POPULARITY
Dave Cundiff: CylanceGUARDian of the Galaxy If you are responsible for preventing a cyber attack on your organization… What is the ultimate dilemma for this person that is trying to combat threats 24/7? This week on DirtySecurity, Edward Preston has a chat with Dave Cundiff on BlackBerrey Cylance’s newest addition to the security family: CylanceGUARD. Take a walk with Edward and Dave to learn more about what BlackBerry Cylance is doing to combine our solutions and services to continue to prevent cyberattacks from crippling your business. About Dave Cundiff Dave Cundiff is the Director of Professional Services, specializing in ThreatZERO at BlackBerry Cylance. He is an experienced Information Technology Professional with background in a number of industries, including manufacturing, software, and utilities. Have worked as a Manager, Consultant, and Analyst with an inclusive focus in Microsoft and Unix based technologies. About Edward Preston Edward Preston (@eptrader) has an eclectic professional background that stretches from the trading floors of Wall Street to data centers worldwide. Edward started his career in the finance industry, spending over 15 years in commodities and foreign exchange. With a natural talent for motivating, coaching, and mentoring loyal, goal-oriented sales teams, Edward has a track record for building effective sales teams who have solid communication lines with executive management. s Every week on the DirtySecurity Podcast, Edward Preston chats with Cylance’s best and brightest about what is happening in the world of Cybersecurity and the work Cylance is doing to make things better. Each episode shines a spotlight on the people of Cylance and the work they do with our technology and consulting services to clean up the often dirty world of the data center. To hear more, visit: ThreatVector InSecurity Podcasts: https://threatvector.cylance.com/en_us/category/podcasts.html iTunes/Apple Podcasts link: https://itunes.apple.com/us/podcast/insecurity/id1260714697?mt=2 GooglePlay Music link: https://play.google.com/music/listen#/ps/Ipudd6ommmgdsboen7rjd2lvste Make sure you Subscribe, Rate and Review!
Sherri Davidoff: Data is Hazardous Material… Act Accordingly If you want to make sure that all the data in your bank is safely secured… who better to talk to than someone who used to break into banks? Sherri Davidoff was a hacker who then turned those skills she learned as a student into a career helping others protect their data and their clients’ data. Over the years, organizations ranging from the Department of Defense to the FDIC have come to her in order to learn from her expertise. This week on DirtySecurity, Edward Preston has a chat with Sherri on a myriad of topics that affect businesses that run the gamut from sole proprietor to large enterprise. Whether it is how do deal with the monetary demands from Ranomsware hooligans (spoiler alert… work with professionals to figure it out) or what kind of cyber-hygeine steps can harden your network, Sherri has the experience and the easy deliver to help. About Sherri Davidoff Sherri Davidoff (@SherriDavidoff) is a cybersecurity expert, author, speaker and CEO of both LMG Securityand BrightWise, Inc. As a recognized expert in digital forensics and cybersecurity, Sherri has authored courses for Black Hat and the SANS Institute. She has consulted for and/or provided cybersecurity training at many notable organizations, including the Department of Defense, the American Bar Association, FFIEC/FDIC, and many more. Sherri is a faculty member at the Pacific Coast Banking School, where she teaches cybersecurity classes. She is a frequent contributor of education articles and webinars, and occasionally serves as a cybersecurity expert on television. Sherri is a GIAC-certified forensic examiner (GCFA) and penetration tester (GPEN), and holds her degree in Computer Science and Electrical Engineering from MIT. Sherri’s new book, Data Breaches: Crisis and Opportunity, will be released in 2019. This book gives a glimpse into the high-octane world of data breach disclosure and response, while showing you how to protect your organization before and after a data breach. Since her hacking days at MIT, where she was known as “Alien” and ran her first real-world social engineering and penetration tests, Sherri has been passionate about cybersecurity. You will be able to read more about her experiences as a hacker turned security consultant in Jeremy N. Smith’s 2020 book, Breaking and Entering: The Extraordinary Story of a Hacker Called “Alien”. About Edward Preston Edward Preston (@eptrader) has an eclectic professional background that stretches from the trading floors of Wall Street to data centers worldwide. Edward started his career in the finance industry, spending over 15 years in commodities and foreign exchange. With a natural talent for motivating, coaching, and mentoring loyal, goal-oriented sales teams, Edward has a track record for building effective sales teams who have solid communication lines with executive management. Every week on the DirtySecurity Podcast, Edward Preston chats with Cylance’s best and brightest about what is happening in the world of Cybersecurity and the work Cylance is doing to make things better. Each episode shines a spotlight on the people of Cylance and the work they do with our technology and consulting services to clean up the often dirty world of the data center. To hear more, visit: ThreatVector InSecurity Podcasts: https://threatvector.cylance.com/en_us/category/podcasts.html iTunes/Apple Podcasts link: https://itunes.apple.com/us/podcast/insecurity/id1260714697?mt=2 GooglePlay Music link: https://play.google.com/music/listen#/ps/Ipudd6ommmgdsboen7rjd2lvste Make sure you Subscribe, Rate and Review!
DirtySecurity: Garret Grajek: Who Does Your Computer Think You Are? Let’s ask our hacker friends… the white hats and the grey and black hats… Do identity validation tools keeping them from achieving their results? Hardly. Where to Authentication Processes come up short? Why not get the lowdown from a man who has made a career creating and improving access and authentication… On this week’s episode of Dirty Security, Edward Preston gets the skinny on BlackBerry|Cylance VP of Identity, Garret Grajek on their latest innovation: Persona. They talk about all that is right and wrong in the world of authentication and how Artificial Intelligence is changing what’s wrong while improving what’s right. Garret Grajek Garret Grajek is the VP of Identity at BlackBerry|Cylance. He is a certified security engineer with almost 30 years of experience in information security. Garret is recognized in the industry as a security visionary in in identity, access and authentication matters. He holds 8 patents involving x.509, mobile, SSO, federation and multi-factor technologies. He has worked on security projects for major commercial accounts including Dish Networks, Office Depot, TicketMaster, Oppenheimer, E*Trade, HP.com and public sector accounts as GSA, U.S. Navy, EPA an USUHS. Garret started his career as security programmer at the likes of Texas Instruments, IBM and Tandem Computers. He went on to distinguishing field security work for RSA, Netegrity and Cisco before being a founder and creator of SecureAuth IdP, a 2-Factor/SSO offering. About Edward Preston Edward Preston (@eptrader) has an eclectic professional background that stretches from the trading floors of Wall Street to data centers worldwide. Edward started his career in the finance industry, spending over 15 years in commodities and foreign exchange. With a natural talent for motivating, coaching, and mentoring loyal, goal-oriented sales teams, Edward has a track record for building effective sales teams who have solid communication lines with executive management. Every week on the DirtySecurity Podcast, Edward Preston chats with Cylance’s best and brightest about what is happening in the world of Cybersecurity and the work Cylance is doing to make things better. Each episode shines a spotlight on the people of Cylance and the work they do with our technology and consulting services to clean up the often dirty world of the data center. To hear more, visit: ThreatVector InSecurity Podcasts: https://threatvector.cylance.com/en_us/category/podcasts.html iTunes/Apple Podcasts link: https://itunes.apple.com/us/podcast/insecurity/id1260714697?mt=2 GooglePlay Music link: https://play.google.com/music/listen#/ps/Ipudd6ommmgdsboen7rjd2lvste Make sure you Subscribe, Rate and Review!
Roy Christopher: Dead Precedents… How Hip-Hop Defines the Future I have absolute control of the record. The thing was, you’re not supposed to touch the middle of the vinyl. DJs are going to hate you. People are going to hate you. You’re going to ruin these records. I decided… that this… was the only way to do this. -- Grandmaster Flash Let’s push the talk about hacking shall we? Hacking is about finding the vulnerable spots in any systems and making your own choices about how to improve that system... rarely with the permission of the system’s owners. Viewed through that prism, Hip-Hop has always been about hacking. Hacking was running 1000 feet of extension cord to a public outlet in order to have a Battle in the park. Hacking was a DJ talking over a record at a club. Hacking was Kool Herc throwing a party at 1520 Sedgwick Ave in the Bronx and not playing disco or pop music. Hacking was Grandmaster Flash touching the middle of the vinyl. Hacking is rhyming with Orange. Dr Roy Christopher has spent a lifetime listening to, researching, teaching and loving Hip-Hop. In this week’s episode of InSecurity, Matt Stephenson digs into the crates with Roy about how Hip-Hop hacked the world to become one of the most significant drivers of modern culture. This will likely be the first podcast you listen to this week featuring steganography, Li’l Pump and John Baptist Porta’s 1558 book series Magia naturalis Do we even need to go on…? Dead Precedents: How Hip-Hop Defines the Future, uses the concerns and conceits of cyberpunk to thoughtfully remap hip-hop's spread from around the way to around the world. Its central argument is that the cultural practices of hip-hop culture are the blueprint to the 21st century, and that an understanding of its appropriation of language and technology is an understanding of the now. This book is about is the many ways that the foundations of hip-hop appropriation--allusions and creative language use, as well as technology and sampling--inform the new millennium. -- www.roychristopher.com About Roy Christopher Roy Christopher (@RoyChristopher) marshals the middle between Mathers and McLuhan… He’s a self-described aging BMX and skateboarding zine kid. That’s where he learned to turn events and interviews into pages with staples. He has written about music, media, and culture for everything from magazines and blogs to journals and books. His current book, Dead Precedents: How Hip-Hop Defines the Future, is an Amazon Best Sller. Roy holds a Ph.D. in Communication Studies from the University of Texas at Austin. He is currently a Visiting Assistant Professor at the University of Illinois-Chicago and a member of the Adjunct Faculty at Loyola University Chicago Disinformation has referred to Roy as “One of the Internet’s leading interviewers of subculture and new-science icons.” Oh… as a child, he solved the Rubik’s Cube competitively. How bout that? About Matt Stephenson Insecurity Podcast host Matt Stephenson (@packmatt73) leads the Security Technology team at Cylance, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecurity podcast and host of CylanceTV Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Stephenson to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come Every week on the InSecurity Podcast, Matt interviews leading authorities in the security industry to gain an expert perspective on topics including risk management, security control friction, compliance issues, and building a culture of security. Each episode provides relevant insights for security practitioners and business leaders working to improve their organization’s security posture and bottom line. Can’t get enough of Insecurity? You can find us wherever you get your podcasts including Spotify, Stitcher, SoundCloud, I Heart Radio as well as ThreatVector InSecurity Podcasts: https://threatvector.cylance.com/en_us/category/podcasts.html iTunes/Apple Podcasts link: https://itunes.apple.com/us/podcast/insecurity/id1260714697?mt=2 GooglePlay Music link: https://play.google.com/music/listen#/ps/Ipudd6ommmgdsboen7rjd2lvste Make sure you Subscribe, Rate and Review!
Jeremiah Cornelius: Virtualization… the Trend Has Become the Standard Do you belive that my being stronger or faster has anything to do with my muscles in this place? You think that's _air_ you're breathing now? Today’s question: What Happens when you Assume Virtual Security? Virtual Machines were originally created to solve the problems of managing PC systems with mostly Windows operating systems, as a replacement for more resilient and fault tolerant technology that Intel PCs were replacing in enterprise computing. Things have evolved significantly since then. With great technology comes great security risk… what can we do to mitigate that risk and protect that virtual reality? In this week’s episode of InSecurity, Matt Stephenson digs deep into the weeds of the virtual world with industry legend Jeremiah Cornelius. They talk about what’s easy and what’s hard about securing data in virtual environments. Stick around… you may learn something before their through. About Jeremiah Cornelius Jeremiah Cornelius has been an information security professional since 1995, and was previously Executive Security Advisor and Technology Specialist for Microsoft, facilitating technical relationships with CSO's for Silicon Valley's largest Internet commerce and online media enterprises. Jeremiah's prior experience covers support of development and Internet systems security, defensive technical controls, vulnerability assessment and identifying platform and infrastructure security risks. About Matt Stephenson Insecurity Podcast host Matt Stephenson (@packmatt73) leads the Security Technology team at Cylance, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecurity podcast and host of CylanceTV Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Stephenson to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come Every week on the InSecurity Podcast, Matt interviews leading authorities in the security industry to gain an expert perspective on topics including risk management, security control friction, compliance issues, and building a culture of security. Each episode provides relevant insights for security practitioners and business leaders working to improve their organization’s security posture and bottom line. Can’t get enough of Insecurity? You can find us wherever you get your podcasts including Spotify, Stitcher, SoundCloud, I Heart Radio as well as ThreatVector InSecurity Podcasts: https://threatvector.cylance.com/en_us/category/podcasts.html iTunes/Apple Podcasts link: https://itunes.apple.com/us/podcast/insecurity/id1260714697?mt=2 GooglePlay Music link: https://play.google.com/music/listen#/ps/Ipudd6ommmgdsboen7rjd2lvste Make sure you Subscribe, Rate and Review!
DirtySecurity: Kip Boyle: Beware the Cyber-Cooties… Risk Travels We all think we are working hard to protect our data inside our corporate networks. But are we putting the same time and effort into protecting ourselves outside those walls? Risk doesn’t stop at the exit. Once those cyber-cooties get on you, they will travel with you everywhere you go. In this week’s episode of DirtySecurity, Edward Preston sits down with Kip Boyle, Founder and CEO at Cyber Risk Opportunities and author of the new book Fire Doesn’t Innovate. They chat about cyber-hygeine, the ways that risk travels beyond the walls of your corporate network and how public wi-fi is similar to a less than clean municipal swimming pool. About Kip Boyle Kip Boyle (@KipBoyle) is a 20-year information security expert and is the founder and CEO of Cyber Risk Opportunities. He is a former Chief Information Security Officer for both technology and financial services companies and was a cyber-security consultant at Stanford Research Institute (SRI). Boyle led the global IT risk management program for a $9 billion logistics company and was the Wide Area Network Security Director for the F-22 Raptor program. He has participated in several cybersecurity war game exercises and has worked closely with various government agencies including the FBI. Boyle is a US Air Force officer and serves on the board of directors of the Domestic Abuse Women’s Network (DAWN). He’s been quoted in Entrepreneur magazine, Chief Executive magazine, and is the co-author of Chapter 68, Outsourcing Security Functions, in The Computer Security Handbook. About Edward Preston Edward Preston (@eptrader) has an eclectic professional background that stretches from the trading floors of Wall Street to data centers worldwide. Edward started his career in the finance industry, spending over 15 years in commodities and foreign exchange. With a natural talent for motivating, coaching, and mentoring loyal, goal-oriented sales teams, Edward has a track record for building effective sales teams who have solid communication lines with executive management. s Every week on the DirtySecurity Podcast, Edward Preston chats with Cylance’s best and brightest about what is happening in the world of Cybersecurity and the work Cylance is doing to make things better. Each episode shines a spotlight on the people of Cylance and the work they do with our technology and consulting services to clean up the often dirty world of the data center. To hear more, visit: ThreatVector InSecurity Podcasts: https://threatvector.cylance.com/en_us/category/podcasts.html iTunes/Apple Podcasts link: https://itunes.apple.com/us/podcast/insecurity/id1260714697?mt=2 GooglePlay Music link: https://play.google.com/music/listen#/ps/Ipudd6ommmgdsboen7rjd2lvste Make sure you Subscribe, Rate and Review!
Rob Capps: 22 Years in the Trenches of Tech Jounalism If I'd written all the truth I knew for the past ten years, about 600 people - including me - would be rotting in prison cells from Rio to Seattle today. Absolute truth is a very rare and dangerous commodity in the context of professional journalism. -- Hunter S Thompson Today’s question: Can we assess the future of tech by examining it’s past? To do that, it would be worthwhile to speak with someone who was the to chronicle all that was awesome, awful, cool and weird over the past 20+ years… In this week’s episode of InSecurity, Matt Stephenson takes a walk with Rob Capps. Rob is Head of Editorial at Godfrey Dadich Parters and former editor at WIRED magazine. He has written about everything from why DVDs suck to Helena Bonham Carter to the death of the Flip camera. Want to hear from an award winning journalist who has been reporting from the front lines of technology culture for over 20 years? Rob is your man. About Rob Capps Rob Capps(@robcapps) is the Head of Editorial and a partner at Godfrey Dadich Partners. He runs the editorial division of the studio, specializing in longform narrative journalism, podcasts, documentary television and film, and other forms of non-fiction storytelling. GDP works with everyone from established media companies to large brands to emerging start-ups. Previously he was the Editorial Director of WIRED, where he oversaw editorial for all platforms, including the magazine, WIRED.com, and live events. During his 13-year career at WIRED the publication garnered 21 National Magazine Award nominations with eight wins. He also spearheaded the programing for multiple live events, including the WIRED Business Conference, the WIRED Data | Life health conference, and the WIRED x Design creativity retreat. He wrote the article “Why Things Fail,” which won the prestigious Gerald Loeb Award for Distinguished Business and Financial Journalism. His article “The Good Enough Revolution,” was discussed in publications ranging from the Economist to the New Yorker and was noted by the New York Times as one of the big ideas of the year. Rob is also the co-curator of the annual PopTechideas conference. About Matt Stephenson Insecurity Podcast host Matt Stephenson(@packmatt73) leads the Security Technology team at Cylance, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecurity podcastand host of CylanceTV Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Stephenson to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come Every week on the InSecurity Podcast, Matt interviews leading authorities in the security industry to gain an expert perspective on topics including risk management, security control friction, compliance issues, and building a culture of security. Each episode provides relevant insights for security practitioners and business leaders working to improve their organization’s security posture and bottom line. Can’t get enough of Insecurity? You can find us wherever you get your podcasts including Spotify, Stitcher, SoundCloud, I Heart Radio as well as ThreatVector InSecurity Podcasts: https://threatvector.cylance.com/en_us/category/podcasts.html iTunes/Apple Podcasts link: https://itunes.apple.com/us/podcast/insecurity/id1260714697?mt=2 GooglePlay Music link: https://play.google.com/music/listen#/ps/Ipudd6ommmgdsboen7rjd2lvste Make sure you Subscribe, Rate and Review!
DirtySecurity Podcast: Malcolm Harkins: A New Age of BYOD If we delivered a birthday cake to BYOD, how many candles would be on the cake? On this episode of DirtySecurity, we want to talk about personal devices... They are like opinions and…. Something else… everyone has one. Phones, tablets, fitbits and you could say even say Airpods? The challenges of BYOD historically, from a risk perspective, include security & privacy… On the flip side has BYOD provided any benefits to an Enterprise or Organization? About Malcolm Harkins Malcolm Harkins is responsible for Cylance’s information risk, security, public policy, and customer outreach to help improve understanding of cyber risks. Previously, he was VP and Chief Security and Privacy Officer (CSPO) at Intel. About Edward Preston Edward Preston (@eptrader)has an eclectic professional background that stretches from the trading floors of Wall Street to data centers worldwide. Edward started his career in the finance industry, spending over 15 years in commodities and foreign exchange. With a natural talent for motivating, coaching, and mentoring loyal, goal-oriented sales teams, Edward has a track record for building effective sales teams who have solid communication lines with executive management. s Every week on the DirtySecurity Podcast, Edward Preston chats with Cylance’s best and brightest about what is happening in the world of Cybersecurity and the work Cylance is doing to make things better. Each episode shines a spotlight on the people of Cylance and the work they do with our technology and consulting services to clean up the often dirty world of the data center. To hear more, visit: ThreatVector InSecurity Podcasts: https://threatvector.cylance.com/en_us/category/podcasts.html iTunes/Apple Podcasts link: https://itunes.apple.com/us/podcast/insecurity/id1260714697?mt=2 GooglePlay Music link: https://play.google.com/music/listen#/ps/Ipudd6ommmgdsboen7rjd2lvste Make sure you Subscribe, Rate and Review!
My Awesome InSecurity Podcast Mixtape: RSA Edition! RSA 2019 was another grand and glorious mess! 50,000+ attendees, vendors, journalists and who knows who else stormed San Francisco for seven days to look, listen, learn and who knows what else. We had time to sit down with a wide swath of people. We found CEOs, Engineers, Global Ambassadors and even a CIO of the White House! How bout that? Kick back and the perspectives this group of experts has to offer on the present state and future of cybersecurity Enjoy! Stuart Mcclureon the BlackBerry & Cylance, Hacking Exposed and the future BlackBerry CMO Mark Wilsonis excited about Cylance joining the BlackBerry family Tom Pace& Kevin Livellipresent Operation Shaheen at RSA Garret Grajekputs the AI in Identity Gabe Dealesees the future of BlackBerry Cylance and it Smart Cities John McClurghas been around the world… is security the tie that binds cultures? Scott Schefermanwants the industry to focus on what users need, not what vendors want Fortalice CEO Theresa Paytonis looking beyond just nation states for who is meddling with us About Matt Stephenson Insecurity Podcast host Matt Stephenson(@packmatt73) leads the Security Technology team at Cylance, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecurity podcastand host of CylanceTV Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Stephenson to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come Every week on the InSecurity Podcast, Matt interviews leading authorities in the security industry to gain an expert perspective on topics including risk management, security control friction, compliance issues, and building a culture of security. Each episode provides relevant insights for security practitioners and business leaders working to improve their organization’s security posture and bottom line. Can’t get enough of Insecurity? You can find us wherever you get your podcasts including Spotify, Stitcher, SoundCloud, I Heart Radio as well as ThreatVector InSecurity Podcasts: https://threatvector.cylance.com/en_us/category/podcasts.html iTunes/Apple Podcasts link: https://itunes.apple.com/us/podcast/insecurity/id1260714697?mt=2 GooglePlay Music link: https://play.google.com/music/listen#/ps/Ipudd6ommmgdsboen7rjd2lvste Make sure you Subscribe, Rate and Review!
Rick Holland: Analysts Make the Best CISOs In this week’s episode of InSecurity, Matt Stephenson has a chat with Rick Holland, CISO at Digital Shadows. Rick took a unique path to the CISO role, following a distinguished career as an analyst at Forrester. They touch on a myriad of subjects including Rick’s Security and Risk Playbook for CISOs Rick Holland is hard to miss online. You can hear him regularly on the Award Winning podcast ShadowTalk. He also blogs regularly and will get up to some mishceif on Twitter. If you are heading to RSA San Francisco, make sure to come and say hello to Rick, Matt and a lot of other interesting security folks Tuesday night at the Digital Shadows Security Leaders Party, Tuesday, March 5that 6.00 pm. Cylance will be at Booth #6145 in the North Hall. Swing by to see demos of Cylance’s Artificial Intelligence (AI) Platform which provides advanced endpoint protection and endpoint detection and response capabilities. Join us to see for yourself how the Cylance AI Platform delivers business value and outcomes you had been told were impossible. You can also snag some of our giveaways while you’re there, so come on by. About Rick Holland Rick Holland (@rickhholland) is the CISO and Vice President of Strategy at Digital Shadows. Rick has more than 15 years’ experience working in information security. Before joining Digital Shadows, he was a vice president and principal analyst at Forrester Research, providing strategic guidance on security architecture, operations, and data privacy. Rick also served as an intelligence analyst in the US Army. He is currently the co-chair of the SANS Cyber Threat Intelligence Summitand holds a B.S. in business administration from the University of Texas, Dallas. Rick regularly speaks at leading security conferences across the globe and has been interviewed by industry and business media including BBC News, CNN, Dark Reading, Motherboard, NPR, The Register and Wall Street Journal. About Matt Stephenson Insecurity Podcast host Matt Stephenson (@packmatt73) leads the Security Technology team at Cylance, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecurity podcast and host of CylanceTV Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Stephenson to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come Every week on the InSecurity Podcast, Matt interviews leading authorities in the security industry to gain an expert perspective on topics including risk management, security control friction, compliance issues, and building a culture of security. Each episode provides relevant insights for security practitioners and business leaders working to improve their organization’s security posture and bottom line. Can’t get enough of Insecurity? You can find us wherever you get your podcasts including Spotify, Stitcher, SoundCloud, I Heart Radio as well as ThreatVector InSecurity Podcasts: https://threatvector.cylance.com/en_us/category/podcasts.html iTunes/Apple Podcasts link: https://itunes.apple.com/us/podcast/insecurity/id1260714697?mt=2 GooglePlay Music link: https://play.google.com/music/listen#/ps/Ipudd6ommmgdsboen7rjd2lvste Make sure you Subscribe, Rate and Review!
Chuck Lerch: In Hawaii, Hi Tech Hui’s Customers Are Ohana When you think of Hawaii… what do you think of? Do you automatically go to white sands, volcanoes and surfing? Or do you think of a $3,000,000,000 IT industry that includes over 2100 related businesses? Do you think of the 31,000 people employed in the tech industry with an average industry wage that is 71% higher than the state’s annual private sector wage? Maybe it is time to reconsider your view of Hawaii… On this week’s episode of DirtySecurity, Edward Preston sits down with Chuck Lerch, CEO of Hi Tech Hui. Edward and Chuck talk about the unique nature of running an MSP in Hawaii. From the the constant battles ransomware and malware to dealing with the cloud, it turns out that it’s not always paradise living and working in… well… paradise. About Chuck Lerch Chuck Lerchis the CEO at Hi Tech Hui, based in Honolulu, Hawaii. He is an expert in IT Architecture and Infrastructure. Chuck’s diverse experience with multiple industries and startups has helped him solve the most technical and complex IT problems. He's been the CIO and CTO at security focused companies both in Hawaii and the continental United States. Chuck’s passion for secure networks is what lead him to his love and vision to bring cybersecurity solutions to the Hawaiian islands. About Edward Preston Edward Preston (@eptrader) has an eclectic professional background that stretches from the trading floors of Wall Street to data centers worldwide. Edward started his career in the finance industry, spending over 15 years in commodities and foreign exchange. With a natural talent for motivating, coaching, and mentoring loyal, goal-oriented sales teams, Edward has a track record for building effective sales teams who have solid communication lines with executive management Every week on the DirtySecurity Podcast, Edward Preston chats with Cylance’s best and brightest about what is happening in the world of Cybersecurity and the work Cylance is doing to make things better. Each episode shines a spotlight on the people of Cylance and the work they do with our technology and consulting services to clean up the often dirty world of the data center. To hear more, visit: ThreatVector InSecurity Podcasts: https://threatvector.cylance.com/en_us/category/podcasts.html iTunes/Apple Podcasts link: https://itunes.apple.com/us/podcast/insecurity/id1260714697?mt=2 GooglePlay Music link: https://play.google.com/music/listen#/ps/Ipudd6ommmgdsboen7rjd2lvste Make sure you Subscribe, Rate and Review!
Gabe Deale: Building a Sales Engineering Team to Save the World On this week’s episode of DirtySecurity, Edward Preston chats with Cylance Worldwide VP of Sales Engineering Gabe Deale. Edward and Gabe talk about a wide variety of subjects, ranging from the SE role in securing healthcare data to building an engineering team to phlebotomy… seriously… phlebotomy. What does that have to do with cybersecurity? Tune in and find out! About Gabe Deal Gabe Deal(@Gdealio) has spent over 18 years in the channel and developing startups. Most notably 10 of those years were spent serving as a consultant, an SE and ultimately in a leadership capacity to build out both the pre-sales engineering and national technology solutions consulting practices for Accuvant (now Optiv Security). The channel provided a unique vantage point from which to watch the industry evolve. In 2013, it was clear that big-data analytics and machine-learning were going to change the way we think about solving some of our most challenging security problems. He joined the Cylance team in 2014, where he’s been rapidly expanding the worldwide sales engineering team ever since. About Edward Preston Edward Preston (@eptrader) has an eclectic professional background that stretches from the trading floors of Wall Street to data centers worldwide. Edward started his career in the finance industry, spending over 15 years in commodities and foreign exchange. With a natural talent for motivating, coaching, and mentoring loyal, goal-oriented sales teams, Edward has a track record for building effective sales teams who have solid communication lines with executive management Every week on the DirtySecurity Podcast, Edward Preston chats with Cylance’s best and brightest about what is happening in the world of Cybersecurity and the work Cylance is doing to make things better. Each episode shines a spotlight on the people of Cylance and the work they do with our technology and consulting services to clean up the often dirty world of the data center. To hear more, visit: ThreatVector InSecurity Podcasts: https://threatvector.cylance.com/en_us/category/podcasts.html iTunes/Apple Podcasts link: https://itunes.apple.com/us/podcast/insecurity/id1260714697?mt=2 GooglePlay Music link: https://play.google.com/music/listen#/ps/Ipudd6ommmgdsboen7rjd2lvste Make sure you Subscribe, Rate and Review!
John Strand: How Does Defence in Depth Look Today? “Our main goal is not to prove that we can hack into a company but to help the customer deveop a series of on point solutions and technologies that will improve the overall security of the company. Testing should never be adversarial, but collaborative” -- John Strand In this week’s episode of InSecurity, Matt Stephenson sits down with John Strand. John is the owner of Black Hills Information Security. If you aren’t familiar, you may want to check out their Sacred Cash Cow Tipping webcast to learn why security love and fear BHIS. Take a walk with us on this one… Matt and John dig into hosted firewalls, Powerman 5000, types of Artificial Intelligence, Joe Vs the Volcano and a few other relevant topics. You are definitely going to want to catch this episode… About John Strand John Strand(@strandjs) is a senior instructor with the SANS Institute. He teaches SEC504: Hacker Techniques, Exploits, and Incident Handling; SEC560: Network Penetration Testing and Ethical Hacking; SEC580: Metasploit Kung Fu for Enterprise Pen Testing; and SEC464: Hacker Detection for System Administrators. John is the course author for SEC464: Hacker Detection for System Administrators and the co-author for SEC580: Metasploit Kung Fu for Enterprise Pen Testing. John is also the owner of Black Hills Information Security, a company specializing in penetration testing and security architecture services. He feels strongly that education is how the world of information security will change for the better and spends a considerable amount of time teaching and presenting around the world. He has presented for the FBI, NASA, the NSA, DefCon and is a frequent guest on Enterprise Security Weekly. In his spare time he writes loud rock music and makes various futile attempts at fly-fishing. There’s a reason the name Black Hills Information Security puts security vendors on notice… check out their webcasts and podcasts to find out why. About Matt Stephenson Insecurity Podcast host Matt Stephenson (@packmatt73) leads the Security Technology team at Cylance, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecurity podcast and host of CylanceTV Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Stephenson to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come Every week on the InSecurity Podcast, Matt interviews leading authorities in the security industry to gain an expert perspective on topics including risk management, security control friction, compliance issues, and building a culture of security. Each episode provides relevant insights for security practitioners and business leaders working to improve their organization’s security posture and bottom line. Can’t get enough of Insecurity? You can find us wherever you get your podcasts including Spotify, Stitcher, SoundCloud, I Heart Radio as well as ThreatVector InSecurity Podcasts: https://threatvector.cylance.com/en_us/category/podcasts.html iTunes/Apple Podcasts link: https://itunes.apple.com/us/podcast/insecurity/id1260714697?mt=2 GooglePlay Music link: https://play.google.com/music/listen#/ps/Ipudd6ommmgdsboen7rjd2lvste Make sure you Subscribe, Rate and Review!
Rob Bathurst: Is It Even Possible to Secure Connected Medical Devices? Global spending on Medical IoT has exploded. In 2015, research showed it at $5 Billion. Current projections for 2020 state that Medical IT spending will top $20 Billion. McKinsey predicts the IoT market will be worth $581 Billion for Industrial Control Technology by 2020 Connected medical devices and other IoT embedded systems are big targets for criminal organizations looking to capitalize on any weakness in their security. But it’s not just criminals. Connected devices are attractive targets for a variety of bad actors including nation states who are looking for any weak spot to gain entrance into networks and cause chaos On this week’s episode of DirtySecurity, Edward Preston sits down with Cylance the Worldwide Managing Director of Healthcare Rob Bathurst. Rob addresses the unique challenges that Healthcare providers face in protecting their medical devices. With the rise of connected devices and IoT in healthcare, there are more vulnerable points than ever that must be secured and protected. About Rob Bathurst Rob Bathurst is the Worldwide Managing Director of Healthcare at Cylance. Rob also serves as the General Manager of CypherFrame. With over 16 years in information technology and cybersecurity leadership, Rob is a recognized expert in embedded systems and strategic information security spaces and is often requested as an executive advisor and consultant. Prior to Cylance, Rob was the senior technical advisor for emerging threats to healthcare at the Mayo Clinic where he started and built the technical vulnerability assessment team and in-house medical device testing program. In his executive capacity, Rob has led and overseen engineering and security services for multiple Fortune 100 clients in everything from automotive to healthcare. About Edward Preston Edward Preston (@eptrader) has an eclectic professional background that stretches from the trading floors of Wall Street to data centers worldwide. Edward started his career in the finance industry, spending over 15 years in commodities and foreign exchange. With a natural talent for motivating, coaching, and mentoring loyal, goal-oriented sales teams, Edward has a track record for building effective sales teams who have solid communication lines with executive management Every week on the DirtySecurity Podcast, Edward Preston chats with Cylance’s best and brightest about what is happening in the world of Cybersecurity and the work Cylance is doing to make things better. Each episode shines a spotlight on the people of Cylance and the work they do with our technology and consulting services to clean up the often dirty world of the data center. To hear more, visit: ThreatVector InSecurity Podcasts: https://threatvector.cylance.com/en_us/category/podcasts.html iTunes/Apple Podcasts link: https://itunes.apple.com/us/podcast/insecurity/id1260714697?mt=2 GooglePlay Music link: https://play.google.com/music/listen#/ps/Ipudd6ommmgdsboen7rjd2lvste Make sure you Subscribe, Rate and Review!
Stephanie Domas: Maybe Your Pacemaker Can’t Kill You Being a CISO for a large healthcare organization has a degree of difficulty that will give you a headache. For a second… forget about the fact that hospitals are here to heal, cure and research. Take a cold, clinical look just at the medical technology involved in a hospital Let’s look at one Healthcare org as an example: The Mayo Clinic has 25,000 networkd medical devices More than 6,000 unique makes and models Industry Best Practices states that each device should have A unique 20 character password For every employee On every device A system that locks users out after 10 minutes of inactivity A new passwords every 30 days Mayo Clinic has 63,000 doctors, and allied health staff Do the math... That’s around 19,000,000,000 passwords to be entered. And that’s assuming no one is automatically logged out after 10 minutes of inactivity. In the healthcare industry, inefficiency can cost lives. But so can a lack of security. In this week’s episode of InSecurity, Matt Stephenson talks with Stephanie Domas. Stephanie is the Vice President of Research & Development at MedSec. Her job is to oversee the design and manufacture of connected medical device solutions that save lives, but are also secure. File this one under “be careful what you wish for.” About Stephanie Domas Stephanie Domas is a driven leader and respected industry authority in healthcare, and device cybersecurity. Her passion for cybersecurity, secure product design, and healthcare has earned her industry recognition and presentations at dozens of cybersecurity and healthcare conferences. In her current role as Vice President of Research & Development at MedSec she leads business strategy, engineering and research teams to deliver service and product offerings that help the Healthcare community meet the unique challenges of cybersecurity in medical devices. Her current focus is leading product cyber security teams, software development teams, and business strategy for a wide range of services and product offerings, along with implementing security governance programs into quality systems and design process Stephanie has presented security talks at some of the most important events in the world, including Black Hat, DEFCON, DerbyCon and a myriad of notable Healthcare conferences. Make sure to check out Stephanies Ted Talk: Protecting Medical Devices from Cyberharm About Matt Stephenson Insecurity Podcast host Matt Stephenson (@packmatt73) leads the Security Technology team at Cylance, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecurity podcast and host of CylanceTV Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Stephenson to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come Every week on the InSecurity Podcast, Matt interviews leading authorities in the security industry to gain an expert perspective on topics including risk management, security control friction, compliance issues, and building a culture of security. Each episode provides relevant insights for security practitioners and business leaders working to improve their organization’s security posture and bottom line. Can’t get enough of Insecurity? You can find us wherever you get your podcasts including Spotify, Stitcher, SoundCloud, I Heart Radio as well as ThreatVector InSecurity Podcasts: https://threatvector.cylance.com/en_us/category/podcasts.html iTunes/Apple Podcasts link: https://itunes.apple.com/us/podcast/insecurity/id1260714697?mt=2 GooglePlay Music link: https://play.google.com/music/listen#/ps/Ipudd6ommmgdsboen7rjd2lvste Make sure you Subscribe, Rate and Review!
Steve Mancini: Tip Toe through a Corporate Security Minefield with a CISO When was the last time you changed any of your passwords? Have you ever accidentally sent or received sensitive corporate information? Ever walk away from your computer without locking the screen? Seems like simple stuff… However, if you are the Deputy CISO of a cybersecurity company, it is your job to make sure that your co-workers are all maintaining the highest levels of operational security. On this week’s episode of DirtySecurity, Edward Preston takes a stroll with with Cylance Deputy Chief Information and Security Officer Steve Mancini. Steve walks Edward through many of the minefields a CISO must face in order to protect a company. Threats always come from the outside, but sometimes the biggest dangers are not malicious, as they come from within. Is training the answer? Is changing the corporate culture the right way to go? Tune in and find out! About Steve Mancini Steve Mancini currently serves as the Deputy Chief Information Security Officer at Cylance, where he and his team focus on risk management, security strategy, operational security, and incident response for the company. Steve worked for seventeen years at Intel, where he established programs around security community outreach, threat intelligence, APT response, and emerging threat analysis. Outside of work he co-chairs efforts to formalize a threat intelligence sharing policy framework (IEP), contributes to several working groups through the CEB CISO Coalition, and serves on the program committee for some of his favorite security conferences. This may or may not be Steve’s actual photo. What do you want from us? He’s a Deputy CISO… security is his business! About Edward Preston Edward Preston (@eptrader) has an eclectic professional background that stretches from the trading floors of Wall Street to data centers worldwide. Edward started his career in the finance industry, spending over 15 years in commodities and foreign exchange. With a natural talent for motivating, coaching, and mentoring loyal, goal-oriented sales teams, Edward has a track record for building effective sales teams who have solid communication lines with executive management Every week on the DirtySecurity Podcast, Edward Preston chats with Cylance’s best and brightest about what is happening in the world of Cybersecurity and the work Cylance is doing to make things better. Each episode shines a spotlight on the people of Cylance and the work they do with our technology and consulting services to clean up the often dirty world of the data center. To hear more, visit: ThreatVector InSecurity Podcasts: https://threatvector.cylance.com/en_us/category/podcasts.html iTunes/Apple Podcasts link: https://itunes.apple.com/us/podcast/insecurity/id1260714697?mt=2 GooglePlay Music link: https://play.google.com/music/listen#/ps/Ipudd6ommmgdsboen7rjd2lvste Make sure you Subscribe, Rate and Review!
Marcus Carey: Tribe of Hackers There are already hundreds of thousands of cybersecurity professionals and according to some sources, there is a shortage of several more hundreds of thousands. With his new book Tribe of Hackers, Marcus Carey wants to change that. Tribe of Hackers is a collection of industry, career, and personal insights from 70 cybersecurity luminaries. In this week’s episode of InSecurity, Matt Stephenson sits down with world renowned hacker Marcus Carey, CEO of Threatcare, to talk about talk about his new book, Tribe of Hackers as well as mentors from his past who have influenced him and, by extension, influenced the world of cybersecurity. About Tribe of Hackers These are the wisdom and perspectives of real-life hackers and cybersecurity practitioners, including David Kennedy, Wendy Nather, Lesley Carhart, and Bruce Potter. Threatcare will be giving away three copies per day (fifteen total) at the RSA Conference. Follow Threatcare on Twitter and Sign Up for the Risk Report to learn more about the details. All proceeds from the book will go towards Bunker Labs, Sickle Cell Disease Association of America, Rainforest Partnership, and Start-Up! Kid’s Club. About Marcus Carey Marcus Carey is renowned in the cybersecurity industry and has spent his more than 20-year career working in penetration testing, incident response, and digital forensics with federal agencies such as NSA, DC3, DIA, and DARPA. He started his career in cryptography in the U.S. Navy and holds a Master’s degree in Network Security from Capitol College. Marcus regularly speaks at security conferences across the country. Currently, working as founder and CEO of cybersecurity company Threatcare, Marcus is passionate about giving back to the community through things like mentorship, hackathons, and speaking engagements, and is a voracious reader in his spare time. Tribe of Hackers is his first published book, but will definitely not be his last. About Matt Stephenson Insecurity Podcast host Matt Stephenson (@packmatt73) leads the Security Technology team at Cylance, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecurity podcast and host of CylanceTV Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Stephenson to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come Every week on the InSecurity Podcast, Matt interviews leading authorities in the security industry to gain an expert perspective on topics including risk management, security control friction, compliance issues, and building a culture of security. Each episode provides relevant insights for security practitioners and business leaders working to improve their organization’s security posture and bottom line. Can’t get enough of Insecurity? You can find us wherever you get your podcasts including Spotify, Stitcher, SoundCloud, I Heart Radio as well as ThreatVector InSecurity Podcasts: https://threatvector.cylance.com/en_us/category/podcasts.html iTunes/Apple Podcasts link: https://itunes.apple.com/us/podcast/insecurity/id1260714697?mt=2 GooglePlay Music link: https://play.google.com/music/listen#/ps/Ipudd6ommmgdsboen7rjd2lvste Make sure you Subscribe, Rate and Review!
Bill Strub: Durability among MSPs in Cybersecurity Your Inbox, voice-mailbox and social media feeds (aka unfiltered research pages) … are filling up everyday with spam and junk from companies trying to tell you that the aliens from Saturn’s 3rd moon are about to attack and your organization clearly do not have the best security posture. To compound the problem… many of the claims in the junk are true… or at least contain a nugget of truth 3rd party Consultants, Resellers, Managed Security Service Providers … what does it take to be durable among so many other vendors in the cybersecurity space? Do you have to get lucky? Do you have to find one magical product or servic? What is the secret? On this week’s episode of DirtySecurity, Edward Preston chats with Navilogic Co-Founder Bill Strub on the appeal of founding a new organization in an ever-crowding cybersecurity industry. They also take a look at the work Navilogic is doing to with some new and exciting young companies you may not have heard so much about and why new and/or different approaches work better for Navilogic’s customers. About Navilogic NaviLogic offers managed and co-managed services and technologies to help their clients take control of their risk and compliance, drive efficiency, and use actionable insights to enable effective decisions. About Bill Strub Bill Strub is the co-founder of Navilogic. He is a dynamic and strategic IT security leader and consulting executive with more than 20 years of accomplishment in growing and expanding businesses. He is an entrepreneur and business leader with success integrating strategies, innovations, technologies, and personnel to build successful teams. Prior to co-founding NaviLogic in 2014, Bill was Director of Strategic Alliances for Qualys, a cloud security and compliance services firm. Before that, Mr. Strub co-founded and served as Vice President of Service Offerings for Accuvant (now Optiv Security). While at Accuvant, Bill played a leading role in building one of the largest, most well-respected information security providers in the United States. About Edward Preston Edward Preston (@eptrader) has an eclectic professional background that stretches from the trading floors of Wall Street to data centers worldwide. Edward started his career in the finance industry, spending over 15 years in commodities and foreign exchange. With a natural talent for motivating, coaching, and mentoring loyal, goal-oriented sales teams, Edward has a track record for building effective sales teams who have solid communication lines with executive management Every week on the DirtySecurity Podcast, Edward Preston chats with Cylance’s best and brightest about what is happening in the world of Cybersecurity and the work Cylance is doing to make things better. Each episode shines a spotlight on the people of Cylance and the work they do with our technology and consulting services to clean up the often dirty world of the data center. To hear more, visit: ThreatVector InSecurity Podcasts: https://threatvector.cylance.com/en_us/category/podcasts.html iTunes/Apple Podcasts link: https://itunes.apple.com/us/podcast/insecurity/id1260714697?mt=2 GooglePlay Music link: https://play.google.com/music/listen#/ps/Ipudd6ommmgdsboen7rjd2lvste Make sure you Subscribe, Rate and Review! and compliance services firm. Before that, Mr. Strub co-founded and served as Vice President of Service Offerings for Accuvant (now Optiv Security). While at Accuvant, Bill played a leading role in building one of the largest, most well-respected information security providers in the United States. About Edward Preston Edward Preston (@eptrader) has an eclectic professional background that stretches from the trading floors of Wall Street to data centers worldwide. Edward started his career in the finance industry, spending over 15 years in commodities and foreign exchange. With a natural talent for motivating, coaching, and mentoring loyal, goal-oriented sales teams, Edward has a track record for building effective sales teams who have solid communication lines with executive management Every week on the DirtySecurity Podcast, Edward Preston chats with Cylance’s best and brightest about what is happening in the world of Cybersecurity and the work Cylance is doing to make things better. Each episode shines a spotlight on the people of Cylance and the work they do with our technology and consulting services to clean up the often dirty world of the data center. To hear more, visit: ThreatVector InSecurity Podcasts: https://threatvector.cylance.com/en_us/category/podcasts.html iTunes/Apple Podcasts link: https://itunes.apple.com/us/podcast/insecurity/id1260714697?mt=2 GooglePlay Music link: https://play.google.com/music/listen#/ps/Ipudd6ommmgdsboen7rjd2lvste Make sure you Subscribe, Rate and Review!
Ramita Sawhney: You Build the Things; MSSPs Will Secure Your Data According to SecurityBoulevard.com, more Managed Service Providers will partner up with Managed SecurityService Providers in 2019 than ever before. This can be great news for the enduser. A good MSSP will handle their data security allowing the enduser to focus on their business. But what about the companies who make the security solutions? This can be a tricky situation, as they need to develop their solutions to fit the needs of the MSSP, the MSP and the enduser. Who would be crazy enough to sign up for a gig that includes this many variables? On this week’s episode of DirtySecurity, Edward Preston chats with Cylance Senior Product Manager Ramita Sawhney to find out what, exactly, is involved in evolving a security solution from an enterprise model to one who plays well in the MSSP world. About Ramita Sawhney Ramita Sawhney is a Technical Product Management leader with expertise in building enterprise software in cybersecurity, primarily responsible for development of cloud console, RESTful APIs, and strategic partner integrations. She has extensive experience and passion for building products from ideation to launch through all phases of product development, including market research, competitive analysis, user requirements, UI/UX design, development, beta testing and go-to-market. About Edward Preston Edward Preston(@eptrader)has an eclectic professional background that stretches from the trading floors of Wall Street to data centers worldwide. Edward started his career in the finance industry, spending over 15 years in commodities and foreign exchange. With a natural talent for motivating, coaching, and mentoring loyal, goal-oriented sales teams, Edward has a track record for building effective sales teams who have solid communication lines with executive management Every week on the DirtySecurity Podcast, Edward Preston chats with Cylance’s best and brightest about what is happening in the world of Cybersecurity and the work Cylance is doing to make things better. Each episode shines a spotlight on the people of Cylance and the work they do with our technology and consulting services to clean up the often dirty world of the data center. To hear more, visit: ThreatVector InSecurity Podcasts: https://threatvector.cylance.com/en_us/category/podcasts.html iTunes/Apple Podcasts link: https://itunes.apple.com/us/podcast/insecurity/id1260714697?mt=2 GooglePlay Music link: https://play.google.com/music/listen#/ps/Ipudd6ommmgdsboen7rjd2lvste Make sure you Subscribe, Rate and Review!
Dave Bittner: The Cyberwire is the Cybersecurity Paper of Record “Were it left to me to decide whether we should have a government without newspapers, or newspapers without a government, I should not hesitate a moment to prefer the latter.” Thomas Jefferson(before he became president) “Nothing can now be believed which is seen in a newspaper. Truth itself becomes suspicious by being put into that polluted vehicle.” Thomas Jefferson(While serving 2ndterm as president) Odds are, if you are affiliated with cybersecurity in any way, you have been touched by The Cyberwire. They are a cyber security-focused news service which is viewed as a trusted, independent voice in the world of news swirling around cybersecurity. Cyberwire delivers accessible and relevant information by working hard to separate the signal from the noise in an industry overloaded with information and competing messages As our world gets more connected with each new wired device, each new piece of IoT, we need to understand how to protect these things, and by extension, ourselves. In this week’s episode of InSecurity, Matt Stephenson chats with Dave Bittner about Cybersecurity in the year that was and the year to come. They also quote Albert Brooks, discuss octopus eyeballs and debate the merits of Vinyl LPsand cassettescompared to digital music and streaming. You’re not going to want to miss this one… About Dave Bittner Dave Bittner(@bittner) is the Producer and host of the CyberWire DailyPodcast, the top-ranking daily cybersecurity podcast in the world according to iTunes. In addition his duties as host of the CyberWire podcast, he also hosts the Hacking Humans&Recorded Futurepodcasts. Bittner has over twenty years experience in digital media, video and television production and interactive technology. He has developed award winning interactive training programs for a variety of industries, and produced countless corporate, industrial and broadcast programs as co-owner of Pixel Workshop. About Matt Stephenson Insecurity Podcast host Matt Stephenson(@packmatt73) leads the Security Technology team at Cylance, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecurity podcastand host of CylanceTV Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Stephenson to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come Every week on the InSecurity Podcast, Matt interviews leading authorities in the security industry to gain an expert perspective on topics including risk management, security control friction, compliance issues, and building a culture of security. Each episode provides relevant insights for security practitioners and business leaders working to improve their organization’s security posture and bottom line. Can’t get enough of Insecurity? You can find us wherever you get your podcasts including Spotify, Stitcher, SoundCloud, I Heart Radio as well as ThreatVector InSecurity Podcasts: https://threatvector.cylance.com/en_us/category/podcasts.html iTunes/Apple Podcasts link: https://itunes.apple.com/us/podcast/insecurity/id1260714697?mt=2 GooglePlay Music link: https://play.google.com/music/listen#/ps/Ipudd6ommmgdsboen7rjd2lvste Make sure you Subscribe, Rate and Review!
Doris Yang: It Takes a Village to Raise a Security Solution “Trust the process” -- Several people associated with the Philadelphia 76ers Most of you are probably aware that developing, testing and releasing a successful and useful software is not a one person job. There may be a visionary who sparks the initial idea, but there is an, at times, arduous process to develop the idea, write the code, test the solution and get it to market in a timeframe that makes it useful to its target market. We all know the role that developers and engineers play in this process, but we may not be as educated on a team who plays a key role… Product Management. On this week’s episode of DirtySecurity, guest host Matt Stephenson chats with Cylance Senior Director of Product Management Doris Yang. Doris explains what it means to be a Product Manager and the role PM plays in the development process. She also digs into Cylance’s Product Management process as well as the role AI can play in the future. About Doris Yang Doris Yangis a Senior Director of Product Management at Cylance where she plays a pivotal role in defining the development and evolution of the CylancePROTECT solution. Before joining Cylance, Doris held senior product management and engineering positions at Vectra Networks, Palo Alto Networks and Symantec. It’s safe to say she has a pretty good idea of how to bring a good security solution to market. About Matt Stephenson (Fill in) DirtySecurity host Matt Stephenson(@packmatt73) leads the Security Technology team at Cylance, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecurity podcastand host of CylanceTV Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Stephenson to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come About Edward Preston Edward didn’t host this episode, but this is his show, so we need to make sure you know what’s up. Edward Preston(@eptrader)has an eclectic professional background that stretches from the trading floors of Wall Street to data centers worldwide. Edward started his career in the finance industry, spending over 15 years in commodities and foreign exchange. With a natural talent for motivating, coaching, and mentoring loyal, goal-oriented sales teams, Edward has a track record for building effective sales teams who have solid communication lines with executive management Every week on the DirtySecurity Podcast, Edward Preston chats with Cylance’s best and brightest about what is happening in the world of Cybersecurity and the work Cylance is doing to make things better. Each episode shines a spotlight on the people of Cylance and the work they do with our technology and consulting services to clean up the often dirty world of the data center. To hear more, visit: ThreatVector InSecurity Podcasts: https://threatvector.cylance.com/en_us/category/podcasts.html iTunes/Apple Podcasts link: https://itunes.apple.com/us/podcast/insecurity/id1260714697?mt=2 GooglePlay Music link: https://play.google.com/music/listen#/ps/Ipudd6ommmgdsboen7rjd2lvste Make sure you Subscribe, Rate and Review!
My Awesome InSecurity Podcast Mixtape! 2018 was quite a year in the world of cybersecurity. Here at the inSecurity Podcast we had the incredible good fortune to speak with some of the top minds in the industry about all kinds of different subjects. We ran the gamut from an Amazon Best Selling Authorto the creator of Microsoft’s first Bug Bounty Program to a superstar Nerdcore MC. And that’s barely scratching the surface! Of course we want you to check out each podcast to get the full lowdown from each expert… but in the meantime, pop in this epic mixtape and taste a sample of the amazing work being done by some of the best minds in the industry. Enjoy! Clint Watts: Crank Calling Carfeezi… the Early Days of Social Engineering Jenny Radcliffe: The Difference Between Hacking and Social Engineering Nick Percoco: The Evolving Roll of the Hacker Pete Herzog: We Have to Teach Kids to Hack Kip Boyle: Good Cyberhygeine Can Save a Small Business Brian Fanzo: Collaberation is the Future of Innovation Pete Schiefelbein: Comparing Cybersecurity Between Military and Civilian Operations Ellinor Mills: When Security Became the Story Katie Moussouris: A Bug? A Glitch? Maybe It’s Just Poor Coding OHM-I: Young Black Men in Technology HUGE shoutout to OHM-I for contributing two killer tracks to the broadcast Domain Internet Connection Dig into his virtual crates on Bandcampand Soundcloudto hear more! About Matt Stephenson Insecurity Podcast host Matt Stephenson (@packmatt73) leads the Security Technology team at Cylance, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecurity podcast and host of CylanceTV Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Stephenson to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come Every week on the InSecurity Podcast, Matt interviews leading authorities in the security industry to gain an expert perspective on topics including risk management, security control friction, compliance issues, and building a culture of security. Each episode provides relevant insights for security practitioners and business leaders working to improve their organization’s security posture and bottom line. Can’t get enough of Insecurity? You can find us wherever you get your podcasts including Spotify, Stitcher, SoundCloud, I Heart Radio as well as ThreatVector InSecurity Podcasts: https://threatvector.cylance.com/en_us/category/podcasts.html iTunes/Apple Podcasts link: https://itunes.apple.com/us/podcast/insecurity/id1260714697?mt=2 GooglePlay Music link: https://play.google.com/music/listen#/ps/Ipudd6ommmgdsboen7rjd2lvste Make sure you Subscribe, Rate and Review!
InSecurity Podcast: Sara Lofgren: What the Hell does IoT Even Mean? An 80s keypad stuck on a 60s computer system. Take two things that work and nail them together Sam “The Falcon” Wilson Ultimate Galactus Trilogy– Warren Ellis IOT: even the name has different meanings to different people. While people in technology know that IOT stands for “Internet of Things,” what counts as a thing? IOT adoption is ramping faster than home PC or WWW adoption did. The small price tag, stand-alone nature, ease-of-use, and business value of IOT make it appealing to both individuals and industry. With any new technology, utility always proceeds security. So unsurprisingly, security is currently the biggest hurdle to adoption - or as some technologists joke, “there is no 'S' in IOT”. In this week’s episode of InSecurity, Matt Stephenson chats with Sara Lofgren about the present state and future of the Internet of Things. As discrete network boundaries continue to dissolve, the web of connected things will continue to grow and be increasingly vulnerable. These always connected, diverse, and limited-function devices will need a bold and visionary security solution that does not require human interaction. Sara wants to make sure that we are doing the needful to protect the Things, the Data and ourselves… About Sara Lofgren Sara Lofgren is the Channel Sales Engineering Manager at Cylance. She has been working in computer security for over a decade, with focus on solving enterprise security problems through the union of technology, people, and processes. Besides malware, her other main areas of interest include privacy, cryptography, and technology regulations. About Matt Stephenson Insecurity Podcast host Matt Stephenson(@packmatt73) leads the Security Technology team at Cylance, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecurity podcastand host of CylanceTV Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Stephenson to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come Every week on the InSecurity Podcast, Matt interviews leading authorities in the security industry to gain an expert perspective on topics including risk management, security control friction, compliance issues, and building a culture of security. Each episode provides relevant insights for security practitioners and business leaders working to improve their organization’s security posture and bottom line. Can’t get enough of Insecurity? You can find us wherever you get your podcasts including Spotify, Stitcher, SoundCloud, I Heart Radio as well as ThreatVector InSecurity Podcasts: https://threatvector.cylance.com/en_us/category/podcasts.html iTunes/Apple Podcasts link: https://itunes.apple.com/us/podcast/insecurity/id1260714697?mt=2 GooglePlay Music link: https://play.google.com/music/listen#/ps/Ipudd6ommmgdsboen7rjd2lvste Make sure you Subscribe, Rate and Review!
DirtySecurity Podcast: Anton Grashion: The Private Parts of Security Does privacy even exist any more? Who has access to you and your data? The launch of GDPR in Europe, the signing of the Japanese Act on the Protection of Personal Information (APPI), and the Brazilian Lei Geral de Proteção de Dados (LGPD) started a global shift toward comprehensive data privacy regulations. Gartner predicts that by the end of 2018, more than 50 percentof companies affected by GDPR will not be in full compliance with the requirements. With just a few weeks left to go in the year, many global organizations still fail to adhere to the regulation’s strict conditions and are instead taking a wait-and-see approach. They mistakenly believe compliance only affects large organizations with deep pockets. Cylance provides needed resources to organizations that don’t have the IT and personnel budgets to meet compliance regulations on their own—from identification to remediation to ongoing prevention. In this week’s episode of DirtySecurity, Edward Preston talks with Cylance Managing Director of Security Practice Dr Anton Grisham about living in a post-GDPR world. The pressure is on businesses now to respect and protect the privacy of people across the UK and European Union. About Anton Grashion Anton Grashion, PhD (@doctor_know) is Managing Director, Security Practice at Cylance. Anton has a Masters in Computer Science and PhD in Aritificial Intelligence from Staffordshire University. He’s been in the security game for over 25 years, having founded one of the UK’s first email security-as-a-service companies in 1989. When not working to secure every device under the sun, Anton is a beekeeper and self-describe “rabid” rugby league fan. About Edward Preston Edward Preston (@eptrader) is the Global Director of Consumer Sales at Cylance. Over the past 22 years, Edward has created an eclectic professional portfolio that stretches from the trading floors of Wall Street to data centers worldwide. Edward started his career in the finance industry, spending over 15 years in commodities and foreign exchange. With a natural talent for motivating, coaching, and mentoring loyal, goal-oriented sales teams, Edward has a track record for building effective sales teams who have solid communication lines with executive management. Edward joined Cylance in January 2015 in order to help Cylance build out their Business Development, Renewals and SMB divisions and is now a natural evangelist for the entire Cylance brand. Every week on the DirtySecurity Podcast, Edward Preston chats with Cylance’s best and brightest about what is happening in the world of Cybersecurity and the work Cylance is doing to make things better. Each episode shines a spotlight on the people of Cylance and the work they do with our technology and consulting services to clean up the often dirty world of the data center. To hear more, visit: ThreatVector InSecurity Podcasts: https://threatvector.cylance.com/en_us/category/podcasts.html iTunes/Apple Podcasts link: https://itunes.apple.com/us/podcast/insecurity/id1260714697?mt=2 GooglePlay Music link: https://play.google.com/music/listen#/ps/Ipudd6ommmgdsboen7rjd2lvste Make sure you Subscribe, Rate and Review!
Poking the Bear: Three-Year Campaign Targets Russian Critical Infrastructure Nation-state conflict has come to dominate many of the policy discussions and much of the strategic thinking about cybersecurity. When events of geopolitical significance hit the papers, researchers look for parallel signs of sub rosacyber activity carried out by state-sponsored threat actors—espionage, sabotage, coercion, information operations—to complete the picture. After all, behind every story may lurk a cyber campaign. Rosneft is a Russian company which likes to refer to itself as one of the largest publicly traded oil companies in the world. According to the New York Times, it is also a prominent foreign policy toolof the Russian government. More than half of the company is owned by Moscow and serves as a major pillar of critical infrastructure for Russia as well as other neighboring nation states. Rosneft is a large company with a very wide reach. It plays a massive role in Russian critical infrastructure as well in surrounding countries. There are HUGE sums of money involved in its privatization. It also wields incredible domestic and international political power. All of these characteristics made it a highly likely and legitimate target of foreign espionage efforts. In today’s episode of InSecurity, Matt Stephenson talks with Cylance Directors of Threat Intelligence Jon Gross and Kevin Livelli about their new report: Poking the Bear. Their research team took a look at an Advanced Persistent Threat campaign which targeted many state-sponsored fuel and agricultural companies as well as critical infrastructure organizations. About Jon Gross Jon Gross is a Director of Threat Intelligence at Cylance. Other than that… he doesn’t tell us much About Kevin Livelli Kevin Livelliis Director of Threat Intelligence at Cylance, where he conducts long-term, complex investigations with the Research and Intelligence team. His work there follows ten years at 60 Minutes, where his investigative reporting and analysis were recognized with Peabody and Emmy awards. Before that, Livelli supervised investigations at the nation’s largest independent police oversight agency. A graduate of Dartmouth, he earned master's degrees from Trinity College Dublin and Columbia University. About Matt Stephenson Insecurity Podcast host Matt Stephenson(@packmatt73) leads the Security Technology team at Cylance, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecurity podcastand host of CylanceTV Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Stephenson to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come Every week on the InSecurity Podcast, Matt interviews leading authorities in the security industry to gain an expert perspective on topics including risk management, security control friction, compliance issues, and building a culture of security. Each episode provides relevant insights for security practitioners and business leaders working to improve their organization’s security posture and bottom line. Can’t get enough of Insecurity? You can find us wherever you get your podcasts including Spotify, Stitcher, SoundCloud, I Heart Radio as well as ThreatVector InSecurity Podcasts: https://threatvector.cylance.com/en_us/category/podcasts.html iTunes/Apple Podcasts link: https://itunes.apple.com/us/podcast/insecurity/id1260714697?mt=2 GooglePlay Music link: https://play.google.com/music/listen#/ps/Ipudd6ommmgdsboen7rjd2lvste Make sure you Subscribe, Rate and Review!
DirtySecurity Podcast: Rich Thompson: How Do You Stay Ahead of the Unknown? “We don’t know what we don’t know” -- Donald Rumsfeld What is the cybersecurity industry doing to protect our users from the unknown? How can we keep our networks clean when the bad actors are continuously evolving in order to avoid detection? In this week’s episode of DirtySecurity, Edward Preston talks with Cylance Vice President of Sales Engineering Rich Thompson about how Cylance exceeds the standards set by technologies rooted in human behavior and performance. In order to reach a state of prevention and stop reacting to events that have already occurred, the cybersecurity industry must evolve. About Rich Thompson Richard Thompson(@TheRichThompson) is Vice President of Sales Engineering, North America at Cylance. He has 25+ years of experience in security. This includes 21 years leading security efforts at the regional and national level in the retail industry, and 5 years leading Sales Engineering and Professional Services efforts in the enterprise software industry. He has experience in forensics, incident response, electronic discovery, information risk management and governance. Rich joined Cylance in October 2014 in order to help Cylance in the vision of protecting every endpoint under the sun. He also has surprisingly wide-ranging musical taste. About Edward Preston Edward Preston(@eptrader)has an eclectic professional background that stretches from the trading floors of Wall Street to data centers worldwide. Edward started his career in the finance industry, spending over 15 years in commodities and foreign exchange. With a natural talent for motivating, coaching, and mentoring loyal, goal-oriented sales teams, Edward has a track record for building effective sales teams who have solid communication lines with executive management. Every week on the DirtySecurity Podcast, Edward Preston chats with Cylance’s best and brightest about what is happening in the world of Cybersecurity and the work Cylance is doing to make things better. Each episode shines a spotlight on the people of Cylance and the work they do with our technology and consulting services to clean up the often dirty world of the data center. To hear more, visit: ThreatVector InSecurity Podcasts: https://threatvector.cylance.com/en_us/category/podcasts.html iTunes/Apple Podcasts link: https://itunes.apple.com/us/podcast/insecurity/id1260714697?mt=2 GooglePlay Music link: https://play.google.com/music/listen#/ps/Ipudd6ommmgdsboen7rjd2lvste Make sure you Subscribe, Rate and Review!
DirtySecurity Podcast: Scott Scheferman on SamSam, hotel data breaches and where they interect Last week was a big week in the world of Cybersecurity. The US Government capped off a nearly 3 year investigation into the SamSam ransomware campaign when it issued indictments for 2 Iranian hackers. Also… global hotel chain Marriott announced a data breach that could affect over 500,000,000 accounts for its worldwide membership. What do these events have in common? Edward Preston talked to Cylance Sr Director of Global Services Scott Scheferman to find out. About Scott Scheferman Scott Scheferman wears many hats at Cylance, working between the white spaces on the org chart to ensure timely delivery of our Consulting Services, effective messaging around the value of predictive AI in the context of cybersecurity operations and risk, research around how the Temporal Predictive Advantaged (TPA) of Cylance’s AI affects the broader malware economy, and public speaking at conferences and seminars around the country. About Edward Preston Edward Preston(@eptrader)has an eclectic professional background that stretches from the trading floors of Wall Street to data centers worldwide. Edward started his career in the finance industry, spending over 15 years in commodities and foreign exchange. With a natural talent for motivating, coaching, and mentoring loyal, goal-oriented sales teams, Edward has a track record for building effective sales teams who have solid communication lines with executive management. Every week on the DirtySecurity Podcast, Edward Preston chats with Cylance’s best and brightest about what is happening in the world of Cybersecurity and the work Cylance is doing to make things better. Each episode shines a spotlight on the people of Cylance and the work they do with our technology and consulting services to clean up the often dirty world of the data center. To hear more, visit: ThreatVector InSecurity Podcasts: https://threatvector.cylance.com/en_us/category/podcasts.html iTunes/Apple Podcasts link: https://itunes.apple.com/us/podcast/insecurity/id1260714697?mt=2 GooglePlay Music link: https://play.google.com/music/listen#/ps/Ipudd6ommmgdsboen7rjd2lvste Make sure you Subscribe, Rate and Review!
InSecurity Podcast: Lieutenant Colonel (Ret) Pete Schiefelbein: It’s Not Just Cybersecurity, It’s Information Security The Cyber Security Forum Initiative (CSFI) is a non-profit organization headquartered in Omaha, NE and in Washington DC with a mission "to provide Cyber Warfare awareness, guidance, and security solutions through collaboration, education, volunteer work, and training to assist the US Government, US Military, Commercial Interests, and International Partners." CSFI was born out of the collaboration of dozens of experts, and today CSFI is comprised of a large community of nearly 81,000 Cyber Security and Cyber Warfare professionals from the government, military, private sector, and academia. Pete Schiefelbein is a key part of CSFI and works to provide the kind of training to military and private sector companies that can be the difference between a major data breach and just another day at the office. In today’s episode of InSecurity, Matt Stephenson chats with Pete about a broad spectrum of topics including the evolution of the Marine Corps into a state of the art Cyber Defense unit as well its traditional role as an elite wartime fighting force. They dig into the notion of generational change and how it can effect a military organization. Further, Matt and Pete dig into the notion of information security compared to cybersecurity. Oh… and for good measure, they even talk a bit about the fact that Pete and his son are both Eagle Scouts and the role scouting is playing in developing the next generation of cybersecurity professionals. For more information on the topics discussed in the podcast, make sure to check out the following: Cyber Security Forum Initiative Veterans for American Ideals Boy Scouts of America STEM Nova Awards About Pete Schiefelbein PeteSchiefelbein is an Advisory Board Member at the Cyber Security Forum Initiative (@CSFI_DCOE) He also is a systems engineer at CSCI. Prior to his current work, Pete served 24 years in the United States Marine Corps, recently retiring as a Lieutenant Colonel. However, once a Marine, always a Marine. His final billet in the Marines was as Director, G-6 for the Marine Corps Training and Education Command in Quantico, Virginia, responsible for the governance, procurement, sustainment, and cyber security of over 20,000 user seats at more than 70 Marine Corps formal learning centers across the United States. It is safe to say that Pete knows a thing or two about operating a sophisticated network and protecting data from a variety of threats. Pete is a graduate of the U.S. Naval Academy (B.S., Mechanical Engineering) and the Naval Postgraduate School (M.S., Electrical Engineering). About Matt Stephenson Insecurity Podcast host Matt Stephenson (@packmatt73) leads the Security Technology team at Cylance, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecurity podcast and host of CylanceTV Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Stephenson to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come Every week on the InSecurity Podcast, Matt interviews leading authorities in the security industry to gain an expert perspective on topics including risk management, security control friction, compliance issues, and building a culture of security. Each episode provides relevant insights for security practitioners and business leaders working to improve their organization’s security posture and bottom line. Can’t get enough of Insecurity? You can find us wherever you get your podcasts including Spotify, Stitcher, SoundCloud, I Heart Radio as well as ThreatVector InSecurity Podcasts: https://threatvector.cylance.com/en_us/category/podcasts.html iTunes/Apple Podcasts link: https://itunes.apple.com/us/podcast/insecurity/id1260714697?mt=2 GooglePlay Music link: https://play.google.com/music/listen#/ps/Ipudd6ommmgdsboen7rjd2lvste Make sure you Subscribe, Rate and Review!
DirtySecurity Podcast: Israel Perez & Wajnih Yassine are The Real CSI Cyber Guys It’s Sunday afternoon, about a quarter past 3. You are in your backyard with friends and family members… Everyone is relaxed with a refreshing beverage… sharing stories… laughing at jokes… life is good. Then it happens…. You get that call from one of your C-Level Execs That buzz kill moment when you realize extremely sensitive corporate data is now in the hands of a stranger capable of causing significant damage to your corporate reputation. Your heart races… Your stomach aches… Your head is spins trying to figure out one thing… who am I going to call to help me return my world to normal? In this week’s episode of DirtySecurity, host Edward Preston talks with Cylance Incident Response teammates Israel Perez and Wajih Yassine about the Stages of a Cybersecurity Incident and what their team does to get the world spinning back on its axis again. About Israel Perez Israel is a Consulting Director, IR & Forensics at Cylance. Specializing in incident response, network intrusions, malware reverse engineering and digital forensics. Israel’s expertise with digital forensics has taken him from the Orange County District Attorney’s office, through the ranks at Foundstone and McAfee to Cylance, where he was the very first member of the Incident Response team. About Wajih Yassine Wajih began his time at Cylance as an intern and quickly moved through the ranks thanks to his stellar work with the Threat Analysis team. He is now a Sr. Incident Response & Forensics consultant with a focus on forensic investigation. About Edward Preston Edward Preston (@eptrader) has an eclectic professional background that stretches from the trading floors of Wall Street to data centers worldwide. Edward started his career in the finance industry, spending over 15 years in commodities and foreign exchange. With a natural talent for motivating, coaching, and mentoring loyal, goal-oriented sales teams, Edward has a track record for building effective sales teams who have solid communication lines with executive management. Every week on the DirtySecurity Podcast, Edward Preston chats with Cylance’s best and brightest about what is happening in the world of Cybersecurity and the work Cylance is doing to make things better. Each episode shines a spotlight on the people of Cylance and the work they do with our technology and consulting services to clean up the often dirty world of the data center. To hear more, visit: ThreatVector InSecurity Podcasts: https://threatvector.cylance.com/en_us/category/podcasts.html iTunes/Apple Podcasts link: https://itunes.apple.com/us/podcast/insecurity/id1260714697?mt=2 GooglePlay Music link: https://play.google.com/music/listen#/ps/Ipudd6ommmgdsboen7rjd2lvste Make sure you Subscribe, Rate and Review!
InSecurity Podcast: Jeff Tang is Beggin’ You… Stop Trying to Make “Weaponized” Cyber Happen The Missing Persons tried to tell usin the 1980s… “Media overload bombarding you with action It's getting near impossible to cause distraction Someone answer me before I pull out the plug What are words for when no one listens anymore” When it comes to cybersecurity, who is telling you the right things? And we don’t mean who is telling you the truth. We mean who is using the right words to describe the things and the actions that are affecting you and your ability to protect your data. Everywhere Jeff Tang looks, he is besieged with news stories using terms like “weapons-grade exploits” to describe the latest malware outbreak. The narrative constructed that results from this colorful language is detrimental to the progress of securing our computer networks, because it seeks to categorically apply the metaphor of military conflict to cybersecurity - and not every incident in cyber conflict qualifies as a military-style “attack.” In today’s episode of InSecurity, Matt Stephenson chats with Cylance Executive Mischief Consultant Jeff Tang about the value of words in cybersecurity. Jeff explains why it is mind boggling to compare the inconvenience of not being able to access your social media or online banking to a real-world kinetic attack that causes mass human causalities. Join us and understand that, while computers work in a world of binaries, that doesn’t mean our thinking about them has to be binary as well. It’s time we transition away from these military terms when discussing cybersecurity – or face the real-world consequences. About Jeff Tang Jeff Tang(@mrjefftang) is a Senior Security Researcher at Cylance focused on operating systems and vulnerability research. He started his career as a Global Network Exploitation & Vulnerability Analyst at the National Security Agency, where he conducted computer network exploitation operations in support of national security requirements. Prior to Cylance, Jeff served as the Chief Scientist at VAHNA to develop a security platform for identifying targeted network intrusions, and also worked as a CNO Developer at ManTech where he researched tools, techniques and countermeasures in computer network vulnerabilities. Jeff completed his Bachelor of Science (BSc) in Electrical Engineering and Computer Science at the University of California, Berkeley and a Master of Science (MSc) in Offensive Computer Security at Eastern Michigan University. About Matt Stephenson Insecurity Podcast host Matt Stephenson(@packmatt73) leads the Security Technology team at Cylance, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecurity podcastand host of CylanceTV Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Stephenson to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come Every week on the InSecurity Podcast, Matt interviews leading authorities in the security industry to gain an expert perspective on topics including risk management, security control friction, compliance issues, and building a culture of security. Each episode provides relevant insights for security practitioners and business leaders working to improve their organization’s security posture and bottom line. Can’t get enough of Insecurity? You can find us wherever you get your podcasts including Spotify, Stitcher, SoundCloud, I Heart Radio as well as ThreatVector InSecurity Podcasts: https://threatvector.cylance.com/en_us/category/podcasts.html iTunes/Apple Podcasts link: https://itunes.apple.com/us/podcast/insecurity/id1260714697?mt=2 GooglePlay Music link: https://play.google.com/music/listen#/ps/Ipudd6ommmgdsboen7rjd2lvste Make sure you Subscribe, Rate and Review!
InSecurity Podcast: The White Company: Inside the Operation Shaheen Espionage Campaign The tumultuous inner-drama of Pakistan has been keeping foreign heads of state awake at night for much of the country’s 70-year history. That’s because Pakistan’s story has been one of contradictions. It has enjoyed peaceful civilian rule, but also violent military coups. It has been a key counterterrorism partner in Afghanistan, but also an accused sponsor and enabler of terrorists. It has been outwardly focused on deterring its rival India, but also inwardly focused on managing domestic separatist and terrorist threats. It has been the home of more than 100 nuclear weapons, but also the most notorious terrorist in history, Osama bin Laden. At the heart of Pakistan’s curious and contradictory history has been its military, whose outsized in uence in Pakistani a airs has made it a key actor at home and abroad, playing roles both highly visible and long hidden. Today, the Pakistani military is at the center of shifting geopolitical alliances — and a sustained cyber espionage campaign. Cylance calls this campaign Operation Shaheen, a reference to the Shaheen Falcon which stands as the symbol of the Pakistani Air Force — the branch of the Pakistani military repeatedly referenced in this campaign’s phishing lures. In today’s episode of InSecurity, Matt Stephenson talks with Cylance Advisory Board Member Ryan Smith and Cylance Directors of Threat Intelligence Jon Gross and Kevin Livelli. Their research team unravel the mystery of a campaign in which traditional approaches to analysis, focused primarily on the malware and infrastructure, yielded few clues and misleading assumptions; however, a comprehensive breakdown of the exploit and shellcode revealed insights into a threat actor whose unique way of cobbling together tools may ultimately lead to their unmasking. About Ryan Smith Ryan Smith is a member of the Cylance Advisory Board. Prior to that, he was the Vice President of Research at Cylance, where he lead teams performing both internal and external research. He has spent the last decade leading such teams for consulting, product, and fortune 50 organizations. As an individual contributor, Ryan has discovered and exploited highly impactful vulnerabilities in widely deployed client and server software. His interests include reverse engineering, exploitation, vulnerability discovery, analysis algorithms, and magnets. He has spoken at international conferences and is a two-time Pwnie Award winner for best server and client bugs. About Jon Gross Jon Gross is a Director of Threat Intelligence at Cylance. Other than that… he doesn’t tell us much About Kevin Livelli Kevin Livelli is Director of Threat Intelligence at Cylance, where he conducts long-term, complex investigations with the Research and Intelligence team. His work there follows ten years at 60 Minutes, where his investigative reporting and analysis were recognized with Peabody and Emmy awards. Before that, Livelli supervised investigations at the nation’s largest independent police oversight agency. A graduate of Dartmouth, he earned master's degrees from Trinity College Dublin and Columbia University. About Matt Stephenson Insecurity Podcast host Matt Stephenson(@packmatt73) leads the Security Technology team at Cylance, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecurity podcastand host of CylanceTV Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Stephenson to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come Every week on the InSecurity Podcast, Matt interviews leading authorities in the security industry to gain an expert perspective on topics including risk management, security control friction, compliance issues, and building a culture of security. Each episode provides relevant insights for security practitioners and business leaders working to improve their organization’s security posture and bottom line. Can’t get enough of Insecurity? You can find us wherever you get your podcasts including Spotify, Stitcher, SoundCloud, I Heart Radio as well as ThreatVector InSecurity Podcasts: https://threatvector.cylance.com/en_us/category/podcasts.html iTunes/Apple Podcasts link: https://itunes.apple.com/us/podcast/insecurity/id1260714697?mt=2 GooglePlay Music link: https://play.google.com/music/listen#/ps/Ipudd6ommmgdsboen7rjd2lvste Make sure you Subscribe, Rate and Review!
Tales from Cylance’s Ultimate Road Warrior Road Shows and Lunch & Learns and Meet & Greets OH MY! For the past 3 years, Richard Melick has traveled all over the world bringing Cylance’s prevention-based endpoint protection to the masses. From the Unbelievable Tour to the UNDRWRLD Tour and beyond, Richard has created 0-Day malware and ransomware in front of thousands of people, then challenged CylancePROTECT to prevent those 0-Days from executing… all live in front of a an audience. There was no safety net. There was no chance to make a second first impression. These events were more than just marketing though. Richard was there to inform and educate his guests on the perils of Ransomware-as-a-Service. Sometimes, there were even headline grabbing events like WannaCry and Petya/NotPetya. In this week’s episode of DirtySecurity, Edward Preston chats with Cylance’s world traveler about the evolution of their live road shows. Find out what we’ve learned from the past, what we’re doing in the present and Cylance’s plans for the future. About Richard Melick Richard Melick(@RCMelick) has over a decade of experience in Cybersecurity and Antivirus Software. Working in various career functions in the industry that have taken him all over the world. His focus is emerging next generation Cybersecurity and Antivirus Software About Edward Preston Edward Preston(@eptrader)has an eclectic professional background that stretches from the trading floors of Wall Street to data centers worldwide. Edward started his career in the finance industry, spending over 15 years in commodities and foreign exchange. With a natural talent for motivating, coaching, and mentoring loyal, goal-oriented sales teams, Edward has a track record for building effective sales teams who have solid communication lines with executive management. Every week on the DirtySecurity Podcast, Edward Preston chats with Cylance’s best and brightest about what is happening in the world of Cybersecurity and the work Cylance is doing to make things better. Each episode shines a spotlight on the people of Cylance and the work they do with our technology and consulting services to clean up the often dirty world of the data center. To hear more, visit: ThreatVector InSecurity Podcasts: https://threatvector.cylance.com/en_us/category/podcasts.html iTunes/Apple Podcasts link: https://itunes.apple.com/us/podcast/insecurity/id1260714697?mt=2 GooglePlay Music link: https://play.google.com/music/listen#/ps/Ipudd6ommmgdsboen7rjd2lvste Make sure you Subscribe, Rate and Review!
HuntSource is working hard to fill the Cybersecurity skills gap Here are some important numbers to consider when thinking about the personnel and technology required to keep your network and your data safe. Over two thirds of all network compromises are not discovered for months The average cost to a business for each record lost to a data breach is $148 3.5 million cybersecurity job vacanciesby 2021 These gaps run the gamut from the heart of the datacenter up to the executive suite including CISO and CSO positions. How are businesses supposed to prepare for their future if they are not fully staffed and ready to protect their present? Have you heard some of this before? We hope you enjoyed last week’s tribute to Orson Welles and our CyberWar of the Worldpodcast. Now let’s get serious and have an in depth discussion about the Cybersecurity Skills gap…. In today’s episode of InSecurity, Matt Stephenson talks with Huntsource Co-Founders Matt Donato and Jack Hall about the ever-growing Cybersecurity Skills Shortage. In a world where there appears to be a never ending torrent of malware, ransomware and coordinated attacks, the gap between attackers and defenders is growing seemingly every day. About Huntsource Huntsourceseeks to arm businesses with the highest quality talent needed to effectively combat the various security risks that threaten them on a daily basis. They strive to be the preeminent and comprehensive Information and Cyber Security Professional Search and Talent Solutions firm, putting people and customers at the center of everything. Their focus areas include cyber and information security. Protecting its infrastructure is vital to keeping a company safe. About Matt Donato Matt Donatois the Co-Founder and Managing Partner of Huntsource. He has 12+ years of experience in the staffing, executive search, and talent solutions industry. He is a seasoned leader and recruiting industry expert. Over the years his experience has included leading a variety of strategic and tactical operations functions, business development, key account relationship management, recruiting, organizational training, talent mapping, and driving organic new business growth. Donato continues to help elevate companies by identifying key talent and fostering relationships with both clients and candidates. Matt received his BS in Economics from Roanoke College and is currently obtaining his Executive MBA from Wake Forest School of Business. About Jack Hall Jack Hallis the Co-Founder and Managing Partner of Huntsource. He has spent the greater part of his 12+ year recruiting career working for large, national IT staffing firms. His experience includes recruiting top talent, client acquisition, strategic account management, training, and development. As a consistent top producer, Jack builds lasting relationships with his customers through a consultative approach and deep understanding of their business domain. He’s serviced clients in multiple industries, including financial services, telecommunications, consumer products, publishing, and healthcare, among others. Jack holds a BA in Psychology from the University of Tennessee, Knoxville, for which he remains an active supporter of the College of Arts and Sciences. About Matt Stephenson Insecurity Podcast host Matt Stephenson(@packmatt73) leads the Security Technology team at Cylance, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecurity podcastand host of CylanceTV Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Stephenson to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come Every week on the InSecurity Podcast, Matt interviews leading authorities in the security industry to gain an expert perspective on topics including risk management, security control friction, compliance issues, and building a culture of security. Each episode provides relevant insights for security practitioners and business leaders working to improve their organization’s security posture and bottom line. Can’t get enough of Insecurity? You can find us wherever you get your podcasts including Spotify, Stitcher, SoundCloud, I Heart Radio as well as ThreatVector InSecurity Podcasts: https://threatvector.cylance.com/en_us/category/podcasts.html iTunes/Apple Podcasts link: https://itunes.apple.com/us/podcast/insecurity/id1260714697?mt=2 GooglePlay Music link: https://play.google.com/music/listen#/ps/Ipudd6ommmgdsboen7rjd2lvste Make sure you Subscribe, Rate and Review!
Memory-Based Attacks Are on the Rise: Josh Fu Tells Us How to Stop Them You may have heard a lot lately about memory-based attacks, fileless attacks, and living-off-the-land attacks. Attackers are increasingly using this type of attack because it works. It is less detectable by antivirus engines and even by some next-gen AV solutions. Because of this, the bad guys using this technique are more likely to succeed in their mission, which is to steal your stuff. The pressing question is… what does that mean for you and your network? The bad news is that Memory-Based Attacks are on the rise. The good news is that Cylance knows how to stop them. In this week’s episode of DirtySecurity, Edward Preston chats with Cylance engineer Josh Fu about fileless attacks. We’ll learn about what they are, why they are so prevalent, how they work and how to prevent them from hurting your network. About Josh Fu Josh Fu (@jfusecurity), CISM, CISSP, is a Security Engineer for Cylance. Josh has experience as a Channel Manager and consultant in cloud infrastructure and as a Sales Engineer in cybersecurity. Josh founded the West Coast chapter of the International Consortium of Minority Cybersecurity Professionalsand has presented in front of industry audiences across the country. About Edward Preston Edward Preston (@eptrader) has an eclectic professional background that stretches from the trading floors of Wall Street to data centers worldwide. Edward started his career in the finance industry, spending over 15 years in commodities and foreign exchange. With a natural talent for motivating, coaching, and mentoring loyal, goal-oriented sales teams, Edward has a track record for building effective sales teams who have solid communication lines with executive management. Every week on the DirtySecurity Podcast, Edward Preston chats with Cylance’s best and brightest about what is happening in the world of Cybersecurity and the work Cylance is doing to make things better. Each episode shines a spotlight on the people of Cylance and the work they do with our technology and consulting services to clean up the often dirty world of the data center. To hear more, visit: ThreatVector InSecurity Podcasts: https://threatvector.cylance.com/en_us/category/podcasts.htm iTunes/Apple Podcasts link: https://itunes.apple.com/us/podcast/insecurity/id1260714697?mt=2 GooglePlay Music link: https://play.google.com/music/listen#/ps/Ipudd6ommmgdsboen7rjd2lvste Make sure you Subscribe, Rate and Review!
Brian Fanzo Translates the Geek Speak and Simplifies the Complex Do you know what a Botnet is? What about the difference between Cloud-Based and Cloud-Enabled Security Is there a difference between Machine Learning, Artificial Intelligence and a Difference Engine? Could you explain the difference between a DoS and DDoS attack to your CFO? Could you make her care that there is a difference? Should Americans care about GDPR? Do Americans know what GDPR is? There’s a LOT going on just in the vocabulary words that we use in the cybersecurity world. We don’t just have to make the solutions that protect our users and prevent attacks from happening, we have to communicate what we are doing in a way that the users understand. In this episode of InSecurity, Matt Stephenson sits down with proud pager-wearing millennial Brian Fanzo to talk about the important role effective communications plays in cybersecurity and the larger business world. With a social media following over 130,000 and over 150 episodes of his 2 podcasts published, it is fair to say that Brian Fanzo knows about the value of communicating. About Brian Fanzo Brian Fanzo (@iSocialFanz) inspires, motivates and educates businesses on how to leverage emerging technologies and digital marketing to stand out from the noise and reach the millennial and Gen-Z consumers. He has a diverse background working for the Department of Defense in cybersecurity, then as a technology evangelist at a booming cloud computing startup. Brian is the founder of iSocialFanz which has helped launch digital and influencer strategies with the world’s most iconic brands like Dell EMC, Adobe, IBM, UFC and SAP. Brian hosts two podcasts (FOMOFanz & SMACtalk), has traveled to over 70 countries and has spoken at many of the world’s largest events including SXSW, CES, Mobile World Congress. Brian is a diehard Pittsburgh sports fan and semi-professional poker player who isn’t afraid to leverage his fast talking skills to read your body language and spot when you’re bluffing. About Matt Stephenson Insecurity Podcast host Matt Stephenson (@packmatt73) leads the Security Technology team at Cylance, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecurity podcast and host of CylanceTV Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Stephenson to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come before. Every week on the InSecurity Podcast, Matt interviews leading authorities in the security industry to gain an expert perspective on topics including risk management, security control friction, compliance issues, and building a culture of security. Each episode provides relevant insights for security practitioners and business leaders working to improve their organization’s security posture and bottom line. To hear more, visit: ThreatVector InSecurity Podcasts: https://threatvector.cylance.com/en_us/category/podcasts.html iTunes/Apple Podcasts link: https://itunes.apple.com/us/podcast/insecurity/id1260714697?mt=2 GooglePlay Music link: https://play.google.com/music/listen#/ps/Ipudd6ommmgdsboen7rjd2lvste Make sure you Subscribe, Rate and Review!
© 2020-2025 Ivy Podcast Discovery LLC
