The Defender's Advantage Podcast

This week’s episode of The Defender’s Advantage Podcast features Stan Trepetin, Technical Product Manager at Google Cloud, who joined Threat Trends host Luke McNamara to discuss the Threat Horizon’s Report produced by the Google Cybersecurity Action Team. Stan highlights several articles from the latest report in the quarterly series, including a piece on the importance of sharing information on state actor threats and vulnerabilities with the community to better protect your organization. He also details two of his own articles in the report, one on the issues that arise from improper cloud oversight and the other on malicious files and URLs slipping by IT governance controls. Read the latest Threat Horizons Report from the Google Cybersecurity Action Team: https://mndt.info/3Wjb4K6Don’t forget to rate, review and subscribe to The Defender’s Advantage Podcast where you listen to podcasts. 

On this week’s episode of The Defender’s Advantage Podcast, Skills Gap series host Chris Campbell is joined by Mandiant’s Fernando Tomlinson and Matt Boyle for a discussion on the value of hiring individuals from diverse professional backgrounds and ensuring accessibility to certifications and tools for those interested in transitioning to the cyber security field. Fernando and Matt share their thoughts on what hiring teams in the industry can do to learn more about an applicant’s analytical or soft skills outside of their resume. They also discuss the tools and resources that are available to foster greater diversity in the industry, which prospective candidates may not have immediate knowledge of, such as topical video libraries, SANS Cyber Immersion Academies and industry conferences.  Don’t forget to rate, review and subscribe to The Defender’s Advantage Podcast where you listen to podcasts. 

This week’s episode of The Defender’s Advantage Podcast, Mandiant’s Yihao Lim joins the Threat Trends series to chat with host Luke McNamara about the threat landscape in the Asia-Pacific region. Yihao discusses recent IO campaigns in the region, particularly DragonBridge and HaiEnergy, and how these attacks influence how organizations view disinformation campaigns in APJ. He also discusses the impact of geopolitical drivers, such as Russia’s invasion of Ukraine and tensions between China and Taiwan, impact the cyber security landscape in the region. Additionally, Yihao shares the trends that he sees in the threat landscape and how organizations in the region are approaching security. Don’t forget to rate, review and subscribe to The Defender’s Advantage Podcast where you listen to podcasts. 

The latest episode of The Defender’s Advantage Podcast Frontline Stories series features Uplight CISO Alex Wood joining host Kerry Matre to discuss how his role has evolved over the course of his career, for example, changes in the CISO reporting structure and the role’s shift to encompass a business focus as opposed to being exclusively technical.  He also discusses his own unique journey from majoring in chemistry to climbing the ranks in cyber security and his advice for those who want to break into the industry. Additionally, Kerry and Alex chat about Colorado = Security, a movement Alex co-founded to highlight the cyber security community in Colorado and bring those professionals in the area together through local events and a podcast. Don’t forget to rate, review and subscribe to The Defender’s Advantage Podcast where you listen to podcasts. 

The latest episode of The Defender’s Advantage Podcast features SentinelOne researchers Tom Hegel and Juan Andres Guerrero-Saade who joined host Luke McNamara to discuss some of the latest research they presented at LABScon, September 20-24.  Juan shares details around his team’s findings on Metador, a threat actor that primarily targets telecommunications and internet services providers, as well as universities in the Middle East and Africa. He discusses a few of the group’s unusual characteristics and also their awareness of operations security and deployment of countermeasures to thwart attribution efforts. Tom joins the discussion to give a glimpse of his LABScon presentation on the cyber mercenary group, Void Balaur. He details what they have seen in the group’s activity as well as what aspects he sees the group evolving in the landscape. Read more about the research on Metador: https://mndt.info/3UJ9XTfRead more about the research on Void Balaur: https://mndt.info/3SMsxYRYou can follow Juan at @juanandres_gs and Tom at @TomHegel. Don’t forget to rate, review, and subscribe to The Defender’s Advantage Podcast where you listen to podcasts. mWISE Conference is happening October 18-20. Register today: https://mndt.info/3rh3gdr

The latest episode in The Defender’s Advantage Podcast Threat Trends series features Todd Boppell, COO of the National Association of Manufacturers (NAM), who joined host Luke McNamara to discuss cyber security in the manufacturing landscape. During the conversation Todd shares the top concerns for NAM’s member organizations, how the industry approaches cyber security, and the challenges and opportunities he sees in the space.  Learn more about NAM at https://www.nam.org and follow at @ShopFloorNAM Additional Resources Watch Mandiant’s recent manufacturing focused webinar on-demand now: https://mndt.info/3C1jKN5Learn how Mandiant helps manufacturing organizations monitor, detect and respond to threats: https://mndt.info/3eZwoD0

In this week’s episode of The Defender’s Advantage Podcast, Skills Gap series host Chris Campbell is joined by Dawn Hagen and Kevin Bordlemay for a discussion on diversity, inclusion, and belonging initiatives. The group discusses Mandiant’s internal focus on diversity, including employee resource groups, as well as efforts to build awareness of career paths in cyber security via middle school, high school, and college information sessions. They also discuss ways Mandiant is partnering with external organizations on initiatives to expand diversity in the broader industry, including the Elevate program and Mandiant Gives Back. Dawn and Kevin also dive in to the soft and technical skills applicants may be missing when interviewing for cyber security positions and the internal initiatives at Mandiant to address the skills gap. Don’t forget to rate, review, and subscribe to The Defender’s Advantage Podcast where you listen to podcasts. Additional Resources Learn about the Elevate program: https://mndt.info/3RQoMS6Learn about Mandiant Gives Back: https://mndt.info/3EI7ErX Register for pre-conference training, provided by Mandiant Academy, ahead of mWISE Conference: https://mndt.info/3BIN0Id

This week’s episode of The Defender’s Advantage Podcast features Emiel Haeghebaert and Ashley Zaya who joined Threat Trends series host Luke McNamara to discuss Mandiant’s most recently graduated APT group, APT42.  Mandiant has identified APT42 as an Iranian-sponsored cyber espionage group tasked with conducting information collection and surveillance operations against individuals and organizations of strategic interest to the Iranian government. During the conversation, Emiel and Ashley dig into APT42’s activity and tactics, including spear-phishing and social engineering techniques. They also discuss where the group fits in to the threat landscape and how they see threat actor evolving. Read our blog post detailing our research on APT42: https://mndt.info/3R6Qs4zDon’t forget to rate, review, and subscribe to The Defender’s Advantage Podcast where you listen to podcasts. 

This latest installment of the Frontline Stories series, part of The Defender’s Advantage Podcast, features Nucleus Security Co-Founder and CEO Stephen Carter, who joined our host Kerry Matre for a conversation on CISA KEV. CISA’s Known Exploited Vulnerabilities list prioritizes vulnerabilities the agency has determined to be exploited in the wild and mandates that specified U.S. civilian agencies patch the vulnerabilities by a specified deadline. Stephen and Kerry discuss how vulnerability management has evolved and how this effort from CISA helps U.S. civilian agencies as well as organizations globally. Follow Nucleus Security at https://nucleussec.com and follow at @nucleussec. Don’t forget to rate, review, and subscribe to The Defender’s Advantage Podcast where you listen to podcasts. 

The latest episode of the Skills Gap series, part of The Defender’s Advantage Podcast, features Mandiant Managed Defense team members Robert Parker and David Lindquist, who joined host Chris Campbell to discuss what they look for when hiring for their team. They detail the skills they look for most as they interview candidates and their tips for those looking to enhance their marketability in the industry. Robert and David also share instances in which they might shift their requirements of a potential candidate in favor of hiring someone with less experience and building them up. Don’t forget to rate, review, and subscribe to The Defender’s Advantage Podcast where you listen to podcasts. Additional Resources Read more about how Mandiant is helping to address the cyber security skills gap: https://mndt.info/3QyO9XL