Cyber Security Interviews 2e473l

Daniel Wood is the Associate Vice President of Consulting at Bishop Fox, where he leads all service lines, develops strategic initiatives, and has established the Applied Research and Development program. Daniel has over 15 years of experience in cybersecurity and is a subject matter expert in red teaming, insider threat, and counterintelligence. Daniel was previously the manager of security engineering and technology at Bridgewater Associates, where he shaped the strategic direction of technology for the firm and oversaw technical security assessments of Bridgewater’s international office expansions. Daniel has also served in roles ing the U.S. government in security architecture, engineering, and offensive operations as a Security Engineer and Red Team Leader. He ed the U.S. Special Operations Command (USSOCOM) on red teaming and digital warfare operations, and the U.S. Army on the Wargaming Cyber Effects on Soldiers’ Decision-Making project. In this episode, we discuss adapting to COVID-19, focusing on red teaming, cloud security architecture, responsible vulnerability disclosure, ICS security, compliance versus security, his work with the US military and cybersecurity, diversity in information security, and so much more! Where you can find Daniel: LinkedIn Bishop Fox Blog

Jasson Casey is the CTO of Beyond Identity, a less identity management provider. He also serves as a Fellow in CyberSecurity with the Center for Strategic and International Studies (CSIS) and the National Security Institute (NSI). Previously, Jasson was CTO of SecurityScorecard, VP of Engineering at IronNet Cybersecurity, Founder and Executive Director of Flowgrammable and Compiled Networks, and served in other technical and executive roles. Jasson received a bachelor’s degree in computer engineering from The University of Texas at Austin and a Ph.D. in computer engineering from Texas A&M University. In this episode, we discuss adjusting to COVID-19, his start in VoIP, third party security management, security without s, why you are a target, the role of a CTO, using the right language in security, start-up hiring, and so much more! Where you can find Jasson: LinkedIn Twitter Blog

John Hammond is a Security Researcher at Huntress as well as a cybersecurity instructor, developer, red teamer, and CTF enthusiast. John is a former Department of Defense Cyber Training Academy curriculum developer and teacher for the Cyber Threat Emulation course, educating both civilian and military on offensive Python, PowerShell, other scripting languages and the adversarial mindset. He personally developed training material and infosec challenges for events such as PicoCTF and the "Capture the Packet" competition at DEFCON US. John speaks at security conferences such as BsidesNoVA, to students at colleges such as the University of North Carolina Greensboro, and other events like the SANS Holiday Hack Challenge/KringleCon. He is an online YouTube personality showcasing programming tutorials, cybersecurity guides, and CTF video walkthroughs. In this episode, we discuss how he started in pen-testing, contributing to the community, pen-testing vs purple teaming, setting the rules for engagement, solving the same problems, diversity and inclusion, and so much more. Where you can find John: LinkedIn Twitter YouTube GitHub

David Wong is a security engineer working on the libra Blockchain at Facebook. He is an active contributor to internet standards like Transport Layer Security and to the applied cryptography research community. David is a recognized authority in the field of applied cryptography; he’s spoken at large security conferences like Black Hat and DEF CON and has delivered cryptography training sessions in the industry. He is the author of the soon-to-be-published Real-World Cryptography book. In this episode, we discuss why he focused on cryptography, the evolution of blockchain, his contributions to TLS, the Noise Protocol Framework, quantum computing, why he wrote a book on crypto, presenting and teaching cryptography, sanitizing data, and so much more! Where you can find David: LinkedIn Twitter Real-Word Cryptography Cryptologie.net Noiseprotocol.org

Jeff Hussey is the President and CEO of Tempered. Jeff, the founder of F5 Networks, is an accomplished entrepreneur with a proven track record in the networking and security markets. He maintains several board positions across a variety of technology, nonprofit and philanthropic organizations and currently is the chairman of the board for Carena and chairman and co-owner of Ecofiltro and PuraVidaCreateGood. Jeff also serves on the board for Webaroo and the Seattle Symphony. He was the chairman of the board for Lockdown Networks, which was sold to McAfee in 2008. Hussey received a BA in Finance from SPU and an MBA from the University of Washington. In this episode, we discuss adjusting to a remote workforce with a start-up, founding F5 Networks, developing a base community, tips for information security product success, IoT and OT cybersecurity, the Host Identity Protocol, healthcare security, prioritizing efforts as a founder, what gets him out of the bed in the morning, and so much more! Where you can find Jeff: LinkedIn Tempered

John Ford is the Cybersecurity Strategist at IronNet and is an information security veteran with over twenty years in a wide variety of roles. Prior to IronNet, John was CISO for ConnectWise, the global leader in providing software solutions for Managed Services Providers. In this role, he was able for customer-facing security activities, product security, and served as an advisor to the CEO and leadership team. Before ing IronNet, John founded Sienna Group, a firm dedicated to providing data protection solutions to enterprise organizations, and has held executive roles in the healthcare industry. In this episode, we discuss healthcare security, compliance versus security, HIPAA regulation and privacy, intellectual property protection, real-time information sharing, ransomware in hospitals, recommendations for new CISOs, and so much more! Where you can find John: LinkedIn IronNet Blog

Brandon Hoffman is the CISO & Head of Security Strategy at Netenrich. Brandon is an ired security executive responsible for Netenrich’s technical sales and security strategy for both the company and its customers. Most recently, he oversaw solution architecture for Intel 471’s dark web threat intelligence business. As former CTO at Lumeta Corporation and RedSeal Networks, Brandon led technical and field development in network security, vulnerability, and risk. He’s also held key practitioner roles focused in security architecture, penetration testing, networking, and data center operations. Brandon holds an MS degree from Northwestern University and a BS degree from the University of Illinois at Chicago. In this episode, we discuss adapting to COVID, accidentally getting into security, deg the intelligent SOC, a risk-based approach to information security, measuring cybersecurity outcomes, cyber insurance, risk management frameworks, and so much more! Where you can find Brandon: LinkedIn Twitter Netenrich Blog

This is a special episode where we celebrate the 100th episode of the Cyber Security Interviews podcast! In this episode, I have the mic turned back on me by a past guest, great friend, and an amazing asset to the community, Nadean Tanner. She crowdsourced some questions, but head plenty of her own as well as we did this Ask Me Anything special episode. Douglas Brush is an information security executive with over 26 years of entrepreneurship and professional technology experience. He is a globally recognized expert in cybersecurity, incident response, digital forensics, and information governance. In addition to serving as a CISO and leading enterprise security assessments, Douglas has conducted hundreds of investigations involving hacking, data breaches, trade secret theft, employee malfeasance, and various other legal and compliance issues. He also serves as a federally court-appointed Special Master and neutral expert in high profile litigation matters involving privacy, security, and eDiscovery. Currently, he is at Splunk where he works with Fortune 500 organizations to improve their security operations and reduce business risk from cyber-attacks. He is also the founder and host of Cyber Security Interviews, a popular information security podcast. In this episode, we discuss why I started the podcast, impostor syndrome, guests I would like to have on the show, my focus on mental health and diversity, important soft skills, talents versus skills, what's in my fridge, and so much more!

Fredrick "Flee" Lee is the Chief Security Officer at Gusto, where he leads information and physical security strategies including consumer protection, compliance, governance, and risk. Before Gusto, Lee spent more than 15 years leading global information security and privacy efforts at large financial services companies and technology startups, most recently as Square's Head of Information Security. He previously held senior security and privacy roles at Bank of America, NetSuite, and Twilio. Lee was born and raised in Mississippi and holds a bachelor's degree in computer engineering from the University of Oklahoma. In this episode, we discuss COVID response, three-dimensional communications, security as an enabler, integrating security and engineering teams, the information security skills shortage, diversity and inclusion in cybersecurity, his early mentors, and so much more. Where you can find Flee: LinkedIn Twitter

Andrea Roberson is a product manager at Centrify Corporation, where she directs the product roap for Centrify Privileged Access Service. She was previously a technical engineer at the company for almost two years and has held several engineering and roles during her career including at Google and Apple. She has a Bachelor of Science degree in Computer Science from Spelman College, where she was a member of the National Society of Black Engineers, the Association for Computing Machinery, and SpelBots. In this episode, we discuss working with product teams remotely, moving from IT to information security, securing remote access, diversity and inclusion in cybersecurity, mentoring others, self-care and mental health, new threats due to COVID, and so much more. Where you can find Andrea: LinkedIn Centrify Blog

HD Moore is the founder and CEO of Rumble Network Discovery; a platform designed to make asset inventory quick and easy by combining active scanning with innovative research. Prior to starting Rumble, HD was best known as the founder of the Metasploit Project, the foremost open-source exploit development framework, and continues to be a prolific researcher and occasional speaker at security events. In this episode, we discuss starting with BBSs back in the day, starting the Metasploit project, project Sonar, his development of Rumble Networks, securing home networks, fingerprinting networks, jump boxes in IoT networks, and so much more. Where you can find HD: LinkedIn Twitter Blog

Gabe Gumbs has a deep-rooted ion for technology, information security, and problem-solving. As Chief Innovation Officer of Spirion—a leader in rapid identification and protection of sensitive data—he’s channeling that ion to make the digital world a safer place. Wielding a unique mix of technical vision, marketing, and business acumen, Gabe is shaping the future of data security and protecting the sensitive personal data of customers, colleagues, and communities around the world. Despite having held a range of leadership positions in security technology— including VP of Product Strategy at STEALTHbits and Director of Research & Products at WhiteHat Security—Gabe considers his most valuable experience to be the time he spent on the ground as a security practitioner. Thanks to his intimate understanding of the real issues security professionals face on the front lines, he’s able to identify the core of the problem and create innovative solutions that push data security technology forward. In this episode, we discuss his early starts with the 2600 meet-ups, privacy versus security, speaking to executives in their language, cloud security, information security skills shortages, training legal teams for cyber, how to get started in cybersecurity, and so much more. Where you can find Gabe: LinkedIn Twitter Spirion Blog & Podcast

Shahrokh Shahidzadeh is the CEO of Acceptto. Shahrokh is a seasoned technologist and leader with 29 years of contribution to modern computer architecture, device identity, platform trust elevation, large IoT initiatives, and ambient intelligence research with more than 25 issued and pending patents. Before Acceptto, Shahrokh was a senior principal technologist contributing to Intel Corporation for 25 years in a variety of leadership positions where he architected and led multiple billion-dollar product initiatives. In this episode, we discuss evolving authentication, SSO and MFA challenges, anomalous behavior detection, enforcing least privilege, his time with Intel, AI and ML, multi-cloud security, securing home s, and so much more. Where you can find Shahrokh: LinkedIn Twitter Acceptto

Deborah Golden is the US Cyber & Strategic Risk leader for Deloitte Risk & Financial Advisory. In the prior six years, Deborah served as the Government & Public Services (GPS) Cyber Risk Services leader, as well as the GPS Advisory Market Offering leader, GPS Empowered Well-Being leader and the lead principal for a major federal government health care provider. Deb has more than 25 years of information technology experience spanning numerous industries, with an in-depth focus on government and public services, life sciences and health care, and financial services. Deb received a bachelor’s degree in Finance at Virginia Tech and a master’s degree in Information Technology at George Washington University. She serves on Virginia Tech’s Business Information Technology and Masters in Information Technology Advisory Boards is a self-proclaimed fitness junky and avid traveler and trains service dogs with the Guide Dog Foundation in her spare time. In this episode, we discuss mental health awareness, her 1-3-5-15 routine, working with clients remotely, COVID-19 cybersecurity spend, securing home networks, diversity in the cyber workplace, The Guide Dog Foundation, and so much more. Where you can find Deb: LinkedIn Twitter Deloitte & Touche Blog Guide Dog Foundation

Kyle Hanslovan comes to Huntress Labs from the U.S. Intelligence Community, where he ed defensive and offensive cyber operations for the past decade. He previously co-founded the defense consulting firm StrategicIO and actively participates in the ethical hacking community as a Black Hat conference trainer, STEM mentor, and Def Con CTF champion. Additionally, he serves in the Maryland Air National Guard as a Cyber Warfare Operator. Chris Bisnett is a veteran information security researcher with more than a decade of experience in offensive and defensive cyber operations. While serving with the NSA RedTeam, he attacked government networks and systems to identify and remedy vulnerabilities. Chris is also a recognized Black Hat conference trainer and has taught his “Fuzzing For Vulnerabilities” course at several events around the world. Before founding Huntress Labs, Chris co-founded LegalConfirm, LLC, where he led product design and development until the company was acquired in 2014. In this episode, we discuss incident response planning, their early starts in offensive theaters, red teaming, Ransomware-as-a-Service, small business and enterprise threats, breaking bad news to clients, holding leadership able, hacking back, tips and resources for start-ups, warnings for founders, and so much more. (Note: If you are interested in start-ups and being a founder, Daniel Ayala and I created a regularly updated blog for founders and start-ups: Hang Out A Shingle – Starting Your Cybersecurity Company. Where you can find Kyle and Chris: LinkedIn - Kyle LinkedIn - Chris Twitter - Kyle Twitter - Chris Huntress Blog

Jack Kudale is Founder and CEO at Cowbell Cyber with over two decades of business executive experience. Previous senior roles include COO at Cavirin, CEO at Lacework, both cloud security startups; SnapLogic, a leader in hybrid cloud integration; and CA Technologies, where Jack led DevOps sales for the Fortune 500 leader. With deep operational experience in the DevOps, Cybersecurity, IT Ops, & Big Data spaces, Jack leads Cowbell to execute on its vision of bridging the cyber insurability gap. Jack also serves as a governing board member of Brighter Children, a non-profit organization. In this episode, we discuss the importance of cyber insurance, risk management, the difference between cyber insurance vs other insurance products, the risks COVID-19 pose to small businesses, right-sizing cyber insurance policies, industries that are targets for attackers, and so much more. Where you can find Jack: LinkedIn Twitter Cowbell Cyber Blog

Daniel Ayala is the Founder, and Managing Partner for Secratic, a strategic information security, and privacy consultancy focused on helping companies protect data and information, and be prepared before incidents happen. Daniel is also currently serving as the Interim Chief Information Security Officer for Michigan State University. Throughout his 24 year career, he has led security organizations large and small in banking and financial services, pharmaceutical, information, library, and technology companies around the world, taught university-level courses, and both writes and regularly speaks on the topics of security, privacy, data ethics, and compliance. In this episode, we discuss remote working, being a virtual CISO, compliance vs. security vs. privacy, application development security, creating a culture of security, communication skills, giving back to the community, mentoring others, mental health, and so much more! Where you can find Daniel: LinkedIn Twitter MentorCore Secratic Blog Hang Out A Shingle: Starting Your Own Cybersecurity Company

Anthony Bettini is the CTO for WhiteHat Security, the leader in Application Security, enabling businesses to protect critical data, ensure compliance, and manage risk. Previously, Anthony ran Tenable Research where Anthony ed via Tenable’s acquisition of FlawCheck – a leading Container Security startup where Anthony was the CEO & Founder. Before its acquisition by Symantec, Anthony was CEO & Founder of Appthority, a leading Mobile Security startup, and winner of the “Most Innovative Company of the Year” award at the RSA Conference. In this episode, we discuss managing a remote team, web application security, DevSec, responsible vulnerability disclosure, Artificial Intelligence (AI), how to focus your career, being a founder, and so much more! Where you can find Anthony: LinkedIn WhiteHat Blog

Ed Bellis is a security industry veteran and expert and was once named “Information Security Executive of the Year”. He currently serves as the Chief Technology Officer and Co-founder of Kenna Security. He founded Kenna Security to deliver a data-driven risk-based approach to remediation and help IT teams prioritize and thwart would-be security threats. Ed is the former CISO of Orbitz and former Vice President, Corporate Information Security at Bank of America. He is an advisor to Dascena and former advisor to SecurityScoreboard.com, Dharma, and Society of Payment Security Professionals. Ed is a contributing author to the book, Beautiful Security. He is also a frequent speaker at industry conferences such as RSA, BlackHat, and many others. In this episode, we discuss vulnerability management maturity, how to focus on remediation, inventory management, securing cloud services, IoT devices in the enterprise, entrepreneurship, hiring the right people, and so much more. Where you can find Ed: LinkedIn Twitter Kenna Security Blog

Mikko Hypponen is a global security expert and has worked at F-Secure since 1991. Currently, he serves as F-Secure's Chief Research Officer. Mikko has written on his research for the New York Times, Wired, and Scientific American, and he frequently appears on international TV. He has lectured at the universities of Stanford, Oxford, and Cambridge. He was selected among the 50 most important people on the web by the PC World magazine and was included in the FP Global 100 Thinkers list. Mikko sits on the advisory boards of t2 and Social Safeguard and in the advisory for the Monetary Authority of Singapore. In this episode, we discuss his early starts in information security, the rebirth of TELNET, security by design, the difference between privacy and security, mobile device security, IoT security, election security, and so much more. Where you find Mikko: LinkedIn Twitter F-Secure Blog HBO - Kill Chain: The Cyber War on America’s Elections