Episodes

  • Airgaps over AI? Cyberdefense pro's tips and predictions
    Nov 7 2024

    Robert Slaughter is CEO of Defense Unicorns, a defense tech startup specializing in Airgap software delivery in highly secure and sensitive environments in the military and federal government. Previously, he was director of the U.S. Department of Defense's Platform One DevSecOps project and co-founder at Space CAMP, a predecessor of Platform One for the US Space Force. Prior to starting Defense Unicorns, he served 12 years in the US Air Force.

    If companies think threats to the security of critical national infrastructure don't involve them, Slaughter says, they should think again. And he suggests they might adopt some of the techniques familiar to military and government cyberdefense pros, from proactive threat hunting to air gaps.

    Show more Show less
    23 mins
  • SecOps "where bits and bytes meet flesh and blood"
    Oct 31 2024

    Joshua Corman is executive in residence for public safety & resilience at The Institute for Security and Technology (IST), a non-profit think tank based in the San Francisco Bay Area. He is also co-leader of a Cybersecurity and Infrastructure Security Agency (CISA) community working group for SBOM on-ramps & adoption. Previously, he was vice president of cybersecurity strategy for Claroty, an IoT security company; chief strategist on the CISA COVID task force; director of the Atlantic Council's Cyber Statecraft Initiative; and CTO at security software vendor Sonatype.

    In August, Corman delivered a presentation at CISA's SBOM-a-Rama event warning that time is running out to more effectively protect critical infrastructure systems such as the water and power supply that rely on potentially vulnerable software to operate. Corman emphasized the urgent need to more effectively identify vulnerabilities and defend against attacks such as China's Volt Typhoon nation-state threat group. An initiative Corman is leading at IST under the working title UnDisruptable27 now looks to address these threats.

    "We live in glass houses," he said in this episode's interview. "And people are about to start throwing rocks."

    Show more Show less
    25 mins
  • Lessons from a "graybeard" in assessing cloud risk
    Oct 24 2024

    Chris Steffen is vice president of research for information security at analyst firm Enterprise Management Associates. He previously held a variety of IT leadership roles at companies including Hewlett Packard Enterprise, and DXC Technology. He is a regular speaker at industry conferences, the host of the Cybersecurity Awesomeness podcast and a frequent guest on other IT security podcasts.

    The day of the CrowdStrike outage, Steffen posted on LinkedIn, "Not trying to kick anyone while they are down, but those that equate resiliency with public cloud computing really need to re-evaluate those beliefs, especially for mission critical workloads. The outages being reported today were some of the exact same issues that we have seen before, but - as an industry - don't seem to learn from."

    In this episode, Steffen discusses the lessons on data center resilience he says have been lost in the cloud era and why IT orgs must re-evaluate their cloud risk.

    Show more Show less
    23 mins
  • Data, observability and the future of DevSecOps
    Oct 17 2024

    Esteban Gutierrez is chief information security officer and vice president of information security at observability vendor New Relic. Previously, he was an enterprise information security strategist at Intel, and he managed the network operations and security center for the US Army Corps of Engineers.

    He shares takeaways from New Relic's recent State of Observability survey, lessons learned from his career in cybersecurity about bridging the SecOps / IT Ops gap and why he believes data is crucial to the future of both DevSecOps and AI.

    Show more Show less
    18 mins
  • From Sony breach to CrowdStrike, IT Ops-SecOps rift deepened
    Oct 10 2024

    Rich Lane is currently IT director at the City of Medford, Massachusetts, and has had a varied career in IT infrastructure and operations. He served as VP of digital operations strategy for data security software vendor Netenrich from 2021 to 2022, and as a Forrester Research analyst from 2018 to 2021. Before that, Lane worked as a professional services consultant for observability vendor Splunk, and as IT infrastructure and operations manager at Bain Capital.

    From Lane's perspective, the CrowdStrike outage reflected an organizational disconnect at many companies between the IT security teams that choose tools and the infrastructure operations teams that must support those tools in production. In Lane's experience, this rift began to grow after the high-profile Sony Pictures data breach ten years ago as enterprises re-emphasized cybersecurity.

    Now, he says, CrowdStrike should be a sign it's time for the two groups to come together again and come up with more resilient ways to operate security tools, demand better communication from vendors during incidents, and to better account for the human factor in cyberattacks.

    Show more Show less
    16 mins
  • What SecOps pros can learn from Microsoft security overhaul
    Oct 3 2024

    Melinda Marks is cybersecurity practice director for TechTarget's Enterprise Strategy Group analyst firm. Previously, she held a variety of roles in the IT and cybersecurity industry, including marketing and PR leadership positions at vendors such as VMware, Qualys, Tenable Network Security. Just before joining ESG in 2021, she was chief strategy officer and CMO at Soluble, makers of a CI/CD security and compliance automation tool for infrastructure as code.

    In this episode, Marks discusses how Microsoft's first Secure Future Initiative report can serve as a blueprint for other enterprise SecOps pros; the evolution of cloud security tools; the future of cybersecurity regulations; and how SecOps practices must also evolve in an age of increased regulatory scrutiny to become more efficient and collaborative while maintaining visibility and control.

    Show more Show less
    22 mins
  • Cloud security, AI giveth and taketh away
    Sep 26 2024

    Kyler Middleton is senior principal software engineer at healthcare tech company Veradigm. She is also founder, owner, and CEO at 14ers Consulting, an IT services and engineering firm, as well as the co-host of her own podcast, Day Two DevOps and the founder of an IT training website, LetsDoDevOps.com. Her LinkedIn profile says, "I will teach you. It's unavoidable."

    In this episode, Middleton and TechTarget Editorial's Beth Pariseau examine two of the biggest double-edge swords in IT: cloud security and AI. The same cloud platforms that connect the world -- and broaden its attack surface -- also offer free and low-cost tools for IT pros to experiment with multiple layers of security automation and centralize log analytics; the same AI models that make burgeoning log data manageable could make it more difficult for security novices to learn the basics. Middleton shares her outlook on all these issues as well as tips for SecOps newbies.

    Show more Show less
    20 mins
  • How KnowBe4 caught an impostor employee in 25 minutes
    Sep 19 2024

    Brian Jack is chief information security officer and data protection officer at KnowBe4, a security awareness training software vendor based in Clearwater, Florida. The company made headlines in July when it thwarted an attempt by a North Korean nation-state actor to infiltrate its software engineering staff. The company did hire the attacker, who used the stolen identity of a US citizen and deepfake images to get through the vetting process, but detected suspicious activity on his account and contained the threat before the attacker gained access to any company data.

    In this episode, Jack shares the details of the incident, how the company's SOC detected and responded to the threat, advice for other companies on how to mitigate this increasingly common path of attack in the age of remote work and how he defines a good state of SecOps.

    Show more Show less
    23 mins