Down the Security Rabbithole Podcast (DtSR)

TL;DR:This episode is part of the Leadership series of episodes, with the one and only James Beeson. James is one of the quintessential CISOs who is successful in both his craft and business world. I had the pleasure to work with James and his team many years ago and I can't wait for you to hear his insights and lessons learned. If you can get either some coaching or insights from James - take it and thank me later.YouTube Video: https://youtube.com/live/L_gDnWNREvQHave something to say? Let's hear it.Support the show>>> Please consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

TL;DR: This week, I virtually sat down 1 on 1 with my long-time friend, cyber security veteran,  and fellow smartass Christopher Davis to talk about the state of pre-sales (sales engineering) in our industry. We've both done it, being both seller and buyer of security products and services -- and we can complain about the state of things. Chris offers some solid advice, so take notes!Have something to say? Let's hear it.Support the show>>> Please consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

TL;DR:  As we talked about last year, Jim Tiller is joining us as a regular guest on an episode that looks forward (uncomfortably) to 2024 with all the mayhem and disappointment it will no doubt bring to the cybersecurity industry. What's coming? Let's talk about it... and we're not holding back.YouTube video: https://youtube.com/live/B5K4WQg0S7ALink James referenced: https://www.theregister.com/2024/01/05/swatting_extorion_tactics/Have something to say? Let's hear it.Support the show>>> Please consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

TL;DR:On this first episode of 2024, what better way to ring in the new year than to discuss the evolution of (knowledge) work? For this show, my friend Bill Pelletier joins as the Statler to my Waldorf as we discuss where knowledge work was a decade ago, where it is today (post-Covid), and what it could be if we thread the needle just right. In the end, one thing is for certain - the "future work experts" are not very smart, or they'd understand single-factor statements are stupid.Check out the YouTube video here: https://youtube.com/live/NeLsw10uUfYThe article in reference is here: https://finance.yahoo.com/news/ceos-finally-admit-next-return-133000281.htmlHave something to say? Let's hear it.Support the show>>> Please consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

The podcast discusses the risks and complexities of connecting devices, explores the parallels between cloud and hardware ecosystems, examines the expanding attack surface and the importance of auto-updating devices, explores the challenges of IoT device control and network segregation, and offers a glimpse into their upcoming fun year-end wrap-up episode.

TL;DR:Your favorite podcast is back, after a short break, and bringing you another packed episode with Brandon Dunlap & Jim "All Tiller, no filler" Tiller where we discuss Kelly Shortridge's column "Security Isn't Special".Some things we agree with, some things we don't, but we talk through it thoroughly. That's part of the fun! Join the pod, and see what we're talking about.Have something to say? Let's hear it.Support the show>>> Please consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

Mike Towers, a gentleman with 'digital trust' in his job title, discusses the importance of trust in the digital age and its implications for security and risk management. They explore the erosion of trust in human interactions, the difficulty of distinguishing between genuine and fake content, and the ongoing challenges of establishing trust in cybersecurity. They also touch on the role of the chief information security officer, the government's role in cybersecurity, and the idea of building trust through collaboration and a consumer-oriented rating system.

Experts Jim Tiller and Anton Chuvakin discuss the evolution and challenges of Security Operations Centers (SOC), including the impact of global macroeconomics on security technology, the importance of collaboration between different teams, and the shift towards automation. They also explore false positives and negatives in the modern SOC environment, and the challenges of outsourcing security operations.

TL;DR:On this episode of the pod, Jim Tiller and I talk through the hot takes published about the SEC vs SolarWinds and Brown, and why so many people are getting it all wrong. I highly encourage you to go read the actual indictment before giving your opinion. Link to the SEC page: https://www.sec.gov/news/press-release/2023-227YouTube video: https://youtube.com/live/9z4g9p3BW-YMy YouTube "short" on this subject: https://youtube.com/shorts/o1Qsdy5xU-oHave something to say? Let's hear it.Support the show>>> Please consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast

TL;DR:Executive Conference organizers - this episode is for YOU.On today's episode of the podcast, it's just James and I on the microphone discussing all of these executive security events you may be getting invited to. They're just generally bad - people with big titles rattling off corporate marketing speak, with low attendance and low value. Or ...is there a better way? We discuss, and offer some suggestions to conference organizers to make these events fun and worthwhile again.Link to the "CyberSecurity Collaboration Forum" I reference: https://www.linkedin.com/company/cybersecurity-collaboration-forums/YouTube Video: https://youtube.com/live/5vErHLi9c5YHave something to say? Let's hear it.Support the show>>> Please consider clicking the link above to support the show!-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=YouTube home: https://youtube.com/playlist?list=PLyo0dkKRvfVtWXjRxNISrhme1MgBj3C2U&si=scHDiTuLXSEQ9qHqLinkedIn Page: https://www.linkedin.com/company/down-the-security-rabbithole-podcast/X/Twitter: https://twitter.com/dtsr_podcast