add_circle Create Playlist
Cyber Security Interviews - - A World of Music


123 Episodes Play All Episodes
access_time2 months ago
access_time3 months ago (Shannon Brazil )is a Senior Cyber Security Specialist working within a CIRT of a Canadian Fortune 500. She has been in IT for over 12 years, with the last three years in Cybercrime investigations with law enforcement and recently moving into the private sector to focus on Digital Forensic analysis and investigations and Incident Response.
As a hobby, Shannon dives into OSINT CTFs, helps promote young women to enter the STEM industry through Technovation - an innovative program for young entrepreneurs, and offers mentorship to those looking to venture into Cyber Security. She is also a course designer and developer with her local college that aims to arm the new generations with tactics, techniques, and knowledge in becoming experts in Digital Forensics and Investigations.
In this episode, we discuss starting as a chef, skills learned from culinary arts, moving from IT to investigations, burnout and self-care, mentors she follows, why she mentors others, diversity and inclusion, and so much more.
Where you can find Shannon: (LinkedIn) (Twitter)
access_time3 months ago (Cimone Wright-Hamor) works at (Pacific Northwest National Laboratory) (PNNL) as a cybersecurity researcher while pursuing a Ph.D. in Computer Engineering at Iowa State University. She has spent the last decade of her life interning at a variety of organizations. She has had ten internships at more than six different organizations, including public and private industries ranging from Fortune 500 companies like (Microsoft) to successful startups such as (Smart-Ag), state government, and national laboratories.
Cimone has spent the last five years of her career working in the cybersecurity field. While completing research, she has helped protect the infrastructure for the State of Iowa and ensured that startup companies are developing software with security in mind.
In this episode, we discuss getting started in information security due to responding to an incident, an early upbringing which prepared her for cybersecurity, bridging theory to engineering, teaming with dev and security teams, the importance of project updates, increasing diversity in the industry, and so much more.
Where you can find Cimone: (LinkedIn) (blackcomputeHER) (PNNL)
access_time3 months ago (Jenna Waters )is a Cybersecurity Consultant at (True Digital Security) where she specializes in information security program development, industry compliance assessments, threat intelligence, and cloud security controls. She is an experienced professional who consults with companies across multiple industries in achieving security-related best practices and/or regulatory compliance objectives related to risk management and compliance frameworks, and various privacy laws throughout the United States.
Jenna began her career in the United States Navy working under the (U.S. Fleet Cyber Command at the Naval Intelligence Operations Center (NIOC)) and with the National Security Agency (NSA). Afterward, she graduated from the (University of Tulsa )with a degree in Computer Information Systems. Jenna is passionate about sharing her knowledge of cybersecurity with business owners, public policy leaders, and healthcare, financial, and tech industry members. When she isn’t busy helping her clients protect their customers’ data, Jenna is a voracious reader, aspiring hobbyist, and dog mom of two.
In this episode, we discuss starting cybersecurity with the U.S. Navy, tying spoken languages to coding languages, leading and managing people, building an information security program, getting leadership buy-in, using frameworks for resiliency, diversity and inclusion, and so much more.
Where you can find Jenna: (LinkedIn) (Twitter) (Blog)
access_time3 months ago (Nato Riley) is an Integrations Engineer at (Blumira) and the Co-founder of (Cloud Underground). Nato provides infrastructure, code, and security across all his efforts and is focused on helping Blumira build the most effective and efficient SIEM on the market for small to mid-sized businesses.
He is the host of the “Nato as Code” and the " (Cloud Underground)" productions on YouTube, the creator and maintainer of the Olympiad platform, and the founder of (notiaPoint) (now known as (Cloud Underground)).
In this episode, we discuss starting in technology repairing computers, going to school for public speaking, finding passion in information security, trying too hard to pass certification tests, going out on his own, mentorships, burnout, diversity, and so much more.
Where you can find Nato: (LinkedIn) (Twitter) (Nato as Code - YouTube) (Cloud Undeground - YouTube)
access_time6 months ago (Sara Avery) is a Regional Sales Manager at (Zscaler). She has held various positions over the past 20 years in the Information Technology field and discovered her passion for information security 15 years ago. Her career has largely been spent in sales and account management with a laser focus on my customer's success. Sara's tenured experience in cybersecurity has given her a strong understanding of the complex technology and intelligence required to keep enterprises secure.
From a young age, she was raised to be a strong female and leader. Her mother, along with other trailblazing women, campaigned to start the Equal Rights Amendment in Colorado in the early 1970s. With a passion for helping others, Sara wanted to start a group that would help, mentor, learn and guide women and founded (Women in Cyber Security, ISSA Denver). Her vision was to find a way to inspire and support women in all areas of information security, as well as develop and mentor the younger female generation for the future of the dynamic and ever-changing world of information security.
In this episode, we discuss her early start with Y2K, why she helped start Women In Security with the Denver ISSA chapter, the evolution of communications with workstyles, getting young girls into STEM, how she is championing equality at work, dealing with gaslighting, mansplaining, and microaggressions, removing the stigma of "the hacker," and so much more!
Where you can find Sara: (LinkedIn) (Women In Security - ISSA Denver)
access_time7 months ago (Jennifer Brown) is an award-winning entrepreneur, (speaker), diversity and inclusion consultant, and author. As the successful founder, president, and (CEO of Jennifer Brown Consulting), headquartered in New York City, Jennifer is responsible for designing workplace strategies that have been implemented by some of the biggest companies and nonprofits in the world. She has harnessed more than 14 years of experience as a world-renowned diversity and inclusion expert through consulting work, keynoting, and thought leadership.
Jennifer has spoken at many top conferences and events such as the International Diversity Forum, the Global D&I Summit, the Forum for Workplace Inclusion, the NGLCC International Business & Leadership Conference, the Out & Equal Workplace Summit, Emerging Women, as well as at organizations such as the Bill and Melinda Gates Foundation, the NBA, Google, IBM, and more.
She is the bestselling author of; (Inclusion: Diversity, The New Workplace and The Will to Change) and a new book; (How To Be An Inclusive Leader: Your Role in Creating Cultures of Belonging Where Everyone Can Thrive).
Jennifer is the host of the popular weekly podcast, (The Will to Change), which uncovers true stories of diversity and inclusion.
In this episode, we discuss being an ally to underrepresented groups, biases in the workplace, how the COVID crisis has shed a light on diversity, how leadership needs to change the culture, removing harmful processes, finding diverse mentors, the risks to business by not embracing diversity, and so much more.
Where to find Jennifer: (LinkedIn) (Twitter) (Amazon) (Blog and Website)
access_time7 months ago (Alyssa Miller) leads the security strategy for (S&P Global Ratings) as Business Information Security Officer (BISO), connecting corporate security objectives to business initiatives. She blends a unique mix of technical expertise and executive presence to bridge the gap that can often form between security practitioners and business leaders. Her goal is to change how we look at the security of our interconnected way of life and focus attention on defending privacy and cultivating trust.
A native of Milwaukee, Alyssa began her IT career as a programmer for a Wisconsin-based financial software provider. Her security passion quickly shaped her career as she moved into a leadership role within the ethical hacking team, conducting penetration testing and application assessments along with her team.
As a hacker, Alyssa has a passion for security that she evangelizes to business leaders and industry audiences through her work as a cybersecurity professional and through her various public speaking engagements. When not engaged in security research and advocacy, she is also an accomplished soccer referee, guitarist, and photographer.
In this episode, we discuss why she misses conferences, starting with computers at an early age, diversity, equity, and inclusion, the discrimination she has faced, the lack of understanding of privilege, discriminatory hiring practices, how to be an ally, and so much more!
Where you can find Alyssa: (LinkedIn) (Twitter) (Alyssa In-Security) (Thinkers360)
access_time7 months ago (Chloé Messdaghi) is the Chief Strategist at (Point3 Security). In addition to her passion for keeping people safe and empowered both on and offline, she is also interested in increasing the numbers of marginalized genders in information security. She is the Co-Founder of (Women of Security (WoSEC)) and (Hacking is NOT a Crime) and the Founder of (WeAreHackerz (WomenHackerz)).
Chloé is a keynote speaker at major information security conferences and events and serves as a trusted source for national and sector reporters and editors. She holds a master of science (MS) from the University of Edinburgh, and a BA in international relations from the University of California, Davis, as well as a certificate in entrepreneurship from Wharton and other professional certificates.
In this episode, we discuss the adjustment to conferences from home, feeling unwelcome in cybersecurity as a woman, pivotal moments that kept her in security, making real changes in diversity, equity, and inclusion, how biases develop, removing the bro-culture in management, changing the perceptions of hackers, and so much more!
Where you can find Chloé: (LinkedIn) (Twitter) (Personal Page)
access_time7 months ago (Julian Waits) is the general manager of cybersecurity at (Devo Technology). He has over 30 years of experience in senior leadership roles at technology companies, specializing in security, risk, and threat detection.
He serves on several industry boards, including the (International Consortium of Minority Cybersecurity Professionals (ICMCP)) and (National Cybersecurity STEM Education (NICE)), promoting the development of the next generation of cybersecurity professionals.
In this episode, we discuss missing travel, working more in COVID-19, recruiting from non-traditional places, diversity, equity, and inclusion, his start in music before technology, changing people's understanding of differences, removing unconscious biases, his mentors, why language matters, and so much more!
Where you can find Julian: (LinkedIn) (Twitter)
access_time8 months ago
This is the last episode in the five-part series on mental health, self-care, and neurodiversity. This will not be the last time I speak about these issues on the podcast. I encourage everyone to take these issues seriously and help remove stigmas and champion differences in the way our brains work.
Cybersecurity professionals spend most of their day focused on the health and wellbeing of the environments in their care. However, the cost of reducing risk and keeping our networks safe often comes at the price of our professionals' mental health. Many InfoSec professionals burn out, suffer from anxiety and depression, and turn to unhealthy coping mechanisms, which further exacerbate underlying psychological and physical health issues.
This is an abridged version of one of my public presentations on mental health. My goal is to alleviate the stigma around mental health and stress the importance of open and frank dialogs about this serious issue impacting our community. I will share my journey, reverse engineer the stigma of mental health in business, and look at ways we can hack mental health in productive and meaningful ways.
Episode Disclaimer:
This podcast's information is not intended or implied as a substitute for professional medical advice, diagnosis, or treatment.
We make no representation and assume no responsibility for the accuracy of the information contained in or available through this presentation. THIS IS NOT MEDICAL ADVICE. Please speak to your physician before embarking on any treatment plan.
access_time8 months ago (Danny Akacki) is just a storyteller perpetually looking for a stage. He loves nothing more than attending conferences, giving talks, writing blogs, and finding new ways to reach as many people as he can to educate about cybersecurity. For him, there is no greater satisfaction than community building.
Danny has been fortunate enough to spend his career in Defense, learning from some of the best in the business, including teams at Mandiant, GE capital & most recently as a Technology Advocate with Splunk. He loves what he does and the people he gets to do it with.
In this episode, we discuss his mental health journey, adjusting to a new role during COVID-19, finding outlets for stress release, if mental health issues are worse in cybersecurity, neurodiversity, PTSD, and so much more.
Where you can find Danny:
LinkedIn (Twitter) (YouTube) (Twitch)
Episode Disclaimer:
This podcast's information is not intended or implied as a substitute for professional medical advice, diagnosis, or treatment.
We make no representation and assume no responsibility for the accuracy of the information contained in or available through this presentation. THIS IS NOT MEDICAL ADVICE. Please speak to your physician before embarking on any treatment plan.
access_time8 months ago (Ryan K. Louie), MD, Ph.D. is a board-certified psychiatrist focusing on the mental health impact of cybersecurity, and the psychiatry of entrepreneurship. Ryan received his MD and Ph.D. degrees from the Stanford University School of Medicine and completed residency training in psychiatry at the University of Hawaii Department of Psychiatry.
Ryan completed an internship with the Office of International Health and Biodefense at the US Department of State and was the recipient of a Fulbright Fellowship to Japan. Ryan has published academic articles in psychiatry and cell biology and is the inventor of the patented microtubule lumen-cast nanowire technology.
In this episode, we discuss the stigmas of mental health, coping skills, the economic costs for not addressing mental health, neurodiversity, handling COVID-19 stress, removing job pressures in information security, and so much more!
Where you can find Ryan: (LinkedIn) (Twitter)
Episode Disclaimer:
This podcast's information is not intended or implied as a substitute for professional medical advice, diagnosis, or treatment.
We make no representation and assume no responsibility for the accuracy of the information contained in or available through this presentation. THIS IS NOT MEDICAL ADVICE. Please speak to your physician before embarking on any treatment plan.
access_time8 months ago (Amanda Berlin) is the Lead Incident Detection Engineer for (Blumira) and the CEO and owner of the nonprofit corporation (Mental Health Hackers). She is the author of a Blue Team best practices book called " (Defensive Security Handbook: Best Practices for Securing Infrastructure)” with Lee Brotherston through O'Reilly Media. She is a co-host on the (Brakeing Down Security podcast) and writes for several blogs.
Amanda is an avid volunteer and mental health advocate. She has presented at a large number of conventions, meetings, and industry events such as DerbyCon, O’Reilly Security, GrrCon, and DEFCON.
In this episode, we discuss her start in help desk, speaking amount mental health, depression and anxiety, men's reluctance to report health issues, neurodiversity, how organizations can encourage self-care, using medication, the Mental Health Hackers organization, and so much more.
Where you can find Amanda: (LinkedIn) (Twitter - InfoSystir) (Twitter - Mental Health Hackers) (Mental Health Hackers) (Brakeing Down Security Podcast)
Episode Disclaimer:
This podcast's information is not intended or implied as a substitute for professional medical advice, diagnosis, or treatment.
We make no representation and assume no responsibility for the accuracy of the information contained in or available through this presentation. THIS IS NOT MEDICAL ADVICE. Please speak to your physician before embarking on any treatment plan.
access_time9 months ago
Bill Hudenko, Ph.D. has significant experience in the fields of both mental health and technology. Dr. Hudenko is a licensed psychologist, a researcher, and a professor who holds a joint appointment as a faculty member at (Dartmouth's Department of Psychological and Brain Sciences) and (Dartmouth’s Geisel School of Medicine). 
His research focuses on the use of technology to improve mental health delivery and patient outcomes. Dr. Hudenko is also an experienced software engineer and former database administrator for the National Center for Post-Traumatic Stress Disorder. Dr. Hudenko is currently the CEO of (Trusst Health Inc.), a company devoted to providing high quality, affordable remote psychotherapy via messaging.
In this episode, we discuss his background in brain and computer sciences, the intersection of technology and mental health, our brains' development, neurodiversity, mental health stigma, decision making, and so much more!
Where you can find Bill:
LinkedIn (Dartmouth's Department of Psychological and Brain Sciences) (Dartmouth’s Geisel School of Medicine)
Episode Disclaimer:
This podcast's information is not intended or implied to be a substitute for professional medical advice, diagnosis, or treatment.
We make no representation and assume no responsibility for the accuracy of the information contained in or available through this presentation. THIS IS NOT MEDICAL ADVICE. Please speak to your physician before embarking on any treatment plan.
access_time9 months ago (Daniel Wood )is the Associate Vice President of Consulting at (Bishop Fox), where he leads all service lines, develops strategic initiatives, and has established the Applied Research and Development program. Daniel has over 15 years of experience in cybersecurity and is a subject matter expert in red teaming, insider threat, and counterintelligence. Daniel was previously the manager of security engineering and technology at Bridgewater Associates, where he shaped the strategic direction of technology for the firm and oversaw technical security assessments of Bridgewater’s international office expansions.
Daniel has also served in roles supporting the U.S. government in security architecture, engineering, and offensive operations as a Security Engineer and Red Team Leader. He supported the U.S. Special Operations Command (USSOCOM) on red teaming and digital warfare operations, and the U.S. Army on the Wargaming Cyber Effects on Soldiers’ Decision-Making project.
In this episode, we discuss adapting to COVID-19, focusing on red teaming, cloud security architecture, responsible vulnerability disclosure, ICS security, compliance versus security, his work with the US military and cybersecurity, diversity in information security, and so much more!
Where you can find Daniel: (LinkedIn) (Bishop Fox Blog)
access_time9 months ago (Jasson Casey) is the CTO of Beyond Identity, a passwordless identity management provider. He also serves as a Fellow in CyberSecurity with the (Center for Strategic and International Studies) (CSIS) and the (National Security Institute )(NSI). Previously, Jasson was CTO of (SecurityScorecard), VP of Engineering at (IronNet Cybersecurity), Founder and Executive Director of (Flowgrammable) and Compiled Networks, and served in other technical and executive roles.
Jasson received a bachelor’s degree in computer engineering from The University of Texas at Austin and a Ph.D. in computer engineering from Texas A&M University.
In this episode, we discuss adjusting to COVID-19, his start in VoIP, third party security management, security without passwords, why you are a target, the role of a CTO, using the right language in security, start-up hiring, and so much more!
Where you can find Jasson: (LinkedIn) (Twitter) (Blog)
access_time9 months ago (John Hammond) is a Security Researcher at (Huntress) as well as a cybersecurity instructor, developer, red teamer, and CTF enthusiast. John is a former (Department of Defense Cyber Training Academy) curriculum developer and teacher for the Cyber Threat Emulation course, educating both civilian and military members on offensive Python, PowerShell, other scripting languages and the adversarial mindset. He personally developed training material and infosec challenges for events such as PicoCTF and the "Capture the Packet" competition at (DEFCON) US.
John speaks at security conferences such as (BsidesNoVA), to students at colleges such as the University of North Carolina Greensboro, and other events like the (SANS Holiday Hack Challenge/)KringleCon. He is an online (YouTube personality) showcasing programming tutorials, cybersecurity guides, and CTF video walkthroughs.
In this episode, we discuss how he started in pen-testing, contributing to the community, pen-testing vs purple teaming, setting the rules for engagement, solving the same problems, diversity and inclusion, and so much more.
Where you can find John: (LinkedIn) (Twitter) (YouTube) (GitHub)
access_time10 months ago (David Wong) is a security engineer working on the (libra Blockchain) at Facebook. He is an active contributor to internet standards like Transport Layer Security and to the applied cryptography research community.
David is a recognized authority in the field of applied cryptography; he’s spoken at large security conferences like Black Hat and (DEF CON) and has delivered cryptography training sessions in the industry. He is the author of the soon-to-be-published (Real-World Cryptography book).
In this episode, we discuss why he focused on cryptography, the evolution of blockchain, his contributions to TLS, the Noise Protocol Framework, quantum computing, why he wrote a book on crypto, presenting and teaching cryptography, sanitizing data, and so much more!
Where you can find David: (LinkedIn) (Twitter) (Real-Word Cryptography) ( (
access_time10 months ago (Jeff Hussey) is the President and CEO of (Tempered). Jeff, the founder of (F5 Networks), is an accomplished entrepreneur with a proven track record in the networking and security markets. He maintains several board positions across a variety of technology, nonprofit and philanthropic organizations and currently is the chairman of the board for Carena and chairman and co-owner of (Ecofiltro) and (PuraVidaCreateGood).
Jeff also serves on the board for Webaroo and the Seattle Symphony. He was the chairman of the board for Lockdown Networks, which was sold to McAfee in 2008. Hussey received a BA in Finance from SPU and an MBA from the University of Washington.
In this episode, we discuss adjusting to a remote workforce with a start-up, founding F5 Networks, developing a userbase community, tips for information security product success, IoT and OT cybersecurity, the (Host Identity Protocol), healthcare security, prioritizing efforts as a founder, what gets him out of the bed in the morning, and so much more!
Where you can find Jeff: (LinkedIn) (Tempered)
access_time10 months ago
John Ford is the Cybersecurity Strategist at (IronNet) and is an information security veteran with over twenty years in a wide variety of roles. Prior to IronNet, John was CISO for ConnectWise, the global leader in providing software solutions for Managed Services Providers. In this role, he was accountable for customer-facing security activities, product security, and served as an advisor to the CEO and leadership team.
Before joining IronNet, John founded Sienna Group, a firm dedicated to providing data protection solutions to enterprise organizations, and has held executive roles in the healthcare industry.
In this episode, we discuss healthcare security, compliance versus security, HIPAA regulation and privacy, intellectual property protection, real-time information sharing, ransomware in hospitals, recommendations for new CISOs, and so much more!
Where you can find John: (LinkedIn) (IronNet Blog)
access_time10 months ago (Brandon Hoffman) is the CISO & Head of Security Strategy at (Netenrich). Brandon is an admired security executive responsible for Netenrich’s technical sales and security strategy for both the company and its customers. Most recently, he oversaw solution architecture for (Intel 471)’s dark web threat intelligence business.
As former CTO at (Lumeta Corporation) and (RedSeal Networks), Brandon led technical and field development in network security, vulnerability, and risk. He’s also held key practitioner roles focused in security architecture, penetration testing, networking, and data center operations. Brandon holds an MS degree from Northwestern University and a BS degree from the University of Illinois at Chicago.
In this episode, we discuss adapting to COVID, accidentally getting into security, designing the intelligent SOC, a risk-based approach to information security, measuring cybersecurity outcomes, cyber insurance, risk management frameworks, and so much more!
Where you can find Brandon: (LinkedIn) (Twitter) (Netenrich Blog)
access_time10 months ago
This is a special episode where we celebrate the 100th episode of the Cyber Security Interviews podcast! In this episode, I have the mic turned back on me by a past guest, great friend, and an amazing asset to the community, (Nadean Tanner). She crowdsourced some questions, but head plenty of her own as well as we did this Ask Me Anything special episode.
Douglas Brush is an information security executive with over 26 years of entrepreneurship and professional technology experience. He is a globally recognized expert in cybersecurity, incident response, digital forensics, and information governance. In addition to serving as a CISO and leading enterprise security assessments, Douglas has conducted hundreds of investigations involving hacking, data breaches, trade secret theft, employee malfeasance, and various other legal and compliance issues. He also serves as a federally court-appointed Special Master and neutral expert in high profile litigation matters involving privacy, security, and eDiscovery.
Currently, he is at Splunk where he works with Fortune 500 organizations to improve their security operations and reduce business risk from cyber-attacks.
He is also the founder and host of (Cyber Security Interviews), a popular information security podcast.
In this episode, we discuss why I started the podcast, impostor syndrome, guests I would like to have on the show, my focus on mental health and diversity, important soft skills, talents versus skills, what's in my fridge, and so much more!
access_time1 year ago (Fredrick "Flee" Lee) is the Chief Security Officer at (Gusto), where he leads information and physical security strategies including consumer protection, compliance, governance, and risk.
Before Gusto, Lee spent more than 15 years leading global information security and privacy efforts at large financial services companies and technology startups, most recently as Square's Head of Information Security. He previously held senior security and privacy roles at Bank of America, NetSuite, and Twilio. Lee was born and raised in Mississippi and holds a bachelor's degree in computer engineering from the University of Oklahoma.
In this episode, we discuss COVID response, three-dimensional communications, security as an enabler, integrating security and engineering teams, the information security skills shortage, diversity and inclusion in cybersecurity, his early mentors, and so much more.
Where you can find Flee: (LinkedIn) (Twitter)
access_time1 year ago (Andrea Roberson) is a product manager at Centrify Corporation, where she directs the product roadmap for Centrify Privileged Access Service. She was previously a technical support engineer at the company for almost two years and has held several engineering and support roles during her career including at Google and Apple.
She has a Bachelor of Science degree in Computer Science from Spelman College, where she was a member of the (National Society of Black Engineers), the (Association for Computing Machinery), and (SpelBots).
In this episode, we discuss working with product teams remotely, moving from IT to information security, securing remote access, diversity and inclusion in cybersecurity, mentoring others, self-care and mental health, new threats due to COVID, and so much more.
Where you can find Andrea: (LinkedIn) (Centrify Blog)
access_time1 year ago (HD Moore) is the founder and CEO of (Rumble Network Discovery); a platform designed to make asset inventory quick and easy by combining active scanning with innovative research.
Prior to starting Rumble, HD was best known as the founder of the (Metasploit Project), the foremost open-source exploit development framework, and continues to be a prolific researcher and occasional speaker at security events.
In this episode, we discuss starting with BBSs back in the day, starting the Metasploit project, (project Sonar), his development of Rumble Networks, securing home networks, fingerprinting networks, jump boxes in IoT networks, and so much more.
Where you can find HD: (LinkedIn) (Twitter) (Blog)
access_time1 year ago (Gabe Gumbs) has a deep-rooted passion for technology, information security, and problem-solving. As Chief Innovation Officer of (Spirion)—a leader in rapid identification and protection of sensitive data—he’s channeling that passion to make the digital world a safer place. Wielding a unique mix of technical vision, marketing, and business acumen, Gabe is shaping the future of data security and protecting the sensitive personal data of customers, colleagues, and communities around the world.
Despite having held a range of leadership positions in security technology— including VP of Product Strategy at STEALTHbits and Director of Research & Products at WhiteHat Security—Gabe considers his most valuable experience to be the time he spent on the ground as a security practitioner. Thanks to his intimate understanding of the real issues security professionals face on the front lines, he’s able to identify the core of the problem and create innovative solutions that push data security technology forward.
In this episode, we discuss his early starts with the (2600 meet-ups), privacy versus security, speaking to executives in their language, cloud security, information security skills shortages, training legal teams for cyber, how to get started in cybersecurity, and so much more.
Where you can find Gabe: (LinkedIn) (Twitter) (Spirion Blog & Podcast)
access_time1 year ago (Shahrokh Shahidzadeh) is the CEO of (Acceptto). Shahrokh is a seasoned technologist and leader with 29 years of contribution to modern computer architecture, device identity, platform trust elevation, large IoT initiatives, and ambient intelligence research with more than 25 issued and pending patents.
Before Acceptto, Shahrokh was a senior principal technologist contributing to Intel Corporation for 25 years in a variety of leadership positions where he architected and led multiple billion-dollar product initiatives.
In this episode, we discuss evolving authentication, SSO and MFA challenges, anomalous behavior detection, enforcing least privilege, his time with Intel, AI and ML, multi-cloud security, securing home users, and so much more.
Where you can find Shahrokh: (LinkedIn) (Twitter) (Acceptto)
access_time1 year ago (Deborah Golden) is the US Cyber & Strategic Risk leader for (Deloitte Risk & Financial Advisory). In the prior six years, Deborah served as the Government & Public Services (GPS) Cyber Risk Services leader, as well as the GPS Advisory Market Offering leader, GPS Empowered Well-Being leader and the lead principal for a major federal government health care provider.
Deb has more than 25 years of information technology experience spanning numerous industries, with an in-depth focus on government and public services, life sciences and health care, and financial services.
Deb received a bachelor’s degree in Finance at Virginia Tech and a master’s degree in Information Technology at George Washington University. She serves on Virginia Tech’s Business Information Technology and Masters in Information Technology Advisory Boards is a self-proclaimed fitness junky and avid traveler and trains service dogs with the (Guide Dog Foundation) in her spare time.
In this episode, we discuss mental health awareness, her 1-3-5-15 routine, working with clients remotely, COVID-19 cybersecurity spend, securing home networks, diversity in the cyber workplace, The Guide Dog Foundation, and so much more.
Where you can find Deb: (LinkedIn) (Twitter) (Deloitte Bio) (Guide Dog Foundation)
access_time1 year ago (Kyle Hanslovan) comes to (Huntress Labs) from the U.S. Intelligence Community, where he supported defensive and offensive cyber operations for the past decade. He previously co-founded the defense consulting firm StrategicIO and actively participates in the ethical hacking community as a Black Hat conference trainer, STEM mentor, and Def Con CTF champion. Additionally, he serves in the Maryland Air National Guard as a Cyber Warfare Operator. (Chris Bisnett) is a veteran information security researcher with more than a decade of experience in offensive and defensive cyber operations. While serving with the NSA RedTeam, he attacked government networks and systems to identify and remedy vulnerabilities. Chris is also a recognized Black Hat conference trainer and has taught his “ (Fuzzing For Vulnerabilities)” course at several events around the world. Before founding Huntress Labs, Chris co-founded LegalConfirm, LLC, where he led product design and development until the company was acquired in 2014.
In this episode, we discuss incident response planning, their early starts in offensive theaters, red teaming, Ransomware-as-a-Service, small business and enterprise threats, breaking bad news to clients, holding leadership accountable, hacking back, tips and resources for start-ups, warnings for founders, and so much more.
(Note: If you are interested in start-ups and being a founder, (Daniel Ayala) and I created a regularly updated blog for founders and start-ups: (Hang Out A Shingle – Starting Your Cybersecurity Company).
Where you can find Kyle and Chris: (LinkedIn - Kyle) (LinkedIn - Chris) (Twitter - Kyle) (Twitter - Chris) (Huntress Blog)
access_time1 year ago (Jack Kudale) is Founder and CEO at (Cowbell Cyber) with over two decades of business executive experience. Previous senior roles include COO at Cavirin, CEO at Lacework, both cloud security startups; SnapLogic, a leader in hybrid cloud integration; and CA Technologies, where Jack led DevOps sales for the Fortune 500 leader.
With deep operational experience in the DevOps, Cybersecurity, IT Ops, & Big Data spaces, Jack leads Cowbell to execute on its vision of bridging the cyber insurability gap. Jack also serves as a governing board member of (Brighter Children), a non-profit organization.
In this episode, we discuss the importance of cyber insurance, risk management, the difference between cyber insurance vs other insurance products, the risks COVID-19 pose to small businesses, right-sizing cyber insurance policies, industries that are targets for attackers, and so much more.
Where you can find Jack: (LinkedIn) (Twitter) (Cowbell Cyber Blog)
access_time1 year ago (Daniel Ayala) is the Founder, and Managing Partner for (Secratic), a strategic information security, and privacy consultancy focused on helping companies protect data and information, and be prepared before incidents happen. Daniel is also currently serving as the Interim Chief Information Security Officer for Michigan State University.
Throughout his 24 year career, he has led security organizations large and small in banking and financial services, pharmaceutical, information, library, and technology companies around the world, taught university-level courses, and both writes and regularly speaks on the topics of security, privacy, data ethics, and compliance.
In this episode, we discuss remote working, being a virtual CISO, compliance vs. security vs. privacy, application development security, creating a culture of security, communication skills, giving back to the community, mentoring others, mental health, and so much more!
Where you can find Daniel: (LinkedIn) (Twitter) (MentorCore) (Secratic) (Blog) (Hang Out A Shingle: Starting Your Own Cybersecurity Company)
access_time1 year ago (Anthony Bettini) is the CTO for (WhiteHat Security), the leader in Application Security, enabling businesses to protect critical data, ensure compliance, and manage risk. Previously, Anthony ran Tenable Research where Anthony joined via Tenable’s acquisition of FlawCheck – a leading Container Security startup where Anthony was the CEO & Founder.
Before its acquisition by Symantec, Anthony was CEO & Founder of Appthority, a leading Mobile Security startup, and winner of the “Most Innovative Company of the Year” award at the RSA Conference.
In this episode, we discuss managing a remote team, web application security, DevSec, responsible vulnerability disclosure, Artificial Intelligence (AI), how to focus your career, being a founder, and so much more!
Where you can find Anthony: (LinkedIn) (WhiteHat Blog)
access_time1 year ago (Ed Bellis) is a security industry veteran and expert and was once named “Information Security Executive of the Year”. He currently serves as the Chief Technology Officer and Co-founder of (Kenna Security). He founded Kenna Security to deliver a data-driven risk-based approach to remediation and help IT teams prioritize and thwart would-be security threats.
Ed is the former CISO of Orbitz and former Vice President, Corporate Information Security at Bank of America. He is an advisor to Dascena and former advisor to, Dharma, and Society of Payment Security Professionals. Ed is a contributing author to the book, (Beautiful Security). He is also a frequent speaker at industry conferences such as RSA, BlackHat, and many others.
In this episode, we discuss vulnerability management maturity, how to focus on remediation, inventory management, securing cloud services, IoT devices in the enterprise, entrepreneurship, hiring the right people, and so much more.
Where you can find Ed: (LinkedIn) (Twitter) (Kenna Security Blog)
access_time1 year ago (Mikko Hypponen) is a global security expert and has worked at F-Secure since 1991. Currently, he serves as (F-Secure's) Chief Research Officer.
Mikko has written on his research for the (New York Times, Wired, and Scientific American), and he frequently appears on international TV. He has lectured at the universities of Stanford, Oxford, and Cambridge. He was selected among the 50 most important people on the web by the PC World magazine and was included in the FP Global 100 Thinkers list.
Mikko sits on the advisory boards of t2 and Social Safeguard and in the advisory panel for the Monetary Authority of Singapore.
In this episode, we discuss his early starts in information security, the rebirth of TELNET, security by design, the difference between privacy and security, mobile device security, IoT security, election security, and so much more.
Where you find Mikko: (LinkedIn) (Twitter) (F-Secure Blog) (HBO - Kill Chain: The Cyber War on America’s Elections)
access_time1 year ago (Stephen Moore) is a Vice President and the Chief Security Strategist at (Exabeam) and is also the host of (The New CISO podcast). Stephen has more than 15 years of experience in information security, intrusion analysis, threat intelligence, security architecture, and web infrastructure design. Before joining Exabeam, Stephen spent more than seven years at Anthem in a variety of cybersecurity practitioner and leadership roles. He played a leading role in the response and remediation of the data breach announced in 2015.
Stephen has deep experience working with legal, privacy, and audit staff to improve cybersecurity and demonstrate greater organizational relevance. He has been a Member of the Advisory Board at SecureAuth Corporation since July 2017.
In this episode, we discuss adopting SOCs for remote operations, shifting focus to credentials, SOAR, attacker attribution, threat intelligence, post-Covid-19 IT changes, and so much more.
Where you can find Stephen: (LinkedIn) (The New CISO Podcast) (Exabeam Blog)
access_time1 year ago (David Kennedy) is the founder of (Binary Defense) and (TrustedSec). Both organizations focus on the betterment of the security industry. David also served as a board of director for the ISC2 organization. David was the former CSO for a Diebold Incorporated, where he ran the entire INFOSEC program. David is a co-author of the book "Metasploit: The Penetration Testers Guide," the creator of the (Social-Engineer Toolkit )(SET), Artillery, Unicorn, PenTesters Framework, and several popular open-source tools. 
David was the co-founder of (DerbyCon); a large-scale conference started in Louisville, Kentucky. Before the private sector, David worked for the United States Marine Corps and deployed to Iraq twice for intelligence-related missions.
David is frequently interviewed by news organizations, including CNN, Fox News, MSNBC, CNBC, and BBC World News. He has testified in front of Congress on two occasions on the security around government websites.
In this episode, we discuss the shift to virtual conferences, Zoom vulnerabilities, responsible vulnerability disclosure, the importance of communication skills, giving back to the community, mental health, working from home, and so much more.
Where you can find David: (LinkedIn) (Twitter) (TrustedSec Blog) (TrustedSec Public Slack)
access_time1 year ago (John Strand) is the owner of (Black Hills Information Security), a firm specializing in penetration testing, Active Defense, and Hunt Teaming services. He is also the CTO of (Active Countermeasures), a firm dedicated to tracking advanced attackers inside and outside your network.
John has consulted and taught hundreds of organizations in the areas of cybersecurity, regulatory compliance, and penetration testing. John is a contributor to the industry shaping (Penetration Testing Execution Standard) and 20 Critical Controls frameworks. He is also an experienced speaker, having done presentations to the FBI, NASA, the NSA, and at various industry conferences. 
John also co-hosts (Security Weekly), the world's largest information security podcast; co-authored (Offensive Countermeasures: The Art of Active Defense;) and writes loud rock music and makes various futile attempts at fly-fishing.
In this episode, we discuss remote workers in the Covid-19 pandemic, validating VPN targets in pen tests, cloud security, developing SANS course material, how to choose what to give away, planning conferences, threat hunting, keeping up with new vulnerabilities, mental health, and so much more.
Where you can find John: (LinkedIn) (Twitter) (BHIS Blog) (Security Weekly Podcast)
access_time1 year ago (Adam Hunt) is the CTO and Chief Data Scientist at (RiskIQ). As Chief Data Scientist, Adam leads the data science, data engineering, and research teams at RiskIQ. Adam pioneers research automating the detection of adversarial attacks across disparate digital channels, including email, web, mobile, social media. Adam also has received patents for identifying new external threats using machine learning.
Adam received his Ph.D. in experimental particle physics from Princeton University. As an award-winning member of the CMS collaboration at the (Large Hadron Collider), he was an integral part of developing the online and offline analysis systems that lead to the discovery of the Higgs Boson.
In this episode, we discuss starting in particle physics, data science, communication skills, process automation, managing attack surface areas, and so much more.
Where you can find Adam: (LinkedIn) (Twitter) (RiskIQ)
access_time2 years ago
Nate Fick is the General Manager of (Elastic Security )and former CEO of Endgame. He is also an Operating Partner at Bessemer Venture Partners. Before joining Endgame, Nate was CEO of the Center for a New American Security. He led Marine Corps infantry and reconnaissance units in combat in Afghanistan and Iraq. His book about that experience, (One Bullet Away), was a New York Times bestseller, a Washington Post "Best Book of the Year," and one of the Military Times' "Best Military Books of the Decade.”
Nate is a graduate of Dartmouth College, the Harvard Kennedy School, and the Harvard Business School. Nate serves as a Trustee of Dartmouth, and on the Military & Veterans Advisory Council of JPMorgan Chase & Co. He is a member of the Young Presidents’ Organization and a life member of the Council on Foreign Relations and Trout Unlimited.
In this episode, we discuss leadership, lessons learned in the Marines, cyberwar, information sharing, government policies, finding the signals in the noise, resource management, and so much more!
Where you can find Nate: (LinkedIn) (Twitter) (Elastic Blog)
access_time2 years ago (Jamil Jaffer) is Senior Vice President for Strategy, Partnerships & Corporate Development at (IronNet), a startup technology firm founded by former National Security Agency (NSA) Director Gen. Keith Alexander (ret.).
Prior to joining IronNet, Jamil served as the Chief Counsel and Senior Advisor for the Senate Foreign Relations Committee and Senior Counsel to the House Intelligence Committee where he led the committee’s oversight of NSA surveillance and wrote the original version of the Cybersecurity Information Sharing Act (CISA) signed into law in 2015. He also worked in the White House during the Bush Administration as an Associate Counsel to the President and in the Justice Department where he led the National Security Division's work on the President's Comprehensive National Cybersecurity Initiative.
Jamil is also an Assistant Professor of Law and Director of the National Security Law & Policy Program at the Antonin Scalia Law School at George Mason University and a Visiting Fellow at Stanford University’s Hoover Institution.
In this episode, we discuss starting as in legal, government's role in cybersecurity, information sharing with real-time collaboration, automation, trend spotting, impacts to small businesses, cyberwar, and so much more.
Where you can find Jamil: (LinkedIn) (Twitter) (IronNet)
access_time2 years ago (James Patchett) is the President and CEO of the (New York City Economic Development Corporation). James has spent his career building stronger cities through investments in affordable housing, innovation, and 21st-century infrastructure.
During his tenure, he has overseen some of the city’s most ambitious projects, including launching a citywide ferry system, developing Mayor de Blasio’s 100,000 jobs plan, and optimizing NYCEDC’s 60 million square feet of real estate.
Prior to his appointment as NYCEDC President in 2016, James served as chief of staff to Deputy Mayor for Housing and Economic Development Alicia Glen, where he helped oversee more than 25 city agencies and played a pivotal role in preserving thousands of affordable homes. James holds a BA in Economics from Amherst College and an MBA from Stanford University.
In this episode, we discuss NYC building a cyber army, economic development through cyber, business accelerators, matching inventors with business coaches, NYC's talent pool, and so much more.
Where you can find James: (LinkedIn) (Twitter) (NYCEDC)
access_time2 years ago (Heather Mahalik) is the Senior Director of Digital Intelligence at Cellebrite and a Senior Instructor, author and course lead for FOR585: Smartphone Forensic Analysis In-Depth. To say that digital forensics is central to Heather's life is quite an understatement. Heather has worked on high-stress and high-profile cases, investigating everything from child exploitation to media associated with terrorism. She has helped law enforcement, eDiscovery firms, military, and the federal government extract and manually decode artifacts used in solving investigations around the world.
Heather began working in digital forensics in 2002, and has been focused on mobile forensics since 2010 - there's hardly a device or platform she hasn't researched or examined or a commercial tool she hasn't used. She also maintains Heather is the co-author of Practical Mobile Forensics (1st -4th editions), currently a best seller from Pack't Publishing.
In this episode, we discuss coming back to law enforcement, cloud forensics, what drives her research, early mentors, the start of cellphone forensics, mobile device threats, developing presentations, and so much more!
Where you can find Heather: (Twitter) (LinkedIn) (SANS) (Blog)
access_time2 years ago (Mari DeGrazia) is a Senior Vice President in the Cyber Risk practice of Kroll, a division of Duff & Phelps. Over the course of a 12-year career in the computer industry, Mari has become a leader within the digital forensics community. Mari joined Kroll from Verizon Enterprises where she served as Case Lead on various network intrusion and data breach investigations.
Mari is a strong believer in giving back to the forensic community and has written and released numerous programs/scripts, two of which are used in SANS training. In addition, she has presented her research at several industry conferences, published articles in eForensics Magazine, and was the technical editor for Windows Registry Forensics S.E.
In this episode, we discuss starting in IT, balancing work and family, self-training, the importance of the DFIR community, cross-training, using AI for detection, cloud security, giving back to the industry, and so much more.
Where you can find Mari: (LinkedIn) (Twitter) (Blog) (GitHub)
access_time2 years ago
When my 7-year-old introduced me to his second-grade class, he put it best: "My Mom teaches the good guys how to keep the bad guys out of their computers. She has a blue lightsaber."
- Nadean Tanner (Nadean Tanner) is the Senior Manager of Technical Education Programs at (Puppet). She is responsible for all things product training from working with internal knowledge sources and the instructional design team to produce modern, engaging knowledge assets to delivering online and onsite classroom sessions. 
Nadean is an experienced instructor and speaker with nearly 20 years' experience in information technology and security training delivery and development. At Rapid7, she taught vulnerability management and network and application assault as well as SQL, Ruby, and API. Before Rapid 7, Nadean taught Security Analytics and Advanced Security Operations Center Management for RSA. She taught cybersecurity and information assurance 8570 classes for the Department of Defense including CISSP at Fort Gordon, Fort Carson, and the Pentagon, and she developed and taught graduate-level computer science courses at Louisiana State University for six years.
In this episode, we discuss teaching and traveling, communicating technical terms, talking about the basics, writing a book, teaching with humility, knowing when you are an expert, and so much more.
Where you can find Nadean: (LinkedIn) (Website) (Amazon)
access_time2 years ago (Frank Downs) is the director of cybersecurity practices at (ISACA). Frank, a 14-year cybersecurity specialist, graduated with a bachelor’s degree in English from the University of Maryland, after which he promptly joined the US Department of Defense as a subject matter expert, working with computer networks on a daily basis. Realizing that English and cybersecurity were two very different concepts, he proceeded to obtain a master’s degree in cybersecurity from UMBC, after a pit stop at Johns Hopkins to obtain a master’s degree in Government.
Eventually, Frank decided to ease the learning process for individuals transitioning from non-technical backgrounds into cybersecurity by becoming a full-time Intelligence and Operations Consultant for multiple federal law enforcement and intelligence agencies.
In this episode, we discuss starting in another industry before the DoD, packet capture analysis, doing the work no one else wants to do, knowing when to move into new roles, non-traditional backgrounds, training and certifications, COBIT, and so much more. (LinkedIn) ( (ISACA)
access_time2 years ago (Lesley Carhart) is a Principal Threat Analyst at the Threat Operations Center at (Dragos). She is recognized as a subject matter expert in cybersecurity, incident response, and digital forensics, regularly speaking at conferences and universities. She has spent the last 11 years of her 20+ year IT career specializing in information security, with a heavy focus on response to nation-state adversary attacks. Prior to Dragos, she was the incident response team lead at Motorola Solutions, performing digital forensics and incident handling services for both enterprise and public safety customers.
In 2017, Lesley was named a (“Top Woman in Cybersecurity”) by Cyberscoop news and received the Guidance Enfuse conference “Women in Technology” award. She holds a Bachelor’s Degree in Network Technologies from DePaul University, A.A.S. in Avionics Systems and Electronics Systems, GIAC GCIH, GREM, GCFA, and GCFE certifications, and currently serves as a Cyber Systems NCO in the US Air Force Reserves.
In her free time, Lesley co-organizes resume and interview clinics at several cybersecurity conferences, blogs, and tweets prolifically about infosec, and is a youth martial arts instructor.
In this episode, we discuss her early mentors, mentoring, writing resumes, starting as a coder, organizational missions, ICS security, electronic voting, submitting CFPs, and so much more.
Where you can find Lesley: (LinkedIn) (Blog) (YouTube) (Twitter)
access_time2 years ago
Brian Martin (a.k.a. Jericho) has been poking about the hacker and security scene for over 22 years, building valuable skills such as skepticism and anger management. As a hacker-turned-security whore, Jericho has a great perspective to offer an unsolicited opinion on just about any security topic. A long-time advocate of advancing the field, sometimes by any means necessary, he thinks the idea of ‘forward-thinking’ is quaint; we’re supposed to be thinking that way all the time.

No degree, no certifications, just the willingness to say things many in this dismal industry are thinking, but unwilling to say themselves. He remains a champion of security industry integrity and small misunderstood creatures.

In this episode, we discuss starting as a phreak and phone systems, BBS hacking forums, sharing knowledge, calling people out, cybersecurity skill shortages, understanding the adversaries mindset, PCI compliance, and so much more.

Where you can find Brian: (LinkedIn) ( (Twitter)


access_time2 years ago (Bill Conner) is the President and CEO of (SonicWall). Bill has lead key divisions of AT&T, took Nortel into the $9 billion acquisition of Bay Networks, worked to secure digital identities with Entrust, and brought secure communications and privacy from the consumer to the enterprise through mobile and cloud with Silent Circle.

Bill also created and hosted “Hacked” for SiriusXM’s business radio. He has been recognized with several awards including Marketing Computers “Marketer of the Year,” Tech Titans “Corporate CEO of the Year,” Federal Computer’s “Top 100 Award,” and the “National Youth Science Camp Alumnus of the Year.”

In this episode, we discuss starting in encryption, security for the SMB market, advanced malware, threat intel, cloud security, breaking SSL in the enterprise, network basics for IoT, governments backdooring encryption, and so much more.

Where you can find Bill: (LinkedIn) (Twitter) (SonicWall Blog)

access_time2 years ago (Bernard Harguindeguy) is the Chief Technology Officer & General Manager Intelligence from (Ping Identity). Bernard joined Ping in June 2018 through the acquisition of Elastic Beam, where he was the CEO and founder. His work at Elastic Beam revolutionized the use of AI to protect API infrastructures from cyber attacks and deliver deep insight into API access and usage.

Bernard earned an MS in Engineering Management from Stanford University and a BS in Electrical Engineering from the University of California Irvine where he was inducted into the (Engineering Hall of Fame).

In this episode, we discuss starting in email security, identity as the perimeter, API security, selling to the C suite, how AI will help security, IoT security, and so much more.

Where you can find Bernard: (LinkedIn) (Twitter) (Ping)