Podcast appearances and mentions of sergio caltagirone

  • 7PODCASTS
  • 16EPISODES
  • 44mAVG DURATION
  • ?INFREQUENT EPISODES
  • Jul 15, 2024LATEST

POPULARITY

20172018201920202021202220232024


Best podcasts about sergio caltagirone

Latest podcast episodes about sergio caltagirone

The CyberWire
The current state of MITRE ATT&CK.

The CyberWire

Play Episode Listen Later Jul 15, 2024 18:37


Rick Howard, The CSO, Chief Analyst, and Senior Fellow at N2K Cyber, discusses the current state of MITRE ATT&CK with CyberWire Hash Table guests Frank Duff, Tidal Cyber's Chief Innovation Officer, Amy Robertson, MITRE Threat Intelligence Engineer and ATT&CK Engagement lead, and Rick Doten, Centene's VP of Information Security. References: Amy L. Robertson, 2024. ATT&CK 2024 Roadmap  [Essay]. Medium. Blake E. Strom, Andy Applebaum, Doug P. Miller, Kathryn C. Nickels, Adam G. Pennington, Cody B. Thomas, 2018. MITRE ATT&CK: Design and Philosophy [Historical Paper]. MITRE. Eric Hutchins, Michael Cloppert, Rohan Amin, 2010. Intelligence-Driven Computer Network Defense Informed by Analysis of Adversary Campaigns and Intrusion Kill Chains [Historic Paper]. Lockheed Martin Corporation. Nick Selby, 2014. One Year Later: The APT1 Report [Essay]. Dark Reading. Rick Howard, 2023. Cybersecurity First Principles: A Reboot of Strategy and Tactics [Book]. Goodreads. Rick Howard, 2020. Intrusion kill chains: a first principle of cybersecurity.  [Podcast]. The CyberWire. Rick Howard, 2022. Kill chain trifecta: Lockheed Martin, ATT&CK, and Diamond. [Podcast]. The CyberWire. Rick Howard, 2020. cyber threat intelligence (CTI) (noun) [Podcast]. Word Notes: The CyberWire. Kevin Mandia, 2014. State of the Hack: One Year after the APT1 Report [RSA Conference Presentation]. YouTube. SAHIL BLOOM, 2023. The Blind Men & the Elephant [Website]. The Curiosity Chronicle. Sergio Caltagirone, Andrew Pendergast, and Christopher Betz. 05 July 2011. The Diamond Model of Intrusion Analysis. Center for Cyber Threat Intelligence and Threat Research.[Historical Paper] Staff, n.d. Home Page [Website]. Tidal Cyber. Learn more about your ad choices. Visit megaphone.fm/adchoices

Coffee Talk with SURGe
Coffee Talk with SURGe: The Interview Series featuring Sergio Caltagirone

Coffee Talk with SURGe

Play Episode Listen Later Jun 14, 2023 48:53


Join us as we kick off our new bi-weekly 1-1 interview series, starting with Sergio Caltagirone. Sergio was formerly at NSA, Director of Threat Intelligence at Microsoft, VP of Threat Intelligence at Dragos, Technical Director of the Global Emancipation Network, now the founder and president of the Threat Intelligence Academy, and of course, co-author of The Diamond Model.  We will talk about all the things threat intelligence, thought models, and probably a solid side of snark. Links: Episode livestream ChrisSanders.org Read the Cuckoos Egg Sergio's new adventure!

Down the Security Rabbithole Podcast
DtSR Episode 537 - Sergio Talks Threat Intelligence

Down the Security Rabbithole Podcast

Play Episode Listen Later Feb 7, 2023 51:14


TL;DR: I'm extremely excited to present to you, dear listeners and friends, a wonderful conversation with Sergio Caltagirone, who is quite the authority on 'threat intelligence' - where others talk tools and limited knowledge, Sergio literally was there at the birth of the cyber dawn of the threat intelligence operations we know (or don't know) today. Sergio has been at an agency, at Microsoft, at Dragos - and he knows threat intelilgence from theory to applications. Listen in, learn a bit, and laugh along as the Chinese spy baloon (that's my story and I'm sticking to it) disrupts our communications with our pal, Sergio. Video Link (unedited, and hilarious): https://youtube.com/live/SuH4uxBiX3E  Guest Sergio Caltagirone LinkedIn: https://www.linkedin.com/in/sergiocaltagirone/ 

@BEERISAC: CPS/ICS Security Podcast Playlist
Threat Intelligence with Sergio Caltagirone

@BEERISAC: CPS/ICS Security Podcast Playlist

Play Episode Listen Later Mar 20, 2022 55:26


Podcast: Unsolicited Response Podcast (LS 30 · TOP 5% what is this?)Episode: Threat Intelligence with Sergio CaltagironePub date: 2022-03-16Dale Peterson's guest on the Unsolicited Response show is Sergio Caltagirone, VP of Threat Intel at Dragos.   What is good threat intel? How does threat intel "reduce harm by reducing operational meantime to recovery"? Should an asset owner care about the various threat actors named by Dragos, Mandiant and others? Does it matter if it was Petrovite or Erythracite? Why are the top recommendations in Dragos and other threat intel annual reports the typical, same as they always are, recommendations? What is the value if this is the case? What does an asset owner need to have in place to make use of threat intel? How does threat intel deal with the fact we are very bad at calculating or predicting likelihood? Why did you feel the new Journal of Threat Intelligence and Incident Response was needed? Links: Dragos 2021 Year In Review Webinar with Sergio on 2021 Year In Review Sergio's Threat Intel Class at the Threat Intelligence Academy S4x22, April 19-21 in Miami South Beach The podcast and artwork embedded on this page are from Dale Peterson: ICS Security Catalyst and S4 Conference Chair, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Unsolicited Response Podcast
Threat Intelligence with Sergio Caltagirone

Unsolicited Response Podcast

Play Episode Listen Later Mar 16, 2022 55:26


Dale Peterson's guest on the Unsolicited Response show is Sergio Caltagirone, VP of Threat Intel at Dragos.   What is good threat intel? How does threat intel "reduce harm by reducing operational meantime to recovery"? Should an asset owner care about the various threat actors named by Dragos, Mandiant and others? Does it matter if it was Petrovite or Erythracite? Why are the top recommendations in Dragos and other threat intel annual reports the typical, same as they always are, recommendations? What is the value if this is the case? What does an asset owner need to have in place to make use of threat intel? How does threat intel deal with the fact we are very bad at calculating or predicting likelihood? Why did you feel the new Journal of Threat Intelligence and Incident Response was needed? Links: Dragos 2021 Year In Review Webinar with Sergio on 2021 Year In Review Sergio's Threat Intel Class at the Threat Intelligence Academy S4x22, April 19-21 in Miami South Beach

ZDNet Security Update
Cyber attacks: How to protect your industrial control systems from hackers

ZDNet Security Update

Play Episode Listen Later Aug 6, 2021 20:02


ZDNet Security Update: Danny Palmer talks to Sergio Caltagirone, VP of Threat Intelligence at Drago,s about the risk cyber attacks pose to industrial infrastructure and what actions need to be taken to stop them before it's too late. Learn more about your ad choices. Visit megaphone.fm/adchoices

The CyberWire
Ransomware disrupts pipeline operations in the Eastern US. Other ransomware attacks reported by US municipal and Tribal governments. UK-US advisory on SVR TTPs. SolarWinds update.

The CyberWire

Play Episode Listen Later May 10, 2021 26:02


Colonial Pipeline shuts down some systems after a ransomware attack, disrupting refined petroleum product delivery in the Eastern US. We’ll check in with Sergio Caltagirone from Dragos for his analysis. Other ransomware attacks hit city and Tribal governments. Joint UK-US alert on SVR tactics issued, and the SVR may have changed its methods accordingly. SolarWinds revised downward its estimate of the number of customers affected by its compromise. Rick Howard previews his CSO Perspectives podcasts on risk metrics. Four guilty pleas in “bulletproof hosting” RICO case. For links to all of today's stories check out our CyberWire daily news brief: https://www.thecyberwire.com/newsletters/daily-briefing/10/89

The CyberWire
Carding Mafia hacked by other criminals. Gangland extortion. Section 230 reform. Director NSA talks about cyber defense, especially foreign attacks staged domestically. Propaganda. Hacktivism.

The CyberWire

Play Episode Listen Later Mar 26, 2021 28:23


Criminal-on-criminal cyber crime. Ransomware hits European and North American businesses. Big Tech goes (virtually) to Capitol Hill to talk disinformation and Section 230. The head or NSA and US Cyber Command discusses election security and cyber defense with the Senate Armed Services Committee. Russia complains of a US assault on Russia’s “civilizational pillars.” Accenture’s Josh Ray shares his thoughts on securing the supply chain. Our guest is Sergio Caltagirone from Dragos on their 2020 ICS/OT Cybersecurity Year in Review. And there appears to be a minor resurgence of hacktivism. For links to all of today's stories check out our CyberWire daily news brief: https://www.thecyberwire.com/newsletters/daily-briefing/10/58

@BEERISAC: CPS/ICS Security Podcast Playlist
ICS Threat Intel with Sergio Caltagirone

@BEERISAC: CPS/ICS Security Podcast Playlist

Play Episode Listen Later Mar 24, 2020 46:20


Podcast: Unsolicited Response PodcastEpisode: ICS Threat Intel with Sergio CaltagironePub date: 2020-03-23Sergio began his career doing threat intelligence in the US Government's NSA and now is the VP of Threat Intel at Dragos. We focus in this episode on where the data for threat intel is obtained, how the threat intel product is created, and how it should be used by an ICS asset owner. Where are the data 'mines' where the raw data is available and how to find the nuggets? What is a typical threat intel product / set of information? Does threat intel include attribution (who is the threat actor(s))? What is the difference between a threat actor and what Sergio calls an activity group? Is this important for the asset owner to know? How do you determine when you have enough completeness and accuracy to write and deliver threat intel product? How do you define the accuracy of a threat intel report or specific findings in a report? How would an asset owner use threat intel? Is it actually providing new recommendations that a good ICS security program wouldn't already prioritize. Customers should drive threat intel through their questions so they can make better business decisions. The podcast and artwork embedded on this page are from Dale Peterson: ICS Security Catalyst and S4 Conference Chair, which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

Unsolicited Response Podcast
ICS Threat Intel with Sergio Caltagirone

Unsolicited Response Podcast

Play Episode Listen Later Mar 23, 2020 46:20


Sergio began his career doing threat intelligence in the US Government's NSA and now is the VP of Threat Intel at Dragos. We focus in this episode on where the data for threat intel is obtained, how the threat intel product is created, and how it should be used by an ICS asset owner. Where are the data 'mines' where the raw data is available and how to find the nuggets? What is a typical threat intel product / set of information? Does threat intel include attribution (who is the threat actor(s))? What is the difference between a threat actor and what Sergio calls an activity group? Is this important for the asset owner to know? How do you determine when you have enough completeness and accuracy to write and deliver threat intel product? How do you define the accuracy of a threat intel report or specific findings in a report? How would an asset owner use threat intel? Is it actually providing new recommendations that a good ICS security program wouldn't already prioritize. Customers should drive threat intel through their questions so they can make better business decisions.

The CyberWire
Operation Soft Cell targets mobile networks. DC and Tehran trade barbs. Critical infrastructure concerns. Maryland’s Cyber Defense Initiative.

The CyberWire

Play Episode Listen Later Jun 25, 2019 20:35


Operation Soft Cell was low, slow, patient, and focused, and apparently run from China. Washington and Tehran are woofing at each other, with more exchanges in cyberspace expected. Cyber due diligence is taken increasingly seriously during mergers and acquisitions. Short-sighted design choices affect app security. The US security clearance process gets an overhaul. Shimmers replace skimmers. And yesterday’s US Internet outage explained. Sergio Caltagirone from Dragos on the growing tensions between the US, Russia and Iran and how providers of critical infrastructure can prepare. Tamika Smith interviews Danielle Gaines, a reporter for Maryland Matters, on MD Gov. Hogan’s response to the Baltimore ransomware incident, the creation of the Maryland Cyber Defense Initiative. For links to all of today's stories check our our CyberWire daily news brief: https://thecyberwire.com/issues/issues2019/June/CyberWire_2019_06_25.html  Support our show

@BEERISAC: CPS/ICS Security Podcast Playlist
DtSR Episode 276 - Game Changer in ICS (no FUD edition)

@BEERISAC: CPS/ICS Security Podcast Playlist

Play Episode Listen Later Mar 16, 2019 44:05


Podcast: Down the Security Rabbithole PodcastEpisode: DtSR Episode 276 - Game Changer in ICS (no FUD edition)Pub date: 2017-12-26What: In this episode we get the facts on the recent game-changing malware/attacks that appear to be nation-state sponsored attacking critical safety systems in industrial controls (ICS). Why: You've probably read about it, and depending on what you read you may only have the hype or half the story. Who: As always, Sergio Caltagirone from Dragos is the master at telling a great story, from just the facts. He's part of the team that did the analysis, wrote the narrative, and then ended up on countless phone calls explaining it to executives and national security types. He knows his craft. Links: Dragos blog about the topic: https://dragos.com/blog/trisis/ Fireeye's version: https://www.fireeye.com/blog/threat-research/2017/12/attackers-deploy-new-ics-attack-framework-triton.html We invited him on this special episode to give you the inside story, to separate some of the hyperbole from reality - so listen up.  The podcast and artwork embedded on this page are from Rafal Los (Wh1t3Rabbit), which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

@BEERISAC: CPS/ICS Security Podcast Playlist
DtSR Episode 254 - Lowdown and Dirty ICS

@BEERISAC: CPS/ICS Security Podcast Playlist

Play Episode Listen Later Mar 16, 2019 62:26


Podcast: Down the Security Rabbithole PodcastEpisode: DtSR Episode 254 - Lowdown and Dirty ICSPub date: 2017-07-25This week Sergio Caltagirone joins James and I to talk about Industrial Controls networks and systems and some of the dangers that go undiscussed. Sergio is a 2nd timer, and we take the opportunity to catch up and discuss one of his favorite topics.   Additionally, we talk about a some of the topics that were discussed the week this podcast was recorded, a few weeks ago.   Whether you're in Las Vegas for Black Hat Conference 2017 or not, take a listen to this sobering discussion about industrial controls and some of the more clear and present dangers facing us in that sector.   Thanks again for joining us, Sergio!The podcast and artwork embedded on this page are from Rafal Los (Wh1t3Rabbit), which is the property of its owner and not affiliated with or endorsed by Listen Notes, Inc.

las vegas lowdown listen notes 25this industrial controls black hat conference sergio caltagirone
Down the Security Rabbithole Podcast
DtSR Episode 276 - Game Changer in ICS (no FUD edition)

Down the Security Rabbithole Podcast

Play Episode Listen Later Dec 26, 2017 44:05


What: In this episode we get the facts on the recent game-changing malware/attacks that appear to be nation-state sponsored attacking critical safety systems in industrial controls (ICS). Why: You've probably read about it, and depending on what you read you may only have the hype or half the story. Who: As always, Sergio Caltagirone from Dragos is the master at telling a great story, from just the facts. He's part of the team that did the analysis, wrote the narrative, and then ended up on countless phone calls explaining it to executives and national security types. He knows his craft. Links: Dragos blog about the topic: https://dragos.com/blog/trisis/ Fireeye's version: https://www.fireeye.com/blog/threat-research/2017/12/attackers-deploy-new-ics-attack-framework-triton.html We invited him on this special episode to give you the inside story, to separate some of the hyperbole from reality - so listen up.  

Source Code Podcast
Source Code S2: Episode 4 - Sergio Caltagirone

Source Code Podcast

Play Episode Listen Later Nov 28, 2017 75:06


Sometimes you only need one name. Prince, Madonna, Oprah....and Sergio. This week I'm thrilled to be joined by my good friend Sergio Caltagirone. We talked about the importance of ICS security, control system themed road trips, and the intersection of information security and philosophy. Sergio takes us through his journey from the Department of Defense, Microsoft and at Dragos. We also get the story of how the Diamond model came into existence. Perhaps most importantly, we talk about his work to fight human trafficking and how he is applying data science to this problem at the Global Emancipation Network.

Down the Security Rabbithole Podcast
DtSR Episode 254 - Lowdown and Dirty ICS

Down the Security Rabbithole Podcast

Play Episode Listen Later Jul 24, 2017 62:26


This week Sergio Caltagirone joins James and I to talk about Industrial Controls networks and systems and some of the dangers that go undiscussed. Sergio is a 2nd timer, and we take the opportunity to catch up and discuss one of his favorite topics.   Additionally, we talk about a some of the topics that were discussed the week this podcast was recorded, a few weeks ago.   Whether you're in Las Vegas for Black Hat Conference 2017 or not, take a listen to this sobering discussion about industrial controls and some of the more clear and present dangers facing us in that sector.   Thanks again for joining us, Sergio!

las vegas lowdown industrial controls black hat conference sergio caltagirone