Cyber Security Interviews

This is going to be the second holiday break episode and the first of 2017. In this episode, I am taking a quick look back at the https://cybersecurityinterviews.com/episodes/ (first five episodes) with my guests to date: https://cybersecurityinterviews.com/001-chris-pogue-like-chihuahua-pork-chop/ (Chris Pogue) https://cybersecurityinterviews.com/002-david-cowen-standing-shoulders-giants/ (David Cowen) https://cybersecurityinterviews.com/003-lenny-zeltser-can-never-know-everything/ (Lenny Zeltser) https://cybersecurityinterviews.com/004-nicholas-percoco-dont-second-guess/ (Nicholas Percoco) https://cybersecurityinterviews.com/005-morgan-wright-rule-threes/ (Morgan Wright) Each of these cyber security professionals have had their own, unique journeys to get where they are. In each interview, I learned a lot about them as individuals, but also got their perspectives on a variety of topics that influence the industry as well as some valuable advice. Thanks everyone for listening to the first episodes of Cy

This is going to be one of two special holiday break episodes as we end out the year. We will be returning to our regular interviews with top security experts right after the start of the new year. In this episode, I reflect on 2016 and cyber security. It was an interesting year and information security took a spot light more than I could remember for years past (and probably more than I could have imagined a year ago). Even“hackers” even took runner up as http://time.com/time-person-of-the-year-2016-hackers-runner-up/ (Time’s 2016 Person of the Year)! I will talk about: The cyber-attacks against the https://ics-cert.us-cert.gov/alerts/IR-ALERT-H-16-056-01 (Ukrainian Critical Infrastructure), also known as Black Energy The http://www.reuters.com/investigates/special-report/cyber-heist-federal/ (Central Bank of Bangladesh heist) The https://panamapapers.icij.org/ (Panama Papers) The Internet of Things, https://www.wired.com/2016/10/internet-outage-ddos-dns-dyn/ (Distributed Denial of Service attacks against Dy

https://www.linkedin.com/in/morganwright150 (Morgan Wright) is an internationally recognized expert on cybersecurity strategy, cyberterrorism, identity theft and privacy. His landmark http://docs.house.gov/meetings/SY/SY15/20150212/102961/HHRG-114-SY15-Wstate-WrightM-20150212.pdf (testimony before Congress on Healthcare.gov) changed how the government collected personally identifiable information. He has made hundreds of appearances on national news, radio, print and web, and has spoken to audiences around the world about cyber security. Previously Morgan was a Senior Advisor in the US State Department Antiterrorism Assistance Program and Senior Law Enforcement Advisor for the 2012 Republican National Convention. In addition to 18 years in state and local law enforcement, Morgan has developed solutions in defense, justice and intelligence for the largest technology companies in the world. He has trained over 2,000 law enforcement officers in the investigation of computer crime, including one year trainin

https://www.linkedin.com/in/c7five (Nicholas Percoco) has more than 19 years of information security experience and is currently the Chief Information Security Officer at https://uptake.com/ (Uptake). Prior to Uptake, Nicholas was the Vice President of Global Services at https://www.rapid7.com/ (Rapid7). Nick has also been a Director at KPMG and the head of SpiderLabs at https://www.trustwave.com/home/ (Trustwave )where he led more than 2000 incident response and forensic investigations globally, ran thousands of ethical hacking & application security tests for clients, and conducted bleeding-edge security research to improve Trustwave's products. Before Trustwave, Nick ran the security consulting practices at VeriSign, & Internet Security Systems. In 2004, he drafted an application security framework that became known as the Payment Application Best Practices (PABP). In 2008, this framework was adopted as a global standard called Payment Application Data Security Standard (PA-DSS). As a speaker, he h

https://www.linkedin.com/in/lennyzeltser (Lenny Zeltser) is a seasoned business and tech leader with extensive information security expertise. As a product portfolio owner at a Fortune 500 company, he delivers the financial success and expansion of his orgnization's security services and SaaS products. He has also been a national lead of the security consulting practice at Savvis (acquired by CenturyLink), where he managed the US team of service professionals, aligning their expertise to the firm’s cloud solutions. Lenny helps shape global infosec practices by teaching incident response and malware defenses at https://www.sans.org/ (SANS Institute) and by sharing knowledge through writing, public speaking and community projects. He has earned the prestigious GIAC Security Expert professional designation and developed the Linux toolkit https://remnux.org/ (REMnux), which is used by malware analysts throughout the world. Lenny is on the Board of Directors of http://www.sans.edu/ (SANS Technology Institute) and

https://www.linkedin.com/in/dcowen (David Cowen) has more than sixteen years of experience in the areas of security integration, architecture, assessment, programming, forensic analysis and investigations. He started out as a penetration tester then moved to digital forensics. Currently, he is a partner at http://www.g-cpartners.com/ (G-C Partners, LLC), a full service digital forensics investigation company, and has experience working in a variety of environments ranging from high security military installations to large/small private sector companies. David is also one of the most passionate and active contributors within the cyber security and forensic communities. I look at David's contributions and think he doesn't sleep and/or someone in Dallas, TX there is cloning facility that has produced David Cowens versions 2 -5 which are all running around outputting awesome contributions to the community (yes, like the movie http://www.imdb.com/title/tt0117108/?ref_=nm_flmg_act_44 (Multi

https://www.linkedin.com/in/christopher-pogue-msit-cissp-ceh-crea-gcfa-qsa-6148441 (Chris Pogue), Chief Information Security Officer at https://www.nuix.com (Nuix), has more than fifteen years’ experience and 2,000 breach investigations under his belt. Over his career, Chris has led multiple professional security services organizations and corporate security initiatives to investigate thousands of security breaches worldwide. His extensive experience is drawn from careers as a cyber crimes investigator, ethical hacker, military officer, and law enforcement and military instructor. In 2010, Chris was named a https://www.sans.org/thought-leaders/ (SANS Thought Leader), ran an award-winning security blog (http://thedigitalstandard.blogspot.com/ (The Digital Standard)), and has contributed to multiple security publications. Chris holds a Master's Degree in Information Security and is also an adjunct cyber security professor at Southern Utah University. He also was a contributing author for https://www.amazon

Before we tackle the hearts and minds of some of the leaders and influencers in cyber security, I wanted to provide a little background about me and how I got started in cyber security. As far back as I can remember, I always wanted to be a hacker. In 1981, at an impressionable age five, I plopped down in front of a http://oldcomputers.net/ti994a.html (Texas Instruments TI99/4A computer). It had a whopping 3MHz CPU, 16K of RAM, and 16 colors. My parents got one for the home and I mostly used it to play video games. My favorite game was https://en.wikipedia.org/wiki/Hunt_the_Wumpus (Hunt the Wumpus). At some point, I came across https://archive.org/details/compute-magazine&tab=about (Compute!) magazine that had instructional pages of BASIC, spaghetti code programs that you could use to run on your computer. After hours of painstakingly transcribing lines and lines of GOTO commands into the TI99, I would have a small colored box bounce from one side of the screen to the other. Then back again. #Fun. [captio