Cyber Security Effectiveness Podcast
113 episodes - English - Latest episode: almost 2 years ago - ★★★★★ - 14 ratingsDo boards and business leaders understand the risks? Is security improving, barely keeping up with threats, or falling painfully behind? And more importantly, if what kept us secure has stopped working, what do we need to do to fix it? Join host Brian Contos and his guests as they explore these questions on The Cyber Security Effectiveness Podcast.
Homepage Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Episodes
The Defender's Advantage Podcast
March 30, 2022 20:00 - 1 minute - 976 KBIf you are here looking for Cyber Security Effectiveness, we invite you to visit the feed of Mandiant’s new podcast, The Defender’s Advantage Podcast: https://www.buzzsprout.com/1762840 The new show launches this week with the same great content you've come to expect from us and even more. Host Luke McNamara anchors our Threat Trends series, chatting with Mandiant intel analysts, consultants, and researchers, as well as external practitioners and leaders in cyber security, all through a t...
Overwhelming Abundance of Alerts
December 07, 2021 05:00 - 17 minutes - 11.9 MBMandiant Regional Account Executive Maggie Wilder sums up customers’ viewpoints best – they are being expected to do more with less. While there has never been more awareness around cyber security, the rate of acceleration for threats has been astounding and many are feeling lost. What is an organization to do?
24/7 SOC Life
November 09, 2021 03:00 - 27 minutes - 18.7 MBThe Behavior Research Team is a group unique to the work on which Mandiant Security Validation prides itself: assuring customers that they are protected. Drew Holland, Manager of Threat Research at Mandiant, joins the conversation to talk about landscape trends, his career in threat research, and why he loves what he does.
Augmentations for Tools and People
October 18, 2021 23:00 - 12 minutes - 8.51 MBBrian talks with Mandiant Advantage’s Janice Kennedy, Director of Channel Management for the Western region, to get her perspective from the partner side of security. They delve into the types of response they are seeing from the channel and how these partners are building upon their skillsets and tools.
Secure and SaaSsy
October 05, 2021 05:00 - 26 minutes - 18 MBMandiant Regional Account Executive Toks Jowosimi is one of the few who have witnessed the maturation and evolution of Mandiant Security Validation from the beginning, and has her own unique perspective to share on its transformation. She and Brian talk reactivity vs. proactivity, today’s common use cases for security validation, and customer priorities.
Finding a Big Bucket of Money
September 21, 2021 01:00 - 23 minutes - 16 MBOne of the most common security questions that organizations ask is how to better their security posture without exceeding their tight budget -- not an easy task. Brian and Mandiant Sr. Director of Customer Engineering Morris Hicks dig into Mandiant Security Validation’s ability to help organizations optimize their existing investments and cut out unnecessary overlap.
The Era of Collaboration
September 07, 2021 02:00 - 28 minutes - 19.9 MBThe world of incident response has slowly been moving further from the “ninja-like” appraoch it's been known for. Purple team extraordinaire Evan Peña revisits the podcast to talk about changes to incident response, purple teaming, and the recent shift toward collaboration with other teams to eliminate today’s largest threats.
The Days of Security Gone By
August 23, 2021 17:00 - 41 minutes - 28.5 MBIn our 100th episode, Brian brings on longtime friend and colleague Colby DeRodeff to talk about past projects, the surge of threat intelligence, and Mandiant Security Validation’s rapid expansion within the market.
A Very Special Episode: #99
August 09, 2021 17:00 - 23 minutes - 16.5 MBTo commemorate the 99th episode, Brian brings on his two co-producers -- Daniel Craig and Katie Billigmeier -- to reminisce about the podcast's beginnings, how it's grown in the past three years, and each of their favorite episodes.
Weaponizing Mandates
July 12, 2021 18:00 - 35 minutes - 24.2 MBDevon Goforth has been with Mandiant Security Validation (formerly Verodin) since its early startup days in 2015, and had infused his background of electrical engineering, physics, and math with an interest in cyber security. He shares not only how the company and solutions have changed, but also current influences on the threat ecosystem, risks, and hacker trends.
Who You Gonna Call (In the Event of a Breach)?
June 28, 2021 17:00 - 21 minutes - 14.6 MBBoard members are not only crucial for helping lead a company in the right direction, but nowadays they also offer crucial cyber security guidance. And those with a legal background, like FireEye’s Alexa King, provide an even more valuable perspective in the event of a breach and help organizations mitigate risks as an organization evolves.
Security is Aspirational
June 21, 2021 19:00 - 43 minutes - 29.8 MBHaving been a board member for technology and cyber security companies since the 90s, Matt Bigge has fine-tuned the art of being an effective board member. He and Brian discuss the evolution of a board member’s role as a company changes, adapting interactions with leadership, and some words of wisdom.
Carrots Lead to the Right Outcomes
June 08, 2021 10:00 - 43 minutes - 29.7 MBOur focus on board members continues as Kara Nortman, Managing Partner at Upfront Ventures and a board member with several technology and cyber security companies, talks about her key responsibilities as a cloud-native specialist, the importance of nurturing positive relationships, and the growing trend of third-party solutions.
The New Old Risk
May 25, 2021 02:00 - 32 minutes - 22.3 MBThe unknown factor of cyber security risk are keeping more CEOs up at night than ever before, and many of them view it as priority number one in areas of the business to address. Jay Leek brings his perspective as former Blackstone CISO, ClearSky Security co-founder, and board member for a number of cyber security companies, where he communicates today’s risk.
Recognizing Board Superpowers
May 18, 2021 13:00 - 34 minutes - 23.9 MBAs someone who has worked as a FireEye executive and been on a board member for several publicly traded companies, Julie Cullivan has been able to closely witness the dichotomy between the two. She chats with Brian about how board members can influence real cyber security development. To see the video version of this episode on YouTube, click here.
Security at the Board Level
May 11, 2021 00:00 - 32 minutes - 22.6 MBFormer RSA President & CEO Art Coviello revisits the podcast to share his wisdom for CISOs and aspiring board members, and breaks down board interactions in the private and public space.
CEP_Eric Adams
March 25, 2021 19:46 - 37 minutes - 69.5 MBAutomation, Automation, Automation
March 25, 2021 19:46 - 37 minutes - 25.8 MBWorking as a security leader at Kyriba, an international FinTech company, Eric Adams attributes a lot of success to automation – the key to developing and growing a business. He describes this and many more ways to optimize your assets, no matter how big or small.
Security Learning By Security Doing
March 25, 2021 19:41 - 53 minutes - 36.5 MBWhen it comes down to cyber security in the Federal space, US Army Reserve Colonel Jerry Chappee likens it to working on a car: your first priority should be perfecting the basics. He talks with Brian about the evolution of cyber operations, building a leadership team, and addressing vulnerabilities.
The Nature of Conflict
March 25, 2021 19:10 - 42 minutes - 29 MBFormer NSA Chief Cryptologic Technician, Retired US Navy Chief, and author Chase Cunningham is so fascinated by cyber conflict that it inspired him to create a comic book series. He and Bryan talk about the nation state interaction in cyberspace, APTs, deepfakes, and more.
When in Doubt, Hire a Marine
March 25, 2021 18:50 - 52 minutes - 36.1 MBNick Andersen’s perspective and strategy skills have evolved from his time in the Marine Corps and federal government. Now CISO of Public Sector at Lumen Technologies, he reflects on his experience overseeing cyber security for energy and emergency response, statewide threat intelligence, his day-to-day duties, and more.
Confronting Security with Data
March 25, 2021 18:32 - 52 minutes - 36.2 MBBrian chats with Soluble Co-founder and CEO Richard Seiersen, who recently published his second book, The Metrics Manifesto: Confronting Security with Data. They talk security operations, digital transformation, and cybersecurity’s growing presence in executive meetings.
From Defense to Offense
March 18, 2021 22:38 - 1 hour - 44.6 MBBrian speaks with Bill Crowell, who in his career has held Director roles in many organizations including the National Security Agency (NSA), about political ties to critical infrastructure, tension between CIOs and CISOs, and his recent projects.
A Certain Set of Skills
January 26, 2021 18:52 - 49 minutes - 34.3 MBNational Cybersecurity Center CSO and Board Member Mark Weatherford joins Brian to discuss the world of MSSPs, what the CISO’s role should be in 2021, and our fast-growing dependence on the supply chain.
Cyber Security Vendors: Then and Now
January 07, 2021 21:59 - 1 hour - 41.3 MBChief Research Analyst and author Richard Stiennon joins the podcast again to discuss his new book, Security Yearbook 2020, in which he characterizes the modern evolving cyber security vendor and the market today.
Transforming Information Security
January 07, 2021 18:32 - 56 minutes - 39.1 MBPast podcast guest Kathleen Moriarty returns to share about her new book, Transforming Information Security, in which she declares that security currently is too complex. She and Brian discuss other topics explored, including privacy, encryption, automation, and trends.
Securing the Insurance and Finance Industry
November 05, 2020 17:46 - 57 minutes - 39.2 MBBrian chats with Steven Edwards, Sr. SOC Manager at Globe Life (formerly Torchmark) about cybersecurity in the insurance and finance industry. Steven covers cloud migration, use cases and mistakes he’s learned from, and relaying security strategies to non-technical consumers and members of the board.
Securing the Insurance and Finance Industry
November 05, 2020 17:46 - 57 minutes - 39.2 MBBrian chats with Steven Edwards, Sr. SOC Manager at Globe Life (formerly Torchmark) about cybersecurity in the insurance and finance industry. Steven covers cloud migration, use cases and mistakes he’s learned from, and relaying security strategies to non-technical consumers and members of the board.
Navigating 2020 as a CISO in Aviation
October 06, 2020 14:06 - 42 minutes - 29.2 MBThe aviation industry has arguably been the most negatively impacted by the pandemic and has forced sudden changes on the organizations’ business models, cyber security operations, and more. United Airlines’ VP and CISO Deneen DeFiore talks about how the aviation organizations have adapted, key measurements for effectiveness, and the secret to maintaining a strong security mindset in these uncertain times.
Federal Government & Intel Insights
September 23, 2020 03:00 - 1 hour - 47.7 MBThis packed episode focuses on all things high-level intelligence. Brian speaks with JD Jack, FireEye VP of DoD/IC/Special Programs, on his past experience with aviation and national intelligence and how it has taught him to lead at FireEye. They look at today's intel gaps, the DoD’s biggest threats, and discuss tool collaboration.
Leading as a CISO in Auto
September 08, 2020 14:55 - 47 minutes - 32.6 MBWidespread digitization has pushed sales-driven car dealerships to build more dedicated security teams. Air Force Space Command veteran Chip Regan and Brian talk about how his military experience has prepared him to become AutoNation’s newest CISO, prioritizing critical objectives, communicating with other executives, and data security.
Threat and SIEM Management for Insurance
September 01, 2020 02:20 - 58 minutes - 40.2 MBWhere compliance obligations and regulations are concerned, the insurance industry can look almost identical to finance. DJ Goldsworthy, Aflac’s Director of Security Ops and Threat Management, talks about the pressure to adapt to the changing security landscape, past SIEM experiences, and recent trends.
Evaluating Readiness & the Future of Intel
August 18, 2020 03:58 - 51 minutes - 35.7 MBAuto Club Group CISO Gopal Padinjaruveetil loves to combine his passion for philosophy with cybersecurity and shares a fascinating prediction for IoT devices and the future for humans. He and Brian also discuss the meaning of maturity and cyber readiness, cyber economics, and the three basic types of security metrics.
Refining the Environment for OT, SCADA, and IT
July 28, 2020 15:12 - 42 minutes - 29.2 MBIn the time since Dave Bang appeared in 2018 as our first podcast guest, he’s pivoted his career at LyondellBasell from overseeing Information Technology (IT) to managing Operational Technology (OT). He and Brian cover IT vs. OT challenges, vendors’ perspectives on secure system environments, and using a streamlined approach to solve enterprise problems.
SIP and Purple Teaming
July 14, 2020 15:33 - 50 minutes - 35 MBMore organizations are keen to introduce purple teaming to their security practices but in most cases, they are not yet at the level of the business maturity needed to take that next step. Evan Pena, Director of Professional Services at Mandiant (FireEye), describes how his team uses FireEye’s premiere threat intelligence to enhance purple teaming efficiency.
Validating Helix
June 30, 2020 03:48 - 52 minutes - 35.9 MBSallie Mae Sr. Director of Cybersecurity Operations Steve Lodin returns to the podcast to share his experiences introducing and maintaining cloud-based SIEM to existing infrastructure. He and Brian discuss the technicalities of transferring a mid-size financial organization to the cloud.
The Ultimate Pairing of Threat Intel and Validation
June 16, 2020 13:47 - 30 minutes - 20.8 MBSandra Joyce, FireEye SVP & Head of Global Intelligence, returns to talk with Brian about recent infamous hacker groups’ exploitation of COVID-19, why having more security tools damages your chance of surviving a breach, and gives insight into findings from the Mandiant Validation Security Effectiveness Report.
Winning the Support of Board Rooms and CISOs
June 03, 2020 17:13 - 2 minutes - 1.88 MBBrian chats with Dawn-Marie Hutchinson, Security Transformation Executive at global pharmaceutical company GSK, on persistent industry obstacles highlighted even more by the effects of COVID-19, addressing the global skills shortage, and perfecting your security tech stack.
Mandiant Security Effectiveness Report Takeaways and Predictions
May 08, 2020 13:51 - 1 hour - 54 MBMajor General Earl Matthews, USAF (Ret) joins Brian on the Cybersecurity Effectiveness Podcast to discuss the latest hot topics in validation. They cover security for this year’s upcoming election and dive into the data recorded in Mandiant Validation’s 2020 Security Effectiveness Report, including that which inhibits organizations from garnering the most value from their existing products. Visit https://www.verodin.com/podcasts/mandiant-security-effectiveness-report-takeaways-and-pre...
Mistakes That Linger
April 06, 2020 04:23 - 24 minutes - 17.1 MBPrivacy affects all industries beyond just the obvious legal implications, and even after 20 years security vendors don’t spend enough time strengthening all factors involved. Rebecca Herold, CEO of The Privacy Professor discusses security and privacy mistakes that still pop up today, and how the education industry plays a part in data distribution.
Undergrad Experience
April 06, 2020 03:53 - 13 minutes - 9.33 MBFor a computer science undergrad looking to start a cybersecurity career, good experience depends on a healthy balance between academia and extracurriculars. University of Tennessee student Julianne Cox tells Brian how she has developed her skills inside and outside of the classroom, and looks forward to increasing diversity as the next president of her school’s Women in Cyber Security (WiCS) chapter.
Criminal Intentions
April 06, 2020 03:52 - 24 minutes - 16.6 MBAlthough we tend to portray cybersecurity as black-and-white, good vs. bad, digital forensics and incident response investigations have revealed that it’s much more complicated. Brian chats with Cindy Murphy, President & Founder of Tetra Defense (formerly Gillware Digital Forensics), about her start in law enforcement, reacting to ransomware attackers, and the mindset of a business leader.
Criminal Intentions
April 06, 2020 03:52 - 24 minutes - 16.6 MBAlthough we tend to portray cybersecurity as black-and-white, good vs. bad, digital forensics and incident response investigations have revealed that it’s much more complicated. Brian chats with Cindy Murphy, President & Founder of Tetra Defense (formerly Gillware Digital Forensics), about her start in law enforcement, reacting to ransomware attackers, and the mindset of a business leader.
The Value in Compliance
April 06, 2020 03:48 - 23 minutes - 16.4 MBSecurity and compliance misinformation runs rampant – especially with thousands of products joining the market each year. How does a service provider cut through all that noise? Choice CyberSecurity co-founder and COO Alex Rutkovitz breaks down compliance misconceptions, separating value from product, risk assessment, and more.
The Value in Compliance
April 06, 2020 03:48 - 23 minutes - 16.4 MBSecurity and compliance misinformation runs rampant – especially with thousands of products joining the market each year. How does a service provider cut through all that noise? Choice CyberSecurity co-founder and COO Alex Rutkovitz breaks down compliance misconceptions, separating value from product, risk assessment, and more.
The Path to Security Savviness
April 06, 2020 03:46 - 21 minutes - 14.7 MBConsumers may install the latest security feature on their device but perhaps the most important question is, do they know how to use it? Kyla Guru, high school senior and CEO & founder of Bits N’ Bytes Cybersecurity, deems user education a crucial aspect of security that is often overlooked in favor of the technology itself and shares how she built her own organization to empower tech users in their everyday lives.
The Automation Advantage for SOC
April 06, 2020 03:44 - 22 minutes - 15.3 MBDespite being only a couple of years old, the City of New York's cybersecurity program has quickly risen to become a model of success for cities all over the globe. Quiessence Phillips, the city’s Deputy CISO and Head of Threat Management, has spent her last few years there fortifying its SOC team. She and Brian talk “true ops” philosophy, playbook automation, and other secrets to success.
Imagination Skills
March 30, 2020 05:33 - 18 minutes - 12.5 MBGeneration Z kids have the benefit of growing up in a super-connected world with so much more available to them than other generations, but this can inhibit creativity and imagination down the road. Brian sits down with Paraben Corporation President & CEO Amber Schroader, to talk about the young new hires to digital forensics, cybercrimes in the cloud, and how her past culinary experience prepared her for her line of work.
What Qualifies as Experience?
March 30, 2020 05:30 - 21 minutes - 14.7 MBPerspectives on what’s essential to developing your skills in cyber vary depending on who you ask. Some say it depends on certifications, others say experience is the key. Mari Galloway, CEO of Women’s Society of Cyberjutsu and Sr. Security Architect, discusses her motivations, recommended approach to education and certifications, and what she looks forward to in the rest of 2020.
Investing in the Right Relationship
March 30, 2020 05:28 - 24 minutes - 16.6 MBIn order to stand out as a brilliant startup in a sea of cybersecurity vendors, a few things should always be top-of-mind: a strong investor-entrepreneur relationship, awareness of other vendors, and a thorough understanding of the landscape. Roselle Safran, who is a founder & CEO of a stealth-mode startup herself, speaks to her experience with building a strong startup and offers advice for others seeking the same.