Down the Security Rabbithole Podcast (DtSR)

** Go Vote ** Do your civic duty, and go vote. Heck, while you're standing in that long line to vote, listen to the podcast, we're not picky. This week, Rob Graham joins Rafal and James (who's back!) to talk about various topics related to threats. We start with the hacking voting machines, and it go from there. Highlights from this week's show include... We ask Rob to tell us what he knows about the Georgia 'hacking the election' case going on right now We discuss what the real threat to our elections is We ask Rob to tell us what he thinks the biggest threats are, and how we should approach them Have something to say? Let's hear it.Support the show>>> Please consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

This week, James Habben joins me in studio for what turns out to be an introspective walk through the evolving world of forensics.   Highlights from this week's show include... James gives us some background on how he got where he is We talk through some nostalgia James answers the "Is APT trying to get me" question, sort of We talk about things companies should be doing to prepare... Have something to say? Let's hear it.Support the show>>> Please consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

This week, my good friend and entrepreneur Rock Lambros (of the newly formed Rock Cyber) joins me to talk about getting the itch to go out on your own and actually doing it. Many of us have thought about it, daydreamed, but very few do it. So hear an episode from someone who did... Highlights of this week's show include... What motivates and drives someone to jump the safety net of corporate life and go off on their own? Rock gives us the secret to "How you know it's time" We discuss how you can avoid the failings of the typical "consultant" We talk through some very interesting strategy and advisory questions... (lots of gems in here!) Rock drops his list of things to think about/remember We discuss how to make security more than just a cost center Links: Rock's new company - Rock Cyber "Navigating Security in a Brave New World" (www.rockcyber.com) Have something to say? Let's hear it.Support the show>>> Please consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

This week the DtSR podcast tackles one of the thornier issues going around in the news. As the accusations of Russsian hacking continue to mount, international leaders are speaking out and making bold statements that impact policy on a global level. This topic needed to be addressed with some folks who have actual expertise in the matter - and with the understanding that what we have here are opinions and interpretations.   Highlights from this week's show include: A lively discussion on the implications of the term "cyber war" Jon and Dennis discuss the tone, and context of the article in question: https://nltimes.nl/2018/10/15/netherlands-cyber-war-russia-defense-minister-says Rafal, Patrick, and Jon go a few rounds on other cyber matters as it pertains to the term "war" and its implications If you listen to this episode and have a strong opinion - get on Twitter and use the hashtag #DtSR and let's discuss it! There is already a lively discussion started here: https://twitter.com/Wh1t3Rabbit/status/1051928507884875776  Have something to say? Let's hear it.Support the show>>> Please consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

While James is away, Raf will podcast all day ...or something like that.   Highlights from this week's show include: Bill talks about what it's like to jump into a higher education system and try and play defense We discuss the role of governance, centralized policy, and management in higher education environments Bill discusses his view on the appropriate places to work in security, in a college/higher education environment We compare and contrast the experience of security in higher education against very large enterprise (the comparison may shock you) Guest William Reyor - ( @WilliamReyor ) - William is Fairfield University’s first CISO, is a former penetration tester, and has more than a decade of security and network engineering experience. He is also the Security BSides Connecticut co-founder. You can find Bill on LinkedIn here: https://www.linkedin.com/in/wreyor/  Have something to say? Let's hear it.Support the show>>> Please consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

So, it's October 2018, and it's National Cyber Security Awareness Month. Again. James and I have a bit of an issue with this, as you'd guess. Why are we still talking about awareness when we need action? Are there really people out there that are saying "If only I was aware that there are bad people trying to do bad things, I'd had done it differently"?   Highlights from this week's show include... We riff on the thing we talk about once a year (and not anymore) James takes a shot at passwords... fish, meet the barrel Raf gets a little upset that we're talking about awareness, since 2004 and nothing really changes Raf & James ask you to take action this year and tell us about it! Hashtag it #DtSR and tell us what you're doing for NCSAM 2018 that's going to make an actual difference Have something to say? Let's hear it.Support the show>>> Please consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

On this episode of the Down the Security Rabbithole Podcast, Mary Cheney joins us fresh off her talk to the North Texas ISSA Women in Security group. She has such a colorful background and such great stories to tell - we just had to have her on the show.   Highlights from this week's show include... A walk-through of Mary's colorful and extremely diverse background Mary talks about burnout as we pick up the topic from our conversation with Ann Johnson's episode Mary talks about corporate "tools efficacy" and security's cry for wolves ...so much more! Have something to say? Let's hear it.Support the show>>> Please consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

This week, on DtSR Episode 314, the infamous (that's more than famous) John Strand joins us. No, not the male model ...the guy who's been an InfoSec legend since before you could walk.   Highlights from this week's show include... We take a stroll down memory lane We discuss the challenges with more complexity in development John takes us through what he thinks some of the faults are    Have something to say? Let's hear it.Support the show>>> Please consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

Friends welcome to yet another edition of the Down the Security Rabbithole Podcast - as we invite perennial favorite, Shawn Tuma onto the show! Shawn has a new office, a new law firm, and is giving us his take on what's new in the world of cyber and law. Listen in!   Highlights from this week's episode include... Shawn brings up "The GDPR" and the self-imposed disaster that it has become We dive into the problem with "all the data" Shawn explains the idea of "necessary and proper" and case-law for data breaches Shawn tells us about cyber insurance and the scariest word in the vernacular ... "negligence" Have something to say? Let's hear it.Support the show>>> Please consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

This week Down the Security Rabbithole Podcast welcomes two very cool ladies from the InfoSec realm. First Ann Johnson of Microsoft (if you don't know Ann, you're living under a rock, honestly) is here to discuss a tweet she put out a while ago ( https://twitter.com/ajohnsocyber/status/1033934334720278528 ) on mental health in high-pressure jobs in InfoSec. If that wasn't enough, Jennifer Duman from Armor joins us as a guest-host to provide her experienced perspective as a road warrior.   Highlights from this week's episode include... Ann discusses the big deal with working from the road, in a high-pressure InfoSec job We discuss the impact of being a road warrior has on mental health, families, and career Ann gives us some insight from the teams and companies she's worked with Ann gives us some thoughts on how to mitigate mental health impact for InfoSec professionals Guest Ann Johnson - Corporate VP, Cybersecurity Solutions @ Microsoft Twitter: @ajohnsocyber LinkedIn: https://www.linkedin.com/in/ann-johnsons/ Guest Host Jennifer Duman - Director of North American Channels @ Armor LinkedIn: https://www.linkedin.com/in/jduman/ Have something to say? Let's hear it.Support the show>>> Please consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast