Secure Talk Podcast

The state of networked computing systems today relies heavily on a networking architecture designed and implemented by people like David Hotlzman, our guest on Secure Talk. But what if our current “world wide web” was just the progenitor of an n-dimension “internet stack”? Does Web 3 offer the opportunity to evolve a seemingly monolithic internet?In this episode of SecureTalk, host Justin Beals interviews David Holtzman, the brains behind the global domain name registration system and a former NSA analyst. They delve into the history and evolution of the DNS, discussing how it transformed from a single 'host.txt' file to a robust global system impacting millions of domain names. David shares his thoughts on decentralization, the potential of blockchain technology, and the future of cybersecurity in the wake of quantum computing. They also touch on the implications of AI, the cyclical nature of tech fads, and the importance of innovative yet secure solutions in today's rapidly evolving cyber environment. This episode is a must-listen for cybersecurity experts interested in the complex interplay between technology, governance, and security.

It is election season in the United States and there continues to be a lot of FUD around the security of our elections. We decided to sit down with an expert to discuss election security and how citizens here in the United States should consider this civic event.Join host Justin Beals and guest Mark Listes as they delve into the critical topic of election security. Mark, CEO of Pendulum and former Head of Policy at the U.S. Election Assistance Commission, shares his extensive expertise on managing election security and the intricate relationship between technology and trust in the electoral process. They explore the complexities of pre-vote misinformation, the robustness of various voting systems, and how the integrity of election results is maintained amidst emerging cybersecurity threats. Mark also highlights Pendulum's new tool, ElectionIQ, which aids businesses in navigating election-related risks. The discussion sheds light on the vital role of trust and participation in sustaining democracy, making it a must-listen for cybersecurity professionals seeking to understand the current landscape of election integrity.

In this episode of Secure Talk, host Justin Beals sits down with Danny Goodwin and Ed Schwarzschild, the authors of the book 'Job / Security: A Composite Portrait of the Expanding American Security Industry'. They delve into the multifaceted world of security work, bridging personal experiences and professional insights. Goodwin, a professor and chair of the Department of Art and Art History, and Schwarzschild, director of creative writing at SUNY Albany both had family members who worked in the security field that required secrecy. The shared formative experiences blossomed into a discussion about families and the impact of jobs on security. Realizing that the security field has been rapidly growing, they used expertise in the humanities to explore security jobs and their impact on individuals, families and our community at large. The podcast covers their methods of capturing authentic experiences through interviews and photography, bringing a human touch to a field often viewed through a critical or technical lens. Danny and Ed recount their past roles in security and detail compelling stories from their book, including experiences of border patrol agents, military security and cybersecurity professionals. The discussion also touches on the companion exhibition for “Jobs / Security”  and their plans for expanding the project globally. This episode is a must-listen for those interested in the intersection of security and humanity.Book: 'Job / Security: A Composite Portrait of the Expanding American Security Industry'. (2024) https://mitpress.mit.edu/9780262048699/jobsecurity/Exhibition: Job Security: Voices and Views from the American Security Industry.  August 12- December 9, 2024 - University at Albany SUNYhttps://www.albany.edu/museum/exhibitions/job-security-voices-and-views-american-security-industry

How do we predict the future? In our respective technology and security fields we are often asked to prognosticate on “what’s next?”. Understanding current trends is certainly helpful but what if you could reach far into the future and describe humanity and our relative progress?In this week's episode of SecureTalk we host an Associate Professor of Digital Media at Brock University, to discuss the intersection of cybersecurity and the humanities. Our guest's recent works include, 'Hacking the Humanities' and 'The Language of Cyberattacks,' delve into how digital culture, app development, and natural language processing intersect with cybersecurity. Listen in as we discuss William Gibson predicting the future of the internet and our examination of the cultural consequences of cybersecurity, emphasizing the need for broader digital literacy, the evolving landscape of internet privacy, and how speculative fiction can inform ethical questions and possible futures. They also touch on real-world incidents like the 'Parlor tricks' hack, demonstrating how programming literacy can empower individuals to navigate and influence the digital ecosystem. The conversation underscores the vital role of humanistic perspectives in understanding and shaping the cybersecurity landscape.

In this episode of Secure Talk, Justin Beals, founder and CEO of Strike Graph, hosts Bruce Schneier, a renowned security technologist, author, and lecturer at the Harvard Kennedy School. Schneier discusses his book 'A Hacker's Mind,' sharing insights into the psychology of security, societal impacts of cybersecurity, and how businesses can better align security practices with human psychology. He emphasizes the economic incentives behind security design, the concept of decoupling for enhanced security, and addresses the role of public awareness and policy in cybersecurity. Schneier also touches on the pervasive nature of hacking, the importance of building resilient systems, and the integration of computers into every aspect of our lives, highlighting the increasing importance of security by design.

Have you ever wondered how secure your browser extensions really are? On our latest Secure Talk episode join us for a discussion with Sheryl Hsu, a researcher from Stanford Empirical Security Research Group. We discuss their recent paper “What is in the Chrome Web Store? Investigating Security-Noteworthy Browser Extensions.” Sheryl and the team at the Stanford Empirical Security Research Group show that Security-Noteworthy Extensions (SNE) are a significant issue as they have a pervasive presence in the Chrome Web Store for years and affect almost 350 million users. In this great discussion we talk about the threat capabilities of nefarious code executed by plugins in the Chrome Browser. We also talk about the perverse incentives at Alphabet in managing the Chrome Web Store. They need to make plugins that have powerful capabilities, easy to deliver and sticky. But this creates the opportunity for powerful cybercrime tools, easily installed that are rarely inspected. Fundamentally we ask 'who is responsible for security in the “app” economy'? Research: https://arxiv.org/abs/2406.12710

In this episode of SecureTalk, host Justin Beals, CEO of StrikeGraph, discusses the complexities of HIPAA, data privacy, and healthcare security with expert Ileana Peters, a shareholder at Polsinelli. Once a leader in regulatory enforcement for US Health and Human Services she talks with Justin on how to manage compliance. Peters shares insights from her extensive experience at the Department of Health and Human Services, and addresses the nature of HIPAA regulations, the importance of risk analysis and workforce training, as well as the intricacies of regulatory compliance. The conversation dives deep into the intersection of innovation, healthcare privacy, and security, offering valuable advice for businesses and stakeholders in the rapidly evolving landscape of cybersecurity and healthcare regulations.

In December 2023 the U.S. Department of Health and Human Services reported that the medical data of more than 88 million people was exposed in the first ten months of 2023. A 2018 Trustwave Global Security Reported that a single healthcare record would receive an average of $250.15 when sold, 50 times more valuable than a stolen credit card. 92% of stolen patient records were criminally acquired. This is a 9x increase over the past five years affecting over 145 million people. Patient Healthcare Information is the most sensitive, valuable and prolific security challenge of the present day. Thankfully, we have this information due to the oft-maligned HIPAA law. Truly innovative for its time and often updated due to its popularity, it is a great accomplishment in privacy law. However, like most laws, its implementation for a business can be fraught. Consulting on HIPAA has become its own industry with an army of consultants and legal experts. In this episode of Strike Graph we are going to delve into the 2nd edition of “The Practical Guide to HIPAA Privacy and Security Compliance.” with the authors Rebecca Harold and Kevin Beaver. The discussion highlights the importance of a comprehensive approach to HIPAA compliance, common myths, and challenges facing healthcare organizations today. The episode also addresses the growing threat of cybercrime, the evolving landscape of data security, and practical steps organizations can take to safeguard patient information. A must-listen for professionals navigating the complex world of healthcare data security.

It seems a new security crisis is emerging at a weekly pace. The emergence of critical security breaches, data exposures and digital infrastructure failures has vastly accelerated in the last 5 years. What happens when your job is to operate in a crisis? Join us for the next episode of Secure Talk where we sit down with Vice Admiral Mike LeFevre (ret.) the CEO of Concentric Security and Roderic Jones ex-Scotland Yard and Executive Chairman of Concentric as they share their deep experience in crisis management. Their valuable insights were gleaned as Mike LeFevre commander, Office of the Defense Representative to Pakistan during the killing of Osama Bin Laden and as Roderick Jones served for Scotland Yard’s Special Branch focused on international terrorism. Their insights delve into four key phases of crisis management—911 moments, second and third-order effects, steady state, and the road to normalcy—while underscoring the importance of leadership, preparation, and external relationships. They also highlight the critical need for cyber risk management in today's evolving threat landscape. This episode also covers their book, 'End Game First: A Leadership Strategy for Navigating a Crisis,' which serves as a guide for cybersecurity leaders.

What software do radical techno-libertarians, the CIA, Privacy Advocates, the US State Department and Cyber Criminals use every day? The TOR Browser. In this compelling episode of SecureTalk, Justin Beals, the Founder and CEO of Strike Graph, discusses the book ‘Tor: From the Dark Web to the Future of Privacy’ with its author, Ben Collier, a Lecturer in Digital Methods at the University of Edinburgh. This episode traces the early anonymity problems that the US military and libertarian-minded computer scientists were attempting to solve. How they created a partnership and worked together to invent a solution that could provide global privacy at the dawn of the information age. Ben provides powerful insights into the motivations behind its invention and the future of our connected world.