Cyber Security Effectiveness Podcast
92 episodes - English - Latest episode: about 3 years ago -Do boards and business leaders understand the risks? Is security improving, barely keeping up with threats, or falling painfully behind? And more importantly, if what kept us secure has stopped working, what do we need to do to fix it? Join host Brian Contos and his guests as they explore these questions on The Cyber Security Effectiveness Podcast.
Homepage Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Episodes
Automation, Automation, Automation
April 05, 2021 05:00 - 37 minutes - 507 MB VideoWorking as a security leader at Kyriba, an international FinTech company, Eric Adams attributes a lot of success to automation – the key to developing and growing a business. He describes this and many more ways to optimize your assets, no matter how big or small.
Automation, Automation, Automation
March 23, 2021 17:00 - 37 minutes - 507 MB VideoWorking as a security leader at Kyriba, an international FinTech company, Eric Adams attributes a lot of success to automation – the key to developing and growing a business. He describes this and many more ways to optimize your assets, no matter how big or small.
Automation, Automation, Automation
March 22, 2021 05:00 - 37 minutes - 507 MB VideoWorking as a security leader at Kyriba, an international FinTech company, Eric Adams attributes a lot of success to automation – the key to developing and growing a business. He describes this and many more ways to optimize your assets, no matter how big or small.
Security Learning By Security Doing
March 08, 2021 05:00 - 53 minutes - 702 MB VideoWhen it comes down to cyber security in the Federal space, US Army Reserve Colonel Jerry Chappee likens it to working on a car: your first priority should be perfecting the basics. He talks with Brian about the evolution of cyber operations, building a leadership team, and addressing vulnerabilities.
The Nature of Conflict
February 17, 2021 05:00 - 42 minutes - 519 MB VideoFormer NSA Chief Cryptologic Technician, Retired US Navy Chief, and author Chase Cunningham is so fascinated by cyber conflict that it inspired him to create a comic book series. He and Bryan talk about the nation state interaction in cyberspace, APTs, deepfakes, and more.
When in Doubt, Hire a Marine
February 08, 2021 05:00 - 52 minutes - 597 MB VideoNick Andersen’s perspective and strategy skills have evolved from his time in the Marine Corps and federal government. Now CISO of Public Sector at Lumen Technologies, he reflects on his experience overseeing cyber security for energy and emergency response, statewide threat intelligence, his day-to-day duties, and more.
A Certain Set of Skills
January 25, 2021 05:00 - 49 minutes - 774 MB VideoNational Cybersecurity Center CSO and Board Member Mark Weatherford joins Brian to discuss the world of MSSPs, what the CISO’s role should be in 202, and our fast-growing dependence on the supply chain.
From Defense to Offense
January 11, 2021 23:56 - 1 hour - 1020 MB VideoBrian speaks with Bill Crowell, who in his career has held Director roles in many organizations including the National Security Agency (NSA), about political ties to critical infrastructure, tension between CIOs and CISOs, and his recent projects.
Confronting Security with Data
December 21, 2020 05:00 - 52 minutes - 702 MB VideoBrian chats with Soluble Co-founder and CEO Richard Seiersen, who recently published his second book, The Metrics Manifesto: Confronting Security with Data. They talk security operations, digital transformation, and cybersecurity’s growing presence in executive meetings.
Cyber Security Vendors: Then and Now
December 17, 2020 05:00 - 1 hour - 933 MB VideoChief Research Analyst and author Richard Stiennon joins the podcast again to discuss his new book, Security Yearbook 2020, in which he characterizes the modern evolving cyber security vendor and the market today.
Transforming Information Security
December 01, 2020 05:00 - 56 minutes - 884 MB VideoPast podcast guest Kathleen Moriarty returns to share about her new book, Transforming Information Security, in which she declares that security currently is too complex. She and Brian discuss other topics explored, including privacy, encryption, automation, and trends.
Securing the Insurance and Finance Industry
November 05, 2020 05:00 - 57 minutes - 887 MB VideoBrian chats with Steven Edwards, Sr. SOC Manager at Globe Life (formerly Torchmark) about cybersecurity in the insurance and finance industry. Steve covers cloud migration, use cases and mistakes he’s learned from, and relaying security strategies to non-technical consumers and members of the board.
SIP & Purple Teaming
October 14, 2020 20:02 - 50 minutes - 843 MB VideoMore organizations are keen to introduce purple teaming to their security practices but in most cases, they are not yet at the level of the business maturity needed to take that next step. Evan Pena, Director of Professional Services at Mandiant (FireEye), describes how his team uses FireEye’s premiere threat intelligence to enhance purple teaming efficiency.
Navigating 2020 as a CISO in Aviation
October 06, 2020 05:00 - 42 minutes - 682 MB VideoThe aviation industry has arguably been the most negatively impacted by the pandemic and has forced sudden changes on the organizations’ business models, cyber security operations, and more. United Airlines’ VP and CISO Deneen DeFiore talks about how the aviation organizations have adapted, key measurements for effectiveness, and the secret to maintaining a strong security mindset in these uncertain times.
Federal Government & Intel Insights
September 22, 2020 05:00 - 1 hour - 1.05 GB VideoThis packed episode focuses on all things high-level intelligence. Brian speaks with JD Jack, FireEye Sr Director/VP of DoD/IC/Special Programs, on his past experience with aviation and national intelligence and how it has taught him to lead at FireEye. They look at today's intel gaps, the DoD’s biggest threats, and discuss tool collaboration.
Leading as a CISO in Auto
September 08, 2020 05:00 - 47 minutes - 788 MB VideoWidespread digitization has pushed sales-driven car dealerships to build more dedicated security teams. Air Force Space Command veteran Chip Regan and Brian talk about how his military experience has prepared him to become AutoNation’s newest CISO, prioritizing critical objectives, communicating with other executives, and data security.
Threat and SIEM Management for Insurance
August 31, 2020 05:00 - 58 minutes - 974 MB VideoWhere compliance obligations and regulations are concerned, the insurance industry can look almost identical to finance. DJ Goldsworthy, Aflac’s Director of Security Ops and Threat Management, talks about the pressure to adapt to the changing security landscape, past SIEM experiences, and recent trends.
Validating Helix
August 28, 2020 05:00 - 52 minutes - 869 MB VideoSallie Mae Sr. Director of Cybersecurity Operations Steve Lodin returns to the podcast to share his experiences introducing and maintaining cloud-based SIEM to existing infrastructure. He and Brian discuss the technicalities of transferring a mid-size financial organization to the cloud.
Evaluating Readiness & the Future of Intel
August 17, 2020 05:00 - 51 minutes - 862 MB VideoAuto Club Group CISO Gopal Padinjaruveetil loves to combine his passion for philosophy with cybersecurity and shares a fascinating prediction for IoT devices and the future for humans. He and Brian also discuss the meaning of maturity and cyber readiness, cyber economics, and the three basic types of security metrics.
Refining the Environment for OT, SCADA, and IT
July 28, 2020 05:00 - 42 minutes - 967 MB VideoIn the time since Dave Bang appeared in 2018 as our first podcast guest, he’s pivoted his career at LyondellBasell from overseeing Information Technology (IT) to managing Operational Technology (OT). He and Brian cover IT vs. OT challenges, vendors’ perspectives on secure system environments, and using a streamlined approach to solve enterprise problems.
The Ultimate Pairing of Threat Intel and Validation
June 16, 2020 05:00 - 30 minutes - 502 MB VideoSandra Joyce, FireEye SVP & Head of Global Intelligence, returns to talk with Brian about recent infamous hacker groups’ exploitation of COVID-19, why having more security tools damages your chance of surviving a breach, and gives insight into findings from the Mandiant Validation Security Effectiveness Report.
Winning the Support of Board Rooms and CISOs
June 02, 2020 05:00 - 34 minutes - 1.08 GB VideoBrian chats with Dawn-Marie Hutchinson, Security Transformation Executive at global pharmaceutical company GSK, on persistent industry obstacles highlighted even more by the effects of COVID-19, addressing the global skills shortage, and perfecting your security tech stack.
Mandiant Security Effectiveness Report Takeaways and Predict
May 12, 2020 05:00 - 1 hour - 1.27 GB VideoMajor General Earl Matthews, USAF (Ret) joins Brian on the Cybersecurity Effectiveness Podcast to discuss the latest hot topics in validation. They cover security for this year’s upcoming election and dive into the data recorded in Mandiant Validation’s 2020 Security Effectiveness Report, including that which inhibits organizations from garnering the most value from their existing products.
Mistakes That Linger
April 06, 2020 04:23 - 21.8 MBPrivacy affects all industries beyond just the obvious legal implications, and even after 20 years security vendors don’t spend enough time strengthening all factors involved. Rebecca Herold, CEO of The Privacy Professor discusses security and privacy mistakes that still pop up today, and how the education industry plays a part in data distribution.
Undergrad Experience
April 06, 2020 03:53 - 11.9 MBFor a computer science undergrad looking to start a cybersecurity career, good experience depends on a healthy balance between academia and extracurriculars. University of Tennessee student Julianne Cox tells Brian how she has developed her skills inside and outside of the classroom, and looks forward to increasing diversity as the next president of her school’s Women in Cyber Security (WiCS) chapter.
Criminal Intentions
April 06, 2020 03:52 - 20.6 MBAlthough we tend to portray cybersecurity as black-and-white, good vs. bad, digital forensics and incident response investigations have revealed that it’s much more complicated. Brian chats with Cindy Murphy, President & Founder of Tetra Defense (formerly Gillware Digital Forensics), about her start in law enforcement, reacting to ransomware attackers, and the mindset of a business leader.
The Value in Compliance
April 06, 2020 03:48 - 20.5 MBSecurity and compliance misinformation runs rampant – especially with thousands of products joining the market each year. How does a service provider cut through all that noise? Choice CyberSecurity co-founder and COO Alex Rutkovitz breaks down compliance misconceptions, separating value from product, risk assessment, and more.
The Path to Security Savviness
April 06, 2020 03:46 - 18.6 MBConsumers may install the latest security feature on their device but perhaps the most important question is, do they know how to use it? Kyla Guru, high school senior and CEO & founder of Bits N’ Bytes Cybersecurity, deems user education a crucial aspect of security that is often overlooked in favor of the technology itself and shares how she built her own organization to empower tech users in their everyday lives.
The Automation Advantage for SOC
April 06, 2020 03:44 - 20 MBDespite being only a couple of years old, the City of New York's cybersecurity program has quickly risen to become a model of success for cities all over the globe. Quiessence Phillips, the city’s Deputy CISO and Head of Threat Management, has spent her last few years there fortifying its SOC team. She and Brian talk “true ops” philosophy, playbook automation, and other secrets to success.
Imagination Skills
March 30, 2020 05:33 - 16.4 MBGeneration Z kids have the benefit of growing up in a super-connected world with so much more available to them than other generations, but this can inhibit creativity and imagination down the road. Brian sits down with Paraben Corporation President & CEO Amber Schroader, to talk about the young new hires to digital forensics, cybercrimes in the cloud, and how her past culinary experience prepared her for her line of work.
What Qualifies as Experience?
March 30, 2020 05:30 - 18.4 MBPerspectives on what’s essential to developing your skills in cyber vary depending on who you ask. Some say it depends on certifications, others say experience is the key. Mari Galloway, CEO of Women’s Society of Cyberjutsu and Sr. Security Architect, discusses her motivations, recommended approach to education and certifications, and what she looks forward to in the rest of 2020.
Investing in the Right Relationship
March 30, 2020 05:28 - 21 MBIn order to stand out as a brilliant startup in a sea of cybersecurity vendors, a few things should always be top-of-mind: a strong investor-entrepreneur relationship, awareness of other vendors, and a thorough understanding of the landscape. Roselle Safran, who is a founder & CEO of a stealth-mode startup herself, speaks to her experience with building a strong startup and offers advice for others seeking the same.
It’s All in the Evidence
March 30, 2020 05:26 - 14.3 MBSecurity and e-discovery often work together closely but the key differences are subtle, with the latter being more focused on preserving evidence. Mary Mack, CEO of EDRM, elaborates on the work of those professionals, shares mistakes she’s seen and lessons learned, as well as organizations’ changing perspectives on data in the cloud.
Addressing Talent Shortage with Abroad Education
March 30, 2020 05:24 - 13.4 MBTo address the global cyber talent shortage, we must expand our outreach efforts to offer education to women and girls in third-world countries. Eileen Brewer travels to remote parts of the world equipped with a suitcase full of motherboards to teach computer workshops and inspire future engineers. She describes how listeners can get involved in similar programs and make a difference in helping to diversify the industry.
Women in the Workplace
March 30, 2020 05:22 - 17.3 MBThe lack of diversity in cybersecurity and technology in general is no secret, but it wasn’t always that way. Soviet-Era Russia and other eastern countries have seen more equality in certain industries, and that was a difference that guest Elena Elkina certainly noticed in her transition to American life. As Sr. Privacy & Data Protection Management Executive for Aleada Consulting, she discusses gender roles, seeking challenges, and starting her nonprofit and consulting startup.
Keeping a Clear Focus: New Tech and Cyber Change
March 30, 2020 05:19 - 16.4 MBThere’s a reason why people get distracted by new tech or security solutions: what if it’s the silver bullet that solves everything with minimal effort? Unfortunately, that is seldom the case. Brian chats with Becky Pinkard, CISO of Aldermore Bank, PLC, about caution with buzzwords, sharing threat intelligence, and what lies ahead for security.
No Quick Fix
March 28, 2020 21:48 - 17.4 MBThe number of company data breaches that make headlines on an almost daily basis will continue to skyrocket without signs of stopping if organizations neglect to take proper precautions to protect their assets. Dr. Chanel Suggs, known also as The Duchess of Cybersecurity, shares details of some of the latest shocking public breaches and how she stays on top of trends to help clients be better prepared and well-informed.
A Gamer’s Influence on DDoS
March 28, 2020 21:44 - 22.6 MBFor gamers and users heavily dependent on high-traffic internet platforms, loss of service is destructive -- and can be symptomatic of a greater distributed denial-of-service (DDoS) attack. Charter Communications VP Mary Haynes goes in depth into its evolution over the years, tactics for mitigation, and how some gamers inadvertently end up worsening the situation.
Give and Take
March 23, 2020 04:24 - 16.8 MBOffensive work is all about constant improvement, upping your skills to outsmart the attackers. There are many organizations out there for learning but a relative few focus on supporting women in their endeavors. Lisa Jiggetts, Founder & President of the Women’s Society of Cyberjutsu, takes us through her passion for learning and sharing with others, addressing the cybersecurity talent shortage, and how she grew her organization to become the inclusive community it is today.
Conference Conversations
March 23, 2020 04:22 - 15.5 MBSecurity conferences are opportunities for security folk to come together, share experiences, and inspire one another while making new connections in the space. Kim Hakim, CEO & Founder of FutureCon, talks about her 20 years of experience hosting conferences, observing speakers’ trending topics, and the growing buzz around ransomware.
Taking Control
March 23, 2020 04:19 - 19.6 MBHow private should personal data be? What are perspectives around who should be in control of it and can you actually get paid for your data? Brian and Monique Morrow, President of The VETRI Foundation, analyze the top data privacy threats in society today, the role of personal responsibility, and education resources.
Plan and Recover
March 23, 2020 04:17 - 17.3 MBIt’s tough to know if your organization is really prepared for the aftermath of a cyber-attack, but who can offer you sound advice and planning for a strong recovery? That’s where the general counsel comes in – in-house lawyers, trusted advisors, and cybersecurity experts rolled into one. Alexa King, FireEye’s EVP, General Counsel, goes into detail about the roles she plays, how to plan effectively, and advising boards.
Boost Your Security Confidence
March 23, 2020 04:14 - 10.9 MBMost consumers today can learn how to use technology devices pretty quickly, but the security features used to protect them on it can often seem complicated and intimidating to the user. Former Ann Arbor county elected official and current CEO & President of Cybercrime Support Network Kristin Judge strives to help people feel confident in an “everyday” knowledge of security and provides resources for victims of cybercrime.
A Competitive Field
March 21, 2020 18:43 - 17.4 MBPeople love Capture the Flag (CTF) competitions for being an excellent way to put your hacking skills to the test – not only is it a lot of fun, but it forces you to use the skills you may learn in a classroom or course setting to real-world situations. Kaitlyn Bestenheider, analyst at Tevora, dives into her passion for cryptography and CTFs, core skills needed, and shares her advice for others looking to enter the field.
Industries Alike
March 21, 2020 18:24 - 24.6 MBThe number of paths available to explore cybersecurity are seemingly endless and many professionals have made the jump between industries at least once. Tammy Hawkins, on the other hand, challenged herself constantly throughout her career by learning to apply skills to industries like in agriculture, and finance. She takes listeners through her journey from IT analyst to her current role as Director of Service Technologies at Blizzard Entertainment, and how you can adapt your skills to succe...
The Demand for Soft Skills
March 21, 2020 17:50 - 18.6 MBThe current global industry talent shortage proves to be a tough challenge and while having impressive technical skills are important, showing skill in creative problem-solving and communication may put you above the rest. Join Brian and Lisa Plaggemier, CSO at MediaPRO, as they discuss a new perspective on training and awareness, the difference between training to solve a specific problem and thinking critically, and the secret to engaging your employees.
Maintaining Continuity in Critical Infrastructure
March 16, 2020 04:59 - 21.5 MBThe amount of critical infrastructure security news has exploded in the past few years due to ongoing digitalization, which has caused an overall increase of dependence on IT. Isabel Muench, Head of Branch Critical Infrastructures at BSI, talks to Brian about weaving IT security into critical infrastructure and shares stories of successes and failures.
Layers of Architecture
March 16, 2020 04:57 - 18.2 MBThe Internet Engineering Task Force (IETF) is a large community of network designers, operators, vendors, and researchers passionate about the ever-evolving internet architecture. Security strategist, CISO, and board advisor Kathleen Moriarty chats with Brian about the fascinating research she’s done, her upcoming book, and recommendations for scaling threat intel.
Prison Breaking the System
March 16, 2020 04:55 - 16.9 MBAn effective way to learn how to fix things in cybersecurity is to practice breaking them – once you’ve done that, you’re halfway there. Tiffany Strauchs Rad, CEO & Co-Founder of Anatrope, Inc. learned security skills like lock-picking and social engineering from her father, a former CIA agent and writer of the film Sneakers. She discusses her experience constructing a prison break zero-day, vulnerability research, and more.
Bouncing Back: Advice for Minimizing Reputational Damage from a Breach
March 16, 2020 04:51 - 19 MBStrong cybersecurity leadership is truly tested when the organization is breached and when it comes to recovering from the damage, the response and public handling of the situation is just as important as the attack itself. Brian meets with Siobhan Gorman, Partner at communications firm Brunswick Group and former Wall Street Journal correspondent, who provides listeners with key takeaways and lessons learned from incidents past.