Podcasts about threatvector insecurity podcasts

    You tired of hearing about the Cyber Skills Gap?   What about the recent unemployment numbers due to COVID19?   What if we brought you some really good news that includes a great story?   What if that good news and great story includes something that is replicable, accessible and available?   What if we get on with it and stop asking so many dumb questions?   In today’s episode of InSecurity, Matt Stephenson has a chat with Kip Boyle about the current state of employment in the cybersecurity world. Is it all doom and gloom? Make no mistake… there is reason to feel gloomy. But that doesn’t mean that it’s all doom. Kip is putting in the kind of work to bring folks into cybersecurity that gives us all a reason to be hopeful. Check it out…   About Kip Boyle     Kip Boyle (@KipBoyle) is a 20-year information security expert and is the founder and CEO of Cyber Risk Opportunities. He is a former Chief Information Security Officer for both technology and financial services companies and was a cyber-security consultant at Stanford Research Institute (SRI). Boyle led the global IT risk management program for a $9 billion logistics company and was the Wide Area Network Security Director for the F-22 Raptor program. He has participated in several cybersecurity war game exercises and has worked closely with various government agencies including the FBI. Boyle is a US Air Force officer and serves on the board of directors of the Domestic Abuse Women’s Network (DAWN). He’s been quoted in Entrepreneur magazine, Chief Executive magazine, and is the co-author of Chapter 68, Outsourcing Security Functions, in The Computer Security Handbook.   About Steve McMichael     Steve McMichael is a SOX Compliance Manager at BlackBerry… but not for much longer. He has a CPA, CMA and MBA… but always had a yen for the security side of the business world. How does someone with a resume like that make a move at a point in his career where many of us would be more than proud of our accomplishments?   Why not get it directly from the source?   About Matt Stephenson     Insecurity Podcast host Matt Stephenson (@packmatt73) leads the Security Technology team at Cylance, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecurity podcast and host of CylanceTV   Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Stephenson to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come   Every week on the InSecurity Podcast, Matt interviews leading authorities in the security industry to gain an expert perspective on topics including risk management, security control friction, compliance issues, and building a culture of security. Each episode provides relevant insights for security practitioners and business leaders working to improve their organization’s security posture and bottom line.   Can’t get enough of Insecurity? You can find us wherever you get your podcasts including Spotify, Stitcher, SoundCloud, I Heart Radio as well as   ThreatVector InSecurity Podcasts:   https://threatvector.cylance.com/en_us/category/podcasts.html   iTunes/Apple Podcasts link: https://itunes.apple.com/us/podcast/insecurity/id1260714697?mt=2   GooglePlay Music link: https://play.google.com/music/listen#/ps/Ipudd6ommmgdsboen7rjd2lvste   Make sure you Subscribe, Rate and Review!

    “There are leaders and there are those who lead. Leaders hold a position of power or influence. Those who lead inspire us.   Whether individuals or organizations, we follow those who lead not because we have to, but because we want to. We follow those who lead not for them, but for ourselves.”    -- Simon Sinek; Start with Why, 2009   Once upon a time, not that long ago… the music industry was flying high, peaking at over $22 BILLION in global sales then was laid low by a combination of events and technology it was not ready for.   There were decisions to be made which could have not only saved the industry, but made it thrive.   Leadership did not make those.   There were relationships to be forged with users that could have done the same.   The industry began suing their consumers.   What if industry leaders made a point to really look out for their users and their employees first? You think that might be a catalyst for a company to grow and thrive even though it is facing a potential disaster?   In today’s episode of InSecurity, Matt Stephenson sits down with Spirion CEO Kevin Coppins for a chat about the role of a new leader in the middle of the most tumultuous time in the modern computing era. Having spent time in the music+tech upheaval of the Napster era, Kevin Coppins has steered through some whitewater rapids in his time. What do we do when the whole world gets turned upside down? Stay tuned and find out…   About Kevin Coppins     As President and CEO of Spirion, Kevin Coppins (@ktcoppins) wakes up every day on a mission to protect what he knows matters most—your sensitive personal data. With a team of passionate data privacy professionals at his back, Kevin is working to re-envision the culture of entire industries, putting privacy at the forefront where it belongs.   Kevin’s more than 25-year track record of growth, leadership, and achievement spans multiple roles and industries. In addition to handling finance and procurement for non-tech giants ExxonMobil and Bausch & Lomb, he’s served in senior executive positions across the tech space at Novell, Alcatel Lucent, Meru Networks, EasyVista, CyFIR, and NEC. He has a BS in Marketing from Penn State, an MBA from Loyola University New Orleans, and a Certificate of Professional Development from University of Pennsylvania’s Wharton School of Business.   This unique diversity of experience and education equipped Kevin with the depth and breadth of skills needed to thrive at the helm of Spirion—a company whose data discovery and classification solutions have empowered the data privacy, security, and compliance strategies of thousands of organizations worldwide.   Kevin is determined to help C-suite execs understand the importance of minimizing their sensitive data footprint and preventing data breaches—not only to minimize the risks, costs, and reputational damage of successful cyberattacks and regulatory violations, but because it’s the right thing to do.   About Matt Stephenson     Insecurity Podcast host Matt Stephenson (@packmatt73) leads the Security Technology team at Cylance, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecurity podcast and host of CylanceTV   Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Stephenson to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come   Every week on the InSecurity Podcast, Matt interviews leading authorities in the security industry to gain an expert perspective on topics including risk management, security control friction, compliance issues, and building a culture of security. Each episode provides relevant insights for security practitioners and business leaders working to improve their organization’s security posture and bottom line.   Can’t get enough of Insecurity? You can find us wherever you get your podcasts including Spotify, Stitcher, SoundCloud, I Heart Radio as well as   ThreatVector InSecurity Podcasts: https://threatvector.cylance.com/en_us/category/podcasts.html   iTunes/Apple Podcasts: https://itunes.apple.com/us/podcast/insecurity/id1260714697?mt=2   Spotify: https://open.spotify.com/show/7qUp6uGXoshmBKHYJlXBtb?si=ZQdQWM39T6e4X5dgx1BZ0Q    Make sure you Subscribe, Rate and Review!

  What would you do if, overnight, the number of things under your protection increased by an order of magnitude?   Would you be ready?   Would you even know what to do?     On today’s episode of InSecurity, Matt Stephenson talks with Justin Kallhoff, founder of Infogressive, on the impact Quarantine and Shelter-in-Place orders have impacted the role Managed Security Service Providers. Suddenly, a company who already protected users in 21 countries had an entirely new ecosystem surrounding the one they already ran. What did they do? They started hiring… check it out     About Justin Kallhoff     Justin Kallhoff (@justinkallhoff) founded Infogressive Inc. in October of 2006 with a dream of creating a world-class team of information security professionals that could make a difference for clients spanning the globe. Over the past decade, Justin and the crew at Infogressive have built an enterprise spread over 46 states and 20 countries, comprising nearly 60,000 seats.     About Matt Stephenson       Insecurity Podcast host Matt Stephenson (@packmatt73) leads the broadcast media team at Cylance, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecurity podcast and video series at events around the globe.   Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Stephenson to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come   Every week on the InSecurity Podcast, Matt interviews leading authorities in the security industry to gain an expert perspective on topics including risk management, security control friction, compliance issues, and building a culture of security. Each episode provides relevant insights for security practitioners and business leaders working to improve their organization’s security posture and bottom line.   Can’t get enough of Insecurity? You can find us at ThreatVector InSecurity Podcasts, Apple Podcasts and GooglePlay as well as Spotify, Stitcher, SoundCloud, I Heart Radio and wherever you get your podcasts!   Make sure you Subscribe, Rate and Review!

Nothing you are about to hear is true… but it all happened… -- Fred Cohen 11 May, 2020     What happens when you get two legends of the security industry together for a chat about everything? Well… first, you can throw the carefully created outline right out the window because there is no way anyone can corrall these two into talking about just a few topics. The best you can hope for is that they agree to come back and do it again… because there’s just too much ground to cover and not nearly enough time to get into all of it in a single episode.     Let’s just say that we set out to have a discussion on creating a way to catalog all of the things that go into making things. That catalog would also include where those things were made and what they were made of and how they arrived from their place of origin. The catalog would then include data on the place of origin and what went on there… see where we’re going with this? It’s a bit like a fractal version of the periodic table of elements.     On today’s episode of InSecurity, Matt Stephenson did his best to stay out of the way in a freewheeling jam session with security legends Chris Blask & Dr Fred Cohen. Trying to describe their chat is like chasing mercury. Let it be known that the conversation included discussions of a Digital Bill of Materials for… pretty much everything, and the positive effect having access to this record could produce. But that doesn’t come near to doing justice to what all they covered… check it out     About Chris Blask         Chris Blask’s (@chrisblask) career spans the breadth of the cybersecurity industry for more than 25 years.   He invented one of the first firewall products, built a multi-billion dollar firewall business at Cisco System, co-founded an early SIEM vendor, authored the first book on SIEM, founded an information sharing center for critical infrastructures, and has advised public and private organizations in every sector around the world.   In his role within the Office of Innovation at Unisys, Chris created and leads the Operational Technology and IoT practices, invented the Digital Bill of Materials (DBoM) structure, and established the Unisys Marine Living Research Center.   Today he chairs a range of non-profit cybersecurity organizations and contributes to a wide range of global security efforts.      About Fred Cohen, PhD         Dr. Fred Cohen (@fc0) is widely considered to be one of the leading security/risk experts in the world. He is best known as the person that defined the term “computer virus” and inventor of the most widely used computer virus defense techniques.   Dr. Cohen was also the principal investigator whose team defined information assurance as it relates to critical infrastructure, did seminal research in the use of deception for information protection, a leader in the science digital forensic examination and leading information protection consultant and analyst.   He has authored over 200 published research articles, authored several books and established Masters and Ph.D. security programs now part of Webster University. In 2002 Dr. Cohen revived the “Techno-Security Industry Professional of the Year” award and in 2009 he was named the “most famous hacker of all time” by ABC news.     About Matt Stephenson         Insecurity Podcast host Matt Stephenson (@packmatt73) leads the broadcast media team at Cylance, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecurity podcast and video series at events around the globe.   Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Stephenson to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come     Every week on the InSecurity Podcast, Matt interviews leading authorities in the security industry to gain an expert perspective on topics including risk management, security control friction, compliance issues, and building a culture of security. Each episode provides relevant insights for security practitioners and business leaders working to improve their organization’s security posture and bottom line.     Can’t get enough of Insecurity? You can find us at ThreatVector InSecurity Podcasts, Apple Podcasts and GooglePlay as well as Spotify, Stitcher, SoundCloud, I Heart Radio and wherever you get your podcasts!     Make sure you Subscribe, Rate and Review!

Chris Coleman: Reversing the Economics of Cyber Defense     “When you are able to maintain your own highest standards of integrity - regardless of what others may do - you are destined for greatness.”  -- Napoleon Hill   On today’s episode of InSecurity, Matt Stephenson & Michelle Moskowitz chat with Chris Coleman, Advisor to the Chairman fo Lookingglass Cyber Solutions. In a wide-ranging discussion they take a look that escalating cybersecurity arms race, the role of Venture Capital in growing or stifling innovation and the need for standards in interoperability across the world of hardware and software in order to increase the security industry’s chancing of winning this battle.   About Chris Coleman     Chris Coleman (@cdeltac) has over 20 years of experience in information security and technology industry. He currently serves in an Advisor to the Chairman at Lookingglass Cyber Solutions. Prior to his stint as CEO at Lookingglass, Coleman served as the Director of Cyber Security for Cisco Systems' U.S. Public Sector Theater. Chris focused on driving Cisco and partner technology into solutions that helped address customer problems and leverage the core value of Cisco’s network technologies. Coleman served as a liaison between sales and engineering with regards to cyber security technology and development. Coleman also served as Vice President and Director of Engineering Services for ManTech International. During his tenure at ManTech, he was responsible for direct contract PNL and PNL associated with ManTech’s, remote security monitoring services and data center hosting services. In addition, Chris was responsible for ManTech IS&T's Divisional IT services and operations, and a subset of ManTech International’s IR&D. He also managed the NetWitness product development team, developed the initial architecture for moving from pure technology into a commercially viable product, defined the business case for developing a sales team and conceived the spin out of the technology and product team from ManTech International.    About Michelle Moskowitz       Michell Moskowitz is Vice President of Business Development & Chief of Staff at Sublime Communications. In her previous lives, she spun up the New Media Division for Lifetime network as well as working with numerous cybsecurity startups.   With a career spent swimming in the waters of digital marketing and consulting Michelle has somehow found the time to also be a journalist at the Greenwich Sentinel.   Michell will be joining us as a recurring co-host to bring additional perspective to the important role that communication plays in a world that grows increasingly technical.   About Matt Stephenson       Insecurity Podcast host Matt Stephenson (@packmatt73) leads the broadcast media team at Cylance, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecurity podcast and video series at events around the globe.   Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Stephenson to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come   Every week on the InSecurity Podcast, Matt interviews leading authorities in the security industry to gain an expert perspective on topics including risk management, security control friction, compliance issues, and building a culture of security. Each episode provides relevant insights for security practitioners and business leaders working to improve their organization’s security posture and bottom line.   Can’t get enough of Insecurity? You can find us at ThreatVector InSecurity Podcasts, Apple Podcasts and GooglePlay as well as Spotify, Stitcher, SoundCloud, I Heart Radio and wherever you get your podcasts!   Make sure you Subscribe, Rate and Review!

  Be formless… shapeless like water. Now you put water in a cup, it becomes the cup. You put water in a bottle, it becomes the bottle… you put water in a teapot, it becomes the teapot. Now water can flow or it can crash… Be water my friend.”  -- Bruce Lee   According to our friends at the International Labour Organization (ILO) the COVID-19 pandemic will wipe out 6.7 percent of working hours in the second quarter of this year. To put that in perspective, that is the equivalent of 195 million full-time workers. Huge losses are expected across different income groups, especially in upper-middle income countries (7.0%, 100 million full-time workers)   Fear not though… we’re not here to just lay a bunch of bad news on you! We want to show what ingenuity and adaptability can do for a company, for their personnel and for the the rest of us as well.   Textiles company American Roots converted its facility to produce medical supplies.   LVMH Group has turned its perfurmery brands, including Dior, Givency and Bulgair, into hand sanitizer manufacturers.   Tito’s Vodka converted production facilities to make hand sanitizer. Thanks to the combination of their attitude and ingenuity, they now have the ability and capacity to manufacture over 60 tons a week.   What is corporate leadership doing to adapt to and overcome a situation that has shown devastating consequences?   On this episode of InSecurity, Matt Stephenson welcomes new co-host Michelle Moskowitz for a chat with Forcepoint CMO Matt Preschern. With the ongoing COVID-19 pandemic affecting us all, we learn how Forcepoint adapted quickly to get the most out of their 2800 employees and give them the opportunity to adapt in order to help their customers and themselves. How can companies help themselves in order to help others? Check it out..   About Matt Preschern     Matt Preschern (@mattpreschern) is the chief marketing officer for Forcepoint. He leads the company’s global marketing organization that includes brand management, corporate communications, events marketing, digital and web marketing, revenue and field marketing, and sales enablement. He joined Forcepoint in January 2019. Preschern is a veteran technology marketing leader with more than 25 years of experience in brand, digital marketing, demand generation and revenue management, customer experience, and corporate communications. Previously, Matt was senior vice president of marketing at CA Technologies where he was responsible for the development and execution of global, regional and partner marketing programs across all businesses. He has also served as the CMO of HCL Technologies where he led the effort to substantially increase HCL’s brand recognition as a digital solutions, IT services and technology consulting company and supported its rapid, multi-billion dollar growth. He also served as the Enterprise CMO of Windstream Communications. Early in his career, he held numerous vice president roles at IBM across marketing strategy and performance marketing and played an integral part in launching IBM’s Smarter Planet initiative. Matt is an award-winning marketer, having been named among the top 20 most influential CMOs by Forbes and recognized for his success in driving marketing innovation by the CMO Club.   About Michelle Moskowitz     Michell Moskowitz is Vice President of Business Development & Chief of Staff at Sublime Communications. In her previous lives, she spun up the New Media Division for Lifetime network as well as working with numerous cybsecurity startups.   With a career spent swimming in the waters of digital marketing and consulting Michelle has somehow found the time to also be a journalist at the Greenwich Sentinel.   Michell will be joining us as a recurring co-host to bring additional perspective to the important role that communication plays in a world that grows increasingly technical.   About Matt Stephenson       Insecurity Podcast host Matt Stephenson (@packmatt73) leads the broadcast media team at Cylance, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecurity podcast and video series at events around the globe.   Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Stephenson to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come   Every week on the InSecurity Podcast, Matt interviews leading authorities in the security industry to gain an expert perspective on topics including risk management, security control friction, compliance issues, and building a culture of security. Each episode provides relevant insights for security practitioners and business leaders working to improve their organization’s security posture and bottom line.   Can’t get enough of Insecurity? You can find us at ThreatVector InSecurity Podcasts, Apple Podcasts and GooglePlay as well as Spotify, Stitcher, SoundCloud, I Heart Radio and wherever you get your podcasts!   Make sure you Subscribe, Rate and Review!

      Sometimes the best person to teach kids about online safety… is a fat orange cat who loves lasagna… and his friends. Well... he loves his friends, but let's be real... he loves lasagna more   The Center for Cyber Safety and Education, formerly the (ISC)² Foundation, is a global non-profit charity formed in 2011 as a conduit to reach society and empower students, teachers, parents and the general public to secure their online life with award winning cyber safety education and awareness programs in the community. They hold the exclusive global rights to Garfield to teach young children how to be safe and secure online.   Pat Craven is far too selfless to spend any time telling you what he does, so we’re going to do that for him. He and his team have spent nearly a decade helping to educate children, parents, seniors and cybersecurity professionals on the things they can do to protect themselves and their loved ones safe online.   On this episode of InSecurity, Matt Stephenson talks with Pat Craven of the Center for Cyber Safety Education about the work they are doing to provide teachers, parents and seniors with the tools they need to keep themselves and their children safe online. Did we mention that Garfield (yes that Garfield) and his friends are helping out too?   About Pat Craven     Pat Craven (@cravenpat) is the Executive Director of the Center for Cyber Safety and Education. In his prior lives he has served as the Regional Executive Director of Pinellas County / Chief Development Officer Big Brothers Big Sisters of Tampa Bay.   Pat also was the Vice President of Development for the Vietnam Veterans Memorial Fund in Washington DC.   Prior to that, Pat spent 24 years with Boy Scouts of America in various capacities.   We think it is fair to say that Pat Craven has spent his entire career putting in work to help pretty much anyone besides himself. If you need someone to help you help someone else… Pat Craven is your man. Like we said… he would never tell you this stuff, but we thought you should know.   About The Center for Cyber Safety and Education       The nonprofit Center for Cyber Safety and Education (@ISC2Cares) was founded in 2011 with the purpose of empowering students, teachers and whole communities to secure their online life through cyber safety education and awareness. They achieve this goal by providing Safe and Secure Online educational program, college scholarships and industry research.   Their educational content was developed by the Center along with members of (ISC)², the top cyber security professionals in the world. With their knowledge, the Center turned to legendary cartoonist Jim Davis to bring it all to life, using everyone’s favorite cat, Garfield. The first series of Garfield’s Cyber Safety Adventures tackles issues such as Privacy, Safe Posting, and Cyberbullying. This program is perfect for elementary education and is currently in 14 countries.    In addition, the Center provides educational materials for parents and seniors to grow their knowledge about the dangers of the internet and ensure our mission of making the cyber world a safer place for everyone.   Learn more about their programs at www.iamcybersafe.org   About Matt Stephenson     Insecurity Podcast host Matt Stephenson (@packmatt73) leads the broadcast media team at Cylance, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecurity podcast and video series at events around the globe.   Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Stephenson to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come   Every week on the InSecurity Podcast, Matt interviews leading authorities in the security industry to gain an expert perspective on topics including risk management, security control friction, compliance issues, and building a culture of security. Each episode provides relevant insights for security practitioners and business leaders working to improve their organization’s security posture and bottom line.   Can’t get enough of Insecurity? You can find us at ThreatVector InSecurity Podcasts, Apple Podcasts and GooglePlay as well as Spotify, Stitcher, SoundCloud, I Heart Radio and wherever you get your podcasts!   Make sure you Subscribe, Rate and Review!

Decade of the RATs: Novel APT Attacks Targeting Linux, Windows & Android       BlackBerry researchers have released a new report that examines how five related APT groups operating in the interest of the Chinese government have systematically targeted Linux servers, Windows systems and Android mobile devices while remaining undetected for nearly a decade.   The report comes on the heels of the U.S. Department of Justice announcing several high-profile indictments from over 1,000 open FBI investigations into economic espionage as part of the DOJ’s China Initiative.   The BlackBerry report, titled Decade of the RATs: Cross-Platform APT Espionage Attacks Targeting Linux, Windows and Android, examines how APTs have leveraged the “always on, always available” nature of Linux servers to establish a “beachhead” for operations. Given the profile of the five APT groups involved and the duration of the attacks, it is likely the number of impacted organizations is significant.   On this bonus episode of InSecurity, Matt Stephenson takes a deep dive into the world of Espionage Attacks Targeting Linux Windows & Android. He welcomes BlackBerry Director of Sales Engineering Sara Löfgren and Director of Threat Research Kevin Livelli. The research paints a picture of an espionage effort targeting the backbone of large organizations’ network infrastructure. This isn’t a sales pitch or a product demonstration. This is straight up, deep dive research.   About Sara Löfgren     Sara Löfgren is the Channel Sales Engineering Manager at Cylance. She has been working in computer security for over a decade, with focus on solving enterprise security problems through the union of technology, people, and processes. Besides malware, her other main areas of interest include privacy, cryptography, and technology regulations.   About Kevin Livelli       Kevin Livelli is a Director of Threat Intelligence at Cylance, where he conducts long-term, complex investigations with the Research and Intelligence team. His work here follows ten years at 60 Minutes, where his investigative reporting and analysis were recognized with Peabody and Emmy awards. Before that, Livelli supervised investigations at the nation’s largest independent police oversight agency. A graduate of Dartmouth, he earned master's degrees from Trinity College Dublin and Columbia University.   About Matt Stephenson     Insecurity Podcast host Matt Stephenson (@packmatt73) leads the broadcast media team at Cylance, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecurity podcast and video series at events around the globe.   Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Stephenson to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come   Every week on the InSecurity Podcast, Matt interviews leading authorities in the security industry to gain an expert perspective on topics including risk management, security control friction, compliance issues, and building a culture of security. Each episode provides relevant insights for security practitioners and business leaders working to improve their organization’s security posture and bottom line.   Can’t get enough of Insecurity? You can find us at ThreatVector InSecurity Podcasts, Apple Podcasts and GooglePlay as well as Spotify, Stitcher, SoundCloud, I Heart Radio and wherever you get your podcasts!   Make sure you Subscribe, Rate and Review!

Cybersecurity At the Movies: Sneakers     The world isn't run by weapons anymore, or energy or money.   It's run by ones and zeroes, little bits of data. It's all just electrons…   There's a war out there, old friend, a world war… and it's not about who's got the most bullets… It's about who controls the information ...what we see and hear, how we work, what we think.   It's all about the information.    -- Cosmo; Sneakers, 1992   We are stepping WAY out of the box for a technical deep dive examination of one of the great Hacker movies of all time… Sneakers. Maybe the last great techno-thriller before the emergence of the commercial internet… Sneakers features everything you want from a hacker movie… wire tapping, social engineering, a little black book and tech that looks/feels familiar enough that you recognize it, but aren’t quite sure what it actually does.   On this week’s episode, Matt Stephenson takes a technical look at the 1992 classic hacker film Sneakers with people who, in real life, do what the heroes of Sneakers do onscreen. Dr Jessica Barker, Freaky Clown and Death’s Pirate (or… just Dave) have broken into banks, kidnapped executives and, some times, just straight up hacked networks (while wearing White Hats of course)… Let’s sit down with real life experts to see if Hackers got it right!     About Dr Jessica Barker     Dr Jessica Barker (@drjessicabarker) is a leader in the human nature of cybersecurity. She has been named one of the top 20 most influential women in cybersecurity in the UK and awarded as one of the UK’s Tech Women 50. She is Co-Founder and Co-Chief Executive Officer of Cygenta, where she positively influences cybersecurity awareness, behaviors and culture in organizations around the world.   Dr Barker is a popular keynote speaker and shares her expertise in the media, for example on BBC News, Sky News, Channel 4 News and in Grazia magazine and the Sunday Times. She is Chair of ClubCISO, a peer-based members forum of over 300 information security leaders. In the last year, Dr Barker has given cybersecurity outreach sessions to over 5,000 school students.   Jessica’s new book Confident Cyber Security is coming in 2020, published by Kogan Page.     About Freaky Clown     Freaky Clown (@_Freakyclown_) is a well-known ethical hacker and social engineer. He has been working in the infosec field for over 20 years and excels at circumventing access controls. He has held positions in his career such as Senior Penetration Tester as well as Head of Social Engineering and Physical Assessments for renowned penetration companies. As Head of Cyber Research for Raytheon Missile Systems, and having worked closely alongside intelligence agencies, he has cemented both his skillset and knowledge as well as helped steer governments take correct courses of action against national threats. As an ethical hacker and social engineer, FC ‘breaks into’ hundreds of banks, offices and government facilities in the UK and Europe. His work demonstrating weaknesses in physical, personnel and digital controls assists organisations to improve their security. He is motivated by a drive to make individuals, organisations and countries more secure and better- able to defend themselves from malicious attack. Now Co-Founder and Head of Ethical Hacking at Cygenta Ltd, he continues to perform valuable research into vulnerabilities. His client list involves major high-street banks in the UK and Europe, FTSE100 companies and multiple government agencies and security forces.   About Death’s Pirate… okay… it’s Dave Mound   Dave Mound (@DeathsPirate) is an Experienced Cyber Security Researcher with a demonstrated history of working in the Computer &Network Security industry along with threat intelligence. He’s done a lot of work in Penetration Testing, Reverse Engineering, Agile Methodologies, Computer Forensics, Red Teaming and Threat Intelligence… and… he looks good in a white suit and turtleneck     About Matt Stephenson     Insecurity Podcast host Matt Stephenson (@packmatt73) leads the broadcast media team at Cylance, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecurity podcast and video series at events around the globe.   Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Stephenson to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come   Every week on the InSecurity Podcast, Matt interviews leading authorities in the security industry to gain an expert perspective on topics including risk management, security control friction, compliance issues, and building a culture of security. Each episode provides relevant insights for security practitioners and business leaders working to improve their organization’s security posture and bottom line.   Can’t get enough of Insecurity? You can find us at ThreatVector InSecurity Podcasts, Apple Podcasts and GooglePlay as well as Spotify, Stitcher, SoundCloud, I Heart Radio and wherever you get your podcasts!   Make sure you Subscribe, Rate and Review!

Ron Ross: Bringing the NIST Framework Home     “If you do good software development, most of our security problems will go away because all of the nagging vulnerabilities that we see in software — a lot of those are attributed to people not using secure coding techniques and things we should be doing,”  -- Ron Ross   Things are changing at such a rapid pace, it’s hard to keep pace with what used to work, what is working and what we can count on working when we log in tomorrow.   It’s almost like we need to count on some kind of established framework to use as a guideline.   While this episode of InSecurity touches on the impact of COVID19 on the global workforce, it’s not yet another blog or podcast about the same thing. We talk with NIST Fellow Ron Ross about the future of work, healthcare and the IT industry writ large.   This week on Insecurity, Matt Stephenson welcomes Cybersecurity legend Dr Ron Ross about… well… lots of things. We talk about the quick transition of the world’s workforce from on prem to telework as well as his recent move from leading FISMA at NIST to their newly created DevSecOps and why that matters now more than ever   About Ron Ross     Ron Ross (@ronrossecure) is a Fellow at NIST. His focus areas include cybersecurity, systems security engineering, cyber resiliency, security architecture, privacy, and risk management. Dr. Ross leads the FISMA Implementation Project and the Systems Security Engineering Initiative, which includes the development of cybersecurity and privacy standards and guidelines for the federal government, contractors, and the U.S. critical infrastructure. Dr. Ross also leads the Joint Task Force, a partnership with the Department of Defense, Office of the Director National Intelligence, U.S. Intelligence Community, and the Committee on National Security Systems, with responsibility for the development of the Unified Information Security Framework for the federal government and its contractors. Dr. Ross previously served as the Director of the National Information Assurance Partnership, a joint activity of NIST and the National Security Agency. Dr. Ross also supports the U.S. State Department in the international outreach program for cybersecurity and critical infrastructure protection. A graduate of the United States Military Academy at West Point, Dr. Ross served in many leadership and technical positions during his twenty-year career in the United States Army. He is a five-time recipient of the Federal 100 award for his leadership and technical contributions to critical cybersecurity projects affecting the federal government and is a recipient of the Presidential Rank Award. Dr. Ross has also received the Department of Commerce Gold and Silver Medal Awards and has been inducted into the National Cyber Security Hall of Fame. In addition, Dr. Ross has been inducted into the Information Systems Security Association Hall of Fame and given its highest honor of Distinguished Fellow. During his military career, Dr. Ross served as a White House aide and a senior technical advisor to the Department of the Army. He holds a Bachelors degree in Engineering from the U.S. Military Academy and Masters and Ph.D. degrees in Computer Science from the Naval Postgraduate School specializing in artificial intelligence and robotics.    About Matt Stephenson       Insecurity Podcast host Matt Stephenson (@packmatt73) leads the broadcast media team at Cylance, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecurity podcast and video series at events around the globe.   Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Stephenson to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come   Every week on the InSecurity Podcast, Matt interviews leading authorities in the security industry to gain an expert perspective on topics including risk management, security control friction, compliance issues, and building a culture of security. Each episode provides relevant insights for security practitioners and business leaders working to improve their organization’s security posture and bottom line.   Can’t get enough of Insecurity? You can find us at ThreatVector InSecurity Podcasts, Apple Podcasts and GooglePlay as well as Spotify, Stitcher, SoundCloud, I Heart Radio and wherever you get your podcasts!   Make sure you Subscribe, Rate and Review!

This is the true story, of 2 security professionals and their kids, living in house in the northern Midwest, now sequestered becaue of a global health crisis. Find out what happens, when Cybersecurity professionals stop being polite, and start getting real… The Real World… Stay Home Order Edition!   Any comic book readers out there? Who’s familiar with the Marvel family? Shazam family? Shazamily?   How about Reed & Sue Richards? The Fantastic Four? Mister Fantastc and the Invisible woman? Not sure if that one is appropriate because Sara is definitely not invisible… but Tom is definitely Fantastic   The point is… what happens in house run by pair of superho level cybersecurity professionals in the age of COVID19?   Oh… and did we mention they also own a livestock farm? Cows and horses and lots of other things?   How does a family already swimming in the world of Cybersecurity deal with working from home during the era of COVID19   This week on Insecurity, Matt Stephenson speaks with Sara and Tom Löfgren, a married couple, both elite cybersecurity professionals… who find themselves (along with the rest of us) in a quarantine situation. Is it different for security pros to bring it all in house? How do you balance co-workers, clients, kids and livestock… oh yeah… and still be a person?     About The Löfgren (that’s grammatically accurate if you are Swedish)   They have been raising baby chickens in their bathtub (Sara’s idea). They have somewhere around 4 kids and an estimated 50 horses but can't really keep count because they don't hold still.  Sara’s cow's name is either Coco or Norman depending on who you ask.     About Sara Löfgren     Sara Löfgren is the Channel Sales Engineering Manager at Cylance. She has been working in computer security for nearly 20 years with a focus on solving enterprise security problems through the union of technology, people, and processes.   Besides malware, her other main areas of interest include privacy, cryptography, and technology regulations. Sara lives in Minnesota with 4 kids, 2 dogs, a cat, and many rescue horses.   Oh… her husband Tom… we’re pretty sure he’s around too.   About Tom Löfgren     Tom Löfgren is a Sales Engineer at Ionic Security. He’s really good at securing Linux and encryption.   Because he is really good at security, privacy and encryption… we don’t know much about him other than the kids, the dogs, cat and rescure horses… and Sara.   According to Sara, Tom plays hockey and has eaten surstromming voluntarily.  He has a map of Ikea in  his head and thinks it's normal when people eat pasta with ketchup on it (again… according to Sara… because Tom is really good at security and privacy, so we are going to have to take her word for it).   About Matt Stephenson     Insecurity Podcast host Matt Stephenson (@packmatt73) leads the broadcast media team at Cylance, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecurity podcast and video series at events around the globe.   Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Stephenson to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come   Every week on the InSecurity Podcast, Matt interviews leading authorities in the security industry to gain an expert perspective on topics including risk management, security control friction, compliance issues, and building a culture of security. Each episode provides relevant insights for security practitioners and business leaders working to improve their organization’s security posture and bottom line.   Can’t get enough of Insecurity? You can find us at ThreatVector InSecurity Podcasts, Apple Podcasts and GooglePlay as well as Spotify, Stitcher, SoundCloud, I Heart Radio and wherever you get your podcasts!   Make sure you Subscribe, Rate and Review!

Theresa Payton & Doug Citizen: Who Do You Trust?     The 2016 Oxford Dictionary word of the year was post-truth   2017 Term of the Year by the Collins English Dictionary was Fake News   Has it really been nearly 15 years since Stephen Colbert brought truthiness into our lives?   It used to be, everyone was entitled to their own opinion, but not their own facts. But that's not the case anymore. Facts matter not at all. Perception is everything. It's certainty.   -- Stephen Colbert; AV Club, 01.25.06   Only in today's modern age can you hate your neighbor but love someone posting something in Germany that you don't even know  -- Clint Watts; 07.15.08   Distorting the truth is not just about elections it’s a global issue. It’s a war against our minds. Making us not know who or what to believe… manipulating us to create a vacuum and make you not trust reputable sources of information. It’s about all social issues. It impacts all countries. The motivations behind it are not what you think and will surprise and shock you.   Reporters and overall traditional news media are at risk… Let’s talk about why…   Elections are at risk… Let’s talk about why…   Let’s see if we can help you get learned up on spotting manipulation campaigns and how to report them.   And… not for nothin… how can we help you avoid being a victim of one?   This week on InSecurity, Matt Stephenson welcomes 3 time defending champion Fortalice CEO and former White House CIO Theresa Payton back to the show. We add a wrinkle this week by inviting Dough Citizen… an undisclosed “regular person” who is a small business owner, voter and someone who genuinely cares about the present & future of his country. This isn’t about politics, this is about the mechanics of elections & government. Don’t get it twisted… this is more important than ever   About Theresa Payton     Theresa Payton (@TrackerPayton) is President and CEO of Fortalice Solutions, former White House CIO, star of the CBS hit show Hunted, and best-selling author of the book Privacy in the Age of Big Data.   Payton is one of the nation’s most respected authorities on information security, cybercrime, fraud mitigation, and security technology implementation.   As White House Chief Information Officer at the Executive Office of the President from 2006 to 2008, Payton administered the information technology enterprise for the President and 3,000 staff members.   Theresa founded Fortalice in 2008 and lends her expertise to government and private sector organizations to help them improve their information technology systems. In 2010, Security Magazine named her one of the top 25 "Most Influential People in Security."   Theresa’s new book drops in April.     Manipulated: Inside the Cyberwar to Hijack Elections and Distort the Truth   In her new book, cybersecurity expert Theresa Payton tells battlefront stories from the global war being conducted through clicks, swipes, internet access, technical backdoors and massive espionage schemes. She investigates the cyberwarriors who are planning tomorrow’s attacks, weaving a fascinating yet bone-chilling tale of Artificial Intelligent mutations carrying out attacks without human intervention, “deepfake” videos that look real to the naked eye, and chatbots that beget other chatbots. Finally, Payton offers readers telltale signs that their most fundamental beliefs are being meddled with and actions they can take or demand that corporations and elected officials must take before it is too late. In the book, Theresa reveals: How digital voting machines, voting online, and automatic registration may boost turnout but make us more vulnerable to cyberattacks. How trolls from Russia and other nations actively stroke discord among Americans in falsely-generated controversies over race relations, vaccinations, fracking, and other social issues. Whether what we have uncovered from the Mueller investigation so far is only what they wanted us to know.   About Doug Citizen     Doug is a small business owner in a municipality smaller than Tokyo by with more than 10 occupants. He lives in a town somewhere between the Atlantic and Pacific oceans and somewhere between the borders of Canada and Mexico. He represents 330,000,000 people in the conversation.   He cares. That’s what is important. Respect his security and privacy.   About Matt Stephenson     Insecurity Podcast host Matt Stephenson (@packmatt73) leads the broadcast media team at Cylance, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecurity podcast and video series at events around the globe. Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Stephenson to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come Every week on the InSecurity Podcast, Matt interviews leading authorities in the security industry to gain an expert perspective on topics including risk management, security control friction, compliance issues, and building a culture of security. Each episode provides relevant insights for security practitioners and business leaders working to improve their organization’s security posture and bottom line. Can’t get enough of Insecurity? You can find us at ThreatVector InSecurity Podcasts, Apple Podcasts and GooglePlay as well as Spotify, Stitcher, SoundCloud, I Heart Radio and wherever you get your podcasts! Make sure you Subscribe, Rate and Review

Reconnaissance. Target. Weaponize. Paralyze the enemy. Attack.   The enemy always votes for chaos.     “Voting is about our capability to change the way the government works by changing the people who makes the decsions. Voting is our capability to have a peaceful transfer of power. If you don’t have that, the alternatives are revolutions.”    -- Harri Hursti, Kill Chain: The Cyber War on America's Elections   If you don’t want to know how easy it is for a canny individual—or a malicious state actor—to hack into the electronic voting technology used in the U.S., don’t watch Kill Chain: The Cyber War on America’s Elections.    -- Stephanie Zacharek ; Time, 25 March 2020   This week on InSecurity, Matt Stephenson has a chat with security legend Harri Hursti and Nordic Innovation Labs co-founder Dan Webber about the sad state of affairs regarding the security of United States voting machines. Add in a health crisis that prevents voters from actually going to the polls and you get… what? Tune in and find out!   Make sure to check out the HBO Documentary Kill Chain: The Cyber War on America's Elections for an in-depth look at just how easy it can be to hack the voting process of one of the world’s most important elections. Because this subject is that important, HBO has also made it available for free on YouTube.   About Harri Hursti     Harri Hursti (@harrihursti) is a founding partner at Nordic Innovation Labs. You may know him better as a world-renowned data security expert, internet visionary and serial entrepreneur. He began his career as the prodigy behind the first commercial, public email and online forum system in Scandinavia.   Harri founded his first company at the age of 13 and went on to cofound EUnet-Finland in his mid- 20’s. Today, he continues to innovate and find solutions to the world’s most vexing problems. He is among the world’s leading authority in the areas of election voting security and critical infrastructure and network system security.   Hursti is considered one of the world’s foremost experts on the topic of electronic voting security, having served in all aspects of the industry sector. He is considered an authority on uncovering critical problems in electronic voting systems worldwide. In the last 10 years, Harri has pursued this important area out of a sense of duty.   About Dan Webber     Dan Webber (@SocialDanWebber) is Managing Partner and Chief Innovation Officer at Nordic Innovation Labs. He has served as Chief Information Officer, Security Officer, and Technology Officer for 22 years, 13 of those years in healthcare and biotech, the other 9 in manufacturing, technology and hospitality companies.   Dan advises companies that provide artificial intelligence/machine learning, cyber security, innovation, design, analytics, advanced computing and digital services to large private and public enterprises around the world.   Over the course of his career, Webber designed, implemented, and envisioned the network and system process workflow for the first FDA Approved DNA based sequencing system as Chief Information Officer of Bayer Visible Genetics.   His pharmacogenomic systems supported drug discovery and research activities in the areas of HIV, HCV, HBV, and multiple areas of cancer.   About Kill Chain: The Cyber War on America’s Election     In advance of the 2020 Presidential Election, Kill Chain: The Cyber War on America’s Election stakes a deep dive into the weaknesses of today’s election technology, an issue that is little understood by the public or even lawmakers.   From directors Simon Ardizzone, Russell Michaels and Sarah Teale, the team behind HBO’s 2006 Emmy-nominated documentary Hacking Democracy, Kill Chain again follows Finnish hacker and cyber security expert Harri Hursti as he travels across the U.S. and around the world to show how our election systems remain unprotected, with very little accountability or transparency. Hursti’s eye-opening journey is supplemented by candid interviews with key figures in the election security community, as well as cyber experts and U.S. senators from both parties who are fighting to secure the integrity of the vote before November 2020.   As the film shows, individuals, foreign states and other bad actors can employ a myriad of techniques to gain access to voting systems at any stage – from voter registration databases to actual election results.   Through this lens, seemingly unrelated or uncoordinated security breaches of the recent past can be seen as part of a “kill chain” – a military doctrine to plot meticulous, long-game attacks, understanding that breaking down trust in voting results is the surest way to undermine democracy. As enlightening as it is disturbing, Kill Chain underscores the fragility of our election process and points to the clear solutions available to protect us against sabotage.   About Matt Stephenson       Insecurity Podcast host Matt Stephenson (@packmatt73) leads the broadcast media team at Cylance, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecurity podcast and video series at events around the globe.   Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Stephenson to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come   Every week on the InSecurity Podcast, Matt interviews leading authorities in the security industry to gain an expert perspective on topics including risk management, security control friction, compliance issues, and building a culture of security. Each episode provides relevant insights for security practitioners and business leaders working to improve their organization’s security posture and bottom line.   Can’t get enough of Insecurity? You can find us at ThreatVector InSecurity Podcasts, Apple Podcasts and GooglePlay as well as Spotify, Stitcher, SoundCloud, I Heart Radio and wherever you get your podcasts!   Make sure you Subscribe, Rate and Review!

Alex Willis & Zach Beimes: Securely Enable Remote Workers     Anything new going on in your professional life recently?   Anybody making the move from an office to your house?   The good news is… you’re not alone   Well… I mean you are… but… we’re here with you   Without being… you know what I mean   Let’s take aå look at just how not alone-while-alone we all our   From our friends at Global Workplace Analytics 56% of employees have a job where at least some of what they do could be done remotely Only 3.6% of the workforce currently work-at-home half-time or more 80% of employees want to work from home at least some of the time   The BILLION dollar question is… How many people will become remote workers after the dust settles on Covid-19?   Matt Stephenson Zooms in for a chat with serial enterpreneur Zach Beimes and BlackBerry VP of Sales Engineering Alex Willis for a chat about what all is involved in sending your ENTIRE WORKFORCE home. Are they ready for it? Do the have access to the VPN? Do their kids play Fortnite on their work machines? Dig it…   About Zach Beimes     Zach Beimes is an entrepreneur, problem solve, technologist, humanist… and mountain climber. Seriously… He’s climbed the highest peaks in 41 states and Washingtong DC & Puerto Rico in these United States.   And when we say that he’s never had “a job” that is real. All of the companies he has worked for are companies he has started.   About Alex Willis     Alex Willis is a Vice President of Sales Engineering & ISV Partners at BlackBerry where he is r esponsible for the overall direction and management of Technical pre-sales, Technical Channel Management and Technical Account Management, customer success and ISV partnerships globally including Enterprise, Regional, Channels & Partners   About Matt Stephenson     Insecurity Podcast host Matt Stephenson (@packmatt73) leads the broadcast media team at Cylance, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecurity podcast and video series at events around the globe.   Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Stephenson to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come   Every week on the InSecurity Podcast, Matt interviews leading authorities in the security industry to gain an expert perspective on topics including risk management, security control friction, compliance issues, and building a culture of security. Each episode provides relevant insights for security practitioners and business leaders working to improve their organization’s security posture and bottom line.   Can’t get enough of Insecurity? You can find us at ThreatVector InSecurity Podcasts, Apple Podcasts and GooglePlay as well as Spotify, Stitcher, SoundCloud, I Heart Radio and wherever you get your podcasts!   Make sure you Subscribe, Rate and Review!

    The BlackBerry Cylance 2020 Threat Report contains a broad range of topics vital to the interests of anyone with a computer. The report is drivey by veterans of the security industry from BlackBerry and Cylance.   The goal of the report is to make security information, predictions, and lessons learned accessible to everyone, regardless of role or title.   The 2020 Threat Report examines 2019’s major security breaches and considers recent advancements that may prevent past mistakes from repeating. We have gathered some of the researchers for a discussion about what went into the report… and what you can get out of it.   This special episode of InSecurity takes a look at the cybersecurity threats of 2019 through a conversation with Threat Researchers Ebudo Osime, Anuj Soni & Tom Bonner. We examine BlackBerry Cylance’s research on all things cybersecurity for the prior year in order to get a handle on the coming years. We’re not selling products… we’re putting our experts to work to analyze the prior year in order to see what might be coming…   About Ebudo Osime     Ebudo Osime is a Threat Intelligence Analyst at BlackBerry. She is a threat intelligence advocate, threat hunter, researcher and an engineer with over 4 years in security.   She has previously worked in IT Project Management, IT Consulting with Ernst and Young, Network and Security Operations.   Ebudo Received her GIAC certification in Threat Intelligence and holds a Masters in Electronic Systems Engineering with a specialization in creating secure protocols for detecting denial of service attacks in IoT networks.   About Anuj Soni     Anuj Soni (@asoni) is a Senior Threat Researcher at BlackBerry Cylance. In addition to his corporate work, he is a SANS Certified instructor. Anuj has over 15 years of experience in the world of cybersecurity including previous stops at Booz Allen Hamilton where he worked as an Incident Response & Malware/Forensic Analyst   About Tom Bonner     Tom Bonner (@thomas_bonner) is a Director of Threat Research: BlackBerry Cylance. With over 18 years of experience in the security industry, including stops at HP Enterprise, Promon AS and Norman Shark… Tom helped design the block, build the block and has definitely been around the Cybersecurity block    About Matt Stephenson     Insecurity Podcast host Matt Stephenson (@packmatt73) leads the broadcast media team at Cylance, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecurity podcast and video series at events around the globe.   Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Stephenson to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come   Every week on the InSecurity Podcast, Matt interviews leading authorities in the security industry to gain an expert perspective on topics including risk management, security control friction, compliance issues, and building a culture of security. Each episode provides relevant insights for security practitioners and business leaders working to improve their organization’s security posture and bottom line.   Can’t get enough of Insecurity? You can find us at ThreatVector InSecurity Podcasts, Apple Podcasts and GooglePlay as well as Spotify, Stitcher, SoundCloud, I Heart Radio and wherever you get your podcasts!   Make sure you Subscribe, Rate and Review!

Women in Cybersecurity: Perspectives on The New Normal     Science is not a boy's game, it's not a girl's game. It's everyone's game. It's about where we are and where we're going. Space travel benefits us here on Earth. And we ain't stopped yet. There's more exploration to come    -- Nichelle Nichols   Tennis legend Serena Williams was once asked by a reporter about being considered “one of the greatest female athletes of all time,”   She replied: “I prefer the words ‘one of the greatest athletes of all time."   That made news for a week, which is embarrassing given the fact that Venus has more titles than Michael Jordan, Michael Schumacher and Cristiano Ronaldo… combined.   How bout we just round up the some of the top people in the field for a discussion on what is happening in this crazy world right now? Sound good? Good.   This week on Insecurity, Matt Stephenson speaks with an All-Star Cybersecurity panel of experts including Dr Jessica Barker, Cheryl Biswas, Sherri Davidoff & Theresa Payton. With COVID19 changing everything from industry conferences to the US Presidential Election process, what role does cybersecurity play in The New Normal and The Next Normal? Check it out…   About Dr Jessica Barker     Dr Jessica Barker (@drjessicabarker) is a leader in the human nature of cybersecurity. She has been named one of the top 20 most influential women in cybersecurity in the UK and awarded as one of the UK’s Tech Women 50. She is Co-Founder and Co-Chief Executive Officer of Cygenta, where she positively influences cybersecurity awareness, behaviors and culture in organizations around the world.   Dr Barker is a popular keynote speaker and shares her expertise in the media, for example on BBC News, Sky News, Channel 4 News and in Grazia magazine and the Sunday Times. She is Chair of ClubCISO, a peer-based members forum of over 300 information security leaders. In the last year, Dr Barker has given cybersecurity outreach sessions to over 5,000 school students.   Jessica’s new book Confident Cyber Security will be released on June 3rd, 2020, published by Kogan Page.   About Cheryl Biswas       Cheryl Biswas (@3ncr1pt3d) is a Strategic Threat Intel Analyst with a major bank in Toronto, Canada. Previously, she worked as a Cybersecurity Consultant with KPMG. Her experience includes strategic analysis of threat actors and campaigns, security audits and assessments, privacy, DRP, project management, vendor management and change management.   Cheryl holds an ITIL certification and has a degree in political science. She is actively involved in the security community as a conference speaker and a volunteer, and encourages women and diversity in infosec as a founding member of the The Diana Initiative.   About Sherri Davidoff     Sherri Davidoff (@sherridavidoff) is the CEO of LMG Security and the author of Data Breaches: Crisis and Opportunity. As a recognized expert in cybersecurity, Davidoff has been called a “security badass” by the New York Times. She has conducted cybersecurity training for many distinguished organizations, including the Department of Defense, the American Bar Association, FFIEC/FDIC and many more.   Sherri is an instructor for Black Hat, and the co-author of Network Forensics: Tracking Hackers through Cyberspace. Davidoff is a GIAC-certified forensic examiner (GCFA) and penetration tester (GPEN), and holds her degree in computer science and electrical engineering from MIT. She has been featured as the protagonist in the book, Breaking and Entering: The Extraordinary Story of a Hacker Called Alien.   About Theresa Payton       Theresa Payton (@TrackerPayton) is President and CEO of Fortalice Solutions, former White House CIO, star of the CBS hit show Hunted, and best-selling author of the book Privacy in the Age of Big Data.   Payton is one of the nation’s most respected authorities on information security, cybercrime, fraud mitigation, and security technology implementation.   As White House Chief Information Officer at the Executive Office of the President from 2006 to 2008, Payton administered the information technology enterprise for the President and 3,000 staff members.   Theresa founded Fortalice in 2008 and lends her expertise to government and private sector organizations to help them improve their information technology systems. In 2010, Security Magazine named her one of the top 25 "Most Influential People in Security."   Theresa’s new book, Manipulated: Inside the Cyberwar to Hijack Elections and Distort the Truth     About Matt Stephenson     Insecurity Podcast host Matt Stephenson (@packmatt73) leads the broadcast media team at Cylance, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecurity podcast and video series at events around the globe.   Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Stephenson to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come   Every week on the InSecurity Podcast, Matt interviews leading authorities in the security industry to gain an expert perspective on topics including risk management, security control friction, compliance issues, and building a culture of security. Each episode provides relevant insights for security practitioners and business leaders working to improve their organization’s security posture and bottom line.   Can’t get enough of Insecurity? You can find us at ThreatVector InSecurity Podcasts, Apple Podcasts and GooglePlay as well as Spotify, Stitcher, SoundCloud, I Heart Radio and wherever you get your podcasts!   Make sure you Subscribe, Rate and Review!

Dr Saif Abed: The Role of Technology in a Global Health Crisis     Coronavirus Cases: 179,223 Active Cases: 93,871 Currently Infected Patients in Mild Condition: 87,714 Serious or Critical: 6,157 Closed: 85,352 Cases which had an outcome: Recovered / Discharged: 78,285 Deaths: 7.067  - 16 March, 2020; worldOmeter     "Containing something as transmissible as COVID-19 means we shouldn't be flocking to a family physician or emergency room at the slightest symptom, because that can exacerbate spread, so remote monitoring could be powerful,"  - Dr Saif Abed, MD; Healthcare IT News, 05 March, 2020     What can the technology that we have already developed due in a time of global crisis such as the one we are facing now with COVID-19? Why not go directly to the experts for more information?     This week on Insecurity, Matt Stephenson speaks with cybersecurity expert Dr Saif Abed, founder of The Abed GrahamGroup, Clinical Cyberdefense Systems and a MEDICAL DOCTOR. If we’re going to speak with someone about what technology can accomplish during a worldwide healthcare crisis, a cybersecurity expert with an MD is a great place to start. Check it out…     About Dr Saif Abed     Dr Saif Abed (@Saif_Abed) is a medical doctor and healthcare cybersecurity/national security expert. He is a recognised subject matter expert within all sub-sectors of healthcare IT with a primary field of specialisation in cyber-warfare and crime targeting public sector healthcare systems. He is currently a Founding Partner and Director of Cybersecurity Services at The Abed Graham Group, Europe's leading exclusively clinically based healthcare cybersecurity consultancy. He is also the CEO of Clinical Cyber Defense Systems, a Boston based cybersecurity analytics company supporting US healthcare providers to derive clinical and business insights from technical security data. He holds additional roles as an independent expert for the European Commission's Horizon 2020 programme with a focus on healthcare and cybersecurity and as an expert for the World Health Organisation's Digital Health Technical Advisory Group. Dr Abed is regularly invited to contribute content and thought leadership for national media outlets, healthcare technology articles and global security events. Additionally, he has previously been recognised as a multiple international award winning and published researcher in the field of oculo-plastic surgery whilst a trainee at St. George's Hospital Medical School, London.   About The AbedGraham Group     The Abed GrahamGroup (@AbedGraham) is a leading, clinically based, European health IT and cybersecurity consultancy that provides advisory services for large technology infrastructure suppliers and government agencies that are involved in, or are responsible for, the digital transformation of healthcare systems. Our consultants are clinically trained as well as being qualified experts in specialist areas such as cybercrime and threat modelling. Selected services including strategic research, policy analysis, bid support, regulatory compliance guidance and project management.     About Clinical Cyber Defense Systems     Clinical Cyber Defense Systems (@CyberClinical) is a US developer of cybersecurity analytics and visualization platforms for healthcare providers. CCDS is headquartered in Boston, Massachusetts and is composed of a team of pioneering physicians, security architects and data scientists.     About Matt Stephenson     Insecurity Podcast host Matt Stephenson (@packmatt73) leads the broadcast media team at Cylance, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecurity podcast and video series at events around the globe.   Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Stephenson to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come   Every week on the InSecurity Podcast, Matt interviews leading authorities in the security industry to gain an expert perspective on topics including risk management, security control friction, compliance issues, and building a culture of security. Each episode provides relevant insights for security practitioners and business leaders working to improve their organization’s security posture and bottom line.   Can’t get enough of Insecurity? You can find us at ThreatVector InSecurity Podcasts, Apple Podcasts and GooglePlay as well as Spotify, Stitcher, SoundCloud, I Heart Radio and wherever you get your podcasts!   Make sure you Subscribe, Rate and Review!

InSecurity Podcast Mixtape Vol IV: RSAC 2020 Edition     Safe to say that RSA 2020 was a unique experience compared to years past. We saw major players withdraw due to concerns about the Coronavirus. For the first time since… who can even remember a couple of industry pillars were no longer around due to being acquired.   It definitely felt like one of those before-and-after kind of events.   Be that as it may… it was a thrilling week with a stellar cast of new players, evolving technologies and industry pillars.   We feel like we could have been there for a month and not learned all there was to discover. The good news is that we had the good fortune to speak with some of the top minds in the industry and some folks who are the future of security. Seriously… we spoke with students who are quite literally the next generation of security   What did we learn? Take a listen and find out for yourself   Sheri Davidoff: Threat Hunting in the Cloud Dr Jessica Barker: Confident Cybersecurity Ted Claypoole: Does AI Have Rights? Theresa Payton: Protecting the Process Alissa Gilbert & Sienna Bates: The Future of Cybersecurity Joseph Menn: Malware Is More Interesting than I Thought Paula Januszkiewicz & Dr Mike Jankowski-Lorek: How a Pentester Makes a Grown Man Cry Cheryl Biswas & Joshua Corman: Hacking Our Way from Vicious-to-Virtuous Cycle     (yes, that is still a MiniDisc)     About Matt Stephenson     Insecurity Podcast host Matt Stephenson (@packmatt73) leads the broadcast media team at Cylance, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecurity podcast and video series at events around the globe.   Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Stephenson to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come   Every week on the InSecurity Podcast, Matt interviews leading authorities in the security industry to gain an expert perspective on topics including risk management, security control friction, compliance issues, and building a culture of security. Each episode provides relevant insights for security practitioners and business leaders working to improve their organization’s security posture and bottom line.   Can’t get enough of Insecurity? You can find us at ThreatVector InSecurity Podcasts, Apple Podcasts and GooglePlay as well as Spotify, Stitcher, SoundCloud, I Heart Radio and wherever you get your podcasts!   Make sure you Subscribe, Rate and Review

How Smart Is Your Car?     The global autonomous vehicle market accounted for US $27.9 billion in 2017.   Forecasters expect a compounded annual growth rate of 41.5% through 2026 which would boost the market to US $615 BILLION   Autonomous vehicle could reach 15% of global light vehicle sales by 2030   This progress toward modern mobility sounds positive, it comes with complexities. Biggie Smalls once said something about dramatic infusions of capital and the subsequent results.   Our friends at the Ponemon Institute did some digging…   84% of automakers and their suppliers aren’t sure cybersecurity practices are keeping pace with evolving technologies 30% of survey respondents do not have an established product cybersecurity program or team 63% test less than half of their hardware, software and other technologies for vulnerabilities.   There’s plenty that the automotive industry can control. But, do you know what steps you can take to avoid the potential damage cyberthreats can cause to your organization? Well… you are in luck because today’s guest on the InSecurity Podcast is someone who knows many of those steps     This week on InSecurity, Matt Stephenson chats with Jeff Davis, Head of Smart Transportation Innovation and Development at BlackBerry about the ever-changing world of connected transportation. It’s not all self-driving cars though. Want to take a deep dive into what is involved in building a smart city? Stick around…     About Jeff Davis     Jeff Davis (@jdavisusmc) is the Head of Smart Transportation Innovation and Development at BlackBerry. In this position, Jeff holds responsibility for the strategic innovation and development of smart transportation markets. He’s developed cybersecurity, mobility and connectivity programs that specifically focus on human interaction with advanced technologies and new concepts.     About Matt Stephenson       Insecurity Podcast host Matt Stephenson (@packmatt73) leads the broadcast media team at BlackBerry Cylance, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecuritypodcast and video series at events around the globe.   Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Stephenson to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come   Every week on the InSecurity Podcast, Matt interviews leading authorities in the security industry to gain an expert perspective on topics including risk management, security control friction, compliance issues, and building a culture of security. Each episode provides relevant insights for security practitioners and business leaders working to improve their organization’s security posture and bottom line.   Can’t get enough of Insecurity? You can find us at ThreatVector InSecurity Podcasts, Apple Podcasts and GooglePlay as well as Spotify, Stitcher, SoundCloud, I Heart Radio and wherever you get your podcasts!   Make sure you Subscribe, Rate and Review!

InSecurity Podcast Mixtape Vol III: CES 2020 Edition     WOW was CES a great big glorious riot of technology, humanity and everything in between. We saw everything from concept air taxis to laser skin care products to vintage video games… and that was just in the elevator of our hotel!   We had the amazing good fortune to meet innovators who are doing some incredible things across the spectrum of technology that is a part of our daily lives   What did we learn? Take a listen and find out for yourself   Derek Dorresteyn: A 200 mph ELECTRIC Superbike? Damon Motorcycles Builds Those Faye Francy: Auto ISAC is Focused on Making Tomorrow’s Vehicles Safe & Secure Eric Hansen: Where Can Blue Prism Go with Robotic Process Automation Rob Catto: Full Sail University Students Putting their Skills to Use Helping Others Jacob Bangsgaard: ERTICO Is Making Mobility Smarter, Safer & Cleaner in Europe Jason Stinson: Renovo Tells Us Your Car Produces 32 TB of Data a Day Ryan Permeh: Leading the AI Journey from Cylance to BlackBerry   (yes, that is still a MiniDisc)   About Matt Stephenson     Insecurity Podcast host Matt Stephenson (@packmatt73) leads the broadcast media team at Cylance, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecurity podcast and video series at events around the globe.   Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Stephenson to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come   Every week on the InSecurity Podcast, Matt interviews leading authorities in the security industry to gain an expert perspective on topics including risk management, security control friction, compliance issues, and building a culture of security. Each episode provides relevant insights for security practitioners and business leaders working to improve their organization’s security posture and bottom line.   Can’t get enough of Insecurity? You can find us at ThreatVector InSecurity Podcasts, Apple Podcasts and GooglePlay as well as Spotify, Stitcher, SoundCloud, I Heart Radio and wherever you get your podcasts!   Make sure you Subscribe, Rate and Review!

Richard Stiennon: Security Yearbook 2020     Security Yearbook 2020 is the story of the people, companies, and events that comprise the history of of the IT security industry. In this inaugural edition, author Richard Stiennon digs into the early history of Symantec, Network Associates, BorderWare, Check Point Software. These iconic names and dozens of other companies contributed to the growth of an industry now is comprised of over 2,000 vendors of security products.  In addition to the history there are stories from industry pioneers such as Gil Shwed CEO and founder of Check Point Software; Chris Blask Co-inventor of Borderware Firewall and Sandra Toms Chief Organizer of the RSA Conference. The directory lists all the vendors alphabetically, by country, and by category, making an invaluable desk reference for students, practitioners, researchers, and investors.   For the first time ever, a complete history of the development of IT security solutions is presented in one place. The focus is on the pioneers in the space and the companies that arose from their efforts. Individual stories from these pioneers are presented in their own voice while the overall story of the space is recounted as it grew from modest beginnings to a $100 billion+ industry with over 2,200 companies.   This week on InSecurity, Matt welcomes Richard Stiennon back to the show. Already a legend in cybersecurity, Richard poured his knowledge and skill into creating the Security Yearbook 2020. Is this THE definitive guide to the ever-evolving and growing Cybsecurity world? Tune in and find out!   If you are coming to the RSA Conference in San Francisco at the end of the month you can find copies all over. Check out Where to Find Stiennon at RSAC 202.   About Richard Stiennon     Richard Stiennon (@stiennon & @cyberwar)played his own part in the IT security industry starting in 1995 at Netrex, one of the first MSSPs. He was a Manager of Technical Risk Services at PricewaterhouseCoopers before being drafted into Gartner in 2000 to cover the network security industry.   He left Gartner in 2004 to join Webroot Software as VP of Threat Research. He has also had roles as Chief Marketing Officer at Fortinet, and Chief Strategy Officer at data erasure company, Blancco Technology Group.   Richard is the author of four books, including Secure Cloud Transformation: The CIO's Journey. He is an aerospace engineer (University of Michigan '82) turned historian (King's College, London, 2014)   About Matt Stephenson     Insecurity Podcast host Matt Stephenson (@packmatt73) leads the broadcast media team at Cylance, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecurity podcast and video series at events around the globe.   Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Stephenson to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come   Every week on the InSecurity Podcast, Matt interviews leading authorities in the security industry to gain an expert perspective on topics including risk management, security control friction, compliance issues, and building a culture of security. Each episode provides relevant insights for security practitioners and business leaders working to improve their organization’s security posture and bottom line.   Can’t get enough of Insecurity? You can find us at ThreatVector InSecurity Podcasts, Apple Podcasts and GooglePlay as well as Spotify, Stitcher, SoundCloud, I Heart Radio and wherever you get your podcasts!   Make sure you Subscribe, Rate and Review!

Kip Boyle: Virtual CISO at Your Service     Are you active on LinkedIn?   Not active like the ones who just say “congratulations on your work anniversary.” We mean active like asking questions, replying to posts and really engaging with your contacts.   There is a lot of great conversation out there that can provide answers to some important questions and contribute to solving problems in your work environment.   One of the things that makes LinkedIn great is that there are sincere people who genuinely want to help, not just their personal connections, but the larger community.   Kip Boyle is one of those people. Some people might find it enough to put in the work as a CISO. Others may stop after publishing their book. Not Kip Boyle. Kip is out there every day engaging fellow security professionals in conversations that spur creative approaches to solving problems.   His latest project is looking into how he can ease the entrance into the world of Cybersecurity. Take a moment to check out Masterclass: How to Break Into Cybersecurity   Matt welcomes Kip Boyle back to InSecurity. Kip is a cybersecurity CEO & author who is also prolific contributor to LinkedIn. We go through some of the more thought provoking conversations Kip has started on LinkedIn over the past year. These are the topics people are discussing. Join us to hear what the person who made the statement or asked the question has to say!   Fire Doesn’t Innovate     The Executive’s Practical Guide to Thriving in the Face of Evolving Cyber Risks   Combating cybercrime is a necessity of doing business in the 21st century. Financial and identity thefts occur with annoying frequency, and no executive today can afford to ignore the damage phishing, malware, and malicious code pose to their company’s future. But, with this invaluable guide, anyone, no matter what their skill level or bandwidth, can become an effective cyber risk manager holds.       About Kip Boyle     Kip Boyle (@KipBoyle) is a 20-year information security expert and is the founder and CEO of Cyber Risk Opportunities. He is a former Chief Information Security Officer for both technology and financial services companies and was a cyber-security consultant at Stanford Research Institute (SRI).   Kip led the global IT risk management program for a $9 billion logistics company and was the Wide Area Network Security Director for the F-22 Raptor program. He has participated in several cybersecurity war game exercises and has worked closely with various government agencies including the FBI.   Boyle is a US Air Force officer and serves on the board of directors of the Domestic Abuse Women’s Network (DAWN). He’s been quoted in Entrepreneur magazine, Chief Executive magazine, and is the co-author of Chapter 68, Outsourcing Security Functions, in The Computer Security Handbook.     About Matt Stephenson     Insecurity Podcast host Matt Stephenson (@packmatt73) leads the broadcast media team at Cylance, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecurity podcast and video series at events around the globe.   Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Stephenson to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come   Every week on the InSecurity Podcast, Matt interviews leading authorities in the security industry to gain an expert perspective on topics including risk management, security control friction, compliance issues, and building a culture of security. Each episode provides relevant insights for security practitioners and business leaders working to improve their organization’s security posture and bottom line.   Can’t get enough of Insecurity? You can find us at ThreatVector InSecurity Podcasts, Apple Podcasts and GooglePlay as well as Spotify, Stitcher, SoundCloud, I Heart Radio and wherever you get your podcasts!   Make sure you Subscribe, Rate and Review!  

Jordan DeVries: Yes. User Exerpience Really Is THAT Important     This… ‘stuff’? Oh… okay. I see. You think this has nothing to do with you.   You go to your closet and you select out, oh I don’t know, that lumpy blue sweater, for instance, because you’re trying to tell the world that you take yourself too seriously to care about what you put on your back. But what you don’t know is that that sweater is not just blue, it’s not turquoise, it’s not lapis, it’s actually cerulean.   You’re also blindly unaware of the fact that in 2002, Oscar de la Renta did a collection of cerulean gowns. And then I think it was Yves St Laurent, wasn’t it, who showed cerulean military jackets? And then cerulean quickly showed up in the collections of eight different designers. Then it filtered down through the department stores and then trickled on down into some tragic “casual corner” where you, no doubt, fished it out of some clearance bin. However, that blue represents millions of dollars and countless jobs and so it’s sort of comical how you think that you’ve made a choice that exempts you from the fashion industry when, in fact, you’re wearing the sweater that was selected for you by the people in this room. From a pile of “stuff.”    -- Miranda Priestly; The Devil Wears Prada, 2006   Think of something in your life that works well. It really works. There are a couple of ways to consider this thing. First: it is simply delightful. Whatever you do with it makes you feel happy… or better… or just some kind of positive emotion toward this thing. It could be a device. It could be your car. It could be an evening out at your favorite restaurant. It could be a lot of things. Second: it just works. It works so well, so consistently, so easily that you really don’t even consider it. It might be a motion sensing light in your kitchen. It might be a stop sign. It might be a lightswitch.   What these things have in common is superior design which leads to gratifying User Experience.   We all have User Experiences in our lives that run the spectrum from surprisingly fun and wonderful to grating and dread-inducing. While many of us enjoy traveling, few of us would consider the queue at TSA to be part of the trip that we look forward to. However, consider the options without the design of airport security and things start to look a little different.   Many of us don’t take the time to consider the surrounding work that is done to ensure that when we use A Thing, we get the most out of our experience. Many of us don’t realize how much research and development goes into creating a smooth, satisfying User Experience. Many of us may not even realize that there are some very special people who are experts at crafting the intersection between creators of A Thing and users of A Thing.   Matt sits down with Jordan Devries, Director of User Experience at Brave UX to discuss what goes into designing a product or service or solution that will provide the maximum positive User Experience. And they might talk about why Legos are the greatest UX ever made. What does this have to do with security? Stick around…   About Jordan DeVries     Jordan DeVries (@theastralj) is the Director of User Experience at Brave UX. With a background in design, animation, code, and content, Jordan guides projects through both information architecture and visual design with a specialization in complex interfaces for desktop, mobile and web.   He did his undergrad work at Carnegie Mellon where he earned a degree in Mechanical Engineering.   Jordan’s teammates at Brave UX consider him a Pop Culture guru and random fact machine. He’s also a bit of a Lego enthusiast… to put it mildly.   About Matt Stephenson       Insecurity Podcast host Matt Stephenson (@packmatt73) leads the broadcast media team at Cylance, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecurity podcast and video series at events around the globe.   Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Stephenson to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come   Every week on the InSecurity Podcast, Matt interviews leading authorities in the security industry to gain an expert perspective on topics including risk management, security control friction, compliance issues, and building a culture of security. Each episode provides relevant insights for security practitioners and business leaders working to improve their organization’s security posture and bottom line.   Can’t get enough of Insecurity? You can find us at ThreatVector InSecurity Podcasts, Apple Podcasts and GooglePlay as well as Spotify, Stitcher, SoundCloud, I Heart Radio and wherever you get your podcasts!   Make sure you Subscribe, Rate and Review!  

InSecurity Podcast Mixtape: The Year that Was: 2019 Volume Two     Did we mention the big year that 2019 was for the InSecurity podcast? It was so good we have ANOTHER mixtape for you to sample!   While we had the great fortune to speak with some of the top technical people who make our industry go, we also took a walk a bit outside the mainstream of what would be considered security or “hacking.”   These folks include authors, media members, CEOs and a bona fide Kung Fu master!   What did we learn? Take a listen and find out for yourself   Theresa Payton: Hacking elections is far more than breaking into voting machines. Joe Menn: Who populated the legendary hacker collective Cult of the Dead Cow? Brian Fanzo: Is AI invading creative spaces like marketing and design? Mimi Chan: What are the roles and opportunities for women in Martial Arts? Clint Watts: Have Advanced Persistent Manipulators have weaponized Social Media? Todd Carmichael: How have experiences in some of the most remote regions of the world affected his life? Bradley Hope: The TRUE story of Jho Low’s multi-billion dollar scheme that brought him to the top of the entertainment and financial worlds   (yes, that is a MiniDisc)   About Matt Stephenson     Insecurity Podcast host Matt Stephenson (@packmatt73) leads the broadcast media team at Cylance, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecurity podcast and video series at events around the globe.   Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Stephenson to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come   Every week on the InSecurity Podcast, Matt interviews leading authorities in the security industry to gain an expert perspective on topics including risk management, security control friction, compliance issues, and building a culture of security. Each episode provides relevant insights for security practitioners and business leaders working to improve their organization’s security posture and bottom line.   Can’t get enough of Insecurity? You can find us at ThreatVector InSecurity Podcasts, Apple Podcasts and GooglePlay as well as Spotify, Stitcher, SoundCloud, I Heart Radio and wherever you get your podcasts!   Make sure you Subscribe, Rate and Review!  

Mixtape: The Year that Was: 2019 Volume One     We had quite a year here on the InSecurity podcast. From the opening bell of the year through RSA and SXSW then onto Hacker Summer Camp before closing out the year in DC with ICIT surrounded by the movers and shakers of cybersecurity in the Federal Government, we have had the enormous good fortune to speak with some of the most interesting people in our industry…   What did we learn? Take a listen and find out for yourself   Kip Boyle: Cybersecurity is a Business Problem, not a Technical Problem… How can companies reconcile the two? Marcus Carey: A young veteran with top security clearance… who faced a job market that knew exactly how much he had been paid… what now? Stephanie Domas: What are the unique issues we face securing medical devices? Greg Silberman: Are Privacy, Secrecy and Security the same thing? John Strand: What Security buzzwords need to be retired? Rob Capps: From Napster to Gnutella to Bit Torrent… How has the revolution started by Napster changed not just music, but the world at large? Kim Crawley: Autism… truths, misconceptions and the need for a diversity of brains in this world Richard Stiennon: Documenting the entirety of the Cybersecurity Industry for the first time   (yes, that is a MiniDisc)   About Matt Stephenson       Insecurity Podcast host Matt Stephenson (@packmatt73) leads the Security Technology team at Cylance, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of InSecurity podcast and video series at events all over the world.   Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Stephenson to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come   Every week on the InSecurity Podcast, Matt interviews leading authorities in the security industry to gain an expert perspective on topics including risk management, security control friction, compliance issues, and building a culture of security. Each episode provides relevant insights for security practitioners and business leaders working to improve their organization’s security posture and bottom line.   Can’t get enough of Insecurity? You can find us at ThreatVector InSecurity Podcasts, Apple Podcasts and GooglePlay as well as Spotify, Stitcher, SoundCloud, I Heart Radio and wherever you get your podcasts!   Make sure you Subscribe, Rate and Review

  If you like global intrigue, financial crime, wealth porn, and absurdity, “Billion Dollar Whale,” by Tom Wright and Bradley Hope, is for you. It’s the story of Jho Low, an enterprising businessman from Malaysia who used his social connections to the country’s former Prime Minister Najib Razak to transform himself into an international financier. According to Wright and Hope’s account, Low persuaded Razak to create an investment fund, 1MDB, financed with government money, which Low managed behind the scenes. Goldman Sachs and other banks helped raise ten billion dollars for the fund. Then approximately five billion dollars of the money disappeared, prompting an international scandal. Sheelah Kolhatkar; September 28, 2018; The New Yorker "I met these guys, and said to my girlfriend Anne, ‘these guys are #@&%ing criminals… this is a #@&%ing scam, anybody who does this has stolen money.‘ You wouldn't spend money you worked for like that." Jordan Belfort; January, 2017; com "I am very pleased to confirm that a landmark comprehensive, global settlement has been reached with the United States government." Jho Low; October, 2019   This week on InSecurity, Matt Stephenson welcomes Pulitzer Prize nominated journalist Bradley Hope for a conversation detailing the mindboggling saga of Jho Low and his jaw dropping tale of theft and debauchery. How do you break into Hollywood, New York society and Global Financial Markets? Having $5 BILLION in purloined money in your pocket certainly helps. Stick around…   About Bradley Hope   Bradley Hope (@bradleyhope) has worked for the Wall Street Journal for the last four years, covering finance and malfeasance from New York City and London.   Before that, he spent six years as a correspondent in the Middle East, where he covered the Arab Spring uprisings from Cairo, Tripoli, Tunis, and Beirut. He was detained by authorities in Bahrain, reported from the front lines of the Libyan civil war, and has been teargassed in raucous Egyptian protests.   Bradley is a Pulitzer finalist and a Loeb winner, and also author of Last Days of the Pharaoh, a chronicle of the final days and hours of the presidency of Hosni Mubarak.     “Billion Dollar Whale,” an Absurd Tale of Financial Fraud     The definitive inside account of the 1MDB scandal, a true life thriller about a modern Gatsby who managed to swindle over $5 billion with the aid of Goldman Sachs and others.   Billion Dollar Whalre is an epic tale that exposes the secret nexus of elite wealth, banking, Hollywood, and politics from two award-winning Wall Street Journal reporters.   In 2009, with the dust yet to settle on the financial crisis, a baby-faced, seemingly mild-mannered Wharton grad began setting in motion a fraud of unprecedented gall and magnitude--one that would come to symbolize the next great threat to the global financial system. His name is Jho Low, a man whose behavior was so preposterous he might seem made up.    An epic true-tale of hubris and greed, Billion Dollar Whale reveals how this young social climber pulled off one of the biggest heists in history--right under the nose of the global financial industry. Federal agents who helped unravel Bernie Madoff's Ponzi scheme say the 1MDB affair will become the textbook case of financial fraud in the modern age--and its fallout is already being credited for taking down the prime minister of Malaysia.    For readers of Liar's Poker, Den of Thieves, and Bad Blood, Billion Dollar Whale will become a classic, harrowing parable about finance run amok.    About Matt Stephenson   Insecurity Podcast host Matt Stephenson (@packmatt73) leads the Security Technology team at Cylance, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of InSecurity podcast and video series at events all over the world.   Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Stephenson to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come   Every week on InSecurity, Matt interviews leading authorities in the security industry to gain an expert perspective on topics including risk management, security control friction, compliance issues, and building a culture of security. Each episode provides relevant insights for security practitioners and business leaders working to improve their organization’s security posture and bottom line.   Can’t get enough of Insecurity? You can find us at ThreatVector InSecurity Podcasts, Apple Podcasts and GooglePlay as well as Spotify, Stitcher, SoundCloud, I Heart Radio and wherever you get your podcasts!   Make sure you Subscribe, Rate and Review!

  Blockchain and AI and IoT, OH MY!   “Whereas most technologies tend to automate workers on the periphery doing menial tasks, blockchains automate away the center. Instead of putting the taxi driver out of a job, blockchain puts Uber out of a job and lets the taxi drivers work with the customer directly.”  -- Vitalik Buterin, co-founder Ethereum and Bitcoin Magazine   According to our friends at Proto, IDC Health predicts that blockchain adoption in health care will increase eightfold by 2022. Yet for now, it remains a technology in its infancy, and one recent survey of health care organizations found that only 6% were building blockchain programs and just 3% had pilot programs underway. Nearly two in five weren’t doing anything at all.   “it’s pretty confusing, right?" slick-to-the-touch banker Jared Vennett (Ryan Gosling) asks in voiceover not far into The Big Short. "Does it make you feel bored? Or stupid? Well, it’s supposed to. Wall Street loves to use confusing terms to make you think only they can do what they do. Or even better, for you to just leave them the #@&% alone:  -- Jared Vennett (Ryan Gosling); The Big Short, 2015   Does the cybersecurity industry do that to you?   Do we set up in these vocabulary word protected forts in order to unnerve you to the point that you doing really understand anything other than the fact that ALL YOUR DATA IS AT RISK AND ONLY WE CAN SAVE YOU   What if I told you that there are plainspoken people involved in some of the most esoteric aspects of security who really WANT you to understand what is happening and why some magical technology might provide a better solution   What if she used plain language to explain some very bleeding edge technology?   Spiritus CEO Susan Ramonat joins Matt Stephenson this week to talk about the role of Distributed Ledger Technology and Blockchain in securing healthcare data   About Susan Ramonat Susan Ramonat is the CEO of Spiritus, where she draws upon 25 years of executive experience in enterprise sales, product management, technology strategy, corporate development, operational risk management, and cybersecurity.   She is a strategic ground-breaker with a historical sensibility. In her work, Susan brings an understanding of context, contingency and uncertainty to bear with humility and pragmatism to inform decisions and promote a recognizably human, desirable future.   She speaks frequently at industry conferences and universities about DLT/blockchain, artificial intelligence, IoT and cybersecurity for critical infrastructure. Susan serves on the Dean’s Advisory Council at Loyola University Chicago and is an Industry Associate at UCL Blockchain Centre of Excellence. She is a magna cum laude graduate of Princeton University.   About Spiritus   Spiritus (@SpiritusPtrs) is delivering ground-breaking transparency and analytics about the safety and condition of medical devices at the point of care.   With Spiritus, health systems, manufacturers and 3rd party service providers connect the dots across a medical device's operating life cycle. In a shared middle ground, they agree on a single service history… for life, using multi-party consensus.    Based in Exton, PA with a development center in Edinburgh, Scotland, Spiritus is raising the bar for governance, risk and compliance at leading health systems in the process of digitally-enabling their clinical operations.   About Matt Stephenson   Insecurity Podcast host Matt Stephenson (@packmatt73) leads the Security Technology team at Cylance, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of InSecurity podcast and video series at events all over the world.   Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Stephenson to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come   Every week on InSecurity, Matt interviews leading authorities in the security industry to gain an expert perspective on topics including risk management, security control friction, compliance issues, and building a culture of security. Each episode provides relevant insights for security practitioners and business leaders working to improve their organization’s security posture and bottom line.   Can’t get enough of Insecurity? You can find us at ThreatVector InSecurity Podcasts, Apple Podcasts and GooglePlay as well as Spotify, Stitcher, SoundCloud, I Heart Radio and wherever you get your podcasts!   Make sure you Subscribe, Rate and Review!

“Your most unhappy customers are your greatest source of learning  -- Business @ the Speed of Thought; Bill Gates, 1999   “I think most people either forget or don’t know that Microsoft only hires people with IQs well over 130”  -- NY Times; Douglas Coupland, 1998   Last week, Microsoft Windows turned 34 years old. Next year, it can be President of the United States.   You think that means Microsoft is getting old and losing touch? Maybe… but consider the facts that, as of May 07, 2019, 1.5 BILLION machines run Windows AND… according to Microsoft, over 900 MILLION machines run Windows 10.   Every day, Microsoft analyzes over 6.5 TRILLION signals in order to identify emerging threats and protect customers.   While Microsoft may not be rolling out streaming services or dropping new devices in splashy events every fall, this summer, they quietly became only the third company in world history  to be valued at over ONE TRILLION DOLLARS.   Say what you will about them, but it’s a lot harder to go through a day without Office, Windows and Azure than it is without an iPad, Linux or Amazon   And… don’t even get us started on gaming…   Halo? End of discussion. Steam? As of November 2018, 90% of Steam gaming machines were running Windows 10   There’s a reason Bill Gates overtook Warren Buffet as the world’s wealthiest person.   This week on InSecurity, Matt Stephenson chats with CQURE founder & CEO Paula Januszkiewicz about the security orbit around Microsoft… what are the misconceptions? What is Microsoft doing right? How does security training impact an organization? What is hype and what is legit in security? And a bit more…   About Paula Januszkiewicz   Paula Januszkiewicz (@PaulaCqure) is the founder and CEO of CQURE Inc., a a provider of specialized services in IT infrastructure security, business applications, consulting and advisory services.   She is an IT Security Auditor and Penetration Tester, Cloud and Datacenter Management MVP and trainer (MCT), and Microsoft Security Trusted Advisor.   Paula is also a top speaker at many well-known conferences including TechEd conferences around the world, Microsoft Ignite, RSA, Black Hat USA, and CyberCrime.   She is engaged as a keynote speaker for security related events and writes articles on Windows Security. She drives her own company, CQURE, working on security related issues and projects. Paula has conducted hundreds of IT security audits and penetration tests, some for governmental organizations.   Her distinct specialization is on Microsoft security solutions-she holds multiple Microsoft certifications, and is familiar with and possesses certifications in other related technologies. Paula is passionate about sharing her knowledge with others. In private, she enjoys researching new technologies, which she converts to authored trainings.   Oh… and… Paula has access to the Windows source code!   About CQURE Inc. and CQURE Academy   CQURE  is a provider of specialized services in IT infrastructure security, business applications, consulting and advisory services. Our projects Every project is discussed in detail with Clients. We believe that this is the only way to achieve full satisfaction in IT projects. Our key to success are: highly qualified team and good planning. We build the detailed project schedules, thus avoiding a delay.   CQURE was formed in November 2008 and since that time we finalized many projects: starting from IT, Security Audits, ending up with trainings and implementations. Clients range from the global corporations to small companies. For large and medium companies they offer authorship training packs, intensive IT Security audits for the whole IT environment and solutions adjusted to their needs.   CQURE Academy (@CQUREAcademy) is a part of CQURE company that was formed in 2008 in Poland and since then has expanded to the rest of Europe, the Americas, Middle East and Asia – as well as opening offices in New York and in Dubai.   On a daily basis, they deliver IT services — ranging from IT security audits, to penetration tests or solution implementations in big and small organisations around the world. In CQURE Academy they share our expertise offline at seminars and conferences and online through videos and blog posts.   About Matt Stephenson   Insecurity Podcast host Matt Stephenson (@packmatt73) leads the Security Technology team at Cylance, which puts him in front of crowds, cameras, and microphones all over the world. He is the host of the InSecurity podcast and video series at events all over the world.   Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Stephenson to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come   Every week on InSecurity, Matt interviews leading authorities in the security industry to gain an expert perspective on topics including risk management, security control friction, compliance issues, and building a culture of security. Each episode provides relevant insights for security practitioners and business leaders working to improve their organization’s security posture and bottom line.   Can’t get enough of Insecurity? You can find us at ThreatVector InSecurity Podcasts, Apple Podcasts and GooglePlay as well as Spotify, Stitcher, SoundCloud, I Heart Radio and wherever you get your podcasts!   Make sure you Subscribe, Rate and Review!  

  In the summer of 2017, a group of political activists in the UK figured out how to use Tinder to attract new supporters.   They understood how the platform worked and how its users tended to use the app. Most importantly, they understood how Tinder’s algorithms distributed content, so they built a bot to automate flirty exchanges with real people.   Over time, those flirty conversations turned to politics—and to the strengths of the U.K.’s Labour Party. The bot would take over a Tinder profile owned by a user sympathetic to the Labour party who agreed to the temporary repurposing of the account. The bot then sent roughly 40,000 messages, targeting 18- to 25-year-olds where the Labour candidates were running in tight races. While it is impossible to know if any voters were actually swayed by this campaign, what cannot be denied are the results of the election. In several targeted districts, the Labour Party won in tight races.   As part of their victory celebrations… some of the winners gave Twitter shoutouts to the Tinder election bot.   (This information is courtesy of Philip N. Howard and his article How Political Campaigns Weaponize Social Media Botsfrom IEEE Spectrum; October, 2018)   Here’s the thing though… not all Bots are the same. In fact, not unlike most things in the world, the overwhelming amount of Bots perform important, yet perhaps tedious functions that allow people to focus on high-level assignments that truly support agency missions and outcomes.   However, automation is not solely about offloading mundane tasks from humans. Instead, this type of technology creates an environment in which humans and technology not only collaborate to accelerate workflow processes but also speeds up decision-making.   In this episode of the InSecurity Podcast, Matt Stephenson sits down with Ron Jones, Head of Solutions Architecture at Blue Prism. Ron is a builder of Robotic Process Automation. A mouthful right? You may know them as “Bots” and they are one of the most misunderstood pieces of technology around. Stick around and Ron will help you understand them a little better.   About Ron Jones Ron Jones (@rgjSP) is an experienced leader specializing in enterprise technology strategy and consulting for the public sector.  Ron currently serves North American Public Sector organizations implementing Blue Prism, the world’s most scalable, secure, and proven intelligent automation platform.    About Blue Prism Blue Prism (@blue_prism) pioneered Robotic Process Automation (RPA), emerging as the trusted and secure intelligent automation choice for the Fortune 500 and the public sector. They offer a connected-RPA supported by the Digital Exchange (DX) app store—marrying internal entrepreneurship with the power of crowdsourced innovation. Blue Prism’s connected-RPA can automate and perform mission critical processes, allowing people the freedom to focus on creative, meaningful work. More than 1,500 global customers leverage Blue Prism’s Digital Workforce deployed in the cloud or on premises as well as through the company’s Thoughtonomy SaaS offering, empowering organizations to automate billions of transactions while returning hundreds of millions of hours of work back to the business.   Blue Prism was recently named to Fast Company’s inaugural list of the Best Workplaces for Innovators – an honor achieved by 50 companies. Blue Prism is the only RPA provider and UK-based company to be recognized.   About Matt Stephenson Insecurity Podcast host Matt Stephenson (@packmatt73) leads the Security Technology team at Cylance, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecurity podcast and host of CylanceTV   Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Stephenson to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come   Every week on the InSecurity Podcast, Matt interviews leading authorities in the security industry to gain an expert perspective on topics including risk management, security control friction, compliance issues, and building a culture of security. Each episode provides relevant insights for security practitioners and business leaders working to improve their organization’s security posture and bottom line.   Can’t get enough of Insecurity? You can find us at ThreatVector InSecurity Podcasts, Apple Podcasts and GooglePlay as well as Spotify, Stitcher, SoundCloud, I Heart Radio and wherever you get your podcasts!   Make sure you Subscribe, Rate and Review!  

Brian Haugli: Livin’ La Vida CISO According to our friends at Ponemon… in a 24 month period, a business has a 1 in 4 chance of being hit with a significant threat.   A separate study shows that nearly 75% of businesses do NOT have an established incident response strategy that is applied consistently across their organization.   In a Crisis Situation, the most scarce and precious resource a CISO has is time.   How a CISO implements his or her OODA Loop can make or break a company and a career.   What if you are a Small or Medium business who does not have a traditional C-Suite structure or security team?   What if you are a CISO and all eyes are on you?   Will you be ready?   Are you ready now?   What if we told you that there are companies out there who can help your organization deal with these crisis situations without the process and expense of hiring a full time CISO?   In this episode of the InSecurity Podcast, Matt Stephenson with Side-Channel Security co-founder and former CISO Brian Haugli. Brian has been around the CISO block more times than most and is the host of the #CISOLife series on YouTube. He is leading the charge to bring Enterprise Level CISO talent to mid-market companies in order to protect their business and keep the bad guys out.   About Brian Haugli Brian Haugli (@BrianHaugli) is a Co-Founder and Partner at SideChannel Security. He is also the creator and host of #CISOLife on YouTube. Viewed as a "full stack CISO", he is an executive security leader and mentor focused on building high performance security teams, deploying effective operating models, and delivering risk management capabilities for global, domestic, and local enterprises. Brian has held senior advisory & practitioner roles within DoD, the Intelligence Community and Fortune 1000 companies. He has been recognized as a NIST expert, specifically with the Cyber Security Framework (CSF) and 800-53, and for industrial control systems & operational technologies. Brian is a firm believer that the small & mid-market companies deserve security guidance and realistic capabilities just the same as large organizations.    About SideChannel Security Side Channel Security specializes in consulting organizations who need CISO advice to protect their digital assets. They offer CISO & advisory services to the C suite, their boards, and those accountable for security across their operations or their products.   SideChannel Security has engaged in military operations under the DoD and consulted the largest companies in the world in Big 4 consulting.   About Matt Stephenson     Insecurity Podcast host Matt Stephenson (@packmatt73) leads the Security Technology team at Cylance, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecurity podcast and host of CylanceTV   Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Stephenson to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come   Every week on the InSecurity Podcast, Matt interviews leading authorities in the security industry to gain an expert perspective on topics including risk management, security control friction, compliance issues, and building a culture of security. Each episode provides relevant insights for security practitioners and business leaders working to improve their organization’s security posture and bottom line.   Can’t get enough of Insecurity? You can find us at ThreatVector InSecurity Podcasts, Apple Podcasts and GooglePlay as well as Spotify, Stitcher, SoundCloud, I Heart Radio and wherever you get your podcasts!   Make sure you Subscribe, Rate and Review!  

John McClurg: The Most Interesting Man in Cybersecurity The police often question him just because they find him interesting Mosquitos refuse to bite him purely out of respect In museums, he is allowed to touch the art Once while sailing around the world, he discovered a short cut He has won the lifetime achievement award, twice His business card simply says “I’ll call you”   When you’ve traveled the globe and seen and done it all… what in the cybersecurity world gets you out of bed in the morning? How about taking down legendary hackers like Kevin Poulsen or Harlod James Nicholson? Too ordinary… okay… Imagine your first day as CSO at Dell and it starts in Baghdad. Maybe taking on the Mexican drug cartels with their IT budgets that are comparable to G7 countries… Maybe it’s something like studying the intersection of linguistics, philosophy, religion, law and interpretation… you know… Hermeneutics.   Now… about being the Most Interesting Man in Cybersecurity…   This week on Insecurity, Matt Stephenson sits down with one of those rare, been-there-done-that cybersecurity legends, John McClurg. John has tackeld cybersecurity for the FBI, the CIA, private enterprise and everywhere in between. He’s forgotten more amazing stories about security than most of us will be lucky enough to witness. Pull up a chair and enjoy!   About John McClurg John McClurg is an American security professional. He spent his early career with the US government, serving as both a supervisory special agent and branch chief for the FBI as well as a deputy branch chief for the CIA. In these roles, McClurg was involved in the capturing of both Kevin Poulsen and Harold James Nicholson.   Following his public service, John has served as a vice-president and Chief Security Officer for Lucent, Honeywell, Dell, and currently BlackBerry|Cylance.   About Matt Stephenson   Insecurity Podcast host Matt Stephenson (@packmatt73) leads the Broadcast Media team at BlackBerry, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecurity podcast and host of CylanceTV   Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Matt to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come   Every week on the InSecurity Podcast, Matt interviews leading authorities in the security industry to gain an expert perspective on topics including risk management, security control friction, compliance issues, and building a culture of security. Each episode provides relevant insights for security practitioners and business leaders working to improve their organization’s security posture and bottom line.   Can’t get enough of Insecurity? You can find us at ThreatVector InSecurity Podcasts, Apple Podcasts and GooglePlay as well as Spotify, Stitcher, SoundCloud, I Heart Radio and wherever you get your podcasts!   Make sure you Subscribe, Rate and Review!

Dr Saif Abed: From the ICU to the Data Center; Why an MD in Cybersecurity Makes Sense   I was feelin' so bad, I asked my family doctor just what I had, I said, Doctor… Mr. M.D. … Now can you tell me, tell me, tell me, What's ailin' me?"    --Good Lovin’; The Rascals, 1966     What if I told you that, according to the 2018 Horizon Report from Fortified Health Security, 100 percent of web applications connected to critical health information is vulnerable to cyber attacks.   Varonis tells us that the loss of data and related failures will cost healthcare companies nearly $6 trillion in damages in the next three years.   Meanwhile, ISACA reports that 27% of healthcare firms say they are unable to find candidates to fulfill cybersecurity roles   This week on Insecurity, Matt Stephenson speaks with cybersecurity expert Dr Saif Abed, founder of AbedGraham, Clinical Cyberdefense Systems and a MEDICAL DOCTOR! Why would someone leave the calm world of the ICU for the chaos of securing a data center? Take a walk with Dr Abed to learn about his journey from healing patients in the surgery to keeping patient data safe and protected worldwide.   About Dr Saif Abed   Dr Saif Abed (@Saif_Abed) is a medical doctor and healthcare cybersecurity/national security expert. He is a recognised subject matter expert within all sub-sectors of healthcare IT with a primary field of specialisation in cyber-warfare and crime targeting public sector healthcare systems. He is currently a Founding Partner and Director of Cybersecurity Services at AbedGraham, Europe's leading exclusively clinically based healthcare cybersecurity consultancy. He is also the CEO of Clinical Cyber Defense Systems, a Boston based cybersecurity analytics company supporting US healthcare providers to derive clinical and business insights from technical security data. He holds additional roles as an independent expert for the European Commission's Horizon 2020 programme with a focus on healthcare and cybersecurity and as an expert for the World Health Organisation's Digital Health Technical Advisory Group. Dr Abed is regularly invited to contribute content and thought leadership for national media outlets, healthcare technology articles and global security events. Additionally, he has previously been recognised as a multiple international award winning and published researcher in the field of oculo-plastic surgery whilst a trainee at St. George's Hospital Medical School, London.   About AbedGraham AbedGraham (@AbedGraham) is a leading, clinically based, European health IT and cybersecurity consultancy that provides advisory services for large technology infrastructure suppliers and government agencies that are involved in, or are responsible for, the digital transformation of healthcare systems. Our consultants are clinically trained as well as being qualified experts in specialist areas such as cybercrime and threat modelling. Selected services including strategic research, policy analysis, bid support, regulatory compliance guidance and project management.   About Clinical Cyber Defense Systems Clinical Cyber Defense Systems (@CyberClinical) is a US developer of cybersecurity analytics and visualization platforms for healthcare providers. CCDS is headquartered in Boston, Massachusetts and is composed of a team of pioneering physicians, security architects and data scientists.     About Matt Stephenson     Insecurity Podcast host Matt Stephenson (@packmatt73) leads the Broadcast Media team at BlackBerry, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecurity podcast and host of CylanceTV   Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Matt to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come   Every week on the InSecurity Podcast, Matt interviews leading authorities in the security industry to gain an expert perspective on topics including risk management, security control friction, compliance issues, and building a culture of security. Each episode provides relevant insights for security practitioners and business leaders working to improve their organization’s security posture and bottom line.   Can’t get enough of Insecurity? You can find us at ThreatVector InSecurity Podcasts, Apple Podcasts and GooglePlay as well as Spotify, Stitcher, SoundCloud, I Heart Radio and wherever you get your podcasts!   Make sure you Subscribe, Rate and Review!

El Camino School: Teaching the Future Unsung Heroes of Music   In the IT world, we carry laptops, tablets and phones. Our performance areas include data centers and server rooms. Imagine a world where the creation, maintenance and repair of our most important tools was the most overlooked part of the industry.   Imagine a world where most people actually believed that the talented sales and marketing people… built their own machines and not only kept them running at top optimization, but also did the innovation that created The Next Big Thing.   While there are definitely those types in our industry… the unsung heroes are often the folks down in the trenches of the data center and on the other end of the helpdesk tickets that we open.   In the music world, it is no different. When we see or hear Jack White or Kerry King melting our brains on stage, they are not the only ones responsible for the art they create. There is an entire world of roadies, guitar techs and others who work in anonymity behind the scenes in order to bring a band and performance to life.   Hey… you in the data center… sound familiar?   This week on Insecurity, Matt Stephenson has a chat with John Theisen, founder of El Camino School, a new school in Central Florida that is about not just making music… but making and repairing the things we use to make music. What does this have to do with IT? Any time you hear guitar or amp, swap in laptop and server. Guitar techs are the help desk of the music world!   About El Camino School   El Camino School (@elcaminoschoolusa) is a community-based music school offering a wide variety of courses, lessons, guest lectures and events. One of the main focuses at El Camino School will be trade-based learning, and developing the next generation of touring technicians, but that’s not all. The school’s primary objective is to create a true collaboration with the community and local music industry in order to impart knowledge for those seeking to further their understanding, careers, or hobbies. We also aim to educate current and aspiring musicians on how the music is created before the artists even strike a string. This includes everything under the surface in creating music, from guitar circuitry to the inner workings of a guitar amp or effects pedals. Musicians that understand how it all works are more likely to succeed in their craft. The vision is to bring people together to grow in and around music, within the music. Aside from the technical aspects of music production, El Camino offers Music Therapy, a course that focuses on community building, wellness, and self-empowerment through music. The creation of music, moving to music, and even listening to music can do wonders when dealing with those with cognitive, emotional, and even physical conditions. El Camino School will also be providing music therapy to bridge the gaps between its students and the world around them.   About John Theisen John Theisen is the founder of El Camino School. He is a longtime contributor to the local Orlando music scene, has had a love for music and a high amount of respect for the people that make the show possible behind the scenes. Aside from being a musician, he was a community fundraiser and arts administrator for over a decade. Theisen’s vision was to create a space that helps inspire and empower others through learning. This school is a community space where people can come together and learn from other professionals on their journey to becoming an integral part of a production or some future in music.   Moving to Central Florida in 1999, John attended the University of Central Florida and graduated with a degree in Cinema Studies, Film Theory and Mass Communication. He went on to become Head of Operations at the DMAC (Downtown Media Arts Center) where his passion for working for the greater community was sparked.   When John isn’t founding schools or contributing to the local art and music scene, John is the lead singer and washboard player (!) of the legendary Bloody Jug Band.   About Matt Stephenson Insecurity Podcast host Matt Stephenson (@packmatt73) leads the Broadcast Media team at BlackBerry, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecurity podcast and host of CylanceTV   Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Matt to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come   Every week on the InSecurity Podcast, Matt interviews leading authorities in the security industry to gain an expert perspective on topics including risk management, security control friction, compliance issues, and building a culture of security. Each episode provides relevant insights for security practitioners and business leaders working to improve their organization’s security posture and bottom line.   Can’t get enough of Insecurity? You can find us at ThreatVector InSecurity Podcasts, Apple Podcasts and GooglePlay as well as Spotify, Stitcher, SoundCloud, I Heart Radio and wherever you get your podcasts!   Make sure you Subscribe, Rate and Review!

Haathi Cloth: Hacking the World of Indian Weddings Are you familiar with India?   If not… well… this really isn’t the podcast for you   Here are some things you may or may not be familiar with   There are over 31 Million Non Resident Indians or Persons of Indian Origin living outside of India across the world. Over 7 Million NRIs or PIOs live in the USA, the UK and the Canada.   The Indian wedding market is estimated at $50 billion making it the world’s second-largest, after the $70 billion US market and it is growing at an estimated rate of 20% year over year.   Some would say… the traditional clothing one wears to an Indian wedding, while spectacular… is not that comfortable.   The a Southeast Asian engineer from the Midwestern US met an Indian Entreprenuer from Austin Texas… it was time for a change.   This week on Insecurity, Matt Stephenson sits down with the founders of Haathi Cloth for a discussion about Kurtas and pyjamas. What in the world does this have to do with cybersecurity and technology? Have you ever been in a data center where the pressure is on and it’s hot… like… really hot? Now try going to an Indian wedding in the summer. This was a system ripe for a Blue Team style hack.     About Josh Fu Josh Fu (@jfusecurity), CISM, CISSP, is a Security Engineer for Cylance. Josh has experience as a Channel Manager and consultant in cloud infrastructure and as a Sales Engineer in cybersecurity. Josh founded the West Coast chapter of the International Consortium of Minority Cybersecurity Professionals and has presented in front of industry audiences across the country.   When he isn’t too busy protecting the world from cybercriminals and other miscreants, he finds the inefficiencies in other systems… which leads to the creation of companies like Haathi Cloth.   About Samit Shah   Samit Shah is a serial entrepreneur who can't look at a problem and not try to find a solution. He is currently involved as founder of 3 different companies: Haathi Cloth, Persource and Evolve Energy. These companies are about as far apart on the spectrum of what businesses do that they almost don’t even belong on the same chart. Where they intersect… is at Samit.    About Matt Stephenson   Insecurity Podcast host Matt Stephenson (@packmatt73) leads the Broadcast Media team at BlackBerry, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecurity podcast and host of CylanceTV   Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Matt to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come   Every week on the InSecurity Podcast, Matt interviews leading authorities in the security industry to gain an expert perspective on topics including risk management, security control friction, compliance issues, and building a culture of security. Each episode provides relevant insights for security practitioners and business leaders working to improve their organization’s security posture and bottom line.   Can’t get enough of Insecurity? You can find us at ThreatVector InSecurity Podcasts, Apple Podcasts and GooglePlay as well as Spotify, Stitcher, SoundCloud, I Heart Radio and wherever you get your podcasts!   Make sure you Subscribe, Rate and Review!

Brian Robison: Mobile Malware and APT Espionage Until now, the public’s exposure to mobile phone malware has been dominated by news about the privately run “greyware” vendors, including Gamma Group, Hacking Team and NSO. Their commercial smartphone spyware seems to inevitably end up in the hands of autocrats who use it to hamper free speech, quash dissent, or worse. Consumers of these news stories are often left with the impression that mobile malware is just something paranoid dictators purchase for use within their own borders in luddite countries few people can find on a map. It is not.   In a coming report, BlackBerry Cylance researchers will reveal what the focus on those groups has overshadowed: several governments with well-established cyber capabilities have long ago adapted to, and exploited, the mobile threat landscape for a decade or more. In this context, mobile malware is not a new or niche effort, but a longstanding part of a cross-platform strategy integrated with traditional desktop malware in diverse ways across the geopolitical sphere.   This week on Insecurity, Matt Stephenson has a chat with BlackBerry Cylance Chief Evangelist Brian Robison about the scourge of Mobile Malware and how the threats that come from attacking mobile devices are different… and thus require a different mindset when it comes to securing those devices and your network.   About Brian Robison   Brian Robison has over 20 years of cybersecurity experience. As Chief Evangelist at BlackBerry Cylance he is focused on educating and inspiring the world. Robison hosts live Hacking Exposed events, where he demonstrates the tools and techniques of real-world threat actors.   Brian is a regular speaker at industry events such as RSA, Black Hat, thought leadership forums like ISC2 Think Tank and is highly sought after to speak at partner events.   Prior to joining BlackBerry Cylance, Robison worked to defend organizations from mobile security threats —three years as a Director at Citrix XenMobile and two driving enterprise strategy at Good Technology.   Brian also spent over six years at McAfee with a special focus on end-point security -leading efforts to modernize ePolicy Orchestrator. During this time, he also managed vulnerability and policy compliance solutions. His early career ranges from a six-year period with Tripwire, Inc. to cutting his professional teeth in consumer electronics at Diamond Multimedia.    About Matt Stephenson Insecurity Podcast host Matt Stephenson (@packmatt73) leads the Broadcast Media team at BlackBerry, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecurity podcast and host of CylanceTV   Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Matt to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come   Every week on the InSecurity Podcast, Matt interviews leading authorities in the security industry to gain an expert perspective on topics including risk management, security control friction, compliance issues, and building a culture of security. Each episode provides relevant insights for security practitioners and business leaders working to improve their organization’s security posture and bottom line.   Can’t get enough of Insecurity? You can find us at ThreatVector InSecurity Podcasts, Apple Podcasts and GooglePlay as well as Spotify, Stitcher, SoundCloud, I Heart Radio and wherever you get your podcasts!   Make sure you Subscribe, Rate and Review!

Matt Stephenson: The AI Manifesto     Mirror, mirror on the wall Tell me, mirror, what is wrong? Can it be my de la clothes Or is it just my de la song? What I do ain't make-believe People say I sit and try But whan it comes to being de la It's just me myself and I    -- Me Myself and I; De La Soul, 1989   What happens when all of your scheduled guests have to cancel? You roll with it and do something new!   Working from an essay by Malcolm Harkins and the BlackBerry Cylance Threat Intelligence Team, Matt Stephenson is going to take a look at Artificial Intelligence and a myriad of its ethical implications on industry and society as well as the roll the humanity must play.   About Matt Stephenson Insecurity Podcast host Matt Stephenson (@packmatt73) leads the Broadcast Media team at BlackBerry, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecurity podcast and host of CylanceTV   Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Matt to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come   Every week on the InSecurity Podcast, Matt interviews leading authorities in the security industry to gain an expert perspective on topics including risk management, security control friction, compliance issues, and building a culture of security. Each episode provides relevant insights for security practitioners and business leaders working to improve their organization’s security posture and bottom line.   Can’t get enough of Insecurity? You can find us at ThreatVector InSecurity Podcasts, Apple Podcasts and GooglePlay as well as Spotify, Stitcher, SoundCloud, I Heart Radio and wherever you get your podcasts!   Make sure you Subscribe, Rate and Review!

Dave Castignola: Your Company got Acquired? Yeah… Been There   BlackBerry acquired Cylance in March… how’s it going?   On November 16, 2018, BlackBerry Limited announcedit had entered into an agreement to acquire Cylance. The announcement was met with optimism from a wide range of outlets.   “the combination of BlackBerry’s endpoint management tools and Cylance’s products could help to make the company a one-stop shop of sorts in the device protection and security market.”  -- Forbes   “$1.4bn match made in heaven”  -- The Register   On February 21, 2019, BlackBerry announced that it had completed the acquisition. The new iteration of BlackBerry Cylance made a soft opening at RSA, but the real debut was last month at Black Hat.   There have been many changes over the past 10 months, some more significant than others.   The question remains… is it working?   We are here to speak directly with someone who has been involved at the highest levels and has had his hands on the steering wheel throughout the process.   This week on Insecurity, Matt Stephenson gets the rare chance for a raw one on one conversation with BlackBerry Cylance Chief Operating Officer David Castignola, an industry veteran who lived through the RSA breach and has been on both sides of big acquistions. People have questions on who the BlackBerry Cylance integration is going… we have some answers.   About David Castignola David Castignola (@davecastignola) is the Chief Operating Officer at BlackBerry Cylance. Prior to joining Cylance, Dave was Chief Revenue Officer and Executive Vice President of Worldwide Sales at Optiv. No stranger to the Sales game, Dave closed out nearly two decades at RSA as the Sr Vice President of Worldwide Sales   About Matt Stephenson Insecurity Podcast host Matt Stephenson (@packmatt73) leads the Broadcast Media team at BlackBerry, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecurity podcast and host of CylanceTV   Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Matt to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come   Every week on the InSecurity Podcast, Matt interviews leading authorities in the security industry to gain an expert perspective on topics including risk management, security control friction, compliance issues, and building a culture of security. Each episode provides relevant insights for security practitioners and business leaders working to improve their organization’s security posture and bottom line.   Can’t get enough of Insecurity? You can find us at ThreatVector InSecurity Podcasts, Apple Podcasts and GooglePlay as well as Spotify, Stitcher, SoundCloud, I Heart Radio and wherever you get your podcasts!   Make sure you Subscribe, Rate and Review!

Taylor Lehmann: So You Wanna Be a Healthcare CISO…?       LLLLLLLLLAAADIIIEEEEEZZZZZ aaaannnnnnd GEEEENNNNNTLLLLEMEEENNNNNN!!!!!   At 6 feet and 1 inches tall and weighing in at 230 pounds… Hailing from University at Buffalo… Managing an ecosystem made up of Over 160 THOUSAND partners and 120 MILLION patients From greater metropolitan Boston MAAAAASSSSAchusetts   YOUR Chief Information Security Officerrrrrr…   Wouldn’t it be great if that’s your day started every day as a CISO? Breaking News: Being a CISO is a hard job   You don’t get many, if any, Pro Wrestling style introductions   How hard a gig is this?   Our friends at Nominet Cybsecurity released a report this summer called Life Inside the Perimeter: Understanding the Modern CISO. It shone a harsh spotlight on the oftentimes brutal life of a CISO. Here 3 key stats to keep in mind whenever you heard the term CISO… Nearly 70% discovered malware hidden on their networks for an unknown period of time Less than a third are in their job for more than three years Nearly 17% of CISOs are either medicating or using alcohol to deal with job stress   To paraphrase Forrest Gump… being a CISO is TOUGH   Now… just to add fun and excitement… try bing a CISO for an organization who is literally handling the technology that cures disease, heals the sick and saves lives   This week on Insecurity, Taylor Lehmann returns as the newly minted CISO at athenahealth. Matt Stephenson asks Taylor about what is involved as an outgoing and incoming CISO in healthcare. They also chat about what happens when a CISO goes from managing 10,000+ patients to 100 MILLION+ patients. No pressure right?   About Taylor Lehmann Taylor Lehman (@sidechannelsec) is the Vice President and CISO at athenahealth.  In a previous life, he was the CISO at Wellforce and Tufts Medical Center. He is also in demand as advisor, working with companies including IBM Security Global , Obisidian Security and Randori, among others. Additionally, Taylor is helping to carve the future with his advisory work with graduate students at MIT and Northeastern University. Taylor is also an expert in securing software development and delivery, and is on the boards of Gartner Evanta, the HITRUST Community Extension Program, the TPA Summit, and the Business Associate Council. Somehow, he still finds time to raise 3 kids and trade punches and throws while training in mixed martial arts.   About Matt Stephenson     Insecurity Podcast host Matt Stephenson (@packmatt73) leads the Broadcast Media team at BlackBerry, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecurity podcast and host of CylanceTV   Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Matt to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come   Every week on the InSecurity Podcast, Matt interviews leading authorities in the security industry to gain an expert perspective on topics including risk management, security control friction, compliance issues, and building a culture of security. Each episode provides relevant insights for security practitioners and business leaders working to improve their organization’s security posture and bottom line.   Can’t get enough of Insecurity? You can find us at ThreatVector InSecurity Podcasts, Apple Podcasts and GooglePlay as well as Spotify, Stitcher, SoundCloud, I Heart Radio and wherever you get your podcasts!   Make sure you Subscribe, Rate and Review!

InSecurity Podcast Mixtape: Hacker Summer Camp Edition is there any better time of year to go to Las Vegas than early August?!?   We’re totally kidding… It’s hot and this year there was a plague of locusts!   But it is also the time of year when people from all walks of the Cybersecurity world gather to learn, teach and reconnect. Whether it is at BSidesLV, Black Hat, DEFCONor other events too cool to be on the radar, odds are, you are standing in line next to someone who knows how to either protect or break into a network.   We spoke with some of those folks...   Enjoy!   Charles Eagan: BlackBerry Cylance Covers the Entire Security Spectrum Joe Menn: Cult of the Dead Cow; How the Original Hacking Supergroup Might Just Save the World John McClurg: There Is a Reason Legislators Listen to John McClurg Mia Damiano: Bringing the Story of Cybersecurity to the People Dave Cundiff: Building a Security Program as Secure as Fort Knox Greg Fitzgerald: Cyberforceis Showing SMBs the Same Love as Large Enterprises Dave Castignola: Why BlackBerry Cylance Looks to the Moon for Inspiration Rex Johnson: Rex JohnsonKnows Where the Gaps are in Cyber Insurance Red Dragon 1949: @RedDragon1949Can Only Tell You SOME of the Cyberscurity Stories He Has Lived Mark Wilson: BlackBerry and Cylance: The Integration is DONE     About Matt Stephenson Insecurity Podcast host Matt Stephenson(@packmatt73) leads the Security Technology team at Cylance, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecurity podcastand host of CylanceTV   Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Matt to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come   Every week on the InSecurity Podcast, Matt interviews leading authorities in the security industry to gain an expert perspective on topics including risk management, security control friction, compliance issues, and building a culture of security. Each episode provides relevant insights for security practitioners and business leaders working to improve their organization’s security posture and bottom line.   Can’t get enough of Insecurity? You can find us at ThreatVector InSecurity Podcasts, Apple Podcastsand GooglePlayas well as Spotify, Stitcher, SoundCloud, I Heart Radioand wherever you get your podcasts!   Make sure you Subscribe, Rate and Review!  

Old Dog and Young Buck: A Generational Look at Cybersecurity Spider-Man : Hey guys, you ever see that really old movie, Empire Strikes Back?    War Machine : Jesus, Tony, how old is this guy?    Iron Man : I don't know, I didn't carbon date him. He's on the young side.   Captain America: Civil War; Joe& Anthony Russo, 2016   If you thought Twitter and Facebook outages were bad, then you probably don't remember the great online disruption of 1996. At the time, CBS Evening News reported that America Online, then the world's largest Internet Service Provide,r went down for 19 hours on a Wednesday in August. Peter Van Sant of CBS News had some… now in retrospect… completely adorable comments   "For some netheads and geeks - and that's what they call themselves - the crash of America Online left them feeling lost in cyberspace,"   The reporter went to a "nethead" hang out just to see how lost people were. According to Van Sant, "the worst thing of all for many netheads was having to resort to a more primitive technology: telephones and faxes"   And… just to put things in perspective…AOL did offer its customers a free day of service, which wasn't a bad deal considering a monthly user would have had to pay $41 for 19 hours of online use.   And that's the way it was on Wednesday, August 7th, 1996.   This week on InSecurity, Matt Stephenson speaks with University of Florida Computer Science Major Lee Deffebach and BlackBerry Cylance VP of Sales Engineering Rich Thompson. One of them has witnessed the evolution of IT and cybersecurity from the front lines of a 25 year career. The other offers the perspective of someone born and raised in the digital/internet/mobile era. Where do the agree? Where do they diverge? What can they learn from each other? Tune in and find out   About Lee Deffebach Lee Deffebachis a senior at the University of Florida studying Computer Science. He is interested in functional programming, artificial intelligence, security, and systems engineering.   We don’t know what the future holds for him… but he is definitely worth watching…   About Rich Thompson Richard Thompson(@TheRichThompson) is Vice President of Sales Engineering, North America at Cylance. He has 25+ years of experience in security. This includes 21 years leading security efforts at the regional and national level in the retail industry, and 5 years leading Sales Engineering and Professional Services efforts in the enterprise software industry. He has experience in forensics, incident response, electronic discovery, information risk management and governance. Rich joined Cylance in October 2014 in order to help Cylance in the vision of protecting every endpoint under the sun. He also has surprisingly wide-ranging musical taste.   About Matt Stephenson Insecurity Podcast host Matt Stephenson (@packmatt73) leads the Broadcast Media team at BlackBerry, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecurity podcast and host of CylanceTV   Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Matt to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come   Every week on the InSecurity Podcast, Matt interviews leading authorities in the security industry to gain an expert perspective on topics including risk management, security control friction, compliance issues, and building a culture of security. Each episode provides relevant insights for security practitioners and business leaders working to improve their organization’s security posture and bottom line.   Can’t get enough of Insecurity? You can find us at ThreatVector InSecurity Podcasts, Apple Podcastsand GooglePlayas well as Spotify, Stitcher, SoundCloud, I Heart Radioand wherever you get your podcasts!   Make sure you Subscribe, Rate and Review!

Adversarial Machine Learning: How AI is Enabling Cyber Resilience   Martin Amor: HAL, you have an enormous responsibility on this mission, in many ways perhaps the greatest responsibility of any single mission element. You're the brain, and central nervous system of the ship, and your responsibilities include watching over the men in hibernation. Does this ever cause you any lack of confidence?    HAL : Let me put it this way, Mr. Amor. The 9000 series is the most reliable computer ever made. No 9000 computer has ever made a mistake or distorted information. We are all, by any practical definition of the words, foolproof and incapable of error. 2001: A Space Odyssey,Stanley Kubrick   Artificial Intelligence as we know it is neither good nor bad. These days, it seems like you can't go anywhere without hearing about how every company is using AI. Actually…  what they are talking about, more often than not, is machine learning. As ML becomes a more ubiquitous tool for problem solving purposes, it will inevitably lead to its abuse in the form of adversarial ML. This can either be algorithms created for malicious purposes or neutral algorithms used for bad.   This week on InSecurity, Matt Stephenson speaks with BlackBerry Cylance Data Scientist Michael Slawinski and Sales Engineer Josh Fu on their Black Hat presentation discussing Adversarial Machine Learning. They predict that the next frontier for ML will be towards identification and authentication. The application of malicious intent to technology is a lot closer than we think.   About Josh Fu Josh Fu (@jfusecurity), CISM, CISSP, is a Security Engineer for Cylance. Josh has experience as a Channel Manager and consultant in cloud infrastructure and as a Sales Engineer in cybersecurity. Josh founded the West Coast chapter of the International Consortium of Minority Cybersecurity Professionals and has presented in front of industry audiences across the country.   About Michale Slawinski Michael Slawinski is a data scientist for the BlackBerry Cylance, focusing on deep learning and graph theoretic approaches to malware classification. Previously, Michael spent two and a half years working as a quantitative analyst and modeler in the commercial banking industry. He earned his B.Sc.and M.A. in mathematics at UCLA, and went on to earn a Ph.D. in mathematics from U.C. San Diego in 2011.   If you want to dig into more of what Mike is up to, check out his Github   About Matt Stephenson Insecurity Podcast host Matt Stephenson (@packmatt73) leads theBroadcast Media team at BlackBerry, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecurity podcast and host of InSecurity TV   Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Matt to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come   Every week on the InSecurity Podcast, Matt interviews leading authorities in the security industry to gain an expert perspective on topics including risk management, security control friction, compliance issues, and building a culture of security. Each episode provides relevant insights for security practitioners and business leaders working to improve their organization’s security posture and bottom line.   Can’t get enough of Insecurity? You can find us at ThreatVector InSecurity Podcasts, Apple Podcasts and GooglePlay as well as Spotify, Stitcher, SoundCloud, I Heart Radio and wherever you get your podcasts!   Make sure you Subscribe, Rate and Review!

LaColombe CEO Todd Carmichael: Yes… Coffee Really Is That Important       "You know… this is, excuse me, a damn fine cup of coffee. I’ve had I can’t tell you how many cups of coffee in my life, and this… this is one of the best"    -- Special Agent Dale Cooper, Twin Peaks     When is the last time you went to work and saw no one drinking a cup of coffee?   Imagine a cybersecurity world where this is no lattes… no PSLs… no nitro cold brews… I know… I know… it’s totally science fiction and the stuff of nightmares.   LaColombe co-founder and CEO Todd Carmichael is here to allay those fears. When he isn’t revolutionizing the coffee world, he is putting in good works around the country and around the world. Whether it is assisting in rebuilding Haitian coffee farms or working in his area to help his local school district, Todd has a lot on his plate.   Did we mention that he holds the world record for the fastest solo trek across Antarctica to reach the South Pole? Yeah. He did that.   Now consider our real world…   What if I told you that US coffee drinkers consume about 3 cups a day on average…   What if I told you that the US coffee shop market did $45.4 BILLION in business 2018 with over 35,000 stores…   Did I mention that Pabst Blue Ribbon recently introduced Hard Coffee?   Yeah… Coffee really is that important   This week on InSecurity Matt Stephenson speaks with Todd Carmichael about a life long, globe spanning journey that includes trekking across Antarctica, a hand-restored sailboat, all 7 continents, a hand made, blown glass bong that revolutionized the coffee industry, helping to rebuild Haitian coffee farms and how he hacked the coffee industry because “America deserves a better cup of coffee.”   About Todd Carmichael Todd Carmichael’s passion to push the U.S. coffee scene forward, alongside his partner and co-founder JP Liberit, pushed La Colombe to the forefront of the ethical trade movement where they regularly dabble in new terrain, invent ground-breaking new brewing devices and beverages, such as the first ever Draft Latte. He is also the host of two Travel Channel series, Dangerous Grounds and Uncommon Grounds. A passionate crusader for social and ecological causes, Todd has a decades-long history of undertaking self-supported treks into challenging environments. He’s visited nearly half of the world’s countries, crossed large parts of the Sahara Desert on foot, as well as the Gobi Desert, Namib Desert, and others. He is also the first American to solo trek across Antarctica from the coast to the South Pole, establishing a world record speed of 39 days, 7 hours, and 49 minutes. Oh… and… in 2018, he was the 46th Coolest Dad in the world. Just saying… Married to singer songwriter Lauren Hart, the couple have expanded their family by adopting three beautiful girls and a baby boy from Ethiopia. Todd is also an author and contributor to the Huffington Post and Esquire Magazines.   About Matt Stephenson Insecurity Podcast host Matt Stephenson (@packmatt73) leads the Security Technology team at Cylance, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecurity podcast and host of CylanceTV   Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Matt to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come   Every week on the InSecurity Podcast, Matt interviews leading authorities in the security industry to gain an expert perspective on topics including risk management, security control friction, compliance issues, and building a culture of security. Each episode provides relevant insights for security practitioners and business leaders working to improve their organization’s security posture and bottom line.   Can’t get enough of Insecurity? You can find us at ThreatVector InSecurity Podcasts, Apple Podcasts and GooglePlay as well as Spotify, Stitcher, SoundCloud, I Heart Radio and wherever you get your podcasts!   Make sure you Subscribe, Rate and Review!

Parham Eftekhari: Is Government Cybersecurity Broken?     … the Internet is not something that you just dump something on. It's not a big truck. It's a series of tubes.  -- former Senator Ted Stevens, 2006   This photo… is not a photo of the internet… in case you were wondering.   Do we really want to trust that our elected officials have the slightest idea of what to do with regards to cybersecurity? Whether it is election meddling, attempts to hack voting facilities or data breaches of personnel records… this is territory that needs detailed research and expert analysis.   The current administration proposed an overall federal cybersecurity budget of $17.4 billion, which is an increase from the estimated $16.6 billion in fiscal 2019. Under this proposal, Civilian agencies overall would receive $7.79 billion which is roughly 1.5 percent below current levels.   If that number seems odd, that’s probably okay considering how much attention cybersecurity is attracting. However, it could have been worse, given the current administration’s general desire to trim civilian-agency spending. The White House is proposing to reduce overall non-defense spending by 5 percent.   With just a little bit of focus, we can discern that an agency was more likely to be proposed for an increase if it works on national security in some way. Cybersecurity efforts at the Departments of Energy, Justice and State all saw increases of over 7% or more.   Cyber programs at the Office of Personnel Management, which is under close scrutiny for how it protects the data of federal employees, saw a 4% increase to $47 million. You may recall the famous OPM data breach a few years back that put over 21 Million records into the wild   Oh… and… not for nothing… but it was Cylance that fixed that one…   In this episode of the InSecurity Podcast, Matt Stephenson welcomes ICIT Executive Director Parham Eftekhari for a chat about what is happening in Washington when it comes to American policies on Cybersecurity. We take a look at the key pillars of Technology, Budget, Lobbying/Partisan politics and Legislation. Wanna drain the swamp? Take a listen first.     About Parham Eftekhari       Parham Eftekhari (@icitorg) is the Executive Director of the Institute for Critical Infrastructure Technology (ICIT), the nation’s leading cybersecurity Think Tank whose mission is to improve the resiliency of the country’s 16 critical infrastructure sectors and empower generations of cybersecurity leaders. Leveraging 15 years of technology industry experience, Parham advises the world’s top public and private sector cybersecurity leaders, manages strategic alliances, executes business strategies, and builds meaningful thought leadership and educational programs.   Parham has organized, led or contributed to over 100 cybersecurity briefings and events at institutions including Congress, TEDx, C-SPAN and the World Bank, and regularly speaks to the media on cybersecurity issues.     About Matt Stephenson     Insecurity Podcast host Matt Stephenson (@packmatt73) leads the Security Technology team at Cylance, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecurity podcast and host of CylanceTV   Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Stephenson to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come   Every week on the InSecurity Podcast, Matt interviews leading authorities in the security industry to gain an expert perspective on topics including risk management, security control friction, compliance issues, and building a culture of security. Each episode provides relevant insights for security practitioners and business leaders working to improve their organization’s security posture and bottom line.   Can’t get enough of Insecurity? You can find us at ThreatVector InSecurity Podcasts, Apple Podcasts and GooglePlay as well as Spotify, Stitcher, SoundCloud, I Heart Radio and wherever you get your podcasts!   Make sure you Subscribe, Rate and Review!

#BlackHat2018: A Look Back     The world of Cybersecurity is about to descend upon Las Vegas like a plague of locusts. Oh… wait… that appears to have already happened.   Tens of thousands of our Cybersecurity colleagues will converge for Hacker Summer Camp next week. We’ll be attending Black Hat, BSidesLV, The Diana Initiative and DEFCON.   Before we dive into what’s coming next week… let’s take a look at what we learned last year and see how the passing year shook out.   Volume III of the InSecurity Podcast Mixtape features CEOs, legendary technology journalists, and some of the key players in the world of cybersecurity talking about what expected out of Hacker Summer Camp 2018. Kick back and enjoy the perspectives this group of experts has to offer on the present state and future of cybersecurity   Enjoy!   Katie Moussouris: When Bug Bounties Go Bad: Don’t Get Extorted Javvad Malik: Cybersecurity Is a Lot Like 80s TV Shows Josh Corman: Hackers Are Making the World a Safer Place. You Need Them Marcus Carey: Protect the Endpoint. Simulate an Attack. Make Sure You’re Protected Elinor Mills: Is It Really 25 Years Since L0pht Heavy Industries Testified in Congress? Dave Bittner: Cyberwire: The Daily Paper of Record for the Cybersecurity Industry Justin Kallhoff: How an MSSP Turns Many Small Businesses into One Large Enterprise   A lesser blog would rip off someone else’s good writing, change a few words and then not give credit where it’s due… But that’s not how we roll here on the InSecurity Podcast.   If you want to read a really good summation of Hacker Summer Camp, check out System Overlord’s lowdown on Hacker Summer Camp and what is about to happen in Las Vegas next week . He drops some serious knowledge on how to maximize your experience.   About Matt Stephenson Insecurity Podcast host Matt Stephenson (@packmatt73) leads the Security Technology team at Cylance, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecurity podcast and host of CylanceTV   Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Matt to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come   Every week on the InSecurity Podcast, Matt interviews leading authorities in the security industry to gain an expert perspective on topics including risk management, security control friction, compliance issues, and building a culture of security. Each episode provides relevant insights for security practitioners and business leaders working to improve their organization’s security posture and bottom line.   Can’t get enough of Insecurity? You can find us at ThreatVector InSecurity Podcasts, iTunes/Apple Podcasts and GooglePlay as well as Spotify, Stitcher, SoundCloud, I Heart Radio and wherever you get your podcasts!

Clint Watts: The World of Advanced Persistent Manipulators     This $#!%’s chess! It ain’t checkers  -- Detective Alonzo Harris; 2001, Training Day     Want to have some fun with some numbers? As of May 2019, the total worldwide population identifying as human is 7.7 billion. Among those people, 4.4 billion of them use the internet. Not quite everyone is sharing their lives, but there are 3.499 billion active social media users.   Are they all real people? That’s a valid question… There are an estimated 270 million fake Facebook profiles. Oh… and… in 2018 Twitter deleted 70 Million accounts they determined were fake. So there’s that.   Clint Watts studies terrorists, terrorism, social media, external forces meddling with elections and a lot of other Orwellian things. Since publishing Messing with the Enemy: Surviving in a Social Media World of Hackers, Terrorists, Russians, and Fake News last summer, he has looked deeper into other types of election hacking including Deepfakes. You may have seen his June testimony in front of the U.S. House of Representatives Permanent Select Committee on Intelligence on C-Span… if you’re a C-Span type of person.   In this week’s episode of InSecurity, Matt Stephenson welcomes Clint Watts back to InSecurity. This week, we dig into Advanced Persistent Manipulators. Like their technology cousin Advanced Persistent Threats, APMs are hard to quantify, harder to understand and ever more difficult to stop. With governments all over the world in a state of perpetual campaign mode and candidates running their own Troll farms, do we even know what to prepare for? Tune in and find out!   About Clint Watts Clint Watts (@selectedwisdom) is a Distinguished Research Fellow at the Foreign Policy Research Institute, Non-Resident Fellow at the Alliance for Securing Democracy. His book best-selling Messing with the Enemy: Surviving in a Social Media World of Hackers, Terrorists, Russians, and Fake News shined a light on what has, is and could happen with regard to social media manipulation and the ways foreign interests can hack the electoral process. It was recently released in paperback.   Clint is also a national security contributor for NBC News and MSNBC. His research and writing focuses on terrorism, counterterrorism, social media influence and Russian disinformation. Clint’s tracking of terrorist foreign fighters allowed him to predict the rise of the Islamic State over al Qaeda in 2014. From 2014 – 2016, he worked with Andrew Weisburd and J.M. Berger to track and model the rise of Russian influence operations via social media leading up to the U.S. Presidential election of 2016. This research led Clint to testify before four different Senate committees in 2017and 2018regarding Russia’s information warfare campaign against the U.S. and the West.   Before becoming a consultant, Clint served as a U.S. Army infantry officer, a FBI Special Agent, as the Executive Officer of the Combating Terrorism Center at West Point, as a consultant to the FBI’s Counter Terrorism Division and National Security Branch, and as an analyst supporting the U.S. Intelligence Community and U.S. Special Operations Command.   His supporters think he’s had an interesting career, his enemies think he can’t hold down a job… both would be correct.   Messing with the Enemy: Surviving in a Social Media World of Hackers, Terrorists, Russians, and Fake News A former FBI Special Agent and leading cyber-security expert offers a devastating and essential look at the misinformation campaigns, fake news, and electronic espionage operations that have become the cutting edge of modern warfare—and how we can protect ourselves and our country against them. Clint Watts electrified the nation when he testified in front of the House Intelligence Committee regarding Russian interference in the 2016 election. In Messing with the Enemy, the cyber and homeland security expert introduces us to a frightening world in which terrorists and cyber criminals don’t hack your computer, they hack your mind. Watts reveals how these malefactors use your information and that of your friends and family to work for them through social media, which they use to map your social networks, scour your world affiliations, and master your fears and preferences. Thanks to the schemes engineered by social media manipulators using you and your information, business executives have coughed up millions in fraudulent wire transfers, seemingly good kids have joined the Islamic State, and staunch anti-communist Reagan Republicans have cheered the Russian government’s hacking of a Democratic presidential candidate’s e-mails. Watts knows how they do it because he’s mirrored their methods to understand their intentions, combat their actions, and coopt their efforts. Watts examines a particular social media platform—from Twitter to internet Forums to Facebook to LinkedIn—and a specific bad actor—from al Qaeda to the Islamic State to the Russian and Syrian governments—to illuminate exactly how social media tracking is used for nefarious purposes. He explains how he’s learned, through his successes and his failures, to engage with hackers, terrorists, and even the Russians—and how these interactions have generated methods of fighting back. Shocking, funny, and eye-opening, Messing with the Enemy is a deeply urgent guide for living safe and smart in a super-connected world.   About Matt Stephenson Insecurity Podcast host Matt Stephenson (@packmatt73) leads the Security Technology team at Cylance, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecurity podcast and host of CylanceTV   Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Matt to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come   Every week on the InSecurity Podcast, Matt interviews leading authorities in the security industry to gain an expert perspective on topics including risk management, security control friction, compliance issues, and building a culture of security. Each episode provides relevant insights for security practitioners and business leaders working to improve their organization’s security posture and bottom line.   Can’t get enough of Insecurity? You can find us at ThreatVector InSecurity Podcasts, iTunes/Apple Podcasts and GooglePlayas well as Spotify, Stitcher, SoundCloud, I Heart Radio and wherever you get your podcasts!   Make sure you Subscribe, Rate and Review!  

Wah Lum Kung Fu: Hacking Cosplay at San Diego Comicon Every once in awhile the InSecurity Podcast takes a walk with the word “hack” to other parts of existence.   Yeah yeah… hard to believe that there are actual things out there besides cybersecurity…   In this special episode,  Matt Stephenson will be talking with some folks who are hacking what could already be considered a hack. If we know our audience, it is a fair bet to say that there are plenty of folks who know the names Chun-Li (No… not the Nicki Minaj song, but that’s an interesting point) or Chen Zhen.   For those not on a first name basis… you definitely are familiar with Mortal Kombat or Double Dragon.   Okay… do we really have to resort to The Matrix? Kung Fu Panda?   We hope not   The point is that for the last 50 years, you would be hard pressed to look in a corner of American culture and not find the influence of Kung Fu.   Whether it is the greatest hip-hop collective ever The Wu-Tang Clan or Cirque Du Soleil’s KA… Maybe it is Kato from the Green Hornet or Morpheus or Chirrut Imwe in Rogue One… Kung Fu has evolved to a place where fight choreographers and stunt workers are getting billing nearly equal to writers and directors in film and television.   What does any of this have to do with Cylance or cybersecurity? Take a walk with us…   Cylance’s own Hiep Dang is a Sifu of Wah Lum Kung Fu and this week will be part of an amazing teaching session at San Diego Comicon!   Cosplayers, Ready your Swords!   Did you spend months making your costume? Ready to learn how to properly wield and pose with your sword, hammer, or lightsaber?    Cosplayers will learn how to bring their characters to life from Hollywood stunt performers and martial arts experts. Mimi Chan (model and martial arts reference for Disney’s Mulan) andChristopher Leps, (Pirates of the Caribbean, Daredevil) will partake in a discussion moderated by martial arts expert, Oscar Agramonte about their action experience and how it relates to cosplay.   Learn how to bring authenticity to your character from the panel and a team of martial arts experts. Be ready for action!   In todays’ special San Diego Comic Con episode of InSecurity, Matt Stephenson welcomes Sifu Mimi Chan and Sifu Hiep Dang to talk about a very different kind of hack. Kung Fu has been hacking Western culture for nearly 50 years. Cosplay has been hacking culture for nearly as long. It’s time the two got together. That’s exactly what is happening at SDCC. Find out more on this week’s InSecurity!   As a special treat for our listeners, you can get a one year 10 device subscription of Cylance Smart Antivirus for 50% off during the month of Comic Con. Click here to find out how!   About Mimi Chan   Mimi Chan (@SifuMimiChan) has been a Wah Lum kung fu instructor for the past 25 years, and was chosen as the model and inspiration for Disney’s cartoon Mulan. At 17, she won her first of many kung fu Grand Championship titles and retired from competition undefeated. After working as a stunt performer for several years, in 2012, she produced and directed the award-winning documentary: Pui Chan: Kung Fu Pioneer. Mimi is also the host of Culture Chat Podcast. Culture Chat Podcast explores a variety of topics including: social issues, film, comics, martial arts, traditions, food, pop culture, music, or anything inspiring and thought-provoking.     About Hiep Dang   Hiep Dang (@Hiep_Dang) is Director of Product Management & Marketing for Cylance where he is responsible for driving the vision and strategy of its Consumer products. During the day, Hiep geeks out on building innovative security products at Cylance-Blackberry and on nights and weekends, he teaches Kung Fu in Portland, OR. The recurring theme that persists in both his personal and professional lives is his passion for helping others learn how to keep themselves safe and secure in both the virtual and physical world.   About Matt Stephenson Insecurity Podcast host Matt Stephenson (@packmatt73) leads the Security Technology team at Cylance, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecurity podcast and host of CylanceTV   Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Matt to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come   Every week on the InSecurity Podcast, Matt interviews leading authorities in the security industry to gain an expert perspective on topics including risk management, security control friction, compliance issues, and building a culture of security. Each episode provides relevant insights for security practitioners and business leaders working to improve their organization’s security posture and bottom line.   Can’t get enough of Insecurity? You can find us at ThreatVector InSecurity Podcasts, iTunes/Apple Podcasts and GooglePlay as well as Spotify, Stitcher, SoundCloud, I Heart Radio and wherever you get your podcasts!   Make sure you Subscribe, Rate and Review!

Chuck Brooks: Examining the Future I'm the operator With my pocket calculator I am adding And subtracting I'm controlling And composing By pressing down a special key It plays… Kraftwerk: Pocket Calculator, 1981 Computer World How about this for a picture of the present with a look to the future… What if I told you that chatbots will power 85 percent of customer service by 2020… McKinsey Global Institute did a study that found 20% of C-level executives claim to be using Machine Learning and/or Artificial Intelligence as a core part of their business. Our friends at IDC proclaimed that global spending on cognitive and AI systems is expected to reach $57.6 billion in 2021. And finally… as if we aren’t already tired of hearing about the IT skills gap… Forbes recently announced that the number of jobs requiring AI skills has grown 450% since 2013… Are we ready for the future? Hell… are we even ready for the present!?!?! Chuck Brooks has published over 180 articles about Cybersecurity, Artificial Intelligence, Homeland Security and the Internet of Things… among other things… He has written for some of the most important publications in the world including Forbes, The Hill and the MIT Sloan Blog. It is fair to say that Chuck has his eye on the future and has an idea or two about what needs to be done to secure it. In this week’s episode of InSecurity, Matt Stephenson proudly welcomes in Chuck Brooks for a look into his crystal ball to see what the future may hold for the world of technology and, by definition, cybersecurity. We look at AI, automation, IoT, Quantum Computing and even Ray Kurzweil’s thoughts on what is to come. Want to get weird? This week’s episode is for you. About Chuck Brooks Chuck Brooks (@ChuckDBrooks) is the Principal Market Growth Strategist of General Dynamics Mission Systems for Cybersecurity and Emerging Technologies. He is also Adjunct Faculty in the graduate Applied Intelligence Program at Georgetown University and teaches courses in risk management, homeland security and cybersecurity. LinkedIn named Chuck as one of The Top 5 Tech People to Follow on LinkedIn out of their 600 million members. He was named by Thompson Reuters as a “Top 50 Global Influencer in Risk, Compliance” and by IFSEC as the “#2 Global Cybersecurity Influencer” in 2018. He is also a featured contributor to Forbes, a Cybersecurity Expert for The Network at the Washington Post and Visiting Editor at Homeland Security Today. Chuck has an MA in International relations from the University of Chicago, a BA in Political Science from DePauw University and a Certificate in International Law from The Hague Academy of International Law. About Matt Stephenson Insecurity Podcast host Matt Stephenson (@packmatt73) leads the Security Technology team at Cylance, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecurity podcast and host of CylanceTV Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Matt to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come Every week on the InSecurity Podcast, Matt interviews leading authorities in the security industry to gain an expert perspective on topics including risk management, security control friction, compliance issues, and building a culture of security. Each episode provides relevant insights for security practitioners and business leaders working to improve their organization’s security posture and bottom line. Can’t get enough of Insecurity? You can find us at ThreatVector InSecurity Podcasts, iTunes/Apple Podcasts and GooglePlay as well as Spotify, Stitcher, SoundCloud, I Heart Radio and wherever you get your podcasts! Make sure you Subscribe, Rate and Review!

Cheryl Biswas: Diversifying Cybersecuity     You better watch out Oh, what you wish for It better be worth it So much to die for Hey, so glad you could make it Yeah, now you've really made it Hey, there's only us left now  --Hole – 1997, Celebrity Skin What if I told that… compared to men, higher percentages of women cybersecurity professionals are reaching some of the most sought after positions in security. Among the security workforce, the population of women in key spots is surging… Chief Technology Officer 7% of women vs 2% of men Vice President of IT 9% vs 5% IT Director 18% vs 14% C-level / Executive 28% vs 19%   Women in cybersecurity are generally more educated and younger than their male colleagues. 44% of men in cybersecurity hold a post-graduate degree compared to 52% of women. Also, nearly half of women cybersecurity professionals surveyed are millennials – 45% compared to 33% of men. By contrast, Generation X men make up a bigger percentage of the workforce (44%) than women (25%)   Now… what if I told you that the gender pay gap hasn't moved at all. Women still make less than men. according to the 2018 (ISC)2report, women make $5,000 less than men in security management positions.   It is this environment that spurred a group of women to create The Diana Initiative.   In this week’s episode of InSecurity, Matt Stephenson chats with Cheryl Biswas on why the time was right to co-create The Diana Initiative. Now, 4 years later, Diana has a new home and is key part of that stretch of August where the cybersecurity world convenes in Las Vegas to figure out how to save the world. Their mission is to encourage diversity and support women who want to pursue careers in information security, promote diverse and supportive workplaces, and help change workplace cultures.      About The Diana Initiative   It was the summer of 2015. Hackers from around the world had gathered in Las Vegas, NV for DEF CON 23. In the cafeteria tucked away in the basement of Bally’s and Paris, 9 women found themselves chatting and laughing about their experiences in the field of Information Security. They were all passionate about their challenging roles in the male-dominated field and began exchanging strategies for success in their challenging environments. It was then and there that they accepted their new mission: to create a conference for all those who identify as women/non binaries, and to help them meet the challenges that come with being a woman in Information Security with resilience, strength and determination. The first event in 2016 began with a morning speaking track and an afternoon of lockpicking and badge soldering in a small suite at Bally’s, bringing attendees together in a collaborative, comfortable setting. Interest and attendance showed that demand for a woman-focused InfoSec conference existed. In 2017, The Diana Initiative was formed and the conference expanded to cover almost 2 days – with speakers on the evening of the first day, as well as the entire second day. There was also a hands-on opportunity for learning about lockpicking, a Career village, and fun contests. During the summer of 2018, The Diana Initiative conference soared in popularity. But with this incredible growth and popularity, the space still couldn’t meet the demand, as attendees were continuously turned away due to over capacity of all the suites. For more information, make sure to follow them at @DianaInitiativeand keep up with them on LinkedIN and Facebook.   About Cheryl Biswas Cheryl Biswas’s (@3ncr1pt3d) fascination with computers started with those blinking machines on the original Star Trek, and the realization that, if she could learn to work those things, then she could boldly go  – anywhere!  But Cheryl didn’t learn math like everyone else and found herself struggling. She mistakenly believed a few key people who convinced her that she couldn’t learn computers, so she didn’t take programming or comp sci. They were wrong, though. Curiosity and passion led Cheryl to technology through the back door and she taught herself computers. Currently, Cheryl is a Threat Intel analyst on a cybersecurity team, researching, analysing, and communicating her discoveries to the team and to clients to keep them safe. GRC, privacy, APTs, best practices, evolving threats – the learning never stops. Cheryl is an active writer and speaker about threats to less-known but critical systems like ICS SCADA and Mainframes, Shadow IT and Big Data.  You may have seen her present at some of the most important security conferences including BSides Las Vegas and Toronto, DEFCON, ShmooCon and SecTor.   About Matt Stephenson Insecurity Podcast host Matt Stephenson (@packmatt73) leads the Security Technology team at Cylance, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecurity podcast and host of CylanceTV   Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Matt to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come   Every week on the InSecurity Podcast, Matt interviews leading authorities in the security industry to gain an expert perspective on topics including risk management, security control friction, compliance issues, and building a culture of security. Each episode provides relevant insights for security practitioners and business leaders working to improve their organization’s security posture and bottom line.   Can’t get enough of Insecurity? You can find us at ThreatVector InSecurity Podcasts, iTunes/Apple Podcasts and GooglePlay as well as Spotify, Stitcher, SoundCloud, I Heart Radio and wherever you get your podcasts!   Make sure you Subscribe, Rate and Review!

Jeff Tang: Demystifying “Fileless” Malware       The only difference between a hacker and a remote systems administrator is who is employing them  -- Unknown   Want to hear some numbers that might scare you? Or… they might confirm what you already know. Or… they might just be numbers.   63% of IT security professionals say the frequency of attacks has gone up over the past 12 months, according to Ponemon's 2018 State of Endpoint Security Risk report   52% of respondents say all attacks cannot be realistically stopped. Their antivirus solutions are blocking only 43% of attacks   62% of respondents said that their organizations had experienced one or more endpoint attacks that resulted in a data breach  -- 6 Ways Malware Can Bypass Endpoint Protection; Maria Korolov, contributing writer CSO   By now, everyone is familiar with the concept of file-based malware. Malware typically is delivered in the form of executable files. When it comes to “fileless” malware however, there’s a lot of confusion and misunderstanding due to the evolving nature of the term.   Fileless malware originally took shape in the form of exploit payloads that reside only in-memory and never touched disk. Later on, the endpoint security industry adopted it to encompass file formats that were not traditionally recognized as executable but instead served as a host container to run arbitrary code. As attackers have revamped their techniques, the term has gone on to include misusing built-in operating system utilities to conduct their operations.   In this episode of InSecurity, Matt Stephenson spent some time with Jeff Tang to find out what the hell all this means and why it matters. Think you know? Might want to tune in just to make sure   About Jeff Tang Jeff Tang(@mrjefftang) is a Senior Security Researcher at Cylance focused on operating systems and vulnerability research. He started his career as a Global Network Exploitation & Vulnerability Analyst at the National Security Agency, where he conducted computer network exploitation operations in support of national security requirements. Prior to Cylance, Jeff served as the Chief Scientist at VAHNA to develop a security platform for identifying targeted network intrusions, and also worked as a CNO Developer at ManTech where he researched tools, techniques and countermeasures in computer network vulnerabilities.   Jeff completed his Bachelor of Science (BSc) in Electrical Engineering and Computer Science at the University of California, Berkeley and a Master of Science (MSc) in Offensive Computer Security at Eastern Michigan University.   About Matt Stephenson   Insecurity Podcast host Matt Stephenson(@packmatt73) leads the Security Technology team at Cylance, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecurity podcastand host of CylanceTV   Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Matt to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come   Every week on the InSecurity Podcast, Matt interviews leading authorities in the security industry to gain an expert perspective on topics including risk management, security control friction, compliance issues, and building a culture of security. Each episode provides relevant insights for security practitioners and business leaders working to improve their organization’s security posture and bottom line.   Can’t get enough of Insecurity? You can find us at ThreatVector InSecurity Podcasts, iTunes/Apple Podcastsand GooglePlayas well as Spotify, Stitcher, SoundCloud, I Heart Radioand wherever you get your podcasts!   Make sure you Subscribe, Rate and Review!

Brian Fanzo - How Artificial Intelligence is Transforming the World Siri… begin podcast Alexa… where my Amazonians at? Cortana? You still around? Tay… why do you hate people? Friday? Jarvis? Ultron? SKYNET?!?!?!   “AI will accelerate the end of ownership.” Today, we don’t own movies or music anymore—we subscribe to Netflix or Spotify. Tomorrow, we won’t own products anymore—we’ll subscribe to them. Tien Tzuo, CEO & Founder, Zuora   We will see the focus shift from AI to 'AI-driven' results as companies look for real business impact from AI tools. The technology will be less important than the business insights it delivers” Sean Byrnes, CEO and co-founder, Outlier   I am putting myself to the fullest possible use, which is all I think that any conscious entity can ever hope to do HAL 9000, 2001: A Space Odyssey   What the hell does any of that even mean?   In this episode of InSecurity, Matt Stephenson has a chat with Brian Fanzo about the impact of Artificial Intelligence on the larger world. That means large corporate enterprises, brands you recognized and everyday regular folks like you and me. What kind of impact is AI going to have on you? Stick around and find out.     About Brian Fanzo Brian Fanzo (@iSocialFanz) is a proud dad of three girls under the age of 10, a Pittsburgh loving sports fan, a self-proclaimed change evangelist which makes sense as the one constant in this pager wearing millennial’s career has been change. He is a proud geek that majored in computer science who then found his niche of “translating geekspeak” with a unique background that includes working 9 years for the DoD in Cybersecurity, 2 years at a booming cloud computing startup and the last 5 years an entrepreneur and CEO of iSocialFanz. Brian’s DoD career includes leading a team of 30+ developers & trainers with a mission of training, implementing and developing solutions that empowered the different branches of the military to share and collaborate leveraging social business tools their cybersecurity policies and procedures. If that doesn’t sound tough enough his role included 2 trips to Afghanistan & 3 to Iraq while also briefing the joint chiefs of staff at the Pentagon. Brian discovered his love for workshops, training and speaking while at the DoD for which he leveraged in his next job as the Technology Evangelist of a booming datacenter startup based out of Phoenix Arizona was known as IOdatacenters. Brian has a diverse background beyond the Department of Defense bit… he is currently the founder of iSocialFanz which has helped launch digital and influencer strategies with the world’s most iconic brands like Dell EMC, Adobe, IBM, UFC, Applebees and SAP.   The role of technology evangelist was one that Brian designed at pitched the CEO himself, as it was a role that two of his idols Guy Kawasaki at Apple and Robert Scoble of Microsoft, later Rackspace mastered creating cult-like followings while connecting internal and external community for the company. Brian had the luxury of reporting to the CEO with a dotted line to both the CIO & CMO where he was able to be the face of the brand speaking and evangelizing the IO data center and cloud solutions at the largest technology events in the world including Amazon ReInvent, VMworld, Gartner Symposium, CES and many more. In 2014 while still at IO Brian received his first of many social business awards as he was named Top 25 Social Business Leader of the future by the Economist and IBM. Brian leveraged the visibility and opportunities afforded to him with this award to travel to Ted Talks and the world’s largest technology events as an influencer, speaker and the personal brand of iSocialFanz.   Brian hosts two podcasts (FOMOFanz& SMACtalk), has traveled to over 70 countries and has spoken at many of the world’s largest events including SXSW, Social Media Marketing World, CES, Mobile World Congress. Oh… and… Brian is a semi-professional poker player who isn’t afraid to leverage his fast talking skills to read your body language and spot when you’re bluffing.   There’s not much we can do about that snapback hat… we’ve suggested all kinds of different fitted solutions but we still keep seeing that damn snapback.    About Matt Stephenson Insecurity Podcast host Matt Stephenson (@packmatt73) leads the Security Technology team at Cylance, which puts him in front of crowds, cameras, and microphones all over the world. He is the regular host of the InSecurity podcast and host of CylanceTV   Twenty years of work with the world’s largest security, storage, and recovery companies has introduced Matt to some of the most fascinating people in the industry. He wants to get those stories told so that others can learn from what has come   Every week on the InSecurity Podcast, Matt interviews leading authorities in the security industry to gain an expert perspective on topics including risk management, security control friction, compliance issues, and building a culture of security. Each episode provides relevant insights for security practitioners and business leaders working to improve their organization’s security posture and bottom line.   Can’t get enough of Insecurity? You can find us at ThreatVector InSecurity Podcasts, iTunes/Apple Podcastsand GooglePlayas well as Spotify, Stitcher, SoundCloud, I Heart Radioand wherever you get your podcasts!   Make sure you Subscribe, Rate and Review!