Cyber Kumite
17 episodes - English - Latest episode: over 3 years ago -Cyber Kumite is a discussion of today's cybersecurity challenges. Our hosts are seasoned cybersecurity executives with hands-on, technical backgrounds. They aren't afraid to question "best practices" or emerging trends that may be overrated fads. Gain insights from guest CISOs and other experts.
Cyber Kumite is presented by Security Risk Advisors, a cybersecurity consulting firm.
Disclaimer: The views and opinions expressed in this production are those of the participants and do not necessarily reflect the official policies or positions of any other agency, organization, employer, or company.
Homepage Google Podcasts Overcast Castro Pocket Casts RSS feed
Episodes
Cyber Kumite - Ep. 16 - Dredd feat. Evan Perotti
August 25, 2020 17:30 - 13 minutes - 19.5 MBEvan Perotti has created Dredd to help automate the process of analyzing detection rules. This is a free tool downloadable from Github. Chris and Evan discuss its inspiration and many use cases.
Cyber Kumite - Ep. 15 - Cloud Security feat. Owen Zacharias
August 18, 2020 17:24 - 25 minutes - 36.3 MBOwen Zacharias discusses the benefits and challenges of cloud security. There are many tools and applications available to help secure your cloud environment but it is still up to you to configure and maintain the controls properly.
Cyber Kumite - Ep. 14 - SIEM vs. UBA feat. Nick Ascoli
August 11, 2020 17:56 - 21 minutes - 31.3 MBNick Ascoli discusses differences between SIEM and UBA platforms, and debunks common misconceptions about UBA tools.
Cyber Kumite - Ep. 13 - Table Top Exercises
August 04, 2020 12:30 - 18 minutes - 26.8 MBTim and Chris discuss the usefulness of cybersecurity TTX and how to keep the exercises fresh. Find out how to make the most of these simulations, who should be there, and how frequenly they should be performed.
Cyber Kumite - Ep. 12 - Election Security feat. Mick Baccio
July 28, 2020 13:30 - 24 minutes - 34.6 MBMick Baccio, former CISO for Pete Buttigieg, talks about how he became the first Presidential Election Campaign CISO and what security challenges will be faced in the upcoming 2020 election. Disclaimer: The views and opinions expressed in this production are those of the participants and do not necessarily reflect the official policies or positions of any other agency, organization, employer, or company.
Cyber Kumite - Ep. 11 - Security Operations Metrics
July 21, 2020 12:30 - 17 minutes - 25.3 MBBlue Teams specialist John Fung joins us to discuss Security Operations Metrics. Are they useful for measuring the security program? Which metrics are actually good? Learn how to avoid hyperbole and instead focus on manageable metrics that you can control. Disclaimer: The views and opinions expressed in this production are those of the participants and do not necessarily reflect the official policies or positions of any other agency, organization, employer, or company.
Cyber Kumite - Ep. 10 - Culture, Talent & Skills part 1: Racial Diversity and Allyship in Cybersecurity feat. Nicole Ford
July 14, 2020 12:30 - 21 minutes - 31.5 MBCybersecurity’s recruiting, development, and retention playbook sucks. This Culture, Talent, and Skills mini-series will discuss moving away from tired ideas to gutsy practices that yield high-performing and sustainable capabilities. Please enjoy these discussions with a few of our favorite security leaders, with tips to help you shape your team’s culture and resilience in the face of numbers and skills shortages.
Cyber Kumite - Ep. 9 - Reinventing the Wheel feat. Mamani Older
July 07, 2020 12:34 - 23 minutes - 34.5 MBSpecial guest Mamani Older joins us for this episode. We discuss building custom strategies and technologies vs. using templated or commercial resources. Are custom technologies just making more work for us? Which parts of your cyber program should be custom and which can be commercially bought?
Cyber Kumite - Ep. 8 - CASB vs. DLP feat. Matt McHugh
June 30, 2020 13:00 - 21 minutes - 31.1 MBSpecial guest Matt McHugh drops knowledge on CASB technology, and discusses how it compares to DLP, where the technology is limited, and if it delivers on everything the vendors have promised.
Cyber Kumite - Ep. 7 - NIST CSF vs. MITRE ATT&CK
June 23, 2020 13:00 - 21 minutes - 31.3 MBTim & Chris discuss the differences between NIST CSF and MITRE ATT&CK frameworks, common misconceptions about each, and how companies should use the frameworks as part of their cybersecurity program.
Cyber Kumite - SPECIAL - You Should Be Purple Teaming Right Now. CASE STUDY: STAR WARS
June 17, 2020 14:05This week's presentation relies heavily on visuals and will not air on the audio podcast. VIEW THE EPISODE HERE: https://youtu.be/f5Rig7JCAPg Purple Teams is still misunderstood by many security leaders. Tim explains 1) WHY should we be performing Purple Teams, and 2) WHERE does Purple Teaming stand among other types of security testing activities. As an example, Tim proves with no uncertainty that the Star Wars Rebels would never have been able to destroy the Death Star if the Empire ha...
Cyber Kumite - Ep. 6 - Zero Trust
June 09, 2020 12:00 - 25 minutes - 36 MBSpecial guest Mike Pinch talks about Zero Trust security. He presents various ways companies are implementing Zero Trust, how it actually affects a company's security posture, and common misconceptions about the concept.
Cyber Kumite - Ep. 5 - Are Supplier Risk Programs Working?
June 02, 2020 12:49 - 22 minutes - 31.8 MBDo Supplier Risk programs actually reduce risk? If done correctly then possibly but most of the time they are just a burden on vendors. Tim and Chris talk about what's wrong with the current process and how Supplier Risk programs should change.
Cyber Kumite - Ep. 4 - Defend Your Top 3 Controls
May 26, 2020 13:13 - 16 minutes - 24.2 MBIf you could only have 3 security controls in place, what would they be? Tim and Chris present their top three choices.
Cyber Kumite - Ep. 3 - Security Awareness: Are We Over Phishing Our Users?
May 19, 2020 13:13 - 17 minutes - 26.3 MBCompanies love to test their employees' security awareness by spear phishing them and tracking whether or not the employee fell for it. But what does this prove? Tim and Chris discuss whether it's effective, and if we are over phishing our employees.
Cyber Kumite - Ep. 2 - Talent & Recruitment Search Firms
May 19, 2020 13:08 - 26 minutes - 38.1 MBSpecial guest Anahi Santiago, CISO of Christiana Care Health System discusses her experience using recruitment agencies for hiring security employees. Tim does not agree with using them.
Cyber Kumite - Ep. 1 - Pen Testing vs. Red Teams vs. Purple Teams
May 18, 2020 20:03 - 15 minutes - 22.7 MBTim and Chris discuss the differences between Penetration Testing, Red Teams, and Purple Teams. Learn how these security testing exercises have evolved, and why you would perform one over the other.