Tue, 21 March 2017
The Cost of Cybercrime - Let’s Take a Different Perspective
Home Depot to Pay Banks $25 Million in Data Breach Settlement
Survey: Experience Preferred Over Education When Hiring For Cybersecurity
How Risk Modeling Propels the Cyber Insurance Market Forward
Direct download: DtSR_Episode_237_-_NewsCast_for_March_21st_2017.mp3
Category:NewsCast -- posted at: 12:00am CDT
Tue, 14 March 2017
Check out episode 236 with Marie-Michelle Strah who is a repeat offender here on the podcast with her first appearance back in 2014 on Episode 122 ( http://podcast.wh1t3rabbit.net/dtsr-episode-122-enterprise-architectures-role-in-security ).
This episode is a revisitation on Enterprise Architecture and it's importance to security with a perspective on enterprise tech stack, business segmentation and micro services in a modern distributed enterprise. Marie-Michelle's experience and extensive insight into the topic should give you something to think about as you go back to your day job in security.
Guest: Marie-Michelle Strah ( @CyberSlate ) - Marie-Michelle Strah. PhD is currently Senior Principal in the Enterprise Architecture Group at Infosys Ltd and based in New York City. A highly collaborative, diplomatic and inspiring thought leader Michelle is able to effectively drive business and technology strategy and business insights across corporate boundaries and departmental silos. A seasoned management and technology consultant, she specializes in strategy development, cloud transformation enterprise information modernization and innovation management efforts to drive global growth while minimizing cost and risk in complex organizations. She has PhD from Cornell University, was a Javits Fellow and is a US Army veteran. Connect with Michelle on Skype/Twitter/Instagram/Snapchat @cyberslate | http://cyberslate.me
Direct download: DtSR_Episode_236_-_Enterprise_Architecture_2017.mp3
Category:Enterprise Security -- posted at: 12:00am CDT
Tue, 7 March 2017
A Note on the Passing of a Legend
Are SysAdmins Violating the CFAA?
Yahoo Board Sends Message That Echoes
So … AWS S3 Went Dead, You’ll Never Guess Why
Direct download: DtSR_Episode_235_-_NewsCast_for_March_7th_2017.mp3
Category:Enterprise Security -- posted at: 10:02pm CDT
Tue, 28 February 2017
This week, the interview is extra special because we have a guest I've personally been following for a long while, and I finally got a chance to virtually sit down and talk through his considerable areas of expertise.
I'm pleasured to say we had a chance to sit down virtually with Professor Tom Nichols and talk international affairs, foreign policy and all the important things getting lost in the off-color political arguments lately. These are important issues to cyber security professionals that impact our daily lives - but rarely get discussed by someone with actual, credentialed expertise.
Enjoy this one, friends, I know we did recording it. I want to thank Tom for being an awesome guest and lending his time to our show.
If you want to read Tom's latest book, you can get it on Amazon, link HERE.
Direct download: DtSR_Episode_234_-_Straight_Talk_on_National_Security.mp3
Category:general -- posted at: 11:55pm CDT
Tue, 21 February 2017
This week, fresh on the close of RSA Conference 2017 James, Michael and I discuss the happenings of the conference, lessons, and features along with some inside anecdotes you won't get from anywhere else. Of course, we add our own unique blend of snark and humor - but that's what gets you listening and coming back for more.
We'd like to say a big thank you to everyone who voted for us in the RSA Social Security (Security Bloggers) Awards. We didn't win, but we feel good about the audience we've acquired and will keep working hard to spread the message. So to all of you, thank you.
Let's get on with the show!
Direct download: DtSR_Episode_233_-_Reflecting_on_RSA_Conference_2017.mp3
Category:NewsCast -- posted at: 12:38am CDT
Wed, 15 February 2017
This week, while the security world congregates at RSA Conference 2017 we present to you Neira Jones, discussing digital payments, fraud and the world of security as it applies to this domain. In a fascinating discussion, we discuss many of the topics security executives and leaders are talking about right now - but as you have come to expect this is less about 'security' and more about protecting what matters.
We want to thank Neira for taking the time out of her busy schedule to join us on the show, and encourage discussion on the topics we covered - if you listen, and you have an opinion (I know you do) then let's discuss using the hashtag #DtSR on twitter.
Direct download: DtSR_Episode_232_-_Security_Fraud_Digital_Payments.mp3
Category:Enterprise Security -- posted at: 11:29am CDT
Wed, 8 February 2017
It is that time of year of W-2 Scams
Cops use pacemaker data to charge homeowner with arson, insurance fraud
Facebook rolls out 2FA Hardware
5 Cybersecurity Tools Your Company Should Have
Appeals Court Blocks Target Data Breach Settlement
Direct download: DtSR_Episode_231_-_NewsCast_for_February_7th_2017.mp3
Category:NewsCast -- posted at: 3:00am CDT
Tue, 31 January 2017
On this Down the Security Rabbithole podcast we're joined by Stephen A. Ridley & Jamison Utter (yes, again with this guy) for a discussion on the finer points of Internet of Things (IoT) security ... or complete lack thereof.
If you own gadgets that are 'connected' or you are ever around them (hint: you're surrounded by things that pull IP addresses right now) then you need to listen to this podcast. Some great discussion in what was the very first podcast we recorded in 2017.
Direct download: DtSR_Episode_230_-_The_IoT_You_Got_for_Christmas.mp3
Category:Enterprise Security -- posted at: 1:56am CDT
Wed, 25 January 2017
Hi friends! We're honored to be finalists for the Security Blogger Awards 2017 "Best Security Podcast" so if you listen, go vote for "Wh1t3Rabbit" (as we're labeled)
Digital transformation forces businesses to rethink cybersecurity
Mobile is still the safest place for your data
The WhatsApp Backdoor That Isn’t
Organizational complexity is the greatest threat to cybersecurity
Direct download: DtSR_Episode_229_-_NewsCast_for_January_24th_2017.mp3
Category:NewsCast -- posted at: 8:33am CDT
Tue, 17 January 2017
This week, Paul Hershberger joins us to talk about taking a fresh look at endpoint security for the new year. Paul has some insights into balancing risk/usability and how some of the things you've heard about endpoint may simply be ... wrong.
Join James and I as we let Paul endow us with his wisdom and experience... take some notes, this one's going to be good.
Direct download: DtSR_Episode_228_-_Another_Look_at_Endpoint_Security.mp3
Category:general -- posted at: 6:27pm CDT
Thu, 12 January 2017
St. Jude, MedSec and the FDA
New York financial regulator to delay cyber security rules
Massachusetts makes data breach reports available online
California passes law making ransomware illegal
Online databases dropping like flies, with >10K falling to ransomware groups
TV anchor says live on-air ‘Alexa, order me a dollhouse’ - guess what happens next
Direct download: DtSR_Episode_227_-_NewsCast_for_January_10th_2017.mp3
Category:NewsCast -- posted at: 12:38pm CDT
Tue, 3 January 2017
Welcome to the first Down the Security Rabbithole Podcast episode of 2017!
We would like to kick off this year, and the run to episode 250 with an episode that dissects the facts from the fiction on the topic of "Advanced Threats". With all the talk in the news about the Russians "hacking the US election" (yes, that's absolutely silly to call it that) and talk of retaliation, it's important to have a frank discussion on the merits of the concept of advanced threats.
Sit back, grab a coffee and listen. I know you'll want to listen to this one more than once!
If you have a moment, and you actually read the show notes, we would love it if you could give us a rating on iTunes or actually leave a comment on the podcast page. Get engaged on Twitter, using the hashtag #DtSR!
Sergio Caltagirone hunts evil. He spends his days hunting hackers and his evenings hunting human traffickers. After 9 years with the US Government, over 3 years at Microsoft and now at Dragos, Sergio not only hunted the most sophisticated targeted hackers in the world but also applied that intelligence to protect billions of users worldwide and safeguarding civilization through the protection of critical infrastructure and industrial control systems. He co-created the Diamond Model of Intrusion Analysis proudly helping thousands of others bring more pain to adversaries by strengthening hunters and intelligence analysts. He also proudly serves as the Technical Director of the Global Emancipation Network, a Non-Governmental Organization, leading a world-class all-volunteer team hunting human traffickers and finding their victims through data science and analytics working towards saving tens of millions of lives.
You can find Sergio on Twitter at @cnoanalysis
Direct download: DtSR_Episode_226_-_Target_Threats_Facts_From_Fiction.mp3
Category:general -- posted at: 9:27am CDT