the cafeteria tucked away in the basement of Bally’s and Paris, 9 women found themselves chatting and laughing about their experiences in the field of Information Security. They were all passionate about their challenging roles in the male-dominated field and began exchanging strategies for success in their challenging environments. It was then and there that they accepted their new mission: to create a conference for all those who identify as women/non binaries, and to help them meet the challenges that come with being a woman in Information Security with resilience, strength and determination. The first event in 2016 began with a morning speaking track and an afternoon of lockpicking and badge soldering in a small suite at Bally’s, bringing attendees together in a collaborative, comfortable setting. Interest and attendance showed that demand for a woman-focused InfoSec conference existed. In 2017, The Diana Initiative was formed and the conference expanded to cover almost 2 days – with speakers on the evening of the first day, as well as the entire second day. There was also a hands-on opportunity for learning about lockpicking, a Career village, and fun contests. During the summer of 2018, The Diana Initiative conference soared in popularity. But with this incredible growth and popularity, the space still couldn’t meet the demand, as attendees were continuously turned away due to over capacity of all the suites. For more information, make sure to follow them at @DianaInitiativeand keep up with them on LinkedIN and Facebook. About Cheryl Biswas Cheryl Biswas’s (@3ncr1pt3d) fascination with computers started with those blinking machines on the original Star Trek, and the realization that, if she could learn to work those things, then she could boldly go – anywhere! But Cheryl didn’t learn math like everyone else and found herself struggling. She mistakenly believed a few key people who convinced her that she couldn’t learn computers, so she didn’t take programming or comp sci. They were wrong, though. Curiosity and passion led Cheryl to technology through the back door and she taught herself computers. Currently, Cheryl is a Threat Intel analyst on a cybersecurity team, researching, analysing, and communicating her discoveries to the team and to clients to keep them safe. GRC, privacy, APTs, best practices, evolving threats – the learning never stops. Cheryl is an active writer and speaker about threats to less-known but critical systems like ICS SCADA and Mainframes, Shadow IT and Big Data. You may have seen her present at some of the most important security conferences including BSides Las Vegas and Toronto, DEFCON, ShmooCon and SecTor. About Matt Stephenson Insecurity Podcast host Matt Stephenson (@packmatt73) leads the Security Technology team at Cylance, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecurity podcast and host of CylanceTV Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Matt to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come Every week on the InSecurity Podcast, Matt interviews leading authorities in the security industry to gain an expert perspective on topics including risk management, security control friction, compliance issues, and building a culture of security. Each episode provides relevant insights for security practitioners and business leaders working to improve their organization’s security posture and bottom line. Can’t get enough of Insecurity? You can find us at ThreatVector InSecurity Podcasts, iTunes/Apple Podcasts and GooglePlay as well as Spotify, Stitcher, SoundCloud, I Heart Radio and wherever you get your podcasts! Make sure you Subscribe, Rate and Review!
Advanced Persistent Threat is a STEAL THIS SHOW special series looking at the 2016 Bangladesh Bank Heist (https://en.wikipedia.org/wiki/Bangladesh_Bank_robbery?utm_source=rss&utm_medium=rss) . Had it succeeded, this would easily have been the biggest bank robbery in history — and it was carried out almost entirely in the digital realm, using a variety of exploits and malware, in order to leverage access to the SWIFT banking network and the US Federal Reserve. In Part One, we look at exactly what happened in the Bangladesh heist, and walk through how it was carried out. To help us through the complex story, we hear from Cheryl Biswas (https://twitter.com/3ncr1pt3d?utm_source=rss&utm_medium=rss) , Strategic Threat Intel Analyst in Cyber Security at a Big Four consulting firm. After covering the how of the robbery, we consider whether trusted systems like SWIFT can remain secure in an information environment replete with radically heterogeneous, eminently hackable devices. Cheryl Biswas wishes to make clear that she speaks here on her own behalf Her views do not represent those of her employer. This episode was completed in part with funding from Film Agency Wales (http://www.ffilmcymruwales.com/index.php/en/?utm_source=rss&utm_medium=rss) . Presented by TorrentFreak (http://torrentfreak.com?utm_source=rss&utm_medium=rss) | Season Sponsor Private Internet Access (http://privateinternetaccess.com?utm_source=rss&utm_medium=rss) Showrunner & Host Jamie King (mailto:jamie@stealthisshow.com) | Editing & Post Lucas Marston (mailto:lucas@hollagully.com) Original Music David Triana | Web Production Eric Barch Episode Sponsor ZCash Company (https://z.cash/?utm_source=rss&utm_medium=rss) Executive Producers: Mark Zapalac (http://twitter.com/mark_zapalac?utm_source=rss&utm_medium=rss) , Eric Barch (https://twitter.com/ericbarch?utm_source=rss&utm_medium=rss) , Nelson Larios, George Alvarez, Adam Burns, Daniel, Grof, Sean Lynch. (http://www.facebook.com/sharer.php?u=https%3A%2F%2Fstealthisshow.com%2Fs04e07%2F&t=Advanced%20Persistent%20Threat%20Part%201%3A%20%E2%80%98The%20What%20%26%20How%20Of%20the%20Bangladesh%20Bank%20Heist%E2%80%99&s=100&p[url]=https%3A%2F%2Fstealthisshow.com%2Fs04e07%2F&p[images][0]=https%3A%2F%2Fstealthisshow.com%2Fwp-content%2Fuploads%2F2018%2F10%2Fapt-e1539783611295.jpg&p[title]=Advanced%20Persistent%20Threat%20Part%201%3A%20%E2%80%98The%20What%20%26%20How%20Of%20the%20Bangladesh%20Bank%20Heist%E2%80%99&utm_source=rss&utm_medium=rss) (https://twitter.com/intent/tweet?url=https%3A%2F%2Fstealthisshow.com%2Fs04e07%2F&text=Hey%20check%20this%20out&utm_source=rss&utm_medium=rss) (https://plus.google.com/share?url=https%3A%2F%2Fstealthisshow.com%2Fs04e07%2F&utm_source=rss&utm_medium=rss) (http://www.reddit.com/submit?url=https%3A%2F%2Fstealthisshow.com%2Fs04e07%2F&title=Advanced%20Persistent%20Threat%20Part%201%3A%20%E2%80%98The%20What%20%26%20How%20Of%20the%20Bangladesh%20Bank%20Heist%E2%80%99&utm_source=rss&utm_medium=rss) (http://pinterest.com/pin/create/button/?url=https%3A%2F%2Fstealthisshow.com%2Fs04e07%2F&media=https%3A%2F%2Fstealthisshow.com%2Fwp-content%2Fuploads%2F2018%2F10%2Fapt-e1539783611295.jpg&description=Advanced%20Persistent%20Threat%20Part%201%3A%20%E2%80%98The%20What%20%26%20How%20Of%20the%20Bangladesh%20Bank%20Heist%E2%80%99&utm_source=rss&utm_medium=rss) (http://www.linkedin.com/shareArticle?mini=true&url=https%3A%2F%2Fstealthisshow.com%2Fs04e07%2F&title=Advanced%20Persistent%20Threat%20Part%201%3A%20%E2%80%98The%20What%20%26%20How%20Of%20the%20Bangladesh%20Bank%20Heist%E2%80%99&utm_source=rss&utm_medium=rss) (mailto:?subject=Advanced%20Persistent%20Threat%20Part%201%3A%20%E2%80%98The%20What%20%26%20How%20Of%20the%20Bangladesh%20Bank%20Heist%E2%80%99&body=Hey%20check%20this%20out:%20https%3A%2F%2Fstealthisshow.com%2Fs04e07%2F)
Derbycon is probably one of the best infosec conferences of the calendar year. The podcast always has so much fun meeting listeners, meeting new people, and getting some audio to share with folks who can't be there. This year, we still got some audio, and it's great. We talked with Cheryl Biswas (@3ncr1pt3d) with her talks at #Derbycon and her work with the #dianaInitiative Check out her talks at the links on @irongeek's website... Cheryl's Track talk: http://www.irongeek.com/i.php?page=videos/derbycon8/track-1-05-draw-a-bigger-circle-infosec-evolves-cheryl-biswas Cheryl's Stable talk: http://www.irongeek.com/i.php?page=videos/derbycon8/stable-29-patching-show-me-where-it-hurts-cheryl-biswas I saw Tomasz near the @log-md booth, it was his first Derbycon, and I was interested in hearing what he had to say about hypervisor introspection... Tomasz Tuzel: http://www.irongeek.com/i.php?page=videos/derbycon8/track-4-18-who-watches-the-watcher-detecting-hypervisor-introspection-from-unprivileged-guests-tomasz-tuzel Make plans for next year! Follow @derbycon on Twitter! Check out our Store on Teepub! https://brakesec.com/store Join us on our #Slack Channel! Send a request to @brakesec on Twitter or email bds.podcast@gmail.com #Brakesec Store!:https://www.teepublic.com/user/bdspodcast #Spotify: https://brakesec.com/spotifyBDS #RSS: https://brakesec.com/BrakesecRSS #Youtube Channel: http://www.youtube.com/c/BDSPodcast #iTunes Store Link: https://brakesec.com/BDSiTunes #Google Play Store: https://brakesec.com/BDS-GooglePlay Our main site: https://brakesec.com/bdswebsite #iHeartRadio App: https://brakesec.com/iHeartBrakesec #SoundCloud: https://brakesec.com/SoundcloudBrakesec Comments, Questions, Feedback: bds.podcast@gmail.com Support Brakeing Down Security Podcast by using our #Paypal: https://brakesec.com/PaypalBDS OR our #Patreon https://brakesec.com/BDSPatreon #Twitter: @brakesec @boettcherpwned @bryanbrake @infosystir #Player.FM : https://brakesec.com/BDS-PlayerFM #Stitcher Network: https://brakesec.com/BrakeSecStitcher #TuneIn Radio App: https://brakesec.com/TuneInBrakesec
In today's podcast we hear that Tehran seems ready to follow Pyongyang into state-sponsored theft to redress financial shortfalls: cryptocurrency ransomware looks like Iran's preferred approach. DarkHydrus uses commodity tool Phishery in Middle Eastern campaign. Jackpotting cryptocurrency ATMs. The US imposes sanctions on Russia. Reality Winner's sentencing date announced. IBM looks at artificially intelligent malware. The mob's role in the cyber black market. What's the bigger gaming threat, sideloading apps or the Fortnite dance? We're asking for a friend. Awais Rashid from Bristol University on issues with software warranties. Guest is Cheryl Biswas from the Diana Initiative, a conference in Las Vegas celebrating diversity, women in security, and how to pursue a career in information security and technology.
Security of Mainframes (with Cheryl Biswas & Tracy Maleeff) Advanced Persistent Security Podcast Episode 41 Guests: Cheryl Biswas and Tracy “Infosec Sherpa” Maleeff April 5, 2018 If you enjoy this podcast, ...
Security of Mainframes (with Cheryl Biswas & Tracy Maleeff) Advanced Persistent Security Podcast Episode 41 Guests: Cheryl Biswas and Tracy “Infosec Sherpa” Maleeff April 5, 2018 If you enjoy this podcast, ... The post Security of Mainframes (with Cheryl Biswas & Tracy Maleeff) first appeared on Advanced Persistent Security. --- Send in a voice message: https://podcasters.spotify.com/pod/show/the-osintion/message Support this podcast: https://podcasters.spotify.com/pod/show/the-osintion/support
Long time listeners will remember Ms. Cheryl #Biswas as one of the triumvirate we had on to discuss #mainframes and mainframe #security. (http://traffic.libsyn.com/brakeingsecurity/2016-008-mainframe_secruity.mp3) I was interested in the goings on at BlackHat/DefCon/BsidesLV, and heard about #TiaraCon (@tiarac0n on Twitter). I went to find someone involved to understand what it was all about, and Ms. Cheryl reached out. She's an #organizer and was more than happy to sit down with me to understand why it was started. This is its inaugural year, and they already have some excellent schwag and sponsors. This is not just an event for ladies, but a way of #empowering #women, creating #mentorship opportunities, and assistance for people moving into the #infosec industry. Also, since Ms. Cheryl's loves discussing #ICS and #SCADA problems and headaches, we got into the headaches, #challenges, and maybe some 'logical' solutions to fixing SCADA vulns... but does the logical approach work in a business sense? TiaraCon official site: http://tiaracon.org/ TiaraCon Dates: Thursday Aug 4 - Friday Aug 5 Direct Link: http://traffic.libsyn.com/brakeingsecurity/2016-028-Cheryl_Biswas_Tiaracon_ICSSCADA_headaches.mp3 iTunes: https://itunes.apple.com/us/podcast/2016-028-cheryl-biswas-discusses/id799131292?i=1000372642921&mt=2 Youtube: https://www.youtube.com/watch?v=vsolDjsz5M4 SoundCloud: https://www.soundcloud.com/bryan-brake Comments, Questions, Feedback: bds.podcast@gmail.com Support Brakeing Down Security #Podcast on #Patreon: https://www.patreon.com/bds_podcast #Twitter: @brakesec @boettcherpwned @bryanbrake #Facebook: https://www.facebook.com/BrakeingDownSec/ #Tumblr: http://brakeingdownsecurity.tumblr.com/ #Player.FM : https://player.fm/series/brakeing-down-security-podcast #Stitcher Network: http://www.stitcher.com/s?fid=80546&refid=stpr #TuneIn Radio App: http://tunein.com/radio/Brakeing-Down-Security-Podcast-p801582
This week's super-sized episode is brought to us thanks to previous guest Cheryl Biswas. You might remember her from our "Shadow IT" (http:/brakeingsecurity.com/2015-048-the-rise-of-the-shadow-it) podcast a few months ago. She reached out to us to see if we were interested in doing a podcast on mainframe security with her and a couple of gentlemen that were not unknown to us. Of course we jumped at the chance! You might know them as @mainframed767 and @bigendiansmalls (Chad) on Twitter. They've been trying to get people to be looking into mainframes and mainframe security for years. Mainframes are usually used by financial organizations, or older organizations. In many cases, these systems are managed by a handful of people, and you will have little or no help if you are a red teamer or pentester to make sure these systems are as secured as they possibly can. So, Cheryl (@3ncr1pt3d), @bigendiansmalls, and @mainframed767 (Philip) walk us through how a mainframe functions. We discuss what you might see when a scan occurs, that if runs a mainframe OS, and a Linux 'interface' OS. We also discuss methods you can use to protect your organization, and methods you can use as a redteamer to learn more about mainframes. Chad's talk at DerbyCon 2015: https://www.youtube.com/watch?v=b5AG59Y1_EY Chad discussing mainframe Security on Hak5: https://www.youtube.com/watch?v=YBhsWvlqLPo Linux for mainframes: http://www-03.ibm.com/systems/linuxone/ Philip's talks on Youtube: https://www.youtube.com/playlist?list=PLBVy6TfEpKmEL56fb5AnZCM8pXXFfJS0n Brian and I wish to thank Cheryl for all her help in making this happen. You can find her blog over at Alienvault's site... https://www.alienvault.com/blogs/author/cheryl-biswas Stitcher Network: http://www.stitcher.com/s?fid=80546&refid=stpr TuneIn Radio App: http://tunein.com/radio/Brakeing-Down-Security-Podcast-p801582/ BrakeSec Podcast Twitter: http://www.twitter.com/brakesec Bryan's Twitter: http://www.twitter.com/bryanbrake Brian's Twitter: http://www.twitter.com/boettcherpwned Join our Patreon!: https://www.patreon.com/bds_podcast Tumblr: http://brakeingdownsecurity.tumblr.com/ RSS FEED: http://www.brakeingsecurity.com/rss Comments, Questions, Feedback: bds.podcast@gmail.com **NEW** Google Play Store: https://play.google.com/music/podcasts/portal/#p:id=playpodcast/series&a=100584969 **NEW** Listen to us on Player.FM!! : https://player.fm/series/brakeing-down-security-podcast Direct Download: http://traffic.libsyn.com/brakeingsecurity/2016-008-mainframe_secruity.mp3 iTunes: https://itunes.apple.com/us/podcast/2016-008-mainframe-security/id799131292?i=363392103&mt=2
Cheryl Biswas gave a great talk last month at Bsides Toronto. I was intrigued by what "Shadow IT" and "Shadow Data" means, as there appears to be some disparity. Why can't you write policy to enforce standards? As easy as it sounds, it's quickly becoming a reason young talented people might skip your company. Who wants to use Blackberries and Gateway laptops, when sexy new MacBook Airs and iPhone 6S exist? This also leads to the issue of business data being put on personal devices, which as anyone knows can cause a whole host of additional issues. Malware installed on personal devices can make for sharing business secrets a cinch. So, while Mr. Boettcher was working, I managed to wrangle a quick interview with Cheryl out of her offices in Toronto, Ontario. Cheryl gave us some great audio, and when you're done, you can watch her Bsides Toronto talk. Direct Link: http://traffic.libsyn.com/brakeingsecurity/2015-048-Cheryl_Biswas_Shadow_IT.mp3 iTunes Link: https://itunes.apple.com/us/podcast/2015-048-rise-shadow...-it!/id799131292?i=357889684&mt=2 Cheryl's Twitter: https://www.twitter.com/3ncr1pt3d Cheryl's BsidesTO talk: https://www.youtube.com/watch?v=q0pNWpWFKBc TuneIn Radio App: http://tunein.com/radio/Brakeing-Down-Security-Podcast-p801582/ BrakeSec Podcast Twitter: http://www.twitter.com/brakesec Join our Patreon!: https://www.patreon.com/bds_podcast Comments, Questions, Feedback: bds.podcast@gmail.com
© 2020-2025 Ivy Podcast Discovery LLC
