Podcast Cyber Resilient terbaik (2024)

1
S6E13: Bryson Bort - Cybersecurity and the Entrepreneurship Journey 35:41

14d ago35:41

35:41

- First off, for folks not familiar with your background can you tell us a bit about your background from your journey in your earlier IT/Cyber and military time to eventually being a Founder and CEO? - What made you decide to take that leap and found not just one, but two cybersecurity companies, moving from being a practitioner? - What did you fi…

1
S6E12: Matt Nelson & David Cantrell - BESPIN Software Factory - Innovating at the Edge 55:55

1M ago55:55

55:55

Can you each tell us a bit about your background, before we dive in? For those not in the DoD or familiar with the term, what is a “Software Factory”? What is BESPIN? What is the current state of mobile security within the DoD? Why do you think there’s such a delay in maturing policy, process and pathways for mobile in DoD, given the big emphasis t…

1
S6E11: Josh Bressers & Dan Lorenc - Untangling the NVD Chaos 29:18

1M ago29:18

29:18

- First off, for folks that don't know you can you give them a brief overview of your background/organizations? - Josh, let's start with you. Can you explain some of what is going on with the drama around NVD and what happened that caught everyone's attention? - Dan - I know you've raised concerns around the implications for the community when it c…

1
S6E10: Adam Bateman - Securing the Modern Identity Perimeter 32:07

1M ago32:07

32:07

- It is often now said that identity is the new perimeter, why do you think that phrase has taken hold and what does it mean to you? - How much do you think the complicated identity landscape plays a role, for example most organizations have multiple IdP's, as well as external environments such as SaaS and so on that they have identities and permis…

1
S6E9: Joanna McDaniel Burkey - From CISO to the Boardroom 38:03

1M ago38:03

38:03

- First off, you have an incredible background evolving from software engineer to management roles and ultimately a CISO for some of the industry leading organizations such as Siemen's and HP. I would love to hear about that journey and how you found yourself ultimately becoming an industry leading CISO along the way. - How do you think the CISO ro…

1
S6E8: Erez Yalon - AppSec, Supply Chain and Security Research 47:17

2M ago47:17

47:17

- What are some of the most interesting developments in the world of software supply chain security (SSCS) in the last 12 months or so? - It's now been a couple of years since the major fall out of notable incidents such as SolarWinds and Log4j, do you feel like the industry is making headway in addressing software supply chain threats? - For organ…

1
S6E7 - Chinmayi Sharma & Jim Dempsey - Software Liability and Safe Harbor 50:06

2M ago50:06

50:06

- First off, for folks not familiar with your backgrounds, can you please each tell us a bit about yourselves? - Let's set the table a bit, what is software liability and what is driving the increased calls for it? For example the recently released National Cyber Strategy, and commentary by U.S. leaders such as from CISA's Jen Easterly - What are s…

1
S6E6 - Crystal Poenisch - Cybersecurity Product Marketing 20:11

3M ago20:11

20:11

- First, please tell us a bit about your background and how you got into the role you are now in your career? What drew you to the marketing side of cybersecurity? - I have to be honest, many in the cyber practitioner community often bemoan cyber marketers, often citing poor tactics or interactions. What do you think has contributed to this systemi…

1
S6E5 - Jeevan Singh - Scaling Application Security 36:59

3M ago36:59

36:59

- Let's start off by discussing everyone's favorite topic, vulnerability management. When it comes to AppSec, obviously there's been a big push to "shift security left" which comes with CI/CD pipelines, SAST, DAST, Secrets Scanning, IaC scanning etc. How have you handled scaling AppSec effectively without burdening Dev teams with massive vulnerabil…

1
S6E4 - Joseph Lewis - A Year in the Seat - a CISO's Retrospective 38:06

3M ago38:06

38:06

- First off, tell us about your journey to the role of the CISO. What did that look like, what steps did you take, what helped prepare you and so on? - To many, the CISO is considered the pinnacle of the cyber career field. How did it feel when you landed the role and looking back a year now, what are some thoughts that come to mind? - We know as y…

1
S6E3 - Ross Haleliuk - Cyber for Builders & The Cyber Ecosystem 1:02:42

3M ago1:02:42

1:02:42

- First off, tell us a bit about your background and how you got to where you are now in your career - What led you to write the book? Tell us a bit about the process and the experience so far, given you didn't take a traditional route with a standard publisher etc - Your book is broken into different sections, such as security as an industry, unde…

1
S6E2 - Jacob Horne - 171, CMMC and the Federal Compliance Landscape 1:03:14

4M ago1:03:14

1:03:14

- For folks not tracking, let's level set a bit, what exactly is NIST 800-171 and CMMC, and what is the succinct background on the evolution of the two? - Are there notable events that led the DoD to pursue CMMC, building on the history of 171? - Obviously the introduction of the 3PAO aspect brings more rigor than previously existed with self-asses…

1
S6E1 - Rob van der Veer - Navigating the AI Security Landscape 32:58

4M ago32:58

32:58

- You've been heavily involved in the AI dialogue in the industry as it has heated up, how did you get your start specializing in software security and most notably AI? - AI continues to be one of the hottest cybersecurity topics in 2023 and heading into 2024. What do you think are some of the most pressing risks around the rapid growth of AI adopt…

1
S5E9: Kevin Greene - The Cyber Journey, AI/ML and Secure SDLC 43:57

4M ago43:57

43:57

- Tell us a bit about your cybersecurity journey, you've held a variety of roles with FFRDC's and industry - You've been talking a good bit about the latest Secure-by-Design push, what do you make of this push? I know you've raised concerns about needing to do some research to determine the effectiveness of these "secure" SDLC's - AI and ML are eve…

1
S5E8: Jake Meloche - Cloud Native Security 21:16

4M ago21:16

21:16

- First off, tell us a bit about yourself, what you're up to and how you have gotten where you are career wise - What are some of the key differences with cloud-native security? - There's a lot of acronyms in the cloud-sec space, such as CWPP, CSPM, KSPM and so on. Can you unpack a few of these for the audience and what they mean? - This also infer…

1
S5E7: Darwin Salazar - Data, Detections & the Cybersecurity Market 29:43

6M ago29:43

29:43

Nikki - Can you tell us a little bit about what interested you in cloud security in the first place? I know you have a particular interest in misconfigurations - was there a singular event that spurred your interest? Chris - What are your thoughts around Guardrails in the cloud and using things such as event based detections? Chris - You interestin…

1
S5E6: Allie Mellen - SecOps, Detection and AI 25:55

6M ago25:55

25:55

Nikki - I have to start with the fact that you've been looking into the vulnerability management space! This is an area I've been focused on for many years and I'm curious - what are the biggest pain points you see now in VulnMgmt? Chris - I recently saw you had a blog regarding Exposure Management and contrasting it with Vulnerability Management. …

1
S5E5: Greg Rasner - Zero Trust and Third Party Risk Management 37:17

7M ago37:17

37:17

- You recently wrote a book titled Zero Trust and Third Party Risk. Can you tell us a bit about the book, why you wrote it and how you see the convergence of ZT and TPRM? - There's been a lot of discussion lately around Software Supply Chain Security, but also Cybersecurity Supply Chain Risk Management, or C-SCRM. Do you see the former being part o…

1
S5E4: Jonathan Rau - The Modern Security Data Landscape 28:46

7M ago28:46

28:46

Nikki - With your current role as a Distinguished Engineer - I know you focus a lot on cloud security. What does being a DE entail? Do you do some research along with your other duties? Chris: We've seen the discussion around data in the security space evolve quite a bit. From legacy environments with a SIEM/SOC centralized approach, oriented aroun…

1
S5E3: Patrick Garrity - Vulnerability Research, Management and Visualizations 35:19

7M ago35:19

35:19

Nikki - I wanted to ask you first what got you so passionate about vulnerability management - what was it that first sparked your curiousity and interest into security research? Nikki - You do a lot of awesome graphics and visualizations of vulnerability data from both CISA KEV and around types of CVE's - what kind of statistics do you think are mo…

1
S5E2: Scott Piper - Modern Cloud Security and Resilience 41:51

8M ago41:51

41:51

Chris: First off, you've been knee deep in CloudSec for several years now, watching trends, incidents and the industry evolve. Where do you think we've made the most headway, and where do you think we still have the largest gaps to close? Nikki: I'm really interested in multi-cloud environments and security - because of the connectivity potential b…

1
S5E1: Amit Elazari - Convergence of Technology & Digital Policy 40:05

8M ago40:05

40:05

- For those who haven't met you yet or come across your work, can you tell us a bit about your background? - First off, tell us a bit about OpenPolicy, what is the organizations mission and why did you found it? - Why do you think it's important for there to be tight collaboration and open communication between businesses, startups and policy maker…

1
S4E24: Michael McLaughlin & Bill Holstein - Battlefield Cyber 59:05

9M ago59:05

59:05

- First off, for those unfamiliar with this problem and situation, what exactly is the challenge here, and why should more people be paying attention to this? - What do you say to those who may say this is just something occurring in the digital realm, and not a physical or real threat, given the ubiquity of software, this seems short sighted, no? …

1
S4E23: Michael Klipstein - Cybersecurity from Sea to Space 30:21

10M ago30:21

30:21

Nikki - In addition to your Senior Policy Advisor role, you are also part of several academic institutions, including one we have in common - Capitol Technology University. Can you talk a little bit about why you wanted to be involved in the technical and academic side? Have their been any benefits you've seen in academia that you've brought to the…

1
Ep 136 | The end of the cyber road with Dan McDermott, Gar O'Hara and Vinh Nguyen 33:10

10M ago33:10

33:10

The end of the cyber road. This week we say goodbye to the Get Cyber Resilient show. Dan, Gar and Vinh take one last look behind the cyber news. In this episode, we start with Australian Prime Minister Anthony Albanese’s answer to cyber resiliency; we then jump over to the world of OT and how Schneider Power metres have been disclosing that they tr…

1
S4E22: Omkhar Arasaratnam - OSS and OpenSSF 41:25

10M ago41:25

41:25

You are now at the Open Source Security Foundation - but you have a ton of experience (even as a former IBMer) from Google, to JPMorgan, and financial institutions through architecture, management, and engineering. Can you talk a little bit about your leadership journey? Let's dig into OpenSSF a bit more - we're only seeing an increase in software …

1
Ep 135 | OT and Cyber Security with Belinda Noel, Chief Growth Officer at Secolve 35:10

10M ago35:10

35:10

In this episode, Gar sits down with Belinda Noel, Chief Growth Officer at Secolve. Belinda talks us through the expanding world of Operational Technology (OT) and Cyber Security, looking at its growing importance and need for attention. We look at the differences and overlap between IT, OT and IOT, and how each play their part, the immaturity of OT…

1
Ep 134 | Behind the Cyber News: 13th of June 2023 31:57

11M ago31:57

31:57

On this week’s news episode, Dan, Gar and Vinh are taking another look behind the cyber news, starting with Toyota, and customer information that has been publicly accessible forover 6 years. Next we dive into the supply chain attack impacting many high profile British brands that is linked to a Russian cyber gang, we then discuss how the governmen…

1
S4E21: Kelly Shortridge - Security Chaos Engineering & Resilience 41:53

11M ago41:53

41:53

Chris - For those not familiar with Security Chaos Engineering, how would you summarize it, and what made you decide to author the new book on it? Nikki - In one of your sections of Security Chaos Engineering, you talk about what a modern security program looks like. Can you talk about what this means compared to security programs maybe 5 to 10 yea…

1
S4E20: Luke Hinds & Craig McLuckie - The Founders Journey & Software Supply Chain Security 37:41

11M ago37:41

37:41

- First off, can you each tell us a bit about your backgrounds and experience in the space? - What made you all decide to found Stacklok, what gaps and opportunities in the ecosystem did you see? - What are your thoughts around the industry's response to software supply chain security and how do you see things such as OSS and Sigstore playing a rol…

1
Ep 133 | Filling the cyber talent gap with Matt Wilcox, Founder and CEO of FifthDomain 45:52

11M ago45:52

45:52

This week we are joined by Matt Wilcox, Founder and CEO at FifthDomain. In this conversation, Matt and Gar discuss the growing gap in our local cyber workforce and the initiatives needed to fix the problem. Matt explains the ways we can ensure cyber training is most effective for those coming into the workforce, and the role Government and industry…

1
S4E19: Mark Montgomery - Securing the Digital Democracy 50:51

11M ago50:51

50:51

Nikki - What does cyber resiliency mean to you? Nikki - Can you tell us a little bit more about the Cyberspace Solarium Commission or CSC, in particular I'm interested in the promotion of national resilience. Can you talk a little bit about what that means and what's in progress at the moment? Chris - There's been a lot of activity lately with the …

1
S4E18: Joseph Lewis - Cybersecurity & Servant Leadership 22:20

11M ago22:20

22:20

Nikki - You're a newly minted CISO and SES - how's it going? How have the first few months been in the role? Nikki - With your background in both Academia as an Adjunct Professor and with your cyber and executive leadership experience - how important would you say the intersection of academia, research, and leadership go? Chris - We know you're a b…

1
Ep 132 | Behind the Cyber News: 16th of May 2023 30:53

12M ago30:53

30:53

On this week’s episode, Gar and Vinh are taking a look behind the cyber news, kicking off with the twitter hacker extradition in the US, we then discuss the snake espionage infrastructure that cyber agencies have detected in over 50 countries. Staying global, we look at how the EU is going hard on cyber labelling for the cloud services, then back a…

1
S4E17: Yotam Perkal - Vulnerability Management and Modernization 32:50

12M ago32:50

32:50

Chris - To set the stage for the discussion of vulnerability management, Rezilion recently had a report that found that organizations had over 100,000 backlogged vulnerabilities. Why do you think things have gotten so bad? Chris - Leaders also stated that they are able to patch less than half of that backlog, thousands of vulnerabilities never get …

1
S4E16: Alfredo Hickman - SaaS Security & Third-Party Risk Management 27:11

12M ago27:11

27:11

Chris - Why do you think SaaS security is so overlooked in the conversation around cloud security, despite SaaS being so pervasive? Chris - SaaS obviously involves a lot of third-party integrations. What are the risks o f these ungoverned integrations and can they have a cascading impact if one of the providers has an incident? Nikki - Chris and I …

1
Ep 131 | Behind the Cyber News: 2nd of May 2023 36:55

12M ago36:55

36:55

We’re back for the first episode of Season 10! In this Behind the Cyber News episode we kick off with a look into the United Nations Cyber Crime Treaty and its implications on global law enforcement. We then review the Top 5 Most Dangerous cyberattacks for 2023 as announced by the SANS Technology Institute at the RSA Conference, we then move back t…

1
S4E15: Tom Pace - Firmware, IoT and Cyber Physical Systems (CPS) 37:18

1y ago37:18

37:18

Chris: First off, tell us a bit about NetRise, what you all do, and what your focus is on? Chris: There's been a tremendous focus as of late on software supply chain security, as you know, but much of it focuses on things such as Cloud, SaaS, Containers etc. at NetRise you all take a focus on Firmware, IoT and Cyber Physical Systems (CPS). Why is t…

1
S4E14: Josh Reiter - U.S. Navy Workforce and Cyber Superiority 33:37

1y ago33:37

33:37

Chris: Can you tell us a bit about your background and what the role of the Deputy Principal Cyber Advisor does? Nikki: When we talk about workforce challenges, I think about the types of skills that someone is looking for in a cyber program. What types of skills do you look for in hiring and what kinds of skills do we still need in the cyber profe…

1
S4E13: Chris Kulakowski - Threat Hunting & Detection Engineering 26:56

1y ago26:56

26:56

Oleh Chris Hughes

1
S4E12: Kristin Saling - U.S. Army Workforce Modernization & Analytics 24:09

1y ago24:09

24:09

Nikki - First - tell me a little bit about yourself and your background Nikki - You have a ton of experience with the Army, can you talk a little bit about what you like most about working with the military and specifically in HR? Chris - We hear a lot about digital transformation in the DoD, Cloud, Cyber, Zero Trust, and so on - but how critical d…

1
Ep 130 | Cyber's toll on Mental Health with Dr Andrew Reeves, Director at Cybermindz 46:35

1y ago46:35

46:35

This week we are joined by Dr Andrew Reeves, Director at Cybermindz and a psychologist. In this conversation, Andrew talks us through the Cybermindz organisation, the data that came has been uncovered in his research on mental health in cyber and the nine attributes that point to what is different in the world of stress and burnout in cyber and wha…

1
S4E11: John Speed Meyers - Data Science & Software Supply Chain Security 36:34

1y ago36:34

36:34

Chris: I have been following your research for several years now, dating back to your role before Chainguard. As you have watched the conversation around Software Supply Chain Security unfold in the industry, do you feel like we're making positive headway? Chris: You have done a lot of research into software supply chain security, and of course SBO…

1
Ep 129 | Behind the Cyber News: 28th of March 2023 36:04

1y ago36:04

36:04

On this week’s episode; Dan, Gar and Vinh kick off with a look behind the latest high profile, large scale breach – Latitude Financial. We then pivot to a review of the latest misuse of AI, fooling voice recognition systems used to verify identity by Centrelink and the ATO, we also discuss the possibility that the federal government is considering …

1
S4E10: Lily Zeleke - DoD Cloud & Software Modernization 30:12

1y ago30:12

30:12

Chris: Before we dive into some technical topics and questions, we would love to hear a bit about your background and career Chris: - We've now seen the introduction of JWCC into the mix after quite a challenging road to get there. What major changes do you see JWCC playing in the DoD cloud landscape and cloud adoption journey? Nikki: - There's bee…

1
S4E9: Resilient Cyber Show w/ Day Johnson 27:59

1y ago27:59

27:59

Nikki - With your experience in various cloud and Cybersecurity roles, what would you say the top 3 concerns are right now for cloud security? Nikki - I see you do a lot of work Cybersecurity and cloud education, do you feel like we have better tools and resources today than a few years ago? Or too many resources? Chris - We know you have a Detecti…

1
Ep 128 | AI and Cyber 101 with David Higgins, former CISO for Kiwibank 44:14

1y ago44:14

44:14

On this week's episode Gar talks with David Higgins, former CISO for Kiwibank. In this conversation, David takes us through what AI and ChatGPT mean for cyber, providing a clear understanding of what it is and what it isn’t. He also provides insights into what it means for both the attackers and protectors, as well as what is hype, what is real and…

1
Ep 127 | Behind the Cyber News: 14th of March 2023 35:33

1y ago35:33

35:33

On this week’s episode, the team are back to look behind the cyber news, starting with the announcement from the Home Affairs Department to restructure in order to give government a ‘cyber spine’. We investigate the plan from the European Central bank to run stress tests on cyber resilience across Europe’s top banks in response to the sharp rise in…

1
S4E8: Jim Dempsey - Cyber Policy & Regulation 44:38

1y ago44:38

44:38

Chris - I have to start with the intersection of law and cybersecurity. We're seeing major strides in regulations, both federal and state (like NYFDS), to regulate and enforce cybersecurity policies and program-based guidance. What are some of the emerging trends we're seeing in cyber law? Chris - As you know, we recently saw the new National Cyber…

1
Ep 126 | The Genesis of Mimecast with Peter Bauer, Co-Founder and CEO of Mimecast 44:27

1y ago44:27

44:27

On this week’s episode, Gar sits down with Mimecast Co-Founder and CEO, Peter Bauer. Peter talks through his journey in cyber and the genesis of Mimecast, how he navigated the ups and the down, how he maintained an entrepreneurial mindset and culture as the company grew. We then cover what Peter sees as the biggest emerging risks in cyber, and the …

Podcast Layak Disimak

Cyber Resilient Podcast

Podcast Layak Disimak

Panduan Referensi Cepat