CISO Perspectives (public)

Rick discusses incident response as a best practice for the network defender community, talks briefly about Zoom and how well their communications plan worked earlier this year when the network defender community called their web conferencing app out on several security issues, and how poorly OPM handled their incident response when the Chinese stole the PII of every person that worked in the U.S. government. Finally, he talks about the birth of incident response and the most influential cybersecurity book ever: “The Cuckoo’s Egg.” Learn more about your ad choices. Visit megaphone.fm/adchoices

Four members of the CyberWire’s Hash Table of experts: Don Welch: Interim CIO of Penn State University Helen Patton: CISO for Ohio State University Bob Turner: CISO for the University of Wisconsin at Madison Kevin Ford: CISO for the State of North Dakota discuss SOC Operations in terms of intrusion kills chains, defensive adversary campaigns, insider threats, cyber threat intelligence, zero trust, SOC automation, and SOC analyst skill sets. Learn more about your ad choices. Visit megaphone.fm/adchoices

For the 20th anniversary of 9/11, Rick Howard, the Cyberwire’s CSO, Chief Analyst, and Senior Fellow, recounts his experience from inside the Pentagon running the communications systems for the Army Operations Center. Learn more about your ad choices. Visit megaphone.fm/adchoices

The idea of operations centers has been around as far back as 5,000 B.C. This show covers the history of how we got from general purpose operations centers to the security operations centers today, the limitations of those centers, and what we need to do as a community make them more useful in our infosec program. Learn more about your ad choices. Visit megaphone.fm/adchoices

This is the eighth and final essay in this series that discusses the development of a general purpose cybersecurity strategy for all network defender practitioners - be they from the commercial sector, government enterprise, or academic institutions - using the concept of first principles. Learn more about your ad choices. Visit megaphone.fm/adchoices

This is the seventh show in a planned series that discusses the development of a general purpose cybersecurity strategy for all network defender practitioners - be they from the commercial sector, government enterprise, or academic institutions - using the concept of first principles. First principles Zero trust Intrusion kill chains Resilience DevSecOps Risk assessment We are building a strategy wall, brick by brick, for a cyber security infosec program based on first principles. The foundation of that wall is the ultimate and atomic first principle: Reduce the probability of material impact to my organization due to a cyber event. That’s it. Nothing else matters. This simple statement is the pillar, on which we can build an entire infosec program. This next building block will start the second course of the wall because it directly supports all of the other strategic bricks we have already laid. This brick is called cyber threat intelligence operations. Learn more about your ad choices. Visit megaphone.fm/adchoices

This is the sixth episode in a planned series that discusses the development of a general purpose cybersecurity strategy for all network defender practitioners-- be they from the commercial sector, government enterprise, or academic institutions-- using the concept of first principles. Learn more about your ad choices. Visit megaphone.fm/adchoices

This is the fifth essay in a planned series that discusses the development of a general purpose cybersecurity strategy for all network defender practitioners-- be they from the commercial sector, government enterprise, or academic institutions-- using the concept of first principles. Learn more about your ad choices. Visit megaphone.fm/adchoices

This is the fourth show in a planned series that discusses the development of a general purpose cybersecurity strategy for all network defender practitioners - be they from the commercial sector, government enterprise, or academic institutions - using the concept of first principles. The first show explained what first principles are in general and what the very first principle should be for any infosec program. The second show discussed zero trust. The third show covered intrusion kill chains. This show will cover resilience. Learn more about your ad choices. Visit megaphone.fm/adchoices

This is part three in a series that Rick Howard, CyberWire’s Chief Analyst, is doing about building an infosec program from the ground up using a set of first principles. This episode, he talks about why intrusion kill chains are the perfect companion strategy to the passive zero trust strategy he talked about last week. The key takeaway here is that we should be trying to defeat the humans behind the campaigns collectively, not simply the tools they use independently with no context about what they are trying to accomplish. Learn more about your ad choices. Visit megaphone.fm/adchoices