POPULARITY
SCAMS, HACKING AND CYBERSECURITY The internet is a powerful tool connecting us in ways unimaginable just a few decades ago. However, it also harbors risks—cyber scams, cyber crimes, and hidden dangers lurking on the dark web. Hackers and cybercriminals exploit vulnerabilities to steal data, commit identity theft, and manipulate systems using social engineering. But how safe are we online? Should we avoid the digital world entirely? Not at all. Just like real-world dangers, we can navigate online security risks with the right tools and knowledge. This cybersecurity bible is the ultimate guide to protecting yourself in the digital landscape. Whether you're looking for cybersecurity for beginners, insights into cyber hacking and the law, or best cybersecurity books to improve your internet safety, this book equips you with practical tools and strategies. ABOUT THE AUTHOR May Brooks-Kempler is a cybersecurity expert whose career began in the 1990s, exploring the realms of game “cheats” and “hacks” on IRC chats. This early fascination led her through a distinguished journey in cybersecurity, from Penetration Testing to Security Architect and eventually a Chief Information Security Officer (CISO). Today, she is a highly sought-after strategic consultant, speaker, and mentor, known for her dynamic involvement in developing and promoting innovative cybersecurity initiatives and guiding startups. May's expertise and engaging delivery have made her a favorite at numerous speaking engagements, including a TEDx talk, keynotes, and commentator on critical cybersecurity issues. Her role as a podcaster further amplifies her reach, where she shares vital security insights with a global audience. As a member of the ISC2 Board of Directors, an authorized CISSP and HCISPP instructor, and co-author, May's dedication to advancing the cybersecurity profession is unmistakable. Her book, “Scams, Hacking and Cybersecurity – The Ultimate Guide to Online Safety and Privacy”, and her online courses, reflect her commitment to making the digital world a safer place for all, especially families, as underscored by her personal mission as a mother of three. Through her extensive experience and influential voice in the field, May Brooks-Kempler continues to shape the future of online safety, making her a pivotal figure in the world of cybersecurity education and advocacy. TOPICS OF CONVERSATION Evolution of Threats: Online scams have evolved from obvious phishing emails to sophisticated ads, fake profiles, and AI-generated content. Emotional Manipulation: Scammers rely on fear, urgency, and curiosity to trick people through social engineering. Online Safety Habits: Good habits like thinking before sharing, using password managers wisely, and enabling two-factor authentication are essential. Protecting Kids Online: Parents should teach children to think critically before posting and clicking to protect their privacy and safety. Responding to Cyber Incidents: If you suspect a hack, stay calm, assess the damage, and act quickly based on the importance of the compromised asset. LEARN MORE AND CONNECT WITH MAY BROOKS-KEMPLER: https://maybrooks.net/ https://www.linkedin.com/in/may-brooks-kempler https://www.instagram.com/may.brooks.kempler https://www.youtube.com/@CyberMAYnia https://new-may.framepro.io/guidebooks-and-resources
In this episode of The BlueHat Podcast, host Nic Fillingham is joined by Scott Gorlick, Security Architect for Power Platform at Microsoft. Scott shares his unconventional journey into cybersecurity, from managing a KFC to driving big rigs before landing in tech. He dives into security research in Copilot Studio, discussing how AI models interact with security frameworks and how researchers can approach testing these systems. We also explore his recent training video on YouTube, which provides guidance for security researchers looking to engage with Microsoft's bug bounty program. In This Episode You Will Learn: What Scott does to ensure Power Platform applications remain governable and secure Why security and software quality go hand in hand in modern development. How security researchers can explore vulnerabilities in Microsoft's low-code AI development platform Some Questions We Ask: What kinds of security issues should researchers focus on in Copilot Studio? Can Copilot help researchers write better reports, especially in different languages? How can researchers get access to Copilot Studio? Is there a free version? Resources: View Scott Gorlick on LinkedIn View Wendy Zenone on LinkedIn View Nic Fillingham on LinkedIn Security Research in Copilot Studio Overview and Training on YouTube Related Microsoft Podcasts: Microsoft Threat Intelligence Podcast Afternoon Cyber Tea with Ann Johnson Uncovering Hidden Risks Discover and follow other Microsoft podcasts at microsoft.com/podcasts
In episode 118 of Cybersecurity Where You Are, Sean Atkinson is joined by Andy Smith, Security Architect for BP and Instructor at the SANS Institute. Together, they review the state of post-quantum cryptography as well as share recommendations for how organizations and individuals can prepare to move into the post-quantum era.Here are some highlights from our episode:02:55. What post-quantum cryptography is and why we need to pay attention04:11. The impact of a cryptographically relevant quantum computer on symmetric vs. asymmetric cryptography08:58. How media attention contributes to preparedness from an infrastructure perspective14:30. The importance of a cryptography bill of materials (CBOM)21:58. How organizations can prepare against quantum-enabled cyber attacks29:05. How individuals need to understand quantum infrastructure in order to protect it32:24. Optimism for the future of post-quantum cryptographyResourcesEpisode 48: 3 Trends to Watch in the Cybersecurity IndustryPost Quantum Cryptography by Attack Detect Defend (rot169)NIST Releases First 3 Finalized Post-Quantum Encryption StandardsEpisode 75: How GenAI Continues to Reshape CybersecurityInternet of Things: Embedded Security GuidanceIf you have some feedback or an idea for an upcoming episode of Cybersecurity Where You Are, let us know by emailing podcast@cisecurity.org.
In this episode, Jack Cable, Senior Technical Advisor at CISA, discusses the agency's role in securing the technology ecosystem, particularly focusing on open source software security. Jack explains what CISA is, its mission to protect critical infrastructure, and the significance of the 'Secure by Design' initiative. The conversation covers the collaboration efforts with the open source community, resources available for developers, and the importance of integrating security into software development. Jack also shares his personal journey into cybersecurity and emphasizes empowering developers to enhance security measures from the start. 00:00 Introduction 00:45 What is CISA? 01:26 CISA's Mission and Mandate 02:51 CISA's Role in Open Source Security 03:55 Collaborations and Initiatives 05:18 Open Source as Critical Infrastructure 07:11 Secure by Design and Developer Resources 10:41 Jack Cable's Journey into Cybersecurity 12:52 Empowering the Open Source Community 17:11 Bridging the Gap Between Developers and Security Communities 19:24 Conclusion and Final Thoughts Resources: Secure by Design CISA on Open Source Security Guest: Jack Cable is a Senior Technical Advisor at CISA, where he helps lead the agency's work on open source software security and Secure by Design. At CISA, Jack authored CISA's Open Source Software Security Roadmap and has co-led community efforts to standardize the security of package repositories. Prior to that, Jack worked as a TechCongress Fellow for the Senate Homeland Security and Governmental Affairs Committee, advising Chairman Gary Peters on cybersecurity policy, including election security and open source software security. There, Jack was the principal author of the Securing Open Source Software Act. He previously worked as a Security Architect at Krebs Stamos Group. Jack also served as an Election Security Technical Advisor at CISA, where he created Crossfeed, a pilot to scan election assets nationwide. Jack is a top bug bounty hacker, having identified over 350 vulnerabilities in hundreds of companies. After placing first in the Hack the Air Force bug bounty challenge, he began working at the Pentagon's Defense Digital Service. Jack holds a bachelor's degree in Computer Science from Stanford University and has published academic research on election security, ransomware, and cloud security.
Welcome to the Retail Corner Podcast! In this episode, we have a special guest, Mike Kiser, Director of Strategy and Standards at SailPoint. Mike dives deep into the world of cybersecurity in retail, exploring the unique challenges faced by retailers in today's digital landscape. From safeguarding customer data to navigating complex regulatory requirements, Mike shares insights on how retailers can stay ahead of evolving threats and build a robust cybersecurity strategy to protect their businesses and customers. Don't miss this essential discussion! About our guest, Mike Kiser: Mike Kiser is a security strategist and evangelist at SailPoint. He holds a panoply of industry positions over the past 20 years—from the Office of the CTO to Security Strategist to Security Analyst to Security Architect—that might imply otherwise. In spite of this, he has designed, directed, and advised on large-scale security deployments for a global clientele. Linkedin: https://www.linkedin.com/in/mike-kiser/ Website: https://sailpoint.com About Retail Corner Podcast: Host: Cole Koumalats Producer: Sachin Kumar Bhate Podcast Sponsor: Proxima360 Listen to other podcasts at: https://proxima360.com/retail-corner.podcast or https://retailcorner.live Subscribe our Podcast: Apple iTunes: https://apple.co/3eoeUdT Spotify: https://spoti.fi/3dvjpDJ Google Podcast: https://bit.ly/3DFHXHw Amazon Music: https://amzn.to/3tkbhk1 Interested in being on our podcast? Submit request at: retailcorner@proxima360.com
On this episode of The Cybersecurity Defenders Podcast we speak with Jacob Salassi, Co-Founder at stealth startup, about product security.Jacob brings over 10 years of experience in software engineering and cybersecurity to the table. Until four months ago, Jacob was a Security Architect at Snowflake, where he ensured every developer was wildly successful in owning security. Since then, he's been diving into something new and exciting, working on a stealth startup. Before Snowflake, Jacob was busy bootstrapping application security programs in healthcare and engineering secure distributed systems for a hybrid-cloud security platform. He's passionate about creating a development security experience that not only measurably reduces risk but also earns the love of engineers. In his own words, Jacob solves problems.Books mentioned in the podcast:Engineering Trustworthy Systems: Get Cybersecurity Design Right the First TimeSecurity Engineering: A Guide to Building Dependable Distributed SystemsMeasuring and Managing Information Risk: A FAIR Approach
Co znamená bezpečná architektura a jak pomáhá gen-AI v bezpečnostní architektuře. Je nutné mít EDR systémy a nástroje spravované z cloudu? Je stávající nebo připravovaná regulace správně navržena a je možné vytvořit phishing resistentní prostředí? To jsou otázky na které jsme se ptali našeho hosta Štěpána Huzlíka, Security Architect ze společnosti TRASK SOLUTIONS, a.s. Poslechněte si nový díl podcastu Cyb3R Club a zjistěte, jaké jsou nejnovější trendy a osvědčené postupy v oblasti kybernetické bezpečnosti.
Traditional cybersecurity methods are becoming less effective against the evolving threat landscape. As organizations increasingly adopt cloud services, remote workforces, and mobile computing, a new and improved security framework is necessary. In this Season 4 opener of the SecureChat podcast, host Cory Pomeroy sits down with RKON's Director of Advanced Services, Jon Weber, Managing Director, Jeff Laurinaitis, and Security Architect, Rafal Ciesielski, to explore SASE capabilities, implementation strategies, and the user experience.
We speak with Alina Tan, Ethical Hacker and Security Architect based in Singapore.Alina is a former Top 30 Women in Cybersecurity Singapore (now the Top Women in Security ASEAN Region Awards).GISEC Global 2024 attracted more than 20,000 attendees from over 130 countries to the Dubai World Trade Center. Taking place over three days, April 23-25, the event provides a platform for more than 750 brands to showcase their innovations. #gisec #gisecglobal #mysecuritytv #womenincybersecurity #topwomeninsecurityASEAN
In this episode, Codasip's CEO Ron Black & Safety & Security Architect Carl Shaw join The IoT Podcast to discuss the first commercially viable implementation of CHERI (RISC-V) Technology. With the increasing number of vulnerabilities and companies having problems in cybersecurity, like the recent Netgear router and iOS vulnerabilities. The stakes for robust cyber security have never been higher. And of the cyberattacks, 70% exploit vulnerabilities related to how programs access and manipulate memory. We'll be diving into how this groundbreaking technology is helping to protect against potential attacks by making memory exploitation more difficult. Plus more! Chapters 00:00 Introduction 06:04 What does Codasip do? 10:40 Analysis of cyber security issues and attacks in the world 16:10 What is CHERI? Why is it here? 23:18 How CHERI has the potential to prevent 70% of cyber attacks 25:35 Changing mindsets on security 29:37 How to implement CHERI 32:52 What industries benefit (ALL) 39:05 The future And much more! Thank you to our season sponsor 5V Tech. Discover how 5V Tech can help you unlock your scaling potential in cutting-edge tech and IoT, here: https://www.weare5vtech.com/ ABOUT THE GUESTS Ron Black boasts over 30 years of industry experience. Before joing Codasip, he's held leadership positions at Imagination Technologies, Rambus, MobiWire, UPEK, and Wavecom. With a background in Engineering and a Ph.D. in Materials Science from Cornell University, his expertise spans processors including PowerPC, network processors, security processors, and GPUs. Carl Shaw is a hands-on expert in embedded systems and security engineering, focusing on software-defined hardware architectures for security and safety. Skilled in security analysis, firmware, RISC-V, and team leadership. Connect with Ron: https://www.linkedin.com/in/rondblack/ Connect with Carl: https://www.linkedin.com/in/shawcarl/ ABOUT CODASIP Codasip is a hardware design company specializing in empowering developers to create unique processors for the Internet of Things (IoT) and beyond. Founded in 2014, they focus on RISC-V technology, an open-source instruction set architecture. CHERI is a security boost for RISC-V processors. It uses special "capabilities" to tightly control memory access, preventing common attacks. Codasip first brought CHERI to market, offering processors with built-in security and compatibility with existing code. This combo makes RISC-V systems much more secure. Find out more about Codasip and CHERI: https://codasip.com/ SUBSCRIBE TO THE IOT PODCAST ON YOUR FAVOURITE LISTENING PLATFORM: https://linktr.ee/theiotpodcast Sign Up for exclusive email updates: https://theiotpodcast.com/ Contact us to become a guest/partner: https://theiotpodcast.com/contact/ Connect with host Tom White: / tom5values
Guest Jacob Kaplan-Moss Panelist Richard Littauer | Amanda Casari Show Notes This episode of Sustain explores the challenges and dynamics of funding open source projects. Host Richard Littauer and co-host Amanda Casari welcome guest Jacob Kaplan-Moss, Board Member and Treasurer of the Django Software Foundation, and Security Architect at Latacora. The discussion covers Jacob's recent blog post on the criticism faced by open source maintainers who seek compensation, highlighting the backlash encountered from seeing grants to selling T-shirts. The conversation also explores the ethical use of open source software, the importance of supporting maintainers financially, and the complexities surrounding the definition and licensing of open source software. Additionally, this episode touches on the personal connection to open source, the struggle for maintainers to find sustainable funding models, and the potential impact of high net worth individual donations. Download this episode now to hear more! [00:00:53] Richard highlights Jacob's association with Django and his role as a security architect and brings up a blog post Jacob wrote about the experience of being an open source maintainer. He shares examples of maintainers who face undue criticism for monetizing their open source work in various ways and his thesis. Also, Richard endorses the Blue Oak Council and PolyForm Project. [00:06:24] Amanda appreciates the blog's message about the sustainability of open source and the need to pay maintainers. Jacob recounts the largely positive reception of his post but also addresses the critical and unproductive responses, and he clarifies his stance on the importance of formal definitions of open source. [00:10:14] Richard suggests the term “Big Tent Open Source” and discusses the importance of having standards to precent open washing while also encouraging diversity in licensing. Jacob uses the term “monogamish” as an analogy for a more flexible approach to open source licensing. [00:11:46] Amanda discusses her background in releasing various types of open source work and how it sometimes differs from web apps, and touches on the complexities of open source licensing. She asks Jacob about his concerns regarding the adoption of open source in larger systems, and he shares his experience with government technology procurement, stressing the necessity of precise definitions of open source in that context. [00:16:40] Richard shifts the conversation to ethical considerations of open source work, specifically when software is used for harmful purposes, like state interventions. Jacob gives us a nuanced view on the ethical use of open source software and the impossibility of drawing a clear line between good and evil uses. [00:20:56] Jacob provides insights into the Django Software Foundation's current scale, funding, and staffing, highlighting the significant impact even a small increase in funding could have, and he discusses the challenge of scaling funding across the vast number of open source projects to achieve broad sustainability. [00:23:16] Jacobs talks about the potential of engaging high net worth individuals and family foundations for donations as they may be more receptive than corporations. [00:24:54] Richard discusses the groups privilege and raises the question regarding giving back to open source or to the broader community, and Jacob explains he avoids judging others' financial decisions but acknowledges his own better-off position and the personal moral obligation he feels to give back. [00:27:05] The conversation shifts to Richard asking Jacob how to support each other's capitalist ventures while contributing to the open source community. He suggests congratulating individual successes and learning from them, while also being comfortable criticizing the systems and institutions that may be at odds with open source values. [00:28:53] Find out where you can learn more about Jacob on the internet. Quotes [00:01:40] “There's this dynamic that happens around open source, where when someone takes money, someone always shows up to criticize them for it.” [00:04:07] “Anytime an open source maintainer figures out a way to get paid to build a lifestyle, at the very least comfortable, we should be celebrating that.” [00:06:46] “The community has coalesced around a definition of open source as defined by the OSI. I was like wait a minute, how are you conflating the open source community with one foundation? I don't agree with this conflation of the OSI speaks for all open source.” [00:13:39] “If you work in technology for the government ling enough, eventually you come to realize that every problem is a procurement problem.” [00:18:16] “Even the MIT license is, do whatever you want, just don't sue me.” [00:22:18] “To reach a point where I would say that open source as a whole is broadly sustainable, I would want every single project to have that level of funding associated with it.” Spotlight [00:30:11] Amanda's spotlight is a book coming out next month called, “Software Engineering for Data Scientists.” [00:30:42] Richard's spotlight is the book, “Better Living Through Birding: Notes from a Black Man in the Natural World.” [00:31:20] Jacob's spotlight is the PolyForm family of licenses and the book, “Producing Open Source Software: How to Run a Successful Free Software Project.” Links SustainOSS (https://sustainoss.org/) SustainOSS Twitter (https://twitter.com/SustainOSS?ref_src=twsrc%5Egoogle%7Ctwcamp%5Eserp%7Ctwgr%5Eauthor) SustainOSS Discourse (https://discourse.sustainoss.org/) podcast@sustainoss.org (mailto:podcast@sustainoss.org) SustainOSS Mastodon (https://mastodon.social/tags/sustainoss) Open Collective-SustainOSS (Contribute) (https://opencollective.com/sustainoss) Richard Littauer Socials (https://www.burntfen.com/2023-05-30/socials) Amanda Casari X/Twitter (https://twitter.com/amcasari?lang=en) Jacob Kaplan-Moss LinkedIn (https://www.linkedin.com/in/jacobian/) Jacob Kaplan-Moss Website (https://jacobian.org/) Jacob Kaplan-Moss Mastodon (https://social.jacobian.org/@jacob) Django Software Foundation (https://www.djangoproject.com/foundation/) Django (https://www.djangoproject.com/) Latacora (https://www.latacora.com/) Jacob's Blog post: “Paying people to work on open source is good actually” (https://jacobian.org/2024/feb/16/paying-maintainers-is-good/) Blue Oak Council (https://blueoakcouncil.org/) PolyForm Project (https://polyformproject.org/) PolyForm Licenses (https://polyformproject.org/licenses/) Pamela Chestek LinkedIn (https://www.linkedin.com/in/pchestek/) Sasha Magee X/Twitter post on government procurement (https://twitter.com/sashax/status/941036458307076097) 18F (https://18f.gsa.gov/) What you should know about Vermont's proposed wealth taxes (Vermont Edition) (https://www.vermontpublic.org/show/vermont-edition/2024-02-12/what-you-should-know-about-vermonts-proposed-wealth-taxes) Software Engineering for Data Scientists by Catherine Nelson (https://www.oreilly.com/library/view/software-engineering-for/9781098136192/) Better Living Through Birding: Notes From a Black Man in the Natural World by Christian Cooper (https://www.penguinrandomhouse.com/books/671722/better-living-through-birding-by-christian-cooper/) Producing Open Source Software: How to Run a Successful Free Software Project by Karl Fogel (https://producingoss.com/) Credits Produced by Richard Littauer (https://www.burntfen.com/) Edited by Paul M. Bahr at Peachtree Sound (https://www.peachtreesound.com/) Show notes by DeAnn Bahr Peachtree Sound (https://www.peachtreesound.com/) Special Guest: Jacob Kaplan-Moss.
This week on the podcast we are talking with Dr. Nikki Robinson, a security architect and human factors researcher. She talks to us about he ever evolving cybersecurity landscape and the increasing sophistication of cyber attacks (ransomware) but basic tactics (phishing) are still successful. She expresses the importance of collaboration between security teams, IT, and developers. She gives us some actionable advice about creating user-friendly tools and better training as well as how open communication and collaboration are crucial for reducing cyber risks. Connect with Nikki: https://www.linkedin.com/in/dr-nikki-robinson/ Visit Shortarms website: https://www.shortarmsolutions.com/ You can follow us at: Linked In: https://www.linkedin.com/company/shortarmsolutions YouTube: https://www.youtube.com/@shortarmsolutions Twitter/X: https://twitter.com/ShortArmSAS
This week on the podcast we are talking with Dr. Nikki Robinson, a security architect and human factors researcher. She talks to us about he ever evolving cybersecurity landscape and the increasing sophistication of cyber attacks (ransomware) but basic tactics (phishing) are still successful. She expresses the importance of collaboration between security teams, IT, and developers. She gives us some actionable advice about creating user-friendly tools and better training as well as how open communication and collaboration are crucial for reducing cyber risks. Connect with Nikki: https://www.linkedin.com/in/dr-nikki-robinson/ Visit Shortarms website: https://www.shortarmsolutions.com/ You can follow us at: Linked In: https://www.linkedin.com/company/shortarmsolutions YouTube: https://www.youtube.com/@shortarmsolutions Twitter/X: https://twitter.com/ShortArmSAS
Artur Markiewicz podcast powiedzcospoinformatycznemu.pl Pierwszy w Polsce event, w którym NA ŻYWO pokazali realny przykład ataku na motocykl! - Prawdziwy motorbike hacking NA TWOICH OCZACHKonferencja D3V1C3 D33P D1V3 2024.02.29 - Warsztat hakerski wersja z video: https://youtu.be/3xGuPGScgIgKolejne wydarzenia znajdziesz tutaj: https://devicedeepdive.comPRELEGENCIMaciej NowakEntuzjasta cyberbezpieczeństwa, Security Architect w branży automotive, pasjonat kryptologii.Kamil GrzelaPasjonat hardware hacking, Security Architect w branży automotive, prelegent konferencji IT security.dr Sebastian ZielińskiAdwokat, doktor nauk prawnych, kryminolog, wykładowca akademicki.
Artur Markiewicz podcasthttps://powiedzcospoinformatycznemu.pl/artur-markiewicz-podcast/
Send us a Text Message.Become a cloud security architect by following this 3 level roadmap on the cyberman show.Link to shared drive with podcast content:https://drive.google.com/drive/folders/10vmcQ-oqqFDPojywrfYousPcqhvisnko?usp=drive_linkSupport the Show.Google Drive link for Podcast content:https://drive.google.com/drive/folders/10vmcQ-oqqFDPojywrfYousPcqhvisnkoMy Profile on LinkedIn: https://www.linkedin.com/in/prashantmishra11/Youtube Channnel : https://www.youtube.com/@TheCybermanShow Twitter handle https://twitter.com/prashant_cyber PS: The views are my own and dont reflect any views from my employer.
Fabian Kammel is a Security Architect at ControlPlane, where he helps to make the (cloud-native) world a safer place. In his career, he continuously worked to bring hardware security and cloud-native security closer together. His past projects include: * A cloud-native PKIs for on-road vehicle services secured by enterprise HSMs * An always-encrypted Kubernetes distribution that harnesses the power of Confidential Computing * And more recently securing SPIFFE-based machine identities via hardware attestation. Do you have something cool to share? Some questions? Let us know: - web: kubernetespodcast.com - mail: kubernetespodcast@google.com - twitter: @kubernetespod Links from the interview Confidential Computing Blog from kubernetes.io Confidential Computing Consortium Confidential Computing Whitepaper Intel SGX Enclave Swap Memory with Kubernetes in Beta in 1.28 Hardware Security Modules Trusted Platform Modules (TPM) Envelope Encryption Confidential Computing Concepts - Confidential Virtual Machine AMD Secure Encrypted Virtualization (AMD SEV) AMD Secure Encrypted Virtualization - Secure Nested Paging (AMD SEV SNP) Trusted Computing Base (TCB) Remote Attestation Confidentiality, Integrity, and Availability: The CIA Triad Intel SGX Enclaves Confidential Containers (CoCo) Katacontainers AWS Firecracker
On this episode of The Cybersecurity Defenders Podcast, we talk with David Burkett, founder of Signalblur, about reimagining the cyber kill chain from a defenders perspective.David is a dedicated and highly experienced Cloud Detection Engineer and Security Architect, with a proven track record of building three different Cyber Security Operations Centers for multiple MSSP/MDR providers. His expertise is backed by a strong set of GIAC certifications, including GCTI, GCIA, GPYC, and GCED... among others. David is proud to have been part of a security team that won the prestigious James S. Cogswell Outstanding Industrial Security Achievement Award from the Defense Counterintelligence and Security Agency. David is constantly seeking opportunities to grow and learn and is eager to connect with like-minded professionals in the cybersecurity domain.
Praba Maheswaran had a discussion regarding the Optus outage with an expert Mr Nadesu Yogeswaran who is working as a Senior Network Solution & Security Architect in Sydney. - Optus சேவைகள் நாடளாவிய ரீதியில் கடந்த புதனன்று செயலிழந்து காணப்பட்டன. இதனால் பல மில்லியன் கணக்கான ஆஸ்திரேலிய வாடிக்கையாளர்கள் மற்றும் வணிகங்கள் பாதிப்புக்குள்ளாகியிருந்தன. Optus சேவைகளின் இச் செயலிழப்புப் பற்றி சிட்னியில் Senior Network Solution & Security Architect ஆகப் பணி புரிந்துவரும் நடேசு யோகேஸ்வரன் அவர்களை சந்தித்து உரையாடுகிறார் மகேஸ்வரன் பிரபாகரன்.
Guest: Nikki Robinson, DSc, PhD, Security Architect at IBMOn LinkedIn | https://www.linkedin.com/in/ACoAACvFM8sBiEX_BJr6dIgw-ACWfS1I-ZJg3OM__________________________SponsorsAre you interested in sponsoring an ITSPmagazine Channel?
Guest: Nikki Robinson, DSc, PhD, Security Architect at IBMOn LinkedIn | https://www.linkedin.com/in/ACoAACvFM8sBiEX_BJr6dIgw-ACWfS1I-ZJg3OM__________________________SponsorsAre you interested in sponsoring an ITSPmagazine Channel?
In this episode Matt Johansen, Security Architect at Reddit and Vulnerable U newsletter and YouTube content creator, joins host Tom Eston to discuss Matt's background as one of the original “Security Twits”, his career journey, his passion for mental health advocacy, the significance of the recent MGM ransomware attack, and a discussion on the pros […] The post Content Creation, Mental Health in Cyber, The MGM Ransomware Attack appeared first on Shared Security Podcast.
Stop by this episode to see and hear what Angelica Faber, Security Architect at Microsoft, has been working on. Angelica has produced some great content and guidance using Azure OpenAI with Microsoft Sentinel to provide better efficiency and deeper knowledge for Security Operations teams. Show Notes/Links: Angelica's blog: https://myfabersecurity.com/ Angelica on LinkedIn: https://www.linkedin.com/in/angelica-faber/ Rubrick: https://www.rubrik.com/ Microsoft Envision The Tour: https://envision.microsoft.com/ Microsoft Sentinel Triage AssistanT (STAT): https://github.com/briandelmsft/SentinelAutomationModules This is a demo-heavy episode. Catch the full experience with the live show video replay…
On this episode of The Cybersecurity Defenders Podcast, we chat with David Burkett, Founder of Signalblur, about the growing threat of Linux ransomware.David is a dedicated and highly experienced Cloud Detection Engineer and Security Architect, with a proven track record of building three different Cyber Security Operations Centers for multiple MSSP/MDR providers.His expertise is backed by a strong set of GIAC certifications, including GCTI, GCIA, GPYC, and GCED... among others. David is proud to have been part of a security team that won the prestigious James S. Cogswell Outstanding Industrial Security Achievement Award from the Defense Counterintelligence and Security Agency. David is constantly seeking opportunities to grow and learn and is eager to connect with like-minded professionals in the cybersecurity domain. The article on Linux ransomware referenced in the podcast can be found here: A Deep Dive into Linux Ransomware ResearchAnd David's previous appearance on the show can be found here: Episode #6The Cybersecurity Defenders Podcast: a show about cybersecurity and the people that defend the internet.
Podcast: ICS Cyber Talks PodcastEpisode: Cyber Edu 3: Kfir Tzukrel Cyber Security Architect tech lead @OTORIO on the transition from IT to OTPub date: 2023-06-11Nachshon Pincu host Kfir Tzukrel (Tzuki), Cyber Security Architect tech lead @OTORIO, , and VP at the Israeli Chapter of (ISC)2, in a conversation about the transition from IT to OT cyber. The journey into cyber and OT? What are the essential differences between cyber IT and OT needed to consider when moving to cyber-OT? There is no formal training (at least not in Israel) for CISO OT. How did you approach studying the subject? Is it worth entering the field of cyber-OT? What should we expect for the future? And More נחשון פינקו מארח את כפיר צוקרל (צוקי), ארכיטקט סייבר ומוביל טכנולוגי באוטוריו, סמנכ"ל הסניף הישראלי של אי.סי.אס בריבוע שיחה על הכשרת סייבר והמעבר מסייבר למערכות מידע לסייבר במערכות תפעוליות המסע להכשרת סייבר והמעבר לסייבר למערכות תפעוליות מהם ההבדלים המהותיים בין סייבר למערכות מידע וסייבר למערכות תפעוליות, מה יש לקחת בחשבון בעת מעבר מקצועי לסייבר במערכות תפעוליות? אין הכשרה רשמית (לפחות לא בישראל) לסיסו מערכו תפעוליות, איך ניגשת ללימוד הנושא האם כדאי להיכנס לתחום הסייבר למערכות תפעוליות ומה העתיד צופן לתחום המיוחד הזה ועודThe podcast and artwork embedded on this page are from Nachshon Pincu, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.
Episode 219 of the #MVPbuzzChat interview series. Conversation between Microsoft Regional Director and MVP Christian Buckley (@buckleyplanet), and Security MVP, Morten Knudsen (@knudsenmortendk), a Cloud & Security Architect and owner of 2linkIT, based in Kolding, Denmark. You can also find this episode on the CollabTalk blog at https://www.buckleyplanet.com/2023/06/mvpbuzzchat-with-morten-knudsen.html
We are delighted to share our new episode of the {Closed} Session podcast with guest Alyssa Hutnik. Alyssa looms large in the privacy world, and she's been thinking deeply about the intersections of data, technology and the law for nearly two decades. She's also the Chief Privacy and Data Security Architect at Ketch, a super{set} company, as well as a lawyer. Listen to the episode and read the transcript at superset.com***The {closed} session - Season 4, Episode 2Guest, Ayssa Hutnik, Chief Privacy and Data Security Architect at Ketch.LinkedIn: https://www.linkedin.com/in/alysahutnikKetch: https://www.linkedin.com/company/ketchdigital/, TW: https://twitter.com/Ketch_DigitalSuper{set} Twitter:@supersetstudio, @ClosedSeshPodLinkedIn: https://www.linkedin.com/company/superset-studio/Twitter: @tommychavez, @vsvaidya
This episode dives into the crucial topic of Cybersecurity as Eveline Oehrlich and Dr. Nikki Robinson provide key insights about what we should be aware of in this ever-evolving digital world. Dr. Nikki Robinson is an experienced Security Architect with a demonstrated history of working in the IT and Cyber fields. Skilled in Statistical Data Analysis, Windows Server, Team Leadership, Penetration Testing, and Risk Management. Strong IT professional with a Doctorate of Science focused in Cybersecurity from Capitol Technology University. Recently completed a PhD in Human Factors to help bridge the gaps between users, technology, and security. Enjoy the Humans of DevOps Podcast? We're incredibly grateful to be voted one of the Best 25 DevOps Podcasts by Feedspot. Want access to more DevOps-focused content and learning? When you join SKILup IT Learning you gain the tools, resources and knowledge to help your organization adapt and respond to the challenges of today. Have questions, feedback or just want to chat about the podcast? Send us an email at podcast@devopsinstitute.com
Cyber Security is big business. In fact, it's estimated to be worth $160 billion. But that's likely to be peanuts compared to the value of cyber crime, which is estimated to cost the global economy $600 billion in 2022 - nearly 1% of the global economy. And just one corner of that - ransomware - costs the same in damage and paid-out fees as the entire cyber security industry: $160 billion. In fact, if ransomware was a country, its GDP would be higher than Morocco or Kuwait. In this episode, we'll be examining the rise of ransomware, where the risk lies in modern-day attacks, who is behind them, and what we can do about it.For Hewlett Packard Enterprise Senior Vice President and Global Chief Security Officer Bobby Ford, defeating ransomware is a constant and growing battle because its a straightforward payout for criminal gangs - there is no need to try and sell stolen data on the dark web or to foreign governments, you simply sell the victim back their access. He argues that the key to protecting ourselves is twofold. Firstly, use two-factor authentication wherever possible to guard against human weak-points such as opening infected emails. Secondly, be prepared to defend yourself. Be aware of the threats and where they are coming from, and mitigate them where you can, so long as it doesn't affect the running of your organisation. Beyond that, have a plan in place for being attacked, be that data recovery or, unfortunately, paying up. Chris Rogers is a Technologist at cyber security firm Zerto. He agrees that ransomware can be hard to avoid because humans are an inherent weakpoint, and ransomware attacks often come through human social engineering rather than password cracking. He points out that even momentary downtime can cause millions of dollars in damages. He agrees with Bobby that robust, quickly spooled up backups are an essential part of doing business. Unfortunately, that's easier said than done: Backups can sometimes be limited access, which is great for security but leaves organisations vulnerable if the key holder isn't immediately available. Beyond that, backups have to maintained incredibly regularly, as even a day's lost work for a large organisation can be a major blow. On the other hand, any back-up is better than no preparation at all. But how are cyber security threats like ransomware being treated at the very top of the tree? When it comes to cyber security, it doesn't get much more high value or (hopefully) secure than financial institutions. George Webster is chief Security Architect for HSBC. His office is tasked with quickly assessing threats, in particular APTs or Advanced Persistent Threats, and providing tools to counter them. He argues that the primary risk increase of the last couple of years has been people working from home, in situations where there are distractions and their security awareness may not be as strong as it was in the office. He also argues that on a wider level, it's not just staff who become more vulnerable as they are spread out: As ransomware becomes an increasing problem internationally, no organisation is safe anywhere in the world and being aware of the risk is key to countering it without shutting yourself off from the outside.The long show notes for this episode can be found here: https://community.hpe.com/t5/hpe-blog-uk-ireland-middle-east/ransomware-should-we-be-worried/ba-p/7183709#.Y_3FpHbP1PY
Guest: Michele Chubirka, Senior Cloud Security Advocate, Google Cloud Topics: We are here to talk about cloud migrations and we are here to talk about failures. What are your favorites? What are your favorite cloud security process failures? What are your favorite cloud security technical failures? What are your favorite cloud security container and k8s failures? Is "lift and shift" always wrong from the security point of view? Can it at least work as step 1 for a full cloud transformation? Resources: “Automate and/or Die?” (ep3) “More Cloud Migration Security Lessons” (ep18) “The Magic of Cloud Migration: Learn Security Lessons from the Field” (ep55) “Preparing for Cloud Migrations from a CISO Perspective, Part 1” (ep5) “Cloud Migrations: Security Perspectives from The Field” (ep33) "Dune" by Frank Herbert "The Science of Organizational Change" by Paul Gibbons "Servant Leadership: A Journey into the Nature of Legitimate Power and Greatness" by Robert K. Greenleaf "Finding the Sweet Spot for Change" State of Devops (DORA) Report 2022
Is the manager role the only path ahead in cybersecurity? Seif Hateb, Security Architect at Twilio, shares his view on the Individual Contributor vs Manager dilemma, and how people in the field can pursue the type of role that fits them best. And if you're just starting in the cybersecurity field, make sure to check out Seif's YouTube channel, full of expert advice on security fundamentals and how to kickstart your career -- with or without a technical degree: https://www.youtube.com/c/seifhateb
Welcome back folks, to Paranormal Heart Podcast. Thank you so much for spending your time with me. I'm your host Kat Ward. I have another great episode for you tonight. I am joined by Steve Surfaro. Steve wears many hats. He is a Technology Futurist, Security Architect, AI Subject Matter Expert, Paranormal Investigation Fan, DIYer, Photographer, Smart City Advocate, Cyclist, Amateur Sushi Chef and lover of Westies. In this episode, Steve discusses technology, AI and where they fit in with paranormal investigating.If you've had paranormal experiences and would like to be a guest on the show, or have questions, comments, or just want to say hello, drop me an email at paranormalheart13@gmail.com. I'd love to hear from you. And if you enjoy the show please give a review wherever you listen and please like, share, subscribe and leave a comment. It really does help the show.New episodes are releases on the second and last Sunday of each month at 5 pm easter standard time. You can find me on YouTube, Podbean, KPNL digital network on Thursday nights, and anyplace you find fine podcasts. Now, on with the show.
Show Links: Discord: https://discord.gg/thCAR7RMUe Must Learn KQL - MSI Podcast Coffee Mug All profits go to charity https://must-learn-kql.creator-spring.com/listing/microsoft-security-insights-po Show notes can be found on the podcast website at: http://microsoftsecurityinsights.com/
Welcome back folks, to Paranormal Heart Podcast. Thank you so much for spending your time with me. I'm your host Kat Ward. I have another great episode for you tonight. I am joined by Steve Surfaro. Steve wears many hats. He is a Technology Futurist, Security Architect, AI Subject Matter Expert, Paranormal Investigation Fan, DIYer, Photographer, Smart City Advocate, Cyclist, Amateur Sushi Chef and lover of Westies. In this episode, Steve discusses technology, AI and where they fit in with paranormal investigating. If you've had paranormal experiences and would like to be a guest on the show, or have questions, comments, or just want to say hello, drop me an email at paranormalheart13@gmail.com. I'd love to hear from you. And if you enjoy the show please give a review wherever you listen and please like, share, subscribe and leave a comment. It really does help the show. New episodes are releases on the second and last Sunday of each month at 5 pm easter standard time. You can find me on YouTube, Podbean, KPNL digital network on Thursday nights, and anyplace you find fine podcasts. Now, on with the show. Steve Surfaro's Contact Info LindedIn: https://www.linkedin.com/in/surfaro/ Twitter: https://twitter.com/stevesurf ------------------------------------------------------------------------------------------------------------------------------------------------------------------------ Kat's Contact Info and Friends of the Show TikTok: https://www.tiktok.com/@kat_ward3 Paranormal Heart on Facebook: https://www.facebook.com/groups/95932... and https://www.facebook.com/Paranormal-H... Twitter; https://twitter.com/katwghosthunt Instagram: https://www.instagram.com/paranormalh... Bryan Anderson, Voice Artist: https://bryanandersonvoice.com/ J.B. Coates on Instagram: https://www.instagram.com/obsidianwri... KPNL Digital Network: http://www.kpnl-db.com/ Purple Planet Royalty Free Music: https://www.purple-planet.com/ Unearthing Shadows Paranormal: https://www.instagram.com/unearthings... For amazing caricatures, The Real MG: https://www.therealmgmedia.com/ THANKS FOR WATCHING!
In episode 44 of Cybersecurity Where You Are, co-host Sean Atkinson is joined by Scott Hall, Security Architect at the Center for Internet Security (CIS). Together, they identify resources and buy-in as some of the key elements for implementing a zero trust framework. So begins a journey that evolves with your organization's changing business processes and functions. To be successful, it's important to accept that you'll always be tweaking things to fit your needs. It's also invaluable to take a business-centered approach. This includes maintaining an inventory of what you have so that your zero trust journey can drive, not inhibit, business growth.ResourcesFollow Scott on LinkedInPrioritizing a Zero Trust Journey Using CIS Controls v8Where Does Zero Trust Begin and Why is it Important?Episode 11: Remote Attestation Helps Zero TrustSimplifying Security
In this episode of the Virtual Coffee with Ashish edition, we spoke with Ashish Desai (Ashish Desai's Linkedin) about how much of the on-premise can work in Cloud, what the online world is saying versus the reality of what businesses are experiencing. --Announcing Cloud Security Villains Project-- We are always looking to find creative ways to educate folks in Cloud Security and the Cloud Security Villains is part of this education pieces. Cloud Security Villains are coming, you can learn how to defeat them in this YouTube Playlist link Episode ShowNotes, Links and Transcript on Cloud Security Podcast: www.cloudsecuritypodcast.tv Host Twitter: Ashish Rajan (@hashishrajan) Guest Twitter: Ashish Desai (@ashishlogmaster) Podcast Twitter - @CloudSecPod @CloudSecureNews If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels: - Cloud Security News - Cloud Security Academy Spotify TimeStamp for Interview Questions (00:00) Intro (05:50) Ashish Desai's Professional Background (06:21) Academic Freedom and no firewall (07:12) What are the roles and responsibilities of an AWS cloud security architect? (09:27) Difference between managing permissions between onpremise vs Cloud service provider (13:02) Running Windows 2003 on AWS EC2 Bare Metal (13:28) Running Old Virtual Servers on AWS (14:13) Cloud is secure by default (14:54) CI/CD with Github and Terraform is not common (15:28) Do people use CI/CD? (15:37) Traditional on-premise staff is your new cloud engineer (16:50) Business are not fully advanced (17:47) Failed Kubernetes Deployment in production example (18:45) Managed and Bare Metal Kubernetes can only maintain 1 replica (19:10) What is 1 replica in Kubernetes? (20:36) Problem with stateful app running on Kubernetes (21:35) Change Management in Cloud (21:57) Deployment phases in Cloud (22:34) Why was ServiceNow required? (24:39) Why ServiceNow couldn't keep up? (26:33) Native Solutions bypass Change Management (28:43) Role of Security Architect in a New Cloud World (29:53) DevExperience is holding Cloud Adoption success (32:08) CyberProfessionals to know atleast 1 language to be succesful (32:27) Do Architect need to know how to code in Enterprise context? (33:24) Knowing Code to understand the lay of the land (35:22) Has the Architecture Frameworks changed in the Cloud world? (37:15) What other skillsets outside of coding is required to be successful in Cloud (39:54) Should we care about being Cloud agnostic? (40:41) Architecture for Operational side of Cloud Security? (43:51) Practical things for advancing Cloud skills? (48:36) Can anyone come out of uni and become a Cloud Security Architect (50:32) Resources for education on Cloud security architects (51:36) Fun Section
In this episode of the Virtual Coffee with Ashish edition, we spoke with Kat Traxler (Kat's Linkedin) about the skillset, certification and knowledge base required to become a cloud security architect in 2023. Episode ShowNotes, Links and Transcript on Cloud Security Podcast: www.cloudsecuritypodcast.tv Host Twitter: Ashish Rajan (@hashishrajan) Guest Twitter: Kat Traxler (Kat's Linkedin) Podcast Twitter - @CloudSecPod @CloudSecureNews If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels: - Cloud Security News - Cloud Security Academy Spotify TimeStamp for Interview Questions (00:00) Ashish's Intro to the Episode (02:28) https://snyk.io/csp (02:46) A bit about Kat (05:35) What does a security architect do? (06:46 )The difference in the Cloud Security Architect role (11:08) The building blocks of building an application in AWS (13:41) Are there DMZs in Cloud Architecture? (15:54) Cybercriminal and Cloud exploitation (19:04) How to keep with rapid changes in cloud? (20:08) AWS pre:invent update (21:39) Why is IAM important in Cloud? (25:03) Do cloud security architects need to know coding and automation? (27:38) How important are certifications? (31:49) Getting in cloud security with no experience (33:41) What are important skills for architect? (35:33) SANS certifications for Cloud Security Architects (37:04) How important is ist to have multi cloud knowledge (40:44) Frameworks to build cloud architecture (42:59) Do you need to know software development? (44:19) Roadmap to become a cloud security architect (45:32) What is the most difficult thing related to architecture? (49:32) The Fun Section
In this episode of the Virtual Coffee with Ashish edition, we spoke with Christophe Parisel (Christophe's Linkedin) about what how to transition from being a technical architect on premise to a cloud security architect and then a cloud native security architect. Episode ShowNotes, Links and Transcript on Cloud Security Podcast: www.cloudsecuritypodcast.tv Host Twitter: Ashish Rajan (@hashishrajan) Guest Twitter: Christophe Parisel (Christophe's Linkedin) Podcast Twitter - @CloudSecPod @CloudSecureNews If you want to watch videos of this LIVE STREAMED episode and past episodes - Check out our other Cloud Security Social Channels: - Cloud Security News - Cloud Security Academy Spotify TimeStamp for Interview Questions (00:00) Ashish's Intro to the Episode (02:21) https://snyk.io/csp (03:18) A little bit about Christophe (05:08) What is Cloud Native? (07:27) Why Cloud Native is important? (09:34) Responsibilities of Cloud Native Architect (13:15) Solution Architect vs Cloud Native Architect (15:32) Culture to move into Cloud Native Environment (18:09) Designing an application in Cloud (21:41) Designing an application using Kubernetes Cluster (24:39) Learning Kubernetes as an Architect (28:09) Common services people should standardise (31:50) Frameworks for Kubernetes Architecture (34:06) Logging with Kubernetes at Scale (38:24) Challenge with transitioning to Cloud Native Security Architect (39:43)Should we trust the cloud? (43:37) Bottlerocket in Kubernetes (46:00) Certifications for Cloud Native Security Architect
Joel Dunning, architect and security design expert, answers reader questions about mitigating risk through secure facility design. Dunning, who is a Partner and Government Planning Group Leader at Wold Architects and Engineers, talks gaining community security buy-in; toeing the line between overt and covert security; and candid stories from facilities he's helped secure.
Joel Dunning, architect and security design expert, answers reader questions about mitigating risk through secure facility design. Dunning, who is a Partner and Government Planning Group Leader at Wold Architects and Engineers, talks gaining community security buy-in; toeing the line between overt and covert security; and candid stories from facilities he's helped secure.
In this episode, listen in on the expert panel recorded live at HIP London, the first stop on this year's Hybrid Identity Protection Roadshow in June 2022. At this event, Sean speaks with Simon Hodgkinson (Strategic Advisor, Semperis and former bp CISO), Ria Thomas (Managing Director, Polynia Advisory), and John Craddock (IT Infrastructure and Security Architect, XTSeminars LTD) about the relationship between identity security and operation resilience. The panel also discusses how organizations can develop crisis management plans that account for the protection of their Zero Trust foundations. And don't miss your chance to participate LIVE in expert HIP discussions like these. Join the upcoming HIP NYC event on November 9. Learn more at https://www.eventbrite.com/e/hip-nyc-tickets-412996843677.
In this episode, listen in on the expert panel recorded live at HIP London, the first stop on this year's Hybrid Identity Protection Roadshow in June 2022. At this event, Sean speaks with Simon Hodgkinson (Strategic Advisor, Semperis and former bp CISO), Ria Thomas (Managing Director, Polynia Advisory), and John Craddock (IT Infrastructure and Security Architect, XTSeminars LTD) about the relationship between identity security and operation resilience. The panel also discusses how organizations can develop crisis management plans that account for the protection of their Zero Trust foundations. And don't miss your chance to participate live in expert HIP discussions like these. Join the upcoming HIP NYC event, November 9. Learn more at https://www.eventbrite.com/e/hip-nyc-tickets-412996843677.
In this episode of The Business of Security, we discuss Dr. Robinson's upcoming book, Mind the Tech Gap, and how to manage the problem of low to non-existent collaboration between IT and Security teams. This conversation covers tools and techniques for creating a rich, collaborative environment for organizations in order to achieve security goals. Guest:Dr. Nikki Robinson, Security Architect at IBM, Adjunct Professor at Capital Technology University Hosts:Josh Bruyning, Solution Engineer @TrustMAPP and Chad Boeckmann, Founder/CEO @TrustMAPPSponsor:TrustMAPP (https://trustmapp.com)Mind the Tech Gap: Robinson, Nikki: 9781032206165: Amazon.com: Books
In this episode we talk with Brook Schoenfield and Dr. James Ransome about the Comparative Software Security capability and how it can help your teams build security into their product development practices. Brook S.E. Schoenfield is the author of Secrets Of A Cyber Security Architect (Auerbach, 2019) and Securing Systems: Applied Security Architecture and Threat Models (CRC Press, 2015). Building In Security At Agile Speed (with James Ransome, Auerbach, 2021), focuses on software security for continuous development practices and DevOps. Brook helps clients with their software security and secure design practices. He mentors technical leaders to effectively deliver security strategy. He is a technical leader and advisor to Resilient Software Security, LLC and True Positives, LLC. Previously, he technically led product security architecture at McAfee (Intel), Cisco Engineering, IT security architecture at Autodesk, and Web and Application security for Cisco Infosec. He is a founding member of IEEE's Center for Secure Design and is a featured Security Architect at the Bletchley Park Museum of Computing. He is the originator of Baseline Application Vulnerability Assessment (BAVA), Just Good Enough Risk Rating (JGERR), Architecture, Threats, Attack Surfaces and Mitigations (ATASM) and developer-centric security. He contributed to Core Software Security (CRC Press, 2014), and co-authored The Threat Modeling Manifesto (2020), Avoiding the Top 10 Security Design Flaws (IEEE, 2014) and Tactical Threat Modeling (SAFECode, 2017). Dr. James Ransome, PhD, CISSP, CISM is the Chief Scientist for CYBERPHOS, an early stage cybersecurity startup. Most recently, James was the Senior Director of Security Development Lifecycle Engineering for Intel's Product Assurance and Security (IPAS). In that capacity, he led a team of SDL engineers, architects, and product security experts to drive and implement security practices across the company. Prior to that, James was the Senior Director of Product Security and PSIRT at Intel Security (formerly McAfee). James's career includes leadership positions in the private and public sectors. He served in three chief information security officer (CISO) roles at Applied Materials, Autodesk, and Qwest Communications and four chief security officer (CSO) positions at Pilot Network Services, Exodus Communications, Exodus Communications—Cable and Wireless Company, and Cisco Collaborative Software Group. Before entering the corporate world, He worked in government service for 23 years supporting the U.S. intelligence community, federal law enforcement, and the Department of Defense. --- Send in a voice message: https://podcasters.spotify.com/pod/show/comparativeagility/message
Ransomware struck global currency exchange and remittance company Travelex on New Year's Eve 2019. Security Architect Don Gibson was DJing at a friend's place when the first alerts came in. That night kicked off turbulent period for Don that lasted throughout the rest of the year. His name became publicly linked with the Travelex incident, and the attention was completely undesired. His story is one of how social media, a frantic incident response and stress contributed to a nearly tragic health outcome. He went from IR, or incident response, to the ER – the hospital's emergency room. Speakers: Don Gibson, former Security Architect, Travelex; Jeremy Kirk, Executive Editor, Information Security Media Group. Sources and transcript for this episode are here. Production Coordinator: Rashmi Ramesh. The Ransomware Files theme song by Chris Gilbert/©Ordinary Weirdos Records. Music by Uppbeat and Podcastmusic.com. Follow The Ransomware Files on Twitter: @ransomwarefiles Follow The Ransomware Files on Instagram: @theransomwarefiles
Ep. 46 of the Cyber Law Revolution is live! Pleased to have Felicia King, Security Architect and Information Security Officer, from QPC Security on the show! Felicia turns the tables on me and puts me on the spot to talk about the importance and role of a breach coach, how we all work as a team, and preparation preparation preparation! Keeps the questions, calls, comments, etc. coming. Call me at 410-917-5189 or email me spollock@wtplaw.com Enjoy!
Petko Stoyanov, Chief Technology Officer for Global Governments at Forcepoint Petko Stoyanov serves as Forcepoint's Chief Technology Officer for Global Governments. He focuses on strategy, technology and go-to-market for enterprise-focused solutions across the government verticals in Australia, Canada, New Zealand, United Kingdom, and the United States. Petko is an experienced cyber security leader who specializes in establishing information security programs and driving security maturity in technology through and experience specialized in aerospace, technology, and cloud. He has prior experience as an Information Security Manager and Security Architect leading and designing secure tamper resistant security systems and advanced multi-level security systems. Petko's LinkedIn https://www.linkedin.com/in/petko-stoyanov/ For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e170
Security Architects are responsible for planning, designing, testing, implementing and maintaining an organization's computer and network security infrastructure. Security Architects develop information technology rules and requirements that describe baseline and target architectures and support enterprise mission needs. Advanced technical knowledge of network/web protocols, infrastructure, authentication, enterprise risk management, security engineering, communications and network security, identity and access management, and incident response, is critical to success in this role.Learn more: https://www.infosecinstitute.com/skills/train-for-your-role/security-architect/0:00 - Intro 0:31 - What is a security architect? 1:07 - How to become a security architect2:15 - What certifications should a security architect get? 3:07 - Skills a security architect needs4:07 - Learning as a security architect7:06 - Security architect tools7:58 - Where do security architects work 9:28 - Private vs federal security architects11:09 - Related roles to security architect12:12 - Start working toward security architect13:23 - OutroAbout InfosecInfosec believes knowledge is power when fighting cybercrime. We help IT and security professionals advance their careers with skills development and certifications while empowering all employees with security awareness and privacy training to stay cyber-safe at work and home. It's our mission to equip all organizations and individuals with the know-how and confidence to outsmart cybercrime. Learn more at infosecinstitute.com.
Episode 6 (Air Force Medical Administrator to Security Architect for a Retail Company) Host: Jon *** I am an active duty Marine, and any opinion expressed on this show is my own and is not military regulation or policy. *** Talk About The Episode: Jay McLendon ***Any opinion expressed is my own and not of any organization I am a part of*** Enlisted in the Air Force in 1987 and got out in 1991. MOS: 90650: Medical Admin (Aeroevacuation) Currently is a Security Architect for a Retail Company Talk With The Guest: Prior to the Air Force, he had no experience in IT. His favorite subject: Researching new technologies and solutions for problem sets and use cases. What helped him get to where he is today: Management, discipline, and motivation to get things done. Advice for Military transitioning out: Figuring out your focus area. Attend some training and get certifications based on that focus area. Don't be afraid to use your network/relationships to help out. Closing: Jay McLendon, Security Engineer LinkedIn: https://www.linkedin.com/in/jaymclendon/ ACP: https://www.acp-usa.org/ Victory Junction: https://victoryjunction.org Patriot Guard: https://www.patriotguard.org/about-us/ TeKSystems: https://www.teksystems.com “Can't Hurt Me” by David Goggins: https://www.amazon.com/Cant-Hurt-Me-David-Goggins-audiobook/dp/B07KKP62FW/ref=tmm_aud_swatch_0?_encoding=UTF8&qid=&sr= “Dear Rodeo: The Cody Johnson Story”: https://www.amazon.com/gp/video/detail/B09JBLJJWM/ref=atv_dp_share_cu_r Salary Lookup: https://www.levels.fyi The Show: Website: https://www.thebunkhousecast.com Email: contact@thebunkhousecast.com. Follow on Twitter with @BunkhouseCast Follow on Facebook with @BunkhouseCast “Be The Light In Someone's Dark” I created this podcast using version 3.0.3 of Audacity(R) recording and editing software[1]. [1] Audacity® software is copyright © 1999-2021 Audacity Team. Web site: https://audacityteam.org/. It is free software distributed under the terms of the GNU General Public License. The name Audacity® is a registered trademark.
The SolarWinds supply chain breach is arguably the biggest hack in history. OSIsoft's Security Architect, Bryan Owen, joins us to explore the breach and what it means for industrial security.