Cyber Security Effectiveness Podcast artwork

Cyber Security Effectiveness Podcast

113 episodes - English - Latest episode: almost 2 years ago - ★★★★★ - 14 ratings

Do boards and business leaders understand the risks? Is security improving, barely keeping up with threats, or falling painfully behind? And more importantly, if what kept us secure has stopped working, what do we need to do to fix it? Join host Brian Contos and his guests as they explore these questions on The Cyber Security Effectiveness Podcast.

Technology Business Investing data cyber cybersecurity instrumentation security validation
Homepage Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed

Episodes

The Defender's Advantage Podcast

March 30, 2022 20:00 - 1 minute - 976 KB

If you are here looking for Cyber Security Effectiveness, we invite you to visit the feed of Mandiant’s new podcast, The Defender’s Advantage Podcast: https://www.buzzsprout.com/1762840   The new show launches this week with the same great content you've come to expect from us and even more. Host Luke McNamara anchors our Threat Trends series, chatting with Mandiant intel analysts, consultants, and researchers, as well as external practitioners and leaders in cyber security, all through a t...

Overwhelming Abundance of Alerts

December 07, 2021 05:00 - 17 minutes - 11.9 MB

Mandiant Regional Account Executive Maggie Wilder sums up customers’ viewpoints best – they are being expected to do more with less. While there has never been more awareness around cyber security, the rate of acceleration for threats has been astounding and many are feeling lost. What is an organization to do?

24/7 SOC Life

November 09, 2021 03:00 - 27 minutes - 18.7 MB

The Behavior Research Team is a group unique to the work on which Mandiant Security Validation prides itself: assuring customers that they are protected. Drew Holland, Manager of Threat Research at Mandiant, joins the conversation to talk about landscape trends, his career in threat research, and why he loves what he does. 

Augmentations for Tools and People

October 18, 2021 23:00 - 12 minutes - 8.51 MB

Brian talks with Mandiant Advantage’s Janice Kennedy, Director of Channel Management for the Western region, to get her perspective from the partner side of security. They delve into the types of response they are seeing from the channel and how these partners are building upon their skillsets and tools. 

Secure and SaaSsy

October 05, 2021 05:00 - 26 minutes - 18 MB

Mandiant Regional Account Executive Toks Jowosimi is one of the few who have witnessed the maturation and evolution of Mandiant Security Validation from the beginning, and has her own unique perspective to share on its transformation. She and Brian talk reactivity vs. proactivity, today’s common use cases for security validation, and customer priorities. 

Finding a Big Bucket of Money

September 21, 2021 01:00 - 23 minutes - 16 MB

One of the most common security questions that organizations ask is how to better their security posture without exceeding their tight budget -- not an easy task. Brian and Mandiant Sr. Director of Customer Engineering Morris Hicks dig into Mandiant Security Validation’s ability to help organizations optimize their existing investments and cut out unnecessary overlap. 

The Era of Collaboration

September 07, 2021 02:00 - 28 minutes - 19.9 MB

The world of incident response has slowly been moving further from the “ninja-like” appraoch it's been known for. Purple team extraordinaire Evan Peña revisits the podcast to talk about changes to incident response, purple teaming, and the recent shift toward collaboration with other teams to eliminate today’s largest threats.

The Days of Security Gone By

August 23, 2021 17:00 - 41 minutes - 28.5 MB

In our 100th episode, Brian brings on longtime friend and colleague Colby DeRodeff to talk about past projects, the surge of threat intelligence, and Mandiant Security Validation’s rapid expansion within the market. 

A Very Special Episode: #99

August 09, 2021 17:00 - 23 minutes - 16.5 MB

To commemorate the 99th episode, Brian brings on his two co-producers -- Daniel Craig and Katie Billigmeier -- to reminisce about the podcast's beginnings, how it's grown in the past three years, and each of their favorite episodes.

Weaponizing Mandates

July 12, 2021 18:00 - 35 minutes - 24.2 MB

Devon Goforth has been with Mandiant Security Validation (formerly Verodin) since its early startup days in 2015, and had infused his background of electrical engineering, physics, and math with an interest in cyber security. He shares not only how the company and solutions have changed, but also current influences on the threat ecosystem, risks, and hacker trends.

Who You Gonna Call (In the Event of a Breach)?

June 28, 2021 17:00 - 21 minutes - 14.6 MB

Board members are not only crucial for helping lead a company in the right direction, but nowadays they also offer crucial cyber security guidance. And those with a legal background, like FireEye’s Alexa King, provide an even more valuable perspective in the event of a breach and help organizations mitigate risks as an organization evolves.

Security is Aspirational

June 21, 2021 19:00 - 43 minutes - 29.8 MB

Having been a board member for technology and cyber security companies since the 90s, Matt Bigge has fine-tuned the art of being an effective board member. He and Brian discuss the evolution of a board member’s role as a company changes, adapting interactions with leadership, and some words of wisdom. 

Carrots Lead to the Right Outcomes

June 08, 2021 10:00 - 43 minutes - 29.7 MB

Our focus on board members continues as Kara Nortman, Managing Partner at Upfront Ventures and a board member with several technology and cyber security companies, talks about her key responsibilities as a cloud-native specialist, the importance of nurturing positive relationships, and the growing trend of third-party solutions.

The New Old Risk

May 25, 2021 02:00 - 32 minutes - 22.3 MB

The unknown factor of cyber security risk are keeping more CEOs up at night than ever before, and many of them view it as priority number one in areas of the business to address. Jay Leek brings his perspective as former Blackstone CISO, ClearSky Security co-founder, and board member for a number of cyber security companies, where he communicates today’s risk. 

Recognizing Board Superpowers

May 18, 2021 13:00 - 34 minutes - 23.9 MB

As someone who has worked as a FireEye executive and been on a board member for several publicly traded companies, Julie Cullivan has been able to closely witness the dichotomy between the two. She chats with Brian about how board members can influence real cyber security development. To see the video version of this episode on YouTube, click here.

Security at the Board Level

May 11, 2021 00:00 - 32 minutes - 22.6 MB

Former RSA President & CEO Art Coviello revisits the podcast to share his wisdom for CISOs and aspiring board members, and breaks down board interactions in the private and public space. 

CEP_Eric Adams

March 25, 2021 19:46 - 37 minutes - 69.5 MB

Automation, Automation, Automation

March 25, 2021 19:46 - 37 minutes - 25.8 MB

Working as a security leader at Kyriba, an international FinTech company, Eric Adams attributes a lot of success to automation – the key to developing and growing a business. He describes this and many more ways to optimize your assets, no matter how big or small.

Security Learning By Security Doing

March 25, 2021 19:41 - 53 minutes - 36.5 MB

When it comes down to cyber security in the Federal space, US Army Reserve Colonel Jerry Chappee likens it to working on a car: your first priority should be perfecting the basics. He talks with Brian about the evolution of cyber operations, building a leadership team, and addressing vulnerabilities.

The Nature of Conflict

March 25, 2021 19:10 - 42 minutes - 29 MB

Former NSA Chief Cryptologic Technician, Retired US Navy Chief, and author Chase Cunningham is so fascinated by cyber conflict that it inspired him to create a comic book series. He and Bryan talk about the nation state interaction in cyberspace, APTs, deepfakes, and more.

When in Doubt, Hire a Marine

March 25, 2021 18:50 - 52 minutes - 36.1 MB

Nick Andersen’s perspective and strategy skills have evolved from his time in the Marine Corps and federal government. Now CISO of Public Sector at Lumen Technologies, he reflects on his experience overseeing cyber security for energy and emergency response, statewide threat intelligence, his day-to-day duties, and more.

Confronting Security with Data

March 25, 2021 18:32 - 52 minutes - 36.2 MB

Brian chats with Soluble Co-founder and CEO Richard Seiersen, who recently published his second book, The Metrics Manifesto: Confronting Security with Data. They talk security operations, digital transformation, and cybersecurity’s growing presence in executive meetings.

From Defense to Offense

March 18, 2021 22:38 - 1 hour - 44.6 MB

Brian speaks with Bill Crowell, who in his career has held Director roles in many organizations including the National Security Agency (NSA), about political ties to critical infrastructure, tension between CIOs and CISOs, and his recent projects.

A Certain Set of Skills

January 26, 2021 18:52 - 49 minutes - 34.3 MB

National Cybersecurity Center CSO and Board Member Mark Weatherford joins Brian to discuss the world of MSSPs, what the CISO’s role should be in 2021, and our fast-growing dependence on the supply chain. 

Cyber Security Vendors: Then and Now

January 07, 2021 21:59 - 1 hour - 41.3 MB

Chief Research Analyst and author Richard Stiennon joins the podcast again to discuss his new book, Security Yearbook 2020, in which he characterizes the modern evolving cyber security vendor and the market today.

Transforming Information Security

January 07, 2021 18:32 - 56 minutes - 39.1 MB

Past podcast guest Kathleen Moriarty returns to share about her new book, Transforming Information Security, in which she declares that security currently is too complex. She and Brian discuss other topics explored, including privacy, encryption, automation, and trends.

Securing the Insurance and Finance Industry

November 05, 2020 17:46 - 57 minutes - 39.2 MB

Brian chats with Steven Edwards, Sr. SOC Manager at Globe Life (formerly Torchmark) about cybersecurity in the insurance and finance industry. Steven covers cloud migration, use cases and mistakes he’s learned from, and relaying security strategies to non-technical consumers and members of the board.  

Securing the Insurance and Finance Industry

November 05, 2020 17:46 - 57 minutes - 39.2 MB

Brian chats with Steven Edwards, Sr. SOC Manager at Globe Life (formerly Torchmark) about cybersecurity in the insurance and finance industry. Steven covers cloud migration, use cases and mistakes he’s learned from, and relaying security strategies to non-technical consumers and members of the board.  

Navigating 2020 as a CISO in Aviation

October 06, 2020 14:06 - 42 minutes - 29.2 MB

The aviation industry has arguably been the most negatively impacted by the pandemic and has forced sudden changes on the organizations’ business models, cyber security operations, and more. United Airlines’ VP and CISO Deneen DeFiore talks about how the aviation organizations have adapted, key measurements for effectiveness, and the secret to maintaining a strong security mindset in these uncertain times. 

Federal Government & Intel Insights

September 23, 2020 03:00 - 1 hour - 47.7 MB

This packed episode focuses on all things high-level intelligence. Brian speaks with JD Jack, FireEye VP of DoD/IC/Special Programs, on his past experience with aviation and national intelligence and how it has taught him to lead at FireEye. They look at today's intel gaps, the DoD’s biggest threats, and discuss tool collaboration.

Leading as a CISO in Auto

September 08, 2020 14:55 - 47 minutes - 32.6 MB

Widespread digitization has pushed sales-driven car dealerships to build more dedicated security teams. Air Force Space Command veteran Chip Regan and Brian talk about how his military experience has prepared him to become AutoNation’s newest CISO, prioritizing critical objectives, communicating with other executives, and data security.

Threat and SIEM Management for Insurance

September 01, 2020 02:20 - 58 minutes - 40.2 MB

Where compliance obligations and regulations are concerned, the insurance industry can look almost identical to finance. DJ Goldsworthy, Aflac’s Director of Security Ops and Threat Management, talks about the pressure to adapt to the changing security landscape, past SIEM experiences, and recent trends.

Evaluating Readiness & the Future of Intel

August 18, 2020 03:58 - 51 minutes - 35.7 MB

Auto Club Group CISO Gopal Padinjaruveetil loves to combine his passion for philosophy with cybersecurity and shares a fascinating prediction for IoT devices and the future for humans. He and Brian also discuss the meaning of maturity and cyber readiness, cyber economics, and the three basic types of security metrics.

Refining the Environment for OT, SCADA, and IT

July 28, 2020 15:12 - 42 minutes - 29.2 MB

In the time since Dave Bang appeared in 2018 as our first podcast guest, he’s pivoted his career at LyondellBasell from overseeing Information Technology (IT) to managing Operational Technology (OT). He and Brian cover IT vs. OT challenges, vendors’ perspectives on secure system environments, and using a streamlined approach to solve enterprise problems.

SIP and Purple Teaming

July 14, 2020 15:33 - 50 minutes - 35 MB

More organizations are keen to introduce purple teaming to their security practices but in most cases, they are not yet at the level of the business maturity needed to take that next step. Evan Pena, Director of Professional Services at Mandiant (FireEye), describes how his team uses FireEye’s premiere threat intelligence to enhance purple teaming efficiency.

Validating Helix

June 30, 2020 03:48 - 52 minutes - 35.9 MB

Sallie Mae Sr. Director of Cybersecurity Operations Steve Lodin returns to the podcast to share his experiences introducing and maintaining cloud-based SIEM to existing infrastructure. He and Brian discuss the technicalities of transferring a mid-size financial organization to the cloud.

The Ultimate Pairing of Threat Intel and Validation

June 16, 2020 13:47 - 30 minutes - 20.8 MB

Sandra Joyce, FireEye SVP & Head of Global Intelligence, returns to talk with Brian about recent infamous hacker groups’ exploitation of COVID-19, why having more security tools damages your chance of surviving a breach, and gives insight into findings from the Mandiant Validation Security Effectiveness Report.

Winning the Support of Board Rooms and CISOs

June 03, 2020 17:13 - 2 minutes - 1.88 MB

Brian chats with Dawn-Marie Hutchinson, Security Transformation Executive at global pharmaceutical company GSK, on persistent industry obstacles highlighted even more by the effects of COVID-19, addressing the global skills shortage, and perfecting your security tech stack.

Mandiant Security Effectiveness Report Takeaways and Predictions

May 08, 2020 13:51 - 1 hour - 54 MB

Major General Earl Matthews, USAF (Ret) joins Brian on the Cybersecurity Effectiveness Podcast to discuss the latest hot topics in validation. They cover security for this year’s upcoming election and dive into the data recorded in Mandiant Validation’s 2020 Security Effectiveness Report, including that which inhibits organizations from garnering the most value from their existing products.   Visit https://www.verodin.com/podcasts/mandiant-security-effectiveness-report-takeaways-and-pre...

Mistakes That Linger

April 06, 2020 04:23 - 24 minutes - 17.1 MB

Privacy affects all industries beyond just the obvious legal implications, and even after 20 years security vendors don’t spend enough time strengthening all factors involved. Rebecca Herold, CEO of The Privacy Professor discusses security and privacy mistakes that still pop up today, and how the education industry plays a part in data distribution.

Undergrad Experience

April 06, 2020 03:53 - 13 minutes - 9.33 MB

For a computer science undergrad looking to start a cybersecurity career, good experience depends on a healthy balance between academia and extracurriculars. University of Tennessee student Julianne Cox tells Brian how she has developed her skills inside and outside of the classroom, and looks forward to increasing diversity as the next president of her school’s Women in Cyber Security (WiCS) chapter.

Criminal Intentions

April 06, 2020 03:52 - 24 minutes - 16.6 MB

Although we tend to portray cybersecurity as black-and-white, good vs. bad, digital forensics and incident response investigations have revealed that it’s much more complicated. Brian chats with Cindy Murphy, President & Founder of Tetra Defense (formerly Gillware Digital Forensics), about her start in law enforcement, reacting to ransomware attackers, and the mindset of a business leader.

Criminal Intentions

April 06, 2020 03:52 - 24 minutes - 16.6 MB

Although we tend to portray cybersecurity as black-and-white, good vs. bad, digital forensics and incident response investigations have revealed that it’s much more complicated. Brian chats with Cindy Murphy, President & Founder of Tetra Defense (formerly Gillware Digital Forensics), about her start in law enforcement, reacting to ransomware attackers, and the mindset of a business leader.

The Value in Compliance

April 06, 2020 03:48 - 23 minutes - 16.4 MB

Security and compliance misinformation runs rampant – especially with thousands of products joining the market each year. How does a service provider cut through all that noise? Choice CyberSecurity co-founder and COO Alex Rutkovitz breaks down compliance misconceptions, separating value from product, risk assessment, and more.

The Value in Compliance

April 06, 2020 03:48 - 23 minutes - 16.4 MB

Security and compliance misinformation runs rampant – especially with thousands of products joining the market each year. How does a service provider cut through all that noise? Choice CyberSecurity co-founder and COO Alex Rutkovitz breaks down compliance misconceptions, separating value from product, risk assessment, and more.

The Path to Security Savviness

April 06, 2020 03:46 - 21 minutes - 14.7 MB

Consumers may install the latest security feature on their device but perhaps the most important question is, do they know how to use it? Kyla Guru, high school senior and CEO & founder of Bits N’ Bytes Cybersecurity, deems user education a crucial aspect of security that is often overlooked in favor of the technology itself and shares how she built her own organization to empower tech users in their everyday lives.

The Automation Advantage for SOC

April 06, 2020 03:44 - 22 minutes - 15.3 MB

Despite being only a couple of years old, the City of New York's cybersecurity program has quickly risen to become a model of success for cities all over the globe. Quiessence Phillips, the city’s Deputy CISO and Head of Threat Management, has spent her last few years there fortifying its SOC team. She and Brian talk “true ops” philosophy, playbook automation, and other secrets to success. 

Imagination Skills

March 30, 2020 05:33 - 18 minutes - 12.5 MB

Generation Z kids have the benefit of growing up in a super-connected world with so much more available to them than other generations, but this can inhibit creativity and imagination down the road. Brian sits down with Paraben Corporation President & CEO Amber Schroader, to talk about the young new hires to digital forensics, cybercrimes in the cloud, and how her past culinary experience prepared her for her line of work.

What Qualifies as Experience?

March 30, 2020 05:30 - 21 minutes - 14.7 MB

Perspectives on what’s essential to developing your skills in cyber vary depending on who you ask. Some say it depends on certifications, others say experience is the key. Mari Galloway, CEO of Women’s Society of Cyberjutsu and Sr. Security Architect, discusses her motivations, recommended approach to education and certifications, and what she looks forward to in the rest of 2020. 

Investing in the Right Relationship

March 30, 2020 05:28 - 24 minutes - 16.6 MB

In order to stand out as a brilliant startup in a sea of cybersecurity vendors, a few things should always be top-of-mind: a strong investor-entrepreneur relationship, awareness of other vendors, and a thorough understanding of the landscape. Roselle Safran, who is a founder & CEO of a stealth-mode startup herself, speaks to her experience with building a strong startup and offers advice for others seeking the same.

Books

The Line Between
1 Episode