Redefining CyberSecurity

In this Brand Story podcast episode, as part of our Black Hat USA conference coverage, host Sean Martin connects with Willy Leichter as he sheds light on his extensive experience spanning over 24 years in the security realm. With a keen focus on cyclical patterns of security, he underscores the unique position of Cyware, a brand that has worked assiduously to bridge silos across industries. While discussing the broader vision of threat intelligence, he underscores its potential in predicting and mitigating attacks proactively.Join Wily and Sean and they dig into the complexities of threat intelligence, highlighting the importance of clear notifications and the stories behind them. Sean recalls his experiences as a product manager building an enterprise SIEM solution, shedding light on the challenges of orchestrating bidirectional data exchanges due to the diversity of data formats. This reflection underscores the need for a more streamlined and scalable approach.Willy discusses Cyware's role in addressing these challenges. He explains how Cyware assists teams and systems in understanding and acting upon various threats. The conversation also touches on the role of Artificial Intelligence (AI) in improving integrations and managing threats. A significant portion of the discussion focuses on the potential of bidirectional threat intelligence sharing, emphasizing its advantage over the typical one-way sharing that's more common.As the episode progresses, the concept of threat intelligence as a service is introduced. In a digital age where cyber threats are continually evolving, Sean and Willy stress the need for a united front in defense. They advocate for a collaborative approach, emphasizing the benefits of collective defense in an industry where real-time sharing and coordination are paramount.Note: This story contains promotional content. Learn more: https://www.itspmagazine.com/their-infosec-storyGuest: Willy Leichter, VP of Marketing at Cyware [@CywareCo]On LinkedIn | https://www.linkedin.com/in/willyleichter/ResourcesLearn more about Cyware and their offering: https://itspm.ag/cywaremja9For more Black Hat USA 2023 coverage: https://itspmagazine.com/black-hat-usa-2023-cybersecurity-event-coverage-in-las-vegasAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story

Guest: Eric Parizo, Managing Principle Analyst at Omdia [@OmdiaHQ]On Linkedin | https://www.linkedin.com/in/ericparizo/On Twitter | https://twitter.com/EricParizo____________________________Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martin____________________________This Episode’s SponsorsIsland.io | https://itspm.ag/island-io-6b5ffd____________________________Episode NotesIn this episode of the Redefining CyberSecurity Podcast, as part of our Chats on the Road series to Black Hat USA 2023 in Las Vegas host Sean Martin and guest Eric Parizo discuss the upcoming Omdia Analyst Summit at Black Hat USA.Eric, the Managing Principal Analyst for the Omdia Cybersecurity Research Team, shares insights into the summit's agenda and the exciting research they have been working on. The summit covers a range of topics, including economic challenges in cybersecurity, proactive security, SASE, IoT and OT security, data security, managed security services, and AI in cybersecurity.They also touch on budget allocation and how organizations are shifting their resources and investing in external security capabilities. While security budgets are generally holding steady or increasing, the economic uncertainty may impact the second half of the year. The conversation highlights the importance of demonstrating ROI and value in existing security spend.The concept of proactive security takes center stage, as Eric explains that it involves finding and addressing threats before they impact an organization.They discuss the three broad categories of security solutions: preventative, reactive, and proactive. Proactive security is seen as the missing piece in the cybersecurity puzzle, allowing organizations to get ahead of security problems and reduce overall risk. Eric teases the attendees of the summit with the promise of exploring specific proactive solutions and the potential for proactive security platforms that bring together various proactive capabilities.Throughout the conversation, Sean and Eric provide a sneak peek into the summit's agenda, emphasizing the importance of the topics being discussed and the cutting-edge research being presented. The episode showcases the expertise and knowledge of Eric as a leading analyst in the cybersecurity field and offers valuable insights for security leaders and professionals.Hosted by Sean Martin, the Redefining CyberSecurity Podcast provides listeners with thought-provoking discussions on cybersecurity topics.Stay tuned for all of our Black Hat USA 2023 coverage: https://www.itspmagazine.com/bhusa____ResourcesOmdia Analyst Summit: https://www.blackhat.com/us-23/omdia-analyst-summit.htmlFor more Black Hat USA 2023 Event information, coverage, and podcast and video episodes, visit: https://www.itspmagazine.com/black-hat-usa-2023-cybersecurity-event-coverage-in-las-vegasAre you interested in telling your story in connection with our Black Hat coverage? Book a briefing here:👉 https://itspm.ag/bhusa23tspWant to connect you brand to our Black Hat coverage and also tell your company story? Explore the sponsorship bundle here:👉 https://itspm.ag/bhusa23bndlTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-cybersecurity-podcastAre you interested in sponsoring an ITSPmagazine Channel?👉 https://www.itspmagazine.com/podcast-series-sponsorships 

Guests: Cat Self, Principal Adversary Emulation Engineer, MITRE [@MITREcorp]On Linkedin | https://www.linkedin.com/in/coolestcatiknow/On Twitter | https://twitter.com/coolestcatiknowKate Esprit, Senior Cyber Threat Intelligence Analyst at MITRE [@MITREcorp]On Linkedin | https://www.linkedin.com/in/kate-e-2b262695/____________________________Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast and Audio Signals PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________This Episode’s SponsorsIsland.io | https://itspm.ag/island-io-6b5ffd____________________________Episode NotesIn this new Chats on the Road to Black Hat USA 2023 on the ITSPmagazine Podcast Network, hosts Sean and Marco are joined by Cat and Kate from MITRE to discuss the world of adversary emulation and its importance in improving cybersecurity. The conversation covers MITRE's role as an industry thought leader and their focus on making the cyber world a safer place. They explain how MITRE ATT&CK, a framework based on observations from blue and red engagements, led to the development of ATT&CK evaluations, which aim to raise the standard of the industry and provide transparency. The hosts and guests emphasize the need for transparency in adversary emulation and how MITRE releases their methodology, results, and code to make the practice more accessible.The group also discusses the challenges faced in aligning emulation plans with the diverse and unique solutions deployed by different vendors and the importance of maintaining the integrity of what the adversaries would actually do. The conversation also touches on the differences between adversary emulation and simulation. While emulation replicates the actions and techniques of specific adversaries, simulation allows for more flexibility and blends different components of multiple adversaries.The hosts and guests also explore the power and responsibility that comes with conducting adversary emulation, drawing parallels to superheroes like Batman and Spider-Man.About the session — Becoming a Dark Knight: Adversary Emulation Demonstration for ATT&CK EvaluationsBatman once said, "you either die a hero or live long enough to see yourself become the villain." What if there was a way to become a cyber villain for the greater good? For the last 5 years, the MITRE ATT&CK Evaluations team has been improving the industry by "becoming the villain." We study some of the world's most advanced threat actors, develop a scenario, build malware and tools, then execute the operations against major EDR vendors. And the best part? Not only do we get the business justification of becoming a villain to advance defenders, but our code is also open-sourced.Using a Latin American APT as our real-world villain, this talk will showcase how to merge CTI and red development capabilities for adversary emulation.First, our cyber threat intelligence team (CTI) demonstrates how to evaluate reports with the sufficient technical data needed to emulate the adversary's usage of particular techniques. We will build a scenario, create CTI diagrams based on our analysis, address gaps in data, and create alternative attack methods for the red team.Next, the red team enters the scene to collaborate with the CTI team. They begin building malware, tools, and infrastructure. Translating approved open-source CTI reporting into code, we will walk through process injection, persistence, hands-on-keyboard discovery, and lateral movement for the emulation. Finally, it is time to launch the attack and see how our defenders respond, discern where to search for clues, and help them uncover our plot.To coincide with this presentation, our code, research, and emulation plans will be publicly released. We hope this empowers the community to use our "become the villain" methodology to improve defenses. Helping defenders discern where to look for our footprints is how we justify our villainous acts.Subscribe to our podcast, share it with your network, and join us in pondering the questions this conversation raises. Be part of the ongoing dialogue around this pressing issue, and we invite you to stay tuned for further discussions in the future.Stay tuned for all of our Black Hat USA 2023 coverage: https://www.itspmagazine.com/bhusa____________________________ResourcesBecoming a Dark Knight: Adversary Emulation Demonstration for ATT&CK Evaluations: https://www.blackhat.com/us-23/briefings/schedule/index.html#becoming-a-dark-knight-adversary-emulation-demonstration-for-attck-evaluations-33209Post: https://medium.com/mitre-engenuity/managed-services-evaluations-round-2-2023-attribution-and-speed-and-efficiency-oh-my-59aa207641faPodcast: https://itspmagazine.simplecast.com/episodes/mitre-att-ck-a-conversation-at-the-edge-with-katie-nickels-fred-wilmot-and-ryan-kovarFor more Black Hat USA 2023 Event information, coverage, and podcast and video episodes, visit: https://www.itspmagazine.com/black-hat-usa-2023-cybersecurity-event-coverage-in-las-vegasAre you interested in telling your story in connection with our Black Hat coverage? Book a briefing here:👉 https://itspm.ag/bhusa23tspWant to connect you brand to our Black Hat coverage and also tell your company story? Explore the sponsorship bundle here:👉 https://itspm.ag/bhusa23bndlTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-cybersecurity-podcastAre you interested in sponsoring an ITSPmagazine Channel?👉 https://www.itspmagazine.com/podcast-series-sponsorships

In this Their Story podcast episode, as part of our Black Hat USA conference coverage, host Sean Martin connects with Snehal Antani to discuss proactive security and autonomous pentesting. Snehal shares his expertise on the importance of blue teams proactively verifying their security posture and fixing exploitable vulnerabilities on their own terms and timeline. He emphasizes the need for a bias for action and highlights the value of offense informing defense.The conversation digs into how Horizon3.ai's technology helps blue teams automate specific workflows, such as account resets and incident response processes. Snehal explains how the platform can be used to tune security controls and improve overall effectiveness. He discusses the impact of Horizon3.ai on the cybersecurity skills and expertise of its users, allowing them to focus on more challenging and creative aspects of ethical hacking.Snehal also explores the role of storytelling in cybersecurity, particularly when communicating with executive teams and the board. They discuss the importance of framing cybersecurity issues in the language of business continuity and uptime, making the impact tangible and relatable to board members.The discussion provides practical insights and strategies for improving security posture and effectively communicating its importance to executive stakeholders. Snehal emphasizes the need for organizations to be proactive and take immediate action to remediate vulnerabilities. Also highlighted is the value of understanding the art of attack in order to become better defenders.Overall, this episode offers a thought-provoking conversation on proactive security, autonomous pen testing, and the evolving role of security practitioners. It provides practical insights and strategies for improving security posture and effectively communicating its importance to executive stakeholders.Note: This story contains promotional content. Learn more: https://www.itspmagazine.com/their-infosec-storyGuest: Snehal Antani, Co-Founder & CEO at Horizon3.ai [@Horizon3ai]On LinkedIn | https://www.linkedin.com/in/snehalantani/On Twitter | https://twitter.com/snehalantaniResourcesLearn more about Horizon3.ai and their offering: https://itspm.ag/horizon3ai-bh23For more Black Hat USA 2023 coverage: https://itspmagazine.com/black-hat-usa-2023-cybersecurity-event-coverage-in-las-vegasAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story

In this Brand Story podcast episode, as part of our Black Hat USA conference coverage, host Sean Martin connects with David Ratner to discuss the innovative approach of the Adversary Infrastructure Platform to cybersecurity. The platform focuses on understanding and disrupting communication between attackers and their command and control infrastructure, allowing for quicker detection and response to attacks. It can even identify and shut down masked communication attempts.The conversation emphasizes the platform's ease of deployment and integration into existing security architectures, making it accessible for organizations of all sizes. David discusses HYAS's research on the future of malware, including the use of generative AI and polymorphic malware. This research aims to stay ahead of evolving threats, helping organizations build effective defenses.The conversation covers HYAS's research notes on Black Mamba and EyeSpy, which highlight their commitment to understanding attacks and building the right intelligence into the Adversary Infrastructure Platform to detect future threats.The conversation also explores how the platform provides visibility and observability for CISOs, addressing the concerns of not knowing what is happening in real time within their environments.The Adversary Infrastructure Platform allows CISOs to implement a comprehensive strategy for prevention and business resiliency, giving them confidence in their ability to detect and respond to anomalous activity.One of the key strengths of the platform is its flexibility across different devices and network environments. It can be deployed to guard against various operating systems and even IoT and OT devices sending beacons to command and control systems, ensuring comprehensive protection regardless of the devices or connectivity methods being used.Overall, David provides listeners with insights into the Adversary Infrastructure Platform and its role in enhancing cybersecurity. He highlights the platform's effectiveness in detecting and responding to attacks, its ability to provide real-time visibility, and its flexibility in deployment.Listen in to gain a better understanding of how the platform works, its research-driven approach, and its potential to improve an organization's security posture.Note: This story contains promotional content. Learn more: https://www.itspmagazine.com/their-infosec-storyGuest: David Ratner, CEO at HYAS [@hyasinc]On LinkedIn | https://www.linkedin.com/in/davidhratner/On Twitter | https://twitter.com/davidhratnerResourcesLearn more about HYAS and their offering: https://itspm.ag/hyasl3siEyeSpy Proof of Concept: https://www.hyas.com/blog/eyespy-proof-of-conceptFor more Black Hat USA 2023 coverage: https://itspmagazine.com/black-hat-usa-2023-cybersecurity-event-coverage-in-las-vegasAre you interested in telling your story?https://www.itspmagazine.com/telling-your-story

Guests: Matthew Canham, CEO, Beyond Layer Seven, LLCOn Linkedin | https://www.linkedin.com/in/matthew-c-971855100/Website | https://drmatthewcanham.com/Ben Sawyer, Professor, University of Central Florida [@UCF]On Linkedin | https://www.linkedin.com/in/bendsawyer/On Twitter | https://twitter.com/bendsawyerWebsite | https://www.bendsawyer.com/____________________________Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast and Audio Signals PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________This Episode’s SponsorsIsland.io | https://itspm.ag/island-io-6b5ffd____________________________Episode NotesWelcome to a fascinating new episode where we delve deep into the confluence of cybersecurity, psychology, and philosophy in the realm of artificial intelligence. In anticipation of their insightful presentation at Black Hat Las Vegas 2023, our hosts Marco and Sean had an engaging conversation with Ben and Matthew, shedding light on the astonishingly rapid developments of AI and the accompanying cybersecurity implications.Within the last few months, the GPT-4 and ChatGPT language models have captivated the world. There is a growing perception that the line between AI and sentience is becoming increasingly blurred, nudging us into uncharted territories. However, one must question if this is genuinely the case, or merely what we want or are predisposed to perceive.Ben and Matthew's research outlines the fundamental "cognitive levers" available to manipulate human users, a threat vector that is more nuanced and insidious than we ever imagined.In their upcoming Black Hat talk, they aim to reveal how AI can exploit our cognitive biases and vulnerabilities, reshaping our perceptions and potentially causing harm. From social engineering to perceptual limitations, our digital realities are at a risk we have never seen before.Listen in as Marco and Sean explore a captivating debate around the nature of reality in the context of our interaction with AI. What we think is real, may not be real after all. How does that affect us as we continue to interact with increasingly sophisticated AI? In a world that often feels like a simulation, are we falling prey to AI's exploitation of our human cognitive operating rules?Marco and Sean also introduce us to the masterminds behind this groundbreaking research, Ben Sawyer, with his background in Applied Experimental Psychology and Industrial Engineering, and Matthew Canham, whose work spans cognitive neuroscience and human interface design. Their combined expertise results in a comprehensive exploration of the intersection between humans and machines, particularly in the current digital age where AI's ability to emulate human-like interactions has advanced dramatically.This thought-provoking episode is a must-listen for anyone interested in the philosophical, psychological, and cybersecurity implications of AI's evolution. The hosts challenge you to think about the consequences of human cognition manipulation by AI, encouraging you to contemplate this deep topic beyond the immediate conversation.Don't miss out on this thrilling journey into the unexplored depths of human-AI interaction.Subscribe to our podcast, share it with your network, and join us in pondering the questions this conversation raises. Be part of the ongoing dialogue around this pressing issue, and we invite you to stay tuned for further discussions in the future.Stay tuned for all of our Black Hat USA 2023 coverage: https://www.itspmagazine.com/bhusa____ResourcesMe and My Evil Digital Twin: The Psychology of Human Exploitation by AI Assistants: https://www.blackhat.com/us-23/briefings/schedule/index.html#me-and-my-evil-digital-twin-the-psychology-of-human-exploitation-by-ai-assistants-32661For more Black Hat USA 2023 Event information, coverage, and podcast and video episodes, visit: https://www.itspmagazine.com/black-hat-usa-2023-cybersecurity-event-coverage-in-las-vegasAre you interested in telling your story in connection with our Black Hat coverage? Book a briefing here:👉 https://itspm.ag/bhusa23tspWant to connect you brand to our Black Hat coverage and also tell your company story? Explore the sponsorship bundle here:👉 https://itspm.ag/bhusa23bndlTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-cybersecurity-podcastAre you interested in sponsoring an ITSPmagazine Channel?👉 https://www.itspmagazine.com/podcast-series-sponsorships

Guests: John Swanson, Director, Security Strategy, GitHub [@github]On LinkedIn | https://www.linkedin.com/in/swannysec/On Twitter | https://twitter.com/swannysec____________________________Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast and Audio Signals PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________This Episode’s SponsorsIsland.io | https://itspm.ag/island-io-6b5ffd____________________________Episode NotesIn this Chats on the Road to Black Hat USA, hosts Sean and Marco are joined by John Swanson, the Director of Security Strategy at GitHub. The conversation revolves around the challenges and importance of implementing two-factor authentication (2FA) for developers on the GitHub platform.John shares insights into the role of GitHub in protecting developers and the software ecosystem, emphasizing the need for collaboration and involving various perspectives in the project team. The discussion touches on the guiding principles that rallied the team and the importance of balancing security outcomes with usability. They explore the role of culture in driving effective security practices and creating a safe and healthy environment. John highlights the need to build and maintain a healthy culture around security, ensuring two-way trust between internal employees and customers.The conversation also explores how to measure success through traditional metrics and indicators, as well as the importance of team engagement and positivity. The hosts express their excitement for John's upcoming presentation at the Black Hat conference, where he will discuss 2FA for 100 million developers on the GitHub platform. The conversation provides valuable insights into the challenges and successes of implementing security technologies while considering the human factor, offering a glimpse into the real-world implementation of 2FA and the efforts made by GitHub to improve security without compromising usability.Stay tuned for all of our Black Hat USA 2023 coverage: https://www.itspmagazine.com/bhusa____ResourcesI Was Tasked With Enrolling Millions of Developers in 2FA - Here's What Happened: https://www.blackhat.com/us-23/briefings/schedule/#i-was-tasked-with-enrolling-millions-of-developers-in-fa---heres-what-happened-32925For more Black Hat USA 2023 Event information, coverage, and podcast and video episodes, visit: https://www.itspmagazine.com/black-hat-usa-2023-cybersecurity-event-coverage-in-las-vegasAre you interested in telling your story in connection with our Black Hat coverage? Book a briefing here:👉 https://itspm.ag/bhusa23tspWant to connect you brand to our Black Hat coverage and also tell your company story? Explore the sponsorship bundle here:👉 https://itspm.ag/bhusa23bndlTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-cybersecurity-podcastAre you interested in sponsoring an ITSPmagazine Channel?👉 https://www.itspmagazine.com/podcast-series-sponsorships

Guests: Pedro Adão, Associate Professor, Instituto Superior Técnico, Universidade de Lisboa [@istecnicoOn Linkedin | https://www.linkedin.com/in/pedro-ad%C3%A3o-b5b792/?Marco Squarcina, Senior Scientist, TU Wien [@tu_wien]On Linkedin | https://www.linkedin.com/in/squarcina/?originalSubdomain=atWebsite | https://minimalblue.com/____________________________Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society Podcast and Audio Signals PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________This Episode’s SponsorsIsland.io | https://itspm.ag/island-io-6b5ffd____________________________Episode NotesIn this Chats on the Road to Black Hat USA, hosts Sean and Marco are joined by guests Pedro and Marco to explore the vulnerabilities and challenges of web security. The conversation begins with an explanation of the Double Submit and Synchronized Token patterns used to protect against CSRF (cross site request forgery) attacks. They discuss the limitations of these patterns, particularly when it comes to the integrity of cookies.The guests highlight the potential for attackers to modify cookies and the need for better solutions. The conversation then unpacks the complexities of web security, including the difficulties of maintaining backward compatibility and the challenges of multiple components and parties involved in web development, delivery, and operations. They address the importance of revising the security of subdomains and implementing security mechanisms like HSTS (HTTP strict transport security) with the inclusive domain directive.The conversation also raises philosophical questions about the responsibility of companies and the development community in addressing web security, as well as the role of legislation in this space. The group emphasizes the need for better platforms and frameworks that prioritize security from the start.The conversation concludes with a discussion on the importance of ongoing research, reporting vulnerabilities to developers, and finding solutions to improve the overall security of web applications. Listeners can expect to gain a deeper understanding of web security challenges and the ongoing efforts to address vulnerabilities and improve the security of the internet ahead of Pedro's and Marco's research presentation at Black Hat USA 2023.Stay tuned for all of our Black Hat USA 2023 coverage: https://www.itspmagazine.com/bhusa____ResourcesCookie Crumbles: Unveiling Web Session Integrity Vulnerabilities: https://blackhat.com/us-23/briefings/schedule/#cookie-crumbles-unveiling-web-session-integrity-vulnerabilities-32551For more Black Hat USA 2023 Event information, coverage, and podcast and video episodes, visit: https://www.itspmagazine.com/black-hat-usa-2023-cybersecurity-event-coverage-in-las-vegasAre you interested in telling your story in connection with our Black Hat coverage? Book a briefing here:👉 https://itspm.ag/bhusa23tspWant to connect you brand to our Black Hat coverage and also tell your company story? Explore the sponsorship bundle here:👉 https://itspm.ag/bhusa23bndlTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-cybersecurity-podcastAre you interested in sponsoring an ITSPmagazine Channel?👉 https://www.itspmagazine.com/podcast-series-sponsorships

Guests: Steve Luczynski, Senior Manager / Critical Infrastructure Security, Accenture Federal Services [@Accenture] and Chairman of the Board for the Aerospace Village [@secureaerospace]On LinkedIn | https://www.linkedin.com/in/steveluczynski/On Twitter | https://twitter.com/cyberpilot22Lillian Ash Baker, Product Security Engineer, Boeing and Call for Papers Organizer for the Aerospace Village [@secureaerospace]On LinkedIn | https://www.linkedin.com/in/zap-bang/____________________________Hosts:Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________This Episode’s SponsorsImperva | https://itspm.ag/imperva277117988Pentera | https://itspm.ag/penteri67a___________________________Episode NotesIn this episode of the ITSPmagazine podcast, hosts Sean and Marco are joined by guests Steve Luczynski and Lillian Ash Baker to discuss the Aerospace Village 2023 at DEF CON during Hacker Summer Camp in Las Vegas. The conversation highlights the diverse range of topics covered in the village, including CubeSat resilience, ransomware resilience, and attack chains for low orbit satellites.The guests emphasize the involvement of government agencies like the White House and TSA, as well as industry giants like Boeing and Lockheed. The hosts express their excitement for the hands-on activities at the village, such as capture the flag events, and the opportunity to learn from experts in the field.They also discuss the importance of inspiring and promoting cybersecurity in the aviation and space sector, particularly for students and newcomers. The presence of SpaceX and their partnership with the village is highlighted as well. Listen to get a comprehensive overview of the Aerospace Village, showcasing the intersection of cybersecurity, aviation, and space, and the opportunity for attendees to engage with experts and participate in hands-on activities.The conversation also take a trip down memory lane, looking at the history of the village and its evolution over the years, highlighting the increasing number of submissions and the involvement of government agencies. The guests discuss their respective roles in the village and share their perspectives on the importance of cybersecurity in the aerospace industry. The hosts express their enthusiasm for the presentations and the chance to connect with professionals in the field. They also reflect on the growth and impact of the village, noting the increasing interest and participation from students and researchers. ____________________________Watch this and other videos on ITSPmagazine's YouTube ChannelRedefining CyberSecurity Podcast with Sean Martin, CISSP playlist:📺 https://www.youtube.com/playlist?list=PLnYu0psdcllQZ9kSG7X7grrP_PsH3q3T3ITSPmagazine YouTube Channel:📺 https://www.youtube.com/@itspmagazineBe sure to share and subscribe!____________________________ResourcesAerospace Village (Website): https://www.aerospacevillage.org/defcon-31____________________________To see and hear more Redefining CyberSecurity content on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-cybersecurity-podcastAre you interested in sponsoring an ITSPmagazine Channel?👉 https://www.itspmagazine.com/sponsor-the-itspmagazine-podcast-network

Guest: Johannes Willbold, Doctoral Student, Ruhr University Bochum [@ruhrunibochum]On Linkedin | https://www.linkedin.com/in/jwillbold/On Twitter | https://twitter.com/jwillboldWebsite | https://jwillbold.com/____________________________Sean Martin, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining CyberSecurity Podcast [@RedefiningCyber]On ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/sean-martinMarco Ciappelli, Co-Founder at ITSPmagazine [@ITSPmagazine] and Host of Redefining Society PodcastOn ITSPmagazine | https://www.itspmagazine.com/itspmagazine-podcast-radio-hosts/marco-ciappelli____________________________This Episode’s SponsorsIsland.io | https://itspm.ag/island-io-6b5ffd____________________________Episode NotesIn this Chats on the Road to Black Hat USA, hosts Sean and Marco invite Johannes Willbold to discuss the security of low Earth orbit (LEO) satellites. Johannes shares his research on satellite vulnerabilities and the challenges in securing satellite systems. They discuss security by obscurity and the lack of standardized protocols in satellite technology.Johannes emphasizes the importance of addressing security concerns in space technology and the need for organizations like NASA and the European Space Agency (ESA) to come together to address these challenges. They spend time looking into the difficulties of implementing security measures on satellites and the slow adoption of fixes due to the time-consuming nature of satellite testing and deployment.The trio also touch on the lack of everyday defenses and mitigating controls for satellite security, as well as the challenges of monitoring and responding to threats while satellites are in orbit. Johannes highlights ongoing efforts by organizations like ESA to improve security in space and host workshops to encourage research in this area.The hosts also cover some of the points from Johannes's upcoming talk at Black Hat USA, where he will share more details about his research. Stay tuned for all of our Black Hat USA 2023 coverage: https://www.itspmagazine.com/bhusa____ResourcesHouston, We Have a Problem: Analyzing the Security of Low Earth Orbit Satellites: https://www.blackhat.com/us-23/briefings/schedule/index.html#houston-we-have-a-problem-analyzing-the-security-of-low-earth-orbit-satellites-32468Space Odyssey research paper: https://jwillbold.com/paper/willbold2023spaceodyssey.pdfFor more Black Hat USA 2023 Event information, coverage, and podcast and video episodes, visit: https://www.itspmagazine.com/black-hat-usa-2023-cybersecurity-event-coverage-in-las-vegasAre you interested in telling your story in connection with our Black Hat coverage? Book a briefing here:👉 https://itspm.ag/bhusa23tspWant to connect you brand to our Black Hat coverage and also tell your company story? Explore the sponsorship bundle here:👉 https://itspm.ag/bhusa23bndlTo see and hear more Redefining CyberSecurity content on ITSPmagazine, visit:https://www.itspmagazine.com/redefining-cybersecurity-podcastAre you interested in sponsoring an ITSPmagazine Channel?👉 https://www.itspmagazine.com/podcast-series-sponsorships