By Sean Martin
Guests: Katie Nickels | Fred Wilmot | Ryan Kovar
Host: Sean Martin
It took me a while to get the conversation with Katie Nickels and Fred Wilmot sorted so we could talk about all things MITRE ATT&CK. Fortunately, we found some time together in person in Las Vegas during Hacker Summer Camp. As a bonus, I also got the chance to meet Ryan Kovar who happened to be presenting on ATT&CK with Katie that smae week. Ryan joined us for the conversation as well.
Have a listen as we explore what MITRE ATT&CK is, what it’s for, who it’s for, how to get started with it, how to be successful with it, and what scenarios could be leveraged to learn from others’ successes and challenges.
Guest: Erez Yalon, Director of Security Research at Checkmarx
In this ‘In The News’ segment we are discussing the “LeapFrog accident” that has been going around the news since Black Hat when our friend, Erez Yalon, disclosed some research that uncovered some severe vulnerabilities on IoT tablets made specifically for children.
Chill out. There’s no need to panic. The good news part of this story is that the company stepped in quickly and acted responsibly. So why are we talking about it if the problem is solved?
Here is why:
We do not thrive on clickbait and FUD
We want to help the cybersecurity community to build a better, safer technological future
We believe that knowledge is power and education is society’s superpower against cyber threats
We do not think that stopping people from using technology is the way to safety; not even for—maybe even less for—kids (we want them to play and learn!)
We believe we can make ethical decisions now that will help the future generations take full advantage of a technologically advanced society.
Join us in building that future. Start by listening to this podcast.
- Michael Echols, CEO, IACI International Association of Certified ISAOs and former Director, Cyber Joint Program Management Office, US Dept. of Homeland Security
- Edward Block, Practicing Attorney, Foley Gardere, and former Chief Information Security Officer, State of Texas
Many small town and cities across the grand state of Texas have had better days. Much better days, in fact. There have been many articles highlighting the recent ransomware attacks to successfully compromise more than nearly two dozen Texan towns.
We had many questions to ask our two guests — both of whom have a direct and deep understanding of these types of attacks, the readiness of this specific region, and the potential threats looking in other similar regions across the United States. Have a listen to hear their thoughts on this situation.
“Water drops hit the wet stone floor. The sound reverberates in the distance.”
“I see there is somebody lurking in the shadow here.”
“He couldn't sound creepier if he tries to sound creepier__”
“I could try.”
“He could probably be.“
“He probably could. He probably could__ anxious laugh.”
“Evil laugh echoes in the emptiness of the dark corridor__”
This was not scripted. It just happened. The podcast starts like this and there is nothing I can do about it. Actually, to be honest, I am glad it did.
Guest: Kymberlee Price, Microsoft
I was excited for two things happening during this year's Hacker Summer Camp excursion:
1) An opportunity to meet—in person—someone leading the bug bounty charge for quite some time: Kymberlee Price, Principal Security PM Manager - Microsoft Security Response Center's Community Programs
2) To explore and discuss the dedicated Bug Bounty micro-summit during Black Hat USA 2019
Fortunately, both of these activities came together in a single setting during Black Hat, as Marco and I got to meet Kymberlee not only to discuss the micro summit, but to also hear about her journey in InfoSec and her role in establishing some of the best practices being leveraged by the industry for some time now—specifically via her work at Microsoft, at Bugcrowd, and Microsoft (again).
I loved this having conversation and hearing Kymberlee's story.
Now it's your turn to hear it. Have a listen.
I happen to know some of the more skilled social engineers in the cybersecurity industry, and during Hacker Summer Camp 2019, Sean Martin and I were invited to meet one of the best.
You probably know her. She goes by the handle @sn0ww. This is her story.
Do you want to hear it? Of course, you do. No, really, you do. You don’t want to be the only one not listening to it, do you?
Go ahead, type your in your SSN, and click play... 🔥😇😈🔥
We care deeply and passionately about creating a diverse cybersecurity workforce — not just when it come to gender, but also for background, origin, age, religion, neuro-makeup, and more — essentially anything and everything that makes us unique; makes us human. We hope to reach a point where we no longer have to shake the box to remind ourselves of the benefits associated with diversity, but until we reach that point, you’ll find us shaking things up at the intersection of technology, cybersecurity, and society. With this, we ask you to celebrate with us the successes these cybersecurity leaders have achieved.
Welcome Mission Critical. A new talk show on ITSPmagazine Hosted by Karen Worstell
This is about the challenges in cyber and how the cyber community can thrive and “stay in the game” in the face of them.
Karen knows from experience that all those things come from a workplace with high expectations and a sense of belonging—and we need a lot of help with that right now! At the heart of this series of podcasts are the values she has learned to hold most dear: Justice, Compassion, Leadership and Allyship.
Listen to Karen, Sean, and Marco introducing this new talk show.
We couldn’t ask for a better host to tell these stories and help us to make a difference in our community.
It’s also important to recognize that the products and solutions (and applications) we are building a using are comprised of multiple components from all of the place—custom, commercial, and open source—and from all over the world.
At the end of the day, we’re all speaking about code and we all need to write secure code. Start speaking about it with your peers at the inaugural AppSec Village at DEF CON 27. But first, have listen to this chat to learn more.
According to our guest for this chats on the road to Las Vegas, Jeffrey Smith, Managing Partner at Cyber Risk Underwriters, there’s been a considerable uptick in the number of policies written, especially at the small/medium business level.
Be sure to listen to this podcast to learn more about this trend and then join Jeffrey Smith, Jeremiah Grossman, and many more for the inaugural micro summit for cyber insurance at Black Hat.
Sticking with the transportation theme from some of our DEF CON 26 conversations, for this next chat we take a look under the hood of another new village introduced for DEF CON 27 — the Aviation Village.
To help us understand how multiple parties can (and are) working together to understand the risks, how to mitigate them, and the challenges getting all of the cybersecurity dots connected throughout the entire ecosystem, we connected with one of the leaders of the Aviation Village, Pete Cooper.
In this chats on the road to Hacker Summer Camp in Las Vegas, you’ll get to hear from the following Wicked6 Cyber Games contestants:
Nouran Alotaibi represents the University of North Carolina Wilmington
Team: Cyber Seahawks
Shilpa Joshy represents University Of Colorado Boulder
Franklin Pearson represents ECPI Columbia
Team: D0wn the L1ne
We have three great stories to share in this chat. Have a listen!
Guest: Francesco Cipollone
As part of our In The News series, in this episode, we connect with Francesco Cipollone to host a Q&A session where the questions were driven by the InfoSec community. The questions asked were presented to Francesco via social media and Francesco selected 3 questions to respond to in this episode. These are the people and their questions: Jim Manico [@manicode ] | John Opdenakker [@j_opdenakker] | Tanya Janca [@shehackspurple].
In today’s chat, we are joined by Holly Rollo, Chief Marketing Officer, SVP at RSA Security. Holly is also one of the keynote speakers at RSA Conference APJ — co-presenting with Rohit Ghai, President at RSA Security, she will be talking about: The New Why of Cybersecurity.
In today’s chat, we are joined by Matthias Yeo, CEO, Fund Technologies Pte Ltd. Matthis is one of three judges responsible for naming the winner at this year’s inaugural Launch Pad Event (for which we are the exclusive media partner!). We really enjoyed our chat with Matthias as we learned more about the state of cybersecurity and innovation in the region coupled with his vision for the inaugural Launch Pad event.
By Sean Martin
Guests: Raluca Saceanu | Elena Steinke
The other day I came across a blog post talking about the impact the EU CyberSecurity Act could have now that it is officially “in force” as of Thursday, the 27th of June, 2019. To dig deeper into this topic, I connected with Elena Steinke and asked her to join me and the author of the blog post, Raluca Saceanu, for a quick chat.
Three years ago, we started having our Chats On The Road to Las Vegas.
As we are gearing up to cover three more conferences, we are having our pre-event conversations for each one. As we are planning to make all them a recurring series, this particular podcast is already part of a solid ITSPmagazine tradition: the third Chats on the Road conversation with Black Hat General Manager, Steve Wylie. This episode kicks off our coverage for such a pillar event in our industry.
By Sean Martin
Guests: Brendan Bonner | John Durcan
Wouldn’t it be good if we could cross the business-to-cybersecurity bridge such that we all have a good picture for what’s important for the business — and ultimately for humanity and the societies for which we create? This is the main driver underneath a two-part conversation I had earlier this year with Brendan Bonner, Chief Technologist — Technology, Content and Business Services at IDA Ireland, and John Durcan, Senior Technologist at Enterprise Ireland.