Secure Talk Podcast

Fairy Tales and Firewalls: Bridging Myths with Modern Security Nov 19, 2024

Cybersecurity is complicated; weird acronyms, massive risks and arcane skills. How do we teach or learn about cybersecurity in human ways?

In this episode of SecureTalk, host Justin Beals is joined by cybersecurity researcher Luca Viganò to discuss his innovative approach to demystifying cybersecurity concepts using fairy tales. Luca shares his passion for making cybersecurity accessible to both experts and the general public by employing storytelling techniques. Key topics include multifactor authentication, explained through 'Cinderella' and password security inspired by 'Alibaba and the 40 Thieves.' Luca's insights are based on his acclaimed article 'Cyber Security of Fairy Tales.' This episode provides a fresh perspective on engaging non-expert stakeholders and underlines the importance of a social-technical approach to cybersecurity.

00:00 Introduction to SecureTalk
00:34 Host's Background and Passion for Storytelling
03:07 Introducing Luca Vigano
04:49 Luca's Journey in Cybersecurity
06:47 The Power of Storytelling in Teaching Security
08:10 Fairy Tales and Cybersecurity
18:43 Cinderella and Multi-Factor Authentication
34:06 Alibaba and the 40 Thieves: Lessons in Security
40:30 Show vs. Tell in Security Education
44:39 Future Work and Conclusion

Article: Luca Viganò, The cybersecurity of fairy tales, Journal of Cybersecurity, Volume 10, Issue 1, 2024, tyae005, https://doi.org/10.1093/cybsec/tyae005

Application Security Management and the new SBOM with Idan Plotnik Nov 12, 2024

In this episode of SecureTalk, host Justin Beals speaks with Idan Plotnik, co-founder and CEO of Apiiro, about the complexities of application security and innovation. They discuss Idan's career, which began with his early interest in secure computing as an engineer for the Israeli Defence Force. Later, while at Microsoft, Idan was frustrated by the inefficiencies in current application security reviews that slowed down software delivery. Idan explains opportunities to improve the application security posture throughout the software development lifecycle, emphasizing their methods for deep code analysis and extended Software Bill of Materials (SBOMs). The conversation also covers the role of AI in security, the significance of automation, and the integration of graph data models for effectively visualizing and managing security threats.

00:00 Welcome to SecureTalk

00:32 Introduction to Application Security

01:44 Meet Idan Plotnik

02:52 Idan’s Journey in Cybersecurity

04:31 Early Encounters with Computers and Security

08:44 Military Service and Professional Growth

12:19 Founding Apiiro and Innovations in Security

14:06 Challenges in Modern Software Development

15:33 Comprehensive Security Measures

19:47 Understanding the Risk Landscape

24:35 Understanding Risk in Software Architecture

25:30 The Role of AI in Software Security

26:29 Translating Code into Components

27:50 The Importance of Software Inventory

31:47 The Limitations of SBOMs

40:02 Automation in Security Design

46:00 The Power of Graph Data Models

48:35 Conclusion and Final Thoughts

Privacy Reforms We Need Now with James B. Rule Nov 05, 2024

It’s easy to consider privacy as a technology issue, or a legal challenge. But our concepts of privacy have a lot to do with what type of community we would all like to live in. What happens when we consider privacy a right as opposed to a commodity?

Join us on Secure Talk for an in-depth exploration of the complex world of privacy with esteemed sociologist and author James B. Rule. In this episode, he draws parallels between past and present institutional power. He discusses his latest book, “Taking Privacy Seriously: How to Create the Rights We Need While We Still Have Something to Protect “where he delves into the intricacies of privacy laws, the implications of personal data commercialization, and the notion of "personal decision systems."

James presents 11 practical privacy reforms, highlighting the importance of informed consent and strong data protection measures. This episode offers cybersecurity experts valuable historical context, actionable insights, and thought-provoking discussions on how to balance privacy with technological advancement. Join the conversation on how we can protect what truly matters.

Join us as we examine the challenges and potential reforms related to privacy in the digital age, highlighting recent legislative successes such as California's new privacy laws. James advocates for the establishment of national institutions dedicated to promoting privacy. He also discusses the ethical dilemmas faced by technology and policy leaders in striving to find the right balance between the utility of personal data and the protection of individual privacy.

This episode is essential for cybersecurity experts interested in privacy reform and the history of personal data usage.

Book: “Taking Privacy Seriously: How to Create the Rights We Need While We Still Have Something to Protect”

https://www.ucpress.edu/books/taking-privacy-seriously/paper

00:00 Introduction to SecureTalk

00:32 Exploring the Complexities of Privacy

01:21 Introducing James B. Ruhle

02:56 James B. Ruhle's Journey into Privacy

06:55 Historical Perspectives on Privacy

09:10 Modern Privacy Challenges and Solutions

15:48 The Concept of Lawful Basis

23:59 Personal Decision Systems

26:26 Proposed Privacy Reforms

36:56 Public Events and Privacy Issues

42:55 Conclusion and Final Thoughts

Is Technology a Religion? with Greg Epstein Oct 29, 2024

Have you ever felt like tech fandom was turning into a cult? A tech founder ‘preached’ that they heralded a new paradigm for humanity? AI will change everything, Cryptocurrency will make you rich, the ‘Singularity’ is coming! Elon Musk, Sam Altman, Steve Jobs, Bill Gates, etc are raised up as the new messiah by thousands of worshipers. Is it really so difficult to see the tendency of the billionaire technology founders to prey on our hopes and fears?

In a thought-provoking episode of Secure Talk, host Justin Beals interviews Greg Epstein, the Humanist Chaplain at Harvard and MIT, and a New York Times bestselling author about his upcoming book, "Tech Agnostic: How Technology Became the World's Most Powerful Religion and Why It Desperately Needs a Reformation." They discuss the intricate relationship between technology, ethics, security, and human experience, challenging traditional perspectives on cybersecurity. Through engaging conversations about societal equity, community connections, and the ethical implications of technology-induced isolation, Greg and Justin shed light on the profound cultural and existential impact of technology on modern life. The discussion delves into the psychological and emotional aspects of the tech world, drawing parallels with religious structures and highlighting the need for a balance between technological engagement and ethical responsibility.

Book: "Tech Agnostic: How Technology Became the World's Most Powerful Religion and Why it Desperately Needs a Reformation"
https://mitpress.mit.edu/9780262049207/tech-agnostic/

Enterprise Security from Healthcare to GE: Accountability, Strategy, and Value Creation with Bob Chaput Oct 22, 2024

My first SOC 2 audit as a Chief Technology Officer felt like performance art. Here we were, dancing to the tune of an auditor that had never built a web application, let alone a business. So many of their playbooks were repeated from other businesses and didn’t make us more secure. When we were done I was certainly glad to show off our new ‘certification’ but I wondered how I could implement great security and create value for my company.

In this compelling episode of Secure Talk, host Justin interviews Bob Chaput, a seasoned CISO and cybersecurity leader with a rich background in the healthcare sector. The conversation traverses Bob’s extensive career, from his early days at GE to establishing Johnson & Johnson’s first information security program. Bob shares profound insights from his book, 'Cyber Risk Management as a Value Creator,' illustrating the shift of cybersecurity from a defensive necessity to a strategic business driver. They explore the critical role of governance, regulatory accountability, and the implementation of risk management frameworks like the NIST cybersecurity framework. Using real-world cases like Equifax’s post-breach recovery, Bob elucidates the tangible business value of robust cybersecurity measures. Learn about budgeting for cybersecurity, fostering organizational engagement, and integrating security into business operations for enhanced resilience and customer trust. This episode is a treasure trove for experts looking to transform their cybersecurity approach into a strategic advantage.

Book: Enterprise Cyber Risk Management as a Value Creator
https://bobchaput.com/enterprise-cyber-risk-management-as-a-value-creator/

00:00 Welcome to SecureTalk: Introduction and Host Overview

00:41 The Importance of Scope in Cybersecurity

02:58 Introducing Bob Chaput: Cybersecurity Expert

04:45 Bob Chaput's Career Journey

08:17 Enterprise Cyber Risk Management as a Value Creator

12:20 The Role of Regulations and Accountability in Cybersecurity

17:26 Strategic Approach to Enterprise Cyber Risk Management

21:33 Risk and Opportunity Assessment in Cybersecurity

26:47 Leveraging Security Practices for Business Value

27:58 The Impact of Cybersecurity on Business Value

28:56 Clearwater's Role in Enhancing Cybersecurity

31:03 The ECRM Budget Philosophy

32:59 Maxims for Effective Cyber Risk Management

35:59 Building a Team Sport Culture in Cybersecurity

40:47 Foundational Components of ECRM

44:19 Challenges in Third-Party Risk Management

49:25 Clearwater's Journey and Future Prospects

Forging the future of security with Rey Kirton at Forgepoint Capital Oct 15, 2024

In the never-ending vortex of Silicon Valley's hype cycle, it's easy to get lost in the sea of superficial success stories and forget that true innovation often requires patience, persistence, and a willingness to disrupt the status quo – not just a fancy logo or a tweet from a billionaire CEO. Inside of the froth however, there are investors and venture capitalists that think carefully about who they are investing in, why it is a durable venture and how to create the best impact for everyone.

In this episode of Secure Talk, host Justin Beals welcomes Rey Kirton from Forge Point Capital to discuss venture capital's unique role in the cybersecurity industry. Rey shares his journey from consulting to venture capital, outlining the importance of building meaningful long-term relationships with companies he invests in. He explains how Forge Point Capital develops investment theses and highlights the value of solution-based, data-driven AI applications. The conversation delves into the significance of listening to customer feedback, industry patterns, and emerging themes like edge computing and AI in cybersecurity. The episode is a must-listen for founders and investors navigating the current market landscape, offering insights into building successful business partnerships and understanding evolving technology trends.

00:00 Welcome to SecureTalk

00:36 Introducing Our Guest: Ray Kirton

01:30 Rey Kirton's Career Journey

02:25 Venture Capital Insights

05:14 The Role of ForgePoint Capital

06:55 Investment Strategies and Challenges

17:01 AI in Cybersecurity

21:45 Leveraging Proprietary Data for AI and Data Science

23:19 The Rise and Fall of Blockchain and Crypto Hype

28:10 Understanding Venture Capital Dynamics

34:31 Future Trends in Technology and Investment

37:56 Advice for Aspiring Founders

39:09 The Importance of Customer Feedback

42:47 Building Strong Investor Relationships

Ethics and Innovation in Medical AI: A Conversation with Dr. Paul Campbell Oct 08, 2024

"If you torture the data long enough, it will confess to anything" said Ronald Coase. Certainly the advent of AI has created some spectacular progress and failures. In the realm of patient care AI tools can have a powerful impact and there is little room for error. How do professionals in the Medical Device and Medical Software space prepare their solutions for the market?

In the latest episode of SecureTalk, Justin is joined by Dr. Paul Campbell, who serves as the Head of Software and AI at the UK's Medicines and Healthcare products Regulatory Agency (MHRA). Dr. Campbell discusses his journey from pharmacy to becoming a prominent figure in healthcare IT and regulated software. The conversation covers the development of AI in healthcare, the global standardization of regulations, and the MHRA’s innovative initiatives such as AI Airlock, which are driving progress in medical technology. The discussion also delves into the vital role of data representation, ethical considerations in AI, and the complexities of implementing advanced technologies in real-world medical settings.

Cyber Warfare and National Cyber Defense with Jason Healey Oct 01, 2024

Much of the United States' progress since World War II on the global stage is due to a powerful partnership between private industry and the US government. The internet itself was a DARPA research project now turned into an economic juggernaut. How do we feed and support this powerful partnership?

In this episode of SecureTalk, host Justin Beals welcomes Jason Healey, a senior research scholar at Columbia's School for International and Public Affairs. Jason, a pioneer in the field of cyber threat intelligence and former intelligence officer, discusses his extensive career and the evolution of cyber defense from the late 1990s to today. Topics include the origins of cybersecurity, the challenges of cyber warfare and policy, and the balance between defense and innovation. Jason elaborates on the critical role of metrics such as mean time to detect in measuring cybersecurity effectiveness and emphasizes the importance of harmonizing regulations and frameworks in the U.S. A detailed analysis of recent cyber incidents and the necessity for more robust cyber policies underlines the insightful conversation, making it essential listening for cybersecurity professionals.

Making Security a Part of Product Development with Naomi Buckwalter Sep 24, 2024

I’ve participated or led technology product teams for 25 years. And engaging in effective security practices was three simple activities: least privileges, change management and network/server configurations. But in an ever-changing security environment, how do security leaders engage product teams in effective practices? Join us on Secure Talk with Naomi Buckwalter, the Senior Director of Product Security at Contrast Security.

Throughout our conversation, Naomi shares her intriguing journey into the field of cybersecurity, from her early interest in tech and her educational background to landing a significant role at Vanguard Financial and eventually becoming a thought leader in cybersecurity. She explains the critical distinction between secure architecture reviews and secure code reviews and delves into the importance of trust and collaboration between developers and security engineers. Naomi also emphasizes the importance of inclusive hiring and discusses how she has successfully integrated individuals from non-traditional backgrounds into cybersecurity roles. As the founder of Cybersecurity Gatebreakers she helps technology teams find “young-in-career” talent ready to make an effective contribution. A poignant part of the discussion revolves around the concept of 'sec-splaining,' the need for excellent communication, and why security should be seen as a service to the business. This conversation is a must-listen for cybersecurity experts looking to enhance their understanding of team building and effective security management for software development.

-----
Additional Resources:
Books:
"The Smartest Person in The Room" by Christian Espinosa

https://christianespinosa.com/books/the-smartest-person-in-the-room/

"Five Disfunctions of a Team" by Patrick Lencioni

https://www.amazon.com/Five-Dysfunctions-Team-Leadership-Fable/dp/0787960756

From Cryptography to Web 3 powered by Blockchain with David Holtzman Sep 17, 2024

The state of networked computing systems today relies heavily on a networking architecture designed and implemented by people like David Hotlzman, our guest on Secure Talk. But what if our current “world wide web” was just the progenitor of an n-dimension “internet stack”? Does Web 3 offer the opportunity to evolve a seemingly monolithic internet?

In this episode of SecureTalk, host Justin Beals interviews David Holtzman, the brains behind the global domain name registration system and a former NSA analyst. They delve into the history and evolution of the DNS, discussing how it transformed from a single 'host.txt' file to a robust global system impacting millions of domain names. David shares his thoughts on decentralization, the potential of blockchain technology, and the future of cybersecurity in the wake of quantum computing. They also touch on the implications of AI, the cyclical nature of tech fads, and the importance of innovative yet secure solutions in today's rapidly evolving cyber environment. This episode is a must-listen for cybersecurity experts interested in the complex interplay between technology, governance, and security.

Behind the Ballot: Election Security Insights with Mark Listes Sep 10, 2024

It is election season in the United States and there continues to be a lot of FUD around the security of our elections. We decided to sit down with an expert to discuss election security and how citizens here in the United States should consider this civic event.

Join host Justin Beals and guest Mark Listes as they delve into the critical topic of election security. Mark, CEO of Pendulum and former Head of Policy at the U.S. Election Assistance Commission, shares his extensive expertise on managing election security and the intricate relationship between technology and trust in the electoral process. They explore the complexities of pre-vote misinformation, the robustness of various voting systems, and how the integrity of election results is maintained amidst emerging cybersecurity threats. Mark also highlights Pendulum's new tool, ElectionIQ, which aids businesses in navigating election-related risks. The discussion sheds light on the vital role of trust and participation in sustaining democracy, making it a must-listen for cybersecurity professionals seeking to understand the current landscape of election integrity.

The Human Toll of Jobs / Security with Danny Goodwin & Edward Schwarzschild Sep 03, 2024

In this episode of Secure Talk, host Justin Beals sits down with Danny Goodwin and Ed Schwarzschild, the authors of the book 'Job / Security: A Composite Portrait of the Expanding American Security Industry'. They delve into the multifaceted world of security work, bridging personal experiences and professional insights. Goodwin, a professor and chair of the Department of Art and Art History, and Schwarzschild, director of creative writing at SUNY Albany both had family members who worked in the security field that required secrecy. The shared formative experiences blossomed into a discussion about families and the impact of jobs on security.

Realizing that the security field has been rapidly growing, they used expertise in the humanities to explore security jobs and their impact on individuals, families and our community at large. The podcast covers their methods of capturing authentic experiences through interviews and photography, bringing a human touch to a field often viewed through a critical or technical lens. Danny and Ed recount their past roles in security and detail compelling stories from their book, including experiences of border patrol agents, military security and cybersecurity professionals. The discussion also touches on the companion exhibition for “Jobs / Security” and their plans for expanding the project globally. This episode is a must-listen for those interested in the intersection of security and humanity.

Book: 'Job / Security: A Composite Portrait of the Expanding American Security Industry'. (2024) https://mitpress.mit.edu/9780262048699/jobsecurity/

Exhibition: Job Security: Voices and Views from the American Security Industry. August 12- December 9, 2024 - University at Albany SUNY
https://www.albany.edu/museum/exhibitions/job-security-voices-and-views-american-security-industry

Hack to Learn: Integrating Humanities into Cybersecurity with Aaron Mauro Aug 27, 2024

How do we predict the future? In our respective technology and security fields we are often asked to prognosticate on “what’s next?”. Understanding current trends is certainly helpful but what if you could reach far into the future and describe humanity and our relative progress?

In this week's episode of SecureTalk we host an Associate Professor of Digital Media at Brock University, to discuss the intersection of cybersecurity and the humanities. Our guest's recent works include, 'Hacking the Humanities' and 'The Language of Cyberattacks,' delve into how digital culture, app development, and natural language processing intersect with cybersecurity.

Listen in as we discuss William Gibson predicting the future of the internet and our examination of the cultural consequences of cybersecurity, emphasizing the need for broader digital literacy, the evolving landscape of internet privacy, and how speculative fiction can inform ethical questions and possible futures. They also touch on real-world incidents like the 'Parlor tricks' hack, demonstrating how programming literacy can empower individuals to navigate and influence the digital ecosystem. The conversation underscores the vital role of humanistic perspectives in understanding and shaping the cybersecurity landscape.

Redefining Cybersecurity Strategies Aug 20, 2024

In this episode of Secure Talk, Justin Beals, founder and CEO of Strike Graph, hosts Bruce Schneier, a renowned security technologist, author, and lecturer at the Harvard Kennedy School. Schneier discusses his book 'A Hacker's Mind,' sharing insights into the psychology of security, societal impacts of cybersecurity, and how businesses can better align security practices with human psychology. He emphasizes the economic incentives behind security design, the concept of decoupling for enhanced security, and addresses the role of public awareness and policy in cybersecurity. Schneier also touches on the pervasive nature of hacking, the importance of building resilient systems, and the integration of computers into every aspect of our lives, highlighting the increasing importance of security by design.

Security Threats from the Chrome Web Store with Sheryl Hsu Aug 13, 2024

Have you ever wondered how secure your browser extensions really are? On our latest Secure Talk episode join us for a discussion with Sheryl Hsu, a researcher from Stanford Empirical Security Research Group. We discuss their recent paper “What is in the Chrome Web Store? Investigating Security-Noteworthy Browser Extensions.” Sheryl and the team at the Stanford Empirical Security Research Group show that Security-Noteworthy Extensions (SNE) are a significant issue as they have a pervasive presence in the Chrome Web Store for years and affect almost 350 million users. In this great discussion we talk about the threat capabilities of nefarious code executed by plugins in the Chrome Browser. We also talk about the perverse incentives at Alphabet in managing the Chrome Web Store. They need to make plugins that have powerful capabilities, easy to deliver and sticky. But this creates the opportunity for powerful cybercrime tools, easily installed that are rarely inspected. Fundamentally we ask 'who is responsible for security in the “app” economy'? Research: https://arxiv.org/abs/2406.12710

Unraveling the Layers of HIPAA: A Deep Dive into Data Security with Iliana Peters Aug 06, 2024

In this episode of SecureTalk, host Justin Beals, CEO of StrikeGraph, discusses the complexities of HIPAA, data privacy, and healthcare security with expert Ileana Peters, a shareholder at Polsinelli. Once a leader in regulatory enforcement for US Health and Human Services she talks with Justin on how to manage compliance. Peters shares insights from her extensive experience at the Department of Health and Human Services, and addresses the nature of HIPAA regulations, the importance of risk analysis and workforce training, as well as the intricacies of regulatory compliance. The conversation dives deep into the intersection of innovation, healthcare privacy, and security, offering valuable advice for businesses and stakeholders in the rapidly evolving landscape of cybersecurity and healthcare regulations.

Navigating HIPAA Compliance with Confidence Jul 30, 2024

In December 2023 the U.S. Department of Health and Human Services reported that the medical data of more than 88 million people was exposed in the first ten months of 2023. A 2018 Trustwave Global Security Reported that a single healthcare record would receive an average of $250.15 when sold, 50 times more valuable than a stolen credit card. 92% of stolen patient records were criminally acquired. This is a 9x increase over the past five years affecting over 145 million people. Patient Healthcare Information is the most sensitive, valuable and prolific security challenge of the present day. Thankfully, we have this information due to the oft-maligned HIPAA law. Truly innovative for its time and often updated due to its popularity, it is a great accomplishment in privacy law. However, like most laws, its implementation for a business can be fraught. Consulting on HIPAA has become its own industry with an army of consultants and legal experts. In this episode of Strike Graph we are going to delve into the 2nd edition of “The Practical Guide to HIPAA Privacy and Security Compliance.” with the authors Rebecca Harold and Kevin Beaver. The discussion highlights the importance of a comprehensive approach to HIPAA compliance, common myths, and challenges facing healthcare organizations today. The episode also addresses the growing threat of cybercrime, the evolving landscape of data security, and practical steps organizations can take to safeguard patient information. A must-listen for professionals navigating the complex world of healthcare data security.

Crisis Fighting: How to plan a successful security incident Jul 23, 2024

It seems a new security crisis is emerging at a weekly pace. The emergence of critical security breaches, data exposures and digital infrastructure failures has vastly accelerated in the last 5 years. What happens when your job is to operate in a crisis? Join us for the next episode of Secure Talk where we sit down with Vice Admiral Mike LeFevre (ret.) the CEO of Concentric Security and Roderic Jones ex-Scotland Yard and Executive Chairman of Concentric as they share their deep experience in crisis management. Their valuable insights were gleaned as Mike LeFevre commander, Office of the Defense Representative to Pakistan during the killing of Osama Bin Laden and as Roderick Jones served for Scotland Yard’s Special Branch focused on international terrorism. Their insights delve into four key phases of crisis management—911 moments, second and third-order effects, steady state, and the road to normalcy—while underscoring the importance of leadership, preparation, and external relationships. They also highlight the critical need for cyber risk management in today's evolving threat landscape. This episode also covers their book, 'End Game First: A Leadership Strategy for Navigating a Crisis,' which serves as a guide for cybersecurity leaders.

Creating the dark web: How the TOR browser was invented Jul 17, 2024

What software do radical techno-libertarians, the CIA, Privacy Advocates, the US State Department and Cyber Criminals use every day? The TOR Browser. In this compelling episode of SecureTalk, Justin Beals, the Founder and CEO of Strike Graph, discusses the book ‘Tor: From the Dark Web to the Future of Privacy’ with its author, Ben Collier, a Lecturer in Digital Methods at the University of Edinburgh. This episode traces the early anonymity problems that the US military and libertarian-minded computer scientists were attempting to solve. How they created a partnership and worked together to invent a solution that could provide global privacy at the dawn of the information age. Ben provides powerful insights into the motivations behind its invention and the future of our connected world.

Cyber Threat Intelligence: Getting to know the adversary Jul 09, 2024

"They're not trying to be gracious here. They're trying to make as much money as they can with that personal data.” - Mary D'Angelo Join us for this Secure Talk podcast to unmask the activity of cyber criminals on the dark web. Mary D’Angelo, an expert in Cyber Threat Intelligence, helps us “follow the money” and understand the aggressive tactics being used by threat actors to steal and monetize your data. Discover how these criminal organizations are monetizing your personal data before it even surfaces in the dark corners of the internet and how the long tail of data breaches can follow your organization for years.

The #1 Vulnerability in Cybersecurity is Us. Jul 02, 2024

98% of cyberattacks rely on social engineering. An average business organization faces over 700 social engineering attacks annually. And 90% of data breach incidents target the human element to gain access to sensitive business information. How can understanding human psychology help your cybersecurity defense? On the latest SecureTalk, I engage in a profound conversation with Dr. Abbie Marono, a behavioral scientist from social-engineer.com. We explored how nonverbal communication and emotional triggers play crucial roles in cyber threats. This insightful discussion reveals that our trust and cooperative nature, while beneficial, can also be exploited by skilled attackers. Dr. Marono’s ability to blend her academic research with practical cybersecurity applications is a testament to the power of multidisciplinary knowledge. Her insights on preference for trust and how nonverbal communication plays a part in that can help transform the people in your organization into a primary defense mechanism. Don't miss out on these valuable insights for enhancing your security approach!

Hacking a Nation: Alejandro Caceres’ Bold Attack on North Korea Jun 25, 2024

From childhood hacking experiments to disrupting North Korea's internet, Alejandro Caceres shares his incredible journey and the future of cyber warfare on SecureTalk. From the early days of modems and personal computers Alejandro was deeply interested in connective computing. The early days of exploring BBS’s, telecom networks and digital modems revealed Alejandro’s talent and expertise for understanding vulnerabilities in systems. Later as a professional “red teamer”, by searching for paid vulnerabilities in common systems like Google Chrome, Alejandro was approached by a “friend of a friend” to perform some analysis. That analysis was an attempted hack on Alejandro by a North Korean operative. Tune into this intriguing episode as we chat with Alejandro about his journey as a professional cybersecurity hacker. How he was attacked, and how he responded by hacking North Korea. What does it take to hack an entire country? Alejandro Caceres, the mastermind behind a massive cyber attack on North Korea, tells all in this gripping episode of SecureTalk. #cybersecurity #databreach #northkorea

Mastering the Role of CISO: Advice from Todd Fitzgerald Jun 18, 2024

What are the essential principles for successful CISO leadership? In this episode of SecureTalk, Justin Beals, founder and CEO of StrikeGraph, sits down with cybersecurity expert Todd Fitzgerald to explore this question. As the author of 'CISO Compass' and the newly released 'Privacy Leader Compass,' Todd shares his journey from a computer programmer to a cybersecurity leader and touches on critical topics from his books. The discussion delves into the evolution of the CISO role, and his approach to CISO strategy, including different methodologies such as incident-driven and vision-driven approaches. Todd also provides an insider perspective on the renowned SolarWinds hack and the lessons it offers for improving security measures. With over 20 years of experience as a Chief Information Security Officer, Todd's insights offer invaluable guidance for navigating the complexities of cybersecurity.

Dynamic Data Safety: Purandar Das on Encryption and Beyond Jun 11, 2024

If data is at the center of your risk profile, how resilient is your current encryption? In this episode of Secure Talk we discuss encryption with Purandar Das a deep expert in data encryption and CEO of Sotero. The conversation also explores his early influences, the role of a CTO, the evolving challenges in data security, and the importance of adaptive leadership. Purandar shares insights on the effectiveness of current encryption algorithms, the impact of quantum computing, and the development of AI-driven solutions for data security. We also review the LastPass breach, highlighting the importance of strong encryption practices and the ongoing evolution of cybersecurity threats. This episode is a must-listen for cybersecurity experts and enthusiasts looking to stay ahead in the rapidly changing information security landscape.

Decoding Cyber Resilience: Insights from Absolute Security's Christy Wyatt Jun 04, 2024

On this episode of Secure Talk we meet with Christy Wyatt the CEO of Absolute Security, and the importance of cyber resilience. We discuss topics of security complexity, compliance, fostering a security-conscious culture, and managing cyber risks effectively. Additionally, discussions explore device compliance, self-healing hardware capabilities, and strategies against ransomware. The podcast also touches on business continuity planning involving remote users, the challenges posed by ransomware attacks, considerations for AI integration, and privacy implications within the cybersecurity sector.

A Perfect Fit: Using risk to get the right sized security with Christopher Hodson. May 28, 2024

Is ‘Security Theater’ plaguing your efforts for cyber resilience? Chris Hodson author of “Cyber Risk Management” gives us a reality check on SecureTalk. Discover why risk is the cornerstone of every security program and how his book guides CISO’s and security leaders through effective security posture scoping. Delve into aligning security with business goals, evolving CISO roles, compliance challenges, and the impact of AI. Understand the importance of risk acceptance in corporate decision-making, the role of AI in security, multi-factor authentication, and the real-world implications of security breaches. Explore cybersecurity risk management with expert Chris Hodson and Strike Graph CEO Justin Beals.

The Algorithmic Mirror: Reflecting on Data’s Role in Modern Life May 14, 2024

Ever wonder how data invisibly shapes our world? Or what does the TikTok controversy really reveal about global cybersecurity threats? "The Secret Life of Data" episode on SecureTalk dives into these questions and more with authors Aram Sinnreich and Jesse Gilbert. Highlights include: 1. The real implications of the TikTok ban examined from a cybersecurity lens. 2. Unpacking how our digital habits are influenced by algorithms we seldom understand. 3. Exploring avenues for ethical data management and the role of individuals in data stewardship. Join us for a deep dive into the interconnected world of data, security, and societal transformation. Your thoughts on reshaping our digital futures are welcome!

Navigating Cyber Threats: FBI Perspectives on Protecting Business and Family Apr 30, 2024

How safe is your digital footprint? This week on SecureTalk, we sit down with Scott Augenbaum, a retired FBI agent turned cybercrime prevention guru, to dissect the LastPass breach and extract lessons that resonate with every cyber enthusiast. Through the lens of "The Three Truths," Scott demystifies common misconceptions about cybercrime and unveils strategies to navigate the minefield of digital threats. Tune in to this thought-provoking episode and empower yourself with the knowledge that could be the difference between being a victim and a victor in the cyber realm As cybersecurity experts and enthusiasts, how do you evaluate your practices in light of these insights?

Hacking the Human OS: Insights from Social Engineering Expert Christopher Hadnagy Apr 16, 2024

Join host Justin Beals as he explores the art of human hacking with Chris Hadnagy, CEO of Social Engineer, LLC, and renowned author in social engineering. Discover Hadnagy's compelling journey through security and computer science, including pivotal incidents, pioneering social engineering frameworks, and collaborations with agencies like MI5 and the FBI. Gain insights into ego suspension, nonverbal communication, and defense strategies against social engineering, emphasizing empathy, education, and technology in cybersecurity.

Reputation as a risk: understanding the security threat of harmful narratives Apr 02, 2024

In this gripping episode of Secure Talk, hosted by Justin Beals, we dive deep into the fascinating intersection of technology, governance, and society. Our special guest, Mark Listes, CEO of Pendulum, discusses his journey from a coding enthusiast to a champion of cybersecurity and democracy. The episode takes a compelling turn as we explore a riveting case study on a data breach involving Carta and Linear. Discover how internal governance and public narratives play crucial roles in securing data and maintaining trust.

Decoding Disaster: An Analysis of Four Pivotal Cybersecurity Breaches Mar 27, 2024

The Secure Talk podcast, hosted by Justin Beals, presents a bonus episode discussing recent security breaches with guests Stephen Farrell of Ideagen, Paul Bingham of Western Governors University, Raffaele Mattone of Judy Security, and Alex Cox of LastPass. The episode covers the 23andMe data breach, Microsoft government email hacks, the Whitworth University ransomware attack, and insights on the LockBit ransomware takedown. It highlights breach responses, risks of consumer DNA data, and evolving cybercrime operations.

Mastering Cyber Shadows: Alex Cox's Take On LockBit's Resilience And The Role Of Threat Intelligence Mar 19, 2024

This Secure Talk podcast interviews Alex Cox, Director of Threat Intelligence for LastPass. We discuss the evolution of cybercrime, the significance of threat intelligence, and the recent takedown of the notorious ransomware group, Lockbit. The conversation covers Alex’s background in law enforcement and cyber security, the progression of cybercrime from Zeus Trojan to ransomware, the entrepreneurial approach of cybercriminals in the development of ransomware operations, and the increasing complexity of cybercriminal organizations. The interview delves into the functioning of Lockbit, its business-focused model with customer support and blog site, and its resilience in resurfacing after takedowns. Furthermore, the conversation touches on the shifting landscape of cybercrime, the interplay between cybercriminal organizations and nation-states, and the challenges in combating cybercrime, including the use of cryptocurrency for money laundering. As the conversation concludes, Alex provides insights into the professional and adaptive nature of cybercriminals, emphasizing their vigilance in understanding the actions of cybersecurity professionals. Overall, the interview offers valuable insights into the complex world of cyber threats, the role of threat intelligence, and the ongoing battle between cybercriminals and law enforcement.

Preventing phishing and ransomware: how Raffaele Mautone is safeguarding mid-size businesses Mar 05, 2024

Secure Talk invited CEO and Founder of Judy Security Raffaele Mautone to join us as a guest. The conversation focuses on a cybersecurity breach involving Whitworth University, covering the details of the breach, the response by the university, the challenges faced, and the importance of communication and disaster recovery plans in the event of a ransomware attack. The discussion also highlights the significance of having a multi-faceted approach to protecting data, including paper backups and encrypted data storage. The guest, Rafael, emphasizes the need for founders and small to mid-sized businesses to prioritize effective communication and response plans, as well as the potential vulnerabilities and risks they should be aware of in the cybersecurity landscape.

The Accountant Turned FBI Agent: Paul Bingham’s Contribution to Cybersecurity Feb 21, 2024

In this Secure Talk episode we welcome Paul Bingham, a former FBI Cybercrime Investigator and currently the Senior Vice President and Executive Dean at the College of Information Technology at Western Governors University. The discussion spans Paul’s 25 year career in the FBI fighting cybercrime, his transition to academia, and his insights on cybersecurity. Key points include advice for those interested in career paths like cybersecurity or FBI, Paul’s perspective on a Microsoft security breach, and understanding Western Governors University’s competency-based education approach.

HealthTech, GAMP and 23andMe: A conversation with Stephen Ferrell, security leader in Life Sciences. Feb 08, 2024

How do you secure critical infrastructure that provides life-saving products? Life Sciences, BioPharma, and Health Tech companies hold some of the most valuable and private data. Security guards these organizations against motivated hackers, legal liabilities, and patient privacy. We are speaking with Stephen Ferrell, a leader in security for the life sciences space. We’ll highlight the significance of GAMP and its risk-based approach. Finally, they analyze the 23andMe data breach and the risks associated with DNA data.

Secure Talk has a new host! Measuring Security and the impact of AI on Security certification. Jan 19, 2024

In this episode, Mark hands over the leadership of the SecureTalk podcast to Justin Beals, the CEO of StrikeGraph. They discuss security's complexity and measurement's role in ensuring effective security practices. Justin shares his perspective on security and how StrikeGraph helps organizations identify and operationalize the right security practices. They also discuss the impact of AI on security and the growing demand for security standards and certifications. Justin outlines his plans for SecureTalk, which include continuing to make security an approachable conversation and bringing in experts to discuss the future of security. The Secure Talk Cybersecurity Podcast https://securetalkpodcast.com/

Self-Sovereign Identities, Zero-Knowledge Credentials, and AI Digital Assistants Aug 21, 2023

Chris Were is the Co-Founder and CEO of Verida, a network of decentralized data storage, messaging, and single sign-on solutions that enable interoperable ownership of personal data for Web3. In this episode of Secure Talk, Chris talks about self-sovereign identities, zero-knowledge credentials, and crypto wallets, and explains how personal will unlock AI digital assistants. Verida https://www.verida.io/

A Better Way to Deploy Cloud Infrastructure Jul 27, 2023

Cory O'Daniel is the CEO and Co-Founder of Massdriver a company that provides self-service capabilities for deploying cloud infrastructure in an optimal manner for both cost and governance. Cory talks a bit about Massdriver's service and explains the challenges of traditional dev ops, and how dev ops is evolving. He also talks about what founders should look for when selecting a funding partner. Massdriver https://www.massdriver.cloud/ The Secure Talk Podcast https://securetalkpodcast.com/

Threat Modeling for Software Design & Development Jul 24, 2023

Stephen de Vries is the Co-Founder and CEO of IriusRisk a cybersecurity firm that helps companies to identify threats and improve security processes in the design and rollout of software. Stephen explains how IriusRisk helps its customers and also talks about the changing regulatory and threat landscapes related to cybersecurity. IriusRisk https://www.iriusrisk.com/ The Secure Talk Podcast https://securetalkpodcast.com/

Secure Remote Access with Karen Gondoly, CEO of Leostream Jul 17, 2023

Karen Gondoly is the CEO and VP of Project Management of Leostream, a leading connection management platform for virtual desktop infrastructures. Karen talks about some of the key trends related to security, access, and performance in the remote desktop access space. Leostream https://leostream.com/ The Secure Talk Cybersecurity Podcast https://securetalkpodcast.com/

Security Technology for De-Fi Investors Jul 12, 2023

Dr. Shira Brezis is the CEO & Co-Founder of Redefine, an end-to-end security technology provider for decentralized finance (De-Fi) investors. Shira talks about the current state of crypto security and De-Fi risk mitigation strategies are evolving. Redefine https://redefine.net/ The Secure Talk Cybersecurity Podcast https://securetalkpodcast.com/

AI Cameras, Autonomous Vehicles, and More! Jun 30, 2023

Chris Piche is the CEO and Founder of Smarter AI. Chris explains what AI cameras are and how they are used. He also discusses some of the challenges for the deployment of fully autonomous vehicles. Smarter AI https://smarterai.camera/ The Secure Talk Cybersecurity Podcast https://securetalkpodcast.com/

Service Now Security Advantages Jun 27, 2023

Sean McDermott is the Founder and CEO of the Windward Consulting Group, a Service Now Elite Partner. Sean provides an overview of Service Now's advantages in service management, operations management, and security. He also explains why companies make a decision to use Service Now and how they select a partner to assist their digital transformation. Windward Consulting https://windward.com/ The Secure Talk Cybersecurity Podcast https://securetalkpodcast.com/

Multi-Chain NFT Trading, with Lasha Antadze Founder of Rarify Labs Jun 21, 2023

Lasha Antadze is the Founder of Rarify Labs one of Rarimo’s service providers. He talks about how NFTrade and Rarimo are launching the first marketplace that enables users to purchase NFTs with any cryptocurrency on any chain. Users can now execute multi-chain transactions with a single signature, a single transaction fee, and a single click. Lasha explains what this means for the wider NFT ecosystem. He also discusses topics such as digital sovereignty and the present and future state of cryptocurrencies, blockchains, and NFTs. Rarify Labs https://www.rarifylabs.com/ The Secure Talk Cybersecurity Podcast https://securetalkpodcast.com/

The Cure for a Failing Data Privacy Strategy Jun 15, 2023

Sean Falconer is the Head of Marketing & Developer Relations at Skyflow, a Co-Host of Software Engineering Daily, and the sole host of the data privacy and compliance podcast Partially Redacted. In this episode, Sean explains why many data privacy strategies fail and how to fix them. He also talks about the danger of using tools such as ChatGPT and how web applications can limit their threat surface by using tools to protect and encrypt data. Skyflow https://www.skyflow.com/ The Partially Redacted Podcast https://www.skyflow.com/podcast The Secure Talk Cybersecurity Podcast https://securetalkpodcast.com/

Mobile Safety: How to Ensure You Aren't Being Tracked May 24, 2023

David Sinclair is the Founder and CEO of 4Freedom Mobile. David talks about the different ways public and private organizations can track individuals, monitor their activity, and collect personal data. He also explains some best practices to prevent being tracked and to protect your personal information. 4Freedom Mobile https://4freedommobile.com/ The Secure Talk Cybersecurity Podcast https://securetalkpodcast.com/

Cybersecurity Risks with SaaS Applications May 22, 2023

Nick Harrahill is the Director of Customer Support at Spin.ai. In this episode of Secure Talk, Nick talks about some key findings in a recently released report on the security risks associated with SaaS applications. He gives examples of the most common attacks and introduces some best practices to counter such attacks. Spin.ai https://spin.ai Report on SaaS Application Risks https://spin.ai/saas-application-risk-report/ The Secure Talk Cybersecurity Podcast https://securetalkpodcast.com/

Engaging Your Team in Cybersecurity May 11, 2023

Darren Gallop is the Co-Founder and CEO of Carbide, a cybersecurity firm that provides businesses of all sizes with the tools they need to adopt a strong cybersecurity and compliance posture. In this episode, Darren talks about how to engage your team in cybersecurity to build a secure by-default company and how to showcase your company's cybersecurity posture in a way that helps you close deals faster and earn greater customer trust. He also gives advice on cybersecurity education and how to choose a VPN provider. Carbide https://carbidesecure.com/company/ The Secure Talk Cybersecurity Podcast https://securetalkpodcast.com/

Zero-Trust Content Security May 08, 2023

Aviv Grafi is the Founder and CTO of Votiro. In this episode Aviv explains what zero-trust content security is and how it can greatly reduce the risk of compromise from weaponized documents. Votiro https://votiro.com/ The Secure Talk Cybersecurity Podcast https://securetalkpodcast.com/

API Security Challenges & Solutions May 02, 2023

Jeremy Snyder is the Founder and CEO of FireTail.io, an API security platform. On this episode of Secure Talk, Jeremy explains how the explosion in the number of APIs has caused security issues for most organizations. He then introduces several best practices for securing APIs and the various apps that they connect with. FireTail https://www.firetail.io/ The Secure Talk Cybersecurity Podcast https://securetalkpodcast.com/

How to Select a VPN Provider May 01, 2023

Michal Cizek is Co-Founder and CEO at GoodAccess, a global SaaS VPN provider that has customers in 120 countries. Michal explains the ins and outs of the VPN market and talks about what businesses should look for in a VPN provider. He also shares his thoughts about creating an effective organizational culture and building a Teal Organization. GoodAccess https://www.goodaccess.com/ The Secure Talk Cybersecurity Podcast https://securetalkpodcast.com/

How to Implement an Effective Cloud Risk Management Strategy Apr 25, 2023

Eric Kedrosky, CISO at Sonrai Security, talks about some specific steps companies can take to implement an effective cloud risk management strategy. He discusses topics including identity management, data discovery, cloud security, and vulnerability management. Sonrai Security https://sonraisecurity.com/ The Secure Talk Cybersecurity Podcast https://securetalkpodcast.com/ Youtube https://youtu.be/9rxhtvuQac4

2023 OpenText Cybersecurity Threat Report & Recommendations Apr 19, 2023

Grayson Milbourne is the Security Intelligence Director for OpenText Cybersecurity. In this episode, Grayson talks about some of the findings of the 2023 OpenText Cybersecurity Threat Report related to the most common types of cyber threats and discusses the advantages of a multi-layered approach to cybersecurity. Grayson also provides recommendations for cyber awareness and training. OpenText Cybersecurity https://www.opentext.com/products/cyber-security The Secure Talk Cybersecurity Podcast https://securetalkpodcast.com/

Democratizing Data with Tim Tutt, CEO and Co-Founder of Night Shift Development Apr 17, 2023

Tim Tutt is the CEO and Co-Founder of Night Shift Development, a company that is on a mission to democratize data analytics by making it easier for users of any technical skill level to get value from their business data. Tim talks about democratizing data analytics and business intelligence, how to become more data curious, and discusses some important trends in technology. He also explains how cybersecurity professionals can benefit from making data more accessible. Night Shift Development https://www.nightshiftdevelopment.com/ The Secure Talk Cybersecurity Podcast https://securetalkpodcast.com/

Data Protection as a Services with "Mr. Backup" W. Curtis Preston Apr 13, 2023

W. Curtis Preston, AKA Mr. Backup, is an expert in backup & recovery systems, a space he has been working in since 1993. He has written four books on the subject, is the founder and webmaster of backupcentral.com, and is the host of the Restore it All Podcast. Curtis is also the Chief Technical Evangelist at Druva, a data protection as a service company. In this episode of The Secure Talk Cybersecurity Podcast, we talk with Curtis about data protection as a service (DPaaS), backup basics, and the importance of having an incident response plan. Curtis also talks about the recent trend toward backups being a priority target for hackers. Druva https://druva.com/podcast Backup Central https://www.backupcentral.com/ The Secure Talk Cybersecurity Podcast https://securetalkpodcast.com/

Dez Rock, CEO of SIEMonster Apr 07, 2023

Dez Rock, CEO of SIEMonster, talks about her team's pro bono work protecting Rabia Chaudry, and explains the differences between red team and blue teams in cybersecurity. She also discusses the SIEM market, best practices for hiring, and shares some great Chris Rock stories. SIEMonster https://siemonster.com/ The Secure Talk Cybersecurity Podcast https://securetalkpodcast.com/

How Software Developers use Red Teaming & White Box Audits to Improve Security and More! Apr 06, 2023

In this episode I talk with Andrew Woodhouse, CIO of RealVNC and Mario Heiderich Founder of Cure53 about how software developers can use Red Teaming & White Box Audits to improve the security and competitiveness of their platforms. We discuss the reasons for, the time and resources involved, and how to select appropriate partners for these important activities. RealVNC https://www.linkedin.com/company/realvnc/ https://www.facebook.com/realvnc https://twitter.com/realvnc https://www.youtube.com/user/RealVNCLtd https://www.reddit.com/r/realvnc/ Cure53 https://cure53.de The Secure Talk Cybersecurity Podcast https://securetalkpodcast.com/

Vendor Risk Management & Compliance in Healthcare Apr 03, 2023

Britton Burton is the Senior Director of Product Strategy at CORL Technologies and the Host of the CyberPHIx Podcast. Britton talks about some of the upcoming healthcare cybersecurity legislation in the U.S and also introduces some best practices related to third party risk management (TPRM). He also discusses the latest threat landscape and provides some useful guidance for healthcare providers. CORL Technologies https://corltech.com/ The Secure Talk Cybersecurity Podcast https://securetalkpodcast.com/

Financial Security in Chaotic Times Mar 31, 2023

Bryan Kuderna is a Certified Financial Planner and the author of What Should I Do with my Money?: Economic Insights to Build Wealth Amid Chaos. Bryan explains the key pillars of financial security and also discusses the importance of protecting our privacy and data. Kuderna Financial https://www.kudernafinancial.com/ The Kuderna Podcast https://www.kudernafinancial.com/the-kuderna-podcast The Secure Talk Cybersecurity Podcast https://securetalkpodcast.com/

The Evolution of Identity Standards and Identity Orchestration Mar 30, 2023

Eric Olden is the CEO of Strata the first distributed identity platform that solves the problem of fragmentation through a no-code software solution. He previously founded and exited Securant/ClearTrust and Symplified. He recently served as the SVP and GM at Oracle where he ran the identity and security business worldwide. Eric was a co-author of the SAML standard and has led the development of IDQL which solves policy, compatibility and security issues between multiple clouds. In this episode, Eric talks about the development and evolution of different standards including SAML and IDQL, explains the importance of identity orchestration, and introduces some of the key tenets of multi-cloud resiliency and continuity. Strata https://www.strata.io/ Hexa https://hexaorchestration.org/ The Secure Talk Cybersecurity Podcast https://securetalkpodcast.com/

How Online Communities Can Facilitate Information Sharing to Solve IT & Security Challenges Mar 28, 2023

Joe Gross is the Director of Solutions Engineering at Graylog. Joe talks about the development of Graylog's online community and best practices related to growing and increasing engagement with online communities. Joe also spends some time comparing the different types of log management platforms, their feature sets and pricing models. Graylog https://www.graylog.org/ The Secure Talk Cybersecurity Podcast https://securetalkpodcast.com/

Critical Device Security Strategies & Tools Mar 28, 2023

Samuel Hill is the Product Marketing Director for Cyolo Security. He specializes in critical device security, resilient IT strategies, and process integrity. Samuel introduces some best practices related to critical device security. He also talks about how he transitioned into the cybersecurity industry and provides some great advice for organizations and individuals related to cybersecurity and personal information protection. Cyolo https://cyolo.io/ The Secure Talk Cybersecurity Podcast https://securetalkpodcast.com/

How to Optimize Cybersecurity Training Mar 24, 2023

Ganesh Krishnan is the Co-Founder and CEO of Anzenna. Prior to founding Anzenna, Ganesh had worked in a number of top-level security and engineering roles for organizations including Yahoo!, LinkedIn, and Atlassian. He also launched Avid Secure in 2017 which was acquired just 18 months later. In this episode, Ganesh talks about why most cybersecurity training programs fail to deliver optimal results and introduces some best practices related to delivering effective training and establishing organizational cultures of trust. The Secure Talk Cybersecurity Podcast https://securetalkpodcast.com/

The Endpoint Management Vulnerability Gap Mar 23, 2023

Graham Brooks, Senior Security Architect at Syxsense, discusses the recently released research from Syxsense and Enterprise Strategy Group (ESG) that shows that unmanaged device utilization is resulting in an increasing number of security incidents. Graham also talks about the "must haves" for any endpoint management platform and explains how IoT devices, including those with a Human-Machine Interface (HMI), can be managed. Syxsense https://www.syxsense.com/ The Secure Talk Cybersecurity Podcast https://securetalkpodcast.com/

Becoming an Ethical Hacker Mar 21, 2023

Heath Adams, aka "The Cyber Mentor," is the Founder and CEO of TCM Security, an ethical hacking and cybersecurity consulting company. Heath is a CISSP and has received numerous credentials including QSA, PNPT, OSCP, Security+, Network+, and A+. And, while he enjoys ethical hacking Heath also loves to teach. His courses have been taken by over 170,000 people on multiple platforms including Udemy, YouTube, Twitch, and INE. In this episode of the Secure Talk Podcast, Heath talks about how he got his start in ethical hacking, what are the essential skills needed to become an ethical hacker, how he developed his online courses. Heath gives advice to those who wish to either learn more about ethical hacking or seek a career as an ethical hacker or penetration tester. He also shares some tips for business owners and consumers on how to improve their cybersecurity posture. TCM Security https://academy.tcm-sec.com/ Heath on Social Media: LinkedIn - https://linkedin.com/in/heathadams Twitter - https://twitter.com/thecybermentor YouTube - https://www.youtube.com/c/thecybermentor Twitch - https://twitch.tv/thecybermentor The Secure Talk Cybersecurity Podcast https://securetalkpodcast.com/

How to Prevent Synthetic Identity Theft Mar 20, 2023

JT Taylor, Senior Director of Fraud Investigations and Operations at ID.me, talks about synthetic identity theft, what it is, and how to prevent it. He also discusses some of the latest social engineering methods, and explains how ID.me has helped to significantly reduce the amount of fraudulent claims against government agencies. ID.me https://www.id.me/ The Secure Talk Cybersecurity Podcast https://securetalkpodcast.com/

Cybersecurity Breach Response & More Mar 17, 2023

Duane Laflotte is the CTO of Pulsar Security. Duane talks about the best way to respond to a data breach, what to do if your personal information is found on the dark web, and how to make sure your home appliances are not spying on you. Pulsar Security https://www.pulsarsecurity.com/ The Secure Talk Cybersecurity Podcast https://securetalkpodcast.com/

Third Party Risk Management (TPRM) with Lee Bristow, CTO of Phinity Risk Solutions Mar 16, 2023

Lee Bristow is the CTO of Phinity Risk Solutions, a provider of an automated third party risk management (TPRM) solution. Lee explains the importance of TPRM and discusses some best practices related to TPRM. Phinity Risk Solutions https://www.phinityrisk.com/ The Secure Talk Cyber Security Podcast https://securetalkpodcast.com/

Building Autonomy & Trust in Distributed Engineering Teams Mar 07, 2023

Nickolas Means is Vice President of Engineering at Sym. He has been leading software engineering teams for more than a decade in the HealthTech and DevTools spaces. Nick also co-hosts the Managing Up podcast. In this episode, Nick talks about the importance of autonomy and trust in distributed engineering teams and how companies facilitate the development of both. He also shares his thoughts on how to turn failures into learning lessons, leveraging a blameless mindset, and how best engineering can work alongside product and compliance teams. Sym https://symops.com/ The Managing Up Podcast https://www.managingup.show/ The Secure Talk Cyber Security Podcast https://securetalkpodcast.com/

Preventing Cyber Attacks Across the Software Supply Chain Mar 02, 2023

Neatsun Ziv is the Co-Founder and CEO of Ox Security, an end-to-end software supply chain security solution. Neatsun discusses the start-up ecosystem in Israel and then explains the key elements of preventing security issues with software supply chains. He also talks about key concepts and frameworks including Single Source of Truth (ASOC), CI/CD Security Posture, SBOM vs. PBOM, and the Open Software Supply Chain Attack Reference (OSC&R) framework. Ox Security https://www.ox.security/ The Secure Talk Cyber Security Podcast https://securetalkpodcast.com/

Security Training for Software Development Teams Feb 20, 2023

Laura Bell Main is the Founder and CEO of SafeStack Academy, a mission-driven and community-centric online training platform that provides software development teams with the skills they need to build high-quality, secure software. Laura shares best practices related to cyber security education, content development and delivery, and secure software development. SafeStack Academy https://safestack.io/ The Secure Talk Cyber Security Podcast https://securetalkpodcast.com/ Thank you for listening to the Secure Talk Cyber Security Podcast!

Automating Data Discovery & Security Feb 16, 2023

Tyler Young is the CISO at BigID a provider of integrated and automated data discovery, privacy, security, and governance tools. Tyler talks about the some of the must haves for data discovery and security and shares some of his observations related to funding opportunities in the cyber security space. BigID https://bigid.com/ The Secure Talk Podcast https://securetalkpodcast.com/ Thank you for listening to The Secure Talk Cyber Security Podcast!

Best Practices for Cybersecurity Practitioners Feb 10, 2023

Luis Valenzuela is Director, Data Loss Prevention & Data Governance for InComm Payments. He is also a CISSP and PMP. Luis talks about best practices for data loss prevention, data governance, and cybersecurity leadership. He also provides insights and advice related to transitioning to a career in cybersecurity, career advancement and the importance of continual leadership and subject matter-specific learning. InComm Payments https://www.incomm.com/ The Secure Talk Cybersecurity Podcast https://securetalkpodcast.com/

Optimizing Cyber Threat Detection & Response Feb 06, 2023

Sanjay Raja is the VP of Product Marketing and Solutions at Gurucul. Sanjay talks about the importance of automating threat detection and response through the implementation of targeted signal detection and evaluation, as well as deploying policies that allow for automated responses to various threats. Gurucul https://gurucul.com/ The Secure Talk Cybersecurity Podcast https://securetalkpodcast.com Thank you for listening to The Secure Talk Cybersecurity Podcast!

Cybersecurity Solutions for the Federal Government Feb 01, 2023

Steve Orrin, Federal Chief Technology Officer & Senior Principal Engineer for Intel talks about how he works with various government agencies to develop and deliver cybersecurity solutions. He explains the differences between working with enterprise customers compared to working with government agencies. He also explains how the federal government is implementing Zero Trust across all agencies, how AI is affecting cybersecurity and the cyber threat landscape, and gives some great book recommendations related to sci-fi and cybersecurity. Intel https://www.intel.com/ Intel Government Cybersecurity https://www.intel.com/content/www/us/en/government/cybersecurity.html The Secure Talk Cybersecurity Podcast https://securetalkpodcast.com/ Thank you for listening to The Secure Talk Cybersecurity Podcast!

Using Open Source Linux-Based Software for Identity Management Jan 27, 2023

Kevin Dominik Korte is the President of Univention North America. Kevin discusses the key components and benefits of a good identity management platform, when organizations should consider an open source solution, and explains the different requirements between private enterprises and schools. Univention https://www.univention.com/ The Secure Talk Cybersecurity Podcast https://securetalkpodcast.com/

Optimizing the Microsoft Security Stack Jan 25, 2023

André Keartland is a solutions architect at Netsurit. He has been working in the IT industry for almost 30 years. As a solutions architect, his role is to design and implement solutions for enterprise customers. Although he tries to be technology agnostic, André has become recognized as an authority on the Microsoft solution stack and has implemented a large number of Microsoft on-premise, cloud, and hybrid products and solutions, including Azure and Microsoft 365. In this episode of The Secure Talk Podcast, André shares his thoughts about the value of the Microsoft security stack and give suggestions on how to optimize many of the security related tools and settings that are included in M365. Netsurit https://netsurit.com/ Thank you for listening to The Secure Talk Cybersecurity Podcast! https://securetalkpodcast.com/

The Importance of, and Differences Between, Cyber Resilience, Disaster Recovery, and Backups Jan 20, 2023

Sagi Brody co-founded Webair in 1998 and is now the CTO of Opti9, a leading hybrid cloud solutions provider specializing in digital transformation, data storage, DevOps, backup and recovery, compliance-driven migration, managed cloud services, and cloud-first application services. As the CTO of Opti9, Sagi is responsible for product development, and research and development (R&D). He has extensive experience in all aspects of the cloud and interconnection industries, including infrastructure, networking, software development, automation, platforms, security, global network buildouts, and compliance. In this episode Sagi explains the differences between backups, disaster recovery, and cyber resilience and talks about benefits of working with a managed security service partner (MSSP). Opti9 https://opti9tech.com/ The Secure Talk Podcast https://securetalkpodcast.com Thank you for listening to The Secure Talk Cybersecurity Podcast!

Managed Security Services for Start-Ups and SMEs Jan 17, 2023

Scott McCrady is the CEO of SolCyber a provider of cybersecurity as a service. Scott talks about the role that a managed security service provider(MSSP) plays in the overall strategy for securing data and infrastructure and explains why SolCyber is primarily focused on serving the start-up and small-medium enterprise (SME) market. He also details the critical ingredients that comprise an effective MSSP offering. Prior to SolCyber, Scott built the Asia-Pacific-Japan (APJ) business at Symantec where he ran the global Managed Security Service, and the Symantec and Accenture Joint Venture. He then transitioned to FireEye pre-IPO to create their global MSS business and led the development of the APJ market. SolCyber https://solcyber.com/ The Secure Talk Cybersecurity Podcast https://securetalkpodcast.com/

A Vaccine Approach to IoT Device Cybersecurity Jan 09, 2023

Amit Serper is the Director of Security Research at Sternum IoT and is the one who found a 'vaccine' for NotPetya. He believes it’s time to look past the ‘patchability’ approach and implement a ‘vaccine’ like solution. In this episode Amot talks about embedded device security, the vaccine approach, and introduces some of the key aspects of Sternum IoT's autonomous security and observability platform. Sternum IoT https://www.sternumiot.com/ Thank you for listening to The Secure Talk Cybersecurity Podcast.

Chat-based Cybersecurity Education Jan 02, 2023

Pascal Rosenberger is the Co-Founder and CEO of Eggheads.ai, a conversational microlearning and communication platform that allows businesses to unlock the simplicity and popularity of chat for trainings, internal communication and knowledge management. Pascal talks about the importance of cyber security training, how to provide it in an engaging manner, and how best to measure the results. Eggheads https://eggheads.ai/ Live Interactive Example of Chat Based Instruction (Hint: You will need to respond to the questions.) https://eggheads.ai/chat/l9pw61xez1v Thank you for listening to the Secure Talk Cybersecurity Podcast https://securetalkpodcast.com/

Data Security Posture Management vs. Cloud Security Posture Management and more! Dec 20, 2022

Jonathan Roizin is the Co-Founder and CEO at Flow Security, a startup that is revolutionizing data security by providing a platform that helps businesses secure their cloud data wherever it flows. Jonathan explains the difference between data security posture management (DSPM) and cloud security posture management (CSPM) and the important attributes of each. Jonathan also talks about his experience in various cybersecurity related roles spanning 16 years including investigations, incidence response, and how visibility and automation are becoming increasingly important. https://www.flowsecurity.com/

A Method for Managing Risk Dec 14, 2022

Bryant Tow is the Chief Security Officer at Leapfrog, a provider of strategic IT business services. Bryant explains how having a methodology for managing cyber risk is critical and talks about the most common types of risks in the current threat landscape. He also makes some predictions about key changes in IT security space for 2023 including the rise of cyber insurance. https://leapfrogservices.com/

Why Compliance Doesn't Equate to Security Dec 06, 2022

Chris Patteson, Field Risk Officer at LogicGate, explains why compliance doesn't equate to security and why this is a common misconception in corporate boardrooms. Chris talks about the difference between compliance with an industry or regional regulatory agency related to privacy and data protection doesn't mean that a company's systems are secure. He also introduces some best practices for monitoring and improving an organization's compliance and security posture. https://www.logicgate.com/

Compliance and Cybersecurity Issues with Collaboration Platforms such as Zoom, Slack, & Teams Nov 30, 2022

Garth Landers, Director of Global Product for Theta Lake, talks about some of the compliance and cybersecurity related issues associated with the use of collaboration platforms such as Zoom, Slack, Microsoft Teams, and WhatsApp. Garth also introduces some best practices for improving the security and compliance posture of these tools, and talks about some of the findings in the Theta Lake's recently released report that surveyed over 500 global compliance and security leaders on this topic. https://thetalake.com/

Critical Flaws in Legacy Cybersecurity Systems, with Dr. Danny Rittman Nov 29, 2022

Dr. Danny Rittman, CTO at GBT Technologies, is an R&D technology expert with who has years of experience researching and developing new forms of cybersecurity. In this episode we discuss some critical flaws with traditional firewalls, intrusion & detection systems (IDS), and encryption methods, and introduce some best practices for protecting networks and IoT devices. GBT Technologies https://gbtti.com/

SMB Ransomware Trends, with Grayson Milbourne of OpenText Security Solutions Nov 28, 2022

Grayson Milbourne is the Security Intelligence Director for OpenText Security Solutions. In this episode Grayson talks about the current threat landscape for small-medium businesses (SMBs) and individuals and shares some insights from the OpenText Security Solutions 2022 Global SMB Ransomeware Survey. Grayson also explains how he monitors the threat landscape in order to ensure the efficacy of OpenText Security Solutions' products.

Cyber Threat Intelligence Nov 17, 2022

Raveed Laeb, VP Product at KELA explains how he monitors and tracks trends with cyber criminals so that he can ensure that KELA's cyber threat intelligence capabilities evolve in a manner that enables it to provide maximum protection to its customers. Raveed also talks about cyber crime as a service on the dark web and vulnerability detection. https://ke-la.com/

Replacing Legacy SIEMs, Jack Naglieri CEO at Panther Labs Oct 31, 2022

Jack Naglieri is the CEO and Founder of. Panther Labs. Before starting Panther, Jack was a security engineer at Yahoo and Airbnb, where he learned first-hand how inefficient legacy SIEM platforms are at high-scale detection and response. He built Airbnb’s open-source platform called StreamAlert to solve this problem before leaving to start Panther. In this episode Jack explains the issues of legacy SIEMs, the benefits of serverless architecture, and talks about leading Panther and the evolution of Panther's platform. https://panther.com/

Security Awareness Training with Javvad Malik at KnowBe4 Oct 27, 2022

Javvad Malik is the Lead Security Awareness Advocate at KnowBe4, a provider of security awareness training. Javvad talks about how to select a cyber security and security training partner and shares some best practices to deploying effective training programs. KnowBe4 www.knowbe4.com/

Cybersecurity In and Out of the U.S. Military, with Stephen Semmelroth Oct 24, 2022

Stephen Semmelroth is the Sr. Director of Security at Avant Communications. He's a graduate of West Point, and a former U.S. Army infantry officer who served in Afghanistan. Stephen also has experience leading cyber teams in the U.S. Army. After retiring from the Army Stephen founded and then sold a cyber recruiting company. He has led multiple cybersecurity practices and continues to lead clients through disaster and change at Avant Communications. In this episode of the Secure Talk Podcast, Stephen talks about cybersecurity in the military, how he transitioned from a platoon leader to a cyber security leader, and provides some great advice for members of the U.S. military that would like pursue a career in cybersecurity after separating from the military. Avant Communications https://goavant.net/ Hiring Our Heroes https://www.hiringourheroes.org/ DOD Skillbridge https://skillbridge.osd.mil/

Modern Security Best Practices with George Gerchow, Chief Security Officer at Sumo Logic Oct 19, 2022

As Sumo Logic’s Chief Security Officer, George Gerchow brings over 20 years of information technology and systems management expertise to the application of IT processes and disciplines. His background includes the security, compliance, and cloud computing disciplines and years of practical experience in building agile security and compliance teams, and modern day Security Operation Centers. In this episode of Secure Talk, George talks about the importance of physical security, strategies for securing hybrid IT operations, trends with DevSecOps, best practices for identifying security talent, how security certifications can be used as a sales asset, SIEMs, logs, and more. www.sumologic.com

Security Certifications as Sales Assets, with Justin Beals, CEO of Strike Graph Oct 17, 2022

Justin Beals is the CEO and Co-Founder of Strike Graph, a platform that helps companies achieve security certifications that can be used as sales assets. Strike Graph’s flexible platform helps customers create a scalable security and compliance program that builds trust at every stage of growth and helps organizations to become certified quickly and easily with SOC 2, ISO 27001, HIPAA, and PCI DSS compliance. https://www.strikegraph.com/

The Importance of a Comprehensive Network Asset Inventory with Huxley Barbee Oct 13, 2022

Huxley Barbee is the Security Evangelist at runZero. Huxley explains the importance of running a comprehensive network asset inventory and compares various methods for doing so. He also provides some great tips for new CISOs and for home cyber protection. https://www.runzero.com/

Blockchain Bridges and More with Collin O'Brien of Rubic Oct 10, 2022

Collin O'Brien is the Marketing Manager at Rubic, a leading cross-chain swap service that allows users to swap assets between major blockchains in one click and with low gas fees. Collin talks about whether a single chain or a multi-cross-chain crypto technology will dominate in the future, and the current state of affairs with blockchains and crypto. https://rubic.exchange/

API Security with Karl Mattson CISO at Noname Security Oct 03, 2022

Karl Mattson is the CISO at Noname Security, a graduate of the FBI CISO Academy, and a CISSP. Karl explains the importance of API security and how the design of the code, and the configuration and management of API all affect API security. Noname Security https://nonamesecurity.com/ Noname Security's 4-Hour API Workshop https://nonamesecurity.com/workshop Secure Talk Podcast https://securetalkpodcast.com/

Cybersecurity Focused Hardware Destruction, with John Shegerian Sep 08, 2022

John Shegerian is the CEO and Co-Founder of ERI, a leading electronic waste recycler. John is the author of The Insecurity of Everything and has been featured on CNBC, BBC, News, Time, Fortune, and several other leading media outlets. John explains the ins and outs of cybersecurity-focused hardware destruction and electronic waste recycling and shares best practices for device deposal for both businesses and consumers. He also talks about how companies insure that their private or personal data cannot be accessed after device disposal.  As a special “thank you” to the Secure Talk Podcast listeners, John is offering a free copy of his book, The Insecurity of Everything: How Hardware Data Security is Becoming the Most Important Topic in the World. In order to receive a free copy of John’s book, please follow this link and fill out the details of where you would like the book sent: https://eridirect.com/insecurity-of-everything-book/ ERI https://eridirect.com/

Creating a Security Oriented Culture, with Kai Roer Sep 06, 2022

Kai Roer is the chief research officer for KnowBe4, a security awareness and simulated phishing platform. Kai helps organizations assess their current culture and to develop the desired end state for security and awareness. He created the Security Culture Framework (SCF), is the author of Build a Security Culture and co-author of the The Security Culture Playbook: An Executive Guide to Reducing Risk and Developing Your Human Defense Layer. Kai talks about the role of security and culture assessments, simulated phishing campaigns, how to spot phishing emails, and best practices for security awareness training. https://www.knowbe4.com/ https://www.securityculturebook.com/ Secure Talk Podcast www.securetalkpodcast.com https://securetalkpodcast.com/creating-a-security-oriented-culture-with-kai-roer/

Cloud Security Governance with Fausto Lendeborg, CEO of Secberus Aug 26, 2022

Fausto Lendeborg, Co-Founder & CEO of Secberus, explains cloud security governance and how Secberus secures cloud infrastructure and helps prevent cloud risk. He also introduces concepts such as the shared responsibility model, and Policy as Code, and explains the importance of scaling across multi-cloud environments, and time to remediation. Fausto talks about the amazing ecosystem for startups in Miami, his early interest in computers and hacking, how he got started in network security, how he landed his first job at a cyber security startup, and why he founded Secberus. www.secberus.com

How to Choose a VPN and more with Yegor Sak, Founder of Windscribe Aug 25, 2022

Born in Belarus, raised in Canada, Yegor Sak is a serial entrepreneur who has smashed ipods and PS3s for pay, built a porn site, learned how to fly, and launched Windscribe, a VPN provider with over seven million active users, as well as ControlD, a customizable DNS service that allows subscribers to block malware, ads, and IoT telemetry. Yegor and I talk about his background, lessons learned from life and launching several businesses, rebounding from failures and more. Yegor also explains the ins and outs of the various VPN providers and how to choose a reliable provider and use a VPN in a secure manner. https://windscribe.com/ https://blog.windscribe.com/ https://controld.com/ Secure Talk Podcast https://securetalkpodcast.com/how-to-choose-a-vpn-and-more-with-yegor-sak-founder-of-windscribe/

CSIRTs, ASM 2.0, and more with Dave Monnier from Team Cymru Aug 19, 2022

Dave Monnier, Chief Evangelist at Team Cymru talks about CSIRTs, Attack Surface Management (ASM), and explains how Team Cymru helps organizations to respond more quickly and effectively to cyber threats. https://team-cymru.com/ www.securetalkpodcast.com

Security Risks with Open Source Software, with Steve Wilson, CPO at Contrast Security Aug 10, 2022

Steve Wilson, Chief Product Officer at Contrast Security explains how the use of open source software can introduce security issues related to newly discovered vulnerabilities and how companies can identify and mitigate those issues by using software composition analysis (SCA) and runtime application self-protection (RASP) tools. https://www.contrastsecurity.com/ https://www.contrastsecurity.com/developer Secure Talk Podcast https://securetalkpodcast.com/security-risks-with-open-source-software-steve-wilson-chief-product-officer-at-contrast-security/

How to Remediate Cloud Security Risks with Nick Lumsden, CTO and Co-Founder at Tenacity Cloud Jul 29, 2022

Nick Lumsden, CTO and Co-Founder at Tenacity Cloud, explains how sprawl in cloud infrastructure can lead to security vulnerabilities. He also discusses way to prioritize addressing known vulnerabilities, and how best to track whether your cloud infrastructure is being managed in a secure and efficient manner. https://www.tenacitycloud.com/

Secrets Management Best Practices with Moshe Zioni, VP of Security at Apiiro Jul 21, 2022

Moshe Zioni, VP of Security Research at Apiiro, a leader in Cloud-Native Application Security, discusses Apiiro's recently released research on the topic of secrets management in private repositories. He also explains how secrets are exposed, how to protect secrets when posting code snippets to public and private repositories, the importance of education, how developers and application security professionals can scale and have greater visibility of code commits. Moshe also explains how Apiiro can help improve both operational efficiency and security of enterprises. https://apiiro.com/ https://apiiro.com/secrets-insights-2022/ Secure Talk Podcast shorturl.at/BJKL2

Protecting Personal Data, Podcasting, and More with Adam Levin Co-Host of the What the Hack Podcast Jul 18, 2022

Adam Levin, Co-Founder and Co-Host of the What the Hack podcast talks about his experience in privacy, data protection, and explains why he started What the Hack. He also shares some stories about his guests and also gives advice on how to protect your personal information. What the Hack Podcast https://podcasts.apple.com/us/podcast/id1571482669 Secure Talk Podcast https://securetalkpodcast.com/protecting-personal-data-podcasting-privacy-and-more-with-adam-levin/

How to Prevent Data Leaks Using a No-Code Platform with Yasir Ali, CEO of Polymer Jul 15, 2022

Yasir Ali is the Co-Founder and CEO of Polymer, a no-code platform that prevents sensitive data leaks across SaaS apps such as Google Drive, Slack, Microsoft Teams, and Zoom without slowing down an organization's operations. Yasir explains the benefits of a no-code platform and details how such platforms can help prevent data leaks. Polymer www.polymerhq.io/ Secure Talk Podcast https://securetalkpodcast.com/data-leak-prevention-with-yasir-ali-ceo-of-polymer/

Cybersecurity Best Practices with Adrianus Warmenhoven, Defensive Strategist at Nord Security Jul 06, 2022

Adrianus Warmenhoven, Defensive Strategist at Nord Security shares his thoughts related to best practices for enterprise security, data protection, and how individuals can reduce cyber risk. Adrianus also gives some recommendations related to learning about the latest trends in cybersecurity and some books on cybersecurity. https://nordsecurity.com/ https://securetalkpodcast.com/cybersecurity-best-practices-with-adrianus-warmenhoven-defensive-strategist-at-nord-security/

CISO Best Practices and MDM Tips with Chaim Mazal, CISO at Kandji Jun 17, 2022

Chaim Mazal, SVP of Technology & CISO at Kandji, talks about the role of Chief Information Security Officer (CISO), the differences between company and product security, various cybersecurity threat vectors, and trends in mobile device management (MDM) solutions. www.kandji.io www.securetalkpodcast.com

Nation State Cybercrime with Investigative Journalist & Author Geoff White Jun 08, 2022

Geoff White, a well-known investigative journalist and author has just published his latest book, The Lazarus Heist, From Hollywood to High Finance Inside North Korea’s Global Cyber Warfare. Geoff talks about how he does research for his books and how he finds information sources who are willing to talk. He also walks us the through the evolution of hacking from hobbyists to nation state actors and explains how the fall of the Berlin Wall accelerated the development of professional hacker groups that focused on monetary gain. Geoff also provides an introduction to North Korea’s Lazarus Group and explains how they are organized and how their main mission is to find ways to make money via cybercrime. Geoff also touches on how crypto currency is being used by both cybercriminals and police organizations, cyber surveillance by western countries, and also gives some great book recommendations and tips for improving one’s cybersecurity posture. Lazarus Heist Podcast https://www.bbc.co.uk/programmes/w13xtvg9/episodes/downloads Lazarus Heist Book https://www.amazon.com/Lazarus-Heist-Hollywood-Finance-Inside/dp/024155425X Geoff White's homepage https://geoffwhite.tech/ Secure Talk Podcast www.securetalkpodcast.com

Automated Crypto Trading Tools with Gabriele Musella, Co-Founder & CEO at Coinrule May 31, 2022

Gabriele Musella, Co-Founder & CEO at Coinrule talks about the current state of crypto and explains how Coinrule helps retail investors compete with professional traders and hedge funds by providing a platform for automated trading. Gabriele also shares his recommendations for business reading, insights on running a startup, and more! https://coinrule.com/ Book Recommendations Traction; How any startup can achieve explosive growth Notes on Startups, or How to Build the Future Secure Talk Podcast securetalkpodcast.com

Preventing Phygital Attacks with Will Plummer, CSO at RaySecur May 16, 2022

Will Plummer, Chief Security Officer at RaySecur talks about best practices for mail screening and the prevention of phygital attacks. https://raysecur.com/ https://raysecur.com/mail-security-report-2021/ https://raysecur.com/case-study/presidential-candidate/ www.securetalkpodcast.com

Identity & Access Management, Digital IDs & More with Sushil Madhukar of TechDemocracy May 13, 2022

Sushil Madhukar, Chief Principal for Customer Success at TechDemocracy talks about the evolution of digital IDs, identity & access management, security as a service, and best practices for prioritizing investments in cybersecurity. www.techdemocracy.com www.securetalkpodcast.com

Justin Beals, Founder & CEO of Strike Graph May 11, 2022

Justin Beals, Founder & CEO of Strike Graph, talks about challenges with the current regulatory and compliance landscape and introduces best practices for companies to improve and maintain their compliance posture. www.strikegraph.com

Searchable Encryption Technology with Dan Draper, CEO & Founder of CipherStash Mar 30, 2022

Dan Draper, CEO and Founder of CipherStash explains why data security is more important than ever, why developers should have a good understanding of cryptography, and talks about least privilege, desegregated architecture, and order-revealing encryption. Dan also discusses some of the issues related to the gender gap in technology. CipherStash.com debuggingdiversity.com

The Importance of Cyber Resilience with Kiran Vangaveti, CEO of BluSapphire Technologies Mar 25, 2022

Kiran Vangaveti, CEO of BluSapphire Technologies talks about the importance of cyber resilience and explains how BluSapphire Technologies' total cyber solution is able to replace many of the component based solutions. Kiran's also shares his experience related to training for and participating in several marathons. https://www.blusapphire.com/

New Approaches to Application Security with Jeff Williams Co-Founder of Contrast Security Mar 14, 2022

Jeff Williams Co-Founder & CTO of Contrast Security talks about the latest developments in DevOps and application security including serverless technology, self-protecting security, and Function as a Service (FaaS)for security applications.

Unlimited Decentralized Financial Markets with Eric Chen, CEO of Injective Labs Feb 23, 2022

Eric Chen is the CEO and Co-founder of Injective Labs, a fintech company focused on creating revolutionary Web3 products. Eric’s passion for crypto and blockchain started with mining Ethereum and participating in cryptographic research in college while studying finance and computer science. After working at a major crypto hedge fund, he decided to drop out of college and founded Injective Labs together with Albert Chon (CTO). Injective Labs is the core contributor behind the decentralized exchange protocol Injective. Injective is currently the fastest growing exchange platform reaching $1 Billion in trading volume within the first 30 days of release. For context, it took Coinbase a year to accomplish the same feat. Unlike Coinbase, Injective is entirely controlled by users meaning that all new markets are actually chosen by users. Injective collects zero revenue and uses any fee generated to be distributed back to their users via its unique decentralized token model. https://injectiveprotocol.com/

Crypto Mining Equipment with Mason Jappa, CEO of Blockware Solutions Feb 17, 2022

Mason Jappa, CEO of Blockware Solutions talks about the various types of mining rigs, price and regulatory trends for crypto mining, and more. https://www.blockwaresolutions.com/

Open Source Device Management with Mike McNeil, CEO of Fleet DM Feb 15, 2022

Mike McNeil, CEO & Co-Founder of Fleet DM explains how open source endpoint security is beneficial, using osquery, and ways to improve an organization's security posture while measuring and reducing total cost of ownership (TCO). https://fleetdm.com/

DeFi, CeFi, Blockchain and more with Yubo Ruan, Founder of Parallel Finance Feb 03, 2022

Yubo Ruan is the Founder of Parallel Finance, a new decentralized lending and staking protocol that just recently passed Binance to be the largest third-party program on Polkadot. The company has a current market share of 20.95% and is backed by top-tier investors including Polychain Capital, Pantera Capital, Lightspeed Ventures and Breyer Capital. Yubo learned about crypto in early 2014, and by June of that year he launched his first company while still in high school. Five years later, Yubo sold the company for over $4M, and by that point had started two VC funds focusing on disruptive technologies, and blockchain and crypto. https://parallel.fi/

Security Automation with Eoin Hinchy, CEO of Tines Jan 28, 2022

Eoin Hinchy, CEO of Tines, explains how no-code security automation can free security analysts from many mundane day-to-day tasks and allow them to be more productive and to focus more on high-value strategic work. https://www.tines.com/

Frances Zelazny, Co-Founder & CEO of Anonybit Jan 25, 2022

Frances Zelazny, Co-Founder & CEO of Anonybit explains the importance of privacy by design and how personal data and privacy can be protected by using a decentralized biometrics infrastructure. https://anonybit.io/

Storage, Backup, and Recovery, with W. Curtis Preston of Druva Jan 21, 2022

W. Curtis Preston has specialized in storage, backup, and recovery since 1993. He is an experienced expert witness and consultant who has written four books on the topic of storage back and recovery. Curtis is currently the Chief Technology Evangelist at Druva. On this episode Curtis talks about the benefits of using a SaaS-based solution for storage, backup, and recovery. Curtis also hosts the Restore it All podcast and maintains the Backup Central website. Restore it All https://podcasts.apple.com/us/podcast/backup-centrals-restore-it-all/id1469663053 Backup Central https://www.backupcentral.com/ Druva https://www.druva.com/

How to Secure Your Mobile Service with Haseeb Awan, CEO of Efani Jan 04, 2022

Haseeb Awan, CEO of Efani explains how a secure cell phone service can prevent SIM swaps, eavesdropping, and location tracking, and explains how a home-based cell tower can be more secure and reduce cell phone costs. Haseeb also talks about Bitcoin ATMs and crypto wallets. https://www.efani.com/

Chris Kline, COO & Co-Founder of Bitcoin IRA Dec 15, 2021

Chris Kline, COO & Co-Founder of Bitcoin IRA explains the merits of being able to hold Bitcoin and other cryptocurrencies in an individual retirement account (IRA). He also explains how Bitcoin IRA secures customer data and complies with various banking regulations related to security and data protection.

Data Loss Prevention (DLP) with Rohan Sathe, CTO & Co-Founder of Nightfall Dec 06, 2021

Rohan Sathe, CTO & Co-Founder of Nightfall talks about the different types of data loss prevention (DLP) tools and platforms and explains Nightfall's unique approach to DLP. Rohan also explains how his previous role as one of the founding engineers of Uber Eats put him on the path to looking for a better DLP solution. https://nightfall.ai/

VPNs with Brad Hawkins, CEO of SaferNet Dec 01, 2021

Brad Hawkins, CEO of SaferNet, talks about the most common cyber threats and explains how VPNs can be used as the "foundation" for cyber security and to greatly reduce cyber risk. He also explains how not all VPNs are created equally, and talks about the different types of VPNs. https://www.safernetvpn.com/ https://safernetbusinessvpn.com/ https://ninjio.com/

Security Managed Services with James Fair, SVP of Technical Operations at Executech Nov 23, 2021

James Fair, SVP of Technical Operations at Executech talks about managed services for cyber security, and shares his views on security best practices and mentoring and motivation. https://www.executech.com/

Application Security for Developers with Harshil Parikh, CEO of TROMZO Nov 16, 2021

Harshil Parikh, CEO of TROMZO talks about developer security friction and how best to engage developers to take security seriously. https://www.tromzo.com/

Steve Ginty, Director of Threat Intelligence at RiskIQ Nov 11, 2021

Steve Ginty, Director of Threat Intelligence at RiskIQ talks about External Attack Surface Management (EASM)and gives advice on how companies can better prepare for and prevent cyber attacks. RiskIQ was recently acquired by Microsoft. https://www.riskiq.com/ www.securetalkpodcast.com

Philippe Humeau, CEO of CrowdSec Nov 08, 2021

Philippe Humeau, CEO of CrowdSec talks about the advantages of open source security solutions to protect against zero-day and IP attacks. CrowdSec is an open-source & collaborative security solution that is able to analyze visitor behavior and provide an adapted response to a wide variety of attacks. https://crowdsec.net/ www.securetalkpodcast.com

Maxime Lamothe-Brassard, Founder LimaCharlie Sep 29, 2021

Maxime "Max" Lamothe-Brassard Founder of LimaCharlie talks about the ins and outs of cloud-based endpoint detection and response (EDR), and explains how LimaCharlie is changing traditional thinking related to corporate cybersecurity solutions.

Rick Jordan, Founder & CEO of ReachOut Technology Aug 23, 2021

Trained by the CIA and NSA, noted cybersecurity expert Rick Jordan talks about cybersecurity, managed security services, growing his business, taking ReachOut Technology public, his new movie Liberty Lockdown, and more! https://reachoutit.com/ https://www.rickjordan.tv/ https://www.rickjordan.tv/liberty-lockdown/

Brian Vallelunga, CEO of Doppler talks about Universal Secrets Management Aug 12, 2021

Brian Vallelunga is the CEO of Doppler, the universal secrets management software that keeps app configuration in sync across devices, environments, and developers. Doppler has attracted investments from Google Ventures, Sequoia, Greylock, Kleiner Perkins, and Peter Thiel. For more info, please visit: doppler.com

Emil Sayegh, CEO of Ntirety Aug 09, 2021

Emil Sayegh, CEO and President of Ntirety, talks about managed security and compliance services. Ntirety is one of the largest managed cloud service platforms in the world. Emil is an early pioneer of Cybersecurity and Cloud Computing, recognized as one of the industry’s cloud visionaries and "fathers of OpenStack," having launched and led successful cloud computing and hosting businesses for HP and Rackspace.

Jonathan Moore, CTO of SpiderOak Jul 20, 2021

Jonathan Moore, CTO of SpiderOak talks about security problems in the software supply chain, the need for a more effective national cyber defense, and some best practices for individual and organizational security. https://spideroak.com/home/

Dr. Chris Spencer on the Secure Use of Passpoint, NGH, and Eavesdropping Teddy Bears! Jul 07, 2021

Dr Spencer is the Chief Information Security Officer at Nomadix & GlobalReach. Chris has been a technology leader in the Wi-Fi industry for well over two decades. Previously the Chief Technology Officer for GlobalReach for over 20 years, his team helped to design and build some of the world's largest secure Wi-Fi network, including the first Wi-Fi network on the London Underground, public Wi-Fi for a national USA coffee shop chain, large-scale municipal networks with LinkNYC, San Francisco and San Jose, in-flight Wi-Fi for pan-continental airlines, and carrier SMB services, allowing seamless connectivity for users. A recognized thought leader in best-practice secure, seamless sign-on experience, and the use of Passpoint (Hotspot 2.0), Chris has been involved in the specification, and delivery of Next Generation Hotspots (NGH), and leads and co-leads several industry working groups for the Wireless Broadband Alliance (WBA), Hospitality Technology Next Generation (HTNG) and the Seamless Air Alliance (SAA). He has presented at HTNG, Barcelona 2015, at Mobile World Congress, the Wireless Broadband Alliance Global Congress, at Wi-Fi Now and on TV and radio.

Data Protection via File Level Encryption, Dimitri Nemirovsky, COO of Atakama Jun 29, 2021

Dimitri Nemirovsky, COO of Atakama talks about file level encryption for data protection, distributed key solutions, and give advice related to startups in the cybersecurity space. www.atakama.com

Kathleen Booth, VP of Marketing at clean.io Jun 24, 2021

Kathleen Booth, VP of Marketing at clean.io talks about the importance of digital engagement security, why businesses should pay careful attention to any third party code on their websites, how to prevent coupon codes from being abused, and much much more! clean.io https://www.clean.io/ Inbound Success Podcast https://inboundsuccesspodcast.com/

Scott Schober, CEO of Berkeley Varitronics Systems Jun 17, 2021

Scott Schober, CEO of Berkeley Varitronics Systems talks about the need for everyone to be aware and responsible for cybersecurity, how seniors are being exploited by hackers, best practices related to ATM and credit card usage, digital wallets, and more. For more information about Scott and BVS, please visit. https://www.bvsystems.com/ For more information about the Secure Talk podcast, please visit: www.securetalkpodcast.com

Mahmoud Abdelkader, CEO and co-founder of Very Good Security Jun 09, 2021

Mahmoud Abdelkader is the CEO and co-founder of Very Good Security; the leading data security platform that changes the way sensitive data is held by eliminating the need for customers to hold their own data.

Santosh Devaraj, CEO of TrustGrid Jun 09, 2021

Santosh Devaraj, CEO of TrustGrid™, talks about developments in trusted identity networks and explains how his company's platform provides a confidential computing platform for identity-based transactions. He also walks us through some specific applications of TrustGrid by different government agencies in Australia. More at: http://trustgrid.com

Bruce Dahlgren, CEO of MetricStream May 18, 2021

Bruce Dahlgren, Chief Executive Officer of MetricStream explains how organizations can get a better understanding of what types of risk they are facing and make better more informed decisions about how to manage their risk exposure. MetricStream https://www.metricstream.com/ Metric Streams GRC Summit https://www.grc-summit.com/2021

Dexter Caffey, CEO of Smart Eye Technology May 05, 2021

Dexter Caffey, CEO of Smart Eye Technology explains how his company's technology uses biometric security tools to protect documents and files from unauthorized viewers. https://smarteyetechnology.com/

Mark Testoni, CEO at SAP National Security Services (SAP NS2) Apr 19, 2021

Mark Testoni, CEO at SAP National Security Services (SAP NS2) shares insights about the state of cyber security in the U.S. and provides ideas on how organizations and individuals can improve their security posture.

Michel Tricot, Co-Founder & CEO of Airbyte Apr 13, 2021

Michel is the CEO and Co-Founder of Airbyte. He has been working in data engineering for the past 15 years. As head of integrations and engineering director at Liveramp (NYSE: RAMP), he grew the team responsible for building and scaling the data ingestion and data distribution connectors, syncing 100s TB every day. In 2020, he co-founded Airbyte, the new open-source ELT standard for replicating data from applications, APIs & databases. After only five months, Airbyte raised $5.2M in seed funding from Accel, YCombinator, 8VC, and some high-profile business angels, including the co-founder of Segment, the former GM Cloudera, and the co-founder of Liveramp and Safegraph. 600+ companies have synced data using Airbyte in the first 6 months. https://airbyte.io/

Dr. Eric Cole Apr 01, 2021

Dr. Cole has a master's degree in computer science from NYIT and a doctorate from Pace University with a concentration in information security. He served as CTO of McAfee and Chief Scientist for Lockheed Martin. Dr. Cole is the author of several books, including Advanced Persistent Threat, Hackers Beware, Hiding in Plain Sight, Network Security Bible 2nd Edition, and Insider Threat. He is the inventor of over 20 patents and is a researcher, writer, and speaker. He is also a member of the Commission on Cyber Security for the 44th President and several executive advisory boards. Dr. Cole is the founder and an executive leader at Secure Anchor Consulting where he provides leading-edge cybersecurity consulting services, expert witness work, and leads research and development initiatives to advance the state-of-the-art in information systems security. Social Links for Dr. Cole: YOUTUBE: https://www.youtube.com/channel/UCwg_j4TF1dnP9OZFXzYussA TWITTER: https://twitter.com/drericcole FACEBOOK: https://www.facebook.com/DrEricCole/ INSTAGRAM: https://www.instagram.com/drericcole/ E-Books by Dr. Eric Cole: Threat Hunting: https://ar407.isrefer.com/go/mm2ythun Insider Threat: https://ar407.isrefer.com/go/mm2ytit/... Online Danger: https://www.onlinedanger.com

Hiram Machado on Identity Governance Mar 30, 2021

Hiram Machado, CEO of adaQuest, talks about various aspects of Identity Governance including Zero Trust and Privileged Identity Management (PIM).

Zaid Sabih Al Quraishi, CEO at zSecurity Mar 23, 2021

Zaid Sabih Al Quraishi, CEO at zSecurity and online educator provides an update on his popular courses such as "Learn Ethical Hacking from Scratch," some new courses and content, as well as the recently launched bug bounty platform, www.bug-bounty.com. Zaid's courses can be found in the following locations: www.udemy.com/user/zaidsabih/ zsecurity.org/courses/

Jim Bowers, Security Architect for TBI Feb 22, 2021

Jim Bowers is Security Architect for TBI, a Chicago-based master agent. An authority in cybersecurity, Bowers has more than 20 years of in-depth security engineering knowledge gained in finance, healthcare, manufacturing and technology. His expertise ranges from architecting complete security infrastructure, to assessments for vulnerabilities, risk management to phishing training and simulation, DDOS mitigation, endpoint protection and Managed SOC.

Self-Sovereign Identity Authors Alex Preukschat & Shannon Appelcline Feb 08, 2021

Alex Preukschat & Shannon Appelcline co-authors of Self-Sovereign Identity; Decentralized digital identity and verifiable credentials explain what Self-Sovereign Identity (SSI) is, why it's important, and provide examples of practical applications for individuals and organizations. Secure Talk listeners are eligible to receive fee copies (5 max) of the e-book Self-Sovereign Identity; Decentralized digital identity and verifiable credentials by using the following coupon codes: ssstsrt-489B ssstsrt-9707 ssstsrt-7BF1 ssstsrt-2ACE ssstsrt-089E You can refer to this link: http://mng.bz/q98N

Bina Ramamurthy, Author of Blockchain in Action Jan 22, 2021

Bina Ramamurthy Ph.D. is a Director at Blockchain Thinklab, a Professor at The University of Buffalo, and the author of Block Chain in Action. Bina's book can be found here: https://www.manning.com/books/blockchain-in-action?query=block Bina's online blockchain courses can be found here: https://www.coursera.org/specializations/blockchain

Neil Madden, Author of API Security in Action Jan 21, 2021

Neil Madden, Security Director at ForgeRock and author of API Security in Action provides an overview of API security, how to establish security goals, protect important assets, identify relevant threat models. Neil's book can be found here: https://www.manning.com/books/api-security-in-action Please use these coupon codes to receive a 30 percent discount. apisecrf-7175 apisecrf-CC64 apisecrf-2FFC apisecrf-41AE apisecrf-42FE Neil's Twitter: @neilmaddog Neil's Blog: https://neilmadden.blog/

Julien Vehent, Author of Securing DevOps Jan 19, 2021

Julien Vehent, Security Engineering Manager at Google and author of Securing DevOps talks about the importance and best practices related to securing DevOps. Julien's book Securing DevOps can be found here: https://www.manning.com/books/securing-devops Free eBook codes (each good for one copy of Securing DevOps), listeners of the SecureTalk Podcast: scdvprf-A9D5 scdvprf-CB81 scdvprf-0C8B scdvprf-57E0 scdvprf-9DCB These can be redeemed at: http://mng.bz/Qmre For a 35% discount code (good for all Manning Publication products in all formats) use the code: podsectalk20 at this link: http://mng.bz/zryB (good for two months)

Sedat Kapanoglu, Author of Street Coder; The Rules to Break and How to Break Them Jan 07, 2021

Sedat Kapanoglu, Co-Founder of Eksi and author of Street Coder; The Rules to Break and How to Break Them, talks about his book and explains why, when, and how developers should challenge the status quo. Sedat also shares his ideas on security and gives some excellent career advice for aspiring and mid-career coders. Sedat's book can be found here: https://www.manning.com/books/street-coder The following coupon codes (1x use each) can be used for a free copy of Street Coder; The Rules to Break and How to Break Them strsecr-0716 strsecr-029E strsecr-34DB strsecr-2304 strsecr-E12A Sedat's Twitter feed: @esesci

Laurentiu Spilca Explain Spring Security for Java Applications Jan 04, 2021

Java developer, trainer, speaker, and author, Laurentiu Spilca introduces Spring Security. Laurentiu's book Spring Security in Action can be found here: https://www.manning.com/books/spring-security-in-action Laurentiu's Youtube Channel: https://www.youtube.com/channel/UC0z3MpVGrpSZzClXrYcZBfw

Rois Ni Thuama, Head of Cyber Governance at Red Sift Nov 30, 2020

Rois Ni Thuama, Heady of Cyber Governance at Red Sift, talks about two of the most important threats in the cyber landscape, disinformation and Business Email Compromise (BEC), and provides ideas on how to combat each. As a special offer to Secure Talk listeners, Red Sift is offering a 15 percent discount on their OnDMARC solution that stops spoofing attacks and blocks email impersonation. For more info, please visit: https://ondmarc.redsift.com/

Paul Clayson, CEO of AgilePQ Nov 17, 2020

Paul Clayson, CEO of AgilePQ talks about the challenges and importance of securing IoT devices, and introduces some ideas on how best to make them safe.

Privacy Law Update with Attorney Cecilia Jeong Nov 12, 2020

Privacy attorney Cecilia Jeong provides an update on the regulatory landscape related to data privacy and provides some great suggestions on how companies can quickly minimize business and regulatory risk. Cecilia can be contacted via: www.vedderprice.com/new-york

Thomas Kranz, Author of Making Sense of Cyber Security Nov 03, 2020

Cyber Security consultant and author Thomas Kranz talks about his book, Making Sense of Cyber Security, and introduces his common sense approach on the topic. https://tomkranz.com/ http://www.siliconbunny.com/ Manning Publications has provided Secure Talk with five free copies of the e-book Making Sense of Cyber Security. scrmcs-D9FB scrmcs-707E scrmcs-9E82 scrmcs-F6C2 scrmcs-4701 Please use this link to access: http://mng.bz/0ZPN Manning Publications has also provided all Secure Talk listeners a permanent 35 percent discount coupon on all items on its site Coupon: podsectalk20 You can refer to this link: http://mng.bz/zryB

The Ins and Outs of Azure Sentinel with Microsoft's Edward Walton Oct 16, 2020

Edward Walton, Technical Specialist and Global Black Belt for Advanced Security Analytics at Microsoft provides an overview of Microsoft's SIEM Azure Sentinel.

Kip Boyle shares advice on how best to find a cybersecurity job and "Your Cyber Path" Oct 05, 2020

Kip Boyle, Virtual CISO, author of “Fire Doesn't Innovate”, and host of the Your Cyber Path podcast shares valuable insights on how people can move into the cybersecurity industry. https://anchor.fm/yourcyberpath https://www.yourcyberpath.com/pdf

Cyber Security Education w/Gabriel Friedlander, CEO of Wizer Sep 23, 2020

Gabriel "Gabby" Friedlander talks about the importance of cyber security education for individuals and company employees. Gabby also introduces the Wizer platform and shares his thoughts on effective training programs. For more information on Wizer's training programs please visit: www.wizer-training.com

Greg Edwards, CEO of CryptoStopper on Malware Attack Detection & Prevention Aug 31, 2020

CryptoStopper CEO Greg Edwards talks about detecting and preventing malware attacks. www.getcryptostopper.com

#35 Hiram Machado, CEO of adaQuest on the Value of Network Scans Aug 24, 2020

adaQuest CEO, Hiram Machado explains how companies can get an accurate snap shot of their security and compliance posture and also discover opportunities for cost savings by using a network scan.

#34 Paul Katzoff, CEO of WhiteCanyon Software Aug 20, 2020

Paul Katzoff, CEO of WhiteCanyon Software talks about the importance of data disposal and explains how WhiteCanyon's solutions work.

Productivity & Security with Microsoft Teams Jun 26, 2020

Cloud Solution Architect, Christophe Koehl introduces some of his favorites features of Microsoft Teams, as well as best practices for increasing productivity and improving security.

Jonathan Hiroshi Rossi, CEO of Saya University Jun 19, 2020

Jonathan Hiroshi Rossi, CEO & Co-Founder of Saya University (SU) introduces SU and talks about the importance of awareness and education in mitigating cyber threats. https://www.sayauniversity.com/

Windows Autopilot with Christophe Koehl Apr 22, 2019

Christophe Koehl, Cloud Solution Architect at adaQuest, explains the benefits of WIndows Autopilot, how it's used and deployed, and how it's helping IT managers to more efficiently and securely provision new devices.

João Couto, Director of Operations adaQuest Brazil Apr 15, 2019

João Couto, Director of Operations for adaQuest Brazil talks about the current threat landscape and latest trends in data protection and cyber security in Brazil.

The Rise of the Virtual CISO, with Hiram Machado Mar 21, 2019

adaQuest CEO, Hiram Machado, talks about the increasing popularity and importance of virtual CISO, their benefits and advantages.

Richard Lewis, Best Practices for Security Minded Organizations & Application Security Development Mar 11, 2019

Richard Lewis shares his experience and insights related to creating a security minded culture inside organizations and leading people-focused application security development.

Edward Walton Discusses Shadow IT Mar 04, 2019

Edward Walton, CISSP and Cloud Solution Architect at Microsoft gives an overview of Shadow IT and explains some of the best methods for dealing with this rapidly growing phenomenon.

Cecilia Jeong, Privacy Attorney Feb 05, 2019

Cecilia Jeong, corporate and privacy attorney at Schwabe, Williamson & Wyatt, talk about the compliance and regulatory landscape for data protection and privacy.

Kip Boyle, Founder and CEO of Cyber Risk Opportunities Jan 30, 2019

Kip Boyle, founder and CEO of Cyber Risk Opportunities. Kip has worked in a variety of cybersecurity roles since 1992 including serving as the director of wide area network security for the Air Force's F-22 Raptor program and a working as a senior consultant for Stanford Research Institute (SRI). Kip is also the author of, Fire Doesn’t Innovate: The Executive’s Practical Guide to Thriving in the Face of Evolving Cyber Risks. https://www.cyberriskopportunities.com/ https://www.firedoesntinnovate.com/

Andrea Fisher, Global Cyber Defense Specialist at Microsoft Jan 19, 2019

Andrea Fisher, Global Cyber Defense Specialist at Microsoft explains why Windows 10 has displaced Windows 7 and talk about some of the amazing security and productivity features and tools that are built in to Windows 10.

Hiram Machado, adaQuest CEO Dec 27, 2018

adaQuest CEO, Hiram Machado and Secure Talk Host, Mark Shriner discuss some recent newsworthy security breaches, and industry and governmental trends related to data protection and compliance.

Andrea Fisher Provides an Overview of Windows 10 Oct 01, 2018

Andrea Fisher, Technical Specialist at Microsoft provides an overview of Windows 10 and many of the security related features.

Plurilock CEO Ian Paterson Talks About Post Login Authentication Aug 31, 2018

Ian Paterson, CEO of Plurilock, explains how behavioral biometrics can be used to perform post login authentication.

Matt Soseman Talks About Developments with MFA, Conditional Access, Windows Hello and More! Aug 28, 2018

Security Architect Matt Soseman talks about recent developments in multi-factor authentication (MFA), conditional access, data protection, and other areas related to cybersecurity.

Interview with Rudolph Araujo from Awake Security Aug 26, 2018

VP of Marketing from Awake Security, Rudolph Araujo, explains why he joined Awake Security and how Awake's technology helps organizations to prevent, detect, and respond to non-malware "living off the land" attacks.

Interview with Trusona Founder & CEO, Ori Eisen Jul 27, 2018

Trusona Founder & CEO, Ori Eisen, talks about how passwords can and should be replaced, and provides an introduction to Trusona's passwordless solutions.

Cyber Insurance - Part 2 Jul 09, 2018

Brian King, VP at AHT Insurance provides an overview of cyber insurance, explaining why it's important, how it's used, and gives examples of how it can help companies that have been cyber attacked. (This is part 2 of a 2 part podcast)

Cyber Insurance - Part 1 Jun 22, 2018

Brian King, VP at AHT Insurance provides an overview of cyber insurance, explaining why it's important, how it's used, and what buyers should be looking for when they purchase a cyber insurance policy. (This is part 1 of a 2 part podcast)

#15 Interview with Zaid Al-Quraishi, Ethical Hacker and Founder of zSecurity Jun 07, 2018

Zaid Al-Quraishi, Founder and CTO of zSecurity talks about ethical hacking, how he got started as an ethical hacker, working as an ethical hacker, and his on-line courses on ethical hacking. https://www.udemy.com/user/zaidsabih/

#14 Office 365 Secure Score & Security Tune-Up May 30, 2018

Security Architect Christophe Koehl from adaQuest explains how organizations can quickly assess and improve their IT security posture using the O365 Secure Score and Security Tune-Up by simply activating security, data protection, and reporting features that are already included in Office 365.

#13 Multi-Factor Authentication (MFA), Conditional Access, & Passwords May 25, 2018

Security Solutions Architect David Ducolon talks about best practices related to MFA, conditional access, passwords, and more!

A Review of GDPR, Cryptojacking, and More.... May 19, 2018

adaQuest CEO, HIram Machado joins Secure Talk Host, Mark Shriner, to talk about GDPR compliance plans, the rise of cryptojacking, and more shenanigans from Equifax.

How to Get a Cybersecurity Job! May 10, 2018

Technical Recruiter Dan Leiter of TEKsystems gives advice to those looking to enter the cybersecurity industry, explains what employers are looking for, what jobs are most in demand, what the current salary ranges are, and what companies are doing to recruit, develop and retain cybersecurity professionals. A very informative show!

#10 Interview with Cybersecurity Consultant & Station X CEO Nathan House May 02, 2018

Nathan House CEO of Station X and leading on-line cybersecurity educator provides career advice for aspiring and existing cybersecurity professionals, talks about his courses, and shares his thoughts on the industry, credentials, advanced degrees, and the changing threat landscape.

#9 Interview with ISSA Puget Sound Chapter President Justin White Apr 27, 2018

Justin White talks explains how he got his start in cybersecurity and risk management, shares his thoughts on education and trends related to cybersecurity, the importance and evolution of the ISSA, and more!

How to Successfully Integrate a Newly Acquired Company onto Your IT Platform Apr 21, 2018

Hiram Machado discusses best practices for IT and cybersecurity related due diligence for M&A pre-acquisition and for post acquisition integration.

#7 Security Architect Matt Soseman Apr 09, 2018

Microsoft's Matt Soseman gives an overview of several security-related assessments that are provided by Microsoft and its partners to help customers discovery potential issues and improve their security posture. Matt's blog can be found at: https://blogs.technet.microsoft.com/skypehybridguy/

#6 Paul Shares His Thoughts About Taking the CISSP Exam Mar 31, 2018

Paul from adaQuest tells us about his reasons for taking the CISSP, his preparation, topics covered, and what passing the CISSP means to him.

GDPR - What is it? How to prepare? Mar 14, 2018

In this episode we talk about GDPR. We explain what is GDPR, why it is important, and how to prepare.

#4 - Where do I start? Mar 09, 2018

In this episode the cybersecurity team from adaQuest role plays an initial customer meeting and talks about data discovery, data protection, network scans, patch policies, cloud migration plans, and more!

Episode #3 - Threat Detection & Protection Mar 01, 2018

In this episode we look at the current threat landscape and discuss different ways to detect and respond to threats and intrusions.

Episode #2 - Data Protection Feb 27, 2018

Hiram and Mark discuss the importance of data protection and the tools, techniques, and processes used to protect an organisation's data.

The Emerging Paradigm for IT Security Feb 16, 2018

In this episode we compare the traditional "perimeter" approach to cybersecurity with the emerging approach the is entered on identity.