Debt vs. Risk: What the SharePoint Breach Taught Us with Ron Eddings

In this episode, Host Ron Eddings is joined by guests Anirban Banerjee, CEO and Co-Founder at Riscosity, and James Berthoty, Founder and Analyst at Latio Tech. Together they focus on data security, AI-driven product development, and the challenges of implementing AI solutions responsibly. Anirban discusses the importance of organizational buy-in and well-defined policies, while James underscores the need for visibility and a cautious approach in integrating AI models. Be sure to tune in to the end to hear their unique advice at being more productive. Impactful Moments: 00:00 - Welcome 01:20 - Introducing guests Anirban & James 04:15 - The State of AI through Cyber 08:25 - Is AI a New Technology? 10:31 - AI Lets You Ship A Product 16:44 - Pros/Cons of AI & DLP 23:57 - What SHOULD We Be Talking About? 27:31 - Process First! 30:00 - One Step Better…   Links: Connect with our guests Anirban & James : https://www.linkedin.com/in/james-berthoty/ https://www.linkedin.com/in/anirbanbanerjeephd/ Check out Riscosity: https://www.riscosity.com/ Get a Free Data Governance Audit: https://www.riscosity.com/free-data-governance-audit Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Check out our upcoming events: hackervalley.com/livestreams Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

9 Jul 202433min

In this episode, Host Ron Eddings catches up with one of his colleagues, Whitney Palacios, Vice President and CISO at BigBear.ai. They explore the challenges and responsibilities of being a CISO and Whitney addresses key cybersecurity issues such as the importance of balancing security with innovation, especially in the context of AI. Whitney offers sage insight into Security Operations Centers (SOCs), the need for diversity in tech leadership roles and closes out with helpful advice for rising CISOs.   Impactful Moments: 00:00 - Welcome 01:26 - Introducing guest, Whitney Palacios 04:03 - What Is A CISO? What Do You Do? 06:19 - SOC or No SOC? 08:40 - CISO Role & Risk/Accountability 11:12 - “One of A Few CISOs” 12:00 - Join Our Mastermind! 15:21 - AI: Allowing Innovation 18:27 - AI Use Cases 20:30 - One Step Better…   Links: Connect with our guest, Whitney Palacios : https://www.linkedin.com/in/whitneypalacios/ Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Check out our upcoming events: hackervalley.com/livestreams Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

2 Jul 202422min

In this episode, Host Ron Eddings catches up with longtime friend, Tanya Janca, Head of Education and Community at SemGrep and author of 'Alice and Bob Learn Application Security.' Tanya shares her experiences from working in the Canadian government to joining Microsoft and eventually founding WeHackPurple. Tanya talks about her new role at SemGrep, where she focuses on making application security education accessible, and the importance of building supportive communities in the tech industry. Impactful Moments: 00:00 - Welcome 01:20 - Introducing guest, Tanya Janca 03:09 - “IDK How to Make SemGrep Rules…” 0707 - Finding Shadow IT & Embezzlers 11:27 - Join Our Mastermind 12:09 - Becoming an AppSec Professional 15:22 - Elections CISO 18:00 - Speaking at Conferences 21:15 - Microsoft Calls Me One Day… 23:21 - Parting Ways; But Still Friends 24:30 - “Can You Train Our Devs?” 27:50 - Fairness Is Important 32:27 - Put Yourself Out There!   Links: Connect with our guest, Tanya Janca: https://www.linkedin.com/in/tanya-janca/ Check out SemGrep Academy: https://academy.semgrep.dev/ We Hack Purple Podcast: https://wehackpurple.buzzsprout.com/ Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Check out our upcoming events: hackervalley.com/livestreams Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

26 Jun 202435min

In this episode, Hosts Ron Eddings, and Jen Langdon share takeaways from Ron's RSA conversation with Colin Constable, Co-Founder and CTO at Atsign On this show, they’ll break down Networking 2.0 and how it can serve as the next evolution for data ownership and access control. Colin and his team at Atsign have built the atProtocol®, a new open-source internet protocol that makes private and secure data sharing simple and intuitive, enabling any person, entity or thing to implement NIST Zero Trust principles into their solution. Impactful Moments: 00:00 - Welcome 02:17 - Introducing, Colin Constable 03:42 - The Problem with the Current Internet 08:02 - The Catalyst Behind atProtocol® 11:12 - Nexus of Networking, Identity & Privacy 14:19 - From our Sponsor, Atsign 15:23 - What’s Networking 2.0? 18:54 - Internet Anonymity & Accountability 24:31 - Unique Solutions using atProtocol®   Links: Connect with Colin Constable: https://www.linkedin.com/in/colinconstable/ Check out Atsign: https://atsign.com/ Read the atProtocol Whitepaper here: https://atsign.com/resources/white-papers/the-atprotocol/   Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Check out our upcoming events: hackervalley.com/livestreams Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

18 Jun 202432min

In this episode, Host Ron Eddings enjoys a reprieve from the hectic RSA conference with guest Paul Valente, CEO of VISO Trust. Paul discusses how he used his extensive experience as a CISO to solve a huge pain point he was experiencing with third party risk management (TPRM) and how it prompted him and a colleague to start their own company to create the solution they had been wishing for. However, nothing could be more exciting than the ways AI has expanded the potential for TPRM to change security outcomes and allow the security sector to drop the ‘department of no’ branding for good. Tune in to hear the whole story!   Impactful Moments: 00:00 - Welcome 01:03 - Introducing guest, Paul Valente 04:49 - Core Pillars of Being a CISO 06:14 - Why Cyber Startup? 7:46 - AI: The Key Turning Point for TPRM 10:40 - Why Do Companies Need TPRM? 15:09 - From our Sponsor, VISO Trust 16:17 - Data & Controlling Risk 22:35 - No Security Questionnaires! 24:14 - One Step Better…   Links: Connect with our guest, Paul Valente: https://www.linkedin.com/in/pauldvalente/ Check out VISO Trust: https://visotrust.com/hackervalley Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Check out our upcoming events: hackervalley.com/livestreams Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

11 Jun 202425min

In this episode, Ron Eddings and Jen Langdon explore the origins of MSSPs and the solutions they offer to the cybersecurity industry with insights from Ricardo Nicolini, CTO at Bulletproof. Ricardo will uncover the potential of MSSPs to alleviate headaches and reduce burnout in cybersecurity by detailing his personal experience with overcoming a ransomware attack in the City of Saint John. Impactful Moments: 00:00 - Welcome 05:15 - Introducing guest, Ricardo Nicolini 07:21 - Find & Prevent: FAST! 11:39 - Who MSSPs Support 13:48 - From our Sponsor, ContraForce 14:48 - City of Saint John & Ransomware 20:02 - Implications of Ransomware 25:16 - SOC Burnout is Real 29:21 - Improving the SOC with the Right Person 35:46 - Is Reducing Cognitive Load Possible?   Links: Connect with our guest Ricardo Nicolini : https://www.linkedin.com/in/rnicolini/ Check out ContraForce: https://www.contraforce.com/ Learn more about how Bulletproof helped the City of Saint John: https://content.bulletproofsi.com/read-cosj-case-study Check out our upcoming events: hackervalley.com/livestreams Continue the conversation by joining our Discord: https://hackervalley.com/discord Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

4 Jun 202440min

In this episode, Host Ron Eddings teams up with Ivan Fonseca and Nick Cottrell, Cybersecurity Engineers at ThreatLocker, as they break down the anatomy of previous breaches and the attacker’s playbook using MITRE ATT&CK. Ivan and Nick will take you through the defender’s perspective and will also share tools that are commonly used to defend breaches and discuss how Zero Trust can be implemented to better defend organizations.   Impactful Moments: 00:00 - Welcome 01:35 - Introducing guests, Ivan Fonseca and Nick Cottrell 04:39 - 3CX Breach & Supply Chain Attacks 08:10 - Ring Fencing Defense 11:16 - Living Off the Hacker Valley Land 13:06 - From our Sponsor, ThreatLocker 13:56 - Hacker Mindset in the Op 18:45 - Zero Trust, Default Deny 24:23 - Common Attack Vectors 30:09 - 7 Zip is a Russian Application? 32:49 - Learning How to Defend Better   Links: Connect with our guests, Ivan Fonseca and Nick Cottrell : https://www.linkedin.com/in/ivan-fonseca-64139222b/ https://www.linkedin.com/in/nicholas-cottrell-083564165/ Learn more about ThreatLocker: https://www.threatlocker.com/ Check out our upcoming events: https://www.hackervalley.com/livestreams Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

28 Mai 202439min

In this episode, Ron Eddings and Jen Langdon talk about the evolution of browsers and how enterprise browsers have entered to change the game for corporations. Special guest Bradon Rogers, Chief Customer Officer at Island, joins to explain how enterprise browsers expand capabilities in asset management, security, and user experience. They also discuss how enterprise browsers can streamline IT infrastructure, offering a glimpse into the future and AI's role in it. Impactful Moments: 00:00 - Welcome 04:25 - Introducing guest, Bradon Rogers 07:23 - Extension vs Browser 14:53 - Security Use Cases 18:12 - From our Sponsor 19:34 - Better User Decisions 24:01 - Tool Reduction 26:24 - IT & Security Should Play Nice 29:41 - Data Protection   Links: Connect with our guest, Bradon Rogers: https://www.linkedin.com/in/bradon/ Check out Island’s website here: https://www.island.io/ Join our creative mastermind and stand out as a cybersecurity professional: https://www.patreon.com/hackervalleystudio Love Hacker Valley Studio? Pick up some swag: https://store.hackervalley.com Continue the conversation by joining our Discord: https://hackervalley.com/discord Check out our upcoming events: hackervalley.com/livestreams Become a sponsor of the show to amplify your brand: https://hackervalley.com/work-with-us/

21 Mai 202434min