Cyber Security Interviews

https://www.linkedin.com/in/stephenrmoore/ (Stephen Moore) is a Vice President and the Chief Security Strategist at https://www.exabeam.com/ (Exabeam) and is also the host of https://www.exabeam.com/podcast/ (The New CISO podcast). Stephen has more than 15 years of experience in information security, intrusion analysis, threat intelligence, security architecture, and web infrastructure design. Before joining Exabeam, Stephen spent more than seven years at Anthem in a variety of cybersecurity practitioner and leadership roles. He played a leading role in the response and remediation of the data breach announced in 2015. Stephen has deep experience working with legal, privacy, and audit staff to improve cybersecurity and demonstrate greater organizational relevance. He has been a Member of the Advisory Board at SecureAuth Corporation since July 2017. In this episode, we discuss adopting SOCs for remote operations, shifting focus to credentials, SOAR, attacker attribution, threat intelligence, pos

https://www.linkedin.com/in/davidkennedy4/ (David Kennedy) is the founder of https://www.binarydefense.com/ (Binary Defense) and https://www.trustedsec.com/ (TrustedSec). Both organizations focus on the betterment of the security industry. David also served as a board of director for the ISC2 organization. David was the former CSO for a Diebold Incorporated, where he ran the entire INFOSEC program. David is a co-author of the book "Metasploit: The Penetration Testers Guide," the creator of the https://github.com/trustedsec/social-engineer-toolkit (Social-Engineer Toolkit )(SET), Artillery, Unicorn, PenTesters Framework, and several popular open-source tools.  David was the co-founder of https://en.wikipedia.org/wiki/DerbyCon (DerbyCon); a large-scale conference started in Louisville, Kentucky. Before the private sector, David worked for the United States Marine Corps and deployed to Iraq twice for intelligence-related missions. David is frequently interviewed by news organization

https://www.linkedin.com/in/john-strand-a1b4b62/ (John Strand) is the owner of https://www.blackhillsinfosec.com/blog/ (Black Hills Information Security), a firm specializing in penetration testing, Active Defense, and Hunt Teaming services. He is also the CTO of https://www.activecountermeasures.com/ (Active Countermeasures), a firm dedicated to tracking advanced attackers inside and outside your network. John has consulted and taught hundreds of organizations in the areas of cybersecurity, regulatory compliance, and penetration testing. John is a contributor to the industry shaping http://www.pentest-standard.org/index.php/Main_Page (Penetration Testing Execution Standard) and 20 Critical Controls frameworks. He is also an experienced speaker, having done presentations to the FBI, NASA, the NSA, and at various industry conferences.  John also co-hosts https://securityweekly.com/ (Security Weekly), the world's largest information security podcast; co-authored https://www.amazon.com/Offensive-Counte

https://www.linkedin.com/in/adamphunt/ (Adam Hunt) is the CTO and Chief Data Scientist at https://www.riskiq.com/ (RiskIQ). As Chief Data Scientist, Adam leads the data science, data engineering, and research teams at RiskIQ. Adam pioneers research automating the detection of adversarial attacks across disparate digital channels, including email, web, mobile, social media. Adam also has received patents for identifying new external threats using machine learning. Adam received his Ph.D. in experimental particle physics from Princeton University. As an award-winning member of the CMS collaboration at the https://home.cern/science/accelerators/large-hadron-collider (Large Hadron Collider), he was an integral part of developing the online and offline analysis systems that lead to the discovery of the Higgs Boson. In this episode, we discuss starting in particle physics, data science, communication skills, process automation, managing attack surface areas, and so much more. Where you can find Adam: https://www.li

Nate Fick is the General Manager of https://www.elastic.co/security (Elastic Security )and former CEO of Endgame. He is also an Operating Partner at Bessemer Venture Partners. Before joining Endgame, Nate was CEO of the Center for a New American Security. He led Marine Corps infantry and reconnaissance units in combat in Afghanistan and Iraq. His book about that experience, https://www.amazon.com/One-Bullet-Away-Making-Officer/dp/0618773436/ (One Bullet Away), was a New York Times bestseller, a Washington Post "Best Book of the Year," and one of the Military Times' "Best Military Books of the Decade.” Nate is a graduate of Dartmouth College, the Harvard Kennedy School, and the Harvard Business School. Nate serves as a Trustee of Dartmouth, and on the Military & Veterans Advisory Council of JPMorgan Chase & Co. He is a member of the Young Presidents’ Organization and a life member of the Council on Foreign Relations and Trout Unlimited. In this episode, we discuss leadership, lessons learned in the Mar

https://www.linkedin.com/in/jamil-jaffer-199115/ (Jamil Jaffer) is Senior Vice President for Strategy, Partnerships & Corporate Development at https://ironnet.com/about/news/ (IronNet), a startup technology firm founded by former National Security Agency (NSA) Director Gen. Keith Alexander (ret.). Prior to joining IronNet, Jamil served as the Chief Counsel and Senior Advisor for the Senate Foreign Relations Committee and Senior Counsel to the House Intelligence Committee where he led the committee’s oversight of NSA surveillance and wrote the original version of the Cybersecurity Information Sharing Act (CISA) signed into law in 2015. He also worked in the White House during the Bush Administration as an Associate Counsel to the President and in the Justice Department where he led the National Security Division's work on the President's Comprehensive National Cybersecurity Initiative. Jamil is also an Assistant Professor of Law and Director of the National Security Law & Policy Program at the Antonin

https://www.linkedin.com/in/james-patchett-b99b14161/ (James Patchett) is the President and CEO of the https://edc.nyc/program/cyber-nyc (New York City Economic Development Corporation). James has spent his career building stronger cities through investments in affordable housing, innovation, and 21st-century infrastructure. During his tenure, he has overseen some of the city’s most ambitious projects, including launching a citywide ferry system, developing Mayor de Blasio’s 100,000 jobs plan, and optimizing NYCEDC’s 60 million square feet of real estate. Prior to his appointment as NYCEDC President in 2016, James served as chief of staff to Deputy Mayor for Housing and Economic Development Alicia Glen, where he helped oversee more than 25 city agencies and played a pivotal role in preserving thousands of affordable homes. James holds a BA in Economics from Amherst College and an MBA from Stanford University. In this episode, we discuss NYC building a cyber army, economic development through cyber, business a

https://www.linkedin.com/in/heather-mahalik-3615535/ (Heather Mahalik) is the Senior Director of Digital Intelligence at Cellebrite and a Senior Instructor, author and course lead for FOR585: Smartphone Forensic Analysis In-Depth. To say that digital forensics is central to Heather's life is quite an understatement. Heather has worked on high-stress and high-profile cases, investigating everything from child exploitation to media associated with terrorism. She has helped law enforcement, eDiscovery firms, military, and the federal government extract and manually decode artifacts used in solving investigations around the world. Heather began working in digital forensics in 2002, and has been focused on mobile forensics since 2010 - there's hardly a device or platform she hasn't researched or examined or a commercial tool she hasn't used. She also maintains www.smarterforensics.com. Heather is the co-author of Practical Mobile Forensics (1st -4th editions), currently a best seller from Pack't Publishing. In thi

https://www.linkedin.com/in/mari-degrazia/ (Mari DeGrazia) is a Senior Vice President in the Cyber Risk practice of Kroll, a division of Duff & Phelps. Over the course of a 12-year career in the computer industry, Mari has become a leader within the digital forensics community. Mari joined Kroll from Verizon Enterprises where she served as Case Lead on various network intrusion and data breach investigations. Mari is a strong believer in giving back to the forensic community and has written and released numerous programs/scripts, two of which are used in SANS training. In addition, she has presented her research at several industry conferences, published articles in eForensics Magazine, and was the technical editor for Windows Registry Forensics S.E. In this episode, we discuss starting in IT, balancing work and family, self-training, the importance of the DFIR community, cross-training, using AI for detection, cloud security, giving back to the industry, and so much more. Where you can find Mari: https:/

When my 7-year-old introduced me to his second-grade class, he put it best: "My Mom teaches the good guys how to keep the bad guys out of their computers. She has a blue lightsaber." - Nadean Tanner https://www.linkedin.com/in/nadeanhtanner/ (Nadean Tanner) is the Senior Manager of Technical Education Programs at https://puppet.com/ (Puppet). She is responsible for all things product training from working with internal knowledge sources and the instructional design team to produce modern, engaging knowledge assets to delivering online and onsite classroom sessions.  Nadean is an experienced instructor and speaker with nearly 20 years' experience in information technology and security training delivery and development. At Rapid7, she taught vulnerability management and network and application assault as well as SQL, Ruby, and API. Before Rapid 7, Nadean taught Security Analytics and Advanced Security Operations Center Management for RSA. She taught cybersecurity and information assurance 85

https://www.linkedin.com/in/frankdownsnopublic/ (Frank Downs) is the director of cybersecurity practices at https://cybersecurity.isaca.org/ (ISACA). Frank, a 14-year cybersecurity specialist, graduated with a bachelor’s degree in English from the University of Maryland, after which he promptly joined the US Department of Defense as a subject matter expert, working with computer networks on a daily basis. Realizing that English and cybersecurity were two very different concepts, he proceeded to obtain a master’s degree in cybersecurity from UMBC, after a pit stop at Johns Hopkins to obtain a master’s degree in Government. Eventually, Frank decided to ease the learning process for individuals transitioning from non-technical backgrounds into cybersecurity by becoming a full-time Intelligence and Operations Consultant for multiple federal law enforcement and intelligence agencies. In this episode, we discuss starting in another industry before the DoD, packet capture analysis, doing the work no one else wants t

https://www.linkedin.com/in/lcarhart/ (Lesley Carhart) is a Principal Threat Analyst at the Threat Operations Center at https://dragos.com/team/lesley-carhart/ (Dragos). She is recognized as a subject matter expert in cybersecurity, incident response, and digital forensics, regularly speaking at conferences and universities. She has spent the last 11 years of her 20+ year IT career specializing in information security, with a heavy focus on response to nation-state adversary attacks. Prior to Dragos, she was the incident response team lead at Motorola Solutions, performing digital forensics and incident handling services for both enterprise and public safety customers. In 2017, Lesley was named a https://www.cyberscoop.com/2017-top-women-in-cybersecurity/ (“Top Woman in Cybersecurity”) by Cyberscoop news and received the Guidance Enfuse conference “Women in Technology” award. She holds a Bachelor’s Degree in Network Technologies from DePaul University, A.A.S. in Avionics Systems and Electronics Systems, GIAC

Brian Martin (a.k.a. Jericho) has been poking about the hacker and security scene for over 22 years, building valuable skills such as skepticism and anger management. As a hacker-turned-security whore, Jericho has a great perspective to offer an unsolicited opinion on just about any security topic. A long-time advocate of advancing the field, sometimes by any means necessary, he thinks the idea of ‘forward-thinking’ is quaint; we’re supposed to be thinking that way all the time. No degree, no certifications, just the willingness to say things many in this dismal industry are thinking, but unwilling to say themselves. He remains a champion of security industry integrity and small misunderstood creatures. In this episode, we discuss starting as a phreak and phone systems, BBS hacking forums, sharing knowledge, calling people out, cybersecurity skill shortages, understanding the adversaries mindset, PCI compliance, and so much more. Where you can find Brian: https://linkedin.com/in/attriti

https://www.linkedin.com/in/billfconner/ (Bill Conner) is the President and CEO of https://www.sonicwall.com/ (SonicWall). Bill has lead key divisions of AT&T, took Nortel into the $9 billion acquisition of Bay Networks, worked to secure digital identities with Entrust, and brought secure communications and privacy from the consumer to the enterprise through mobile and cloud with Silent Circle. Bill also created and hosted “Hacked” for SiriusXM’s business radio. He has been recognized with several awards including Marketing Computers “Marketer of the Year,” Tech Titans “Corporate CEO of the Year,” Federal Computer’s “Top 100 Award,” and the “National Youth Science Camp Alumnus of the Year.” In this episode, we discuss starting in encryption, security for the SMB market, advanced malware, threat intel, cloud security, breaking SSL in the enterprise, network basics for IoT, governments backdooring encryption, and so much more. Where you can find Bill: https://www.linkedin.com/in/billfconner/ (LinkedIn)

https://www.linkedin.com/in/bernardharguindeguy/ (Bernard Harguindeguy) is the Chief Technology Officer & General Manager Intelligence from https://www.pingidentity.com/en/company/leadership.html (Ping Identity). Bernard joined Ping in June 2018 through the acquisition of Elastic Beam, where he was the CEO and founder. His work at Elastic Beam revolutionized the use of AI to protect API infrastructures from cyber attacks and deliver deep insight into API access and usage. Bernard earned an MS in Engineering Management from Stanford University and a BS in Electrical Engineering from the University of California Irvine where he was inducted into the http://tech.uci.edu/halloffame/inductees (Engineering Hall of Fame). In this episode, we discuss starting in email security, identity as the perimeter, API security, selling to the C suite, how AI will help security, IoT security, and so much more. Where you can find Bernard: https://www.linkedin.com/in/bernardharguindeguy/ (LinkedIn) https://twitter.com/b

https://www.linkedin.com/in/vinnysakore/ (Vinny Sakore) joined the https://netdiligence.com/ (NetDiligence) team in 2017 as their Chief Technology Officer. Prior to joining NetDiligence Vinny served as Verizon’s HIPAA Security Officer. His previous experience includes stints as Chief Technology Officer for two healthcare technology companies. Vinny is a featured speaker nationally and internationally on the topics of Cyber Risk, Mobile Technology, and Information Security. He is a regular presenter at organizations and events such as the NetDiligence Cyber Risk forums, Information Security Forum (ISF), International Association of Privacy Professionals (IAPP), Healthcare Information Management Systems and Society (HIMSS), and the Risk Information Management Society (RIMS). Vinny has been quoted in numerous publications, including CSO Online, Wall Street Journal, and Information Security Magazine. He serves on a number of not-for-profit boards and also teaches cybersecurity courses at Messiah College. In th

https://www.linkedin.com/in/renaud-deraison-26051982/ (Renaud Deraison) is known in the global security community as the father of the Nessus vulnerability scanner. His original creation, https://www.tenable.com/products/nessus (Nessus), celebrated its 15th anniversary in 2013 and is considered the de facto standard for vulnerability scanning worldwide. Renaud co-founded https://www.tenable.com/ (Tenable Network Security) in 2002. As Chief Technology Officer, he drives product strategy and development. Before Tenable, Renaud was the primary author of the Nessus vulnerability scanner – releasing the first version of Nessus when he was 17. Renaud continues to contribute to the global security community; he is the author of three patents related to network scanning and security and has published his work in books and magazines. In this episode, we discuss building the first version of Nessus when he was a teenager, getting the basics right, challenges with the cloud, IoT and embedded devices security, respons

https://www.linkedin.com/in/lorriecranor/ (Lorrie Faith Cranor), https://www.computer.org/ (IEEE Fellow), is the Director and Bosch Distinguished Professor in https://www.cmu.edu/epp/people/faculty/lorrie-faith-cranor.html (Security and Privacy Technologies of CyLab and the FORE Systems Professor of Computer Science and of Engineering and Public Policy at Carnegie Mellon University). She also directs the https://cups.cs.cmu.edu/ (CyLab Usable Privacy and Security Laboratory (CUPS) )and co-directs the MSIT-Privacy Engineering masters program. In 2016 she served as Chief Technologist at the US Federal Trade Commission, working in the office of Chairwoman Ramirez. She is also a co-founder of https://www.wombatsecurity.com/ (Wombat Security Technologies, Inc), a security awareness training company. She has authored over 150 research papers on online privacy, usable security, and other topics. She has played a key role in building the usable privacy and security research community, having co-edited the seminal bo

https://www.linkedin.com/in/benjaminjohnson80/ (Ben Johnson) is CTO and co-founder of https://www.obsidiansecurity.com/ (Obsidian Security). Prior to founding Obsidian, he co-founded https://www.carbonblack.com/ (Carbon Black) and most recently served as the company’s Chief Security Strategist. As the company’s original CTO, he led efforts to create the powerful capabilities that helped define the next-generation endpoint security space. Prior to Carbon Black, Ben was an NSA computer scientist and later worked as a cyber engineer in an advanced intrusion operations division for the intelligence community. Ben is active in the cybersecurity community, where he is a https://www.fisc.uscourts.gov/ (technical advisor to the US FISA Court )and sits on boards of multiple security startups. Johnson earned a bachelor’s degree in computer science from the University of Chicago and a master’s degree in computer science from Johns Hopkins University. In this episode we discuss starting with the

https://www.linkedin.com/in/deborah-blyth/ (Deborah Blyth) is the Chief Information Security Officer (CISO) http://www.oit.state.co.us/about/leadership/chief-information-security-officer (State of Colorado, Governor’s Office of Information Technology). In August 2014, Deborah Blyth became the state’s new CISO, bringing a diverse 25-year technology background including 14 years of information security experience. As the CISO, she serves as the point of contact for all information security initiatives in Colorado, informing the Secretary of Technology & Chief Information Officer and executive agency leadership on security risks and impacts of policy and management decisions on IT-related initiatives. Before joining the state of Colorado, Deborah led the Information Technology Security and Compliance programs at TeleTech and Travelport. Deborah is a Colorado native and graduated Summa cum Laude with a Bachelor of Science degree from Regis University. In this episode, we discuss her start in IT and he