Every trail ride ends at the, well, end of the trail. This is the end of the trail for The Cyber Ranch Podcast. Drew and Allan offer final parting thoughts and conduct brief interviews with 3 folks whose presence was vital to the show:  Chris Cochran, Ron Eddings, and Rich Salim. It's been an amazing journey and we thank ALL of you who ever listened to even just one snippet of one episode. Y'all stay good now!

Howdy, y’all, and welcome to The Cyber Ranch Podcast.  Today we tackle WHY?  Why do we have this show?  Why do we ask the questions we ask and host the guests we host?  Why does any of this matter? More importantly, WHY do we all keep doing the same things over and over, saying the same things over and over, and expecting better results? WHAT  can we change? Join Allan Alford, many times CISO, and cybersecurity podcaster of many years now.  Joining Allan is Drew Simonis, who has been co-hosting the show now for 21 episodes, and a guest a few times before that. This show is a chance to understand the premise of the show better, to understand Drew better, and to find out why we're all here.  Drew's bonafides: CISO @ Juniper Networks Former CISO and Deputy CISO @ HPE CISO @ Willis And various other roles including an industry role at Symantec Drew joined as co-host because he’s a deep thinker, and because he applies that deep thinking to challenging the status quo.   Allan's WHY? Is very simple.  We’ve not grown or progressed as an industry in years now.  Which means we are clearly doing something wrong.  Mostly, IMHO, resting on our laurels, making the same assumptions, trying the same techniques, and not questioning any of it. Drew offers a more nuanced take on the idea of "speaking the language of the business".  It's a great show.  Y'all be good now!

We have all had a vague sense that our world is being manipulated, informed and fed by various conscious manipulation tactics - influence on political campaigns on social media, culture wars, class wars, etc.  But we can glean out the facts and figure out who is telling what story if we embrace a new discipline - Narrative Intelligence. Our guest this week is Joe Stradinger, Founder and CEO of EdgeTheory, who are out to understand and leverage the conversations that shape our world.  Specifically, social media campaigns and presences.  Think threat intelligence but at a global/sociopolitical level.  Joe has been an investor, he has worked in DC, and he has a lot of academic ties as well.  His knowledge in this space is immense, and we are tickled pink to have him here at the ‘Ranch. We ask Joe: What are the goals of a robust threat intelligence program? What is narrative intelligence and why does it matter? Compare and contrast this to traditional threat intelligence? How do adversaries influence the narratives?  Is this the realm of bots and deepfakes? Does narrative intelligence replace, complement, or improve on traditional approaches? How can narrative intelligence enable you to get in front of problems? It's an excellent conversation, well worth a listen. Y'all be good now!

Howdy, y’all, and welcome to The Cyber Ranch Podcast!  That’s Jon Green, an experienced CISO but also an experienced CTO.  Jon is currently the CSO and CTO at HPE’s Aruba.  He’s also a DefCon goon and a Team8 Villager.  He’s done the marketing engineer side, the network engineer side…  Quite a storied past.  We are thrilled to be talking with him about the differences between CSO/CISO and CTO.  Jon, thank you so much for joining us at the ‘Ranch! Tell us about your early career, did you start in security or as a technologist? What are the key priorities for someone with a CTO title?  As someone who has held both CTO and CSO titles, how does the pressure to deliver revenue impacting products differ from the pressure cyber leaders face? What does it feel like to be on the receiving end of security requirements which are often developed in the abstract or for the general case? When you are assessing future trends and technology shifts, what are the different lenses you use to make the security evaluation vs the more functional and integration-oriented evaluation? What is something you have learned which surprised you?  What do you wish other CSOs understood better?  What is a piece of advice… You’ve been involved in Defcon and other cyber events for many years, what changes have you seen during that time? Y'all be good now!

Howdy, y’all, and welcome to The Cyber Ranch Podcast!  Our guest is Thomas Krane, Managing Director at Insight Partners.  If you go to Thomas’ LinkedIn page, you will also see that he works with a number of cybersecurity scaleups (we'll define that term).  As such, Thomas is uniquely qualified to speak to some trends in the industry.  Drew asked Thomas to join us here at the ‘Ranch to discuss quite a few facets of the industry.  Thomas, thank you for coming on down to the ‘Ranch! We see consolidation and platform creation, but also continued development and evolution of point products. Are we better to view cyber as a single market or is this a combination of several related but distinct markets? It looks like money is flowing into startups again, is that so? If so, what factors are driving the renewed interest in cyber products? And what is the difference between a startup and a scaleup Is VC money leading the development of new solutions or is it in a phase of fast following? Aside from AI, what types of solutions are heating up and where is it seeing more stable maturity? Any areas that have fallen off the map? Speaking of AI, are you seeing predominately new solutions or reframing of existing solutions to fit the new challenges that AI poses? Two ends of a spectrum, security using AI and securing AI. Which is most interesting? Which is more likely to produce a big breakthrough? Which is a more solvable problem? Y'all be good now!

This week Allan attended the HIP Global conference in New Orleans, which happens to be Allan's favorite city in America. The conference was outstanding - no sales pitches, no nonsense, just many experts speaking on the topic of securing identity.  Entra ID, Okta, AD folks all were present, and it was amazing. Allan got to interview some AMAZING guests from all walks of identity life, including one gentleman whose pedigree includes a rather critical national role right out the White House... Listen in as Allan asks the following questions (one of which Drew answers too!) Why does identity matter? How do we protect the intersection of identity and data? How do you protect uptime (availability) of identity? What should be the single source of truth in identity? Who should own identity?  CISO?  CIO?  CTO? What is the role of cybersecurity in identity? What is the best directory services of all time? How do you manage identity sprawl? Y'all be good now!

In this episode Allan and Drew consult Tim Rohrbaugh, who has done quite a lot of research and work on the practical applications, deployment, use cases and limits of GenAI and LLM. Flavors and incarnations of AI - GenAI, Expert Systems, ML... Biomimicry and Allan's weird sea cucumber references Practical LLM deployment - Tim's maxims Offline or online?  Open or proprietary models? Precision, accuracy, asking the right questions in the first place Your smartest employee as your limiting factor Probabilistic vs. deterministic outcomes Hallucinations - not necessarily a negative term How long before we get the person out of the loop? The actual skills required to be a "GenAI engineer" Getting started at home - hardware and models Fabric AI and patterns It's a great show and you will most definitely learn a lot!  Thank you Tim, thank you, listeners!  Y'all be good now!

Howdy, y'all!  With American presidential elections already under way, Allan and Drew decided that scrambling to get Kirsten Davies on the show for this week's show (the last one before formal Election Day) was paramount.  Kirsten has been on our potential guest list for years now, as she is a multiple-times Fortune 500 CISO. But now Kirsten is CEO and Founder of The Institute for Cyber Civics, a non-partisan non-profit aimed at empowering poll workers and poll volunteers to recognize and deal with cyber attacks on the voting process. Hear about Kirsten's charter, mission, vision, goals and capabilities in this SPECIAL EDITION! episode! Y'all be good now!

Our guest today is Babbette Jackson, aka Technically__Rose of YouTube and Instagram fame! Babbette is in DLP and Insider threat analysis.  She has worked in places as far flung as Edward Jones, Juniper Networks, and Bank of America.  More importantly, Babbette is quite involved in the intersection of social media and community engagement. How do we use social media to engage others across generations and to and encourage community participation? Allan, Drew and Babbette discuss: We’ve been talking to others about how they arrived in and either struggled or flourished in Cyber.  What is your story? What inspired you to embrace social media as you have?  What kind of results are you seeing from this engagement? We’ve seen your content on LinkedIn and on Instagram, it’s very creative but also very relatable.  How do you decide what topics to cover, how to frame them for the right audience, come up with the structure of your messages, etc.?  How many times do you re-do them? You’ve mentioned social capital.  Tell us about that concept, how you build it, how and when you use it, etc.   What is something established leadership in the field should understand about dealing cross generationally that we often get wrong? It is a wonderful show, and Babbette is a wonderful guest who is willing to share the insights behind her success.  Y'all be good now!

Who and what you are, your personality, your style, your thoughts...  That’s all about to change.  For one thing you are already a product on “free to use” social media.  You don’t really own things you think you own (We're looking at you, Steam!)  Even your intellectual property is up for grabs now in ways you can’t see coming.  Hollywood actors are selling the rights to their digital likenesses, and meanwhile, others are stealing such rights via technological loopholes.  All media exists, according to Drew, to draw you towards the advertisements…  And your deepfake could be used to do just that to others.  Some of these fakes are good enough to fool yourself even. Join Allan and Drew as they interview Sam Rad, a premier futurist and humanist, who freely admits that there is now an inherent tension between those two philosophies. The conversations about the governance, ethics, and security of all this new media and technology are woefully behind the curve. Many members of the TikTok generation has a 4-second attention span and require multiple simultaneous input streams at any given time to feel satisfied.  Is this a deliberate attack on the Western human nervous system?  Cyberattacks are certainly killing people already, why not go straight for their brains? Are the peasants coming with pitchforks and torches to destroy Frankenstein’s newest monster?  How about the striking dockworkers?  The terrorists destroying 5G towers?  Do peasants with pitchforks ever win?  Ned (mistakenly called “Jason” by Allan)  Ludd and the Luddites failed in a big way to stop technology from replacing their jobs in the late 1700s (mistakenly referred to as the having happened in the Victorian era by Allan) This show is peppered with others such historical and cultural references such as the cultures and economies in Second Life, Picasso’s mass production of his own paintings, Rousseau’s evolving concepts of property, Mary Shelly and her Frankenstein’s monster, Hegel’s model of “thesis, antithesis, synthesis”, the Butlerian Jihad from the “Dune” series, and William Gibson’s maxim that, “The street finds its uses for things”. We’re not even coping with all of this, and now we have the AI conversation thrust upon us as well…  Your content is training data, and can be mimicked with uncanny accuracy as well. Check out Sam’s book, “Radical Next” and her docuseries “Illicit Economies of the Shadowverse” to learn more about the positives and negatives of all of these trends in humanity. Good luck out there.  Stay safe.  Who you are and what you own is irretrievably altered at this point.  Cybersecurity is really just “security” now.  But hopefully all this mess will create the next cultural and creative Renaissance. Y'all be safe now...