Sharing Cyber Outside of the Security Bubble with Lesley Carhart
Hacker Valley Studio22 Marras 2022

Sharing Cyber Outside of the Security Bubble with Lesley Carhart

Lesley Carhart, Director of Incident Response at Dragos, takes some time off mentoring cybersecurity practitioners, responding to OT incidents, and training in martial arts to hop on the mics this week. Named Hacker of the Year in 2020, Lesley’s impact on the industry stretches far and wide. As an incredible content creator for cybersecurity, Lesley advises listeners on how to find their niche and who to be willing to educate along the way. Be sure to subscribe to Hacker Valley Studio, the premiere cybersecurity podcast for cybersecurity professionals.

Timecoded Guide:

[00:00] Giving back to the community through martial arts & cyber education

[06:13] Being excluded from the cyber industry & turning to content creation instead

[12:33] Comparing incident response in IT vs OT environments

[19:46] Dealing with post-COVID problems with the wrong OT systems online

[26:51] Finding your cyber niche & exploring education options within it

Sponsor Links:

Thank you to our sponsors Axonius and NetSPI for bringing this episode to life!

Life is complex. But it’s not about avoiding challenges or fearing failure. Just ask Simone Biles — the greatest gymnast of all time. Want to learn more about how Simone controls complexity? Watch her video at axonius.com/simone

For more than 2 decades, NetSPI has helped companies discover and remediate critical security issues through its platform-driven, human-delivered security test. NetSPI is much more than a pentesting company, bringing you the most comprehensive suite of offensive security solutions. Visit netspi.com/HVM to learn more.

What inspired you to start creating cybersecurity content?

Lesley’s cybersecurity content has vastly influenced and impacted many cyber practitioners in the industry, including Ron and Chris. Unfortunately, Lesley’s journey into content creation was inspired by the lack of mentorship they received from other professionals when they were starting out. Never wanting anyone to feel the way they did, Lesley created an online world of resources to warmly welcome and educate new practitioners.

“It's not a really glamorous story. When I got into cybersecurity, I wanted to do digital forensics and nobody would help me, nobody would actually take me seriously and give me a shot. Everybody should have a chance to get into cybersecurity if it's something they want to do.”

How has teaching cyber to a general audience been appealing to you?

When not educating new cyber practitioners or tearing it up in the martial arts studio, Lesley likes to reach out to their community and give talks to audiences outside of typical tech and security groups. From churches to universities, Lesley loves meeting people outside of the cyber industry. These individuals always offer them a new perspective and a feeling of accomplishment for showing someone something new.

“It's enjoyable to me to find other people out there who want to learn about an entirely new topic and expose themselves to its problems and how it impacts society and things like that. I appreciate that. Cybersecurity is important and it impacts everything around us all the time.”

In your world, where does incident response start, and where does it stop?

Like many of cyber’s most complicated concepts, the answer to where incident response starts and ends is subjective to certain resources and elements of an organization. Lesley explains that incident response has to be planned and that the planning process has to involve when to declare an incident and when to close the said incident. Without proper planning in advance, an organization is at risk for a crisis that could’ve been responded to quickly turning into an out-of-control attack.

“There's no perfect defense against an incident, everybody's vulnerable. You do your best to mitigate and avoid having a cybersecurity incident, but there's only so much you can do. Eventually, you have to assume that you're gonna have an incident.”

What piece of advice do you have for anyone looking to share more knowledge and make the cyber industry better?

Although everything in cybersecurity can seem daunting, expansive, and interesting to everyone, Lesley’s recommendation to new practitioners is to find a niche in cyber and stick to it for a while. Finding a niche doesn’t have to be permanent, but Lesley believes that niche will help you carve out extensive knowledge worth sharing and creating content around. When you discover that niche, don’t be afraid to reach out to other industry experts along the way.

“Pick an area and then find mentorship in that and try to focus for a couple of years on a particular area. You can always change your mind later on, just like degrees, just like training programs, but it's going to help you a lot to focus for a little while.”

---------------

Links:

Keep up with our guest Lesley Carhart on LinkedIn, Twitter, and their blog

Learn more about Dragos, Inc on LinkedIn and the Dragos website

Connect with Ron Eddings on LinkedIn and Twitter

Connect with Chris Cochran on LinkedIn and Twitter

Purchase Hacker Valley swag at our shop

Continue the conversation by joining our Discord

Check out Hacker Valley Media and Hacker Valley Studio

Jaksot(404)

Leaping Over the ‘BAR’ to Leading Cyber in Africa with Confidence Staveley

Leaping Over the ‘BAR’ to Leading Cyber in Africa with Confidence Staveley

In this episode, Host Ron Eddings gets to know guest Confidence Staveley, founder of Merkel Fence and CyberSafe Foundation. He uncovers Confidence’s inspiring story, not only about how she transforms her community and the people around her through her non-profit, but the grit she needed to overcome the obstacles to get to a career in cyber and build her own company. In addition to learning about the potential of Africa as a booming tech talent hub, you’ll better understand what it takes to foster that growth in the tech industry. Impactful Moments: 00:00 - Welcome 00:44 - Introducing guest, Confidence Staveley 04:03 - Learning About Computers 06:46 - Women in Cyber & Access to Tech Careers 12:30 - Pushing Forward & Inspiring Others 15:05 - Solving the Cyber Problem 19:11 - Time Commitment to Get a Job in Cyber 24:45 - How CyberSafe Works 29:29 - Building a SOC in Africa 32:29 - One Step Better…   Links: Connect with our guest, Confidence Staveley: https://www.linkedin.com/in/confidencestaveley/ Check out the CyberSafe Foundation: https://cybersafefoundation.org/ Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/ Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord

30 Huhti 202435min

How to Hack your Career: Building a vCISO Business with Ayman Elsawah

How to Hack your Career: Building a vCISO Business with Ayman Elsawah

In this episode, Ron Eddings gets a chance to speak with Ayman Elsawah, Founder of Cloud Security Labs, and have him share his experience with becoming a vCISO. Ayman will break down the vast business of security consulting and help you determine the best approach and next steps to catalyze you on your way to owning your time and your own business. Impactful Moments: 00:00 - Welcome 01:14 - Introducing guest, Ayman Elsawah 07:08 - Types of vCISOs 09:55 - How to Become a vCISO 13:40 - Join Our Mastermind! 14:24 - Is vCISO Right for You? 17:22 - Marketing as A vCISO 22:33 - Anticipated vCISO Salary 26:15 - vCISO Time Commitment   Links: Connect with Ayman: https://www.linkedin.com/in/infosecleader/ Twitter & YouTube: @coffeewithayman Check out Ayman’s vCISO Course: coffeewithayman.com/hackervalley —------------------------------------------------------------------------- Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/ Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord

23 Huhti 202431min

Hyperautomation, Open Security Data Architecture, and the Future of SIEM with Neal Humphrey

Hyperautomation, Open Security Data Architecture, and the Future of SIEM with Neal Humphrey

Ron Eddings and Neal Humphrey, Vice President of Market Strategy at Deepwatch, discuss the changes in Security Operations infrastructure, and how these changes in structure, data, and automation are going to impact operations in the near future. Their discussion will revolve around more than just SIEM, alerts, and responses; it will go into market changes, vendor movement, and how the future of SOC is demanding a shift in mindset and strategy beyond "Let a machine handle it..." Impactful Moments: 00:00 - Welcome 01:05 - Introducing guest, Neal Humphrey 03:09 - Looking Back at SecOps 06:11 - Modern SOC Wall 11:49 - Hyperautomation; the Future of SOAR? 15:02 - Hyperautomation & Normalization 17:29 - From our Sponsor, Deepwatch 19:18 - OSDA & Deepwatch 25:32 - Hyperautomaiton or OSDA 1st 30:25 - Can I Show The Value of A Tool? 34:30 - Who is OSDA White Paper for? 36:43 - One Step Better…   Links: Connect with our guest, Neal Humphrey: https://www.linkedin.com/in/neal-humphrey-b909773/ Check out the White paper by Deepwatch: https://www.deepwatch.com/the-security-operations-center-cannot-hold/ Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/ Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord

16 Huhti 202440min

Securing Your SaaS and Cyber Influencer Networking with CRO Bob Horn

Securing Your SaaS and Cyber Influencer Networking with CRO Bob Horn

Ron Eddings sits down with Bob Horn, Chief Revenue Officer at Valence Security. Their conversation centers around the world of SaaS security, examining the current landscape and challenges in managing SaaS risks. Bob also shares experiences from his 25-year career in sales, focusing on the importance of storytelling in sales and innovative approaches of marketing through leveraging cybersecurity influencers. Impactful Moments: 00:00 - Welcome 00:44 - Introducing guest, Bob Horn 03:36 - Sales & Storytelling in Cybersecurity 07:13 - Current State of SaaS 09:28 - From our Sponsor, Valence Security 10:29 - More SaaS, More Problems 13:52 - Great Security Improves Your Team 17:01 - Consequence of Being Attacked 19:10 - Influencer & In-Person Marketing 25:55 - The Future of SaaS 28:01 - One Step Better…   Links: Check out Valence Security: https://www.valencesecurity.com/ Connect with our guest, Bob Horn: https://www.linkedin.com/in/bob-horn-699a70/ Join us LIVE with Shlomi Matachin on Tuesday, April 16th at 12p ET / 9a PT: https://www.linkedin.com/events/7181368974062895106/comments/ Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/ Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord

9 Huhti 202430min

From ‘Hand-to-Hand Combat’ To Management in Cyber with Ofer Gayer

From ‘Hand-to-Hand Combat’ To Management in Cyber with Ofer Gayer

HVS Host Ron Eddings chats it up with guest Ofer Gayer, VP of Product at Hunters. While both of them reminisce about their first love in security research, Ofer clarifies how he diverted his path and reached the VP stage, while also helping to level up his teams. They’ll conclude by discussing how AI is the ‘zeitgeist of our time’ and how you can get better at whatever you’re doing in cyber. Impactful Moments: 00:00 - Welcome 01:10 - Introducing guest, Ofer Gayer 03:12 - ‘Start-up’ in Research 07:55 - Security Research- First Love 10:55 - “A lot of People Want to be Product Managers” 14:46 - “I Had IT Remove My Privileges” 18:20 - Transitioning to Visionary/Zeitgeist 25:30 - Embracing AI Solutions 32:30 - One Step Better…   Links: Connect with our guest, Ofer Gayer: https://www.linkedin.com/in/ofer-gayer/ Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/ Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord

2 Huhti 202435min

How Threat Actors Are Accessing Your SaaS Environments with Jaime Blasco

How Threat Actors Are Accessing Your SaaS Environments with Jaime Blasco

Ron Eddings and Jaime Blasco, Co-Founder and CTO at Nudge Security, discuss how well-known adversaries are taking advantage of enterprises that don’t have visibility into their full SaaS footprint, and therefore can’t secure it. Grab a front-row seat to gain a new perspective on your vulnerabilities through the eyes of an attacker.   Impactful Moments: 00:00 - Welcome 01:10 - Introducing guest, Jaime Blasco 02:30 - Real World Impact of SaaS Vulnerabilities 07:35 - Exploring AI & Security Implications 09:50 - Evolution of Threat Actors & Targeted Companies 15:45 - From our Sponsor, Nudge 17:17 - Attackers, Tokens & Ticketing Systems 22:50 - Lazarus & Malicious SaaS Apps 26:50 - The Attackers are Talking with You… 29:18 - Run it In the Cloud & Make Honey Tokens 34:04 - Future of SaaS & AI in Cybersecurity 39:00 - Increase Visibility, Reduce Risk   Links: Connect with our guest, Jaime Blasco: Check out our friends at Nudge: Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/ Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord

26 Maalis 202445min

The Future of Endpoint Threats and Why Zero Trust is the Only Option with Rob Allen

The Future of Endpoint Threats and Why Zero Trust is the Only Option with Rob Allen

Get ready for a SPECIAL episode! Ron Eddings will take you on an inside look at Threatlocker’s rapidly growing event, Zero Trust World, and will talk with Rob Allen, Chief Product Officer at Threatlocker, to discuss what you can find out from your endpoints (hint: it’s more than remote access tools you didn’t know were running!)   Impactful Moments: 00:00 - Welcome 01:24 - Zero Trust World Sneak Peek! 02:21 - From our Sponsor, Threatlocker 03:50 - Introducing guest, Rob Allen 05:03 - What’s Zero Trust World 10:40 - Technical Executive Leaders 16:24 - Managing from the Top Down 20:33 - More Than Allow Listing 24:38 - Rubber Ducky, You’re the One… 26:59 - Assume Breach 29:30 - Some Interesting Finds 35:55 - Where Most of the Action Happens 26:30 - One Step Better…   Links: Connect with our guest, Rob Allen: https://www.linkedin.com/in/threatlockerrob/  Check out https://www.threatlocker.com/  to learn more! See the Zero Trust World recap portion here on our YouTube Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/ Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord

20 Maalis 202443min

Slugging it Out in the SOC to Find Your Niche in Cyber with Nate Malicoat

Slugging it Out in the SOC to Find Your Niche in Cyber with Nate Malicoat

Ron Eddings sits down in-person with Nate Malicoat, Threat Intel Engineer at ContraForce, for a down-to-earth interview about entering the cybersecurity workforce from the Marines. Impactful Moments: 00:00 - Welcome 01:20 - Introducing guest, Nate Malicoat 03:00 - Marines to Computer Life 05:13 - Importance of Mentoring & Mentors 10:04 - Participating in the Industry 12:42 - Why Aim For the CISO role? 14:40 - Be Persistent, But Not Annoying   Links: Connect with our guest, Nate Malicoat: https://www.linkedin.com/in/nate-malicoat-58760a143/ Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/ Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord

5 Maalis 202416min

Suosittua kategoriassa Koulutus

rss-murhan-anatomia
voi-hyvin-meditaatiot-2
psykopodiaa-podcast
rss-monarch-talk-with-alexandra-alexis
rss-luonnollinen-synnytys-podcast
psykologia
rss-liian-kuuma-peruna
rss-arkea-ja-aurinkoa-podcast-espanjasta
ilona-rauhala
mielipaivakirja
ihminen-tavattavissa-tommy-hellsten-instituutti
rss-finnish-with-eemeli-podcast
rss-niinku-asia-on
adhd-podi
aloita-meditaatio
dear-ladies
eevan-politiikkapodi-totuuksia-suomesta
rss-honest-talk-with-laurrenna
rss-koira-haudattuna
rss-opiskelemaan