Click Here
413 episodes - English - Latest episode: 6 days ago - ★★★★★ - 92 ratingsThe podcast that tells true stories about the people making and breaking our digital world. We take listeners into the world of cyber and intelligence without all the techie jargon.
Every Tuesday and Friday, former NPR investigations correspondent Dina Temple-Raston and the team draw back the curtain on ransomware attacks, mysterious hackers, and the people who are trying to stop them.
Homepage Apple Podcasts Google Podcasts Overcast Castro Pocket Casts RSS feed
Episodes
163 Tooling up to Protect Federal, State, and Local Governments
June 15, 2020 16:00 - 23 minutesOur guest is John Zanni, CEO at Acronis SCS, a company dedicated to providing secure backup, disaster recovery, and cyber protection for the U.S. public sector. He shares his unconventional journey into a career in cybersecurity, as well as insights on the unique challenges public sector organizations face when trying to protect valuable assets. We’ll also get John’s thoughts on threat intelligence, the skills and traits he looks for when hiring, and why he thinks cybersecurity organization...
162 Broadening Your View With Security Intelligence
June 08, 2020 16:00 - 19 minutesAlex Noga is a solutions engineering manager at Recorded Future, and on this week’s show, he joins us to share his insights on enhancing organizations’ ability to make the most of the information they’re gathering by adopting security intelligence. He explains how this approach helps analysts connect the dots and empowers them to focus on the signals that matter — all while blocking out the noise.
161 The Ultimate Job for a Network Defender
June 01, 2020 16:00 - 21 minutesOur guest this week is Rick Howard, chief analyst and chief security officer at the CyberWire. Rick’s career included stops in the U.S. Army in signals intelligence, teaching computer science at Westpoint, and pioneering roles in threat intelligence for the military. He’s the former chief security officer for Palo Alto Networks, where he helped create and manage their Unit 42 threat intelligence team. He shares his insights on his career as a network defender, his take on the essential role...
160 The Essential Skills of Evaluating and Communicating Risk
May 25, 2020 16:00 - 25 minutesOur guest is IT risk analyst James Dawson. James provides advice to global organizations on the issues of threat and cyber risk, and has also consulted with many organizations in the financial industry, including Danske Bank and Freddie Mac. James shares his views on the importance of being able to evaluate risk, and to do so with open eyes and a level head. He emphasizes the value in taking risks in the workplace, especially for younger workers looking to make their mark. He shares his thou...
159 Making the Framework for Threat Intelligence Easy
May 18, 2020 16:00 - 21 minutesOur guest is Chris Cochran, threat intelligence and operations lead at Netflix, and cohost of the Hacker Valley Podcast. We discuss his career in cybersecurity, from his ambitious beginnings as a student, his service in the U.S. Marine Corp and his time at U.S. Cyber Command, as a member of the team pioneering threat intelligence before it was even known by that name. He shares his thoughts on leadership, and well as his development of an intelligence framework that goes by the acronym EASY.
158 Planning for Resilience and Eventuality Amidst Global Cyber Threats
May 11, 2020 16:00 - 22 minutesOur guest is Adeel Saeed, veteran cybersecurity expert, technologist, and former CISO at State Street, previously having worked for organizations including the London Stock Exchange and the American Stock Exchange. Our conversation centers on Adeel’s mantra of planning for resilience and eventuality amid a growing range of global threats — in the cyber realm and beyond. He shares his experience after 9/11, how it’s informed his approach to preparing for the worst, and how sometimes, luck pla...
157 Promoting International Understanding and Trust
May 04, 2020 16:00 - 26 minutesOur guest is Mihoko Matsubara, chief cybersecurity strategist at Japanese telecommunications company NTT Corporation in Tokyo, where she’s responsible for cybersecurity thought leadership. Previously, Mihoko worked at the Japanese Ministry of Defense and was VP and public sector chief security officer for Asia-Pacific at Palo Alto Networks. Our conversation explores the different approaches to cybersecurity seen in Japan, and the impact those cultural differences have on that nation’s securi...
156 Blazing the Threat Hunting Trail
April 27, 2020 16:00 - 30 minutesYolonda Smith is head of cybersecurity at Sweetgreen, a fast casual restaurant chain that focuses on salads, with over 100 locations coast to coast in the U.S. Yolonda shares the challenges of securing the array of elements involved in a farm-to-table food service organization, from supply chains to customer credit cards. We’ll learn about her humble beginnings in the Air Force, her approach to problem solving and collaboration, as well her pioneering role in threat hunting — before many peo...
155 Faster Decisions Through Automation
April 20, 2020 16:00 - 23 minutesOur guest this week is Bob Stasio, global cyber threat leader at Dupont, a global Fortune 500 company with around 35,000 employees. Bob shares his professional pathway beginning in the U.S. Army, with stops along the way at NSA and U.S. Cyber Command, and at private sector companies like Bloomberg and IBM. In this episode, we get Bob’s take on threat intelligence and learn why he thinks automation is one of the key components to future success in securing organizations — both internally and ...
154 The Business Case for Risk-Based Cybersecurity
April 13, 2020 16:00 - 23 minutesOn today’s show, we welcome back Recorded Future’s senior vice president of global intelligence, Levi Gundert, to discuss his newly published book, “The Risk Business: What CISOs Need to Know About Risk-Based Cybersecurity.” In our conversation, Levi makes the case for risk-based cybersecurity and describes the various challenges that organizations face when implementing it. He also proposes updated frameworks and explains the value of strategic threat intelligence.
153 A Culture of Drive, Work Ethic, and Attention to Detail
April 06, 2020 16:00 - 21 minutesOur guest today is Nick Kael. He’s chief technology officer at Ericom Software, a company that provides secure web isolation and remote application access software and cloud services. In our conversation, Nick shares his professional journey, including the important lessons his experience in the U.S. military have provided. We’ll learn about his leadership style, his take on threat intelligence, what he looks for when hiring, and his approach to his day-to-day responsibilities.
152 Mitigating Threat Actors’ Shift Toward Automation
March 30, 2020 14:00 - 24 minutesResearchers from Recorded Future’s Insikt Group have been tracking the increased use of automation by a variety of threat actors around the world. Similar to the way that legitimate businesses use automation to increase their efficiency and productivity, the bad guys have adopted various tools to help maximize their profits and scale operations. They’ve built a thriving underground marketplace, and there’s no sign that they’re slowing down. Roman Sannikov leads Recorded Future’s cybercrime a...
151 Meeting the Security Challenges of a Global Pandemic
March 23, 2020 16:00 - 20 minutesThe COVID-19 global pandemic has set us all back on our heels, as we make adjustments to our day-to-day lives and prepare for what is yet to come. The situation is evolving quickly, and when it comes to security, there are a number of concerns — starting with the massive shift for many to working from home. Add to that the general feeling of unease that comes with so much uncertainty, along with threat actors who are all too willing to take advantage of the situation. Allan Liska is a threat...
150 A Healthy Respect for Ransomware
March 16, 2020 16:00 - 21 minutesDespite the cybersecurity industry’s best efforts, ransomware continues to affect individuals and organizations of just about every shape and size — from mom-and-pop shops, to global organizations, and even municipalities. As the developers of ransomware continue to bring in their ill-gotten gains, they’ve invested in infrastructure and customer service to keep it easy to deploy their wares and collect their loot. Lorne Hazlewood is a senior information security analyst at BKD LLP. He joins...
149 A Nuanced Approach to MSSP and MDR Services
March 09, 2020 16:00 - 19 minutesMany organizations find themselves puzzling through the countless security products and services on offer these days, decoding the buzzwords and acronyms, hoping to find clarity and understanding. MSSP and MDR services are among those offerings. MSSP stands for managed security service provider, and MDR is managed detection and response. Our guest today will help sort out the sometimes subtle differences between the two. Sean Blenkhorn is chief product officer at eSentire, and he shares his ...
148 Gamification of Incident Response in the Cyber Range
March 02, 2020 17:00 - 26 minutesWhen it comes to incident response — just like in sports — you’ve got to practice like you play. In warfare, they say, “No plan survives contact with the enemy,” and heavyweight boxing champion Mike Tyson had his own version: “Everyone has a plan until they get punched in the face.” The point is, until you are actually in the heat of a high-pressure situation, it’s highly unlikely that you’ll be able to predict how you and the members of your team will react. Our guest this week is Christop...
147 Security That Fits the Needs of the Organization
February 24, 2020 17:00 - 21 minutesThere’s that old saying, “The more things change, the more things stay the same.” In cyber security and incident response, even with all of the new tools, increased speed and mounting threats, a large part of keeping any organization safe comes down to taking care of the basics, the tried and true techniques that have served us well for decades. Our guest this week is Gavin Reid, chief information security officer at Recorded Future. He’s a firm believer in taking care of the basics, empower...
146 Security Wisdom from the FS-ISAC
February 17, 2020 17:00 - 21 minutesOur guest this week is DK Lee. He’s an information sharing operations manager at FS-ISAC, the financial services information sharing and analysis center. They’re an industry consortium focused on reducing cyber risk in the global financial system, and count over seven thousand financial institutions as members. DK joins us to share his insights on threat intelligence, along with his opinions on leadership, organizational maturity, and checking your ego at the door.
145 Understanding Russia's Global Online Influence
February 10, 2020 17:00 - 25 minutesOur guest is Oscar Jonsson. He’s the director of the Stockholm Free World Forum, a Swedish foreign and security policy think tank, and an associated researcher at the Swedish Defense University. Previously, Oscar was a subject-matter expert at the Policy and Plans Department at the Swedish Armed Forces Headquarters. Our conversation focuses on Oscar’s recent book, “The Russian Understanding of War: Blurring the Lines Between War and Peace.” In it, he tracks the history of Russian tactics an...
144 A Journalist's Perspective on Global Cyber Threats
February 03, 2020 17:00 - 18 minutesHakan Tanriverdi is a journalist covering cybersecurity for Germany’s public broadcasting network. In our conversation this week, we discuss the challenges of reporting on a highly technical subject area, making your stories accessible to the general public, and having the courage to ask the obvious questions. We’ll get his insights on being a good consumer of news, as well as his thoughts on where journalism is headed.
143 Teachers, Trainers, and Educators
January 27, 2020 17:00 - 22 minutesOur guest this week is Jeremy Blackthorne, president of the Boston Cybernetics Institute. They provide a variety of cybersecurity services, and our conversation focuses on their unique approach to training, specifically for members of the U.S. military. Jeremy served in the U.S. Marine Corps, and we explore the advantages that provides when approaching both training and operational security issues. We’ll get his take on threat intelligence, as well.
142 The Physical and the Digital of Open Source Intelligence
January 20, 2020 17:00 - 17 minutesOur guest this week is Nico Dekens. Online, people know him as the “Dutch OSINT Guy,” a handle he’s earned through his extensive knowledge and background in open source intelligence. Nico shares his own history getting into the field, as well as some real-world examples of how he goes about gathering OSINT, and how individuals can do a better job protecting themselves online. And, of course, we’ll get his insights on threat intelligence as well.
141 Threat Intelligence is the Centerfold
January 13, 2020 17:00 - 41 minutesOur guest this week is Steven Atnip. He’s a senior advisor for Verizon’s threat research advisory center and the dark web hunting team. Steven shares his early career experience in the U.S. Navy and explains why he believes the military provides unique opportunities for people looking to launch their careers. We’ll hear his views on the importance of company culture, being a lifelong learner, how to step up to challenges of an organization running at scale, as well as his insights on securit...
140 Protecting the Financial Sector Never Goes Out of Style
January 06, 2020 17:00 - 20 minutesOur guest this week is Daniel Cuthbert. He’s the global head of cybersecurity research for Banco Santander, and he sits on both the Black Hat review board and the Black Hat training board. Our conversation centers on his work in the financial industry, his unusual path to cybersecurity, and his thoughts on creative diversity. We get his take on threat intelligence, as well as his insights on team leadership and seeking a career in security.
139 The Value in Sharing Your Experience With the World
December 30, 2019 17:00 - 21 minutesJoining us this week is Espen Johansen, operations and security manager at Visma, an information technology and services company headquartered in Oslo. He shares insights on the types of attacks he sees targeting organizations like Visma, and the lessons learned from a nation-state attack Visma experience in August 2018. He’ll give us his take on threat intelligence, as well as advice for organizations looking to just beginning their threat intelligence journey. We sat down with Espen Johans...
138 Insights From a Distinguished Law Enforcement Veteran
December 16, 2019 17:00 - 18 minutesOur guest this week is Edward Davis. He’s president and CEO of The Edward Davis Company, a business strategy and security services firm, but he is perhaps best known for his role as former police commissioner for the city of Boston — a role he held during the tragic Boston Marathon bombing in 2013. In the aftermath of that event, he was the face of the city, as his team coordinated and collaborated with other local and national law enforcement agencies. We discuss his experience with the Bos...
137 Traveling the Globe With Threat Intelligence
December 09, 2019 17:00 - 19 minutesBooking.com is one of the leading travel booking sites in the world, facilitating over one and a half million room nights via their platform every day. With that many clients, in addition to a network of third-party suppliers and partners around the world, Booking.com successfully fends off more than their fair share of attempted attacks. Our guests today are two members from Booking.com’s security team who work every day to help protect the organization — Anastasios Pingios, principal secur...
136 Threat Hunting, Mentoring, and Having a Presence
December 02, 2019 17:00 - 25 minutesOur guest today is O’Shea Bowens. He’s CEO of Null Hat Security and a SOC manager for Toast, a Boston-area firm, where he focuses on threat hunting, incident response, SOC operations, and cloud computing. O’Shea shares his early beginnings as a teenage hacker learning the ropes, his career path, and why he believes it’s important to be a role model, a mentor, and to have a presence in the security community.
135 From Infamous MySpace Wormer to Open Source Advocate
November 25, 2019 17:00 - 22 minutesIf you are of a certain age — an age where you may have spent a good bit of your time online using Myspace — you may recall an incident with the Samy worm, which in 2005 spread through Myspace so quickly and uncontrollably that they had to temporarily shut the service down to regain control. It was, by all accounts, a prank that got out of hand, but the authorities were not amused, and Samy Kamkar, who wrote the worm, was eventually sentenced to probation, community service, and a hefty fine....
134 Solving the Business Challenges of Governance, Risk, and Compliance
November 18, 2019 17:00 - 25 minutesOur guest today is Syra Arif, a senior advisory solutions architect in the security and risk practice at ServiceNow, a global cloud computing company. Syra shares her insights on providing customers with solutions to the business challenges of governance, risk, and compliance. She shares her experience coming up through the industry as a woman, and we also get her perspective on threat intelligence and why it’s critical for organizations to embrace diversity.
133 Security Intelligence in the Digital Transformation
November 11, 2019 17:00 - 23 minutesAs organizations become increasingly complex in their push for digital transformation, the need for actionable, automated threat intelligence for everyone has never been greater. On this week’s show, we tackle that very topic with Recorded Future’s chief of intelligence solutions, Stuart Solomon. We caught up with Stuart at Recorded Future’s RFUN: Predict 2019 conference in Washington, D.C. to discuss threat intelligence, the notion of security intelligence, and some practical considerations ...
132 Municipalities Face Unique Cybersecurity Challenges
November 04, 2019 17:00 - 28 minutesCities and municipalities have made headlines recently in their efforts to defend themselves from cyber attacks, most notably ransomware. Joining us this week to discuss the unique security challenges faced by municipalities are two guests. Margaret Byrnes is Executive Director of the New Hampshire Municipal Association, a non-profit membership organization that provides education, training, advocacy and legal services to cities and towns across New Hampshire. Joe Howland is Chief Information...
131 Never Underestimate Threat Actors' Persistence
October 28, 2019 16:00 - 21 minutesOur guest this week is Jöerg Schauff. He’s a principal consultant at Symantec, focusing on cyber and threat intelligence. He shares his insights on the challenges he sees his clients facing in Germany and how their experiences inform proper defenses internationally. We’ll discuss the differences between run-of-the-mill thieves and nation-state threat groups, as well as how organizations can best make use of threat intelligence and set themselves up for success.
130 Strategy and Focus Protect New York City
October 21, 2019 16:00 - 23 minutesOur guest this week is Quiessence Phillips, deputy CISO and head of threat management for New York City Cyber Command. She’s one of the leaders of a team of cybersecurity professionals working to strengthen and coordinate the cyber defenses of one of the largest and most important cities in the world. Quiessence joins us to share valuable insights into managing the scale of the responsibilities she and her team hold, the techniques she advocates for staying ahead of threats, as well as her t...
129 Cybersecurity is National Security
October 14, 2019 16:00 - 19 minutesOn this week’s show, we welcome back Lauren Zabierek. The last time she joined us, she was a senior intelligence analyst at Recorded Future, but she’s since taken on the role of director of the cybersecurity project at Harvard’s Belfer Center. She shares the mission of her organization, the role she thinks it has to play on the national and international stage, and why making sure everyone has a seat at the table leads to better, safer outcomes.
128 Understanding Social Engineering and Maintaining Healthy Paranoia
October 07, 2019 16:00 - 22 minutesOur guest today is Rosa Smothers, senior vice president of cyber operations at KnowBe4, where she leads KnowBe4’s federal practice efforts, including providing cybersecurity advisory services to civilian and military agencies within the U.S. federal government. From her humble beginnings with a used 8-bit home computer, Rosa’s career experience includes over a decade in the CIA, leading cyber operations against terrorists and nation-state adversaries. She served multiple tours overseas as a ...
127 Disinformation for Sale
October 01, 2019 16:00 - 28 minutesDisinformation campaigns are in the news. Starting with the 2016 U.S. election cycle, continuing in 2018, and now looking ahead to 2020, the threat of online influence operations from foreign adversaries has been top of mind — but there’s a different kind of disinformation for sale on the dark web. Researchers from Recorded Future’s Insikt Group engaged with two threat actors selling their wares on Russian-speaking underground forums. They discovered that disinformation campaigns are readily...
126 Intelligence from Internet Background Noise
September 24, 2019 17:34 - 23 minutesWhen we talk about threat intelligence, we often put it in the context of bringing information to the surface, creating context and alerts to let you know what you need to be concerned with. We also speak of cutting through the noise, of pulling the signal out and transforming it into actionable intelligence. Our guest today is Andrew Morris. He’s CEO of GreyNoise Intelligence, a company that describes itself as “anti-threat intelligence.” That’s not to say they’re against threat intelligenc...
125 Coming to a City or Town Near You: Ransomware
September 16, 2019 22:30 - 23 minutesThere has been a growing number of ransomware attacks targeting cities and towns across the U.S. Once hit, cities and towns face a number of tough decisions — pay the ransom, restore from backup — and all of this happens with a backdrop of needing to provide vital services to citizens. To add insult to injury, many cities and towns face tight IT and security budgets. They’ve been asking for more security and better backup tools, but are quite often being told that the money is simply not ther...
124 The Intersection of Political Science, Risk Management, and Cybersecurity
September 09, 2019 16:00 - 31 minutesOur guest today is Matt Devost. He’s CEO and co-founder of OODA LLC, a company that helps clients identify, manage, and respond to global risks and uncertainties. Matt Devost has been at the intersection of public policy and cybersecurity since it became possible to align the two. He has expertise in counterterrorism, critical infrastructure protection, intelligence, risk management, and cybersecurity issues. In addition to sharing the story of his career journey, we’ll get his insights on ...
123 Crowdsourcing Phishing Defenses for Herd Immunity
September 03, 2019 16:30 - 22 minutesOur guest today is Josh Kamdjou. He’s co-founder of Sublime Security, a company that’s looking to address the widespread security issues of phishing and spearphishing by offering open source tools that alert users to a range of potential indicators, as well as giving users the opportunity to share their findings with the community, to more quickly spread the word about new and growing threats. We’ll learn about his career journey, get his thoughts on threat intelligence, and hear his advice...
122 Hong Kong Protests and the Rise of Online Influence Operations
August 27, 2019 15:50 - 24 minutesRecent protests in Hong Kong have highlighted a growing trend in online influence operations, in this case from mainland China. Officials there have been using Western social media platforms to influence public perception of the Hong Kong protests. Those social media platforms have, in turn, shut down accounts they’ve determined are posting what they call “inauthentic content.” Researchers in Recorded Future’s Insikt Group have been analyzing these attempts at online influence operations an...
121 The Art and Science of SOAR
August 19, 2019 16:00 - 23 minutesOur guest today is Cody Cornell. He’s CEO of Swimlane, a SOAR platform provider. Cody began his career in the U.S. Coast Guard and has spent 15 years in IT and security, including roles with the U.S. Defense Information Systems Agency, the Department of Homeland Security (DHS), American Express, and IBM Global Business Services. We’ll learn about his career path from sailor to CEO, he’ll share his insider perspective on SOAR platforms and how organizations are using them, and we’ll learn ab...
120 Pioneering Threat Intelligence Before It Had a Name
August 16, 2019 15:15 - 24 minutesOur guest today is Larci Robertson. She’s a senior manager in cyber threat intelligence at Epsilon, a marketing and advertising firm in Irving, Texas. Larci got started in threat intelligence right after college when she joined the U.S. Navy, back before the term “threat intelligence” had been coined. She eventually left the service and worked with a number of defense contractors, before moving to the private sector as a senior cyber threat analyst at PepsiCo, and ultimately to her current po...
119 The Inevitable Evolution of SIEMs
August 05, 2019 16:00 - 24 minutesOur guest today is Monzy Merza. He’s the VP and head of security research at Splunk. He shares his journey into tech and security, including leadership positions in both the government and private sectors, his thoughts on threat intelligence and the maturity companies need to properly implement it, as well as his perspective on the current state of SIEMs, and how they’ll need to evolve to keep up with the changes happening in the industry and the world at large.
118 Public Safety, Digital Forensics, and SOAR
July 29, 2019 16:00 - 23 minutesOur guest is John Moran, senior product manager at DFLabs, whose offerings include a SOAR platform for cybersecurity. John shares his career journey from public safety to digital forensics and cybersecurity, his thoughts on some of the benefits and misconceptions surrounding SOAR deployment, insights on threat intelligence, and much more.
117 A Passion for Pen Testing
July 22, 2019 16:00 - 16 minutesOur guest is Jason Bernier. He’s a penetration tester, working to help organizations ensure their systems are secure, and helping them understand where their weaknesses may be. He’s got some insightful stories to share from his work, along with practical advice for folks looking to find their place in the industry. To be sure, it’s serious work, but there’s no question Jason is passionate about his job, and he has a good time doing it.
116 Darknet DDoSer Does Damage to Dread
July 15, 2019 16:00 - 22 minutesCriminal markets on dark web forums are the online version of a bad neighborhood, complete with sellers, buyers, and people who make their living connecting those groups. They tend to be self-policing, and so when an individual discovers a fundamental flaw in the technical foundation of the community and then decides to take advantage of that flaw to hold entire markets for ransom, that tends to get people’s attention. It’s a high-stakes game. Daniel Byrnes is a senior threat intelligence an...
115 Intelligence for the OSINT Curious
July 08, 2019 16:00 - 25 minutesOur guest today is Micah Hoffman. He’s principal consultant at Spotlight Infosec, and one of the founders of the OSINT Curious web site, an online destination for enthusiasts and students of open source intelligence gathering and analysis techniques. He shares his professional journey from psychology to information security, his insights on the growing availability and important of open source intelligence, his emphasis on ethics, and how organizations can best integrate open source tools in...
114 Unwrapping Fishwrap, a New Social Media Misinformation Methodology
July 01, 2019 16:00 - 20 minutesResearchers at Recorded Future have recently detected and described a new kind of influence operation that they’ve named “Fishwrap.” The technique involves recycling previously published news accounts of terrorist activities and amplifying their exposure through social media, with the apparent intent of sowing the seeds of distrust and unease. Our guest today is Staffan Truvé, CTO and co-founder of Recorded Future. He’ll describe the tools they used to uncover the Fishwrap campaign, the conc...