Principal Security Researcher at Recorded Future’s Insikt Group, Juan Andrés Guerrero-Saade (juanandres_gs), explains the nuances of good threat intelligence, sheds light on nation-state hacker activity and warns that adversaries don’t have to be “sophisticated” to launch successful attacks.   https://securityconversations.com/wp-content/uploads/2018/05/juan_andres_guerrero_saade.mp3

The founder and CEO of Dragos, Inc. Robert M. Lee (RobertMLee) cuts through the hype around threats to critical infrastructure and offers a matter-of-fact take on active defense, “hacking-back,” and nation-state espionage operations.   https://securityconversations.com/wp-content/uploads/2018/05/ep28-robert-m-lee.mp3

VP of Product at RiskIQ Brandon Dixon (@9bplus) delves into nation-state cyber operations, explains why it’s dangerous to underestimate North Korea’s capabilities, and his passion for roasting the perfect coffee bean. https://securityconversations.com/wp-content/uploads/2018/05/ep27-brandon-dixon.mp3Links:Split Key CoffeeSplit Key Coffee on MediumTainted Leaks: Disinformation and Phishing With a Russian Nexus - The Citizen Lab — This report describes an extensive Russia-linked phishing and disinformation campaign. It provides evidence of how documents stolen from a prominent journalist and critic of Russia was tampered with and then “leaked” to achieve specific propaganda aims.

Slack security architect Ryan Huber talks about the gargantuan task of defending an organization with 8 million daily active users, burnout, and fatigue in security teams and a range of issues around bug bounties and penetration testing.Links:Video of Rob Joyce's 2016 Enigma talkRyan Huber on Twitter

Chief Technology Officer at Quarkslab Ivan Arce (@4dgifts) tells stories about the birth of penetration testing platforms, the concentration of hacking talent in Argentina, and his focus on security problems in the Android ecosystem. https://securityconversations.com/wp-content/uploads/2018/05/ivan_arce_01.mp3

Founder and CEO of Fyde (@FydeApp) Sinan Eren discusses the “iOS-ification” of platforms and the security ramifications, the dangers of running AV software, the iOS vs. Android security argument, and his new venture to address mobile phishing attacks. https://securityconversations.com/wp-content/uploads/2018/05/Ep-24-sinan_eren.mp3Links:Security vendors need to stop doing more harm than good

Founder and CTO at Senrio Stephen Ridley (@s7ephen) talks about the abysmal state of IoT security, his recent exploitation of an IP camera, and router to exfiltrate corporate data and his experience as a minority in the security industry. https://securityconversations.com/wp-content/uploads/2018/04/Ep23-stephen-ridley.mp3Links:Introducing - Senrio Discovery

Founder and CEO at MKACyber Mischel Kwon joins the podcast to address the state of the SOC (Security Operations Center) and how businesses should deal with issues around excessive alerts, incident response times, and outdated metrics.Links:MKACyberMischel Kwon on LinkedIn

CISO and VP of Strategy at Digital Shadows Rick Holland discusses his path in the information security industry, advancements in the threat intel space, and his passion for good bar-b-que.Links:Rick Holland on LinkedInDigital Shadows

Latacora Security founder Thomas Ptacek joins the podcast to weigh in on the cybersecurity skills shortage, his approach to recruiting and hiring, and what needs to be done to address diversity in the industry.Links:Latacora -- Security Teams For Startups — Latacora does just one kind of engagement: we join your engineering team virtually and run security, for about a year. Then we help you hire someone full-time to replace us.Thomas H. Ptacek on Twitter