Click Here
403 episodes - English - Latest episode: 2 days ago - ★★★★★ - 92 ratingsThe podcast that tells true stories about the people making and breaking our digital world. We take listeners into the world of cyber and intelligence without all the techie jargon.
Every Tuesday and Friday, former NPR investigations correspondent Dina Temple-Raston and the team draw back the curtain on ransomware attacks, mysterious hackers, and the people who are trying to stop them.
Homepage Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Episodes
153 A Culture of Drive, Work Ethic, and Attention to Detail
April 06, 2020 16:00 - 21 minutesOur guest today is Nick Kael. He’s chief technology officer at Ericom Software, a company that provides secure web isolation and remote application access software and cloud services. In our conversation, Nick shares his professional journey, including the important lessons his experience in the U.S. military have provided. We’ll learn about his leadership style, his take on threat intelligence, what he looks for when hiring, and his approach to his day-to-day responsibilities.
152 Mitigating Threat Actors’ Shift Toward Automation
March 30, 2020 14:00 - 24 minutesResearchers from Recorded Future’s Insikt Group have been tracking the increased use of automation by a variety of threat actors around the world. Similar to the way that legitimate businesses use automation to increase their efficiency and productivity, the bad guys have adopted various tools to help maximize their profits and scale operations. They’ve built a thriving underground marketplace, and there’s no sign that they’re slowing down. Roman Sannikov leads Recorded Future’s cybercrime a...
151 Meeting the Security Challenges of a Global Pandemic
March 23, 2020 16:00 - 20 minutesThe COVID-19 global pandemic has set us all back on our heels, as we make adjustments to our day-to-day lives and prepare for what is yet to come. The situation is evolving quickly, and when it comes to security, there are a number of concerns — starting with the massive shift for many to working from home. Add to that the general feeling of unease that comes with so much uncertainty, along with threat actors who are all too willing to take advantage of the situation. Allan Liska is a threat...
150 A Healthy Respect for Ransomware
March 16, 2020 16:00 - 21 minutesDespite the cybersecurity industry’s best efforts, ransomware continues to affect individuals and organizations of just about every shape and size — from mom-and-pop shops, to global organizations, and even municipalities. As the developers of ransomware continue to bring in their ill-gotten gains, they’ve invested in infrastructure and customer service to keep it easy to deploy their wares and collect their loot. Lorne Hazlewood is a senior information security analyst at BKD LLP. He joins...
149 A Nuanced Approach to MSSP and MDR Services
March 09, 2020 16:00 - 19 minutesMany organizations find themselves puzzling through the countless security products and services on offer these days, decoding the buzzwords and acronyms, hoping to find clarity and understanding. MSSP and MDR services are among those offerings. MSSP stands for managed security service provider, and MDR is managed detection and response. Our guest today will help sort out the sometimes subtle differences between the two. Sean Blenkhorn is chief product officer at eSentire, and he shares his ...
148 Gamification of Incident Response in the Cyber Range
March 02, 2020 17:00 - 26 minutesWhen it comes to incident response — just like in sports — you’ve got to practice like you play. In warfare, they say, “No plan survives contact with the enemy,” and heavyweight boxing champion Mike Tyson had his own version: “Everyone has a plan until they get punched in the face.” The point is, until you are actually in the heat of a high-pressure situation, it’s highly unlikely that you’ll be able to predict how you and the members of your team will react. Our guest this week is Christop...
147 Security That Fits the Needs of the Organization
February 24, 2020 17:00 - 21 minutesThere’s that old saying, “The more things change, the more things stay the same.” In cyber security and incident response, even with all of the new tools, increased speed and mounting threats, a large part of keeping any organization safe comes down to taking care of the basics, the tried and true techniques that have served us well for decades. Our guest this week is Gavin Reid, chief information security officer at Recorded Future. He’s a firm believer in taking care of the basics, empower...
146 Security Wisdom from the FS-ISAC
February 17, 2020 17:00 - 21 minutesOur guest this week is DK Lee. He’s an information sharing operations manager at FS-ISAC, the financial services information sharing and analysis center. They’re an industry consortium focused on reducing cyber risk in the global financial system, and count over seven thousand financial institutions as members. DK joins us to share his insights on threat intelligence, along with his opinions on leadership, organizational maturity, and checking your ego at the door.
145 Understanding Russia's Global Online Influence
February 10, 2020 17:00 - 25 minutesOur guest is Oscar Jonsson. He’s the director of the Stockholm Free World Forum, a Swedish foreign and security policy think tank, and an associated researcher at the Swedish Defense University. Previously, Oscar was a subject-matter expert at the Policy and Plans Department at the Swedish Armed Forces Headquarters. Our conversation focuses on Oscar’s recent book, “The Russian Understanding of War: Blurring the Lines Between War and Peace.” In it, he tracks the history of Russian tactics an...
144 A Journalist's Perspective on Global Cyber Threats
February 03, 2020 17:00 - 18 minutesHakan Tanriverdi is a journalist covering cybersecurity for Germany’s public broadcasting network. In our conversation this week, we discuss the challenges of reporting on a highly technical subject area, making your stories accessible to the general public, and having the courage to ask the obvious questions. We’ll get his insights on being a good consumer of news, as well as his thoughts on where journalism is headed.
143 Teachers, Trainers, and Educators
January 27, 2020 17:00 - 22 minutesOur guest this week is Jeremy Blackthorne, president of the Boston Cybernetics Institute. They provide a variety of cybersecurity services, and our conversation focuses on their unique approach to training, specifically for members of the U.S. military. Jeremy served in the U.S. Marine Corps, and we explore the advantages that provides when approaching both training and operational security issues. We’ll get his take on threat intelligence, as well.
142 The Physical and the Digital of Open Source Intelligence
January 20, 2020 17:00 - 17 minutesOur guest this week is Nico Dekens. Online, people know him as the “Dutch OSINT Guy,” a handle he’s earned through his extensive knowledge and background in open source intelligence. Nico shares his own history getting into the field, as well as some real-world examples of how he goes about gathering OSINT, and how individuals can do a better job protecting themselves online. And, of course, we’ll get his insights on threat intelligence as well.
141 Threat Intelligence is the Centerfold
January 13, 2020 17:00 - 41 minutesOur guest this week is Steven Atnip. He’s a senior advisor for Verizon’s threat research advisory center and the dark web hunting team. Steven shares his early career experience in the U.S. Navy and explains why he believes the military provides unique opportunities for people looking to launch their careers. We’ll hear his views on the importance of company culture, being a lifelong learner, how to step up to challenges of an organization running at scale, as well as his insights on securit...
140 Protecting the Financial Sector Never Goes Out of Style
January 06, 2020 17:00 - 20 minutesOur guest this week is Daniel Cuthbert. He’s the global head of cybersecurity research for Banco Santander, and he sits on both the Black Hat review board and the Black Hat training board. Our conversation centers on his work in the financial industry, his unusual path to cybersecurity, and his thoughts on creative diversity. We get his take on threat intelligence, as well as his insights on team leadership and seeking a career in security.
139 The Value in Sharing Your Experience With the World
December 30, 2019 17:00 - 21 minutesJoining us this week is Espen Johansen, operations and security manager at Visma, an information technology and services company headquartered in Oslo. He shares insights on the types of attacks he sees targeting organizations like Visma, and the lessons learned from a nation-state attack Visma experience in August 2018. He’ll give us his take on threat intelligence, as well as advice for organizations looking to just beginning their threat intelligence journey. We sat down with Espen Johans...
138 Insights From a Distinguished Law Enforcement Veteran
December 16, 2019 17:00 - 18 minutesOur guest this week is Edward Davis. He’s president and CEO of The Edward Davis Company, a business strategy and security services firm, but he is perhaps best known for his role as former police commissioner for the city of Boston — a role he held during the tragic Boston Marathon bombing in 2013. In the aftermath of that event, he was the face of the city, as his team coordinated and collaborated with other local and national law enforcement agencies. We discuss his experience with the Bos...
137 Traveling the Globe With Threat Intelligence
December 09, 2019 17:00 - 19 minutesBooking.com is one of the leading travel booking sites in the world, facilitating over one and a half million room nights via their platform every day. With that many clients, in addition to a network of third-party suppliers and partners around the world, Booking.com successfully fends off more than their fair share of attempted attacks. Our guests today are two members from Booking.com’s security team who work every day to help protect the organization — Anastasios Pingios, principal secur...
136 Threat Hunting, Mentoring, and Having a Presence
December 02, 2019 17:00 - 25 minutesOur guest today is O’Shea Bowens. He’s CEO of Null Hat Security and a SOC manager for Toast, a Boston-area firm, where he focuses on threat hunting, incident response, SOC operations, and cloud computing. O’Shea shares his early beginnings as a teenage hacker learning the ropes, his career path, and why he believes it’s important to be a role model, a mentor, and to have a presence in the security community.
135 From Infamous MySpace Wormer to Open Source Advocate
November 25, 2019 17:00 - 22 minutesIf you are of a certain age — an age where you may have spent a good bit of your time online using Myspace — you may recall an incident with the Samy worm, which in 2005 spread through Myspace so quickly and uncontrollably that they had to temporarily shut the service down to regain control. It was, by all accounts, a prank that got out of hand, but the authorities were not amused, and Samy Kamkar, who wrote the worm, was eventually sentenced to probation, community service, and a hefty fine....
134 Solving the Business Challenges of Governance, Risk, and Compliance
November 18, 2019 17:00 - 25 minutesOur guest today is Syra Arif, a senior advisory solutions architect in the security and risk practice at ServiceNow, a global cloud computing company. Syra shares her insights on providing customers with solutions to the business challenges of governance, risk, and compliance. She shares her experience coming up through the industry as a woman, and we also get her perspective on threat intelligence and why it’s critical for organizations to embrace diversity.
133 Security Intelligence in the Digital Transformation
November 11, 2019 17:00 - 23 minutesAs organizations become increasingly complex in their push for digital transformation, the need for actionable, automated threat intelligence for everyone has never been greater. On this week’s show, we tackle that very topic with Recorded Future’s chief of intelligence solutions, Stuart Solomon. We caught up with Stuart at Recorded Future’s RFUN: Predict 2019 conference in Washington, D.C. to discuss threat intelligence, the notion of security intelligence, and some practical considerations ...
132 Municipalities Face Unique Cybersecurity Challenges
November 04, 2019 17:00 - 28 minutesCities and municipalities have made headlines recently in their efforts to defend themselves from cyber attacks, most notably ransomware. Joining us this week to discuss the unique security challenges faced by municipalities are two guests. Margaret Byrnes is Executive Director of the New Hampshire Municipal Association, a non-profit membership organization that provides education, training, advocacy and legal services to cities and towns across New Hampshire. Joe Howland is Chief Information...
131 Never Underestimate Threat Actors' Persistence
October 28, 2019 16:00 - 21 minutesOur guest this week is Jöerg Schauff. He’s a principal consultant at Symantec, focusing on cyber and threat intelligence. He shares his insights on the challenges he sees his clients facing in Germany and how their experiences inform proper defenses internationally. We’ll discuss the differences between run-of-the-mill thieves and nation-state threat groups, as well as how organizations can best make use of threat intelligence and set themselves up for success.
130 Strategy and Focus Protect New York City
October 21, 2019 16:00 - 23 minutesOur guest this week is Quiessence Phillips, deputy CISO and head of threat management for New York City Cyber Command. She’s one of the leaders of a team of cybersecurity professionals working to strengthen and coordinate the cyber defenses of one of the largest and most important cities in the world. Quiessence joins us to share valuable insights into managing the scale of the responsibilities she and her team hold, the techniques she advocates for staying ahead of threats, as well as her t...
129 Cybersecurity is National Security
October 14, 2019 16:00 - 19 minutesOn this week’s show, we welcome back Lauren Zabierek. The last time she joined us, she was a senior intelligence analyst at Recorded Future, but she’s since taken on the role of director of the cybersecurity project at Harvard’s Belfer Center. She shares the mission of her organization, the role she thinks it has to play on the national and international stage, and why making sure everyone has a seat at the table leads to better, safer outcomes.
128 Understanding Social Engineering and Maintaining Healthy Paranoia
October 07, 2019 16:00 - 22 minutesOur guest today is Rosa Smothers, senior vice president of cyber operations at KnowBe4, where she leads KnowBe4’s federal practice efforts, including providing cybersecurity advisory services to civilian and military agencies within the U.S. federal government. From her humble beginnings with a used 8-bit home computer, Rosa’s career experience includes over a decade in the CIA, leading cyber operations against terrorists and nation-state adversaries. She served multiple tours overseas as a ...
127 Disinformation for Sale
October 01, 2019 16:00 - 28 minutesDisinformation campaigns are in the news. Starting with the 2016 U.S. election cycle, continuing in 2018, and now looking ahead to 2020, the threat of online influence operations from foreign adversaries has been top of mind — but there’s a different kind of disinformation for sale on the dark web. Researchers from Recorded Future’s Insikt Group engaged with two threat actors selling their wares on Russian-speaking underground forums. They discovered that disinformation campaigns are readily...
126 Intelligence from Internet Background Noise
September 24, 2019 17:34 - 23 minutesWhen we talk about threat intelligence, we often put it in the context of bringing information to the surface, creating context and alerts to let you know what you need to be concerned with. We also speak of cutting through the noise, of pulling the signal out and transforming it into actionable intelligence. Our guest today is Andrew Morris. He’s CEO of GreyNoise Intelligence, a company that describes itself as “anti-threat intelligence.” That’s not to say they’re against threat intelligenc...
125 Coming to a City or Town Near You: Ransomware
September 16, 2019 22:30 - 23 minutesThere has been a growing number of ransomware attacks targeting cities and towns across the U.S. Once hit, cities and towns face a number of tough decisions — pay the ransom, restore from backup — and all of this happens with a backdrop of needing to provide vital services to citizens. To add insult to injury, many cities and towns face tight IT and security budgets. They’ve been asking for more security and better backup tools, but are quite often being told that the money is simply not ther...
124 The Intersection of Political Science, Risk Management, and Cybersecurity
September 09, 2019 16:00 - 31 minutesOur guest today is Matt Devost. He’s CEO and co-founder of OODA LLC, a company that helps clients identify, manage, and respond to global risks and uncertainties. Matt Devost has been at the intersection of public policy and cybersecurity since it became possible to align the two. He has expertise in counterterrorism, critical infrastructure protection, intelligence, risk management, and cybersecurity issues. In addition to sharing the story of his career journey, we’ll get his insights on ...
123 Crowdsourcing Phishing Defenses for Herd Immunity
September 03, 2019 16:30 - 22 minutesOur guest today is Josh Kamdjou. He’s co-founder of Sublime Security, a company that’s looking to address the widespread security issues of phishing and spearphishing by offering open source tools that alert users to a range of potential indicators, as well as giving users the opportunity to share their findings with the community, to more quickly spread the word about new and growing threats. We’ll learn about his career journey, get his thoughts on threat intelligence, and hear his advice...
122 Hong Kong Protests and the Rise of Online Influence Operations
August 27, 2019 15:50 - 24 minutesRecent protests in Hong Kong have highlighted a growing trend in online influence operations, in this case from mainland China. Officials there have been using Western social media platforms to influence public perception of the Hong Kong protests. Those social media platforms have, in turn, shut down accounts they’ve determined are posting what they call “inauthentic content.” Researchers in Recorded Future’s Insikt Group have been analyzing these attempts at online influence operations an...
121 The Art and Science of SOAR
August 19, 2019 16:00 - 23 minutesOur guest today is Cody Cornell. He’s CEO of Swimlane, a SOAR platform provider. Cody began his career in the U.S. Coast Guard and has spent 15 years in IT and security, including roles with the U.S. Defense Information Systems Agency, the Department of Homeland Security (DHS), American Express, and IBM Global Business Services. We’ll learn about his career path from sailor to CEO, he’ll share his insider perspective on SOAR platforms and how organizations are using them, and we’ll learn ab...
120 Pioneering Threat Intelligence Before It Had a Name
August 16, 2019 15:15 - 24 minutesOur guest today is Larci Robertson. She’s a senior manager in cyber threat intelligence at Epsilon, a marketing and advertising firm in Irving, Texas. Larci got started in threat intelligence right after college when she joined the U.S. Navy, back before the term “threat intelligence” had been coined. She eventually left the service and worked with a number of defense contractors, before moving to the private sector as a senior cyber threat analyst at PepsiCo, and ultimately to her current po...
119 The Inevitable Evolution of SIEMs
August 05, 2019 16:00 - 24 minutesOur guest today is Monzy Merza. He’s the VP and head of security research at Splunk. He shares his journey into tech and security, including leadership positions in both the government and private sectors, his thoughts on threat intelligence and the maturity companies need to properly implement it, as well as his perspective on the current state of SIEMs, and how they’ll need to evolve to keep up with the changes happening in the industry and the world at large.
118 Public Safety, Digital Forensics, and SOAR
July 29, 2019 16:00 - 23 minutesOur guest is John Moran, senior product manager at DFLabs, whose offerings include a SOAR platform for cybersecurity. John shares his career journey from public safety to digital forensics and cybersecurity, his thoughts on some of the benefits and misconceptions surrounding SOAR deployment, insights on threat intelligence, and much more.
117 A Passion for Pen Testing
July 22, 2019 16:00 - 16 minutesOur guest is Jason Bernier. He’s a penetration tester, working to help organizations ensure their systems are secure, and helping them understand where their weaknesses may be. He’s got some insightful stories to share from his work, along with practical advice for folks looking to find their place in the industry. To be sure, it’s serious work, but there’s no question Jason is passionate about his job, and he has a good time doing it.
116 Darknet DDoSer Does Damage to Dread
July 15, 2019 16:00 - 22 minutesCriminal markets on dark web forums are the online version of a bad neighborhood, complete with sellers, buyers, and people who make their living connecting those groups. They tend to be self-policing, and so when an individual discovers a fundamental flaw in the technical foundation of the community and then decides to take advantage of that flaw to hold entire markets for ransom, that tends to get people’s attention. It’s a high-stakes game. Daniel Byrnes is a senior threat intelligence an...
115 Intelligence for the OSINT Curious
July 08, 2019 16:00 - 25 minutesOur guest today is Micah Hoffman. He’s principal consultant at Spotlight Infosec, and one of the founders of the OSINT Curious web site, an online destination for enthusiasts and students of open source intelligence gathering and analysis techniques. He shares his professional journey from psychology to information security, his insights on the growing availability and important of open source intelligence, his emphasis on ethics, and how organizations can best integrate open source tools in...
114 Unwrapping Fishwrap, a New Social Media Misinformation Methodology
July 01, 2019 16:00 - 20 minutesResearchers at Recorded Future have recently detected and described a new kind of influence operation that they’ve named “Fishwrap.” The technique involves recycling previously published news accounts of terrorist activities and amplifying their exposure through social media, with the apparent intent of sowing the seeds of distrust and unease. Our guest today is Staffan Truvé, CTO and co-founder of Recorded Future. He’ll describe the tools they used to uncover the Fishwrap campaign, the conc...
113 Being Courageous, Curious, and Thoughtful in Cybersecurity
June 24, 2019 16:00 - 32 minutesOur guest today is Tracy Maleeff. Before earning a position as a cyber analyst at a Fortune 500 company, she ran her own firm, providing information security and competitive intelligence research. Prior to that she worked as a Library Resources Manager for a major law firm. Tracy shares the story of her unusual career journey from library science to cyber security, her advice for getting up to speed after a mid-career course change, as well as her thoughts on team building and the importance...
112 Making the Most of the NIST Cybersecurity Framework
June 17, 2019 16:00 - 30 minutesThe NIST Cybersecurity Framework has become a valuable tool for evaluating security across a variety of business sectors. Originally published in 2014 and targeting critical infrastructure, the framework continues to evolve to meet the changing needs of organizations in the U.S. and around the world. Its popularity stems from its thoroughness, applicability, and approachability. Our guests today are Ken Durbin, senior strategist for global government affairs and cybersecurity at Symantec, an...
111 The Threat Intelligence Value Proposition
June 10, 2019 16:00 - 17 minutesJoining us today is John TerBush, senior threat intelligence researcher at Recorded Future. John is an instructor with the SANS Institute, currently teaching a course on open source intelligence that he helped develop. Before joining Recorded Future, he was a senior cyber threat intelligence analyst and subject matter expert with consulting firm Booz Allen Hamilton’s Cyber4Sight, and before that he worked for Symantec as a security operations center analyst. Earlier in his career, he worked a...
110 Advocating OWASP, Securing Elections, and Standing Your Ground
June 03, 2019 16:00 - 36 minutesOur guest today is Tanya Janca. She’s a senior cloud advocate at Microsoft, where she specializes in application security. She’s a popular speaker at security conferences around the world, evangelizing software security and advocating for developers. And she’s a leader in the Open Web Application Security Project (OWASP) community, as well as an advocate and mentor for underrepresented communities in the security industry. She discusses her journey from software developer to security practit...
109 Applying Threat Intelligence Throughout Your Organization
May 28, 2019 16:00 - 21 minutesThreat Intelligence is a wide ranging term, and it can mean different things to different people as they consider the variety of ways to best integrate it into their organization’s cyber defense strategies. In today’s show, we’re exploring the possibilities for leveraging threat intelligence throughout your organization, from the SOC to the board room, from incident response to fraud protection, and much more. Joining us to guide our journey is Recorded Future’s Mike Petronaci. Before joinin...
108 Investing in Technology, Innovative Leaders, and Yourself
May 20, 2019 16:00 - 23 minutesOur guest today is Niloofar Razi Howe. She’s a respected technology executive, entrepreneur, board member and investor, having served as Chief Strategy officer for Endgame and, later, RSA Security. She’s a life member of the Council on Foreign relations, and a Recorded Future board member. Our conversation touches a range of topics, from her start as an attorney and entrepreneur, her shift to venture capital, and her executive level assignments as chief strategy officer. We’ll get her take o...
107 A Risk-Based Approach From Spammers to Nation-States
May 13, 2019 16:00 - 23 minutesOur guest today is Martijn Grooten. He’s editor at Virus Bulletin, an online forum for sharing the latest cybersecurity research and intelligence, which dates back to 1989. They’re also an independent testing and certification body, and they hold a popular international security conference annually. Our conversation spans a range of topics, including the evolution of threats that Martijn has tracked over the past several decades, the current state of malicious email campaigns, why he believe...
106 A Fresh Take on Defining Threat Intelligence
May 06, 2019 16:00 - 26 minutesIn this episode, we check in with Recorded Future’s Levi Gundert and Allan Liska for a refresher on threat intelligence, including how they have come to describe it and why some people have a hard time wrapping their heads around what, exactly, it is and is not. We’ll find out whether threat intelligence is for everyone, and if so, how organizations of different sizes can best engage and make use of actionable threat intelligence. And we’ll learn how combining the strengths of human analysts...
105 StubHub Leverages Empathy and Emotional Intelligence for Threat Hunting
April 29, 2019 16:00 - 22 minutesStubHub is the world’s largest ticket marketplace, where buyers and sellers of tickets for sports, concerts, theater, and other live entertainment events connect and do business. They partner with over a hundred entertainment venues and sports teams, enabling the exchange of hundreds of millions of tickets each year. With all of that money flowing through their system, they naturally attract their share of fraudsters. One of the people on the front lines protecting StubHub and their users is...
104 Information Security Is Not an IT Risk, It's a Business Risk
April 22, 2019 16:00 - 29 minutesOur guest today is Brian Haugli. He’s a partner at Side Channel Security, a consulting firm in the Boston area. Prior to forming Side Channel Security, he was chief security officer for The Hanover Insurance Group. Earlier in his career, he held civilian leadership positions at the Pentagon, helping organizations in the Department of Defense implement cybersecurity best practices. Today, he helps organizations of all sizes to evaluate their security using a risk-based approach, while taking ...