POPULARITY
2 episodes with it security specialist
On our 12th episode of our women in tech spin-off series, our Principal IP Consultant Maddy Norris was joined by Sia Møller. Sia is the Senior IT Security Specialist at DSV - Global Transport and Logistics. She is an experienced IT Security Specialist with a demonstrated history of working in large international companies. Certified GCIH & CISSP. Skilled in Information Security - including Security Operations (IR), Network Security, Vulnerability Management and IT Risk Management. The pair talk through Sia's career and the opportunities which enabled her to get into the position she's in today.Learn more from Sia:https://www.linkedin.com/in/siamoeller/
Let's talk about digital identity with Roberth Lundin, Senior Security Consultant at Knowit. In episode 76, Senior Security Consultant at Knowit, Roberth Lundin, discusses identification services in Sweden alongside Smart Cards – what identification services are available in Sweden and why should someone have a BankID or Freja e-ID as well as what smart cards are and what is interesting about these. [Transcript below] "But if you take a smart card, for example, well, you can't copy a smart card. That's very important." Roberth Lundin is Senior Security Consultant at Knowit. For the last years he has been working with Bankgirot as an IT-security specialist, in which one of his most important duties is to coordinate all security audits using risk-based approach, also worked with SOC/SIEM system, identity governance and administration (IGA). In his vast experience he has seen and contributed to the evolution of eIDs in Sweden including smart cards. Connect with Roberth on LinkedIn. We'll be continuing this conversation on Twitter using #LTADI – join us @ubisecure! Podcast transcript Let's Talk About Digital Identity, the podcast connecting identity and business. I am your host, Oscar Santolalla. Come to meet us in person. Ubisecure are attending Security Leadership Belgium on October the 5th and 6th in Brussels. Come and meet us to find out how Ubisecure can help with your business challenges in cyber security and CIAM. To find out more, take a look at the Ubisecure events page, www.ubisecure.com/events. See you in Brussels. Oscar Santolalla: Thank you for joining a new episode of Let's Talk About Digital Identity. I was thinking, personally, I have been using for accessing many online services, I use many authentication methods, identification services that we have been discussing in this podcast, three years. But one that I have not used is a smart cards. For instance, even though hereby being a citizen of Finland, I have one, but I have not used it before. So that's one of the things we're going to discuss today, how to use a smart card for identification. And also, what are the other identification services in Europe and especially from Sweden that is from where our guest today is coming. Our guest today is Roberth Lundin. He is a Senior Security Consultant at Knowit. For the last years, he has been working with Bankgirot as an IT Security Specialist in which one of his most important duties is to coordinate all security audits using risk-based approach. He also works with SOC SCM systems, Identity Governance and Administration, IGA among all the roles in his vast experience he has seen and contributed to the evolution of eIDs in Sweden, including smart cards. Hello, Roberth. Roberth Lundin: Hello. Oscar: OK, Roberth. So, let's talk about data identity. But first of course, we want to hear a bit more about yourself. So please, you can tell us, yeah, your journey to this world of the that identity. Roberth: I started in 1989 at a company named Bull. The first project I got was to finish a secure login and file transfer tool for UNIX, which use smart cards, high security smart cards, actually. Then I have been working for the next 20 years at Bull, Integris, Steria with personalisation systems for smart cards, issue system for electronic IDs and so on. 2009, I started work at Cybercom, which is now named Knowit. 2014, I started the first signing service using DIGGs framework, which I still work with part-time and been working for since 2015 to 2018 with electronic medical certificate and signing of them as a security specialist. And then for 2019, I worked at Bankgirot to secure their operations. That's my background basically, very shortly. Oscar: Fantastic. We're going to talk about smart cards and also the eIDs in Sweden and Europe. But first, I know something interesting is to think of in a broader aspect all the authentication methods and ways of verifying identi...
Leading Data Privacy Professional Spills the Secrets on How To Overcome Challenges And Guarantee A Successful Career in Data PrivacyThe world of data privacy is constantly changing, and it can be hard to keep up. From staying up-to-date on the latest regulations to ensuring that your organisation's data is properly protected, DPOs have a lot to contend with. In this value packed episode, James Robson shares the secrets to his success! He discusses his journey into data privacy, working in different sectors and the unique challenges data protection officers face in non-corporate organisations. Hi, my name is Jamal Ahmed and I'd like to invite you to listen to this special episode of the #1 ranked Data Privacy podcast. In this episode, you'll discover: How to find your niche and excel in Data Privacy How finding a mentor can transform your career overnight Practical tips on how to succeed as a DPO wherever you work! Discover why you can enjoy a rewarding career the Data Privacy regardless of your background, and so much more... Subscribe Now James Robson is a Data Protection Officer at The Evidence Quarter, which is home to a number of organisations, including Reform, What Works for Children's Social Care and Neighbourly Lab. James has 10+ years infosec and data governance experience including privacy/security information management system design for multiple large multi-national organisations. His qualifications include IAPP CIPP/E, CIPT, IBITGQ EU GDPR P, and ISO 27001 Lead Implementer and he proudly considers himself a data protection nerd. Before joining The EQ, James was a senior consultant for Evalian Limited working on multiple data governance and security projects at any one time being Data Protection Officer for a number of companies concurrently. Before Evalian he was a Data Governance & IT Security Specialist for the largest global psychometric testing firm SHL Group Ltd. Listen Now... Follow Jamal on LinkedIn: https://www.linkedin.com/in/kmjahmed/ (https://www.linkedin.com/in/kmjahmed/) Connect with James on LinkedIn: https://www.linkedin.com/in/-james-robson/ (https://www.linkedin.com/in/-james-robson/) Get Exclusive Insights, Secret Expert Tips & Actionable Resources For A Thriving Privacy Career That We Only Share With Email Subscribers► https://my.captivate.fm/%C2%A0https://newsletter.privacypros.academy/sign-up ( https://newsletter.privacypros.academy/sign-up) Subscribe to the Privacy Pros Academy YouTube Channel► https://www.youtube.com/c/PrivacyPros (https://www.youtube.com/c/PrivacyPros) Join the Privacy Pros Academy Private Facebook Group for:Free LIVE Training Free Easy Peasy Data Privacy Guides Data Protection Updates and so much more Apply to join here whilst it's still free: https://www.facebook.com/groups/privacypro (https://www.facebook.com/groups/privacypro)
Rory Meikle hosts this episode of Security Confidential with Erika Carrara. Erika is an influential, strategic, business-focused, and highly accomplished C-Suite executive. She has accomplished many things such as being a CISO, Director of Information Technology, Penetration Tester, an IT Security Specialist, and many more. Erika is also a Veteran of the United States Army and Mentor. She is currently the CISO of Wabtec Corporation. 00:00 Introduction 00:49 How did you start your career in cybersecurity? Was it something you did while in the military? 03:03 Advice for younger individuals stepping into cyber 04:27 Advice for Veterans transitioning into Cyber 06:29 Due diligence process when looking at an acquisition? 13:40 ISO 27,001 17:04 Security Frameworks for Small Businesses 22:00 What motivates bad actors? 26:40 Are there policies that you think the government should adopt that would better deter bad actors? 34:18 Can you shed some light on what defense in depth should entail for critical infrastructure companies? 37:45 3rd party risk mitigation 41:14 Small businesses: expectations regarding cybersecurity? 45:03 Code: Girl 50:00 Connecting with Erika To learn more about Erika visit https://www.linkedin.com/in/infosecpainpoints/ To learn more about coding programs for girls, check out these websites: https://girlswhocode.com/ https://code.org/girls https://www.blackgirlscode.com/ https://www.coding-girls.com/ https://www.techgirlz.org/ https://djangogirls.org/en/ To learn more about Dark Rhino Security visit https://www.darkrhinosecurity.com SOCIAL MEDIA: Stay connected with us on our social media pages where we'll give you snippets, alerts for new podcasts, and even behind the scenes of our studio! Instagram: https://www.instagram.com/securityconfidential/ Facebook: https://m.facebook.com/Dark-Rhino-Security-Inc-105978998396396/ Twitter: https://twitter.com/darkrhinosec LinkedIn: https://www.linkedin.com/company/dark-rhino-security Youtube: https://www.youtube.com/channel/UCs6R-jX06_TDlFrnv-uyy0w/videos
In this episode we chat to Paula about her career as an IT Security Specialist and also touch on her passion about technology and digital rights.
Episode Summary: In this episode, Raymond and I explore: If it's possible for organisations to be 100% agile, Why a human-centred approach to product design is key How one can get started with their agile journey... and much more. Guest Bio: Raymond Chike has over 15 years diversified experience in the Financial, Retail, Utilities, Energy, Consulting and Charity sectors. Proven record as a problem solver and aggressive commitment to continuous learning. Bringing together Human, Digital and Physical Interactions while enjoy working with businesses create innovative solutions, products and services. By recognising customer needs, validating new product and service concepts, assisting teams in developing mvp, and assisting organisations in transitioning to adopting new ways of working in a holistic human-centric way. Raymond's Social Media: LinkedIn: https://www.linkedin.com/in/chykeray/ Design Thinking Squad Meetup https://www.meetup.com/Design-Thinking-Squad-Gloucestershire/ URLs and Resources Mentioned Books/ Articles: User Story Mapping by Jeff Patton The Startup Way by Eric Reis Lean Startup by Eric Reis Lean UX: Designing Great Products with Agile Teams by Jeff Gothelf and Josh Seiden Lean UX: Applying Lean Principles to Improve User Experience by Jeff Gothelf and Josh Seiden Impact Mapping by Gojko Adzic Raymond's LinkedIn post on relationship between Design Thinking, Lean and Agile: https://www.linkedin.com/feed/update/activity:6505691705440894976/ Interview Transcript Ula: 00:26 Hey everyone! How are you doing today? Can you believe it? We're nearly at the end of Season 1 of the Agile Innovation Leaders podcast and this is our 9th episode. A massive thank you and shout out to all of you who have taken the time to listen, support, to write, to encourage… I am very, very grateful. It never ceases to amaze me that you guys are listening from all over the world; from places and countries like New Zealand, Australia, Singapore, India, Nigeria, Kenya, Ghana, France, South Africa, Canada, USA, Brazil, Switzerland, Norway… of course United Kingdom where we live and many other places where I've not mentioned. I do appreciate the engagement – thank you so much. Keep it coming and keep getting in touch. Now, in the course of launching the podcast, I've also had a number of you get in touch with me to say, ‘Hey, we really are interested in this ‘Agile' thing. How can we learn more about it? How do we get started?' And for some of you, you've had some sort of Agile initiatives going on in your organization and you don't know how you can make this better, make it work because it's not working as well as it should. Well, if you fall into any of these categories, today's episode is for you. I'm pleased to introduce my guest. He is nobody else other than Raymond Chike. A seasoned Agile Innovation professional with over 15 years of diversified experience in multiple sectors – Financial, Retail, Utilities, Energy, Consulting and Charity. And he is a big proponent of design thinking and basically blending agile, lean start up thinking, UX design and design thinking to provide a rounded and human-centered way of working. You just have to listen to this episode! So without further ado, my conversation with Raymond. Enjoy! Ula: 03:04 Raymond, thanks for making the time for this conversation. It's great to have you on the show. Raymond: 03:09 You're welcome. I'm excited as well Ula: 03:11 Great. Now let's kick off. We want to know who Raymond is as an individual. Can you tell us a bit about yourself, and how your life experience has led you to choosing a career as an agile professional? Raymond: 03:25 My story is one of those I'm passionate about telling people. So, I'm a native of Nigeria, back in Africa. And I think the whole journey started off as me looking at the whole world in perspective. And I thought to myself, I want to see how things get done in the Western world – United Kingdom and America and all that. That led me to journey into the UK. So, on coming here, I found my first contract was more of an IT security administrators service contract or something like that. And along the line, I started noticing that I was good at connecting the business and the technology. Little did I know that that was what business analysis was. Then, business analysis became popular, but already I'd found out I was naturally a Business Analyst. But then I thought, ‘Okay, let's go on that journey.' And while in the journey of a Business Analyst, I started realizing that things took too long to happen. So, people are building (a) project and before the project finishes, in two years, the world has moved on. And I said, what is the best way of doing things quicker. I mean, that was where agile started coming up in my mentality. Then I thought, ‘Alright, I think I've got an agile mindset as well.' So, I think I'll take a perspective from a natural point. So, professionally, that's how I found my way/ journey into the Agile world. I live in the UK, permanently now for 14 years, 15 years or so. I've got (a) family, as well. So, my primary location is around Southwest of Cheltenham, but most of my consultancy has been around London, and I travel around anyway. I think. Yeah, that's me in a nutshell, and that's my passion. And, then yeah. Ula: 05:11 That's quite an interesting story. It's funny, because we all start off one way, but the thing about us as humans is that there are things about yourself, you know, your natural inclinations or giftings, or things you're really good at, you wouldn't know until you actually get started. So, it's interesting you recognised the knack (i.e. abilities) and probably people around you also recognise the knack whilst working as an IT Security Specialist, that you also had the ability to connect business with technology. Just out of curiosity, what was your educational background? Raymond: 05:46 Yeah, I graduated with a first degree in Electrical/ Electronics Engineering. Ula: 05:50 Oh, okay. Raymond: 05:51 And… yeah, that is me really. I haven't furthered anyway in terms of educational academia. I've surrounded myself with lots of training and certifications… I've gone, I mean… I don't know if I have enough time to start to name them. But, that's my educational background anyway. Ula: 06:11 I mean, education is not necessarily having more degrees or as many degrees as a thermometer. I'm also Nigerian and I also got my first degree - funnily also in Electronic Engineering. Raymond: 06: 21 Really? Ula: 06:22 Yeah, yeah. Raymond: 06:23 What a coincidence! Ula: 06:26 From your profile, I can see that you are quite big on marrying agile thinking with lean, UX design and design thinking. I'm a big fan of that, because it's really about focusing on what value you're bringing to the customer, whether it's internal or external, and ruthlessly eliminating anything that the customer does not value and is not willing to pay for. So, what are your thoughts on marrying design thinking with lean methodologies? Raymond: 06:56 My thoughts are certain in the sense that it must be married. Looking at the world we live in now, (we're) in an adaptive world. I think the most important service to me is customer service. At the heart of every product, at the heart of everything we do, if we can't link it to customer service, then we just building what we think we like, yeah? And before you can build something for a customer, I always look at it in this perspective, you have to design that thing, you have to then build it, and you have to engage with the people to use the product. And that's the heart of Human Centered Design, or rather you can call it Customer Centric way of doing something. So, that is me thinking about how you bring together the human perspective, and link it with the digital and the physical interaction. Now, this is where you need to combine a whole lot of techniques and thinking and I always say it this way, ‘Agile is not a way of working, agile is a way of thinking than the way working.' Because your behavior modification cannot change if your mind is not transformed. So, at the center and the heart of agile, is the thinking. The same applies to design; at the center and heart of design is thinking - Design Thinking, Agile Thinking. So, call it this way: Design Thinking, Lean Thinking, and Agile Thinking. And to marry them is - Design Thinking makes you get to the heart of the customer. Like, ‘What is the problem you're about to solve? What is the pain point? Empathy. What is this? Why are we doing this thing? What is the problem? The pain point; you empathise with the customer. Now, at that point of empathy - this is where you begin to think about Lean. Where Lean thinks, ‘All right, I think I've empathised (with) this problem and I understand this thing – I feel I understand it.' Then, what's the barest minimum I can test to see it's working? This is where Lean Thinking comes in, right? So, then when you use the Lean Thinking and it works or you get good feedback (you say), ‘Okay, okay. I think we now see a way this is gonna work.' ‘Okay, let's produce it in some sort of scale now and still get feedback and learn.' This is where you now bring in the principles on Agile, like the Scrum, and the Kanban, or the Extreme Programming, or SAFe (Scaled Agile Framework). Then you now want to say, ‘Okay, this thing is getting bigger now; we're about to blow up now', so you want to scale. You scale the product, you engage with the people, then you might… So this is the journey of a product from its inception of human-centric pain point up to the development, and this is how I marry Design Thinking, Lean Thinking and Agile Thinking. Ula: 09:41 Wow, (I've) never really heard it put this way. But it does make sense and I do agree. So, would you say that Design Thinking is the same thing as User Experience design? Raymond: 09:51 It's an interesting conversation but it's not the same. But what I usually say - Design Thinking is a big umbrella. Like, you'd say, Agile thinking. So if you… Like, what you've asked me now is like, ‘Is Agile thinking the same as Scrum Master?' It's like, ‘Oh no, Scrum Master sits under Agile.' That's the same question. Design Thinking involves a lot of skills. Ula: 10:16 Yes Raymond: 10:17 Now, it depends on the way you want to go with it. If you want to do a short design… bear in mind it's a (way of) thinking. Ula: 10:23 Yeah Raymond: 10:23 If you now want to bring it to reality, in terms of skill you might want to map it to, say, a researcher can be involved. A researcher... Now does that mean you cannot be a researcher? You can be (one) but in a professional office, maybe there's a (dedicated) researcher. Okay, UX design - alright, what makes you think you're not a UX designer? Okay, I want to develop an app. I can just sketch something on paper with a wireframe and I've got some understanding of UX concepts. Now, that's my minimum viable (product). Maybe I need a professional UX designer to a prototype for me. Okay, then you need a UX (designer) it might be - depends on the product. If my product is around… (say,) building a bottle, I don't need a UX designer for a bottle. I might just go get a fabricator to make a bottle, you see what I mean? So regardless of the product, the principles stand. But when you talk about the product you want to do maybe a web design, then the skill set comes into play. That is why the UX design now is a skill. Yeah, that's a connection. So, it's like Agile - is Agile the same as… product owner? No, within agile umbrella, we might need a product owner, we will need a scrum master. Okay, maybe we don't need an engineer really. Okay, okay. While you're developing an agile product, what if the product is a pharmaceutical product? Do you need a developer? No, you need the scientist. So, you see the point. So, the takeaway, because when we talk about Lean agile, people just focus straight ‘Oh! (We're building a) website, app?' Ula: 11:49 Software development… Raymond: 11:50 But… it's not about websites. It's not about apps, not about it. What if it is a pharmaceutical company developing a prosthetic leg or pharmaceutical company developing a fake eyeball, what do you say then, you know? So, I try to get people away from products first, think about the human-centric way of connecting digital and physical interaction, then I think everything will fit into place. Ula: 12:15 It's interesting how you've highlighted the fact that there are general principles underpinning Agile thinking or Design thinking and the principles are separate from the products. Now the products could vary, the principles remain pretty much the same. But now depends on the context - which you can now adapt it (the principles) to the context of the product or service probably that you're providing to the end user or the customer. Am I right? Raymond: 12:44 That's right, well-articulated. Ula: 12:47 Okay, well, thanks. That's interesting. You said that there is this misconception that agile is about the things people do. Now, based on what you're saying that agile is first a mindset so and the International Consortium for Agile, or the ICAgile organization, they said on their website, it's about first being agile, before you do agile. Raymond: 13:11 That's right. Ula: 13:12 So, what would you say are the steps then, towards being agile and when would you know that you are truly agile from a ‘being' standpoint? Raymond: 13:24 Okay, I think the best way to say (it is) this way: there is nobody that's 100% agile. Ula: 13:30 Hmm! Interesting. Yeah. Raymond: 15:31 Definitely, nobody, nobody. Because why I say that is, if you are 100% agile, it's like… if you say yes, I am 100% agile, it does not marry up with the name agile itself, because agile itself means changing. So, you say you're 100% changing. So, I am 100% changing, so you're still changing. So, what agile, what I try to say about agile is (it's) about how we're learning that's Agile. So, (it) automatically tells you, you are constantly learning. So, have you learnt? No, you are constantly learning. So, the thing at the core of Agile is a mindset, your mind has to be ready. That's the height of it is your mindset knows that things must change. The principles and the values lie within and the practices follow and the tools and processes that help it. So, but you need to get at the heart of it that it… So basically, the world, is ruled by companies who learn faster. That's it. So, how are you learning faster? That's why agile comes in. So, are you… if Facebook comes tomorrow and said, ‘We are now agile; we are the best agile (practitioners)', that's wrong, because they're still going to have challenges that come up tomorrow that they'd have to think and say, ‘Guys, what's the next solution here?' Ula: 14:46 True Raymond: 14:46 This is where I feel agile is just, agile in itself is even a part of a product. As I've just explained Lean, design thinking, lean and agile… all that stuff. So, it's a complete mindset shift. But we there yet? We're not always going to be there in terms of 100%. But we are on a journey. Ula: 15:06 Yeah Raymond: 15:06 So, we're on a journey… we're not definitely going to be ‘there'. So, to answer your question, I don't think anybody's 100% agile. But I guess the thing is, to what degree of Agile are you? To what degree of learning or what degree of flexibility? What degree do you apply the principles better? I think that's the key message. And I mean, the only way to answer that is more of your outcomes, really? So, when you check into your outcomes, you know if you are really, truly agile and how responsive you are to the market and how adaptive you are. Ula: 15:41 Well put. So you said, yes, no one is 100% agile. You're constantly learning and that's probably why agile and lean - they're complimentary because lean is also about continuous improvements and focusing on improving processes to achieve certain goals. What would you say about the frameworks then? Is it possible to purely apply one framework in an organization's operating context, to the exclusion of others? Raymond: 16:13 Great question. I think you will do yourself a favor to mix them up. I always tell people this … if you study Scrum, the next thing… they (people in organisations) call me and say, ‘I'm doing Scrum', (and the person) goes on saying ‘I'm writing user stories.' And I say, ‘Okay, but I'm sorry, user story is Extreme Programming. So, you're already mixing it up, right? Then you get people who are doing Scrum. Then they go, ‘Oh, our Jira board is a Scrumban board.' So, what's that about? Ula: 16:41 It's a Kanban board… yeah… Raymond: 16:42 So, what I tell people is this: I'm not dogmatic about any (framework). If you bring any framework tomorrow and call it… ‘Jump' … whatever you want to call it. My question to you (would be), ‘Is it solving human problems? Are we inspecting and adapting faster? Is it prioritizing collaboration over ‘blah'…? Is it prioritizing responding to change over following a plan? Is it tied to the principle?' (If the answer is) ‘Yes', that's it! I don't want to know what else you call the name. I mean, I was in a conference the other day and I said to someone, ‘Look, let's be honest.' (If) she goes to Facebook now, (and) I go to Netflix (and) ask them what (agile framework/ methodology) they're following, they probably would not tell you anything. Probably tell you, ‘I don't know what's Scrum - we just inspect and adapt quickly. We just learn fast. We have a system that helps us learn fast.' That's it. No one is gonna tell you, ‘Do three weeks sprint, do four weeks sprint… do one thing or the other…' It depends on the product. Depends on the product. Some people do one-week sprint. Some companies do one-week sprint, two weeks sprint, three weeks sprint. Some pharmaceutical companies do one-week experimentation. I've seen companies do design sprint zero, then go on and do one-week sprint. The thing is, where are you learning fast? How are you learning fast? And agile is just (a means to) the end game; it's the building of the product. Remember, I said design thinking? Where is the place (for empathy in Agile)? …No agile principle talks about empathy. Nothing like that. Ula: 18:05 No Raymond: 18:06 They (some agile frameworks) just tell you, ‘Sprint planning - boom, boom, boom, go!' But, how do I know the product to build? I mean, this was what inspired me to (write) my last post where I said… I did post something on LinkedIn the other day. (That's one of) the key things that I was trying to say to the team. I read that from a book called The Startup Way by Eric Ries. This is the same guy who … Eric Ries is The Lean Startup guy. So, here is Toyota (for example). Toyota known for all the things they do around production and lean and all that stuff. But yet someone in Toyota could say he thinks there's a missing part. And that is because they are good at creating things. But they don't have a system that tells them on (how to) discover what to produce. Scrum does not help you discover what to produce, you know… Kanban does not help you discover what to produce. They just help you produce but they don't help you discover. So, this is why I say, I'm not precious about any framework, as long as that framework can help me easily inspect and adapt. That is my key (requirement)… and it's transparent. That's my own, I don't really cherish… I'm not gonna say I'm a SAFe man (or it) must be SAFe. (Nor would I say) it must be Scrum, or it must be Kanban. But then, does it mean I haven't gone on training for all of them? I have – I'm not hung up on frameworks. (I've gone on training for every one of them) because I want to know what I'm talking about. I want to learn because I'm also an aggressive learner. So, I want to know what you're talking about. But then I always ask myself the question, what is the “why” you're doing this? Why are you doing it? If it connects with (the agile) principles – yes. If it doesn't… hmmm… I'll pick and choose what I want from it and throw the rest away. As simple as that. That's my view on all frameworks, really. Ula: 19:48 Makes perfect sense, actually. Raymond: 19:51 You don't want to be hung up around frameworks really. Going into this conversation the other day, someone talked about (the) product owner (role) and I said, ‘Listen, I've done a Product Owner course for Scrum. And that is not up to 2% of what it takes to be a Product Manager.' It's not! If you think you've done a Scrum course, on product ownership, and you think you are now a product owner? I'm sorry, it's not (the case). Because the Product Management (responsibility) is a big piece - from design, to engagement, to development. So, there you have several of those sideline courses, you have to go to; to understand the market, to understand the proposition, to understand business model presentation, Lean Canvas…, then, you know what I mean? Where goes all the certifications and frameworks again? It's all about just learning. Just see it all as learning; adding that to your toolbox. You know, focus on the human-centric problem you want to solve. Ula: 20:44 I quite resonate with what you said. As in likening these frameworks, the concepts - to look at them as tools in a toolbox. You pick the one that most appropriately suits the work and the organization you are in - in my opinion. I'd like to know what you think about this. But I also think it is possible that a team, an organization you know, or even within a project, it could evolve in such a way that the tools that you're using… or the practices and the tools and processes that you're using to try to accomplish an outcome might need to change midway. So, it doesn't necessarily mean that what you start with is what you end with at the end of the project. What do you think about that? Raymond: 21:30 Yes, I mean, it is. I've worked with several big companies trying to do agile or are doing agile. I've seen it. I've got the scars on my back. I know what I'm am saying. It's very painful when you see people who want to fix it (an ill-fitting framework) into their hole. I say to them, ‘You have to be pragmatic.' Like this consultant… I don't remember his name again. But he said, ‘Agile has a way of making people drop their smart brains at home and come to work.' If you come to work, (that) you do agile doesn't mean you're not smart - you're smart. Just know that you're smart. Look around the process, see how it's going to work well for you. If it's not working, find another way it's going to work. Remember, the principles still apply. Keep the principles at your forefront. We're talking real stuff here, yeah? So how do we make Kanban work for us? How do we make Scrum work for us? Okay, yes. Okay. How do we draw funds, investment? Because we need seed funding to do this experiment and prove to our manager it works. Okay, you want to start up something now? You're starting small? You're (i.e. Ula is, for example) not going out now opening an office and buying a podcast device of 10 grand or 20 grands? You're being lean here; trying to make sure you're experimenting here, right? Ula: 22:39 Exactly, you have to know if someone wants… Raymond: 22:41 You (Ula) are applying the same principles. You've got the mindset; you've got the mindset. That why you're doing what you're doing right now. And it's the same principle applied at a scale. Ula: 22:49 Thanks! You mentioned something that you've had scars on your back as a contractor working with teams and organizations. Is there any one you wish to share? Raymond: 22:58 I think for me, the behavior is the same. What I can say is, every company wants to be agile; that's the market drive - just get that right. Every company wants to be agile. In fact, you can almost sell anything to any company now in the name of Agile. Ula: 23:12 It's a buzzword, right? Raymond: 23:14 Yes. But then I always say this, ‘If I get in there, how can I add value to you?' So, you get in there, you stumble on arguments. Now one coach prefers SAFe (Scaled Agile Framework), another Coach tell you Scrum, another coach tells you Kanban is the way. Then I always challenge them by saying… When I come in with design thinking mentality, they look at me like, ‘where does this guy come from? Who are you? We are agile.' I say, ‘yes, but how do you draw funds from the manager to tell him you're agile?' They'll say ‘Hmm! That is a Product Manager's responsibility.' I say, ‘Oh really? I thought that's still under Agile, because a Scrum Product Owner course teaches them (i.e. the Product Managers) how to draw money? Is it a “no”? Okay'. You see, when you find that a… That's what you see in companies. I think what we need to start to understand is… I tell people, ‘Guide yourself with mentors', experience is key as well, you know. My experience, tells me that many companies are still on the journey, and I said agile is a journey. My gauge tells me every company now knows: there's no argument we have to be agile. So, we've crossed that stage. They know that we have to be adaptive. They know that now. The challenge many companies are facing now is, ‘How?' They now know, but it's the ‘how' now. (My) advice is, based on my experience, there is no pattern. All I can say is, as long as you have these three pillars in the mindset of what you do; the design thinking, lean thinking, agile thinking… I always wrap it up by saying (you must have) almost an entrepreneurial mindset as well. Ula: 24:46 Oh yeah. Raymond: 24:47 That will help. A bit of that will very, very help (i.e. help very much). The reason why I say entrepreneurial mindset is because then you're thinking differently. You are not there sitting down in a company waiting for your salary every month and just go home. You're inspired to say, ‘What problem are we solving? What customer problem are we solving out there? How can we be fruitful?' Now you're thinking entrepreneurial. I think that drive will start to send a different message to company structures; you start inspire people to work, in fact inspire people for new products. And because people love working agile, when you put agile in any office, (for example) Kanban, people love it. Why? Because it is liberating. Ula: 25:27 It is. The transparency... Raymond: 25:28 It has that way of making… The transparency! People love it. That's the key to (the) successful companies we see these days everywhere. We don't know how they succeed. But this is the principle they've been applying years ago when it was not branded anything. Now is becoming branded, whatever we call it now. Ula: 25:44 Yeah, I mean, it's interesting… Yeah… it helps to put a name to something but it's more about not enshrining it and kind of stifling the spirit of what that thing is meant to mean (therefore) losing the value. Raymond: 26:00 Yeah, I agree with you 100%. Ula: 26:02 Now, you mentioned the book, The Startup Way and I assume that you might have read some other books. If you were to gift or recommend, say two or three more books that have greatly shaped your thinking; your agile, lean, design thinking - which ones would you recommend? Raymond: 26:21 Wow, there are key ones, I think, if you want to be different. If you want to be ‘agile- different', like I mean, set yourself apart. You need to have a hold of this set of books, you know. I would say go for The Startup Way (by Eric Ries), Lean Startup (book by Eric Ries), Lean UX, Impact Mapping by Gojko, User Story Mapping by Jeff Patton. These would get you started. Ula: 26:47 Okay Raymond: 26:48 These are books I've seen that stood the test of time when it comes to this whole ‘game' of Agile. You, kind of… They will set you apart in your Agile thinking. Someone is going to be like, ‘You just became holy again in agile.' I'm telling you. With every page you read in this book, you'll probably read them again and again and you'll be wondering, ‘Where have I been in this world?' Ula: 27:11 Kind of reminds me, there are some books that I have read yet across different disciplines - although I tend to read more of business and self-improvement books. And there are some that are out there, which I'dd read quickly and I'll make a mental note to read them again at a slower pace. However, I also have a lot queued up. Raymond: 27:31 I have so many books but I buy physical books. Ula: 27:33 Yeah Raymond: 27:34 The kind of books I buy are around technology, innovation, entrepreneur… Ula: 27:38 So, there might be other professionals out there or people who want to make a headway into the lean, agile world as consultants or contractors. Now you said you came from Nigeria to the UK, so how did you get your first agile related role? Raymond: 28:00 Yeah, I think it's more of the experience first - in the four walls of the company, that's it I mean, there are two levels I call it like I do some private coaching and training for people who want to get into like a fundamental business analyst role. Then maybe progress to an agile role. But I would say, most of these things... As I said, the first thing is the mind. I always say this, it's difficult to teach you agile, (if) you don't understand Agile, it's difficult. So, I think what I tend to do is… there is a level of experience I hope you'd have experienced in the four walls of a company, deep problems. Then you can do some training or in most cases, enlightening yourself with some of these books. Read them, be sure you understand what they're saying. I always say understand why people use Agile. Don't understand Agile. Just understand why and relate it to your real world. Bring it home. Always bring it home because… How we bring it home? I tell people, look at the things you use from day to day. When you started using WhatsApp, it's not what it is now. WhatsApp started with just a message. There was no video, there was no record, there was no that whole thing. So, there were messages then later. This is agile. They were changing things, giving people what they want, changing it again, adding this, moving the colors. Now, connect Agile to your daily world. Then when you get to the company, it just starts to make sense. Because the companies you might get into, they are also as confused as you think you are. So, I guess the most important thing is passion. Get that passion in your mind. If you are agile, it would come out of your mind(set) and the way you talk, people will now know it's agile. But if you don't have it in your mind, as a project you (need to) change your mind(set). I always teach people this. Look at your life as well. You want to look for a house or a project you want to work on or you want to buy a new car. You thought you wanted to buy a Volvo. Suddenly, as you started going (car shopping), you find out that you don't like a Volvo. You decided to change it (the desired car) into Mercedes, why? Your requirements are changing even as a human - you haven't even gone a month and you've changed three decisions already. So, that is the adaptive behavior the world is (aiming) at. The system can manage it. What technique will manage this changing requirement every day, yet give the business (its desired) business outcomes, give customer, customer satisfaction. This is… my coaching to people is always (to) connect it with your day-to-day life first - make sense (of it). Then every other thing people are talking about can be reality now. Then, you can do the training, you can do the coaching, you can do the workshops, and they all begin to join dots together. I do workshops as well but then that's more… my training and workshops are more experiential. I bring case studies into the room and by time you go out, you understand what it means. Yeah, that's the way I look at it, really. Ula: 31:04 So, are these workshops public? Raymond: 31:06 At the moment, the organisations I consult with – I run them with them. But then I do them public, but that is once in a while. My plan this year is to have some public sessions, but I haven't put them in the calendar yet. I'm still trying to work out what customers want. I'm still going through a design thinking phase around it because I feel I don't want to just produce what I like; I want to see what people really want. And see where I can do something barest minimum that can help satisfy the need. So, say I'm at that stage where I'm a bit lean about it as well. But then I'm also willing to do anything on demand. If there's a certain group of people that come together and say, ‘I want to learn this thing. We're 10 of us, we are 20.' I do things like that sometimes. I did one in Cardiff last year (2018). A group of people came together - 12 of them - said they wanted to understand Business Analysis, how it links to agile and all that stuff. So, I did a bespoke material for them and I went and delivered it for a full one day. So, things like that I can do as well. But as I said, there is no one public (course) at the moment . Ula: 32:14 Okay, fantastic. Once you have finalized your calendar for some public training or workshop events, where would be the best place for (finding) this info? Raymond: 32:25 I think professionally, the best way to get me is LinkedIn. Ula: 32:27 Okay Raymond: 32:29 So, Raymond Chike, LinkedIn, that's the best way to get me professionally. Ula: 32:34 I'll put your LinkedIn profile URL in the shownotes. Raymond: 32:38 Yes. I have a meetup group in Gloucestershire called the Design Thinking Squad. Ula: 32:43 Okay. Do you have a URL for that? Is it on Meetup? Raymond: 32:47 It's on meetup as well as, a group called Design Thinking Squad Gloucestershire. We did a Design Thinking Crash Course which is only about 2-3 hours. If I get a demand for it, I will arrange something. Ula: 32:59 So, anyone who's interested who probably is listening to this episode that wants to get in touch with you, the best would be your LinkedIn (profile). Okay. Wow, the time does fly when you're having fun. I've enjoyed the conversation. Raymond. Thank you so, so much for making the time. Raymond: 33:17 You are welcome. Ula: 33:18 Do you have any last word for the audience, before we wrap up? Raymond: 44:45 Yeah, I've enjoyed this conversation. Thank you as well for making this happen. I know it's been busy for me to really get the time around it but finally we made it work. We have been very adaptive and true to the nature of agile. I'd say to the listeners out there, keep your dreams alive. And… there's always a way around everything. Keep in touch. And, as I always say, the future belongs to those who learn faster. Ula: 33:54 Thanks a lot Raymond. Raymond: 33:56 Thank you so much.
In the last show of the year Robert has on a special guest (an IT Security Specialist) to discuss the large US government breech. Andrew and Robert cover the Who, What, Where, When and the How of the issue and promise to have a security conversation once a month.Because of our easy access to the internet security has become an important part of our lives though often overlooked. A concerted effort needs to be made from the highest level down to a personal level to mitigate these issues and UnWired is on the case to help break down what we need to do and how vigilant we need to be about it.
Today’s featured guest is Nakia Grayson. Nakia Grayson is a legal, privacy, and technology enthusiast with a passion for helping to educate and expose girls and women to STEM career fields. She works in the Federal Government as an IT Security Specialist. She is also a person who stutters who constantly reminds herself that no obstacle in life is too big to prevent you from reaching your goals, and each one makes you stronger. In her leisure time, she enjoys volunteering with various youth organizations, traveling, deejaying, and spending time with family and friends. I believe that there is healing in sharing and I would like to Thank Nakia for sharing her story with us. For more information on Nakia Grayson: Email: nakia05@yahoo.com LinkedIn: linkedin.com/in/nakia-grayson-b356b28 Thank you to Noah Swiderski (owner and producer of Briton Beats) for your outro music. For more information on Briton Beats, click this link: https://www.britonbeats.com/ Thank you to Epidemic Sound for the intro music. https://www.epidemicsound.com/ Thank you to Mike Russell for that voice over outro. https://musicradiocreative.com I use SquadCast for all my remote interviews. If you are interested in SquadCast, check out my link: https://squadcast.fm/?ref=pedropena Leave a rating & review on Apple Podcasts: https://itunes.apple.com/us/podcast/my-stuttering-life/id1434435654?mt=2&app=podcast For correspondence: Pedro Peña III, PO Box 1585, La Porte, Texas USA 77572
IT Security Specialist for Medical Mutual, David Wallack, describes his journey into the world of cyber security, and how the sector has inspired him to strive for greatness in all that he does. In this episode Dave discusses: 1) The value in attending Bowling Green State University 2) How Brian Krebs has influenced his skill set 3) His friend group and a video referenced during the conversation (youtu.be/lSkXushlYKc) Contact Dave: linkedin.com/in/david-wallack Follow Dream Chasers on: Spotify: open.spotify.com/show/0fqzz3iJS2uARrz4N6dlmN?si=EQrwkWIUSoSsqmKzRRXx8g Apple Podcasts: itunes.apple.com/us/podcast/dream-chasers/id1441685534?mt=2&uo=4 And Google Podcasts: https://www.google.com/podcasts?feed=aHR0cHM6Ly9hbmNob3IuZm0vcy83YTliY2IwL3BvZGNhc3QvcnNz --- Support this podcast: https://anchor.fm/dreamchasers/support
Target, Equifax, Capital One... Who's next to be the victim of a breach? Are breaches inevitable and who is really the victim when there is a breach? What can we do to stop it or, at the very least, limit our liability? Robert has a special guest who is a IT Security Specialist with over 20 years experience including assisting companies after they have been victims or cyber attacks. Let's hear what he has to say about the latest Capital One network security event.You can also read more on Andrew's blog at:https://www.brainwavecc.com/blogs/are-breaches-really-inevitable/
Héctor J. Santiago Velázquez Todos los días vemos titulares en uno u otro medio sobre los peligros de la Internet. Oímos sobre phishing, troyanos, ransomware, spambots, pornografía, casinos ilegales y fraude de todo tipo. Pero ese es más que la punta del iceberg. También hay trata de personas, secuestros, tráfico de drogas,redes terroristas, violadores, pedófilos, pederastas (porque no son lo mismo), apuestas ilegales de todo tipo, hackers, tráfico de armas, falsificaciones de todo tipo, extremismo y miles de males más. Y hay un lugar específico donde encontramos a la mayoría de estos delincuentes, se llama el dark web. Y hoy —para complacer a las decenas de oyentes que me han escrito pidiendo que abordara este tema— vamos a hablar del “dark web” o el “deep web”, porque al fin y la postre son la misma cosa. Como ustedes saben, a mi no me gusta tocar temas de los que conozco muy poco. Y este, ciertamente, entra en esa definición. ¿Y por qué no me gusta? Pues sencillo, porque no quiero lucir como un idiota. Cuando yo no sé de algo soy el primero en levantar la mano y admitirlo. Lo que nunca hago es hacerme el que sé. Porque siempre va a haber alguien escuchando —que sí sabe— y se va a dar cuenta de que uno es un ignorante. Y ese papel no lo hago yo. Bueno pues en esta ocasión hice lo que siempre hago cuando no sé de un tema: me busqué a alguien que sí supiera. Hoy tenemos en el programa al señor Héctor Santiago Velázquez, IT Security Specialist de Neptuno Networks, Y como recordarán de la semana pasada, Neptuno Networks es la compañía de servicios inalámbricos de Internet más grande del Caribe. La conversación con Santiago Velázquez no fue tan profunda o extensa como yo hubiera querido, porque la realidad es que este es un tema del que la gente conocedora no le gusta hablar demasiado. Pero con lo que hablamos fue suficiente para llegar a la conclusión de que el “dark web” no es un lugar para neófitos, tampoco es un lugar al que se pueda entrar por accidente y que lo mejor para el usuario común es mantenerse lo más lejos posible de ese mundo. ©2016, Orlando Mergal, MA_________________ El autor es Socio Fundador de Accurate Communications,Licenciado en Relaciones Públicas (R-500), Autor de másde media docena de Publicaciones de Autoayuda, Productorde Contenido Digital y Experto en Comunicación Corporativa. Inf. 787-750-0000 • 787-306-1590 Divulgación de Relación Material: Algunos de los enlaces en esta entrada son “enlaces de afiliados”. Eso significa que si le das click al enlace, y compras algo, yo voy a recibir una comisión de afiliado. No obstante, tú vas a pagar exactamente lo mismo que pagarías al visitar al comerciante directamente y de manera independiente. Además, yo sólo recomiendo productos o servicios que utilizo personalmente y que pienso que añadirán valor a mis oyentes. Al patrocinar los productos o servicios que mencionamos en Hablando De Tecnología contribuyes para que el programa continúe. Hago esta divulgación en cumplimiento con con el "16 CFR, Part 255" de la Comisión Federal De Comercio de los Estados Unidos "Guías Concernientes al uso de Endosos y Testimonios en la Publicidad". Save
![DEF CON 23 [Audio] Speeches from the Hacker Convention](https://ivyfm.s3.amazonaws.com/i320/160193.jpg)
RFIDiggity: Pentester Guide to Hacking HF/NFC and UHF RFID Francis Brown Partner - Bishop Fox Shubham Shah Security Analyst at Bishop Fox Have you ever attended an RFID hacking presentation and walked away with more questions than answers? This talk will finally provide practical guidance for penetration testers on hacking High Frequency (HF - 13.56 MHz) and Ultra-High Frequency (UHF – 840-960 MHz). This includes Near Field Communication (NFC), which also operates at 13.56 MHz and can be found in things like mobile payment technologies, e.g., Apple Pay and Google Wallet. We'll also be releasing a slew of new and free RFID hacking tools using Arduino microcontrollers, Raspberry Pis, phone/tablet apps, and even 3D printing. This presentation will NOT weigh you down with theoretical details or discussions of radio frequencies and modulation schemes. It WILL serve as a practical guide for penetration testers to better understand the attack tools and techniques available to them for stealing and using RFID tag information, specifically for HF and UHF systems. We will showcase the best-of-breed in hardware and software that you'll need to build an RFID penetration toolkit. Our goal is to eliminate pervasive myths and accurately illustrate RFID risks via live attack DEMOS: High Frequency / NFC – Attack Demos: HF physical access control systems (e.g., iCLASS and MIFARE DESFire 'contactless smart card' product families) Credit cards, public transit cards, passports (book), mobile payment systems (e.g., Apple Pay, Google Wallet), NFC loyalty cards (e.g., MyCoke Rewards), new hotel room keys, smart home door locks, and more Ultra-High Frequency – Attack Demos: Ski passes, enhanced driver's licenses, passports (card), U.S. Permanent Resident Card ('green card'), trusted traveler cards Schematics and Arduino code will be released, and 100 lucky audience members will receive one of a handful of new flavors of our Tastic RFID Thief custom PCB, which they can insert into almost any commercial RFID reader to steal badge info or use as a MITM backdoor device capable of card replay attacks. New versions include extended control capabilities via Arduino add-on modules such as Bluetooth low energy (BLE) and GSM/GPRS (SMS messaging) modules. This DEMO-rich presentation will benefit both newcomers to RFID penetration testing as well as seasoned professionals. Francis Brown, CISA, CISSP, MCSE, is a Managing Partner at Bishop Fox (formerly Stach & Liu), a security consulting firm providing IT security services to the Fortune 1000 and global financial institutions as well as U.S. and foreign governments. Before joining Stach & Liu, Francis served as an IT Security Specialist with the Global Risk Assessment team of Honeywell International where he performed network and application penetration testing, product security evaluations, incident response, and risk assessments of critical infrastructure. Prior to that, Francis was a consultant with the Ernst & Young Advanced Security Centers and conducted network, application, wireless, and remote access penetration tests for Fortune 500 clients. Francis has presented his research at leading conferences such as Black Hat USA, DEF CON, RSA, InfoSec World, ToorCon, and HackCon and has been cited in numerous industry and academic publications. Francis holds a Bachelor of Science and Engineering from the University of Pennsylvania with a major in Computer Science and Engineering and a minor in Psychology. While at Penn, Francis taught operating system implementation, C programming, and participated in DARPA-funded research into advanced intrusion prevention system techniques. Shubham Shah is a Security Analyst at Bishop Fox (formerly Stach & Liu), a security consulting firm providing IT security services to the Fortune 500, global financial institutions, and high-tech startups. Shubham's primary areas of expertise are application security assessment, source code review, and mobile application security. Shubham is a former bug bounty hunter who has submitted medium-high risk bugs to the bug bounties of large corporations such as PayPal, Facebook, and Microsoft. He regularly conducts web application security research and frequently contributes to the security of open-source projects. He has presented at Ruxcon and is known in Australia for his identification of high-profile vulnerabilities in the infrastructures of major mobile telecommunication companies. Prior to joining Bishop Fox, Shubham worked at EY. At EY, he performed web application security assessments and application penetration tests. Additionally, Shubham has been a contractor for companies such as Atlassian. As a contractor, he conducted external web application security penetration tests. Shubham also develops and maintains open-source projects such as Websec Weekly that assist the web application security industry. Twitter: @bishopfox Facebook: https://www.facebook.com/BishopFoxConsulting LinkedIn: https://www.linkedin.com/company/bishop-fox
On this episode I attempted my first Skype interview with Randy Dutchak who is in Vancouver. Randy is an IT Security Specialist with a green thumb. Please share my podcast and enjoy :)
© 2020-2025 Ivy Podcast Discovery LLC
