Podcasts about sans institute

GitHub confirms a breach tied to a malicious VS Code extension. Anthropic fights a Pentagon blacklist as the White House weighs new AI security rules. Drupal scrambles to patch a critical flaw. Cisco Talos tracks the evolution of BadIIS malware-for-hire. Signal adds anti-phishing safeguards, Microsoft cracks down on malware-signing services, and China says foreign spies hijacked domestic routers for phishing operations. Wireless carriers collaborate to kill dead zones. Our guest is Rob T. Lee, Chief AI Officer, Chief of Research, SANS Institute, discussing The Cloud Security Alliance's “AI Vulnerability Storm” report. A book about misinformation contains helpful examples. Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you'll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest Today we are joined by Rob T. Lee, Chief AI Officer, Chief of Research, SANS Institute, sharing Cloud Security Alliance's The “AI Vulnerability Storm”: Building a “Mythos-ready” Security Program. Selected Reading GitHub confirms breach of 3,800 repos via malicious VSCode extension (Bleeping Computer) Trump AI executive order seeks early government access to frontier models (Axios) DC Circuit slams Pentagon blacklisting of Anthropic as overreach (Courthouse News Service) Drupal Issues Urgent Warning for Highly Critical Core Vulnerability (Beyond Machines) From PDB strings to MaaS: Tracking a commodity BadIIS ecosystem used by Chinese-speaking threat (Cisco Talos) Signal adds security warnings for social engineering, phishing attacks (Bleeping Computer) Disrupting Fox Tempest: A cybercrime service that turned “verified” software into a pathway for ransomware (Microsoft)   China's state security authorities uncover foreign agency using domestic routers as cyberattack proxies; users notice only slower speeds (Global Times) ‘The Future of Truth' Contains Quotes Made Up by A.I. (The New York Times) Share your feedback. What do you think about CyberWire Daily? Please take a few minutes to share your thoughts with us by completing our brief listener survey. Thank you for helping us continue to improve our show. Want to hear your company in the show? N2K CyberWire helps you reach the industry's most influential leaders and operators, while building visibility, authority, and connectivity across the cybersecurity community. Learn more at sponsor.thecyberwire.com. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices

In this episode, we chat with Brian Correia, Director of Business Development for GIAC at SANS Institute, from Washington, D.C. We discuss cybersecurity certifications, workforce development, enterprise security challenges, AI in cyber defense, and how professionals can stay ahead in the rapidly evolving cybersecurity landscape.More info at https://smartcherrysthoughts.com

On this week's Security Sprint, Dave and Andy covered the following topics:Opening:• TribalHub Regional Tribal Technology Forums• WaterISAC H2OSecCon 2026. Virtual Event: 02 Jun, 11am-5pm ET Overview, Registration, Agenda, Speakers• Offensive AI: What Red Teams and Attackers are Doing Now - Gate 15Main Topics:Vercel April 2026 security incident Vercel 20 Apr 2026. Vercel said it identified unauthorized access to certain internal systems and initially found a limited subset of customers whose credentials were compromised. The company said the incident originated with a compromise of Context.ai, a third-party AI tool used by a Vercel employee, which then enabled takeover of that employee's Google Workspace account and access to some Vercel environments and non-sensitive-marked environment variables. Vercel said services remain operational, law enforcement has been notified, and customers who were not contacted are not currently believed to have had credentials or personal data compromised. Vercel is a cloud platform used for frontend hosting, serverless functions, and deploying websites, particularly those built with React or Next.js. It enables developers to easily build high-performance, edge-optimized applications. Key features include automatic Git integrations (CI/CD) for instant deployments, preview environments, and edge storage. • Vercel confirms breach as hackers claim to be selling stolen data • Breaking: Vercel Breach Linked to Infostealer Infection at Context.ai • Vercel's security breach started with malware disguised as Roblox cheatsWiz: 80% of cloud breaches are caused by basic mistakes - IT Pro - 13 Apr 2026 IT Pro reports that Wiz Threat Research found most cloud breaches in 2025 were driven by familiar security mistakes rather than entirely new vulnerability classes, with AI expanding the places where known risks can appear. The article frames the problem around scale, shared trust, and increasingly complex cloud and AI environments rather than exotic attack novelty. Target is cloud security teams, platform engineers, and enterprise risk leaders with Dig highlighting that basic exposure management, identity control, and configuration discipline remain the decisive factors in many modern cloud compromises. Fire As An Act Of Sabotage Guidance UK National Protective Security Authority 25 Sep 2024. The NPSA guidance outlines how to mitigate the risk of deliberate fire-setting used as sabotage against premises and infrastructure that may be attractive targets. Although not new, it remains operationally useful because it provides protective security and risk management guidance for owners and operators responsible for physical sites and critical functions. The relevance is heightened in an environment where sabotage, arson, and hybrid disruption are increasingly discussed alongside state and extremist threat models. From tabletop reality 10 gaps executive cyber exercises consistently reveal - SANS Institute - 2026 This analysis identifies recurring gaps observed during executive cyber exercises, including communication breakdowns and decision-making delays. It highlights the importance of realistic training scenarios to improve organizational readiness. The findings provide actionable insights for strengthening incident response at the leadership level. • Critical infrastructure resilience escalated threat navigation initiative - Canadian Centre for Cyber Security • Preparing for severe cyber threat why leaders must act now - NCSC UK • CISO Survey 2026: The State of Incident Response Readiness Quick Hits:• The State of Ransomware in Q1 2026 - Emsisoft • Safeguarding Our Data, Intellectual Property, and Technology from Non-traditional Collectors

In Episode 102 of the Cybersecurity Readiness Podcast Series, Dr. Dave Chatterjee is joined by Chris Cochran—Field CISO and VP of AI Security at the SANS Institute, and a veteran of the U.S. Marine Corps, NSA, and U.S. Cyber Command—to examine how artificial intelligence is fundamentally rewriting the cybersecurity threat model, and whether security leaders are evolving fast enough to keep pace.From the rapid and largely ungoverned adoption of AI across enterprises, to the collapse of traditional threat modeling assumptions, to the rise of autonomous agentic systems operating without human intervention, the episode surfaces a stark reality: AI is no longer a future risk—it is an active, present-tense governance challenge that most organizations are still approaching reactively.Framed through Dr. Chatterjee's Commitment–Preparedness–Discipline (CPD) lens, the conversation delivers a clear and urgent message: security leaders must establish AI asset visibility, embed security into AI deployment from the start, and build disciplined governance structures before the next wave of AI-enabled attacks makes the cost of inaction catastrophic.To access and download the entire podcast summary with discussion highlights - https://www.dchatte.com/episode-102-ai-is-rewriting-the-threat-model-are-security-leaders-keeping-up/Connect with Host Dr. Dave ChatterjeeLinkedIn: https://www.linkedin.com/in/dchatte/ Website: https://dchatte.com/Books PublishedThe DeepFake ConspiracyCybersecurity Readiness: A Holistic and High-Performance ApproachArticles & Cases PublishedChatterjee, D. (2026). Root: Automating the Remediation Gap, Ivey Publishing, Jan 7, 2026.Ramasastry, C. and Chatterjee, D. (2025). Trusona: Recruiting For The Hacker Mindset, Ivey Publishing, Oct 3, 2025.Chatterjee, D. and Leslie, A. (2024). “Ignorance is not bliss: A human-centered whole-of-enterprise approach to cybersecurity preparedness,” Business Horizons, Accepted on Oct 29, 2024.Isik, O., Chatterjee, D., and Lourenco, D.A. (2024). “Getting Cybersecurity Right,” California Management Review — Insights, Accepted for Publication, July 8, 2024. Chatterjee, D. (2023). “Mission critical – How American Cancer Society successfully and securely migrated to the cloud amid the pandemic,” I by IMD, March 13, 2023.Chatterjee, D. (2022). “Preventing security breaches must start at the top,” I by IMD, September 28, 2022, Institute for Management Development, Lausanne, SwitzerlandChatterjee, D. (2022). “Making Cybersecurity Readiness Mainstream,” Executive Blog Post, NETSPI, March 1, 2022Benz, M. and Chatterjee, D. (2020). “Calculated Risk? A Cybersecurity Evaluation Tool for SMEs,” Business Horizons, available online from May 4, 2020Chatterjee, D. (2019). “Should Executives Go To Jail Over Cyber Attacks,” Journal of Organizational Computing and Electronic Commerce, Vol 29, Issue 1, pp. 1-3.Abraham, C., Chatterjee, D., and Sims, R. (2019). “Muddling through cybersecurity: Insights from the U.S. healthcare industry,” Business Horizons, July 2019.

Why Security Teams Are Being Asked to Do Three New Jobs - and What to Do About ItGuest: Rob Lee, Chief AI Officer and Chief of Research at SANS InstituteHost: Seth Earley, CEO at Earley Information SciencePublished on: March 27, 2026In this episode, Seth Earley speaks with Rob Lee, Chief AI Officer and Chief of Research at SANS Institute, about why AI governance is broken in most organizations - and what it actually takes to fix it. They explore why security teams are being asked to simultaneously govern, adopt, and defend AI, why the default framework of no is driving shadow IT rather than preventing risk, and what a practical reset of AI governance actually looks like. Rob also shares why agents should be treated like workers rather than software, and why executives cannot afford to outsource their understanding of AI to anyone else.Key Takeaways:Security teams are now being asked to do three new jobs at once - evaluate AI tools for the organization, drive their own AI transformation, and manage governance and regulatory compliance.The default framework of no does not prevent AI use - it drives it underground, creating shadow IT that is far harder to monitor and control than sanctioned tools.Governance needs a stoplight model - green means experiment freely, yellow means involve security as a lifeguard, red means stop - with the default answer being yes unless there is a clear reason to say no.AI governance documents written before generative AI arrived are already outdated - most say nothing about agentic workflows, human-in-the-loop requirements, or connector permissions.Agents should be treated like workers, not software - they reason, improvise, and operate 24-7, which means they require the same zero-trust principles, oversight structures, and ethical guardrails as human employees.Executives cannot outsource their understanding of AI to security teams - AI literacy at the C-suite level is a competitive requirement, not an optional capability.Good governance is not about documenting every possible bad outcome - it is about establishing overarching goals and building a culture of trust with enough guardrails to prevent the truly stupid risks.Insightful Quotes:"The framework security teams are using is a framework of no. And that framework of no is causing people to use AI secretly, regardless of what the security team says." - Rob Lee"An agent in the future - and some organizations are already treating it this way - is a worker. Everything you ask about governing agents, replace that with a human who just got hired. The same rules apply." - Rob Lee"You can't automate what you don't understand - and with agents, the stakes are even higher. An agentic mistake isn't a wrong paragraph, it's a blocked critical system." - Seth EarleyTune in to discover how security and executive leaders can move from a governance posture of restriction to one that enables innovation, manages real risk, and keeps organizations competitive in the age of agentic AI.Links:LinkedIn: https://www.linkedin.com/in/leerob/Website: https://www.sans.orgSponsor: Vector - https://www.vktr.com/ Thanks to our sponsors:VKTREarley Information ScienceAI Powered Enterprise Book

Show Notes For ten years, Ed Skoudis has curated one of the most anticipated sessions at RSAC Conference: SANS' "Five Most Dangerous New Attack Techniques: Crucial Tips for Defenders." The session has always been a hit -- standing room only on the main stage -- but this year, Ed says something has changed. Not one or two topics with an AI component. All five. Ed is deliberate about how the session comes together. He starts with people, not topics. He builds the panel around SANS instructors who bring front-line insight, and he starts the process six months out. This year's panel features returning panelist Heather Mahalik, Rob Teeley back for his second year, Joshua Wright in his second year -- this time carrying two topics and eight minutes instead of six -- and, making his first appearance on this stage, Robert M. Lee of Dragos, one of the world's foremost voices on ICS and OT security. The addition of "Crucial Tips for Defenders" to the title this year was intentional. Ed pushed every panelist to move beyond naming threats and toward prescribing action -- practical, implementable steps that a CISO can hand down and a practitioner can execute the next morning. For topics where prevention is impossible, the mandate shifted to detection and response. SANS publishes session notes to their website within minutes of the talk ending. The backdrop this year is a warning Ed calls unlike anything in his 30 years of attending RSA and DEF CON. At a recent AI cybersecurity conference in San Francisco, presenters from Google and Anthropic outlined what Google termed the "vuln apocalypse" -- an imminent surge in AI-discovered zero-day vulnerabilities at a scale and pace that patching pipelines are not designed to handle. Ed's own team at Counter Hack has already experienced this firsthand: a frontier AI model identified a critical zero-day in a widely used open source project in a matter of hours. The Anthropic presenter's claim was blunt: within months, AI will surpass all human vulnerability researchers combined. All of this lands at the center of what the RSAC session is designed to address -- not as a theoretical exercise, but as a set of actions defenders can take right now. The session runs Tuesday, March 24th at 3:55 PM on the main stage, with an interactive follow-on session Wednesday morning where attendees can go deeper with individual panelists. For anyone who wants to understand where the threat landscape is actually heading and what to do about it, Ed says this is the year you cannot afford to miss it. Guest Ed Skoudis, President, SANS Technology Institute; Founder & CEO, Counter Hack | On LinkedIn: https://www.linkedin.com/in/edskoudis Host Sean Martin, Co-Founder at ITSPmagazine, Studio C60, and Host of Redefining CyberSecurity Podcast & Music Evolves Podcast | Website: https://www.seanmartin.com/ Resources SANS Institute | https://www.sans.org RSA Conference 2026 is taking place April 28 - May 1, 2026 | Moscone Center, San Francisco -- Follow our coverage: https://www.itspmagazine.com/rsac-2026-conference-san-francisco-usa-cybersecurity-event-infosec-conference-coverage The Future of Cybersecurity Newsletter | https://www.linkedin.com/newsletters/7108625890296614912/ More Redefining CyberSecurity Podcast episodes | https://www.seanmartin.com/redefining-cybersecurity-podcast Redefining CyberSecurity Podcast on YouTube | https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYq Keywords ed skoudis, sean martin, sans institute, sans technology institute, counter hack, rsac 2026, rsa conference, five most dangerous attack techniques, ai in cybersecurity, vulnerability research, zero-day vulnerabilities, patch management, penetration testing, defender tips, ics security, ai-powered attacks, redefining cybersecurity, cybersecurity podcast, redefining cybersecurity podcast Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Show Notes For ten years, Ed Skoudis has curated one of the most anticipated sessions at RSA Conference: SANS' "Five Most Dangerous New Attack Techniques: Crucial Tips for Defenders." The session has always been a hit -- standing room only on the main stage -- but this year, Ed says something has changed. Not one or two topics with an AI component. All five. Ed is deliberate about how the session comes together. He starts with people, not topics. He builds the panel around SANS instructors who bring front-line insight, and he starts the process six months out. This year's panel features returning panelist Heather Mahalik, Rob Teeley back for his second year, Joshua Wright in his second year -- this time carrying two topics and eight minutes instead of six -- and, making his first appearance on this stage, Robert M. Lee of Dragos, one of the world's foremost voices on ICS and OT security. The addition of "Crucial Tips for Defenders" to the title this year was intentional. Ed pushed every panelist to move beyond naming threats and toward prescribing action -- practical, implementable steps that a CISO can hand down and a practitioner can execute the next morning. For topics where prevention is impossible, the mandate shifted to detection and response. SANS publishes session notes to their website within minutes of the talk ending. The backdrop this year is a warning Ed calls unlike anything in his 30 years of attending RSA and DEF CON. At a recent AI cybersecurity conference in San Francisco, presenters from Google and Anthropic outlined what Google termed the "vuln apocalypse" -- an imminent surge in AI-discovered zero-day vulnerabilities at a scale and pace that patching pipelines are not designed to handle. Ed's own team at Counter Hack has already experienced this firsthand: a frontier AI model identified a critical zero-day in a widely used open source project in a matter of hours. The Anthropic presenter's claim was blunt: within months, AI will surpass all human vulnerability researchers combined. All of this lands at the center of what the RSAC session is designed to address -- not as a theoretical exercise, but as a set of actions defenders can take right now. The session runs Tuesday, March 24th at 3:55 PM on the main stage, with an interactive follow-on session Wednesday morning where attendees can go deeper with individual panelists. For anyone who wants to understand where the threat landscape is actually heading and what to do about it, Ed says this is the year you cannot afford to miss it. Guest Ed Skoudis, President, SANS Technology Institute; Founder & CEO, Counter Hack | On LinkedIn: https://www.linkedin.com/in/edskoudis Host Sean Martin, Co-Founder at ITSPmagazine, Studio C60, and Host of Redefining CyberSecurity Podcast & Music Evolves Podcast | Website: https://www.seanmartin.com/ Resources SANS Institute | https://www.sans.org RSA Conference 2026 is taking place April 28 - May 1, 2026 | Moscone Center, San Francisco -- Follow our coverage: https://www.itspmagazine.com/rsac-2026-conference-san-francisco-usa-cybersecurity-event-infosec-conference-coverage The Future of Cybersecurity Newsletter | https://www.linkedin.com/newsletters/7108625890296614912/ More Redefining CyberSecurity Podcast episodes | https://www.seanmartin.com/redefining-cybersecurity-podcast Redefining CyberSecurity Podcast on YouTube | https://www.youtube.com/playlist?list=PLnYu0psdcllS9aVGdiakVss9u7xgYDKYq Keywords ed skoudis, sean martin, sans institute, sans technology institute, counter hack, rsac 2026, rsa conference, five most dangerous attack techniques, ai in cybersecurity, vulnerability research, zero-day vulnerabilities, patch management, penetration testing, defender tips, ics security, ai-powered attacks, redefining cybersecurity, cybersecurity podcast, redefining cybersecurity podcast Hosted by Simplecast, an AdsWizz company. See pcm.adswizz.com for information about our collection and use of personal data for advertising.

Cyberattacks that used to take months now take minutes. And your defenders still can't keep up.Rob T. Lee, Chief AI Officer of the SANS Institute, and David A. Bray, Chair of the Accelerator at the Stimson Center, explain why AI gives attackers a structural advantage. Attackers don't care if their AI breaks something. Your security team can't take that risk. That asymmetry changes everything.✅ You'll discover:✅ Why attackers will always remove the human in the loop faster than defenders can, and the risk calculus that creates✅ How "death by 1,000 cuts" works: $300 per person times 10,000 targets via SIM farms equals a single ransomware payout✅ The federated learning approach that lets organizations share threat intelligence without exposing their own data or vulnerabilities✅ Why hackers are exploiting AI hallucinations by writing real code libraries for packages that models reliably hallucinate✅ How to identify the right cybersecurity talent: hire for learning velocity and the "fiddling mindset," not static AI credentials✅ Why boards must stop treating cybersecurity as prevention and start rewarding rapid detection and response✅ The pre-compute vs. post-compute distinction for AI agent safety that most executives are missing entirely✅ When autonomous cyber defense will actually be viable (hint: think pilotless planes and robotic surgeons)⏱️ TIMESTAMPS0:00 AI has made "death by 1,000 cuts" attacks scalable0:39 Why the AI security lifecycle matters now2:27 Military history lessons for cyber defense strategy5:00 Federated learning: sharing threat intelligence without exposing data6:48 How incident response must evolve for AI-speed attacks8:05 The human-in-the-loop dilemma: defenders vs. attackers11:37 Distraction attacks: coordinated multi-target campaigns15:37 Autonomous agents as a new attack surface19:44 Hackers weaponizing AI hallucinations against developers22:23 Development velocity as the real "swarm" capability24:20 Perverse incentives: why stopping an attack still counts as failure27:09 Your personal attack surface grew from 3 devices to 5031:22 Protecting AI tool chains from becoming prime targets34:25 Hackathons as the future of cybersecurity hiring36:53 Patterns of life: instrumenting your enterprise for anomaly detection38:18 When will we trust AI defenders without human oversight?41:09 Pre-compute vs. post-compute: where AI agent safety rules must live46:45 AI trust, hallucinations, and prompt injection as information warfare51:42 Building security culture: leadership, not blame

On this episode of The Cybersecurity Defenders Podcast, we speak with Chris Cochran, Field CISO & Vice President of AI Security at SANS Institute, about how to navigate the future of AI risk and security strategyChris works at the intersection of cyber defense, AI safety, and emerging risk, where the threats are converging and the playbooks are still being written. His career has taken him from the Marine Corps to NSA, U.S. Cyber Command, the U.S. House of Representatives, Mandiant, and Netflix. Across every role, one throughline: understanding adversaries, building high-trust teams, and translating complex problems into strategies leaders can act on.Today, Chris advises organizations, governments, and research institutions on AI governance, agentic threat preparedness, and unifying safety and security into a single discipline. He contributes to global standards efforts including the EU AI Act (via OWASP AI) and leads executive education on cybersecurity and AI strategy at SANS.Support our show by sharing your favorite episodes with a friend, subscribe, give us a rating or leave a comment on your podcast platform. This podcast is brought to you by LimaCharlie, maker of the SecOps Cloud Platform, infrastructure for SecOps where everything is built API first. Scale with confidence as your business grows. Start today for free at limacharlie.io

In this episode of The New CISO, host Steve Moore speaks with Dean Sapp, CISO and Data Protection Officer at Filevine, about one of security's most critical yet overlooked skills—written communication. Drawing from a brutal college English class that failed students for a single typo and over 20 years building security programs in the legal tech industry, Dean reveals why the ability to articulate security findings clearly separates average professionals from exceptional leaders who drive real business impact.After abandoning architecture when he learned it would take six years to become licensed, Dean leveraged his dual skills in computer-aided drafting and IT to launch a career at Novell, eventually earning nine certifications in two years and a master's degree from SANS Institute. His background in design thinking shapes how he approaches security program development—viewing it like building a structure that requires solid foundations, functional systems, and even window dressing like SOC 2 compliance.After interviewing over 100 candidates for SOC positions, Dean identifies the biggest missing skill as the inability to translate security findings into business language executives understand and act upon. He introduces the BLUF (Bottom Line Up Front) principle from military communications, explaining why security professionals have roughly eight seconds to capture executive attention. Dean champions radical transparency through simple frameworks—using stoplight systems or report card grades to communicate security posture, deliberately giving his own program failing marks in areas needing improvement to build trust.Dean tackles operational communication breakdowns that create real security risk, emphasizing mandatory peer review before escalating incidents. This two-person rule dramatically improves report quality while reducing false positives that waste senior leadership time. He shares how this high-standards approach helped Filevine achieve best-in-class cyber insurance rates, with underwriters calling their security program superior to any SaaS provider they'd evaluated. Drawing on Erik Durschmied's "The Hinge Factor," he illustrates how small communication failures doom missions—just as cavalry troops charging cannons failed because not one rider carried the nails and hammer needed to disable them.Throughout the discussion, Dean emphasizes holding yourself to impossibly high standards so that external auditors find you excellent. He advocates for brutal honesty about program gaps, documenting accepted risks clearly, and using tools like Grammarly Premium to improve writing quality. His philosophy combines military precision, architectural thinking, and pedagogical discipline—all in service of making security programs that actually work rather than just looking good on paper.Key Topics Discussed:* Why written communication is security's most critical missing skill* BLUF (Bottom Line Up Front): Capturing executive attention in 8 seconds* Using stoplight or report card systems for transparent board reporting* Giving your security program honest grades to build executive trust* Mandatory peer review before escalation to reduce false positives* How Filevine achieved best-in-class cyber insurance rates* The two-person rule for improving incident report quality* Lessons from "The Hinge Factor" about preparation and tools* Holding impossibly high standards so external auditors find you excellent* Translating technical findings into business impact languageLEARN MORE:

This week on Defender Fridays, John Hubbard, SANS Institute Cyber Defense Curriculum Lead, discusses the future of security operations and what it means for SOC leaders today. We'll be talking about:Building continuous improvement into SOC leadershipCurrent vendor and product trends shaping security operationsAI's real impact on SOC jobs and operationsFew instructors combine real-world security operations center (SOC) leadership, curriculum design, and frontline defense experience like John Hubbard. As a Senior Instructor at the SANS Institute, author of SANS SEC450: SOC Analyst Training – Applied Skills for Cyber Defense Operations, and co-author of SANS LDR551: Building and Leading Security Operations Centers, John translates years of frontline SOC leadership into practical lessons students can immediately apply. His courses give participants more than technical knowledge—they build the skills and judgment that ensure professionals thrive in modern security operations.At Defender Fridays, we delve into the dynamic world of information security, exploring its defensive side with seasoned professionals from across the industry. Our aim is simple yet ambitious: to foster a collaborative space where ideas flow freely, experiences are shared, and knowledge expands.Join us every Friday at 10:30am PT for live, interactive discussions with industry experts. Whether you're a seasoned professional or just curious about the field, these sessions offer an engaging dialogue between our guests, hosts, and you – our audience. Register here: https://limacharlie.io/defender-fridaysSubscribe to our YouTube channel and hit the notification bell to never miss a live session or catch up on past episodes on our website!This episode is brought to you by LimaCharlie, the world's first SecOps Cloud Platform (SCP). Build and customize your security stack like "lego blocks" with our flexible, API-first solution.Eliminate vendor sprawl and tool complexityDeploy and scale effortlessly on native multi-tenant architectureReduce costs with intelligent data routing and free 1-year retentionBuild custom solutions with 100+ security capabilities on-demandImprove response times with automation and real-time capabilitiesTry the SecOps Cloud Platform free: https://limacharlie.ioHost: Maxime Lamothe-Brassard - Founder at LimaCharlie

In this episode, Corey LeBleu, a veteran penetration tester, shares a raw and intense story from his early days in offensive security. Corey walks through a social engineering engagement that took a sharp turn, from being closely watched by a security guard to receiving the call that changed everything. What followed was a confrontation with authority, handcuffs, and a moment that forced him to confront the legal and emotional consequences of impersonation.Through honest storytelling, Corey reflects on the pressure of physical security testing, the thin line between authorization and trouble, and the lessons he carried forward in his career. This episode serves as a cautionary tale about understanding boundaries, respecting authority, and the unseen risks behind revealing what's hidden.00:00 Introduction to Corey LeBleu and His Journey03:34 Corey's Early Career and Learning Path06:34 The Role of Mentorship in Pen Testing09:19 Experiences in Social Engineering and Physical Pen Testing12:22 The Handcuff Incident: A Lesson in Risk15:12 Transitioning to Web Application Pen Testing18:01 The Evolution of Pen Testing Practices20:48 The Impact of AI on Pen Testing23:42 The Future of Pen Testing and Learning for Beginners26:28 Navigating Active Directory and Pen Testing Tools27:35 Essential Training for Web App Pen Testing30:34 Advice for Aspiring Pen Testers32:30 Exploring AI and Learning Resources37:05 Personal Interests and Hobbies39:17 Living in Austin and Local Music SceneSYMLINKS[LinkedIn] – https://www.linkedin.com/in/coreylebleu/Primary platform Corey recommends for connecting with him professionally.[Relic Security] – https://www.relixsecurity.com/Cybersecurity consulting firm founded and run by Corey LeBleu, focused primarily on web application penetration testing and offensive security work.[PortSwigger Academy] – https://portswigger.net/web-securityA free and advanced online training platform for web application security, created by the makers of Burp Suite. Recommended by Corey as one of the best learning resources for modern web app pentesting.[Burp Suite] – https://portswigger.net/burpA widely used web application security testing tool. Corey emphasizes learning Burp Suite as a core skill for anyone entering web app penetration testing.[OWASP Juice Shop] – https://owasp.org/www-project-juice-shop/An intentionally vulnerable web application created by OWASP for learning and practicing web security testing.[OWASP – Open Web Application Security Project] – https://owasp.orgA global nonprofit organization focused on improving software security. Corey previously ran an OWASP project and references OWASP tools and resources throughout his career.[SANS Institute] – https://www.sans.orgA major cybersecurity training and certification organization, referenced in relation to early penetration testing education and the high cost of formal training.[Hack The Box] – https://www.hackthebox.comAn online platform for practicing penetration testing skills in simulated environments.[PromptFoo] – https://promptfoo.devA tool for testing, evaluating, and securing LLM prompts. Mentioned in the context of prompt injection and AI security experimentation.[PyTorch] – https://pytorch.orgAn open-source machine learning framework widely used for deep learning and AI research. Corey mentions it as part of his learning path for understanding how LLMs work.[Hugging Face] – https://huggingface.coAn AI platform providing open-source models, datasets, and tools for machine learning and LLM experimentation.

Hello folks, welcome to another Sans episode with Jared Rimer.Today, we have Ouch, the newsletter for January 2026. In it, it talks about technical support scams. I've even heard some discussion on other podcasts including Scam Squad, so this means that they're back with a vengeance. The problem is, they don't use the same tactics, techniques and procedures they used to. While the example herein is a popup from a website, it may arrive in an unsolicited text message, or even on social media. I don't think it has hit social media yet, but it could go there, so just be on the lookout.We have headings that are within the newsletter. They include: How a “Helpful” Call Turned Costly What Are Tech Support Scams? What Are They After? How These Scams Work How to Protect Yourself Final Thoughts Each section listed above has something for you, and of course the newsletter is now part of San's podcast series. Here are other links you'll need. Here is a link to the Ouch Podcast on Sans Institute's web site Fake Tech Support: The Only Thing They're Fixing Is Your Bank Account written by Jennifer Cox Thanks so much for listening, and make it a great day!

The real edge in cybersecurity isn't found in new tools, it's built through timeless fundamentals and a mindset that never stops learning. In this episode, Ron sits down with Rich Greene, Senior Solutions Engineer and Instructor at SANS Institute, to uncover how true cyber value starts with skills, curiosity, and mindset. Rich shares his remarkable story of surviving a battlefield injury, retraining his brain, and how that journey shaped his approach to mastering cybersecurity. Together, they connect real-world lessons like the recent Discord breach to the core truth that even advanced systems depend on people who master the basics. Impactful Moments 00:00 - Introduction 02:00 - Discord breach and third-party risk 05:00 - Meet Rich Greene from SANS 06:00 - The power of mastering fundamentals 07:00 - Learning how to learn 08:30 - Rich's story of rebuilding his memory 11:00 - Forcing the brain to grow stronger 12:00 - Top skills that get you paid 14:00 - Skills that lead to fulfillment 16:00 - Fundamentals that fuel long-term success 17:00 - The OSI model decoded 20:00 - Why operating systems matter 21:00 - Security operations fundamentals 23:00 - Why cloud is the #1 must-learn skill 25:00 - Final advice: sharpen your fundamentals   Links Connect with our Rich on LinkedIn: https://www.linkedin.com/in/secgreene/ Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/  

The Netflix documentary, Unknown Number: The High School Catfish, has exposed the ease with which people can anonymously target, harass, and threaten individuals online. October is Cybersecurity Awareness Month, an important time to understand the ways in which seemingly common technology can be weaponized against us. Head of Faculty at SANS Institute, Heather Barnhart, provides her expertise on digital forensics and later details her own experience with digital harassment as well. Follow Emily on Instagram: @realemilycompagno If you have a story or topic we should feature on the FOX True Crime Podcast, send us an email at: truecrimepodcast@fox.com Learn more about your ad choices. Visit podcastchoices.com/adchoices

Navigating the Complex Landscape of AI and Cybersecurity: A Conversation with Rob T. Lee In this weekend edition of Cybersecurity Today, host Jim Love interviews Rob T. Lee, the Chief AI Officer and Chief of Research at the SANS Institute. They discuss the intersection of AI, education, and security, highlighting the dual nature of AI as both a transformative technology with immense benefits and as a significant security risk. Rob shares his insights on how organizations can mitigate these risks by adopting a 'yes' framework towards AI, fostering a culture of learning and experimentation, and acknowledging the vulnerabilities and knowledge gaps in the field. He emphasizes the importance of community engagement, practical learning, and the role of AI champions in driving innovation while maintaining security. Throughout the conversation, they address the challenges of implementing AI governance and explore the need for continual adaptation in the fast-evolving tech landscape. 00:00 Introduction and Guest Introduction 00:25 AI: Potential and Risks 01:26 Business vs. Security 03:36 Rob's Background and Experience 05:18 The Role of Practitioners in SANS 08:46 Governance and Security Challenges 17:13 The Crisis of Competency in AI 25:03 Encouraging Hands-On Learning 30:41 The Importance of Executive Involvement 33:49 The Problem with Security and Shadow AI 34:05 The Consequences of Shadow AI 34:52 Evaluating and Banning AI Tools 36:48 The Role of Executives in AI Adoption 40:04 Learning and Adapting to AI 42:47 The Importance of Community and Vulnerability 51:19 Practical Steps for AI Governance 58:47 Final Thoughts and Resources

With quantum computers threatening to compromise today's encryption in just a few years, businesses around the world are working to audit and remediate their exposure. Global bank Santander bank began its quantum computing audit program by first acknowledging a core problem: they didn't actually know what cryptography they were using across their systems. To address this, Santander Global Tech head of quantum tech Mark Carney told a recent SANS Institute conference, the bank launched a discovery exercise, mapping out cryptographic assets and aligning them with evolving standards. They partnered with Microsoft and GitHub to extend CodeQL, enabling static code analysis that could identify weak or outdated cryptography hidden in code, despite variations in naming and APIs. In parallel, they built dynamic monitoring tools using eBPF, which allowed them to tap into network traffic, extract cipher suites, handshake details, and key usage, and then aggregate the data. This revealed, for example, that about a quarter of traffic in their lab environment was already negotiating hybrid post quantum computing (PQC) connections. You can listen to all of the Quantum Minute episodes at https://QuantumMinute.com. The Quantum Minute is brought to you by Applied Quantum, a leading consultancy and solutions provider specializing in quantum computing, quantum cryptography, quantum communication, and quantum AI. Learn more at https://AppliedQuantum.com.

In this episode of Resilient Cyber, I sit down with the SANS Institute's Chief of Research (COR) & Chief AI Officer (CAIO), Rob T. Lee to discuss AI's impact on cybersecurity and the workforce. We will discuss SANS Critical AI Security Guidelines, the opportunities and obstacles AI presents for cybersecurity, and how practitioners should navigate AI's impact on the workforce.

A new bill in the House aims to expand federal workforce access to AI Training. But with AI coming in many different forms and functions depending on particular positions and missions, agencies may be asking "AI Training for what?" Here with some suggestions about how to prioritize training strategies is the Director of Emerging Security Trends at the SANS Institute, John Pescatore.See Privacy Policy at https://art19.com/privacy and California Privacy Notice at https://art19.com/privacy#do-not-sell-my-info.

Our feature guest this week is Rob Lee, Chief of Research and Chief AI Officer at SANS Institute, interviewed by Frank Victory. News from United Airlines, Brad Feld, Swimlane, Lares, Red Canary, Ping Identity and a lot more! Come join us on the Colorado = Security Slack channel to meet old and new friends. Sign up for our mailing list on the main site to receive weekly updates - https://www.colorado-security.com/. If you have any questions or comments, or any organizations or events we should highlight, contact Alex and Robb at info@colorado-security.com This week's news: And the Rhino's Name Is... New dinosaur unearthed from Colorado rock formation, more discoveries possible Roman holiday: Denver now has a nonstop flight to the Colosseum, Trevi Fountain and pasta galore When will Colorado's new battery collection and recovery system start? Here's a primer. Brad Feld on ‘Give First' and the art of mentorship (at any age) Colorado's post-COVID tech startup scene looks a lot like it did 20 years ago Swimlane Raises $45 Million for Security Automation Platform Stop Over-Scoping. Start Pressure Testing. Red Canary Expands AI Innovations Understanding Separation of Duties in Cybersecurity Upcoming Events: Check out the full calendar ISSA COS - July Meeting - 7/15 ISSA COS - July Mini Seminar - 7/19 Let's Talk Software Security - Is Cybersecurity Training Necessary in the Age of AI? - 7/23 ISSA Pikes Peak - Chapter Meeting - 7/23 View our events page for a full list of upcoming events * Thanks to CJ Adams for our intro and exit! If you need any voiceover work, you can contact him here at carrrladams@gmail.com. Check out his other voice work here. * Intro and exit song: "The Language of Blame" by The Agrarians is licensed under CC BY 2.0

Drawing from his experience building enterprise SOCs and teaching thousands of security professionals, John Hubbard, Cyber Defense Curriculum Lead at SANS Institute and host of the Blueprint podcast, tells Jack about how AI is revolutionizing security operations centers, including balancing AI automation with fundamental analyst skills. They also explore practical AI applications in alert contextualization, team performance analysis, and the future vision of natural language interfaces for complex security tasks.  John emphasizes the importance of teaching both traditional methods and AI-enhanced approaches, ensuring security teams can leverage technology while maintaining critical thinking capabilities. He also discusses considerations around local versus cloud-based AI models and offers actionable advice for security professionals looking to future-proof their careers in an increasingly automated landscape.   Topics discussed: How AI transforms alert contextualization by dynamically incorporating business context and asset information for better triage decisions. The educational challenge of teaching both foundational security methods and AI-enhanced approaches to maintain analyst skills. Practical applications of AI in SOC operations, including automated phishing triage and mass analysis of analyst performance data. The evolution toward natural language interfaces that could enable complex security tasks like packet analysis through conversational commands. Custom agent development versus relying on vendor-provided AI solutions, including the technical challenges and coding requirements involved. Future SOC architecture predictions featuring interconnected agents, MCP protocols, and the abstraction of traditional security analyst tasks. Local versus cloud-based AI model considerations, including data privacy concerns, computational requirements, and trust implications. The critical question of oversight in automated security operations and who monitors AI agents in increasingly autonomous systems. Performance analysis capabilities enabled by AI's ability to process written text and logs at scale for team improvement insights. Practical advice for security professionals to embrace discomfort, invite AI into problem-solving, and establish mentoring relationships for career growth. Listen to more episodes:  Apple  Spotify  YouTube Website

Podcast: PrOTect It All (LS 26 · TOP 10% what is this?)Episode: Inside OT Penetration Testing: Red Teaming, Risks, and Real-World Lessons for Critical Infrastructure with Justin SearlePub date: 2025-06-16Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this episode, host Aaron Crow sits down with OT security expert Justin Searle, Director of ICS Security at InGuardians, for a deep dive into the ever-evolving world of OT and IT cybersecurity.  With over 25 years of experience, ranging from hands-on engineering and water treatment facilities to red-team penetration testing on critical infrastructures such as airports and power plants, Justin brings a wealth of insight and real-world anecdotes. This episode unpacks what it really takes to assess and secure operational technology environments. Whether you're a C-suite executive, a seasoned cyber pro, or brand new to OT security, you'll hear why network expertise, cross-team trust, and careful, collaborative engagement with engineers are so crucial when testing high-stakes environments. Aaron and Justin also discuss how the industry has matured, the importance of dedicated OT cybersecurity teams, and why practical, people-first approaches make all the difference, especially when lives, reliability, and national infrastructure are on the line. Get ready for actionable advice, hard-earned lessons from the field, and a candid look at both the progress and the ongoing challenges in protecting our most critical systems.   Key Moments:  05:55 Breaking Into Cybersecurity Without Classes 09:26 Production Environment Security Testing 13:28 Credential Evaluation and Light Probing 14:33 Firewall Misconfiguration Comedy 19:14 Dedicated OT Cybersecurity Professionals 20:50 "Prioritize Reliability Over Latest Features" 24:18 "IT-OT Convergence Challenges" 29:04 Patching Program and OT Security 32:08 Complexity of OT Environments 35:45 Dress-Code Trust in Industry 38:23 Legacy System Security Challenges 42:15 OT Cybersecurity for IT Professionals 43:40 "Building Rapport with Food" 47:59 Future OT Cyber Risks and Readiness 51:30 Skill Building for Tech Professionals   About the Guest :  Justin Searle is the Director of ICS Security at InGuardians, specializing in ICS security architecture design and penetration testing.  He led the Smart Grid Security Architecture group in the creation of NIST Interagency Report 7628 and played critical roles in the Advanced Security Acceleration Project for the Smart Grid (ASAP-SG), National Electric Sector Cybersecurity Organization Resources (NESCOR), and Smart Grid Interoperability Panel (SGIP).     Justin has taught hacking techniques, forensics, networking, and intrusion detection courses for multiple universities, corporations, and security conferences.  His current courses at SANS and Black Hat are among the world's most attended ICS cybersecurity courses.  Justin is currently a Senior Instructor for the SANS Institute and a faculty member at IANS. In addition to electric power industry conferences, he frequently presents at top international security conferences such as Black Hat, DEFCON, OWASP, HITBSecConf, Brucon, Shmoocon, Toorcon, Nullcon, Hardware.io, and AusCERT.     Justin leads prominent open-source projects, including The Control Thing Platform, Samurai Web Testing Framework (SamuraiWTF), and Samurai Security Testing Framework for Utilities (SamuraiSTFU).  He has an MBA in International Technology and is a CISSP and SANS GIAC certified Incident Handler (GCIH), Intrusion Analyst (GCIA), Web Application Penetration Tester (GWAPT), and GIAC Industrial Control Security Professional (GICSP)   How to connect Justin:  https://www.controlthings.io https://www.linkedin.com/in/meeas/ Email: justin@controlthings.io Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow   Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:  https://facebook.com/protectitallpodcast    To be a guest or suggest a guest/episode, please email us at info@protectitall.co   Please leave us a review on Apple/Spotify Podcasts: Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124 Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Brett Ewing is the Founder and CEO of AXE.AI, a cutting-edge cybersecurity SaaS start-up, and the Chief Information Security Officer at 3DCloud. He has built a career in offensive cybersecurity, focusing on driving exponential improvement. Brett progressed from a Junior Penetration Tester to Chief Operating Officer at Strong Crypto, a provider of cybersecurity solutions. He brings over 15 years of experience in information technology, with the past six years focused on penetration testing, incident response, advanced persistent threat simulation, and business development. He holds degrees in secure systems administration and cybersecurity, and is currently completing a Masters in cybersecurity with a focus area in AI/ML security at the SANS Technology Institute. Brett also holds more than a dozen certifications in IT, coding, and security from the SANS Institute, CompTIA, AWS, and other industry vendors. In this episode… Penetration testing plays a vital role in cybersecurity, but the traditional manual process is often slow and resource-heavy. Traditional testing cycles can take weeks, creating gaps that leave organizations vulnerable to fast-moving threats. With growing interest in more efficient approaches, organizations are exploring new AI tools to automate tasks like tool configuration, project management, and data analysis. How can cybersecurity teams use AI to test environments faster without increasing risk? AXE.AI offers an AI-powered platform that supports ethical hackers and red teamers by automating key components of the penetration testing process. The platform reduces overhead by configuring tools, analyzing output, and building task lists during live engagements. This allows teams to complete high-quality tests in days instead of weeks. AXE.AI's approach supports complex environments, improves data visibility for testers, and scales efficiently across enterprise networks. The company emphasizes a human-centered approach and advocates for workforce education and training as a foundation for secure AI adoption. In today's episode of She Said Privacy/He Said Security, Jodi and Justin Daniels speak with Brett Ewing, Founder and CEO of AXE.AI, about leveraging AI for offensive cybersecurity. Brett explains how AXE.AI's platform enhances penetration testing and improves speed and coverage for large-scale networks. He also shares how AI is changing both attack and defense strategies, highlighting the risks posed by large language models (LLMs) and deepfakes, and explains why investing in continuous workforce training remains the most important cyber defense for companies today.

Here we are in the spring of 2025, and the headline news is that the federal government is removing tech staff; at the same time, reports are coming in of thousands of unfilled cybersecurity positions across the government. Today, we sit down with a self-proclaimed “Cybersecurity Lifer” who will give the perspective of the SANS Institute on this dilemma. John Pescatore has been involved in federal cybersecurity since 1978. When he examines our current situation, he gives his opinion on training, skill level, and legislation that is being considered to address many of these issues. He mentions recent SANS studies that have suggested the issue is less about the number of openings than about finding individuals with a specific skill set required for a federal role.  He discusses the evolution of cybersecurity training from hands-on courses to community college programs and the importance of practical experience. Pescatore also discusses AI's role in cybersecurity, noting its limitations and the need for domain expertise. He emphasizes the importance of rotating staff roles and providing continuous training to retain talent in federal agencies.

Podcast: PrOTect It All (LS 25 · TOP 10% what is this?)Episode: Building Trust in OT Cybersecurity: Patching, Communication, and Personal Branding for SuccessPub date: 2025-05-12Get Podcast Transcript →powered by Listen411 - fast audio-to-text and summarizationIn this episode, host Aaron Crow is joined by his longtime friend and fellow OT (Operational Technology) aficionado, Oren Niskin. Oren dives into his unconventional journey from Navy electrician to offshore rig automation, through to OT cybersecurity consulting—sharing the highs, the lessons learned, and the unique perspective gained from crawling through the “belly of the ship” rather than a college lecture hall. Aaron and Oren discuss the real-world value of hands-on experience versus formal education, the evolving relationship between IT and OT teams, and why personal branding and communication skills are key for career growth in the cybersecurity field. They unpack the challenges and misconceptions around patching in the OT environment, and Oren reveals practical advice from his recent presentation on how organizations can dramatically reduce their vulnerability management workload while maintaining operational safety. Tune in for thoughtful reflections, war stories from the rig, and actionable tips for aspiring and seasoned cybersecurity professionals alike—plus a heartwarming nod to inspiring the next generation. Whether you're just getting started in OT or looking to take your cyber game to the next level, this episode is packed with honest advice and community spirit. Key Moments:  05:58 College: Not the Ultimate Answer 08:26 Consulting Perspective Accelerates Career Growth 13:36 "Building Value with Personal Branding" 16:49 "Everyone's a Salesman Everywhere" 19:44 "Patching Essential for System Health" 21:14 Firmware Updates Resolve Most Issues 26:18 Robots Dominate Manufacturing Line 28:08 Prioritizing Critical Drilling Vulnerability Fixes 33:29 "Prioritizing Business-Critical Systems" 36:57 Cyber-Resilient Tech Design 39:20 "Virtualization Best Practices: Snapshot Safety" 41:18 OT Cybersecurity: Focus on Basics 44:37 Unexpected Changes Disrupt Startup Plans 47:44 "Building Trust in Business" 50:52 "IT-OT Collaboration Importance" Oren Niskin – From the Navy to OT Cybersecurity: Bridging the Gap Between the Plant Floor and Secure Operations Oren Niskin is an OT cybersecurity consultant with over two decades of hands-on industrial experience spanning the U.S. Navy, offshore drilling operations, and global OT network management. His career began not in a classroom, but aboard the USS Harry S. Truman, where he served as an electrician and shutdown reactor operator after enlisting in the Navy post-9/11. Since then, he's steadily climbed the OT ranks—from maintaining electrical systems at sea to managing IACS networks for a global fleet of drilling rigs, and now, advising critical infrastructure on how to secure their operational environments. Oren brings a rare combination of deep technical insight and real-world plant floor experience to the evolving challenges of OT cybersecurity. He holds a Bachelor's degree in Nuclear Engineering Technology and a Master's in Information Security Engineering from the SANS Institute. Oren is passionate about translating complex OT security needs into practical outcomes—turning big visions into tangible progress. Connect with Oren on LinkedIn at https://www.linkedin.com/in/orenniskin/ or catch him in person at HouSecCon this September. Connect With Aaron Crow: Website: www.corvosec.com  LinkedIn: https://www.linkedin.com/in/aaronccrow   Learn more about PrOTect IT All: Email: info@protectitall.co  Website: https://protectitall.co/  X: https://twitter.com/protectitall  YouTube: https://www.youtube.com/@PrOTectITAll  FaceBook:  https://facebook.com/protectitallpodcast    To be a guest or suggest a guest/episode, please email us at info@protectitall.co   Please leave us a review on Apple/Spotify Podcasts: Apple   - https://podcasts.apple.com/us/podcast/protect-it-all/id1727211124 Spotify - https://open.spotify.com/show/1Vvi0euj3rE8xObK0yvYi4The podcast and artwork embedded on this page are from Aaron Crow, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Three Buddy Problem - Episode 45: (The buddies are trapped in timezone hell with cross-continent travel this week). In the meantime, absorb this keynote presented by Juan Andres Guerrero-Saade (JAG-S) at CounterThreats 2023. It's a frank discussion on the role of cyber threat intelligence (CTI) during wartime and its importance in bridging information gaps between adversaries. Includes talk on the ethical challenges in CTI, questioning the impact of intelligence-sharing and how cyber operations affect real-world conflicts. He pointed to Ukraine and Israel as examples where CTI plays a critical, yet complicated, role. His message: cybersecurity pros need to be aware of the real-world consequences of their work and the ethical responsibility that comes with it. Acknowledgment: Credit for the audio goes to CyberThreat 2023, SANS Institute, NCSC, and SentinelOne. Cast: Juan Andres Guerrero-Saade (https://twitter.com/juanandres_gs), Ryan Naraine (https://twitter.com/ryanaraine) and Costin Raiu (https://twitter.com/craiu).

Send us a textIn this conversation, Lance Spitzner shares his unique journey from a military tank officer to a pioneer in cybersecurity, detailing the evolution of his career and the inception of the Honeynet Project. He emphasizes the importance of understanding the human element in security, advocating for a shift from mere security awareness to fostering a robust security culture within organizations. Spitzner discusses practical steps for security teams to enhance their approach, including leveraging AI to improve communication and engagement. He concludes by reflecting on the impact of his work and the growing recognition of the human side of cybersecurity.TakeawaysThe Honeynet Project was born from a need for cyber threat intelligence.Security culture is broader than security awareness; it encompasses attitudes and beliefs.Changing the environment is key to changing organizational culture.AI can be leveraged to enhance communication and simplify security policies.Positive interactions with security teams build a stronger security culture.Chapters00:00 From Military to Cybersecurity Pioneer03:04 The Birth of the Honeynet Project05:59 Understanding the Human Element in Security09:13 Security Culture vs. Security Awareness11:51 Changing Organizational Culture for Security14:46 Practical Steps for Security Teams17:55 Leveraging AI in Security Culture21:11 Measuring Success in Cybersecurity Training

Maxwell Shuftan, Director of Mission Programs at SANS Institute joins the show to discuss the state of the government cybersecurity workforce and methods for recruiting some of the best talent into the public sector. We also discuss training initiatives that can be a game-changing strategy to unlock a hidden workforce and the national security implications that these roles have on our country.

In episode 118 of Cybersecurity Where You Are, Sean Atkinson is joined by Andy Smith, Security Architect for BP and Instructor at the SANS Institute. Together, they review the state of post-quantum cryptography as well as share recommendations for how organizations and individuals can prepare to move into the post-quantum era.Here are some highlights from our episode:02:55. What post-quantum cryptography is and why we need to pay attention04:11. The impact of a cryptographically relevant quantum computer on symmetric vs. asymmetric cryptography08:58. How media attention contributes to preparedness from an infrastructure perspective14:30. The importance of a cryptography bill of materials (CBOM)21:58. How organizations can prepare against quantum-enabled cyber attacks29:05. How individuals need to understand quantum infrastructure in order to protect it32:24. Optimism for the future of post-quantum cryptographyResourcesEpisode 48: 3 Trends to Watch in the Cybersecurity IndustryPost Quantum Cryptography by Attack Detect Defend (rot169)NIST Releases First 3 Finalized Post-Quantum Encryption StandardsEpisode 75: How GenAI Continues to Reshape CybersecurityInternet of Things: Embedded Security GuidanceIf you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org.

In episode 112 of Cybersecurity Where You Are, Sean Atkinson and Tony Sager are joined by Rob T. Lee, Chief of Research and Head of Faculty at SANS Institute. Together, they discuss how SANS Institute applies an operational or "do" model of leadership to gather expertise, build shared purpose, and foster action on evolving cybersecurity trends.Here are some highlights from our episode:05:47. How Rob ended up teaching at SANS Institute08:49. Rob's first experience meeting and working with the late Alan Paller12:07. How Rob's responsibility at SANS Institute has expanded20:02. Key cybersecurity trends on Rob's agenda as Chief of Research23:52. The need to refine our understanding of AI based on its different applications36:28. Guidance for the 47th U.S. Presidential AdministrationResourcesEpisode 35: Remembering the Late Alan PallerThe Cyber Security Hall of Fame Announces 2024 HonoreesEpisode 76: The Role of Thought Leadership in CybersecurityEpisode 75: How GenAI Continues to Reshape CybersecurityCrowdStrike Falcon Outage Exploited for Social EngineeringWhy Whole-of-State Cybersecurity Is the Way ForwardFrom Both Sides: A Parental Guide to Protecting Your Child's Online ActivityIf you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org.

The latest episode of 7 Minutes on ITSPmagazine, recorded during the Black Hat Sector 2024 event in Toronto, Canada, brings insights from the dynamic world of cybersecurity training and education. Hosted by Sean Martin, the discussion features Rushmi Hasham, Director of Strategic Partnerships, and Vasu Daggupaty, Manager of Strategic Partnerships and Investments, both from Rogers Cybersecure Catalyst.Rogers Cybersecure Catalyst, a non-profit organization operated by Toronto Metropolitan University, serves as the university's national hub for cyber education. The organization's focus spans three primary areas: training individuals to become cybersecurity professionals, helping organizations to bolster their cyber safety measures, and assisting cybersecurity founders in bringing their innovative solutions to the market.Vasu Daggupaty explains that the Catalyst's training programs certify individuals with the necessary credentials to be employable in the cybersecurity field. Moreover, organizations receive guidance on enhancing their incident response strategies and other critical safety practices. An essential part of their mission is also supporting innovators in launching new cybersecurity products and services.The episode highlights a compelling story of Gina, a former nurse transitioning into a cybersecurity analyst role. This transformation exemplifies the success of the Catalyst's Accelerated Rapid Training Program. Rushmi Hasham elaborates on the program's design, which caters to mid-life career changers, providing a seven-month intensive course in collaboration with the SANS Institute. The program equips participants with hands-on skills, transitioning knowledge, and career development, ensuring they are job-ready upon completion.Additionally, the Catalyst's corporate training services include non-technical tabletop exercises to prepare executives for real-life cyber threats. They also offer a cyber range where clients can safely engage with live malware to elevate their technical response capabilities. This comprehensive approach is instrumental in addressing Canada's cybersecurity skills shortage and enhancing the nation's defensive posture. The episode concludes with an invitation to explore the Catalyst's investment initiatives aimed at fortifying cybersecurity innovations and talent development across Canada.Learn more about Rogers Cybersecure Catalyst: https://cybersecurecatalyst.ca/Note: This story contains promotional content. Learn more.Guests: Rushmi Hasham, Director of Strategic Partnerships, Rogers Cybersecure CatalystOn LinkedIn | https://www.linkedin.com/in/rushmi-hasham-9523554/Vasu Daggupaty, Manager, Partnerships & Investment, Rogers Cybersecure CatalystOn LinkedIn | https://www.linkedin.com/in/vdaggupaty/ResourcesLearn more about 7 Minutes on ITSPmagazine Short Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story

The latest episode of 7 Minutes on ITSPmagazine, recorded during the Black Hat Sector 2024 event in Toronto, Canada, brings insights from the dynamic world of cybersecurity training and education. Hosted by Sean Martin, the discussion features Rushmi Hasham, Director of Strategic Partnerships, and Vasu Daggupaty, Manager of Strategic Partnerships and Investments, both from Rogers Cybersecure Catalyst.Rogers Cybersecure Catalyst, a non-profit organization operated by Toronto Metropolitan University, serves as the university's national hub for cyber education. The organization's focus spans three primary areas: training individuals to become cybersecurity professionals, helping organizations to bolster their cyber safety measures, and assisting cybersecurity founders in bringing their innovative solutions to the market.Vasu Daggupaty explains that the Catalyst's training programs certify individuals with the necessary credentials to be employable in the cybersecurity field. Moreover, organizations receive guidance on enhancing their incident response strategies and other critical safety practices. An essential part of their mission is also supporting innovators in launching new cybersecurity products and services.The episode highlights a compelling story of Gina, a former nurse transitioning into a cybersecurity analyst role. This transformation exemplifies the success of the Catalyst's Accelerated Rapid Training Program. Rushmi Hasham elaborates on the program's design, which caters to mid-life career changers, providing a seven-month intensive course in collaboration with the SANS Institute. The program equips participants with hands-on skills, transitioning knowledge, and career development, ensuring they are job-ready upon completion.Additionally, the Catalyst's corporate training services include non-technical tabletop exercises to prepare executives for real-life cyber threats. They also offer a cyber range where clients can safely engage with live malware to elevate their technical response capabilities. This comprehensive approach is instrumental in addressing Canada's cybersecurity skills shortage and enhancing the nation's defensive posture. The episode concludes with an invitation to explore the Catalyst's investment initiatives aimed at fortifying cybersecurity innovations and talent development across Canada.Learn more about Rogers Cybersecure Catalyst: https://itspm.ag/rogershxbpNote: This story contains promotional content. Learn more.Guests: Rushmi Hasham, Director of Strategic Partnerships, Rogers Cybersecure CatalystOn LinkedIn | https://www.linkedin.com/in/rushmi-hasham-9523554/Vasu Daggupaty, Manager, Partnerships & Investment, Rogers Cybersecure CatalystOn LinkedIn | https://www.linkedin.com/in/vdaggupaty/ResourcesLearn more and catch more stories from Rogers Cybersecure Catalyst: https://www.itspmagazine.com/directory/rogers-cybersecure-catalystLearn more about 7 Minutes on ITSPmagazine Short Brand Story Podcasts: https://www.itspmagazine.com/purchase-programsNewsletter Archive: https://www.linkedin.com/newsletters/tune-into-the-latest-podcasts-7109347022809309184/Business Newsletter Signup: https://www.itspmagazine.com/itspmagazine-business-updates-sign-upAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story

AI fortifies cybersecurity but it also strengthens cyberthreats. How can your company tackle this double-edged dilemma? We're asking our guest, Rob Lee, Chief of Research at the SANS Institute, the go-to leader in cybersecurity training.With more than 20 years of experience in digital forensics and incident response, Rob is dubbed “The Godfather of DFIR.” He's also the co-author of the must-read book, Know Your Enemy.Get ready to learn about … 

What are the best cybersecurity certs to get? Do advancements in cloud and AI mean security professionals need to re-skill? How do certifying organizations decide what new courses to create? Chief Curriculum Director and Faculty Lead at the SANS Institute, Rob Lee, joins Jennifer “JJ” Minella and Drew Conry-Murray to give an insider's view on... Read more »

What are the best cybersecurity certs to get? Do advancements in cloud and AI mean security professionals need to re-skill? How do certifying organizations decide what new courses to create? Chief Curriculum Director and Faculty Lead at the SANS Institute, Rob Lee, joins Jennifer “JJ” Minella and Drew Conry-Murray to give an insider's view on... Read more »

Joining the podcast this week is Tony Sager, Senior Vice President and Chief Evangelist for the Center of Internet Security and shares insights from his 45+ years on the security front lines, including 34 years at the NSA. Risk was a big theme of the discussion particularly looking at risk through a similar lens as we view other risky domains, such as the great work being done with the Cyber Safety Review Board. (And he shares color on the power of being okay with the risk of being wrong sometimes.) He also shares perspective on moving to incentive-based cyber models (such as what's been done in Ohio and Connecticut), and the criticality of translating technology, attacks & attackers into public policy and market incentives. And it can't be a great cyber discussion without addressing the growing sophistication of cyber criminals and their organizations – really becoming the defacto organized crime success path today. Tony Sager, Senior Vice President and Chief Evangelist for the Center for Internet Security Sager is a SVP and Chief Evangelist for CIS. He leads the development of the CIS Critical Security Controls™, a worldwide consensus project to find and support technical best practices in cybersecurity. Sager champions of use of CIS Controls and other solutions gleaned from previous cyber-attacks to improve global cyber defense. He also nurtures CIS's independent worldwide community of volunteers, encouraging them to make their enterprise, and the connected world, a safer place. In November 2018, he added strategy development and outreach for CIS to his responsibilities. In addition to his duties for CIS, he is an active volunteer in numerous community service activities: the Board of Directors for the Cybercrime Support Network; and a member of the National Academy of Sciences Cyber Resilience Forum; Advisory Boards for several local schools and colleges; and service on numerous national-level study groups and advisory panels. Sager retired from the National Security Agency (NSA) after 34 years as an Information Assurance professional. He started his career there in the Communications Security (COMSEC) Intern Program, and worked as a mathematical cryptographer and a software vulnerability analyst. In 2001, Sager led the release of NSA security guidance to the public. He also expanded the NSA's role in the development of open standards for security. Sager's awards and commendations at NSA include the Presidential Rank Award at the Meritorious Level, twice, and the NSA Exceptional Civilian Service Award. The groups he led at NSA were also widely recognized for technical and mission excellence with awards from numerous industry sources, including the SANS Institute, SC Magazine, and Government Executive Magazine. For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e273

Nate Lee, CISO at Tradeshift, talks about creating cloud security capabilities, working with engineering, and how he built a GenAI security question answering bot.About Nate:Nate is currently CISO at Tradeshift, a B2B SaaS platform where he built the security program that has secured over $1 trillion in global business transactions. Previous to that, he led various technical teams including the company's Platform Operations, Site Reliability Engineering and Corporate IT functions.He got his start as an engineer doing consulting, building systems and networks before joining Target Corporation. At Target, he built and secured systems that ensure the smooth flow of goods at one of the largest retailers in the country.In 2010, after relocating to the Bay Area, Nate joined the videoconferencing startup Fuze (later acquired by 8x8) as a Senior Architect before swiftly expanding his purview and leading the operations, security and escalated support teams.Like most in tech, he's currently spending an inordinate amount of time digging into AI and the practical implications it has to businesses, focusing on building secure-by-default systems and driving internal efficiencies.SPONSER NOTE: Support for Cloud Ace podcast comes from SANS Institute. If you like the topics covered in this podcast and would like to learn more about cloud security, SANS Cloud Security curriculum is here to support your journey into building, deploying, and managing secure cloud infrastructure, platforms, and applications. Whether you are on a technical flight plan, or a leadership one, SANS Cloud Security curriculum has resources, training, and certifications to fit your needs. Focus on where the cloud is going, not where it is today. Your organization is going to need someone with hands-on technical experience and cloud security-specific knowledge. You will be prepared not only for your current role, but also for a cutting-edge future in cloud security. Review and Download Cloud Security Resources: sans.org/cloud-security/ Join our growing and diverse community of cloud security professionals on your platform of choice: Discord | Twitter | LinkedIn | YouTube

Fred Bret-Mounet, CISO at Clarify Health Solutions, reminisces about negotiating a 25% salary increase and still being drastically underpaid, eating pasta every day, and learning that security can't just be focused on building Fort Knox.About Fred:"t all started with early e-commerce sites storing item prices client side! A tinkerer from an early age and the constant need to feed my curiosity have been critical skills to my Information Security career. With strong technical skills that I keep current and some amount of business acumen, I realized early that my role was not to build mini Fort Knox everywhere I went but instead teach people new skills: I am an evangelist helping organizations understand enough about the risk dimension associated to security and privacy - just as we understand financial, brand or contractual / legal dimensions in our daily activities. I am also an enforcer! Not the one that carries a weapon - instead, I keep us honest by providing a platform for self policing.SPONSER NOTE: Support for Cloud Ace podcast comes from SANS Institute. If you like the topics covered in this podcast and would like to learn more about cloud security, SANS Cloud Security curriculum is here to support your journey into building, deploying, and managing secure cloud infrastructure, platforms, and applications. Whether you are on a technical flight plan, or a leadership one, SANS Cloud Security curriculum has resources, training, and certifications to fit your needs. Focus on where the cloud is going, not where it is today. Your organization is going to need someone with hands-on technical experience and cloud security-specific knowledge. You will be prepared not only for your current role, but also for a cutting-edge future in cloud security. Review and Download Cloud Security Resources: sans.org/cloud-security/ Join our growing and diverse community of cloud security professionals on your platform of choice: Discord | Twitter | LinkedIn | YouTube

Steve Tran, CISO at the Democratic National Committee (DNC), opens up about his personal challenges, finding his path through hacking and magic, and his passion for helping the next generation.ABOUT STEVE: Steve is the Chief Security Officer for the Democratic National Committee, where he leads the organization's Information Technology, physical security, and cybersecurity strategies and programs. Prior to this, Steve was the Chief Information Security Officer (CISO) for MGM Studios. There, he played a pivotal role in several high-profile mergers and acquisitions, including the successful $8.5 billion acquisition of MGM Studios by Amazon. Steve has a diverse background. He has worked at Mattel, Target Corporation, Fox Studios, and Deloitte, and also served as a police officer.When not defending against dedicated adversaries, you can watch his “off the cuffs” performances at the World Famous Magic Castle in Hollywood.Follow Steve on these socials:https://www.linkedin.com/in/steveishacking/https://defcon.social/@stevetranSPONSER NOTE: Support for Cloud Ace podcast comes from SANS Institute. If you like the topics covered in this podcast and would like to learn more about cloud security, SANS Cloud Security curriculum is here to support your journey into building, deploying, and managing secure cloud infrastructure, platforms, and applications. Whether you are on a technical flight plan, or a leadership one, SANS Cloud Security curriculum has resources, training, and certifications to fit your needs. Focus on where the cloud is going, not where it is today. Your organization is going to need someone with hands-on technical experience and cloud security-specific knowledge. You will be prepared not only for your current role, but also for a cutting-edge future in cloud security. Review and Download Cloud Security Resources: sans.org/cloud-security/ Join our growing and diverse community of cloud security professionals on your platform of choice: Discord | Twitter | LinkedIn | YouTube

Deneen DeFiore, CISO at United Airlines, talks about how she got into security, taking a new CISO role at the start of COVID, what makes a mature business oriented security program, and what CISOs need to know before considering board level opportunities.About Deneen: Deneen is an accomplished technology and risk management executive with experience across multiple critical infrastructure sectors.   She has expertise in advising global companies and their most senior executives on technology, cybersecurity, compliance, and digital risk decisions related to products, services, and ongoing operations.  Deneen currently serves as Vice President and Chief Information Security Officer at United Airlines.  She is responsible for leading the cybersecurity and digital risk organization to ensure the company is prepared to prevent, detect, and respond to evolving cyber threats.  She leads initiatives on commercial aviation cyber safety risk, improving cyber resilience, and represents United in working with international partners to reduce cyber safety risk world-wide across the aviation ecosystem.  Deneen is the Chair of the board of the Aviation Information Sharing Analysis Center and the Chairperson of the Airlines for America (A4A) Cybersecurity Committee.  She is an independent director and member board of directors for Blackbaud software.    In 2022, she was appointed to serve on the President's National Infrastructure Advisory Council (NIAC), advising the White House on how to reduce physical and cyber risks and improve the security and resilience of the nation's critical infrastructure sectors.She is passionate about diversity in the tech industry and promoting STEM education.Follow her on Twitter @deneendefioreSPONSER NOTE: Support for Cloud Ace podcast comes from SANS Institute. If you like the topics covered in this podcast and would like to learn more about cloud security, SANS Cloud Security curriculum is here to support your journey into building, deploying, and managing secure cloud infrastructure, platforms, and applications. Whether you are on a technical flight plan, or a leadership one, SANS Cloud Security curriculum has resources, training, and certifications to fit your needs. Focus on where the cloud is going, not where it is today. Your organization is going to need someone with hands-on technical experience and cloud security-specific knowledge. You will be prepared not only for your current role, but also for a cutting-edge future in cloud security. Review and Download Cloud Security Resources: sans.org/cloud-security/ Join our growing and diverse community of cloud security professionals on your platform of choice: Discord | Twitter | LinkedIn | YouTube

Kapil Assudani, CISO at Edwards Lifesciences, shares how he was one payment away from getting kicked out of his Masters program, being resilient and resourceful, building credibility, and finding ways to reduce the attack surface.About Kapil: Kapil Assudani, with over 20 years of experience in information security, currently holds the position of Senior Vice President and Chief Information Security Officer at Edwards Lifesciences. His tenure at Edwards, spanning over six years, has responsibilities beyond the typical enterprise security scope of a CISO, as it includes IoT Medical Device Security and Manufacturing Plant security on a global scale.Kapil's leadership philosophy is built on three key principles. Firstly, he believes in building a team of passionate and good-hearted individuals, providing them with innovative tools, and then allowing them to operate independently. Secondly, he emphasizes presenting security problem statements backed by facts and data, simplifying them to a level where a business leader can independently make risk decisions. Lastly, he focuses on building trusted relationships across the entire employee base, fostering candid conversations and driving an execution-focused culture.His extensive experience covers all facets of information security, including leading security incident detection and response, ethical hacking teams, and security architecture and strategy programs. He has also been instrumental in building a global cybersecurity program at Edwards from the ground up. Kapil's diverse industry experience spans consulting and corporate roles across Fortune 100 companies in accounting, finance, healthcare, and technology. Over the last decade, he has intentionally focused his career on healthcare companies, finding the work purposeful and passionately aligned with a noble mission. Kapil holds a Masters in Computer Science and has been a speaker at multiple conferences, further solidifying his expertise in the fieldSPONSER NOTE: Support for Cloud Ace podcast comes from SANS Institute. If you like the topics covered in this podcast and would like to learn more about cloud security, SANS Cloud Security curriculum is here to support your journey into building, deploying, and managing secure cloud infrastructure, platforms, and applications. Whether you are on a technical flight plan, or a leadership one, SANS Cloud Security curriculum has resources, training, and certifications to fit your needs. Focus on where the cloud is going, not where it is today. Your organization is going to need someone with hands-on technical experience and cloud security-specific knowledge. You will be prepared not only for your current role, but also for a cutting-edge future in cloud security. Review and Download Cloud Security Resources: sans.org/cloud-security/ Join our growing and diverse community of cloud security professionals on your platform of choice: Discord | Twitter | LinkedIn | YouTube

Mike Melo, CISO and head of technology at LifeLabs, talks about his approach to innovation and insights on leading cloud security tools.About Mike Melo: "Heavily focused on people and integrity-led progression, Mike Melo is a Senior IT Executive and Chief Information Security Officer (CISO) with over 15+ years of experience advancing operational efficiencies, cyber indomitability, and overall organizational success. Currently serving as the CISO & VP IT Shared Services for LifeLabs in Canada, Mike holds an extensive background involving agile risk mitigation, post-breach transformation, security architecture, cross-functional technical leadership, regulatory compliance, and the art of developing high-performing team environments that are as positive as they are productive. In addition, he is passionate about not only helping industry leaders rectify security weaknesses while attaining sustainable protection, but doing so in such a way that ultimately propels their competitive capacities and growth initiatives forward. Prior to his most recent role overseeing multi-million cybersecurity programs and their implementation across organizational systems, Mike Initially worked as an International Information Security Officer, quickly scaling to hold several C-level roles under LifeLabs. Notably, this includes being an IT Security Lead, where Mike had the opportunity to support the tech team in rendering new security program development and overseeing the inception of the Incident Response program. More formerly, Mike became a CISO in December of 2019.That said, Mike's ambitions for security excellence were also done in conjunction with ongoing side affiliations supporting various professional engagements, keynote presentations/talking panels, and public contributions. Namely, this involves being a Board Member and Co-Chair of the Operations Committee for the Canadian Cyber Threat Exchange, a CISO Co-Chair for Evanta, and an active Board Member of HUMINT Cybersecurity Recruitment. Furthermore, Mike's devotion to bridging security gaps and innate avocation for making cybersecurity knowledge accessible has not gone unnoticed.Mike currently resides in Calgary with his wife and two children who inspire him to always become better than the day before, and enjoys spending his free time playing guitar - including attending Berklee College of Music in the evenings for guitar performance."SPONSER NOTE: Support for Cloud Ace podcast comes from SANS Institute. If you like the topics covered in this podcast and would like to learn more about cloud security, SANS Cloud Security curriculum is here to support your journey into building, deploying, and managing secure cloud infrastructure, platforms, and applications. Whether you are on a technical flight plan, or a leadership one, SANS Cloud Security curriculum has resources, training, and certifications to fit your needs. Focus on where the cloud is going, not where it is today. Your organization is going to need someone with hands-on technical experience and cloud security-specific knowledge. You will be prepared not only for your current role, but also for a cutting-edge future in cloud security. Review and Download Cloud Security Resources: sans.org/cloud-security/ Join our growing and diverse community of cloud security professionals on your platform of choice: Discord | Twitter | LinkedIn | YouTube

Jadee Hanson, CISO and CIO at Code42, shares how even as a kid she knew cybersecurity was her calling and how that led to CISO, CIO, and product leadership responsibilities.About Jadee Hanson: As chief information security officer and chief information officer at Code42, Jadee Hanson leads global risk and compliance, security operations, incident response, and insider threat monitoring and investigations. To her position, she brings more than 17 years of information security and a proven track record of building security programs.Prior to Code42, Jadee held a number of senior leadership roles in the security department of Target Corporation, where she implemented key programs, including spearheaded the effort to embed security resources into the development process as well as the security plans behind the acquisition of software development and online retail companies. She was the security lead for the sale of Target Pharmacies to CVS Health. Before joining Target, Jadee worked at Deloitte, where she served as a security consultant for companies across diverse industries such as healthcare, manufacturing energy, retail and more.Jadee is a co-author of Inside Jobs: Why Insider Risk Is the Biggest Cyber Threat You Can't Ignore, which shines a light on Insider Risk and details what business and security leaders can do to keep their workforces productive and data protected.In addition to her day job at Code42, Jadee is the founder and CEO of the non-profit organization Building Without Borders, which serves those in poverty-stricken areas throughout the world through housing services. Since April 2015, Building Without Borders has built 39 houses in areas of the Dominican Republic. In her spare time, you can find Jadee working for her non-profit, enjoying time with her husband and three girls, and spending time on the lake.SPONSER NOTE: Support for Cloud Ace podcast comes from SANS Institute. If you like the topics covered in this podcast and would like to learn more about cloud security, SANS Cloud Security curriculum is here to support your journey into building, deploying, and managing secure cloud infrastructure, platforms, and applications. Whether you are on a technical flight plan, or a leadership one, SANS Cloud Security curriculum has resources, training, and certifications to fit your needs. Focus on where the cloud is going, not where it is today. Your organization is going to need someone with hands-on technical experience and cloud security-specific knowledge. You will be prepared not only for your current role, but also for a cutting-edge future in cloud security. Review and Download Cloud Security Resources: sans.org/cloud-security/ Join our growing and diverse community of cloud security professionals on your platform of choice: Discord | Twitter | LinkedIn | YouTube

Brett Cumming, head of security at Skechers, shares how his sister inadvertently got him into cybersecurity and how saying yes to everything laid the foundation for a career in cyber.About Brett: Brett Cumming is a transformative leader who built and currently leads the information security program for the global footwear leader Skechers, helping the organization scale 5x during his tenure. Mr. Cumming's experience working in both business and engineering focused tech roles provides a broad perspective that allows him to design and implement an information security strategy that successfully bridges risk management practices and business priorities, while remaining effective and adaptable to various unique regional and business unit requirements around the world. Having earned his B.S. in Business Administration (Management & Operations Management) from CSULB, Mr. Cumming also holds several professional certifications including CISSP, CISM, and 5x GIAC. Brett is an active member of the cybersecurity community, from membership with FBI InfraGard and the USSS Cyber Fraud Task Force to serving on the Board of Directors for the Retail & Hospitality Information Sharing and Analysis Center (RH-ISAC) and SANS Advisory Board.SPONSER NOTE: Support for Cloud Ace podcast comes from SANS Institute. If you like the topics covered in this podcast and would like to learn more about cloud security, SANS Cloud Security curriculum is here to support your journey into building, deploying, and managing secure cloud infrastructure, platforms, and applications. Whether you are on a technical flight plan, or a leadership one, SANS Cloud Security curriculum has resources, training, and certifications to fit your needs. Focus on where the cloud is going, not where it is today. Your organization is going to need someone with hands-on technical experience and cloud security-specific knowledge. You will be prepared not only for your current role, but also for a cutting-edge future in cloud security. Review and Download Cloud Security Resources: sans.org/cloud-security/ Join our growing and diverse community of cloud security professionals on your platform of choice: Discord | Twitter | LinkedIn | YouTube

Cloud Ace is back for season 2, featuring both new guests and a new host. Frank Kim, a SANS Fellow and CISO-in-Residence at YL Ventures, will sit in as host this season as a wide range of guests join him in exploring the full gamut of cloud topics from multi-cloud and public cloud, to containers, threat detection, cloud pen testing, DevSecOps, automation and everything in between.SPONSER NOTE: Support for Cloud Ace podcast comes from SANS Institute. If you like the topics covered in this podcast and would like to learn more about cloud security, SANS Cloud Security curriculum is here to support your journey into building, deploying, and managing secure cloud infrastructure, platforms, and applications. Whether you are on a technical flight plan, or a leadership one, SANS Cloud Security curriculum has resources, training, and certifications to fit your needs. Focus on where the cloud is going, not where it is today. Your organization is going to need someone with hands-on technical experience and cloud security-specific knowledge. You will be prepared not only for your current role, but also for a cutting-edge future in cloud security. Review and Download Cloud Security Resources: sans.org/cloud-security/ Join our growing and diverse community of cloud security professionals on your platform of choice: Discord | Twitter | LinkedIn | YouTube

Rinki Sethit, CISO at BILL, discusses her journey in cybersecurity from roles at early cloud adopters like Intuit and Twitter to security vendors like Palo Alto Networks and ultimately to board roles at companies like ForgeRock.ABOUT RINKI: VP & CISO (CHIEF INFORMATION SECURITY OFFICER) Rinki is currently the Vice President and Chief Information Security Officer at BILL, where she will be leading the global information technology functions and is also responsible for leading efforts to protect BILL's information and technology assets and advice the company's continued innovations in the security space. Rinki Sethi brings decades of security and technology leadership expertise and was recently VP & CISO at Twitter and Rubrik Inc. Rinki has been at the forefront of developing cutting edge online security infrastructure at several Fortune 500 companies such as IBM, Palo Alto Networks, Intuit, eBay, Walmart.com, and PG&E. Rinki also serves on the board of ForgeRock, a public company in the identity and access management space and Vaultree, a data encryption company. Rinki holds several recognized security certifications and has a B.S. in Computer Science Engineering from UC Davis and a M.S. in Information Security from Capella University. Rinki has served on the development team for the ISACA book, “Creating a Culture of Security” by Stephen Ross and was the recipient of the “One to Watch” Award with CSO Magazine & Executive Women's Forum in 2014 and more recently the Senior Information Security Practitioner Award with ISC2 in 2018. Most recently, in 2023, she was recognized in Lacework's top 50 CISOs list. She led an initiative to develop the first set of national cybersecurity badges and curriculum for the Girl Scouts of USA. Rinki serves as a mentor for many students and professionals.SPONSER NOTE: Support for Cloud Ace podcast comes from SANS Institute. If you like the topics covered in this podcast and would like to learn more about cloud security, SANS Cloud Security curriculum is here to support your journey into building, deploying, and managing secure cloud infrastructure, platforms, and applications. Whether you are on a technical flight plan, or a leadership one, SANS Cloud Security curriculum has resources, training, and certifications to fit your needs. Focus on where the cloud is going, not where it is today. Your organization is going to need someone with hands-on technical experience and cloud security-specific knowledge. You will be prepared not only for your current role, but also for a cutting-edge future in cloud security. Review and Download Cloud Security Resources: sans.org/cloud-security/ Join our growing and diverse community of cloud security professionals on your platform of choice: Discord | Twitter | LinkedIn | YouTube

Bernard Brantley, CISO at Corelight, outlines his vision of modern security and cloud capabilities based on his experience at companies like Microsoft and Amazon, tying together security and business objectives.ABOUT BERNARD:Bernard Brantley is the Chief Information Security Officer (CISO) at San Francisco-based Corelight. He has previously managed threat hunting, threat intelligence, network security architecture and analytics for some of the most mission critical environments at both Amazon (Consumer Payments) and Microsoft (High Value Asset Environments). Bernard is an advisor at Seattle-based Tola Capital, and San Francisco-based Normalyze. He is a member of multiple CISO and leadership communities while also engaging with early and mid-career professionals as a mentor. Bernard spent three years at the United States Military Academy before taking an unconventional path to executive leadership. His background of diverse experiences cut through retail sales, construction and financial services prior to his first IT role as a datacenter support technician. "No matter who you are, what walk of life you come from, or what type of adversity you face; If you can see the prices, there is a path for you to it. 'Inveniam viam, aut faciam.'" Bernard lives in Seattle with his family.SPONSER NOTE: Support for Cloud Ace podcast comes from SANS Institute. If you like the topics covered in this podcast and would like to learn more about cloud security, SANS Cloud Security curriculum is here to support your journey into building, deploying, and managing secure cloud infrastructure, platforms, and applications. Whether you are on a technical flight plan, or a leadership one, SANS Cloud Security curriculum has resources, training, and certifications to fit your needs. Focus on where the cloud is going, not where it is today. Your organization is going to need someone with hands-on technical experience and cloud security-specific knowledge. You will be prepared not only for your current role, but also for a cutting-edge future in cloud security. Review and Download Cloud Security Resources: sans.org/cloud-security/ Join our growing and diverse community of cloud security professionals on your platform of choice: Discord | Twitter | LinkedIn | YouTube

Our guest, Johannes Ullrich from SANS Institute, joins Dave to discuss their research on "Machine Learning Risks: Attacks Against Apache NiFi." Using their honeypot network, researchers were able to collect some interesting data about a threat actor who is currently going after exposed Apache NiFi servers. Researchers state “On May 19th, our distributed sensor network detected a notable spike in requests for ‘/nifi.'” Investigating further, they instructed a subset of their sensors to forward requests to an actual Apache NiFi instance and within a couple of hours the honeypot was completely compromised. The research can be found here: Machine Learning Risks: Attacks Against Apache NiFi

Threat group with novel malware operates in Southeast Asia. Data theft extortion on the rise. Key findings of Cisco's Cybersecurity Readiness Index. iPhones are no longer welcome in the Kremlin. Russian cyber auxiliaries and privateers devote increased attention to the healthcare sector. Chris Eng from Veracode shares findings of their Annual Report on the State of Application Security. Johannes Ullrich from SANS Institute discusses scams after the failure of Silicon Valley Bank. And BreachForums seems to be under new management.  For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/54 Selected reading. NAPLISTENER: more bad dreams from developers of SIESTAGRAPH (Elastic Blog)  Unit 42 Ransomware and Extortion Report Highlights: Multi-Extortion Tactics Continue to Rise (Palo Alto Network) Ransomware and extortion trends. (CyberWire) Cisco Cybersecurity Readiness Index (Cisco) A look at resilience: companies' ability to fight off cyberattacks. (CyberWire) Putin to staffers: throw out your iPhones over security (Register) Black Basta, Killnet, LockBit groups targeting healthcare in force (SC Media) After BreachForums arrest, new site administrator says the platform will live on (Record) 

GoDaddy has discovered a compromise of its systems. Twitter disables SMS authentication for those not subscribed to Twitter Blue. Last week's cyber incident impacting German airports was confirmed to be DDoS. The consequences of cyber irregular participation in cyber wars. Semiconductor tech giant Applied Materials sees significant financial losses from a cyberattack. Joe Carrigan on scammers dangling fake job offers to students. Our guests are Max Shuftan & Monisha Bush from the SANS Institute, on the reopening of their HBCU Cyber Academy application window. And is Bing channeling Tay? For links to all of today's stories check out our CyberWire daily news briefing: https://thecyberwire.com/newsletters/daily-briefing/12/34 Selected reading. GoDaddy Inc. - Statement on recent website redirect issues (GoDaddy) GoDaddy: Hackers stole source code, installed malware in multi-year breach (Bleeping Computer) GoDaddy SEC Filing (SEC) An update on two-factor authentication using SMS on Twitter(Twitter) Twitter Limits SMS-Based 2-Factor Authentication to Blue Subscribers Only (The Hacker News) SMS-Based 2FA Will Be Limited to Twitter Blue Users (HackRead) Twitter will limit uses of SMS 2-factor authentication. What does this mean for users? (NPR) Twitter's Two-Factor Authentication Change 'Doesn't Make Sense' (WIRED) Twitter Shuts Off Text-Based 2FA for Non-Subscribers (SecurityWeek) Official: Twitter will now charge for SMS two-factor authentication (The Verge) German airport websites downed by DDoS attacks (Register) German airports hit by DDoS attack, ‘Anonymous Russia' claims responsibility (The Record from Recorded Future) Russian phishing attacks flooded Ukraine, tripled against NATO nations in 2022: Report (Breaking Defense) Civilian hackers could become military targets, Red Cross warns (The Record from Recorded Future News) I helped create a 'cyber army' to help Ukraine defeat Russia. We can't fight with guns, but we can fight with our laptops. (Business Insider) How Uncle Sam enlisted Big Tech to thwart Russia from launching catastrophic cyberwar (The Washington Times) Big Tech Descends on Munich Conference in Support of Ukraine (Bloomberg) Applied Materials will take a $250M hit to sales this quarter, thanks to a cyberattack at one of its suppliers (Silicon Valley Business Journal) Semiconductor industry giant says ransomware attack on supplier will cost it $250 million (The Record by Recorded Future) How should AI systems behave, and who should decide? (OpenAI) Why Bing Is Being Creepy (Intelligencer) Microsoft's new chatbot is a liar. And it says it's ready to call the cops. (Mother Jones) After AI chatbot goes a bit loopy, Microsoft tightens its leash (Washington Post). My Week of Being Gaslit and Lied to by the New Bin (Information)