Resilient Cyber brings listeners discussions from a variety of Cybersecurity and Information Technology (IT) Subject Matter Experts (SME) across the Public and Private domains from a variety of industries. As we watch the increased digitalization of our society, striving for a secure and resilient ecosystem is paramount.
…
continue reading
We know it can be challenging to secure your business, especially when you have limited time. The Get Cyber Resilient Show, brought to you by Mimecast, is the perfect way to stay up-to-date with the latest cyber developments across Australia and New Zealand. From cyber security to cyber awareness, your hosts Daniel McDermott, Garrett O'Hara and Vinh Nguyen will bring you insights and real stories from IT and Security Leaders, just like you. Don’t get angry at downtime and data breaches, Get ...
…
continue reading
1
S6E13: Bryson Bort - Cybersecurity and the Entrepreneurship Journey
35:41
35:41
Putar nanti
Putar nanti
Daftar
Suka
Menyukai
35:41
- First off, for folks not familiar with your background can you tell us a bit about your background from your journey in your earlier IT/Cyber and military time to eventually being a Founder and CEO? - What made you decide to take that leap and found not just one, but two cybersecurity companies, moving from being a practitioner? - What did you fi…
…
continue reading
1
S6E12: Matt Nelson & David Cantrell - BESPIN Software Factory - Innovating at the Edge
55:55
55:55
Putar nanti
Putar nanti
Daftar
Suka
Menyukai
55:55
Can you each tell us a bit about your background, before we dive in? For those not in the DoD or familiar with the term, what is a “Software Factory”? What is BESPIN? What is the current state of mobile security within the DoD? Why do you think there’s such a delay in maturing policy, process and pathways for mobile in DoD, given the big emphasis t…
…
continue reading
1
S6E11: Josh Bressers & Dan Lorenc - Untangling the NVD Chaos
29:18
29:18
Putar nanti
Putar nanti
Daftar
Suka
Menyukai
29:18
- First off, for folks that don't know you can you give them a brief overview of your background/organizations? - Josh, let's start with you. Can you explain some of what is going on with the drama around NVD and what happened that caught everyone's attention? - Dan - I know you've raised concerns around the implications for the community when it c…
…
continue reading
1
S6E10: Adam Bateman - Securing the Modern Identity Perimeter
32:07
32:07
Putar nanti
Putar nanti
Daftar
Suka
Menyukai
32:07
- It is often now said that identity is the new perimeter, why do you think that phrase has taken hold and what does it mean to you? - How much do you think the complicated identity landscape plays a role, for example most organizations have multiple IdP's, as well as external environments such as SaaS and so on that they have identities and permis…
…
continue reading
1
S6E9: Joanna McDaniel Burkey - From CISO to the Boardroom
38:03
38:03
Putar nanti
Putar nanti
Daftar
Suka
Menyukai
38:03
- First off, you have an incredible background evolving from software engineer to management roles and ultimately a CISO for some of the industry leading organizations such as Siemen's and HP. I would love to hear about that journey and how you found yourself ultimately becoming an industry leading CISO along the way. - How do you think the CISO ro…
…
continue reading
1
S6E8: Erez Yalon - AppSec, Supply Chain and Security Research
47:17
47:17
Putar nanti
Putar nanti
Daftar
Suka
Menyukai
47:17
- What are some of the most interesting developments in the world of software supply chain security (SSCS) in the last 12 months or so? - It's now been a couple of years since the major fall out of notable incidents such as SolarWinds and Log4j, do you feel like the industry is making headway in addressing software supply chain threats? - For organ…
…
continue reading
1
S6E7 - Chinmayi Sharma & Jim Dempsey - Software Liability and Safe Harbor
50:06
50:06
Putar nanti
Putar nanti
Daftar
Suka
Menyukai
50:06
- First off, for folks not familiar with your backgrounds, can you please each tell us a bit about yourselves? - Let's set the table a bit, what is software liability and what is driving the increased calls for it? For example the recently released National Cyber Strategy, and commentary by U.S. leaders such as from CISA's Jen Easterly - What are s…
…
continue reading
1
S6E6 - Crystal Poenisch - Cybersecurity Product Marketing
20:11
20:11
Putar nanti
Putar nanti
Daftar
Suka
Menyukai
20:11
- First, please tell us a bit about your background and how you got into the role you are now in your career? What drew you to the marketing side of cybersecurity? - I have to be honest, many in the cyber practitioner community often bemoan cyber marketers, often citing poor tactics or interactions. What do you think has contributed to this systemi…
…
continue reading
1
S6E5 - Jeevan Singh - Scaling Application Security
36:59
36:59
Putar nanti
Putar nanti
Daftar
Suka
Menyukai
36:59
- Let's start off by discussing everyone's favorite topic, vulnerability management. When it comes to AppSec, obviously there's been a big push to "shift security left" which comes with CI/CD pipelines, SAST, DAST, Secrets Scanning, IaC scanning etc. How have you handled scaling AppSec effectively without burdening Dev teams with massive vulnerabil…
…
continue reading
1
S6E4 - Joseph Lewis - A Year in the Seat - a CISO's Retrospective
38:06
38:06
Putar nanti
Putar nanti
Daftar
Suka
Menyukai
38:06
- First off, tell us about your journey to the role of the CISO. What did that look like, what steps did you take, what helped prepare you and so on? - To many, the CISO is considered the pinnacle of the cyber career field. How did it feel when you landed the role and looking back a year now, what are some thoughts that come to mind? - We know as y…
…
continue reading
1
S6E3 - Ross Haleliuk - Cyber for Builders & The Cyber Ecosystem
1:02:42
1:02:42
Putar nanti
Putar nanti
Daftar
Suka
Menyukai
1:02:42
- First off, tell us a bit about your background and how you got to where you are now in your career - What led you to write the book? Tell us a bit about the process and the experience so far, given you didn't take a traditional route with a standard publisher etc - Your book is broken into different sections, such as security as an industry, unde…
…
continue reading
1
S6E2 - Jacob Horne - 171, CMMC and the Federal Compliance Landscape
1:03:14
1:03:14
Putar nanti
Putar nanti
Daftar
Suka
Menyukai
1:03:14
- For folks not tracking, let's level set a bit, what exactly is NIST 800-171 and CMMC, and what is the succinct background on the evolution of the two? - Are there notable events that led the DoD to pursue CMMC, building on the history of 171? - Obviously the introduction of the 3PAO aspect brings more rigor than previously existed with self-asses…
…
continue reading
1
S6E1 - Rob van der Veer - Navigating the AI Security Landscape
32:58
32:58
Putar nanti
Putar nanti
Daftar
Suka
Menyukai
32:58
- You've been heavily involved in the AI dialogue in the industry as it has heated up, how did you get your start specializing in software security and most notably AI? - AI continues to be one of the hottest cybersecurity topics in 2023 and heading into 2024. What do you think are some of the most pressing risks around the rapid growth of AI adopt…
…
continue reading
1
S5E9: Kevin Greene - The Cyber Journey, AI/ML and Secure SDLC
43:57
43:57
Putar nanti
Putar nanti
Daftar
Suka
Menyukai
43:57
- Tell us a bit about your cybersecurity journey, you've held a variety of roles with FFRDC's and industry - You've been talking a good bit about the latest Secure-by-Design push, what do you make of this push? I know you've raised concerns about needing to do some research to determine the effectiveness of these "secure" SDLC's - AI and ML are eve…
…
continue reading
1
S5E8: Jake Meloche - Cloud Native Security
21:16
21:16
Putar nanti
Putar nanti
Daftar
Suka
Menyukai
21:16
- First off, tell us a bit about yourself, what you're up to and how you have gotten where you are career wise - What are some of the key differences with cloud-native security? - There's a lot of acronyms in the cloud-sec space, such as CWPP, CSPM, KSPM and so on. Can you unpack a few of these for the audience and what they mean? - This also infer…
…
continue reading
1
S5E7: Darwin Salazar - Data, Detections & the Cybersecurity Market
29:43
29:43
Putar nanti
Putar nanti
Daftar
Suka
Menyukai
29:43
Nikki - Can you tell us a little bit about what interested you in cloud security in the first place? I know you have a particular interest in misconfigurations - was there a singular event that spurred your interest? Chris - What are your thoughts around Guardrails in the cloud and using things such as event based detections? Chris - You interestin…
…
continue reading
1
S5E6: Allie Mellen - SecOps, Detection and AI
25:55
25:55
Putar nanti
Putar nanti
Daftar
Suka
Menyukai
25:55
Nikki - I have to start with the fact that you've been looking into the vulnerability management space! This is an area I've been focused on for many years and I'm curious - what are the biggest pain points you see now in VulnMgmt? Chris - I recently saw you had a blog regarding Exposure Management and contrasting it with Vulnerability Management. …
…
continue reading
1
S5E5: Greg Rasner - Zero Trust and Third Party Risk Management
37:17
37:17
Putar nanti
Putar nanti
Daftar
Suka
Menyukai
37:17
- You recently wrote a book titled Zero Trust and Third Party Risk. Can you tell us a bit about the book, why you wrote it and how you see the convergence of ZT and TPRM? - There's been a lot of discussion lately around Software Supply Chain Security, but also Cybersecurity Supply Chain Risk Management, or C-SCRM. Do you see the former being part o…
…
continue reading
1
S5E4: Jonathan Rau - The Modern Security Data Landscape
28:46
28:46
Putar nanti
Putar nanti
Daftar
Suka
Menyukai
28:46
Nikki - With your current role as a Distinguished Engineer - I know you focus a lot on cloud security. What does being a DE entail? Do you do some research along with your other duties? Chris: We've seen the discussion around data in the security space evolve quite a bit. From legacy environments with a SIEM/SOC centralized approach, oriented aroun…
…
continue reading
1
S5E3: Patrick Garrity - Vulnerability Research, Management and Visualizations
35:19
35:19
Putar nanti
Putar nanti
Daftar
Suka
Menyukai
35:19
Nikki - I wanted to ask you first what got you so passionate about vulnerability management - what was it that first sparked your curiousity and interest into security research? Nikki - You do a lot of awesome graphics and visualizations of vulnerability data from both CISA KEV and around types of CVE's - what kind of statistics do you think are mo…
…
continue reading
1
S5E2: Scott Piper - Modern Cloud Security and Resilience
41:51
41:51
Putar nanti
Putar nanti
Daftar
Suka
Menyukai
41:51
Chris: First off, you've been knee deep in CloudSec for several years now, watching trends, incidents and the industry evolve. Where do you think we've made the most headway, and where do you think we still have the largest gaps to close? Nikki: I'm really interested in multi-cloud environments and security - because of the connectivity potential b…
…
continue reading
1
S5E1: Amit Elazari - Convergence of Technology & Digital Policy
40:05
40:05
Putar nanti
Putar nanti
Daftar
Suka
Menyukai
40:05
- For those who haven't met you yet or come across your work, can you tell us a bit about your background? - First off, tell us a bit about OpenPolicy, what is the organizations mission and why did you found it? - Why do you think it's important for there to be tight collaboration and open communication between businesses, startups and policy maker…
…
continue reading
1
S4E24: Michael McLaughlin & Bill Holstein - Battlefield Cyber
59:05
59:05
Putar nanti
Putar nanti
Daftar
Suka
Menyukai
59:05
- First off, for those unfamiliar with this problem and situation, what exactly is the challenge here, and why should more people be paying attention to this? - What do you say to those who may say this is just something occurring in the digital realm, and not a physical or real threat, given the ubiquity of software, this seems short sighted, no? …
…
continue reading
1
S4E23: Michael Klipstein - Cybersecurity from Sea to Space
30:21
30:21
Putar nanti
Putar nanti
Daftar
Suka
Menyukai
30:21
Nikki - In addition to your Senior Policy Advisor role, you are also part of several academic institutions, including one we have in common - Capitol Technology University. Can you talk a little bit about why you wanted to be involved in the technical and academic side? Have their been any benefits you've seen in academia that you've brought to the…
…
continue reading
1
Ep 136 | The end of the cyber road with Dan McDermott, Gar O'Hara and Vinh Nguyen
33:10
33:10
Putar nanti
Putar nanti
Daftar
Suka
Menyukai
33:10
The end of the cyber road. This week we say goodbye to the Get Cyber Resilient show. Dan, Gar and Vinh take one last look behind the cyber news. In this episode, we start with Australian Prime Minister Anthony Albanese’s answer to cyber resiliency; we then jump over to the world of OT and how Schneider Power metres have been disclosing that they tr…
…
continue reading
1
S4E22: Omkhar Arasaratnam - OSS and OpenSSF
41:25
41:25
Putar nanti
Putar nanti
Daftar
Suka
Menyukai
41:25
You are now at the Open Source Security Foundation - but you have a ton of experience (even as a former IBMer) from Google, to JPMorgan, and financial institutions through architecture, management, and engineering. Can you talk a little bit about your leadership journey? Let's dig into OpenSSF a bit more - we're only seeing an increase in software …
…
continue reading
1
Ep 135 | OT and Cyber Security with Belinda Noel, Chief Growth Officer at Secolve
35:10
35:10
Putar nanti
Putar nanti
Daftar
Suka
Menyukai
35:10
In this episode, Gar sits down with Belinda Noel, Chief Growth Officer at Secolve. Belinda talks us through the expanding world of Operational Technology (OT) and Cyber Security, looking at its growing importance and need for attention. We look at the differences and overlap between IT, OT and IOT, and how each play their part, the immaturity of OT…
…
continue reading
1
Ep 134 | Behind the Cyber News: 13th of June 2023
31:57
31:57
Putar nanti
Putar nanti
Daftar
Suka
Menyukai
31:57
On this week’s news episode, Dan, Gar and Vinh are taking another look behind the cyber news, starting with Toyota, and customer information that has been publicly accessible forover 6 years. Next we dive into the supply chain attack impacting many high profile British brands that is linked to a Russian cyber gang, we then discuss how the governmen…
…
continue reading
1
S4E21: Kelly Shortridge - Security Chaos Engineering & Resilience
41:53
41:53
Putar nanti
Putar nanti
Daftar
Suka
Menyukai
41:53
Chris - For those not familiar with Security Chaos Engineering, how would you summarize it, and what made you decide to author the new book on it? Nikki - In one of your sections of Security Chaos Engineering, you talk about what a modern security program looks like. Can you talk about what this means compared to security programs maybe 5 to 10 yea…
…
continue reading
1
S4E20: Luke Hinds & Craig McLuckie - The Founders Journey & Software Supply Chain Security
37:41
37:41
Putar nanti
Putar nanti
Daftar
Suka
Menyukai
37:41
- First off, can you each tell us a bit about your backgrounds and experience in the space? - What made you all decide to found Stacklok, what gaps and opportunities in the ecosystem did you see? - What are your thoughts around the industry's response to software supply chain security and how do you see things such as OSS and Sigstore playing a rol…
…
continue reading
1
Ep 133 | Filling the cyber talent gap with Matt Wilcox, Founder and CEO of FifthDomain
45:52
45:52
Putar nanti
Putar nanti
Daftar
Suka
Menyukai
45:52
This week we are joined by Matt Wilcox, Founder and CEO at FifthDomain. In this conversation, Matt and Gar discuss the growing gap in our local cyber workforce and the initiatives needed to fix the problem. Matt explains the ways we can ensure cyber training is most effective for those coming into the workforce, and the role Government and industry…
…
continue reading
1
S4E19: Mark Montgomery - Securing the Digital Democracy
50:51
50:51
Putar nanti
Putar nanti
Daftar
Suka
Menyukai
50:51
Nikki - What does cyber resiliency mean to you? Nikki - Can you tell us a little bit more about the Cyberspace Solarium Commission or CSC, in particular I'm interested in the promotion of national resilience. Can you talk a little bit about what that means and what's in progress at the moment? Chris - There's been a lot of activity lately with the …
…
continue reading
1
S4E18: Joseph Lewis - Cybersecurity & Servant Leadership
22:20
22:20
Putar nanti
Putar nanti
Daftar
Suka
Menyukai
22:20
Nikki - You're a newly minted CISO and SES - how's it going? How have the first few months been in the role? Nikki - With your background in both Academia as an Adjunct Professor and with your cyber and executive leadership experience - how important would you say the intersection of academia, research, and leadership go? Chris - We know you're a b…
…
continue reading
1
Ep 132 | Behind the Cyber News: 16th of May 2023
30:53
30:53
Putar nanti
Putar nanti
Daftar
Suka
Menyukai
30:53
On this week’s episode, Gar and Vinh are taking a look behind the cyber news, kicking off with the twitter hacker extradition in the US, we then discuss the snake espionage infrastructure that cyber agencies have detected in over 50 countries. Staying global, we look at how the EU is going hard on cyber labelling for the cloud services, then back a…
…
continue reading
1
S4E17: Yotam Perkal - Vulnerability Management and Modernization
32:50
32:50
Putar nanti
Putar nanti
Daftar
Suka
Menyukai
32:50
Chris - To set the stage for the discussion of vulnerability management, Rezilion recently had a report that found that organizations had over 100,000 backlogged vulnerabilities. Why do you think things have gotten so bad? Chris - Leaders also stated that they are able to patch less than half of that backlog, thousands of vulnerabilities never get …
…
continue reading
1
S4E16: Alfredo Hickman - SaaS Security & Third-Party Risk Management
27:11
27:11
Putar nanti
Putar nanti
Daftar
Suka
Menyukai
27:11
Chris - Why do you think SaaS security is so overlooked in the conversation around cloud security, despite SaaS being so pervasive? Chris - SaaS obviously involves a lot of third-party integrations. What are the risks o f these ungoverned integrations and can they have a cascading impact if one of the providers has an incident? Nikki - Chris and I …
…
continue reading
1
Ep 131 | Behind the Cyber News: 2nd of May 2023
36:55
36:55
Putar nanti
Putar nanti
Daftar
Suka
Menyukai
36:55
We’re back for the first episode of Season 10! In this Behind the Cyber News episode we kick off with a look into the United Nations Cyber Crime Treaty and its implications on global law enforcement. We then review the Top 5 Most Dangerous cyberattacks for 2023 as announced by the SANS Technology Institute at the RSA Conference, we then move back t…
…
continue reading
1
S4E15: Tom Pace - Firmware, IoT and Cyber Physical Systems (CPS)
37:18
37:18
Putar nanti
Putar nanti
Daftar
Suka
Menyukai
37:18
Chris: First off, tell us a bit about NetRise, what you all do, and what your focus is on? Chris: There's been a tremendous focus as of late on software supply chain security, as you know, but much of it focuses on things such as Cloud, SaaS, Containers etc. at NetRise you all take a focus on Firmware, IoT and Cyber Physical Systems (CPS). Why is t…
…
continue reading
1
S4E14: Josh Reiter - U.S. Navy Workforce and Cyber Superiority
33:37
33:37
Putar nanti
Putar nanti
Daftar
Suka
Menyukai
33:37
Chris: Can you tell us a bit about your background and what the role of the Deputy Principal Cyber Advisor does? Nikki: When we talk about workforce challenges, I think about the types of skills that someone is looking for in a cyber program. What types of skills do you look for in hiring and what kinds of skills do we still need in the cyber profe…
…
continue reading
1
S4E13: Chris Kulakowski - Threat Hunting & Detection Engineering
26:56
26:56
Putar nanti
Putar nanti
Daftar
Suka
Menyukai
26:56
Oleh Chris Hughes
…
continue reading
1
S4E12: Kristin Saling - U.S. Army Workforce Modernization & Analytics
24:09
24:09
Putar nanti
Putar nanti
Daftar
Suka
Menyukai
24:09
Nikki - First - tell me a little bit about yourself and your background Nikki - You have a ton of experience with the Army, can you talk a little bit about what you like most about working with the military and specifically in HR? Chris - We hear a lot about digital transformation in the DoD, Cloud, Cyber, Zero Trust, and so on - but how critical d…
…
continue reading
1
Ep 130 | Cyber's toll on Mental Health with Dr Andrew Reeves, Director at Cybermindz
46:35
46:35
Putar nanti
Putar nanti
Daftar
Suka
Menyukai
46:35
This week we are joined by Dr Andrew Reeves, Director at Cybermindz and a psychologist. In this conversation, Andrew talks us through the Cybermindz organisation, the data that came has been uncovered in his research on mental health in cyber and the nine attributes that point to what is different in the world of stress and burnout in cyber and wha…
…
continue reading
1
S4E11: John Speed Meyers - Data Science & Software Supply Chain Security
36:34
36:34
Putar nanti
Putar nanti
Daftar
Suka
Menyukai
36:34
Chris: I have been following your research for several years now, dating back to your role before Chainguard. As you have watched the conversation around Software Supply Chain Security unfold in the industry, do you feel like we're making positive headway? Chris: You have done a lot of research into software supply chain security, and of course SBO…
…
continue reading
1
Ep 129 | Behind the Cyber News: 28th of March 2023
36:04
36:04
Putar nanti
Putar nanti
Daftar
Suka
Menyukai
36:04
On this week’s episode; Dan, Gar and Vinh kick off with a look behind the latest high profile, large scale breach – Latitude Financial. We then pivot to a review of the latest misuse of AI, fooling voice recognition systems used to verify identity by Centrelink and the ATO, we also discuss the possibility that the federal government is considering …
…
continue reading
1
S4E10: Lily Zeleke - DoD Cloud & Software Modernization
30:12
30:12
Putar nanti
Putar nanti
Daftar
Suka
Menyukai
30:12
Chris: Before we dive into some technical topics and questions, we would love to hear a bit about your background and career Chris: - We've now seen the introduction of JWCC into the mix after quite a challenging road to get there. What major changes do you see JWCC playing in the DoD cloud landscape and cloud adoption journey? Nikki: - There's bee…
…
continue reading
1
S4E9: Resilient Cyber Show w/ Day Johnson
27:59
27:59
Putar nanti
Putar nanti
Daftar
Suka
Menyukai
27:59
Nikki - With your experience in various cloud and Cybersecurity roles, what would you say the top 3 concerns are right now for cloud security? Nikki - I see you do a lot of work Cybersecurity and cloud education, do you feel like we have better tools and resources today than a few years ago? Or too many resources? Chris - We know you have a Detecti…
…
continue reading
1
Ep 128 | AI and Cyber 101 with David Higgins, former CISO for Kiwibank
44:14
44:14
Putar nanti
Putar nanti
Daftar
Suka
Menyukai
44:14
On this week's episode Gar talks with David Higgins, former CISO for Kiwibank. In this conversation, David takes us through what AI and ChatGPT mean for cyber, providing a clear understanding of what it is and what it isn’t. He also provides insights into what it means for both the attackers and protectors, as well as what is hype, what is real and…
…
continue reading
1
Ep 127 | Behind the Cyber News: 14th of March 2023
35:33
35:33
Putar nanti
Putar nanti
Daftar
Suka
Menyukai
35:33
On this week’s episode, the team are back to look behind the cyber news, starting with the announcement from the Home Affairs Department to restructure in order to give government a ‘cyber spine’. We investigate the plan from the European Central bank to run stress tests on cyber resilience across Europe’s top banks in response to the sharp rise in…
…
continue reading
1
S4E8: Jim Dempsey - Cyber Policy & Regulation
44:38
44:38
Putar nanti
Putar nanti
Daftar
Suka
Menyukai
44:38
Chris - I have to start with the intersection of law and cybersecurity. We're seeing major strides in regulations, both federal and state (like NYFDS), to regulate and enforce cybersecurity policies and program-based guidance. What are some of the emerging trends we're seeing in cyber law? Chris - As you know, we recently saw the new National Cyber…
…
continue reading
1
Ep 126 | The Genesis of Mimecast with Peter Bauer, Co-Founder and CEO of Mimecast
44:27
44:27
Putar nanti
Putar nanti
Daftar
Suka
Menyukai
44:27
On this week’s episode, Gar sits down with Mimecast Co-Founder and CEO, Peter Bauer. Peter talks through his journey in cyber and the genesis of Mimecast, how he navigated the ups and the down, how he maintained an entrepreneurial mindset and culture as the company grew. We then cover what Peter sees as the biggest emerging risks in cyber, and the …
…
continue reading