Podcasts about some questions we ask how

  • 12PODCASTS
  • 65EPISODES
  • 35mAVG DURATION
  • ?INFREQUENT EPISODES
  • Oct 16, 2024LATEST

POPULARITY

20172018201920202021202220232024


Best podcasts about some questions we ask how

Latest podcast episodes about some questions we ask how

The BlueHat Podcast
Host vs Host: Get to Know Nic and Wendy

The BlueHat Podcast

Play Episode Listen Later Oct 16, 2024 35:52


In this episode of the Blue Hat Podcast, hosts Nic Fillingham and Wendy Zenone interview each other to give listeners insight into their personal and professional backgrounds. Nic recounts his unique career journey, which began with jobs like working as a chicken butcher and selling CDs, before joining Microsoft as an Xbox demo specialist. His career with Microsoft spanned various roles, ultimately leading him to work on the Blue Hat program, where he was captivated by the concept of ethical hacking. Wendy, on the other hand, shares her transition from PR into security, with stops at Netflix and Salesforce, and her current role at Microsoft leading the Strike program.    In This Episode You Will Learn:      Wendy's experience buying chicken from a stranger in a parking lot  Nic's encounter with The Rock during a wrestling game demo  Wendy starting in public relations before transitioning to the security world    Some Questions We Ask:       How did attending an all-women's software engineering school influence your career shift?  What do you enjoy most about working in the security field?  What advice do you have for women looking to enter the security industry?     Resources:   View Wendy Zenone on LinkedIn   View Nic Fillingham on LinkedIn  Related Microsoft Podcasts:   Microsoft Threat Intelligence Podcast   Afternoon Cyber Tea with Ann Johnson   Uncovering Hidden Risks     Discover and follow other Microsoft podcasts at microsoft.com/podcasts     The BlueHat Podcast is produced by Microsoft and distributed as part of N2K media network. 

The BlueHat Podcast
Ryen Macababbad on How Security Can Empower Productivity

The BlueHat Podcast

Play Episode Listen Later Sep 4, 2024 40:42


Ryen Macababbad, Principal Security Program Manager at Microsoft joins Nic Fillingham on this week's episode of The BlueHat Podcast. Ryen discusses their career journey, including the return to Microsoft after working in security architecture and customer trust engineering. Ryen shares insights from their time at Hacker Summer Camp 2024 in Las Vegas, emphasizing the importance of creating frictionless security measures that don't hinder productivity. They explain that when security becomes a barrier, users will find workarounds, potentially compromising security. The conversation touches on the evolving relationship between security and productivity teams, highlighting the need for security to be an enabler rather than an obstacle.      In This Episode You Will Learn:       How investing in security helps maintain customer trust and protects revenue  Why security should be built-in by default so users don't need to be security experts  The importance of incorporating feedback and diverse viewpoints to enhance security      Some Questions We Ask:        How is a seamless security and productivity experience provided for end users?  Can security researchers contribute to identifying gaps and improving product security?  What motivated the shift from a focus on identity and program management to defensive security?    Resources:   View Ryen Macababbad on LinkedIn      View Wendy Zenone on LinkedIn   View Nic Fillingham on LinkedIn    Related Microsoft Podcasts:     Microsoft Threat Intelligence Podcast   Afternoon Cyber Tea with Ann Johnson   Uncovering Hidden Risks       Discover and follow other Microsoft podcasts at microsoft.com/podcasts  

The BlueHat Podcast
From Morris to Azure: Shawn Hernan's Three Decades in Security

The BlueHat Podcast

Play Episode Listen Later Jun 26, 2024 43:47


Shawn Hernan, Partner Security Engineering Group Manager at Microsoft joins Wendy Zenone and Nic Fillingham on this week's episode of The BlueHat Podcast. Shawn leads Microsoft Cloud & AI Security Assurance, overseeing an international team of security professionals dedicated to proactively addressing security challenges through vulnerability research, penetration testing, and threat modeling. Drawing from his extensive experience in early cybersecurity, Shawn shares valuable insights into the evolving landscape, stressing the significance of academic knowledge and practical experience. From navigating intricate technical terrains to fostering a growth mindset, this episode provides a compelling glimpse into the ongoing pursuit of security excellence in today's digital era. In This Episode You Will Learn: Addressing root causes of vulnerabilities reported by third parties or found internally Developing tools and a deep understanding of specific classes of vulnerabilities Research on areas like crypto hygiene and missing integrity vulnerabilities Some Questions We Ask: How does your team handle variant hunting for critical cases? When researchers find issues in Azure, how does your team get involved? How do you foster a security culture within Microsoft and your team? Resources: View Shawn Hernan on LinkedIn View Wendy Zenone on LinkedIn View Nic Fillingham on LinkedIn Related Microsoft Podcasts: Microsoft Threat Intelligence Podcast Afternoon Cyber Tea with Ann Johnson Uncovering Hidden Risks Discover and follow other Microsoft podcasts at microsoft.com/podcasts Hosted on Acast. See acast.com/privacy for more information.

The BlueHat Podcast
MSRC VP Tom Gallagher on 25 Years of Security at Microsoft

The BlueHat Podcast

Play Episode Listen Later Jun 12, 2024 31:38


Tom Gallagher, VP of Engineering and head of MSRC, joins Wendy Zenone and Nic Fillingham on this week's episode of The BlueHat Podcast. After nearly 25 years at Microsoft, Tom reflects on his early days at the company, where he started as a penetration tester on SharePoint, offering insights into the evolving landscape of cybersecurity since 1999. Tom shares a few different experiences from his journey, including auditing a local ISP's security in exchange for a job, and his transition from an intern working on Internet Explorer's rendering engine to key roles in Office and eventually MSRC. Through Tom's experiences, you'll gain a unique perspective on Microsoft's cybersecurity evolution and the broader industry landscape. In This Episode You Will Learn: A Clippy vulnerability that exemplifies the importance of external insights How you can support teams when they find vulnerabilities in their code Tom's experiences attending early Black Hat and DEFCON conferences Some Questions We Ask: How does your experience as a bug hunter influence your role at MSRC? Can you elaborate on the process of mitigating vulnerabilities quickly within SFI? Will you explain Trustworthy Computing and its significance in Microsoft's history? Resources: View Tom Gallagher on LinkedIn View Wendy Zenone on LinkedIn View Nic Fillingham on LinkedIn Related Microsoft Podcasts: Microsoft Threat Intelligence Podcast Afternoon Cyber Tea with Ann Johnson Uncovering Hidden Risks Discover and follow other Microsoft podcasts at microsoft.com/podcasts Hosted on Acast. See acast.com/privacy for more information.

The BlueHat Podcast
From Specs to Security

The BlueHat Podcast

Play Episode Listen Later May 15, 2024 33:38


Dor Dali, Head of Security Research at Cyolo, joins Nic Fillingham on this week's episode of The BlueHat Podcast. They delve into Dor's journey into cybersecurity, from pranking friends as a teenager to his professional roles, including his involvement in the Blue Hat conference through GE, where he helped create the Capture The Flag (CTF) challenge. Dor details the vulnerabilities in the RDP protocol by closely following the protocol specifications and identifying discrepancies that led to security flaws. They detail a vulnerability related to RDP Gateway's UDP cookie authentication process, the implications of Dor's research for other security researchers and hackers and the importance of leveraging available resources, such as protocol specifications and open-source implementations, to understand closed-source systems better and potentially uncover vulnerabilities. In This Episode You Will Learn: The unique perspective Dor has with RDP security research How to approach security research when following the protocol specifications The importance of clear documentation in preventing security vulnerabilities Some Questions We Ask: How did you design and build the Capture the Flag event? Did you face any unexpected hurdles while researching the RDP protocol's security? Have you found other security vulnerabilities by closely adhering to protocol specifications? Resources: View Dor Dali on LinkedIn View Wendy Zenone on LinkedIn View Nic Fillingham on LinkedIn Related Microsoft Podcasts: Microsoft Threat Intelligence Podcast Afternoon Cyber Tea with Ann Johnson Uncovering Hidden Risks Discover and follow other Microsoft podcasts at microsoft.com/podcasts Hosted on Acast. See acast.com/privacy for more information.

The BlueHat Podcast
SaaS Exposed: Unmasking Cyber Risks in Cloud Integrations

The BlueHat Podcast

Play Episode Listen Later Apr 17, 2024 39:16


Luke Jennings, VP of Research & Development at Push Security joins Wendy Zenone and Nic Fillingham on this week's episode of The BlueHat Podcast. Luke explains his recent presentation on a new SaaS cyber kill chain, exploring how attackers might target modern organizations heavily reliant on cloud and SaaS services, even when traditional infrastructure is minimal. The latest kill chain involves developing attack techniques specific to this environment, covering topics like lateral movement without conventional network infrastructure and adapting known techniques such as password guessing attacks to the SaaS landscape. Luke, Wendy, and Nic discuss the complexities of SaaS security, the intricacies of evil twin integrations, detection challenges, mitigation strategies, and the overall impact of these security issues on organizations. In This Episode You Will Learn: Identifying malicious activities and understanding normal application behavior The importance of having structured methodologies for approving SaaS app usage Challenges organizations face in detecting and preventing SaaS application threats Some Questions We Ask: How can an organization create alerts for new, unknown SaaS app integrations? What happens when a SaaS app integration is duplicated by an attacker? Would having a structured methodology for SaaS app usage help minimize risk? Resources: View Luke Jennings on LinkedIn View Wendy Zenone on LinkedIn View Nic Fillingham on LinkedIn Related Microsoft Podcasts: Microsoft Threat Intelligence Podcast Afternoon Cyber Tea with Ann Johnson Uncovering Hidden Risks Discover and follow other Microsoft podcasts at microsoft.com/podcasts Hosted on Acast. See acast.com/privacy for more information.

Microsoft Cloud Executive Enablement Series
How AI Is Transforming the Public Sector

Microsoft Cloud Executive Enablement Series

Play Episode Listen Later Apr 17, 2024 23:03


In this Microsoft Cloud Executive Enablement Series episode, host Amy Boyle, Director of Global Partner Enablement, GSI at Microsoft, is joined by Dave Sloan, CTO of Global Market Development, Worldwide Public Sector at Microsoft. Dave highlights the dual impact of AI on internal productivity and external citizen-facing services. Amy and Dave emphasize the importance of public sector leaders considering compliance and ethical responsibilities when harnessing AI capabilities. They discuss how Azure OpenAI ensures compliance, security, and safety for public sector organizations, aligning with international standards. Dave also encourages partners to recognize the current urgency for AI adoption in the public sector and the role of the partner ecosystem in realizing these capabilities. In This Episode You Will Learn: How AI is showing up in the public sector Why generative AI will disrupt and change traditional practices in the public sector Measures in place to align with international compliance standards Some Questions We Ask: How can Azure OpenAI ensure compliance, security, and safety for the public sector? What should public sector leaders consider when harnessing AI capabilities? Are there any current concerns about harnessing AI capabilities to serve customers better? Resources: View Dave Sloan on LinkedIn View Amy Boyle on LinkedIn Discover and follow other Microsoft podcasts at microsoft.com/podcastsDownload the Transcript Hosted on Acast. See acast.com/privacy for more information.

The BlueHat Podcast
Securing the Past with Dustin Heywood

The BlueHat Podcast

Play Episode Listen Later Mar 20, 2024 41:53


Dustin Heywood, Hacker, Researcher, and Senior Leader at IBM, joins Wendy Zenone and Nic Fillingham on this week's episode of The BlueHat Podcast. Dustin provided a live demonstration of cracking NTLM version 1 during his BlueHat presentation, showcasing the process of responding to challenges, using coercion techniques, and ultimately extracting and cracking the NTLM hash. Dustin, Nic, and Wendy discuss checking group policies, auditing every object, ensuring relevant systems, and managing IT assets effectively. They emphasize the importance of IT asset management and recommend quarantining legacy systems with restricted access. In This Episode You Will Learn: Why security professionals need business skills for effective communication Advice for auditing legacy systems with vulnerable protocols Extracting DPAPI keys and decrypting browser session history Some Questions We Ask: How do you manage risk for legacy systems deemed necessary for business? Can you discuss some of the outdated protocols in current IT environments? What guidance would you offer to IT professionals looking to audit their systems? Resources: View Dustin Heywood on LinkedIn View Wendy Zenone on LinkedIn View Nic Fillingham on LinkedIn Related Microsoft Podcasts: Microsoft Threat Intelligence Podcast Afternoon Cyber Tea with Ann Johnson Uncovering Hidden Risks Discover and follow other Microsoft podcasts at microsoft.com/podcasts Hosted on Acast. See acast.com/privacy for more information.

Microsoft Cloud Executive Enablement Series
Microsoft Cloud for Industry

Microsoft Cloud Executive Enablement Series

Play Episode Listen Later Mar 6, 2024 9:19


In this Microsoft Cloud Executive Enablement Series episode, host Jason Langlais, the Global Enterprise Partner Co-Sell Sales Execution Leader, is joined by Kelly Rogan, CVP of Global System Integrators at Microsoft. Kelly and Jason discuss critical priorities for their team, emphasizing building capability, accelerating co-selling, and enabling partner-led industry wins. They highlight a one-strategy approach with industry and partner teams for transparent collaboration. The discussion delves into growth strategies, including success through solution areas, IP prioritization, and repeatability. In This Episode You Will Learn: How AI is transforming industries for Microsoft partners Collaboration strategies between Microsoft and partners across different industries When Microsoft's innovations in AI can effectively be utilized with partners Some Questions We Ask: How have partners successfully utilized Microsoft's AI tools or strategies? Can this new AI drive productivity and also enhance data estate and security? What should Microsoft's priorities be when enabling partner-led industry wins? Resources: View Jason Langlais on LinkedIn View Kelly Rogan on LinkedIn Watch the full video episode on YouTube Discover and follow other Microsoft podcasts at microsoft.com/podcasts Download the Transcript Hosted on Acast. See acast.com/privacy for more information.

Microsoft Cloud Executive Enablement Series
Era of AI: A Deep Dive into Analytics & AI

Microsoft Cloud Executive Enablement Series

Play Episode Listen Later Feb 28, 2024 20:28


In this Microsoft Cloud Executive Enablement Series episode, host Zia Mansoor, CVP of Data and AI at Microsoft, is joined by Jessica Hawk, CVP of Data, AI, and Digital Apps Product Marketing. Zia and Jessica discuss the benefits of AI in various areas, including information retrieval, customer interactions, and risk management, stressing the collaboration with partners and highlighting the opportunities for businesses to leverage AI for innovation. They also cover the importance of data ownership and control, ensuring customer data is not used to train or enrich foundational models, and how security, privacy, and compliance are critical considerations in Microsoft's approach to AI. In This Episode You Will Learn: Microsoft's commitment to AI, trust, and responsible AI practices Challenges organizations face in managing and unifying their data The importance of investing in the right technology and resources Some Questions We Ask: How is AI viewed as a force multiplier enabling us to do more? Why is collaboration considered unique and crucial for Microsoft's success? What does Microsoft envision for the future regarding analytics and AI transformation? Resources: View Jessica Hawk on LinkedIn View Zia Mansoor on LinkedIn Watch the full video episode on YouTube Discover and follow other Microsoft podcasts at microsoft.com/podcasts Download the Transcript Hosted on Acast. See acast.com/privacy for more information.

Uncovering Hidden Risks
Secure Access in the Era of AI

Uncovering Hidden Risks

Play Episode Listen Later Feb 21, 2024 24:11


Jef Kazimer, Microsoft's Principal Product Manager, and Bailey Bercik, Senior Product Manager, join Erica Toelle and guest host Lisa Huang-North on this week's episode of Uncovering Hidden Risks. Today's episode will focus on security in the era of cloud and AI, with insights from Microsoft Security's product team. It will encompass AI-driven security measures, data protection, identity management, and compliance in the cloud while providing valuable insights for professionals navigating the evolving landscape of cloud security and AI's influence on it. Together, they discuss the importance of basic security hygiene, the implications of sophisticated AI-based attacks, and the necessity of adopting a defense-in-depth strategy to protect against emerging threats.    In This Episode You Will Learn:       The use of generative AI in attack vectors like phishing and social engineering  Principles of zero trust and how they apply to AI systems  Challenges and opportunities for securing identity and access in 2024   Some Questions We Ask:       How can organizations leverage Microsoft's Zero Trust framework to protect their data?  What are the best practices when implementing passwordless authentication?  Are the principles of Zero Trust still relevant to this new wave of threats?     Resources:     View Lisa Huang-North on LinkedIn   View Jef Kazimer on LinkedIn   View Bailey Bercik on LinkedIn   View Erica Toelle on LinkedIn      MITRE ATLAS: MITRE | ATLAS™ Book: Not with a Bug but with a Sticker Blog Post: Demystifing LLMs and Threats. Based off of my presentation for CSA | by Caleb Sima | csima | Medium           Related Microsoft Podcasts:                     Afternoon Cyber Tea with Ann Johnson  The BlueHat Podcast    Microsoft Threat Intelligence Podcast    Discover and follow other Microsoft podcasts at microsoft.com/podcasts     Uncovering Hidden Risks is produced by Microsoft and distributed as part of N2K media network.   

Microsoft Cloud Executive Enablement Series
Accelerate Azure Cloud Adoption with VMware

Microsoft Cloud Executive Enablement Series

Play Episode Listen Later Feb 14, 2024 18:30


In this Microsoft Cloud Executive Enablement Series episode, host Jackie Kemp, Global Sr. Partner Marketing Advisor, is joined by Shaun Hirschman, VMware Global Director, PDM. Jackie and Shaun focus on the partnership between Microsoft and VMware and how it addresses the needs of hybrid customers, those exploring multi-cloud strategies, and those engaged in application modernization. Jackie and Shaun also cover the importance of the Microsoft-VMware partnership in cloud adoption and digital transformation. Sean shares insights into the evolution of the relationship, highlighting the collective nature that now prioritizes meeting customer needs in the hybrid modernization space. The conversation also touches on the advantages of integrating VMware solutions with Microsoft Azure, emphasizing the support for hybrid and multi-cloud scenarios. In This Episode You Will Learn: Integration of technologies for on-premises and the cloud How partners can leverage their services beyond migration The evolution of customer needs in the hybrid and multi-cloud landscape Some Questions We Ask: How does VMware and Microsoft's relationship create unique opportunities for partners? What are the advantages of integrating VMware solutions with Microsoft Azure? How can this new partnership shape the future of cloud adoption? Resources: View Shaun Hirschman on LinkedIn View Jackie Kemp on LinkedIn Watch the full video episode on YouTube Discover and follow other Microsoft podcasts at microsoft.com/podcasts Download the Transcript Hosted on Acast. See acast.com/privacy for more information.

The BlueHat Podcast
Harnessing the Power of Community in Cybersecurity with Darren Spruell

The BlueHat Podcast

Play Episode Listen Later Jan 24, 2024 42:20


Leading Threat Intelligence at InQuest, Darren Spruell joins Wendy Zenone and Nic Fillingham on this week's episode of The BlueHat Podcast. Darren explains InQuest's focus on Deep File Inspection® technology to identify malicious traits in files and talks about their role in serving public and private sector companies. Darren shares his cybersecurity journey, passion for combating malware and criminal activities, and his presentation at BlueHat. Wendy, Nic, and Darren highlight the evolution of threat information sharing over the years and the value of intelligence advantage over adversaries. The conversation delves into the significance of threat indicators such as IP addresses, file hashes, domain names, and much more! In This Episode You Will Learn: The challenges of exchanging threat intelligence and person-to-person sharing Balancing technical expertise and leadership responsibilities The importance of evolving manual threat intelligence sharing practices Some Questions We Ask: How can practitioners enhance the effectiveness of threat intelligence? What types of security roles are sharing IOCs back and forth? Why is community engagement in the cybersecurity industry so necessary? Resources: View Darren Spruell on LinkedIn View Wendy Zenone on LinkedIn View Nic Fillingham on LinkedIn Related Microsoft Podcasts: Microsoft Threat Intelligence Podcast Afternoon Cyber Tea with Ann Johnson Uncovering Hidden Risks Discover and follow other Microsoft podcasts at microsoft.com/podcasts Hosted on Acast. See acast.com/privacy for more information.

The BlueHat Podcast
Canary (Tokens) in the Code Mine with Casey Smith

The BlueHat Podcast

Play Episode Listen Later Jan 10, 2024 37:21


Thinkst Canary, Cyber Security Researcher Casey Smith joins Nic Fillingham on this week's episode of The BlueHat Podcast. Nic and Casey discuss his background in security, his experience presenting at Blue Hat, and his session on building a Canary token to monitor Windows process execution. The Canary token project is an open-source initiative that creates artifacts on a network to alert defenders when an attacker interacts with them. The tokens can take various forms, such as documents, cloud credentials, QR codes, or executables, providing an early warning system for potential breaches. They also cover the importance of failure in the research process and the evolution of the canary token project to adapt to new attack techniques. In This Episode You Will Learn: The need for defenders to explore new features in the Windows operating system Challenges of keeping ahead of more sophisticated adversaries The use of legitimate binaries for malicious activities Some Questions We Ask: How do you balance curiosity-driven research with practical security concerns? What challenges do you see in the current state of endpoint security? How do you navigate working with customers and using what you learn for research? Resources: View Casey Smith on LinkedIn View Wendy Zenone on LinkedIn View Nic Fillingham on LinkedIn Related Microsoft Podcasts: Afternoon Cyber Tea with Ann Johnson Uncovering Hidden Risks The Microsoft Threat Intelligence Podcast Discover and follow other Microsoft podcasts at microsoft.com/podcasts Hosted on Acast. See acast.com/privacy for more information.

Uncovering Hidden Risks
How to Master Risk and Compliance Initiatives

Uncovering Hidden Risks

Play Episode Listen Later Dec 13, 2023 38:08


Patrick Chavez, Chief Privacy Officer at Edward Jones, joins Erica Toelle and guest host Mark Diamond, CEO of Contoural, on this week's episode of Uncovering Hidden Risks. Patrick leads the firm's privacy efforts and develops and implements policies and processes for preparing for and responding to cyber and privacy incidents. He also oversees the firm's Records and Information Management Program within the Legal Division. He provides legal guidance and advice to the firm's business areas on eDiscovery, privacy, information and data security and protection, and information governance. Contoural is the largest independent provider of strategic Information Governance consulting services, including records management, privacy, litigation readiness, and employee collaboration. Contoural is also a trusted advisor to more than 30% of the Fortune 500 plus many mid-size and public sector organizations.   In This Episode You Will Learn:      How to successfully execute policies and meet regulatory requirements Management tools for privacy, eDiscovery, and Information Security conflicts How Edward Jones aligns its legal support for privacy and records management. Some Questions We Ask:     How have you seen companies successful in building senior-level support? What is the most significant barrier to creating a unified or federated approach?  How should organizations consider policy creation to ensure they can be executed? Resources:    View Patrick Chavez on LinkedIn View Mark Diamond on LinkedIn View Erica Toelle on LinkedIn                Related Microsoft Podcasts:                   Afternoon Cyber Tea with Ann Johnson The BlueHat Podcast   Microsoft Threat Intelligence Podcast Discover and follow other Microsoft podcasts at microsoft.com/podcasts  Uncovering Hidden Risks is produced by Microsoft and distributed as part of The CyberWire Network.

The BlueHat Podcast
Service Principles in the Spotlight: Insights from Microsoft's Security Experts

The BlueHat Podcast

Play Episode Listen Later Nov 29, 2023 43:53


Senior Data Scientist Emily Yale and Senior Threat Hunt Analyst at Microsoft Chris Bukavich join Wendy Zenone and Nic Fillingham on this week's episode of The BlueHat Podcast. Chris focuses on incident response, investigation, and detection of major incidents, while Emily works on developing and improving detections for Microsoft's internal security. Emily and Chris were co-presenters at this year's BlueHat conference. They discussed unmasking Azure-based adversaries with an emphasis on monitoring service principles, how their respective expertise in data science and cybersecurity contributed to the session, and the challenges of monitoring service principles in Azure. This concept has evolved from traditional service accounts. In This Episode You Will Learn: The importance of monitoring spikes in activity Criteria for identifying malicious behavior targeting service principles Historical context of service principles and their increasing relevance Some Questions We Ask: How can you proactively monitor and detect anomalies related to service principles? What challenges arise when profiling service principles based on past behavior? When can service principles be tied to user authentication? Resources: View Emily Yale on LinkedIn View Chris Bukavich on LinkedIn View Wendy Zenone on LinkedIn View Nic Fillingham on LinkedIn Related Microsoft Podcasts: Microsoft Threat Intelligence Podcast Afternoon Cyber Tea with Ann Johnson Uncovering Hidden Risks Discover and follow other Microsoft podcasts at microsoft.com/podcasts Hosted on Acast. See acast.com/privacy for more information.

Uncovering Hidden Risks
Unveil Data Security Paradoxes

Uncovering Hidden Risks

Play Episode Listen Later Oct 25, 2023 20:39


Herain Oberoi, General Manager of Data Security, Privacy, and Compliance for Microsoft, joins Erica Toelle and guest host Tina Ying, Senior Product Marketing Manager at Microsoft, on this week's episode of Uncovering Hidden Risks. Microsoft has recently released a new report called the Data Security Index. Erica, Tina, and Herain explain what drove the team to complete this research, release the report, and share valuable insights that can empower organizations to optimize their data security programs.    In This Episode You Will Learn:       Why more tools bring less security, but organizations still adopt them  When organizations should allocate resources to optimize data security  How security leaders can lead their teams with the goal of enhancing all-up security posture  Some Questions We Ask:      How can organizations enhance their data security posture?  Should organizations purchase best-of-suite or best-of-breed solutions?  What advice do you give organizations with the challenge of using isolated solutions?     Resources:     View Herain Oberoi on LinkedIn  View Tina Ying on LinkedIn  View Erica Toelle on LinkedIn    Related Microsoft Podcasts:                   Afternoon Cyber Tea with Ann Johnson The BlueHat Podcast   Security Unlocked     Security Unlocked: CISO Series with Bret Arsenault Microsoft Threat Intelligence Podcast Secure the Job: Breaking into Security       Discover and follow other Microsoft podcasts at microsoft.com/podcasts     Uncovering Hidden Risks is produced by Microsoft and distributed as part of The CyberWire Network.  

The BlueHat Podcast
BlueHat Oct 23 Day 1 Keynote: John Lambert

The BlueHat Podcast

Play Episode Listen Later Oct 18, 2023 49:24


In this week's special episode, we bring you the BlueHat Oct 23, day 1 keynote delivered by John Lambert, Microsoft Corporate Vice President and Security Fellow. In his BlueHat Oct day 1 keynote, John discusses the importance of incidents in the security field, strategies for finding security incidents, and the importance of looking beyond traditional defense measures to discover attackers and traces outside of one's network. John introduces the idea of "hunting until closure," which involves systematically investigating various attacker actions to learn more about their activities. He also mentions the concept of "time travel breach detection," which uses historical logs to trace and identify previous attacker actions. In This Episode You Will Learn: The importance of security incidents in shaping the cybersecurity field Why logs and telemetry data in cybersecurity are essential when tracking attacker actions How valuable mutual respect is in the security community Some Questions We Ask: How do escalating conflicts within teams affect productivity? What role did trust and collaboration play in responding to the SolarWinds incident? Why must the security community work together to protect customers? Resources: View John Lambert on LinkedIn View Wendy Zenone on LinkedIn View Nic Fillingham on LinkedIn Related Microsoft Podcasts: Afternoon Cyber Tea with Ann Johnson Uncovering Hidden Risks Security Unlocked Security Unlocked: CISO Series with Bret Arsenault Secure the Job: Breaking into Security Discover and follow other Microsoft podcasts at microsoft.com/podcasts Hosted on Acast. See acast.com/privacy for more information.

microsoft acast keynote solarwinds john lambert bluehat some questions we ask how
The BlueHat Podcast
Sherrod DeGrippo on Why She Loves Cyber Crime

The BlueHat Podcast

Play Episode Listen Later Sep 20, 2023 40:49


Sherrod DeGrippo, Director of Threat Intelligence Strategy at Microsoft and Host of The Microsoft Threat Intelligence Podcast, joins Nic Fillingham on this week's episode of The BlueHat Podcast. Sherrod is a frequently cited threat intelligence expert in media, including televised appearances on the BBC news and commentary in the Wall Street Journal, CNN, New York Times, and more. She is a well-known public speaker, having presented at Black Hat, RSA Conference, RMISC, BrunchCon, and others. Sherrod and Nic discuss various topics, including different types of threat actors, the overlap between nation-state actors and cybercrime, and Sherrod's fascination with cybercrime, emphasizing cybercriminals' creativity and ingenuity, particularly those who use social engineering techniques. In This Episode You Will Learn: Why many cybercriminals don't believe they are engaging in criminal activity How understanding a threat actor's psychology is essential to creating detection methods The importance of maintaining proper security hygiene Some Questions We Ask: How can threat actors operate with impunity? Should individuals and small businesses worry about nation-state threat actors? Can we reform and convince cybercrime groups to use their talents for good? Resources: View Sherrod DeGrippo on LinkedIn View Wendy Zenone on LinkedIn View Nic Fillingham on LinkedIn Discover and follow other Microsoft podcasts at microsoft.com/podcasts Hosted on Acast. See acast.com/privacy for more information.

The BlueHat Podcast
Fuzzing, Forensics and Flowers with Amanda Rousseau AKA Malware Unicorn

The BlueHat Podcast

Play Episode Listen Later Aug 9, 2023 40:47


Amanda Rousseau, Offensive Security Engineer for the Microsoft Offensive Research and Security Engineering Team, joins Nic Fillingham and Wendy Zenone on this week's episode of The BlueHat Podcast. Amanda loves malware; she worked as an Offensive Security Engineer on the Red Team at Facebook, a Malware Researcher at Endgame, and the U.S. Department of Defense Cyber Crime Center. Amanda mainly focuses on vulnerability, research fuzzing, and security engineering and discusses with Nic and Wendy her time reviewing and analyzing offline digital devices, known as Dead-Box Forensics, reverse engineering malware, and how she finds success from her creative and artistic background. In This Episode You Will Learn: What "shift left" means as a security professional How to learn more about fuzzing and understand some of the tooling Why having a creative background helps when communicating with security teams Some Questions We Ask: How would you describe fuzzing for someone that's doesn't know the definition? What is Dead-Box Forensics, and can you share the investigative process? How can we make fuzzing and security more accessible and less intimidating for developers? Resources: View Amanda Rousseau on LinkedIn View Wendy Zenone on LinkedIn View Nic Fillingham on LinkedIn Follow Amanda on Twitter and malwareunicorn.org Discover and follow other Microsoft podcasts at microsoft.com/podcasts Hosted on Acast. See acast.com/privacy for more information.

Microsoft Cloud Executive Enablement Series
Secure Mission-Critical Workloads in the Cloud with Microsoft

Microsoft Cloud Executive Enablement Series

Play Episode Listen Later Jun 7, 2023 24:05


The latest episode of the Microsoft Cloud Executive Enablement Series features Tom O'Reilly, Global Senior Director, Partner Development for Data Platforms and Artificial Intelligence (AI), and Shirley Strachan, discussing the importance of managing security posture and the evolving threat landscape in today's world. As the Global Partner Strategy Development Leader for Security on Microsoft's Cybersecurity Team, Shirley's expertise in driving enterprise results through technology is highlighted in the conversation. Partners will find valuable insights on how to tackle nation-state activity and how Microsoft constantly upgrades its security solutions to stay ahead of the game. Watch this episode to learn how to enhance your security solutions and stay ahead of the curve. In This Episode You Will Learn: How bad actors evolve their methods of attack Why Microsofts Security portfolio is so comprehensive How our GSI partners help customer security posture Some Questions We Ask: How is Microsoft helping its customers to address these new security challenges? Why does security need to be top of mind for Executive Board members? How can customers get the best possible protection at the lowest possible cost? Resources: View Shirley Strachan on LinkedIn View Tom O'Reilly on LinkedIn Watch the full video episode on YouTubeDiscover and follow other Microsoft podcasts at microsoft.com/podcasts Download the Transcript Hosted on Acast. See acast.com/privacy for more information.

The BlueHat Podcast
Dan Tentler on How the Old Ways Still Work

The BlueHat Podcast

Play Episode Listen Later May 31, 2023 46:44


Dan Tentler, Executive Founder and CTO of Phobos Group, joins Nic Fillingham and Wendy Zenone on this week's episode of The BlueHat Podcast. Dan has a wealth of defensive and adversarial knowledge and a strong background in systems, networking, architecture, and wireless networks. Dan discusses his time at BlueHat 2023, why you should put everything behind a VPN, and how a typo and Jeff Goldblum's movie Hideaway helped create his current online handle. In This Episode You Will Learn: Why it's important to hold onto old techniques and knowledge The premise and thoughts behind Dan's 2023 BlueHat presentation How people can still protect themselves with old security tools Some Questions We Ask: How did your security career start and grow into speaking at BlueHat 2023? What tools and techniques were available in the beginning of your career? What were some big takeaways from your presentation at BlueHat? Resources: View Nic Fillingham on LinkedIn View Wendy Zenone on LinkedIn Send us feedback: bluehat@microsoft.com Follow us on Twitter: @MSFTBlueHat Discover and follow other Microsoft podcasts at microsoft.com/podcasts Hosted on Acast. See acast.com/privacy for more information.

Microsoft Cloud Executive Enablement Series
Unlocking the Power of Data with MSFT Intelligent Data Platform

Microsoft Cloud Executive Enablement Series

Play Episode Listen Later May 24, 2023 34:02


In the latest episode of the Microsoft Cloud Executive Enablement Series, Tom O'Reilly, Global Senior Director for Partner Development in Data Platforms and Artificial Intelligence (AI), sits down with Jeeva Akr, the Worldwide Leader of the Azure Cloud Scale Analytics Business. Jeeva oversees a team of sales strategists, program owners, go-to-market leaders, and partner development leaders, providing thought leadership and managing the sales execution of the entire business worldwide. The discussion revolves around the Microsoft Intelligent Data Platform (MIDP) and the challenges organizations face in managing their data effectively. You'll also learn about the latest updates and developments in MIDP and how it can benefit both partners and customers. In This Episode You Will Learn: How MIDP can benefit partners and customers New developments and updates coming to MIDP How MIDP compares to other current data platforms Some Questions We Ask: How might a partner use MIDP to help their clients? What do you see as the most significant opportunities for MIDP? What are some of our partners' biggest challenges when trying to position MIDP? Resources: View Jeeva Akr on LinkedIn View Tom O'Reilly on LinkedIn Watch the full video episode on YouTube Discover and follow other Microsoft podcasts at microsoft.com/podcasts Download the Transcript Hosted on Acast. See acast.com/privacy for more information.

The BlueHat Podcast
Cameron Vincent on Both Sides of Bug Hunting

The BlueHat Podcast

Play Episode Listen Later May 17, 2023 40:55


Cameron Vincent, a security researcher at Microsoft, joins Nic Fillingham and Wendy Zenone on this week's episode of The BlueHat Podcast. Cameron has been one of the top researchers for both Microsoft and Google programs numerous times. He now works on the V&M team within the MSRC side, dealing with security issues internally. Cameron discusses with Nic and Wendy the importance of understanding your role and responsibilities in the workplace, the first bug he ever submitted, and his time presenting at BlueHat 2023. In This Episode You Will Learn: The benefits of face-to-face communication and how to balance it with technology. Why you should build a supportive culture of communication How to get involved in the world of bug bounty hunting Some Questions We Ask: How do you manage and deal with stress and burnout from your work? What are some practical ways to provide feedback to team members? How can we improve communication in a remote work environment? Resources: Follow Cameron Vincent on Twitter Watch Cameron speak at BlueHat 2023 View Nic Fillingham on LinkedIn View Wendy Zenone on LinkedIn Send us feedback: bluehat@microsoft.comFollow us on Twitter: @MSFTBlueHat Discover and follow other Microsoft podcasts at microsoft.com/podcasts Hosted on Acast. See acast.com/privacy for more information.

google microsoft acast hunting sides nic msrc bluehat some questions we ask how
The BlueHat Podcast
David Weston on the Importance of Security Research

The BlueHat Podcast

Play Episode Listen Later May 17, 2023 41:25


David Weston, Vice President of Enterprise and OS Security at Microsoft, joins Nic Fillingham on this week's episode of The BlueHat Podcast. With over twenty years of experience in the industry, David has a deep knowledge of cybersecurity best practices and has been recognized as a thought leader. In addition to his work in cybersecurity, David also advocates for diversity and inclusion in the tech industry. He has been actively involved in initiatives to promote diversity in cybersecurity and has spoken about the need for greater diversity in the industry. David discusses with Nic the importance of having a comprehensive cybersecurity strategy, the value of creating a culture of cybersecurity within organizations, and why we need regular software updates and investing in cybersecurity tools. In This Episode You Will Learn: How organizations can create a culture of cybersecurity among their employees The most effective ways to train employees on cybersecurity best practices Tools and technologies that organizations can use to protect themselves Some Questions We Ask: How can organizations overcome some of their biggest challenges in security? Can you share some common mistakes that organizations make regarding cybersecurity? How do you see the cybersecurity landscape evolving in the coming years? Resources: View David Weston on LinkedIn View Nic Fillingham on LinkedIn View Wendy Zenone on LinkedIn Send us feedback: bluehat@microsoft.comFollow us on Twitter: @MSFTBlueHatDiscover and follow other Microsoft podcasts at microsoft.com/podcasts Hosted on Acast. See acast.com/privacy for more information.

Microsoft Cloud Executive Enablement Series
Maximizing ROI With Azure Infrastructure: Key Strategies for IT Executives

Microsoft Cloud Executive Enablement Series

Play Episode Listen Later May 10, 2023 22:34


On this week's Microsoft Cloud Executive Enablement Series episode, host Amy Boyle, Director of Commercial and Advisory Partner Enablement, is joined by Omar Khan, General Manager of Product Marketing for Microsoft Azure Infrastructure and Edge. Amy and Omar discuss the current state of our Azure Infrastructure business with a focus is on the key pillars that partners can leverage to assist their clients to achieve more with less. Listen in to learn how Azure Infrastructure is helping partners stay competitive in their industries, new developments, and critical go-to-market initiatives, and what differentiates Microsoft in this solution area. In This Episode You Will Learn: How Microsoft Cloud solutions help drive our customers' digital transformation and innovation projects Key pillars that partners should leverage to help their customers do more with less How our Azure Infrastructure is helping partners meet the needs of their customers Some Questions We Ask: How is Azure Infrastructure helping partners stay competitive in their industries? Are there new developments or critical go-to-market initiatives we should know about? What differentiates Microsoft from competitors in this solution area?​ Resources: View Omar Khan on LinkedIn View Amy Boyle on LinkedIn Watch the full video episode on YouTube Discover and follow other Microsoft podcasts at microsoft.com/podcasts Download the transcript Hosted on Acast. See acast.com/privacy for more information.

Build Momentum - Thought Leadership for Education
S03E15 - AI: Are we Asking the Right Questions? | Ben Farrell

Build Momentum - Thought Leadership for Education

Play Episode Listen Later Apr 6, 2023 21:08 Transcription Available


On this episode of Build Momentum, Sarah and Katie are joined by Ben Farrell, the Assistant Head of School and Director of the Upper School at the New England Innovation Academy. Prior to joining NEIA, Ben was the Principal and Head of School at The International Montessori School of Beijing. Ben received his M.A. in higher and post-secondary education from Teachers College, Columbia University in New York, and completed graduate coursework in cross cultural conflict transformation and reconciliation at the School for International Training in Vermont.Some Questions We Ask:How can teachers effectively use artificial intelligence in the classroom? (00:43)What are some of the challenges utilizing AI and how can they be addressed in the classroom? (03:37)What are some ways that you see projects being managed with AI? (05:14)How do you think administrators (maybe even PR firm owners!) can take advantage of AI? (8:07)What other ways do you see generative AI integrating into the curriculum? (11:17)How can teachers and school leaders navigate AI conversations with their communities? (14:10)In This Episode, You Will Learn:About the use of AI in classrooms (00:50)Challenges of utilizing AI (03:45)Ideas for differentiated learning with generative AI (05:44)AI use beyond education (08:24)Other integration of generative AI into the curriculum (12:13)Tips for having AI conversations in the community (14:51)Quotes:“All the information in the world is just out there waiting for us to find it and to utilize it..”“This is going to be with us in the future. So I think we have to find ways to not only live with it but utilize it in an ethical, thoughtful way that our students can grab onto because they're going to be using this or some more advanced version of this the rest of their lives now.”“For the first time in my career, I had the ability to sort of sit with my Upper School students and say, ‘What should we do? What do you think we should do?' And I think they were taken aback by that.”Connect with Tom:NEIA websiteBen Farrell's LinkedInStay in touch with Sarah Williamson:Free Case Study GuideWebsiteLinkedInStay in touch with Katie Lash:LinkedInAbout "The Secret to Transformational Leadership," which Sarah co-authored with Dr. Quintin Shepherd:Transformational Leadership Secret websitePurchase the print or ebook

Secure the Job: Breaking into Security
Breaking Down the Cybersecurity Industry with Stephanie, Ilana, and Evan

Secure the Job: Breaking into Security

Play Episode Listen Later Mar 15, 2023 23:37


Secure the Job: Breaking into Security is hosted by three young professionals working in Cybersecurity at Microsoft. They've witnessed the current skills gap first-hand and created this podcast to help you, our future defenders, break into the industry. In each episode, they'll interview executives, influencers, and frontline defenders to break down the Cybersecurity industry while teaching you the skills you need to be successful in any role! Here's a sneak peak of what you can expect this season.         In This Episode You Will Learn:       How each host got started in the world of cybersecurity  Why they decided it was important to start the podcast  What Microsoft is doing for the security industry    Some Questions We Ask:       How can you be successful in marketing, sales, or engineering?  Do you need to be a tech expert to be successful in Cybersecurity?   How can we help you, our future defenders, break into the industry?     Resources:    View Stephanie Machuca on LinkedIn  View Ilana Basman on LinkedIn  View Evan Brown on LinkedIn      Related Microsoft Podcasts:                   Listen to: Uncovering Hidden Risks    Listen to: Afternoon Cyber Tea with Ann Johnson   Listen to: Security Unlocked     Listen to: Security Unlocked: CISO Series with Bret Arsenault              Discover and follow other Microsoft podcasts at microsoft.com/podcasts  Hosted on Acast. See acast.com/privacy for more information.

Build Momentum - Thought Leadership for Education
S03E06 - A National Perspective on EdTech and What's Ahead | Kristina Ishmael

Build Momentum - Thought Leadership for Education

Play Episode Listen Later Nov 17, 2022 39:13 Transcription Available


In this episode of Build Momentum, Sarah and Katie are joined by Kristina Ishmael. Kristina is an educator, learner, advocate, and agent of change. As the Deputy Director of the Office of Ed Tech, she executes the office mission of developing national edtech policy that enable everywhere, all-the-time learning and support digital equity and opportunity.Kristina is also listed in the 30 K-12 IT Influencers Worth a Following 2020 by EdTech Magazine.Some Questions We Ask:How was it that she started in education and ended up in edtech? (1:35)What's a typical day in her life? (7:02)How and when does she work with edtech providers, developers, and entrepreneurs in the field? (17:01)Are there any more products on tutoring companies and social-emotional learning companies? (21:54)Any advices or ideas for school districts on prioritizing investments? (24:39)What is the future of education? (27:23)In This Episode, You Will Learn:Kristina Ishmael's journey from education to edtech (1:50)Kristina's daily routine (7:06)How her team structures its work to ensure they stay up to date on edtech providers, developers, and entrepreneurs within healthy boundaries (17:22)About  artificial intelligence and its future opportunities (22:12)Her advice and ideas for school districts (24:51)About the future of education, with a focus on AI and machine learning,and how educators are involved in the process (27:51)Quotes:“It's not necessarily just making sure that everyone has access to the same things, we know that [is important], but the things that they need, that are going to meet them where they are. And so we talk a lot about that.”“I was really cognizant about coming back into government because I don't really think there were a lot of healthy boundaries the last time that I was in this role. There were expectations for communication at any time of the day and night or early morning. And I was like, ‘We're not doing that.' And so we helped establish healthy boundaries.”“I'm really eager to see where AI is going to take us. I know that there are risks. Don't get me wrong. Perhaps it's the optimist in me, but I just see all of the opportunities that are going to come with this as well.”“I saw what technology could do in the hands of my multilingual learners when I was in the classroom—not only for language acquisition but for content acquisition as well. It is a tool. It is not meant to substitute for the teacher. And as we are developing our report on AI and education, the phrase that we keep coming back to is that ‘the human in the loop.'”Connect with Kristina IshmaelKristina Ishmael LinkedInOffice of Educational Technology websiteOffice of Ed Tech TwitterStay in touch with Sarah Williamson:Free Case Study GuideWebsiteLinkedInStay in touch with Katie Lash:LinkedInAbout "The Secret to Transformational Leadership," which Sarah co-authored with Dr. Quintin Shepherd:Transformational Leadership Secret websitePurchase the print or ebook

Uncovering Hidden Risks
3 Ways to Prepare for the Future of Data Governance and Collaboration

Uncovering Hidden Risks

Play Episode Listen Later Jul 27, 2022 33:25


Jeff Teper, Corporate Vice President of Microsoft 365 Collaboration, including Teams, SharePoint, and OneDrive, join's Erica Toelle and Chris McNulty on this week's episode of Uncovering Hidden Risks. Jeff leads product, design, and engineering teams for Microsoft 365, including Teams, SharePoint, OneDrive, Viva, and more which empower people and organizations worldwide to collaborate at work, home, and school. Erica and Chris speak with Jeff about empowering users to do more through collaboration technology, a zero-trust model for collaboration, and how we can make powerful things simple.      In This Episode You Will Learn:     The connection between collaboration and data governance  Top three ways we can prepare for the future of data governance  Balancing a great employee experience with data governance       Some Questions We Ask:     How do you define data governance?   What are the top three ways we can prepare for the future of data governance and collaboration?  What excites you the most about the future of collaboration and data governance?   Resources:    View Jeff Teper on LinkedIn  View Chris McNulty on LinkedIn  View Erica Toelle on LinkedIn  Related Microsoft Podcasts: Listen to: Afternoon Cyber Tea with Ann Johnson  Listen to: Security Unlocked   Listen to: Security Unlocked: CISO Series with Bret Arsenault   Discover and follow other Microsoft podcasts at microsoft.com/podcasts Uncovering Hidden Risks is produced by Microsoft and distributed as part of The CyberWire Network. 

Uncovering Hidden Risks
Transitioning to a Holistic Approach to Data Protection

Uncovering Hidden Risks

Play Episode Listen Later Jul 27, 2022 32:54


Bret Arsenault, CVP, CISO at Microsoft, joins us on this week's episode of Uncovering Hidden Risks to discuss how a holistic approach to data protection can deliver better results across your organization and the three steps that can get you there. Erica Toelle and Talhah Mir host this week's episode to chat with Bret about current trends in the data protection space, what data protection issues are top of mind, and how teams should get started on their data protection strategy.     In This Episode You Will Learn:     How to take a holistic approach to data protection  What data protection issues are top of mind  How teams can get started on their data protection strategy    Some Questions We Ask:     How do you view the data protection landscape?  What trends do you see in the data protection space?   What challenges have you faced in understanding your data estate?     Resources:    View Bret Arsenault on LinkedIn  View Talhah Mir on LinkedIn  View Erica Toelle on LinkedIn     Related Microsoft Podcasts: Listen to: Afternoon Cyber Tea with Ann Johnson  Listen to: Security Unlocked   Listen to: Security Unlocked: CISO Series with Bret Arsenault   Discover and follow other Microsoft podcasts at microsoft.com/podcasts Uncovering Hidden Risks is produced by Microsoft and distributed as part of The CyberWire Network. 

Afternoon Cyber Tea with Ann Johnson
The Journey to Greater Representation

Afternoon Cyber Tea with Ann Johnson

Play Episode Listen Later Jun 28, 2022 30:21


Jeff Rivera, American author, producer, and co-founder of Collective 5 Entertainment, joins Ann on this week's episode of Afternoon Cyber Tea to discuss the importance of diversity and inclusion, the impact of underrepresentation, and his journey from poverty to renowned world speaker. Jeff is an internationally sought-after speaker and author with an impressive body of work, including over 200 books, television, radio, and digital publications.     In This Episode You Will Learn:     Jeff's journey from American poverty to mentor, writer, and production company owner  The impact of under-representation  The importance of seeing and celebrating differences in people     Some Questions We Ask:     How does the lack of representation impact people from marginalized communities?   Why is it important to recognize the differences between people?  How are you accelerating progress in representation through current and future projects?       Resources:    View Jeff Rivera on LinkedIn  View Ann Johnson on LinkedIn  Related:                Listen to: Security Unlocked  Listen to: Security Unlocked: CISO Series with Bret Arsenault                        Afternoon Cyber Tea with Ann Johnson is produced by Microsoft and distributed as part of The CyberWire Network.   

american microsoft collective representation jeff rivera some questions we ask how
Dental Slang With Dr. Christopher Phelps And Dr. Jodi Danna
Reignite Your Passions with Dr. Lisa Germain

Dental Slang With Dr. Christopher Phelps And Dr. Jodi Danna

Play Episode Listen Later Apr 13, 2022 44:58


Dr. Lisa Germain wears many hats. If you heard her on The Dental Slang Podcast before, then you'll recognize her as an educator, podcaster, artist, author, and dentist. She has a New Orleans practice she's owned for over three decades. She's also faced many hardships and losses over the past few years that have changed how she approaches her life and business. As a dentist, Dr. Germain is one of the leading proponents of Botox for pain management. Using Botox for pain management is something within a dentist's wheelhouse, but many of the first to recommend Botox were shunned for it. We discuss the initial pushback she received from other dentists and patients, how attitudes today are changing, and what this means for the future of dentistry. Dr. Germain works closely with patients who suffer from TMJ and has researched many different treatment methods for them. She is writing a new book with colleague and cosmetic surgeon Dr. Benji Dhillon to help other dentists better understand this treatment method, and she refers to book writing as a “labor of love.”  Writing, in particular, is a labor of love that has inspired a well of healing for Dr. Germain. After losing her husband to ALS and fighting her own battle with breast cancer, Dr. Germain wants to help others process grief and learn to reignite their passions and careers.  In This Episode You Will Learn How Dr. Germain ended up writing about Santa Claus' toothache 6:06 Why writing one book always leads to writing another 11:15 The kind of pushback Dr. Germain experienced when she first embraced Botox 21:10 How to learn from loss and share that story with others 31:12 The dental slang Dr. Germain uses in her office 40:49 How to find Dr. Germain's books and publications 42:30  Some Questions We Ask How is Dr. Germain's career related to Finding Nemo? 1:05 What is Dr. Germain's new book about? 13:39 What is the “turf war” happening between dentists and cosmetic surgeons? 18:08 How does Dr. Germain introduce her patients to Botox treatments? 25:11 How is the “writing bug” inspiring Dr. Germain to heal? 36:09 What does a “little bit of lagniappe” mean? 38:28 Resources Visit our website: www.DentalSlang.com Connect with us on Facebook: Dental Slang Read Dr. Lisa Germain's book: Santa's Christmas Eve Toothache Get in touch with Dr. Lisa Germain: www.LisaGermain.com

Afternoon Cyber Tea with Ann Johnson
Building Trust Through Cybersecurity

Afternoon Cyber Tea with Ann Johnson

Play Episode Listen Later Apr 5, 2022 36:31


Sean Joyce, Principal for Price Waterhouse Coopers Advisory Practice, joins Ann this week on Afternoon Cyber Tea to discuss the unprecedented rise of cyberattacks this past year and what new trends we should be paying attention to. Sean has also consulted on some of the most prolific cyber breaches, providing us with his expertise on what he believes organizations should enforce as best practices when building operational resilience.    In This Episode You Will Learn:     How to stop the spread of misinformation by building trust in cybersecurity   When to worry about the spread of misinformation as it relates to cybersecurity   Why companies should invest in Artificial intelligence and automation    Some Questions We Ask:     How concerned should we be given the rise and sophistication of new cyber-attacks?  What are some current trends we should all be paying attention to?  When we talk about defense, what should companies be investing in?      Resources:    View Sean Joyce on LinkedIn  View Ann Johnson on LinkedIn  Related:            Listen to: Security Unlocked: CISO Series with Bret Arsenault          Listen to: Security Unlocked         Afternoon Cyber Tea with Ann Johnson is produced by Microsoft and distributed as part of The CyberWire Network.  

Dental Slang With Dr. Christopher Phelps And Dr. Jodi Danna
Trying the New Hybrid Practice Model with Dr. Eric Jones

Dental Slang With Dr. Christopher Phelps And Dr. Jodi Danna

Play Episode Listen Later Mar 30, 2022 51:00


In our opinion, Dr. Eric Jones is the definition of a Super GP. There is nothing he won't do for his patients in the Atlanta-Metro area. He's adopted a new kind of “hybrid practice” model that incorporates a wide variety of procedures and multi-practice elements.  A hybrid office is an innovative way to give your patients exactly what they need while working together with other dentists. Dr. Jones can sometimes complete ten or more different procedures in one day. He walks us through a typical day in his practice and discusses some of the differences he sees between implant patients vs. filling patients.  Dr. Jones spent the first two years of his career in a small family practice, learning how to treat people and help patients live healthier lives. We discuss how this differs from a corporate dental setting and why we need to change the way we approach dentistry that focuses more on the patient experience.  Creating the right patient experience doesn't have to fall entirely on your shoulders. Dr. Jones recommends seeking out mentors, coaches, and other dentists who have the resources you need. This is how he sparked the idea for a hybrid dental office -- a business model where dentists work together to create a better work-life balance.  Dr. Jones works with dentists, helping them with everything from business planning to patient communication to team development and hiring the right people. He wants dentists to feel confident in their skills and their community. The idea is to break away from the corporate model and help dentists get to where they want to be while maintaining control of their practice and their business. In This Episode You Will Learn Why Dr. Jones teamed up with an anesthesiologist at the get-go 5:20 The differences between working in small practices vs. corporate offices 11:11 Why patients prefer having all their procedures in one place 17:20 The real rewards of working with implant cases 23:50 How the hybrid model can compete with the traditional corporate model 38:50 What corporate dentistry looks like in the Atlanta-Metro area 41:32 Some Questions We Ask How did Dr. Jones choose to become a GP? 1:11 What does a typical day in a hybrid office look like? 8:36 Does Dr. Jones love the business side of dentistry? 25:55 Where did Dr. Jones get the idea for a hybrid group practice? 30:33 What kind of training does Dr. Jones provide in his hybrid practice? 34:57 What's Dr. Jones' favorite dental slang to use around the office? 47:31  Resources Visit our website: www.DentalSlang.com Connect with us on Facebook: Dental Slang Get in touch with Dr. Eric Jones: drjones@dentalcombine.com

Dental Slang With Dr. Christopher Phelps And Dr. Jodi Danna
Step Out of Your Comfort Zone with Dr. Joe McEnhill

Dental Slang With Dr. Christopher Phelps And Dr. Jodi Danna

Play Episode Listen Later Feb 23, 2022 47:36


Dr. Joe McEnhill sort of fell into dentistry. As a student in Belfast, he was torn between medicine and dentistry. But, he was meant to be a dentist. After all, his sister and both of his brothers are also dentists.  He'll jokingly tell you he's the best of them because he has the most letters after his name. We think he's one of the best because of his hunger for knowledge and skills as a surgical dentist. Yes, dental surgery can be intimidating. Do you remember how many teeth you extracted in dental school? You aren't alone — we can count how many we practiced extractions on one hand. That's why Dr. McEnhill recommends starting small and simple to build your confidence. The first steps he took into dental surgery were removing wisdom teeth and fixing fractured jaws.  Starting with the basics will give you the foundation you need to build a robust set of skills. Then, build a portfolio gradually and play to your strengths and the needs of your patients. Dr. McEnhill discusses how owning a dental practice in a small town impacted his desire to learn new skills. He advises starting with techniques and practices you can fit into your schedule and space. But when your patients have to wait weeks or even months out for referral appointments, learning how to do minor surgeries for their sake can make a world of difference. To get dentists comfortable with the surgery side of things, Dr. McEnhill is developing his own dental surgery courses for dentists —The Dental Speakeasy. These video courses come with a hands-on perspective to give dentists a chance to hone basic surgical skills. These courses are for dentists who sometimes get stuck with an ornery tooth that just won't come out. Surgical skills can give you what you need to step back and take a new approach. Dr. McEnhill offers advice on how to take that leap and the steps he's taking himself to get over the hurdles of imposter syndrome. Some of us will have to step out of our comfort zones if we want to try our hand at dental surgery, but it's never too late to learn something new.  In This Episode You Will Learn: What it was like to grow up in Northern Ireland 2:00 How to seize surgery training opportunities in your dental career 11:39  Ways dental education has changed after COVID-19 14:17   How working in small towns motivated Dr. McEnhill to develop his skills 28:35 The art of “speaking easy” to your patients about dental surgeries 39:50  Where to sign up for Dr. McEnhill's training courses 43:52 Some Questions We Ask:                                       How many people in Dr. McEnhill's family are dentists? 8:58 Where can dentists find hands-on video courses to learn surgical skills? 17:50 What does Dr. McEnhill mean when he says “conducting” dentistry? 22:20 How can we push ourselves out of our comfort zones? 34:40 What is Dr. McEnhill doing next to step out of his comfort zone? 37:58 What dental slang does Dr. McEnhill use most often? 45:54 Resources: Visit our website: www.DentalSlang.com Connect with us on Facebook: Dental Slang Read Dr. McEnhill's article in The New Dentist: “This Will Feel Like I'm Ripping Your Head Off”

Afternoon Cyber Tea with Ann Johnson
Building Customer Trust in the Face of Cyber Attacks

Afternoon Cyber Tea with Ann Johnson

Play Episode Listen Later Feb 22, 2022 33:25


Named one of the Top 25 women leaders in cybersecurity Wendy Thomas, President, and CEO of SecureWorks joins Afternoon Cyber Tea with Ann Johnson to examine building customer trust during a time of unprecedented cyberattacks. With more than 25 years of experience in strategic and functional leadership roles Wendy shares her unique perspective and guidance when helping organizations improve their security posture, and ways to develop and maintain a successful operational resilience plan. She and Ann also dive into the relationship between machine learning and human intelligence and how it will help build the SOC of the future.    In This Episode You Will Learn:     How to deal with new attacks on cloud services  How global organizations can protect their core operations and services  Why we need to be concerned about prefabricated ransomware kits  Some Questions We Ask:     How should a traditional SOC adjust to remote work policies?   Why has it been challenging to recruit and retain the next generation of cyber talent?  When should we be concerned about the lack of protection against new cyberattacks?     Resources:     View Wendy Thomas on LinkedIn  View Ann Johnson on LinkedIn     Related:          Listen to: Security Unlocked: CISO Series with Bret Arsenault        Listen to: Security Unlocked       Afternoon Cyber Tea with Ann Johnson is produced by Microsoft and distributed as part of The CyberWire Network.  

The CyberWire
Bonus: Afternoon Cyber Tea: IoT-Based Infrastructures

The CyberWire

Play Episode Listen Later Feb 21, 2022 29:52


Afternoon Cyber Tea with Ann Johnson is a CyberWire Network podcast created by Microsoft Security. It's a bi-weekly show that comes out every other Tuesday. We thought you would enjoy this episode in particular and hope you consider subscribing in your favorite podcast app. Diana Kelly, the co-founder, and CTO of SecurityCurve, a cybersecurity consulting firm, joins Ann Johnson on this episode of Afternoon Cyber Tea. Diana is a globally known security expert who donates much of her time volunteering in the cybersecurity community while also serving on the Association for Computing Machinery Ethics and Plagiarism Committee. Diana talks with Ann about helping inexperienced organizations get up to speed on the cybersecurity landscape, some of the current significant security and privacy hurdles currently plaguing the field, and some of the best practices to assist network defenders and users trying to combat botnet threats.      In This Episode You Will Learn:      How companies can protect themselves from new unsecure devices   When security risks correspond with access management and IoT devices  Why we need security programs to grow to a new level     Some Questions We Ask:  How should network defenders and users combat botnet threats?  What types of universal IoT standards need to be created?   What privacy hurdles are currently plaguing the field of IoT-connected devices?     Resources:    View Diana Kelly on LinkedIn  View Ann Johnson on LinkedIn    Related:   Listen to: Security Unlocked: CISO Series with Bret Arsenault     Listen to: Security Unlocked   Afternoon Cyber Tea with Ann Johnson is produced by Microsoft and distributed as part of The CyberWire Network.  

Security Unlocked
Cryptojacking, and Farewell for Now!

Security Unlocked

Play Episode Listen Later Feb 16, 2022 36:33


The success of crypto inspired dozens of other cryptocurrencies like Ethereum, Tether, and Dogecoin. Today, people worldwide use cryptocurrencies to buy things, sell things, and make investments. One thing is certain; digital currencies are here to stay, no matter how many times you have to explain what a bitcoin is. Unfortunately, it also created the world of cryptojacking, a form of cybercrime that remains completely hidden from the target and can infect millions of computers with cryptojacking malware. Which brings us to the fundamental question: What can organizations do to protect themselves?   In this episode of Security Unlocked, hosts Natalia Godyla and Nic Fillingham are joined by Microsoft senior software engineer Amitrajit Banerjee and senior staff architect at Intel Rahul Ghosh to discuss the history and prevalence of cryptojacking. The push behind a cryptojacking attack is almost always motivated by money. Mining cryptocurrencies can be very lucrative, but making a profit is challenging unless you cover high costs. They discuss the importance of understanding the actual concept of mining, how victims' CPU power and computing resources can be used, and why it isn't easy in general to detect crypto miners.     In This Episode You Will Learn:     How prevalent is cryptojacking and who should be worried  When and how people are exposed to these new types of threats  Why you should be familiar with cryptojacking    Some Questions We Ask:     How are victims' CPU power and computing resources used to mine cryptocurrencies?  What created this environment where cryptojacking is possible?  What are some general techniques when trying to identify cryptojacking?     Resources:    The increasing threat of cryptocurrency miners  Defending against cryptojacking  Guidance for preventing, detecting, and hunting for exploitation    View Amitrajit Banerjee on LinkedIn  View Rahul Ghosh on LinkedIn  View Nic on LinkedIn   View Natalia on LinkedIn      Related:    Listen to: Security Unlocked: CISO Series with Bret Arsenault      Listen to: Afternoon Cyber Tea with Ann Johnson       Security Unlocked is produced by Microsoft and distributed as part of The CyberWire Network.     

Dental Slang With Dr. Christopher Phelps And Dr. Jodi Danna
Dr. Nate Jeal and the Dirty Word of Dentistry

Dental Slang With Dr. Christopher Phelps And Dr. Jodi Danna

Play Episode Listen Later Feb 9, 2022 48:49


Dr. Nate Jeal is proof that the path to dentistry doesn't have to be conventional. This “unconventional” path put him on many different journeys, and he quickly learned how taking control of one's life can open up many different doors.  Today, Dr. Jeal owns three dental practices, one of which he started from the ground up. This is a seemingly wild path from his previous experiences as a butcher and bike mechanic. Overall, Dr. Jeal and his wife have owned six dental practices, and he offers his insight into what it's like to have to hit the ground running. Learning a bunch of things in a hurry is never easy, but he shares what he's learned, and we discuss all of the highs and lows of growing and marketing for a multi-practice business. When we talk about growth, we're discussing more than the financial. Growth means team development and learning how to train your team and hire the type of people who are internally motivated for success. We discuss the biggest challenge of hiring and keeping good people and how the future of multi-practice dentistry is changing.  Dr. Jeal doesn't buy into all the “doom-and-gloom talk,” he says, and he shares what he's looking forward to most in our industry. He's had to change up his marketing strategy like many of us after COVID-19, but the $100,000 Day strategy he developed with his wife is stronger than ever. We discuss how they keep up with it and more ways he continues to reach patients during the pandemic. There's a key framework to understanding and talking to people, Dr. Jeal says. Sales is serving people, and providing them with solutions to their problems should be at the top of your marketing strategy.  It's more important than ever to listen to our patients and address their priorities rather than our own. Dr. Jeal shares the top questions dentists can ask their patients about their oral health and how to work their answers into a successful marketing strategy. Unfortunately, too many dentists aren't thinking proactively about what to ask their patients, and Dr. Jeal offers great advice for how dentists can approach their patients about treatment plans and more. In This Episode You Will Learn: The highs and lows of building a multi-practice business 5:50 How Dr. Jeal developed the $100,000 day principles 17:45 The four types of customer categories dental patients fall into 29:35 The four words Dr. Jeal and his staff are never allowed to forget 36:30 The conversational framework Dr. Jeal uses to talk to his patients about treatment costs 40:30 How to get in touch with Dr. Jeal online 46:00 Some Questions We Ask: How did Dr. Jeal get into dentistry and become a multi-practice owner? 1:30 What does the future hold for multi-practice owners? 10:30 How did COVID-19 impact Dr. Jeal's dental practice in Canada? 14:48 Is “sales” a bad word in dentistry? 23:33 Why are dentists bad at understanding the difference between “how” and “why”? 37:51 What dental slang does Dr. Jeal use in his offices? 43:17 Resources: Visit our website: www.DentalSlang.com Connect with us on Facebook: Dental Slang Learn more about the $100,000 Day formula: $100,000 Invisalign Day Get in touch with Dr. Jeal on Instagram: @drnatejeal

Dental Slang With Dr. Christopher Phelps And Dr. Jodi Danna
Take The Marketing Journey with Cally Gedge

Dental Slang With Dr. Christopher Phelps And Dr. Jodi Danna

Play Episode Listen Later Feb 2, 2022 46:56


You aren't alone. Many dentists need help with business marketing. That's where Cally Gedge, owner of Connect My Marketing, can help. Don't worry — if you aren't marketing savvy, this episode of Dental Slang is for you. Cally Gedge breaks down some key dental marketing terms, including retargeting and google pay-per-click, and discusses what different leads mean for your business. Connect My Marketing works closely with dentists in the UK and the US to help them build a marketing strategy that works for them, their team, and their patients. It may surprise you to learn that there aren't many differences in international marketing strategies, but Mrs. Gedge does offer ways dentists can change the way they approach social media. Cally Gedge stays away from the generic marketing approach we see in the States and focuses more on the unique marketing goals each of her clients has. Marketing is more than scheduling posts and counting likes — dentists can find their market and deliver the right solution for their patients' problems. We discuss ways dentists can showcase their businesses online. The trick is to give patients a window into what goes on at the dental office. Mrs. Gedge offers strategies for pivoting your marketing approach, especially during the pandemic when patients are looking for different perspectives from their medical providers. Because marketing isn't just data, it's people — it's how your team interacts with patients, how you interact with the patients in your chair, and the kind of impact you have on your community. In This Episode You Will Learn: What happens during the first marketing meeting with Connect My Marketing 6:40 Connect My Marketing's special sauce 9:05 How to define your market as a dental business owner 26:09 How important your team is to your marketing plan 35:13 The top three marketing slang phrases Mrs. Gedge uses in her office 42:00 Some Questions We Ask: How did Mrs. Gedge get into marketing? 2:18 What is “retargeting” in dental marketing? 14:46 How did Mrs. Gedge change social media marketing strategies after COVID-19? 20:57 How do dentists sometimes impede their own marketing success? 39:30 How can you get in touch with Mrs. Gedge? 44:28 Resources: Visit our website: www.DentalSlang.com Connect with us on Facebook: Dental Slang Get in touch with Cally Gedge: cally@connectmymarketing.com Learn more about Connect My Marketing: Connect Dental Marketing Agency

covid-19 uk marketing states some questions we ask how
Afternoon Cyber Tea with Ann Johnson
Protecting Journalism and Free Speech

Afternoon Cyber Tea with Ann Johnson

Play Episode Listen Later Jan 25, 2022 23:42


Runa Sandvik, a modern-day hacker and computer security expert joins Ann Johnson on this week's episode of Afternoon Cyber Tea. Having a reputation as a staunch proponent of strong encryption, Runa was hired by The New York Times as their first senior director of information security. Ann and Runa discuss instituting new high-tech security measures at The Times, what types of skills she believes all journalists should possess today, and what she believes the tech industry should be doing more of when protecting against disinformation.   In This Episode You Will Learn:      How journalists conduct research while dealing with online threats    When journalists need to start worrying about disinformation   Why we have an increase in cyberattacks on journalists    Some Questions We Ask:     How did you implement various security advancements at The New York Times?  Why are criminals attacking media companies?  What types of cyber skills should all journalists possess today?  Resources:    Glitch-Cat  View Runa Sandvik on LinkedIn  View Ann Johnson on LinkedIn  Related:         Listen to: Security Unlocked: CISO Series with Bret Arsenault       Listen to: Security Unlocked      Afternoon Cyber Tea with Ann Johnson is produced by Microsoft and distributed as part of The CyberWire Network.     

Dental Slang With Dr. Christopher Phelps And Dr. Jodi Danna
Learning New Ways to Talk with Patients from Dr. Bao Tran Nguyen

Dental Slang With Dr. Christopher Phelps And Dr. Jodi Danna

Play Episode Listen Later Jan 12, 2022 38:39


Sales can be a dirty word in dentistry, but it doesn't have to be. Dr. Bao-Tran Nguyen, co-founder of Fast Growth Practice, tells us about her approach to marketing that will actually get you excited about…shh… sales.  Remember, we're not selling something people don't need. Therefore, your sales strategy shouldn't be selling certain types of treatments. Instead, the strategy you should focus on is how you communicate with patients. Dr. Nguyen offers advice on the right power questions to ask that lead patients to the point where they take ownership and say exactly what they need  so you can help them with a solution. After all, when you truly believe in your solutions then selling is serving! Too often, too many dentists are on autopilot. We're all very good at diagnosing, but we aren't always so good at communicating these diagnoses and treatment plans to our patients. Unfortunately, communication isn't something they teach in dental school. That's where Dr. Nguyen comes in. Of course, dentists must be willing to change themselves, but it's never too late to learn something new, especially when it comes to marketing. It takes a certain kind of personality to seek out new opportunities and embrace change, but it gets so much easier once you take that first step. Listen now for advice on setting conversation agendas with patients and the secret formula for the $100,000 day. If you would like to get in touch with Dr. Nguyen, send an email to drbaotran@fastgrowthpractice.com or a direct message on Instagram @drbaotran. In This Episode You Will Learn About Dr. Nguyen's amazing journey and how it has shaped her future  3:13 How to take advantage of new opportunities 7:40 The most common routines dentists fall into 16:16 The types of marketing Dr. Nguyen uses most 25:23 What Dr. Nguyen's ideal coaching client looks like 31:12 Some Questions We Ask How did the business side of dentistry bring Drs. Nguyen and Jeal together? 1:11 What inspired Dr. Nguyen to start Fast Growth Practice and design The $100,000 Day formula? 18:08 What kind of niche marketing and growth strategies make Fast Growth Practice stand out from the rest? 27:22 What kind of slang does Dr. Nguyen use with clients? 36:46

Afternoon Cyber Tea with Ann Johnson

Lauren Buitta, co-founder and CEO of Girl Security, shares how advancing girls, women, and gender minorities in national security leads to better cyber defense on today's episode of Afternoon Cyber Tea with Ann Johnson. Lauren began as a policy analyst with the National Strategy Forum, a nonpartisan think tank, focusing on a wide range of national and global security issues, including domestic terrorism, transnational threats, and cybersecurity. Ann and Lauren discuss what led her to launch Girl Security, what the industry could do differently to help women grow in security, and why it is crucial to engage young girls in discourse about disinformation?  In This Episode You Will Learn:     How to become involved with Girl Security  The barriers women face when searching for a security career  Why we are having issues finding new security talent  Some Questions We Ask:     How can we remove barriers for women in security?    Why is it important to involve young women in uncovering misinformation?  What are the reasons behind women only taking up 20% of our industry?      Resources:    Girl Security  View Lauren Buitta on LinkedIn  View Ann Johnson on LinkedIn    Related:        Listen to: Security Unlocked: CISO Series with Bret Arsenault      Listen to: Security Unlocked     Afternoon Cyber Tea with Ann Johnson is produced by Microsoft and distributed as part of The CyberWire Network.    

ceo microsoft girl security some questions we ask how
Security Unlocked
I am Shroot-less

Security Unlocked

Play Episode Listen Later Dec 22, 2021 36:45


Microsoft works around the clock to protect their customers, no matter what product they're using, Microsoft or otherwise. In some instances Microsoft teams up with other companies, creating an all-star cybersecurity team, to handle newly discovered vulnerabilities. It helps everyone stay more secure, and of course, that's the ultimate goal, right?     In this episode of Security Unlocked, hosts Natalia Godyla and Nic Fillingham are re-joined by Jonathan Bar Or, Principal Security Researcher at Microsoft. Jonathan discusses the recently discovered vulnerability that could let attackers bypass System Integrity Protection (SIP) in macOS, why he believes in investing in cross-platform protection, and the importance of collaboration between security researchers, software vendors, and the larger security community.     In This Episode You Will Learn:  What is System Integrity Protection (SIP)  How attackers can bypass SIP  How attackers can use the Shrootless vulnerability    Some Questions We Ask:  How did you find the Shrootless vulnerability?  How do you decide what products to assess?  How does the process of submitting a vulnerability to Apple work?     Resources:    Microsoft finds new macOS vulnerability - Shrootless  View Jonathan Bar Or on LinkedIn  View Nic on LinkedIn   View Natalia on LinkedIn     Related:    Listen to: Security Unlocked: CISO Series with Bret Arsenault      Listen to: Afternoon Cyber Tea with Ann Johnson       Security Unlocked is produced by Microsoft and distributed as part of The CyberWire Network.     

apple microsoft macos principal security researcher some questions we ask how
Afternoon Cyber Tea with Ann Johnson
The Next Cyber Defender

Afternoon Cyber Tea with Ann Johnson

Play Episode Listen Later Dec 14, 2021 25:06


Jessica Gulick, Founder, and CEO of KATZCY, a woman-owned cyber consulting firm driven to help cybersecurity experts become great leaders, joins Ann Johnson on today's episode of Afternoon Cyber Tea. Ann and Jessica discuss the evolution of cybersecurity gaming competitions, why these events are crucial to inspiring young people, and who she believes is the next generation of cyber defenders. As the founder and commissioner of US Cyber Games, an organization committed to informing and inspiring the broader community on ways to develop tomorrow's cybersecurity workforce, Jessica also shares how the cyber industry can help train and retain the next generation of cyber defenders.    In This Episode You Will Learn:     The evolution of cybersecurity gaming competitions    Real time cyber skills training through eSports   Why we need to attract more women to the tech industry  Some Questions We Ask:     How can tech companies help maintain the pipeline of future cyber security talent?     What do you believe is the first step to alleviate the talent shortage?   When will the next generation of defenders catch up to the sophistication of attackers?     Resources:    Katzcy Digital Marketing Agency  View Jessica Gulick on LinkedIn   View Ann Johnson on LinkedIn  Related:   Listen to: Security Unlocked: CISO Series with Bret Arsenault     Listen to: Security Unlocked     Afternoon Cyber Tea with Ann Johnson is produced by Microsoft and distributed as part of The CyberWire Network. 

Afternoon Cyber Tea with Ann Johnson
IoT-Based Infrastructures

Afternoon Cyber Tea with Ann Johnson

Play Episode Listen Later Nov 30, 2021 29:07


Diana Kelly, the co-founder, and CTO of SecurityCurve, a cybersecurity consulting firm, joins Ann Johnson on this episode of Afternoon Cyber Tea. Diana is a globally known security expert who donates much of her time volunteering in the cybersecurity community while also serving on the Association for Computing Machinery Ethics and Plagiarism Committee. Diana talks with Ann about helping inexperienced organizations get up to speed on the cybersecurity landscape, some of the current significant security and privacy hurdles currently plaguing the field, and some of the best practices to assist network defenders and users trying to combat botnet threats.      In This Episode You Will Learn:      How companies can protect themselves from new unsecure devices   When security risks correspond with access management and IoT devices  Why we need security programs to grow to a new level     Some Questions We Ask:  How should network defenders and users combat botnet threats?  What types of universal IoT standards need to be created?   What privacy hurdles are currently plaguing the field of IoT-connected devices?     Resources:    View Diana Kelly on LinkedIn  View Ann Johnson on LinkedIn    Related:   Listen to: Security Unlocked: CISO Series with Bret Arsenault     Listen to: Security Unlocked   Afternoon Cyber Tea with Ann Johnson is produced by Microsoft and distributed as part of The CyberWire Network.  

microsoft infrastructure cto iot some questions we ask how
Security Unlocked
When Privacy Meets Security

Security Unlocked

Play Episode Listen Later Nov 10, 2021 39:06


The way most people operate online these days, what would you even consider private anymore? We are so quick to share details about our job, home, friends, and family without even thinking about how much personal info we're giving away. Privacy and user agreements are a part of almost everyone's life at this point, and what do you know about them? For the most part, we often see a user agreement pop up, click agree and move on, but do you know what you just agreed to? Privacy choices have become routine, though they shouldn't be.  In this episode of Security Unlocked, hosts Natalia Godyla and Nic Fillingham are joined by Privacy Counsel and Data Protection Officer at Asana, Whitney Merrill. She is an accomplished attorney with 7+ years of privacy, data security, and data governance experience. Whitney discusses how to avoid common privacy mistakes, current privacy attack trends, and the importance of thinking like an attacker.     In This Episode You Will Learn:     The role of encryption in privacy   Privacy attack trends you should be paying attention to  Why some organizations have different approaches to privacy     Some Questions We Ask:     How, and when, do privacy and security come together?   Why has a common framework been so difficult to establish?   Should regulators play a role in establishing a baseline of privacy awareness?     Resources:    View Whitney Merrill on LinkedIn  View Nic on LinkedIn   View Natalia on LinkedIn     Related:      Listen to: Security Unlocked: CISO Series with Bret Arsenault    Listen to: Afternoon Cyber Tea with Ann Johnson     Security Unlocked is produced by Microsoft and distributed as part of The CyberWire Network.  

Security Unlocked
The 2021 Microsoft Digital Defense Report

Security Unlocked

Play Episode Listen Later Oct 20, 2021 39:58


Okay, look, we know you plan on reading the entire 2021 MDDR at some point. But you're busy. Life gets in the way. We get it. Who has the time! Well, we've got the time, but that's beside the point, and honestly... fortunate for you. We've read the report front to back and have decided to cover some of it today on the podcast, but you'll still need to read all 134 pages yourself if you truly want to grasp the entire piece. Unless you want to be that person who listens to a single podcast and pretends they read the whole thing... then go ahead; we won't tell.  In this episode of Security Unlocked, hosts Natalia Godyla and Nic Fillingham are joined by Sian John, Microsoft's director of strategic growth. Sian is currently working with the business development team, exploring growth opportunities for Microsoft to strengthen security, compliance, and identity offerings that address unfulfilled needs in the market. As a security professional with over 25 years of experience, Sian accompanies us as we discuss the 2021 Microsoft Digital Defense Report, which she personally contributed to.       In This Episode You Will Learn:     The history and analysis of the 2021 Microsoft Digital Defense Report  The evolution of cybercrime services that are for sale  What's providing new attackers with access to deeper data    Some Questions We Ask:     How did Microsoft settle on the topics and themes of the 2021 MDDR?    What are some takeaways from the newly added disinformation chapter?  Why isn't Zero Trust being implemented, considering the conversations we've had that it's more critical than ever?      Resources:     2021 Microsoft Digital Defense Report  View Sian John on LinkedIn  View Natalia on LinkedIn  View Nic on LinkedIn   Related:     Listen to: Security Unlocked: CISO Series with Bret Arsenault   Listen to: Afternoon Cyber Tea with Ann Johnson  Security Unlocked is produced by Microsoft and distributed as part of The CyberWire Network.  

digital microsoft defense sian zero trust microsoft digital defense report some questions we ask how
Security Unlocked
Mobile 4N6 101

Security Unlocked

Play Episode Listen Later Oct 13, 2021 35:34


What would you say is the most personal possession that you own? Most would say their cell phone... unless you still have a few journals from high school. And if you do, this is your reminder that it might be time to let those go. It's become increasingly apparent lately how much info our phones collect from us, from the first app you check in the morning after waking up, recent calendar entries, and your actual heart rate by 9 am. The crazy part is most people don't give it a second thought. It doesn't interest us... until something or someone goes missing, then it becomes a road map to whatever it is you did.  In this episode of Security Unlocked, host's Natalia Godyla and Nic Fillingham are joined by Senior Digital Forensics Researcher at Cellebrite, SANS Author and Senior Instructor Sarah Edwards. Sarah walks us through the world of mobile digital forensics while also crushing our dreams on how not so relatable it is to our favorite CSI television shows. She explains what makes mobile forensics unique while incredibly intimate and how a mobile device can be used as part of an attack chain.   In This Episode You Will Learn:  The specific tools used during a digital forensics investigation  What the typical threat landscape looks like for mobile devices  Big trends and changes happening in the past few years    Some Questions We Ask:  How is mobile forensics particularly unique?  ​​What is typically looked for during an investigation?   How is a mobile device used as part of an attack chain?  Resources:  mac4n6.com  View Sarah Edwards on LinkedIn  View Nic on LinkedIn  View Natalia on LinkedIn  View Microsoft Security Blog  Related:    Listen to: Afternoon Cyber Tea with Ann Johnson  Listen to: Security Unlocked: CISO Series with Bret Arsenault    Security Unlocked is produced by Microsoft and distributed as part of The CyberWire Network. 

microsoft mobile csi cellebrite some questions we ask how
Transgender School
Spreading Social-Emotional Awareness While Having Fun with @normalizers

Transgender School

Play Episode Listen Later Oct 5, 2021 53:28


For members of the LGBTQ+ community, finding a safe space where they can be themselves is as fundamental as it is hard to find. The possibility of being comfortable in their surroundings and expressing their thoughts and feelings without fear of being ridiculed or humiliated is often unavailable to underrepresented minorities. This is why the work of our guests, Monica and Ash, is so important! By creating a safe space for the LGBTQ+ community on TikTok, they are literally saving lives. Monica, a former Sex Ed teacher, and her eldest Ash, a high-schooler who came out as a non-binary lesbian, have a TikTok profile, The Normalizers (@Monicatheteacher), with over 125 thousand followers and 6 million likes on their posts. They talk openly about sexual orientation, gender identity, pronouns, autism bullying, eating disorders, representation, and many other subjects. After starting over a couple of times and repurposing their content, they finally received the surprising yet well-deserved recognition that they now have. Their TikTok profile created a safe space for LGTBQ+ community members and their parents and allies, where everyone is free to express themselves and be who they are without any fear. In this episode, our conversation revolves around Monica and Ash's evolution as influencers, and their relationship before and after Ash came out to their mom, Monica, first as a lesbian and later as non-binary. We discuss the importance of creating safe spaces at home and normalizing talking about sexual orientation and gender identity. Monica and Ash shared some of their experience with hateful comments online, how they deal with them, and what they believe social media companies could do about it. Some Questions We Ask:How did you go from having these conversations within your family and yourself to posting videos and sharing that publicly? (16:08)What's it like to go upstream and create a safe place in this wild west of social media? How do you navigate that, and what do you think the companies can do better? (24:58)What is your take on where we're headed as a country? Is this country ever going to be a safe place for queer people? (34:23)In This Episode, You Will Learn:About the difference Ash and Monica make with their safe online space (5:07)Coming out and producing a car crash at the same time (12:33)About Monica's need to teach Social-Emotional learning to the world (17:26)How feeling anonymous helped Ash and Monica's community feel safer (42:38)Resources:Normalizers TikTok profileNormalizers podcastNormalizers InstagramNormalizers YouTube channelConnect with Jackie and Bridget:Transgender Support: Becoming a True Ally Video Course on VimeoTransgender School Patreon Membership with all exclusive contentTransgender School on MediumInstagramWebsite FacebookCommunity Facebook GroupYouTube Hosted on Acast. See acast.com/privacy for more information.

Security Unlocked
Turning to the Purple Side

Security Unlocked

Play Episode Listen Later Aug 25, 2021 25:23


Picture this: you're working on a new software that will revolutionize your industry. You've got your work cut out for you, from design to programming to integration. But what about security? Keeping your software secure should be in the conversation from day one, but not all developers are well-versed in application security. The good news is that you're not alone, and even if this picture that we've painted isn't of you, there are still very accessible ways to learn about application security and information security. One of these ways is We Hack Purple, created by a Microsoft alumnus.   In this episode of Security Unlocked, hosts Natalia Godyla and Nic Fillingham are joined by the founder of We Hack Purple and former Microsoft Senior Cloud Advocate, Tanya Janca, to discuss her company, trainings, and why it's so important to keep up with the newest movements in the world of security. Before founding her company, Tanya found herself red-teaming and blue-teaming, and declared herself in the world of Purple. She brings us into that world, breaks down app-sec framework, and even gives a few sci-fi book recommendations.   In This Episode You Will Learn:    How to keep up with new practices for security professionals  The frame work for application security  How to work with and communicate effectively with software developers  Some Questions We Ask:    How do we bridge the gap between developers and the security world?  What are the pros and cons of threat modeling?  Who should get involved in application security?   Resources:   We Hack Purple  View Tanya on LinkedIn  View Natalia on LinkedIn  View Nic on LinkedIn    Related: Listen to: Afternoon Cyber Tea with Ann Johnson Listen to: Security Unlocked Security Unlocked is produced by Microsoft and distributed as part of The CyberWire Network.

Security Unlocked
Discovering Router Vulnerabilities with Anomaly Detection

Security Unlocked

Play Episode Listen Later Jul 21, 2021 32:59


Ready for a riddle? What do 40 hypothetical high school students and our guest on this episode have in common? Why they can help you understand complex cyber-attack methodology, of course!  In this episode of Security Unlocked, hosts Nic Fillingham and Natalia Godyla are brought back to school by Principal Security Researcher, Jonathan Bar Or who discusses vulnerabilities in NETGEAR Firmware. During the conversation Jonathan walks through how his team recognized the vulnerabilities and worked with NETGEAR to secure the issue, and helps us understand exactly how the attack worked using an ingenious metaphor.     In This Episode You Will Learn:  How a side-channel attack works  Why attackers are moving away from operating systems and towards network equipment  Why routers are an easy access point for attacks  Some Questions We Ask:  How do you distinguish an anomaly from an attack?  What are the differences between a side-channel attack and an authentication bypass?  What can regular users do to protect themselves from similar attacks?    Resources:  Jonathan Bar Or's Blog Post Jonathan Bar Or's LinkedIn Microsoft Security Blog Nic's LinkedIn Natalia's LinkedIn   Related: Listen to: Afternoon Cyber Tea with Ann Johnson Listen to: Security Unlocked: CISO Series with Bret Arsenault  Security Unlocked is produced by Microsoft and distributed as part of The CyberWire Network. 

Security Unlocked
Looking a Gift Card Horse in the Mouth

Security Unlocked

Play Episode Listen Later Jul 7, 2021 31:36


Is it just me, or do you also miss the good ole days of fraudulent activity? You remember the kind I'm talking about, the emails from princes around the world asking for just a couple hundred dollars to help them unfreeze or retrieve their massive fortune which they would share with you. Attacks have grown more nuanced, complex, and invasive since then, but because of the unbelievable talent at Microsoft, we're constantly getting better at defending against it.   On this episode of Security Unlocked, hosts Nic Fillingham and Natalia Godyla sit down with returning champion, Emily Hacker, to discuss Business Email Compromise (BEC), an attack that has perpetrators pretending to be someone from the victim's place of work and instructs them to purchase gift cards and send them to the scammer. Maybe it's good to look a gift card horse in the mouth?     In This Episode You Will Learn:   Why BEC is such an effective and pervasive attack  What are the key things to look out for to protect yourself against one  Why BEC emails are difficult to track    Some Questions We Ask:   How do the attackers mimic a true-to-form email from a colleague?  Why do we classify this type of email attack separately from others?  Why are they asking for gift cards rather than cash?    Resources:   Emily Hacker's LinkedIn FBI's 2020 Internet Crime Report Microsoft Security Blog Nic's LinkedIn Natalia's LinkedIn    Related: Listen to: Afternoon Cyber Tea with Ann Johnson Listen to: Security Unlocked: CISO Series with Bret Arsenault  Security Unlocked is produced by Microsoft and distributed as part of The CyberWire Network. 

Security Unlocked: CISO Series with Bret Arsenault
Building a Stronger Security Team: Geoff Belknap, LinkedIn

Security Unlocked: CISO Series with Bret Arsenault

Play Episode Listen Later Jul 7, 2021 34:05


It's said that a chain is only as strong as its weakest link, but under the proper management – management with a keen eye towards investing in its own people – there is no such thing as a weak link, only an opportunity for growth.   In this episode, Microsoft CISO Bret Arsenault talks with Geoff Belknap, colleague and fellow CISO at LinkedIn, about what it means to build a team, not of experts, but of intrepid thinkers willing to learn something new and invest in themselves to grow.  In This Episode You Will Learn:  Why investing in people without a ‘necessary' skill can be more beneficial than hiring someone who checks all the boxes  Why focusing on yourself, in whatever way that manifests, is so crucial to a successful team  How security is fundamentally an interdisciplinary field  Some Questions We Ask:  How do we solve the gender gap in the industry?  What are some of the things Geoff has learned over the past year?  How do you promote employees and team members investing in themselves?  Resources:  Geoff Belknap's LinkedIn Brett Arsenault's LinkedIn Related: Listen to: Afternoon Cyber Tea with Ann Johnson Listen to: Security Unlocked Security Unlocked: CISO Series with Bret Arsenault is produced by Microsoft and distributed as part of The CyberWire Network.

Security Unlocked
A Day in the Life of a Microsoft Principal Architect

Security Unlocked

Play Episode Listen Later Jun 16, 2021 34:52


We're formally sending out a petition to change the phrase “Jack of all trades” to “Hyrum of all trades” in honor of this episode's guest, Hyrum Anderson. In this episode, hosts Natalia Godyla and Nic Fillingham sit down with Hyrum Anderson who, when he's not fulfilling his duties as the Principal Architect of the Azure Trustworthy ML group, spends his time playing accordions, making cheese, and founding impressive technology conferences. He does it all!   Rather than chatting with Hyrum about a specific capability that he's helped to develop, or a blog post that he co-authored – because, believe us, the episode would last for hours – we decided to have a chat with him about his life, how he first got into the world of technology, and his thoughts on the current state of cyber security.   In This Episode You Will Learn:   The differences between a risk and a threat  Why it's easier to attack than defend  What a Principal Architect of the Azure Trustworthy ML group does in his spare time  Some Questions We Ask:   How does Hyrum think about adversarial machine learning and protecting A.I. systems?  What is it like for Hyrum to oversee both the red teaming and defensive side of operations?  Why are we better at finding holes in security than we are at making sure they don't exist in the first place?     Resources:   Hyrum Anderson's LinkedIn Hyrum Anderson's Twitter Conference on Applied Machine Learning in Information Security (CAMLIS) Machine Learning Security Evasion Competition Microsoft Security Blog Nic's LinkedIn Natalia's LinkedIn    Related: Listen to: Afternoon Cyber Tea with Ann Johnson Listen to: Security Unlocked: CISO Series with Bret Arsenault  Security Unlocked is produced by Microsoft and distributed as part of The CyberWire Network. 

Security Unlocked
Securing the Cloud with Mark Russinovich

Security Unlocked

Play Episode Listen Later May 12, 2021 30:08


On this week's Security Unlocked, we're pulling a bait and switch! Instead of our regularly scheduled programming, we're going to be featuring the first episode of our new podcast, Security Unlocked: CISO Series with Bret Arsenault. Each episode is going to feature Microsoft's CISO Bret Arsenault sitting down with other top techies in Microsoft and other companies in the industry.   In its inaugural episode – which we're featuring on this episode – Bret sits down with Mark Russinovich, Chief Technology Officer of Microsoft's Azure. Mark has a unique perspective on cloud technologies and offers insight into the changes that have occurred over the past few years due to advancing technology and the unique challenges brought about during the coronavirus pandemic. Enjoy this first episode of the new series and remember to subscribe so you catch all the rest that are yet to come.   In This Episode You Will Learn:  The initialism FFUUEE and why it's important in understanding people's resistance to adopting newer security capabilities  Mark Russinovich's three points of advice for those looking to become more secure  Theories on improving MFA adoption across the board  Some Questions We Ask:  How do we think of cloud security now versus ten years ago?  What does a leading engineer think of moving toward a hybrid workforce?  How do you find and screen potential new team members in a remote world?  Resources  CISO Series with Bret Arsenault Brett Arsenault's LinkedIn Mark Russinovich's LinkedIn Microsoft Security Blog Nic's LinkedIn Natalia's LinkedIn Related: Listen to: Afternoon Cyber Tea with Ann Johnson Listen to: Security Unlocked: CISO Series with Bret Arsenault  Security Unlocked is produced by Microsoft and distributed as part of The CyberWire Network. 

Security Unlocked: CISO Series with Bret Arsenault
Securing the Cloud With Mark Russinovich

Security Unlocked: CISO Series with Bret Arsenault

Play Episode Listen Later May 12, 2021 29:08


Something special can happen when you bring brilliant people together for a conversation, and over the course of this limited series we're bringing you six incredible discussions between the top minds in the tech industry to prove it. For our inaugural episode of Security Unlocked: CISO Series with Bret Arsenault, Bret sits down with Microsoft's Mark Russinovich to have a conversation as colleagues and friends. What ensued was an in-depth conversation about the intricacies of digital information security and the vital role of the cloud.  As the Chief Technology Officer of Microsoft's Azure, Mark has a unique perspective on cloud technologies and offers insight into the changes that have occurred over the past few years due to advancing technology and the unique challenges brought about during the coronavirus pandemic.  In This Episode You Will Learn:  The initialism FFUUEE and why it's important in understanding people's resistance to adopting newer security capabilities  Mark Russinovich's three points of advice for those looking to become more secure  Theories on improving MFA adoption across the board  Some Questions We Ask:  How do we think of cloud security now versus ten years ago?  What does a leading engineer think of moving toward a hybrid workforce?  How do you find and screen potential new team members in a remote world?  Resources:  Mark Russinovich's LinkedIn Brett Arsenault's LinkedIn Related: Listen to: Afternoon Cyber Tea with Ann Johnson Listen to: Security Unlocked Security Unlocked: CISO Series with Bret Arsenault is produced by Microsoft and distributed as part of The CyberWire Network.

Transgender School
Understanding The Lack Of Trust Between The LGBTQ Community And Law Enforcement

Transgender School

Play Episode Listen Later May 4, 2021 59:05


If we compare our society with the way things were 10 or 15 years ago, we can see advances regarding trans equality and safety. Still, there is often a lack of trust between members of the LGBTQ community and the law enforcement professionals who are meant to protect them. Reports indicate that approximately half of transgender people feel uncomfortable seeking police assistance. We wanted to understand the issues and talk about the ways to increase awareness and equity. In this episode, we had a fantastic conversation with Delwin Lampkin, Founder of Harbinger Horizon LLC, which provides professional development for individuals and organizations in the areas of workplace harassment prevention, cultural diversity, team building, workplace safety discussions, and adult learning. Del is also a law enforcement professional. He generously shared his story of how and why he decided to become a law enforcement officer and his constant striving to become a better, more empathetic servant. We talked about the importance of educating society on transgender identities and how to communicate respectfully across differences. We also touched on diversity courses for law enforcement officers and the importance of starting the change with ourselves. Tune in, and listen to Delwin's vision of what we can all do to make the world a safer, more compassionate, inclusive place. Some Questions We Ask:How can we build trust between law enforcement and the LGBTQ community? (4:52)What kind of training on diversity and cultural diversity inclusion are law enforcement officials learning? (13:19)Can you tell us a bit about your background and how you came to be this incredibly successful person? (22:23)How do you create that shift of heart and mind when teaching people to understand all this? (41:36)In This Episode, You Will Learn:The police are the public, and the public are the police (7:10)Misgendering and deliberate misgendering by law enforcement officers (10:34)Creating policies not because they're the flavor of the month but because they want to make a real change (20:08)Inequality in schools as an enemy to attack (40:10)Starting the transition with ourselves. The individual contribution to society (44:21)Resources:Harbinger Horizon LLC WebsiteHarbinger Horizon LLC YouTubeHarbinger Horizon LLC InstagramHarbinger Horizon LLC FacebookBook: Janet Mock - Redefining Realness: My Path To Womanhood, Identity, Love & So Much MoreConnect with Delwin:LinkedInConnect with Jackie and Bridget:Our True Ally Course on VimeoOur Patreon Exclusive ContentJune 12 Pride Month Livestream, 1 pm PDTMediumInstagramWebsite FacebookCommunity Facebook GroupYouTube Hosted on Acast. See acast.com/privacy for more information.

Security Unlocked
The Language of Cybercrime

Security Unlocked

Play Episode Listen Later Apr 7, 2021 39:43


How many languages do you speak? The average person only speaks one or two languages, and for most people that's plenty because even as communities are becoming more global, languages are still very much tied to geographic boundaries. But what happens when you go on the internet where those regions don't exist the same way they do in real life? Because the internet connects people from every corner of the world, cybercriminals can perpetrate scams in countries thousands of miles away. So how do organizations like Microsoft's Digital Crime Unit combat cybercrime when they don't even speak the language of the perpetrators?   On today's episode of Security Unlocked, hosts Nic Fillingham and Natalia Godyla sit down with Peter Anaman, Principal Investigator on the Digital Crimes Unit, to discuss how Peter looks at digital crimes in a very interconnected world and how language and culture play into the crimes being committed, who's behind them, and how to stop them.   In This Episode, You Will Learn: Some of the tools the Digital Crime Unit at Microsoft uses to catch criminals.   How language and cultural factors into cyber crime  Why cyber crime has been on the rise since Covid began  Some Questions We Ask: How has understanding a specific culture helped crack a case?  How does a lawyer who served as an officer in the French Army wind up working at Microsoft?  Are there best practices for content creators to stay safe from cyber crime?  Resources Peter Anaman's LinkedIn Microsoft Security Blog Nic's LinkedIn Natalia's LinkedIn Related: Listen to: Afternoon Cyber Tea with Ann Johnson Listen to: Security Unlocked: CISO Series with Bret Arsenault  Security Unlocked is produced by Microsoft and distributed as part of The CyberWire Network. 

Security Unlocked
Celebrating Women in Security

Security Unlocked

Play Episode Listen Later Mar 8, 2021 36:35


Today is International Women's Day, and we are celebrating with a very special episode of Security Unlocked. Hosts Nic Fillingham and Natalia Godyla revisit their favorite interviews with some of the prominent women featured previously on the podcast. We speak with Holly Stewart, a Principal Research Lead at Microsoft and known in the Defender organization as “The Queen of AI.” Holly shares how building a security team with different perspectives helps to better understand and stop threats. Next, we talk with Dr. Anna Bertiger, a Senior Applied Scientist at Microsoft. Anna has an incredible passion for math and explains how she's using math to catch villains and make computer networks safer.  Finally, we explore what it's like to hunt down threats with Sam Schwartz, a Program Manager with Microsoft Threat Experts. She came to Microsoft right out of college and didn't even know what malware was; now she's helping coordinate a team of threat hunters on the cutting edge of attack prevention.  Security Unlocked will be highlighting female security leaders at Microsoft throughout the month of March. Subscribe now to make sure you don't miss an episode!  In This Episode, You Will Learn: How math is used to help analyze attack trends  How AI and ML help identify patterns that can stop attacks  How threat hunters are tracking down the newest security risks  Why Microsoft Threat Experts are focused on human adversaries, not malware  Some Questions We Ask: How do AI and ML factor into solving complicated security problems?  What's next on the horizon for data science?  How do you use math to determine if an action is dangerous or benign?  Why do threat hunters need to limit the scope of their work?  What skills do you need to be a security program manager?  Resources:  Sam Schwartz's LinkedIn Dr. Anna Bertiger's LinkedIn Holly Stewart's LinkedIn Microsoft Security Blog Nic's LinkedIn Natalia's LinkedIn Related: Listen to: Afternoon Cyber Tea with Ann Johnson Listen to: Security Unlocked: CISO Series with Bret Arsenault  Security Unlocked is produced by Microsoft and distributed as part of The CyberWire Network. 

Security Unlocked
Enterprise Resiliency: Breakfast of Champions

Security Unlocked

Play Episode Listen Later Feb 17, 2021 46:19


Prior to the pandemic, workdays used to look a whole lot different. If you had a break, you could take a walk to stretch your legs, shake the hands of your co-workers, or get some 1-on-1 face time with the boss. Ahh... those were the days. That close contact we once had is now something that many of us yearn for as we've had to abruptly lift and shift from living in our office to working from our home. But communicating and socializing aren't the only things that were easier back then. The walls of your office have expanded, and with them, the boundaries of your security protocols. Small in-office tasks like patching a server have now become multi-step processes that require remote management, remote updates, and remote administrative control. With that comes the prioritization of resilience and what it means for enterprises, customers, and security teams alike. That's where remote enterprise resiliency comes into play.   Today on the pod, we explore the final chapter of the MDDR. Irfan Mirza, Director of Enterprise Continuity and Resilience at Microsoft, wraps up the observations from the report by giving hosts Nic Fillingham and Natalya Godyla the rundown on enterprise resiliency and discusses how we can ensure the highest levels of security while working from home. Irfan explains the Zero trust model and how Microsoft is working to extend security benefits to your kitchen or home office, or...  that make-shift workspace in your closet.   In the second segment, Andrew Paverd, Senior Researcher on the Microsoft Security Response Center Team and jack of all trades, stops by… and we're not convinced he's fully human. He's here to tell us about the many hats he wears, from safe systems programming to leveraging AI to help with processes within the MSRC, and shares how he has to think like a hacker to prevent attacks. Spoiler alert: he's a big follower of Murphy's Law.    In This Episode, You Will Learn:   How classical security models are being challenged  What the Zero Trust Model is and how it works   The three critical areas of resilience: extending the enterprise boundary, prioritizing resilient performance, and validating the resilience of our human infrastructure.   How hackers approach our systems and technologies    Some Questions We Ask:  How has security changed as a product of the pandemic?  Do we feel like we have secured the remote workforce?  What frameworks exist to put a metric around where an organization is in terms of its resiliency?  What is Control Flow Guard (CFG) and Control-Flow Integrity?  What's the next stage for the Rust programming language?   Resources:  Microsoft Digital Defense Report Irfan's LinkedIn Andrew's LinkedIn Microsoft Security Blog Nic's LinkedIn Natalia's LinkedIn Related: Listen to: Afternoon Cyber Tea with Ann Johnson Listen to: Security Unlocked: CISO Series with Bret Arsenault  Security Unlocked is produced by Microsoft and distributed as part of The CyberWire Network. 

Security Unlocked
Tackling Identity Threats With AI

Security Unlocked

Play Episode Listen Later Dec 23, 2020 57:23


The last thing we all need this year is an identity crisis. Fear not, hosts Nic Fillingham and Natalia Godyla are here with Maria Puertas Calvo, Data Science Lead of Microsoft's Identity Security and Protection Team, to learn how AI is being used to protect our personal identities. Maria also reveals previously undisclosed information – her favorite food and her famous top-secret recipe, so get ready to take notes!  Later, the hosts bring back a previous guest, Geoff McDonald, ML Research Lead at Microsoft to unpack his career in cybersecurity and how game hacking led him to where he is now.  In This Episode, You Will Learn: How offline detections are used for account compromise prevention  The importance of multi-factor authentication  How Microsoft is taking a new approach with AI to identify threats with real-time prevention   The problem with adversaries and malware attackers  Some Questions We Ask:  How is Microsoft applying AI to solve problems for account compromise prevention?  How do humans play a role in labeling data sets?  How is Microsoft measuring success of their new enhanced AI?  What is the future for neural networks?  Resources Maria's Blog Microsoft Security Blog Maria's LinkedIn Geoff's LinkedIn Nic's LinkedIn Natalia's LinkedIn Related: Listen to: Afternoon Cyber Tea with Ann Johnson Listen to: Security Unlocked: CISO Series with Bret Arsenault  Security Unlocked is produced by Microsoft and distributed as part of The CyberWire Network. 

ai identity microsoft threats tackling identity security data science lead some questions we ask how
Security Unlocked
Protecting the Under-Secured With Bad Behavior

Security Unlocked

Play Episode Listen Later Oct 14, 2020 39:14


In this episode, hosts Nic Fillingham and Natalia Godyla speak with Hardik Suri of the Microsoft Defender ATP Research Team about using behavior-based detection and machine learning to block attacks against Exchange servers, and why it's so critical to patch and enable security capabilities.   Then they speak to Dr. Karen Lavi, a Senior Data Science Lead in the Microsoft Defender Research Team, on the neuroscience of threat detection, and how her team is using AI and machine learning to predict and prevent malware attacks.  In This Episode, You Will Learn:   Why Exchange servers are so vulnerable  The best way to defend against web shells  The simple things security professionals can do to protect under-protected servers  How neuroscience factors into threat detection  How to catch ‘patient zero' in an attack  Some Questions We Ask:   How are techniques for detecting and blocking attacks evolving?   What's next for behavior-based blocking?   How does machine learning benefit security?   How do you build a diverse team to catch threats?   What's the next innovation in security research?   Resources: Microsoft Security Blog  Hardik's blog post Related: Listen to: Afternoon Cyber Tea with Ann Johnson Listen to: Security Unlocked: CISO Series with Bret Arsenault  Security Unlocked is produced by Microsoft and distributed as part of The CyberWire Network. 

The Pitstop Podcast
Ep. 35 - Improving Automotive eCommerce Conversion Rate Optimization with Kurt Elster

The Pitstop Podcast

Play Episode Listen Later Jun 3, 2019 49:40


We sit down with Kurt Elster, one of the most highly regarded independent consultants in his industry. Kurt Elster is a Senior eCommerce Consultant who helps Shopify merchants like Jay Leno's Garage uncover hidden profits in their websites through his eCommerce agency Ethercycle. With over one million downloads, Kurt is best known for hosting The Unofficial Shopify Podcast. In this episode, we go into detail on how to improve your eCommerce auto parts store's conversation rate to generate more part and accessory sales. Kurt also provides some color on why Shopify could be a good auto parts eCommerce solution for parts departments and auto part resellers alike. SOME QUESTIONS WE ASK How did you get into the eCommerce industry? (2:07) Why do recommend Shopify for automotive eCommerce? (9:17) What's been the biggest change in the automotive industry since you started working? (14:30) How do online merchants avoid “the race to the bottom” on price? (16:55) Increasing online part sales with content marketing. (20:30) How should automotive brands prepare for the rise of social commerce? (26:09) Having multiple points of communication. (32:02) Improving your online customer service strategy (34:39) Increasing conversion rate optimization and retention. (37:20) How has CRO evolved over the years now that eCommerce is largely mobile first? (38:21) One piece of advice you'd give any Fixed Operations Director, Parts Manager or anyone else selling parts online? (43:50) What's the average conversion rate for the top 500 internet retailers (46:03) CONNECT Website: https://www.oeminteractive.com Twitter: https://twitter.com/oeminteractive Facebook: https://www.facebook.com/oeminteractive Instagram: https://www.instagram.com/oeminteractive LinkedIn: https://www.linkedin.com/company/oeminteractive