Hacker Valley Blue S2 Episode 6 - John Strand
If want to get into computer security, you're going to learn to love it, you're going to have to be successful, because a lot of computer security isn't just about bits and bytes, it's really about effectively communicating what needs to be done to the right people. In this episode wet have the incredible John Strand. Organizations need to become more proactive, and see where those weak spots are to protect themselves from something like ransomware. You need to run a pen test because you can have somebody literally launch those attacks, and identify those weaknesses in those vulnerabilities before the bad people do. What's the gap that we can all learn from? It's passwords. By and large for most users, passphrases are the way to go. And, multi-factor authentication is actually a very sound strategy. If you look at one key tenant of computer security, complexity is the enemy of computer security. And security is constantly trying to catch up and protect against yesterday's attacks. So, the future is more connected, it's more complicated. And the problem is, we still have people that use weak passwords, we still have people that click on links from strangers. And ultimately, when we're looking at that future, you're going to see the exact same problems that we've always had complicated on a much, much, much, much, much larger scale. As things get more and more pushed to the cloud. There'll be no shelter here, the front line is everywhere. World of computer security. Key Takeaways: 0:00 Previously on the show 2:02 John introduction 2:44 Episode begins 2:47 What John is doing today 3:45 John’s core tenets 5:51 How pen testing is “Blue” 6:17 Why understanding fundamentals matters 8:55 Ransomware 10:41 Organizations need to be prepared 11:58 Password gap 13:37 Password philosophy 17:07 Multi-factor authentication 21:40 What to do today 24:24 New problems 26:44 Learn your own network 28:26 Where to find John John Strand on Twitter John Strand on LinkedIn Black Hills Information Security Learn more about Hacker Valley Studio Support Hacker Valley Studio on Patreon Follow Hacker Valley Studio on Twitter Follow Ron Eddings on Twitter Follow Chris Cochran on Twitter Sponsored by Axonius
18 Touko 202129min
Hacker Valley Blue S2 Episode 5 - Jamie Dicken and Aaron Rinehart
In this episode, we brought in two exceptional guests that are no stranger to chaos. In fact, they've identified ways to engineer for chaos. In the studio, we have Aaron Rinehart, CTO, and founder at Verica. We also have Jamie Dicken, former manager of applied security at Cardinal Health and current director at Resilience. These two are also authors of Security Chaos Engineering. If you haven't read that book it's already out, you should check it out. Chaos engineering is the technique of introducing turbulent conditions into a distributed system to try to determine the conditions that cause it to fail before it actually fails. So they simplify it. What we do with chaos engineering is learn about the system without experiencing the pain of an outage or an incident. You learn to trust your gear by testing. The biggest impact really came once we understood how security chaos engineering fits into the bigger security picture. It's not about just being a part of the latest and greatest techniques and having the excitement of doing something that's cutting edge, but security chaos engineering at the end of the day. It's useless unless what you've learned drives change. Key Takeaways: 0:00 Previously on the show 1:40 Aaron Rinehart and Jamie Dixon introduction 2:08 Episode begins 2:59 What Jamie and Aaron are doing today 3:13 What Jamie is doing 4:13 What Aaron is doing 5:00 Discuss chaos engineering 9:26 Importance of chaos engineering 10:16 Myths of chaos engineering 12:55 Chaos engineering customer impacts 17:34 Learning to trust the test and end result 19:03 Reader and customer feedback 22:21 Chaos engineering gone wrong 27:39 Implementing change in cybersecurity 28:11 Building a team of experts 39:08 Getting involved in chaos engineering 41:09 Tools for listeners 43:25 Keeping up with Aaron and Jamie Aaron Rinehart on Twitter aaron@verica.io Jamie Dicken on Twitter Verica on LinkedIn Verica Free Book Learn more about Hacker Valley Studio Support Hacker Valley Studio on Patreon Follow Hacker Valley Studio on Twitter Follow Ron Eddings on Twitter Follow Chris Cochran on Twitter Sponsored by Axonius
18 Touko 202144min
Hacker Valley Blue S2 Episode 4 - Lenny Zeltser
In this episode, we brought back our good friend Lenny Zeltser. Lenny is Chief Information Security Officer at Axonius. He's developed a mindset of looking at security components as building blocks to create a holistic security environment. To this day, even while operating as an executive, he has wisdom that anyone can learn from. Quite often, the less sexy aspects of information security are ignored, when in reality, you need to understand what resources you're supposed to protect, which assets are compromised, and the infrastructure for your organization. People jump right into fighting the big fires, and as you know, there is a reason why there are so many day-to-day urgent activities. To start moving in a positive direction, Lenny shares this advice, “Understand what the major data sources you can tap into rather than thinking ‘let me create this one new way of serving everything I have are.’” The information is there. Think about three sources of information that might get you the biggest bang for the buck! Key Takeaways: 0:00 Previously on the show 1:40 Lenny introduction 2:05 Episode begins 3:10 What Lenny is doing today 5:35 The evolution of Lenny’s career 8:30 Parallels between beginning and now 10:38 Journey and growth of REMnux 13:00 Challenges Lenny has faced 15:21 Collaboration surprises 17:18 Horror stories 20:18 Enforcing policies 23:34 Asset management 26:08 New tech and trends 28:45 Biggest discovery about self 32:38 Advice for others 34:24 Keeping up with Lenny Links: What Lenny Does Lenny on the Web Follow Lenny on Twitter Lenny on LinkedIn Learn more about Hacker Valley Studio Support Hacker Valley Studio on Patreon Follow Hacker Valley Studio on Twitter Follow Ron Eddings on Twitter Follow Chris Cochran on Twitter Sponsored by Axonius
18 Touko 202135min
Hacker Valley Blue S2 Episode 3 - Chani Simms
In this episode of Hacker Valley Blue, we brought in a guest who has been on a journey of transformation of self and technology. Our guest is Chani Simms, managing director of Meta Defence Labs. We talk about what is essential for cybersecurity. If there was a magic box that could solve an issue, what problem would Chani want solved? “People!” They need to be trained, and care, and have buy in. They must be devoted to what they’re doing. They need cultural awareness and support – it isn’t easy and the hardest job. When it comes to leadership, organizations need to use people already in the organization. It is important to know what they’re trying to do. You have to use security as an enabler. Leadership is responsible for communicating objectives and goals. Key Takeaways 0:00 Previously on Hacker Valley Blue 1:36 In this episode 3:10 Background and day job 5:37 Cyber essentials 13:46 Keeping up to date 15:26 Access control 17:07 Security hygiene 19:48 Magic box 21:32 Leadership fundamentals 26:22 Formula 1 analogy 28: 46 Wrap up Links: Chani on LinkedIn Chani on Twitter Email: info@metadefencelabs.com Sponsored by Axonius Hacker Valley Studio Chris Cochran on LinkedIn Ron Eddings on LinkedIn
18 Touko 202129min
Hacker Valley Blue S2 Episode 2 - Marcus Carey
Know thy organization is key! Wise words from the powerful Marcus J. Carey. Don’t be afraid to admit the bad stuff and be honest about the situation. Most of the time people get fired because they are scared to admit the failure. You have to build a tight network of people you trust who will be brutally honest with you. You need those people who are going to tell you the truth. Other people will see your superpowers before you do. Superman didn’t know he was different, but others saw the differences and the strengths he didn’t even realize he had. Always pay attention to how people react to what you do, then you will figure out what you are really good at. We over emphasize what we suck at and ignore what we are good at. Don’t do that. You need to understand how amazing, awesome and beautiful you are. Double down and double down hard. Do not be afraid to show your talents and be confident in your superpower. In security, there is a role for everybody. Key Takeaways: 1:40 In this episode 2:12 Welcome 3:40 Marcus background 4:57 What lead Marcus to cyber 7:09 Self discovery 9:48 Creations and inventions 14:22 Gathering and retaining information 17:53 Auxiliary skill 21:35 Abilities and mission 25:26 Overlooked areas 31:44 Advice to others 35:41 Staying up-to-date with Marcus Links: Marcus on Twitter Marcus' Books on Amazon Marcus on LinkedIn Learn more about Hacker Valley Studio Support Hacker Valley Studio on Patreon Follow Hacker Valley Studio on Twitter Follow Ron Eddings on Twitter Follow Chris Cochran on Twitter Sponsored by Axonius
18 Touko 202136min
Hacker Valley Blue S2 Episode 1
Welcome to Hacker Valley Blue Season 2 “Know Thyself”. Instead of focusing on the enemy – threat intelligence and environment, we are focusing on knowing yourself and security stack. You need to know the business, but also the fundamentals of security landscape. Without the fundamentals, you cannot reach the level of success you desire. Getting laser sharp on computer networks and how computers speak to each other. Without understanding how each of the pieces work together, you cannot make strategic decisions. We have many guests this season that will teach more about the fundamentals. Stop ignoring the fundamentals and find synchronicity among your team. Building this team makes an impact for the business. You will have positive outcomes. Stop sweeping the issues under the rug to make better decisions. Cybersecurity is a lot like playing a game of chess using pieces, policies, and guidelines. Opponents use the same things but don’t play by the rules. You continually must up your game and face the opponent who isn’t playing fairly. Knowing business, team, story and self is so important and that is what is coming up on the rest of the season. Key Takeaways 0:00 Welcome 2:00 Kick-off 3:13 The fundamentals 5:46 How do you get people excited? 7:07 Making an impact on a business 8:43 Where does one begin to know thyself 10:32 Formula 1 analogy 12:32 Leadership 16:00 Superpowers 19:38 Three Rs of memory 24:58 Chaos engineering 27:56 The brother’s trip 30:11 Stepping into unknown 31:15 Play at work 32:00 Season recap Links: Learn more about Hacker Valley Studio Support Hacker Valley Studio on Patreon Follow Hacker Valley Studio on Twitter Follow Ron Eddings on Twitter Follow Chris Cochran on Twitter This entire season is sponsored by Axonius
18 Touko 202133min
Episode 138 - On Being Us in Technology with Kendrick Trotter
Imagine, for a moment, you’re driving for Uber, and one of your riders changes your life forever! That’s the story we are sharing with you. It's all about Kendrick Trotter, the entrepreneur that has had an incredible journey in technology. Kendrick talks to us about that and the relationship between sales and engineering. Ron and Chris are glad to be back with Kendrick Trotter who is helping diversify technology through partnerships with top technology firms. He is excited and humbled to be part of this! Kendrick shares his passion about Us in Technology. Their mission is “We are going to diversify the tech industry with more underrepresented people.” This is a very broad definition intentionally. People associate diversity to black or brown, but really, it is variety. Us in Technology partner with people who have coachability, drive, intelligence, and integrity. He feels they are teaching these mentees to be an entrepreneur, not a worker. Change won’t happen until influential positions are more diverse. To stay in touch with Kendrick or to learn more, visit his website, LinkedIn or Instagram. Thank you Key Takeaways 0:00 Introduction to the show 1:03 Welcome back 2:06 Kendrick joins the show 2:44 Kendrick shares his background 6:17 Catalyst to the trajectory for Kendrick 9:18 Power of Networking 13:35 Complexities of sales and engineering 15:53 Maintaining confidence 18:32 Big lesson learned 21:18 Diversity in the industry 26: 37 Surprises along the way 30:03 When change happens 30:53 Advice to those wanting into tech 32:39 Best ways to stay in touch with Kendrick 33:20 Thank you Links: Us In Technology Website Kendrick's Instagram Kendrick on LinkedIn Support Hacker Valley Studio on Patreon. Follow Hacker Valley Studio on Twitter. Follow hosts Ron Eddings and Chris Cochran on Twitter. Learn more about our sponsor ByteChek.
17 Touko 202133min
Episode 137 - Securing Virtual and Augmented Reality with Tamas Henning
In this episode, we have the powerful Tamas Henning, Director of Security Engineering at Marqeta and also Trust and Safety Advisor for XR Safety Initiative. Tamas got started in technology at a very young age and that is credited to his dad. In the Early 90s his dad built a software company, and he was a super curious kid. By 6th grade, he learned trigonometry just so he could recreate Tetris. Take a listen to this incredible origin story and passion project of securing XR. Key Takeaways 0:00 Intro 1:22 Show starts with Ron & Chris 1:50 Introduction to Tamas Henning 2:25 Tamas shares his background 3:30 Introduction to tech 6:48 Challenges faced 8:20 How Tamas’ dad feels about him 9:50 Brotherly relationships 10:50 Why security? 17:37 Kids and exposure to the internet 21:27 Thoughts about information collection 24:22 XR and what it really means 27:25 Making the internet safer 29:58 Advice to people who want to make an impact 31:01 Best ways to keep up with Tamas Links: Tamas on Twitter Tamas on LinkedIn Support Hacker Valley Studio on Patreon. Follow Hacker Valley Studio on Twitter. Follow hosts Ron Eddings and Chris Cochran on Twitter. Learn more about our sponsor ByteChek.
10 Touko 202131min
