Special Editions

CyberWire Daily at 10: The evolution of ransomware.

Sun, 31 May 2026 05:00:00 -0000

In this special edition of CyberWire Daily’s 10th anniversary series, N2K CyberWire's Maria Varmazis and Dave Bittner consider the tactics, trends, and turning points that shaped the threat landscape over the last decade of ransomware.

Ransomware has evolved from small-scale extortion and opportunistic attacks to sprawling, sophisticated, organized crime and state-sponsored attacks. Cryptocurrency plays a pivotal role in enabling ransomware's growth by providing untraceable payment methods.

Join us as we explore key incidents like WannaCry and NotPetya, the shift from street crime to organized and nation-state cyber threats, and AI's impact on the future of ransomware.

The Code of Honor: Paul J. Maurer and Ed Skoudis explore ethics in cybersecurity with Ben Yelin.

Mon, 25 May 2026 05:00:00 -0000

Authors Paul J. Maurer and Ed Skoudis join Caveat podcast co host Ben Yelin to discuss their new book: "The Code of Honor: Embracing Ethics in Cybersecurity." The book is a comprehensive and practical framework for ethical practices in contemporary cybersecurity. Listen to Ben's discussion with Paul and Ed as they explore the ethical dimensions of cybersecurity, the influence of AI, and the responsibilities of cyber professionals. Consider joining Paul and Ed in upholding the highest standards of cybersecurity ethics by signing the Cybersecurity Code they share as part of The Code of Honor. Learn more about the book here.

CyberWire Daily at 10: The evolution of geopolitics and warfare.

Sun, 10 May 2026 06:00:00 -0000

In this special edition of CyberWire Daily’s 10th anniversary series, N2K CyberWire's Maria Varmazis and Dave Bittner discuss cybersecurity geopolitics and warfare that have been in the news over the past 10 years.

Our conversation treks around the globe beginning with the supply chain malware from the destructive NotPetya campaign out of Russia, then Maria and Dave highlight:

Russia’s full invasion of Ukraine pairing cybersecurity and kinetic war
the use of inexpensive technology in warfare in Iran
shifts of nation-state strategies by China with VoltTyphoon and SaltTyphoon intrusions in critical sectors.

They touch on the movement toward zero trust architecture and the rise and proliferation of ransomware. And, what's a conversation between Maria and Dave without a mention of AI and the future?

Join us as we reflect on the escalation from election interference and disruption, to espionage and ransomware as national security crises, to integration in kinetic war, and now expansion into space, with AI-driven defenses and NATO codifying cyber as a collective defense domain.

CyberWire Daily at 10: The breaches we still talk about.

Sun, 29 Mar 2026 06:00:00 -0000

In this special edition of CyberWire Daily’s 10th anniversary series, N2K CyberWire's Maria Varmazis and Dave Bittner discuss the biggest breaches over the past 10 years.

The foundational 2014 Sony hack kicks off our conversation, then Maria and Dave highlight:

the 2015 OPM breach, which exposed sensitive security-clearance data and was attributed to long-term access by China amid outdated government systems and security
2017’s WannaCry and NotPetya's global disruption and Equifax's ongoing fallout
the 2020 SolarWinds breach underscored supply-chain risks and raised concerns about potential personal criminal liability for CISOs.

The conversation illustrates two main threat-actor categories—nation-state espionage and financially motivated criminals—and the increasingly blurred lines between them. Join us as we reflect on how the industry and cybercrime have evolved over the past decade.

CyberWire Daily at 10: From an idea to the airwaves.

Sun, 22 Mar 2026 06:00:00 -0000

In this special edition of CyberWire Daily’s 10th anniversary series, Maria Varmazis hosts a thoughtful and engaging conversation with N2K CyberWire CEO Peter Kilpe and CyberWire Daily host Dave Bittner, exploring the origin story of the podcast that started it all. From early ambitions to behind-the-scenes turning points, they trace how the show found its voice and evolved from a startup experiment into a trusted cornerstone of the cybersecurity community. Along the way, they share candid anecdotes, hard-earned lessons, and reflections on how both the industry and CyberWire Daily have transformed over the past decade.

Cyber without borders: Reporters notebook.

Mon, 09 Mar 2026 06:00:00 -0000

In this special Reporter’s Notebook, Maria Varmazis⁠⁠⁠⁠, host here at N2K CyberWire, takes listeners behind the scenes of our three-part series on Cyber Coalition 2025 in Tallinn, Estonia. After exploring real-time incident response, cross-border coordination, and the broader stakes of collective cyber defense, this episode offers a more personal, behind-the-scenes look at how the reporting came together.

Hosted by the NATO Cooperative Cyber Defense Centre of Excellence, the exercise brought together allied military, government, and industry teams inside NATO’s secure cyber range. Here, Maria reflects on moments that didn’t make the final cut — the atmosphere inside the facilities, the pace of covering a live exercise, and the small, human details that added texture to the larger story.

If you haven’t yet, be sure to listen to all three episodes of the series to hear the full story from the ground at Cyber Coalition 2025.

Episode one can be found ⁠⁠here⁠⁠.

Episode two can be found ⁠here⁠.

Episode three can be found ⁠⁠here⁠⁠.

Cyber without borders: Standing guard 210 kilometers from risk.

Mon, 02 Mar 2026 07:00:00 -0000

In the final installment of our three-part series on ⁠Cyber Coalition 2025⁠⁠, ⁠⁠Maria Varmazis⁠⁠⁠, host here at N2K CyberWire, and ⁠⁠⁠Liz Stokes, CyberWire Producer, step back from the cyber range to reflect on what their time in Tallinn really meant. This episode moves beyond the mechanics of the exercise and into the broader stakes of collective cyber defense in an increasingly uncertain geopolitical moment.

Recorded two months after their visit, the conversation blends field tape and personal reflections — from standing outside the Russian Embassy in Old Town to recalling the weight inside NATO’s secure facilities. Estonia’s history, including the 2007 cyberattacks, and its visible solidarity with Ukraine underscore just how real and proximate the risks remain.

Be sure to check out the first two episodes of this three part series, you can find them below.

Episode one can be found ⁠here⁠.

Episode two can be found here.

Cyber without borders: The human side of cyber defense.

Mon, 23 Feb 2026 07:00:00 -0000

In this second installment of our three-part series on ⁠Cyber Coalition 2025⁠, ⁠Maria Varmazis⁠⁠, host here at N2K CyberWire⁠⁠ and CyberWire Producer ⁠⁠Liz Stokes,⁠ take listeners inside a single day at NATO’s cyber headquarters in Tallinn, Estonia — focusing on the human side of cyber defense.

Hosted by the NATO Cooperative Cyber Defence Centre of Excellence and led by NATO Allied Command Transformation, Cyber Coalition is a defensive-only exercise built around collaboration, coordination, and information sharing across allied nations. This episode highlights how that plays out in practice, from legal teams working through cross-border policy questions to military defenders coordinating with civilian infrastructure partners inside NATO’s secure cyber range.

Be sure to check out the rest of this three part series, you can find them below.

Episode one can be found ⁠⁠here⁠⁠.

Episode three can be found ⁠here⁠.

Cyber without borders: How Estonia turned crisis into cyber power.

Mon, 16 Feb 2026 07:00:00 -0000

In this three-part series, Maria Varmazis, host of T-Minus Space Daily and CyberWire Producer Liz Stokes, take you inside NATO’s flagship cyber defense exercise, Cyber Coalition 2025. Hosted by the NATO Cooperative Cyber Defence Centre of Excellence in Tallinn, Estonia, the exercise brings together military, government, and industry teams from across the alliance to respond to realistic, high-pressure cyberattack scenarios targeting critical infrastructure and operational networks.

Throughout the series, Maria and Liz will guide you through what they witnessed on the ground — from real-time threat detection and incident response to the strategic collaboration shaping NATO’s cyber resilience in an increasingly contested digital landscape.

Be sure to check out the rest of this three part series, you can find them below.

Episode two can be found ⁠here⁠.

Episode three can be found ⁠here⁠.

AI in the GRC: What's real, what's risky and what's next.

Sun, 30 Nov 2025 07:00:00 -0000

Join us for a timely and insightful live discussion on the evolving role of artificial intelligence in governance, risk, and compliance. Host Dave Bittner from N2K | CyberWire is joined by Kayne McGladrey from Hyperproof, Matthew Cassidy, PMP, CISA from Grant Thornton (US), and Alam Ali from Hyperproof to explore the current state of artificial intelligence in governance, risk, and compliance. The panel will discuss what AI is truly doing well today, the risks and challenges organizations need to watch for, and how AI is poised to influence the future of GRC. They will also share practical insights and real-world guidance for teams looking to adopt AI responsibly and effectively. Don’t miss this timely conversation as our experts break down what’s real, what’s risky, and what’s next in AI for GRC.

DataTribe's Cyber Innovation Day: Cyber: The Wake of Tech Innovation.

Sun, 23 Nov 2025 06:00:00 -0000

On this Special Edition podcast, we share a panel from DataTribe's Cyber Innovation Day 2025, "Cyber: The Wake of Tech Innovation."

The podcast tech host panel included Dave Bittner, host of CyberWire Daily podcast, Maria Varmazis, host of T-Minus Space Daily podcast, and Daniel Whitenack, co-host of Practical AI podcast, sharing a wide-ranging discussion.

Together, Dave, Maria and Dan examine the intersection of frontier innovation and cyber innovation through the lens of cyber, space, and AI.

2025 DataTribe Challenge: Forging the future of cyber.

Sun, 05 Oct 2025 06:00:00 -0000

The DataTribe Challenge is a launchpad for elite cybersecurity and cyber-adjacent startups ready to break out. 2025 marks the 8th annual edition of the event with a change in venue and some exciting new updates.

We take you on a journey from inception with Leo Scott, Managing Director and Chief Innovation Officer at DataTribe, and 3 past DataTribe Challenge winners at different levels on their growth tracks following their participation in the event. You'll meet Anita D'Amico, former CEO of Code DX (acquired by Synopsis in 2021) and 2019 winner; Greg Baker, Co-Founder of Balance Theory and 2022 winner; and Brian Proctor, Founder and CEO of Frenos and 2024 winner.

The labor behind the labor.

Mon, 01 Sep 2025 06:00:00 -0000

This Labor Day, we’re celebrating more than just a holiday. Join us in celebrating not just the work, but the people who make it possible — the labor behind the labor.We’re honoring the people who bring their creativity, dedication, and passion to every corner of N2K. The work you hear, read, and see from us doesn’t happen by accident. It’s the result of talented colleagues who pour themselves into their craft, often in ways that don’t always get the spotlight. From shaping sound and refining scripts to building certification content and producing video, their labor is the heartbeat of what we do.In this special edition, host Ma’ayan Plaut introduces you to some of the voices behind the scenes: Elliott, whose audio artistry makes every show sing; Ethan, whose sharp analysis bridges policy and practice; Alice, whose storytelling brings energy and curiosity to the space industry; George and Ann, who create and refine the certification content that keeps us at the forefront of technology; and Sarelle, whose video production brings our stories to life. Together, they embody the care and creativity that define N2K.And if you’d like to see the labor behind the labor, we’ve also put together a ⁠video⁠ companion to this project — giving you another way to meet the team and experience their work in action. Be sure to check it out!

Juneteenth: Reflecting, belonging, and owning your seat at the table.

Thu, 19 Jun 2025 06:00:00 -0000

We put together an open conversation between our podcast hosts, CyberWire Daily's Dave Bittner, T-Minus Space Daily’s Maria Varmazis, and CISO Perspectives podcast’s Kim Jones. Their conversation goes deeper than just the historical significance of Juneteenth, diving into candid conversations on allyship, representation, and the enduring value of diversity in the cybersecurity and space fields. Grab your coffee and join us in the room.

Resources:

Juneteenth

CISO Perspectives podcast:

T-Minus Space Daily podcast:

Beyond cyber: Securing the next horizon.

Sun, 11 May 2025 05:00:00 -0000

Cybersecurity is no longer confined to the digital world or just a technical challenge, it’s a global imperative. The NightDragon Innovation Summit convened a group of industry leaders to discuss how public and private entities can work together to address emerging threats and harness the power of AI, cybersecurity, and innovation to strengthen national defense.

In this special edition podcast, we capture a glimpse into the knowledge and expertise shared at the NightDragon Innovation Summit. We are joined by NightDragon Founder and CEO Dave DeWalt, DataBee CEO Nicole Bucala, Liberty Mutual Insurance EVP and CISO Katie Jenkins, Sophos CEO Joe Levy, and Dataminr VP of Sales Engineering Michael Mastrole.

Microsoft for Startups: The benefits of the cyber startup ecosystem.

Sun, 27 Apr 2025 05:00:00 -0000

Welcome to the Microsoft for Startups Spotlight, brought to you by N2K CyberWire and Microsoft. In this episode, we are shining a light on innovation, ambition, and the tech trailblazers building the future right from the startup trenches. This episode is part of our exclusive RSAC series where we dive into the real world impact of the Microsoft for Startups Founders Hub.

Along with Microsoft’s Kevin Magee, Dave Bittner talks with an entrepreneur and startup veteran, and founders from three incredible startups who are part of the Founders Hub, each tackling big problems with even bigger ideas.

Dave and Kevin set the stage speaking with startup veteran and Cygenta co-founder FC about making the leap from hacker to entrepreneur. Dave and Kevin then speak with three founders: Matthew Chiodi of Cerby, Travis Howerton of RegScale, and Karl Mattson of Endor Labs. So whether you are building your own startup or just love a good innovation story, listen in. For more information, visit the Microsoft for Startups website.

Future-proofing finance: FS-ISAC’s blueprint for cryptographic agility.

Tue, 31 Dec 2024 07:00:00 -0000

Brandon Karpf sits down with Mike Silverman, Chief Strategy and Innovation Officer at FS-ISAC, to discuss the white paper Building Cryptographic Agility in the Financial Sector.

Authored by experts from FS-ISAC’s Post-Quantum Cryptography Working Group, the paper addresses the vulnerabilities posed by quantum computing to current cryptographic algorithms. It provides financial institutions with strategies to safeguard sensitive data and maintain trust as these emerging threats evolve.

Discover the challenges and actionable steps to build cryptographic agility in this insightful conversation.

The CyberWire: The 12 Days of Malware.

Wed, 25 Dec 2024 06:00:00 -0000

Merry Christmas and Happy Holidays from the CyberWire and our friends! Enjoy our rendition of the 12 Days of Malware created by Dave Bittner and performed by Dave and friends: Rachel Tobac, Jayson Street, Ron Eddings & Chris Cochran, Ray [Redacted], Dinah Davis, Camille Stewart, Rick Howard, Michelle Dennedy, Jack Rhysider, Johannes Ullrich, and Charity Wright. Ba dum bum bum. Sing along if you are game! Check out our video for the full effect!

The 12 Days of Malware lyrics

On the first day of Christmas, my malware gave to me:

A keylogger logging my keys.

On the second day of Christmas, my malware gave to me:

2 Trojan Apps...

And a keylogger logging my keys.

On the third day of Christmas, my malware gave to me:

3 Web shells...

2 Trojan Apps...

And a keylogger logging my keys.

On the fourth day of Christmas, my malware gave to me:

4 Crypto scams...

3 Web shells...

2 Trojan Apps...

And a keylogger logging my keys.

On the fifth day of Christmas, my malware gave to me:

5 Zero Days!

4 Crypto scams...

3 Web shells...

2 Trojan Apps...

And a keylogger logging my keys.

On the sixth day of Christmas, my malware gave to me:

6 Passwords spraying...

5 Zero Days!

4 Crypto scams...

3 Web shells...

2 Trojan Apps...

And a keylogger logging my keys.

On the seventh day of Christmas, my malware gave to me:

7 Scripts a scraping...

6 Passwords spraying...

5 Zero Days!

4 Crypto scams...

3 Web shells...

2 Trojan Apps...

And a keylogger logging my keys.

On the eighth day of Christmas, my malware gave to me:

8 Worms a wiping...

7 Scripts a scraping...

6 Passwords spraying...

5 Zero Days!

4 Crypto scams...

3 Web shells...

2 Trojan Apps...

And a keylogger logging my keys.

On the ninth day of Christmas, my malware gave to me:

9 Rootkits rooting...

8 Worms a wiping...

7 Scripts a scraping...

6 Passwords spraying...

5 Zero Days!

4 Crypto scams...

3 Web shells...

2 Trojan Apps...

And a keylogger logging my keys.

On the tenth day of Christmas, my malware gave to me:

10 Darknet markets...

9 Rootkits rooting...

8 Worms a wiping...

7 Scripts a scraping...

6 Passwords spraying...

5 Zero Days! (Bah-dum-dum-dum!)

4 Crypto scams...

3 Web shells...

2 Trojan Apps...

And a keylogger logging my keys.

On the eleventh day of Christmas, my malware gave to me:

11 Phishers phishing...

10 Darknet markets...

9 Rootkits rooting...

8 Worms a wiping...

7 Scripts a scraping...

6 Passwords spraying...

5 Zero Days! (Bah-dum-dum-dum!)

4 Crypto scams...

3 Web shells...

2 Trojan Apps...

And a keylogger logging my keys.

On the twelfth day of Christmas, my malware gave to me:

12 Hackers hacking...

11 Phishers phishing...

10 Darknet markets...

9 Rootkits rooting...

8 Worms a wiping...

7 Scripts a scraping...

6 Passwords spraying...

5 Zero Days!

4 Crypto scams...

3 Web shells...

2 Trojan Apps...

And a keylogger logging my keys.

Digital Mindhunters: a novel look at cybersecurity and artificial intelligence.

Sun, 08 Dec 2024 07:00:00 -0000

In this special edition podcast, N2K's Executive Editor Brandon Karpf talks with author, CEO and cybersecurity advisor Dr. Bilyana Lilly about her new novel "Digital Mindhunters."

Book Overview

In a high-stakes game of espionage and deception, a female analyst uncovers Russia's plot to wield artificial intelligence, espionage, and disinformation as weapons of chaos against the United States. As she races against time to thwart an assassination plot, she finds herself entangled in a web of international intrigue and discovers a parallel threat from a Chinese spy network aiming to steal data, manipulate American voters, and harness technology to dismantle the very foundations of U.S. democracy. In a world where lies are a weapon and trust is a luxury, she navigates the treacherous worlds of arms dealers, hackers, and spies to protect her country.

About the author

Dr. Bilyana Lilly is a cybersecurity and information warfare expert. She advises senior executives in the private and public sector on how to mitigate cybersecurity risk across their enterprises. Dr. Lilly serves on the Advisory Boards of the venture capital firm Night Dragon and the cybersecurity firm RunSafe Security. She chairs the Democratic Resilience Track of the Warsaw Security Forum and is an adjunct senior advisor for critical infrastructure and resilience at the Institute for Security and Technology. Her previous roles include a manager at Deloitte's Financial Cybersecurity Practice and a fellow at the RAND Corporation. Dr. Lilly holds a PhD in policy analysis and cyber security, and three master's degrees, including an honors degree from Oxford University. Her book "Russian Information Warfare" became a bestseller and is on display at the Pentagon. Dr. Lilly is a mentor and a speaker at RSA, DefCon, CyCon, and the Executive Women's Forum. She has been denounced by Russia's Ministry of Foreign Affairs and called cyber expert by Tom Hanks.

Solution Spotlight: Rebuilding trust in the wake of tech calamities.

Sun, 10 Nov 2024 07:00:00 -0000

In this special edition of our podcast, Simone Petrella sits down with cybersecurity luminary Alex Stamos, Chief Information Security Officer at SentinelOne, to delve into one of the most challenging years in tech history. 2024 has seen unprecedented breaches of multinational corporations, high-stakes attacks from state actors, massive data leaks, and the largest global IT failure on record. As both a seasoned security executive and respected thought leader, Stamos offers a firsthand perspective on how the security landscape is evolving under these pressures.

In this exclusive keynote discussion, Stamos draws from his extensive experience to share hard-won lessons from the upheavals of 2024, discussing how companies can build — and rebuild — trust amidst this environment of constant threat. What new responsibilities do organizations have to their customers, employees, shareholders, and society? And what major shifts can we expect across cybersecurity and IT practices in response to these cascading challenges? Tune in for a deep dive into how security professionals are rising to meet their roles in a world brimming with motivated and capable adversaries.

Solution Spotlight: Cultivating cybersecurity culture.

Tue, 29 Oct 2024 20:10:00 -0000

In this Solution Spotlight episode, our very own Simone Petrella sits down with Chris Porter, the Chief Information Security Officer at Fannie Mae. As a seasoned expert in the financial and cybersecurity sectors, Chris shares insights into how Fannie Mae navigates the complexities of securing one of the nation's most critical financial institutions.

Together, they discuss Fannie Mae's evolving cybersecurity posture, balancing innovation with risk management, and the critical strategies employed to protect sensitive data in an increasingly digital and interconnected world. Chris also delves into the importance of collaboration across the industry, highlighting partnerships and intelligence-sharing as vital components in mitigating cyber threats.

Mission possible? Navigating tech adoption in the DoD.

Sun, 27 Oct 2024 06:00:00 -0000

In this episode, N2K's Brandon Karpf interviews Pete Newell, CEO and Founder of BMNT, about the challenges facing technology adoption within the Department of Defense (DoD). They discuss the concept of “mission acceleration,” focusing on the DoD’s struggle to keep pace with rapid changes on the battlefield and the importance of a human-centered approach to technology adaptation. Newell emphasizes that true innovation in defense is more of a "people problem" than a technology issue, requiring shifts in organizational culture and internal education. Tune in to hear insights on accelerating change in defense through better problem articulation and training.

Solution Spotlight: A first look at ISC2's 2024 Cybersecurity Workforce Study.

Mon, 14 Oct 2024 06:00:00 -0000

In this special edition of Solution Spotlight, join us for an exclusive conversation between ISC2's Executive Vice President of Corporate Affairs, Andy Woolnough, and N2K's Simone Petrella. Together, they take a deep dive into ISC2's 2024 Cybersecurity Workforce Study, offering a first look at the most pressing findings.

Discover insights from a survey of 15,852 cybersecurity professionals and decision-makers across the globe, including the size of the current workforce, the demand for more professionals, and alarming trends around layoffs, budget cuts, and skills shortages. Andy and Simone also explore the growing disconnect between the skills in high demand by hiring managers and those that cybersecurity pros are prioritizing. Learn why organizations must take immediate action to foster talent and bridge these skills gaps to meet the industry's evolving needs.

Plus, today marks the start of the ISC2 Security Congress 2024! Whether attending in person or virtually, this event is packed with opportunities to engage with industry experts and further your knowledge in cybersecurity.

Tune in for actionable insights and exclusive details on the state of the cybersecurity workforce and how your organization can stay ahead.

For more information on ISC2 Security Congress 2024, visit the event page here.

The Global Race for the 21st Century [Special Edition]

Thu, 03 Oct 2024 07:00:00 -0000

In this episode, Dmitri Alperovitch discusses his book World on the Brink: How America Can Beat China in the Race for the Twenty-First Century with host Ben Yelin. Alperovitch highlights the rising tensions between the U.S. and China, focusing on Taiwan as a critical flashpoint that could ignite a new Cold War. He shares insights on the strategies America must adopt to maintain its status as the world’s leading superpower while addressing the challenges posed by China. By examining both strengths and weaknesses, as well as providing a timely blueprint for navigating the complexities of global relations in the 21st century.

Steve Blank, national security, and the dilemma of technology disruption. (Part 2 of 2) [Special Edition]

Sun, 29 Sep 2024 07:00:00 -0000

In this 2-part special edition series, guest Steve Blank, co-founder of the Gordian Knot Center for National Security Innovation at Stanford University, speaks with N2K's Brandon Karpf about national security and the dilemma of technology disruption.

In this series, Steve Blank, a renowned expert in national security innovation, explores the critical challenges facing the U.S. Department of Defense in a rapidly evolving technological landscape. From the rise of global adversaries like China to the bureaucratic obstacles hindering defense innovation, Blank breaks down the “dilemma of technology disruption” in national security. Learn how the U.S. can overcome its outdated systems, accelerate innovation, and prepare for the future of defense technology. Whether you’re interested in defense tech, cybersecurity, or government innovation, this episode offers deep insights into the intersection of national security and technological disruption.

For some background, you can check out Steve’s article “Why Large Organizations Struggle With Disruption, and What to Do About It.”

Steve Blank, national security, and the dilemma of technology disruption. (Part 1 of 2)

Sun, 22 Sep 2024 06:00:00 -0000

For some background, you can check out Steve’s article “Why Large Organizations Struggle With Disruption, and What to Do About It.”

The impact of CISO Circles and cultivating a security culture. [Special Edition]

Sun, 01 Sep 2024 07:00:00 -0000

In this Special Edition podcast, N2K's Executive Editor Brandon Karpf speaks with Danielle Ruderman, Senior Manager for Wordwide Security Specialists at AWS, and Adam Mikeal, CISO at Texas A&M, about CISO Circles, security challenges faced in higher education, and fostering the culture of security.

Quantum-proof and ready: NIST unveils the future of encryption.

Sun, 25 Aug 2024 06:00:00 -0000

In this Special Edition podcast, N2K's Executive Editor Brandon Karpf speaks with Dustin Moody, mathematician at NIST, about their first 3 recently finalized post-quantum encryption standards.

NIST finalized a key set of encryption algorithms designed to protect against future cyberattacks from quantum computers, which operate in fundamentally different ways from traditional computers. Listen as Brandon and Dustin discuss these algorithms and how quantum computing will change the way we view encryption and cyber attacks in the future.

Resources:

NIST Releases First 3 Finalized Post-Quantum Encryption Standards (NIST)

What is Post Quantum Cryptography? (NIST)

National Cybersecurity Center of Excellence (NCCoE)

Post-Quantum Cryptography Standardization Project (NIST)

Need to know: NIST finalizes post-quantum encryption standards essential for cybersecurity. (N2K CyberWire)

Solution Spotlight: Simone Petrella talking with Lee Parrish, CISO of Newell Brands, about his book and security relationship management.

Tue, 13 Aug 2024 06:00:00 -0000

On this Solution Spotlight, guest Lee Parrish, author and CISO at Newell Brands, joins N2K President Simone Petrella to discuss his book "The Shortest Hour: An Applied Approach to Boardroom Governance of Cyber Security" and security relationship management.

Streamlining the US Navy's innovation process: A conversation with Acting CTO Justin Fanelli.

Sun, 28 Jul 2024 06:00:00 -0000

N2K’s Brandon Karpf speaks with guest Justin Fanelli, Acting CTO of the US Navy, about the US Navy streamlining the innovation process. For some background, you can refer to this article.

Additional resources:

PEO Digital Innovation Adoption Kit
Atlantic Council’s Commission on Defense Innovation Adoption
For industry looking to engage with PEO Digital: Industry Engagement

Solution Spotlight: Progress on the National Cyber Workforce and Education Strategy.

Fri, 28 Jun 2024 05:00:00 -0000

On this Solution Spotlight, guest Seeyew Mo, Assistant National Cyber Director, Office of the National Cyber Director at the White House, shares the nuances of the White House's skills-based approach (and how it's not only about hiring) with N2K President Simone Petrella.

Seeyew shares a progress report on the National Cyber Workforce and Education Strategy nearly one year out.

For more information, you can visit the press release: National Cyber Director Encourages Adoption of Skill-Based Hiring to Connect Americans to Good-Paying Cyber Jobs.

The progress report Seeyew and Simone discuss can be found here: National Cyber Workforce and Education Strategy: Initial Stages of Implementation.

2024 Cyber Talent Study by N2K and WiCyS. [Special Edition]

Thu, 27 Jun 2024 05:00:00 -0000

Maria Varmazis, N2K host of T-Minus Space Daily, talks with WiCyS Executive Director Lynn Dohm and N2K's Simone Petrella, Dr. Heather Monthie, and Jeff Welgan about the 2024 Cyber Talent Study.

N2K and WiCyS have come together under a common mission to attract, retain, and advance more women in cybersecurity. Together, we strive to support women throughout their career journey, and secure the future of our industry.

This groundbreaking report leverages skills data from the professional members of Women in CyberSecurity (WiCyS), and offers valuable insights into cybersecurity competencies within the industry. The Cyber Talent Study establishes a new benchmark for understanding the capabilities and potential of women in cybersecurity, and can be used to inform both individual training needs and organizational strategies for career advancement and skills enhancement.

Resources:

Landing page: WiCyS Partners with N2K to deepen understanding of cyber competencies within the industry.
Study Launch article: WiCyS Partners with N2K Networks for Pioneering Cyber Talent Study.

Key Takeaways:

Outstanding Performance: WiCyS members have demonstrated exceptional performance across several key areas of the NICE Framework, underscoring the importance of WiCyS’s training and development programs.
Strategic Insights: Analysis revealed remarkable strengths and areas for development, providing WiCyS with actionable data to tailor future programs and initiatives and ensure its members remain at the forefront of cybersecurity excellence.
Actionable Insights for Cybersecurity Workforce Development: The study revealed critical areas for targeted development to enhance cybersecurity workforce readiness. This insight empowers WiCyS to tailor its programs specifically to meet the diverse needs of its members, ensuring all participants are prepared to take on significant roles and lead in the cybersecurity industry.
Leadership Readiness Among WiCyS Members: The study highlights that WiCyS members are highly skilled and uniquely prepared for leadership roles within the cybersecurity industry.
Proven Expertise in Critical Cybersecurity Domains: The data show the outstanding capabilities of WiCyS members within the cybersecurity landscape. Excelling in nearly every N2K Functional Area mapped to the NICE Framework, WiCyS members have shown they not only meet but exceed the standards in key domains.

You can access the final report of the 2024 Cyber Talent Study here.

Solution Spotlight on the 2024 NICE Conference Keynote: A Journey with No Destination: A CISO’s Pathway to a Cybersecurity Career. [Special Edition]

Mon, 03 Jun 2024 06:00:00 -0000

As part of our series on the 2024 NICE Conference, we turn our focus to the one of the keynote speakers of the conference. This year’s conference theme “Strengthening Ecosystems: Aligning Stakeholders to Bridge the Cybersecurity Workforce Gap” highlights the collective effort to strengthen the cybersecurity landscape. By joining forces with key partners, we can foster a more robust cybersecurity ecosystem to bridge the workforce gap.

In her keynote coming up on Tuesday, June 4th, Deneen DiFiore, Chief Information Security Officer of United Airlines, will discuss "A Journey with No Destination: A CISO’s Pathway to a Cybersecurity Career."

Prior to the conference, Simone Petrella, N2K President, caught up with Deneen DiFiore. They discussed Deneen's history with NICE, the importance of prioritizing cyber talent and workforce issues, what stakeholders need to more effectively tackle the cyber skills and experience gap across the profession, and more.

Find out more about the The Workforce Framework for Cybersecurity (NICE Framework) (NIST Special Publication 800-181, revision 1). Listen to our podcast about the update. Stay tuned for our coverage of the 2024 NICE Conference.

Solution Spotlight on the 2024 NICE Conference: Business Roundtable.

Sun, 02 Jun 2024 06:00:00 -0000

As part of our series on the 2024 NICE Conference, we turn our focus to the Business Roundtable. This year’s conference theme “Strengthening Ecosystems: Aligning Stakeholders to Bridge the Cybersecurity Workforce Gap” highlights the collective effort to strengthen the cybersecurity landscape. By joining forces with key partners, we can foster a more robust cybersecurity ecosystem to bridge the workforce gap. Business Roundtable is an association of chief executive officers of America’s leading companies working to promote a thriving U.S. economy and expanded opportunity for all Americans through sound public policy.

The Business Roundtable launched its Cybersecurity Workforce Corporate Initiative in December of 2022. In coordination with its members and inputs from experts at Department of Commerce’s National Initiative for Cybersecurity Education (NICE), it recently released a Cybersecurity Workforce Playbook to help employers create entry points to cybersecurity careers and strengthen cybersecurity talent pipelines across various industries and sectors.

Simone Petrella, N2K President, speaks with Erin White, Business Roundtable's Senior Director, Corporate Initiatives, about the Cybersecurity Workforce Corporate Initiative, the recently released Cybersecurity Workforce Playbook, key takeaways for the private sector, and how the Business Roundtable and NICE are working together to support these initiatives.

Find out more about the The Workforce Framework for Cybersecurity (NICE Framework) (NIST Special Publication 800-181, revision 1). Stay tuned for our coverage of the 2024 NICE Conference.

10 years on: The 10th anniversary of the first indictment of Chinese PLA actors. [Special Edition]

Sat, 18 May 2024 06:00:00 -0000

On this Special Edition podcast, Dave Bittner speaks with guest Dave Hickton, Founding Director, Institute for Cyber Law, Policy, and Security at the University of Pittsburgh, and former US Attorney, on this 10th Anniversary of the first indictment of Chinese PLA actors. Hear directly from Mr. Hickton what lead to the indictment, the emotions that went along with this unprecedented action, and the legacy of the event.

On May 19, 2014, a grand jury in the Western District of Pennsylvania (WDPA) indicted five Chinese military hackers for computer hacking, economic espionage and other offenses directed at six American victims in the U.S. nuclear power, metals and solar products industries.

The indictment alleges that the defendants conspired to hack into American entities, to maintain unauthorized access to their computers and to steal information from those entities that would be useful to their competitors in China, including state-owned enterprises (SOEs). In some cases, it alleges, the conspirators stole trade secrets that would have been particularly beneficial to Chinese companies at the time they were stolen. In other cases, it alleges, the conspirators also stole sensitive, internal communications that would provide a competitor, or an adversary in litigation, with insight into the strategy and vulnerabilities of the American entity.

US Attorney Dave Hickton represented the Western District of Pennsylvania and was the signatory on the indictment. His team worked with the FBI Cyber Team in Pittsburgh, PA to bring about this historic action.

Resources:

Cyber Talent Insights: Strengthening the cyber talent pipeline apparatus. (Part 3 of 3)

Fri, 26 Apr 2024 05:00:00 -0000

Join us for this special three-part series where the N2K Cyber Talent Insights team guides you through effective strategies to develop your cybersecurity team, helping you stay ahead in the constantly changing cybersecurity landscape.

In this episode, we center our conversation around the Cyber Workforce Pipeline. We discuss where the next great wave of talent is going to come.

We talk more about these sources of new talent, such as K-12 programs, higher education, and trade school programs, transitioning military, and other initiatives and programs focused on cultivating the next generation of cyber professionals.

Explore Cyber Talent Insights

N2K’s Cyber Talent Insights provides security leaders measurable and actionable insights on your organization’s current cyber roles and capabilities to maximize your talent investments and build a business case for better hiring, developing, maintaining, and retaining your technical talent pools. Learn how at n2k.com/talent-insights.

Connect with the N2K Cyber Workforce team on Linkedin:

Dr. Sasha Vanterpool, Cyber Workforce Consultant
Dr. Heather Monthie, Cybersecurity Workforce Consultant
Jeff Welgan, Chief Learning Officer

Resources for developing your cybersecurity teams:

Full interviews sampled in this episode:

Cyber Talent Insights: Charting your path in cybersecurity. (Part 2 of 3)

Fri, 19 Apr 2024 05:00:00 -0000

Join us for this special three-part series where the N2K Cyber Talent Insights team guides you through effective strategies to develop your cybersecurity team, helping you stay ahead in the constantly changing cybersecurity landscape.

In this episode, we shift our point of view to provide guidance for an individual's first career or perhaps considering a career change transitioning into the field. We discuss a market-driven approach to career development. We also explore how to discover one’s niche in cybersecurity, including how to stand out in this competitive market and align personal interests with career goals. Lastly, we examine the role certifications play when navigating your path throughout the talent acquisition, development, and retention of the cybersecurity workforce management lifecycle.

Explore Cyber Talent Insights

Connect with the N2K Cyber Workforce team on Linkedin:

Dr. Sasha Vanterpool, Cyber Workforce Consultant
Dr. Heather Monthie, Cybersecurity Workforce Consultant
Jeff Welgan, Chief Learning Officer

Resources for developing your cybersecurity teams:

Cyber Talent Insights: Navigating the landscape for enterprise organizations. (Part 1 of 3)

Fri, 12 Apr 2024 05:00:00 -0000

Join us for this special three-part series where the N2K Cyber Talent Insights team guides you through effective strategies to develop your cybersecurity team, helping you stay ahead in the constantly changing cybersecurity landscape.

In the first episode of the series on cybersecurity workforce development, we dive into the complex world of cyber workforce management and planning, particularly as it pertains to the perspective of the enterprise.

We explore the current state of the cybersecurity workforce, navigate various challenges in talent acquisition, and explore the nuances of job classifications, titles, compensation, and the dynamics of remote, onsite, and hybrid work environments.

Our experts further address talent development strategies like professional development, training, conferences, mentorship programs, communities of interest, and corporate cyber academies.

Finally, we touch upon the critical aspect of talent retention, an essential component in closing the cybersecurity talent gap. We hope you will join us on this journey.

Explore Cyber Talent Insights

Connect with the N2K Cyber Workforce team on Linkedin:

Dr. Sasha Vanterpool, Cyber Workforce Consultant
Dr. Heather Monthie, Cybersecurity Workforce Consultant
Jeff Welgan, Chief Learning Officer

Resources for developing your cybersecurity teams:

Unveiling the updated NICE Framework & cybersecurity education’s future.

Sun, 17 Mar 2024 05:00:00 -0000

The Workforce Framework for Cybersecurity (NICE Framework) (NIST Special Publication 800-181, revision 1) provides a set of building blocks for describing the Tasks, Knowledge, and Skills (TKS) that are needed to perform cybersecurity work by individuals or teams. Through these building blocks, the NICE Framework enables organizations to develop their workforces to perform cybersecurity work, and it helps learners to explore cybersecurity work and to engage in appropriate learning activities to develop their knowledge and skills.

On this Special Edition podcast, N2K CyberWire's Dave Bittner is joined by the team at NIST and FIU's Jack D. Gordon Institute for Public Policy to delve into the history of the NICE Framework through its latest update and looking into the future. Brian Fonseca, Director at the Jack D. Gordon Institute for Public Policy, shares an introduction to the NICE Framework. Karen Wetzel, NICE Framework Manager, discusses the updates to the framework. Rodney Petersen, Director of NICE, talks about what these updates mean to cybersecurity education's future.

Resources:

NICE Framework Resource Center
Getting Started with the NICE Framework
2024 NICE Conference and Expo: Strengthening Ecosystems: Aligning Stakeholders to Bridge the Cybersecurity Workforce Gap
Take advantage of the early bird pricing until March 19, 2024. Don’t miss out on this opportunity!
Jack D. Gordon Institute for Public Policy at Florida International University (FIU)
Veterans and First Responders Training Initiative
Intelligence Fellowship

And be sure to check out our live webinar: CISOs are the new Architects (of the Workforce)

Join N2K’s Simone Petrella and Intuit’s Kim Jones on Wednesday, March 27th for an online discussion about the pivotal role security leaders play in shaping the security workforce landscape, and how we can start showing up for the future of our industry. Learn more and register on the event page.

Setting better cyber job expectations to attract and retain talent.

Sun, 10 Mar 2024 06:00:00 -0000

In honor of Women's History Month, please enjoy this encore of Dr. Sasha Vanterpool's webinar.

In this webinar, N2K Networks Cyber Workforce Consultant Dr. Sasha Vanterpool shares how to update job descriptions to better reflect cyber role expectations to improve hiring, training, and retention.

To view the original webinar on demand, visit here.

Putting a dent in the cybersecurity workforce gap.

Mon, 15 Jan 2024 06:00:00 -0000

In this special edition of Solution Spotlight, N2K President, Simone Petrella is talking with ISC2 CEO Clar Rosso about putting a dent in the cybersecurity workforce gap through empowerment, breaking down barriers and expanding DE&I initiatives.

Breaking Through: Securing the advancement of women in cybersecurity.

Sun, 19 Nov 2023 06:00:00 -0000

In the dynamic field of cybersecurity, it’s well established that creating more opportunities for diversity and inclusion is essential for developing a highly skilled workforce. As an industry, we are starting to see the fruits of that labor, but there is a growing need for diverse leadership to nurture continuous innovation and resilience in cybersecurity.

As part of N2K’s 2023 Women in Cyber content series, we’re excited to host an engaging virtual panel discussion moderated by N2K's President Simone Petrella featuring insights, experiences, and strategies for advancing more women into leadership roles within the field.

This virtual discussion explores different areas including:

Navigating the Cybersecurity Landscape: Gain insights into our guests' career journeys, including mentors, challenges, and success, and how the evolving landscape may present different challenges and opportunities for women.
Building a Supportive Ecosystem: Explore the importance of mentorship, allyship, and a strong network in propelling women into leadership, and how to create an environment where everyone can thrive.
Closing the Gender Gap: Delve into actionable strategies and best practices for organizations to promote gender diversity in their cybersecurity leadership teams.
The Future of Cybersecurity Leadership: Gain a forward-looking perspective on the evolving role of women in shaping the future of cybersecurity.

This panel discussion is a must-listen event for professionals, leaders, and aspiring cybersecurity experts who are committed to promoting diversity and empowering women to excel in cybersecurity leadership. Don't miss the opportunity to be part of this inspiring conversation and drive positive change in the industry.

Panelists:

Abisoye Ajayi, Cyber & Analytics Manager at Tulsa Innovation Labs
Koma Gandy, VP, Leadership & Business at Skillsoft
Lauren Zabierek, Sr. Advisor at CISA

CyberCon 2023: A unique mix of critical infrastructure and cybersecurity.

Sun, 05 Nov 2023 05:00:00 -0000

As we progress in this technological age, both cybersecurity and critical infrastructure continue to be at the forefront of prevention, protection, mitigation, and recovery conversation topics. From a frontline worker to the top of the C-Suite, security is something we all should be aware of and concerned about. The CyberCon event began in 2018 and provides an opportunity to learn more about cybersecurity and critical infrastructure as well as collaborate with fellow security professionals.

Dave Bittner recently spoke at CyberCon 2023 at Bismarck State College in North Dakota. While there, he had the opportunity to interview 4 members of the conference planning committee (all past or current chairs of the event) for a better understanding of the event, its focus on a mix of critical infrastructure and cybersecurity, and how the event has evolved over the years.

Dave speaks with:

Troy Walker, Director of Sales and Marketing at Dakota Carrier Network & 2023 conference chair, sharing the history of CyberCon its unique focus on critical infrastructure and cybersecurity.
Tony Aukland, Technology Outreach Manager for the State of North Dakota IT & previous conference chair, giving us the truth about CyberCon and its origin story.
Bill Heinzen, Information Security Team Lead at National Information Solutions Cooperative and previous event chair, talking about developing the cybersecurity candidate pool in North Dakota.
John Nagel, CEO and Founder of CYBERNET SECURITY and past event chair, discussing sustainability of the CyberCon and its critical infrastructure focus.

Threat intelligence discussion with Chris Krebs.

Mon, 25 Sep 2023 05:00:00 -0000

In this extended interview, Simone Petrella sits down with Chris Krebs of the Krebs Stamos Group at the mWise 2023 Cybersecurity Conference to discuss threat intelligence .

A joint advisory on post-quantum readiness.

Wed, 30 Aug 2023 05:00:00 -0000

In this extended interview, Dave Bittner sits down with Natasha Eastman from the Cybersecurity and Infrastructure Security Agency (CISA), Bill Newhouse from the National Institute of Standards and Technology (NIST), and Troy Lange from the National Security Agency (NSA) to discuss their their recent joint advisory on post-quantum readiness and how to prepare for post-quantum cryptography.

You can find the joint advisory here:

An introduction to the National Cryptologic Museum.

Mon, 27 Mar 2023 05:00:00 -0000

Rick Howard, N2K’s CSO and The CyberWire’s Chief Analyst and Senior Fellow, sits down with Director of the National Cryptologic Museum, Dr. Vince Houghton. The National Cryptologic Museum is the NSA's affiliated museum sharing the nation's best cryptologic secrets with the public. In this special episode, Rick interviews Dr. Houghton from within the walls of the National Cryptologic Museum, discussing the new and improved museum along with the new exhibits they uncovered during the pandemic.

Two viewpoints on the National Cybersecurity Strategy.

Sun, 26 Mar 2023 05:00:00 -0000

Earlier this month, the White House released the National Cybersecurity Strategy, the first issued since 2018. The strategy refocuses roles, responsibilities, and resource allocations in the digital ecosystem, with a five pillar approach. Those pillars are: defending critical infrastructure, disrupting threat actors, shaping market forces to drive security and resilience, investing in a resilient future, and forging international partnerships.

We wanted to delve into the strategy and its intended effects further, so Dave Bittner spoke with representatives from industry and inside government. Dave first speaks with Adam Isles, Principal and Head of Cybersecurity Practice at The Chertoff Group, sharing industry's take on the strategy. Following that conversation, Dave had a discussion with Steve Kelly, Special Assistant to the President and Senior Director for Cybersecurity and Emerging Technology at the National Security Council, for a look at the strategy from inside the White House.

Links to resources:

Point of View: 2023 National Cybersecurity Strategy The Chertoff Group's blog
National Cybersecurity Strategy 2023

CyberWire commentary: Ukraine one year on.

Fri, 03 Mar 2023 06:00:00 -0000

CyberWire Daily podcast host Dave Bittner is joined by CyberWire editor John Petrik for an extended discussion about the Russian invasion of Ukraine and its effect on cybersecurity at the one year anniversary. John and his team have covered the Ukrainian conflict with daily news stories since the invasion began, and in fact, had quite a lot of coverage prior to the invasion. They take stock of where things stand, what has happened, and what we expected versus reality.

Modernizing the U.S. Navy's cybersecurity posture.

Mon, 20 Feb 2023 06:00:00 -0000

Dave Bittner had a conversation with Commander Brandon Campbell of US Navy Cyber Defense Operations Command and Captain Steve Correia, Commanding Officer of Naval Network Warfare Command. They discussed the Navy’s cybersecurity advances and how they have implemented them.

Commander Brandon Campbell is the former Operations Director at Navy Cyber Defense Operations Command and Task Force 1020 where they protect, detect, and respond to global cyber threats against Navy networks.

Captain J. Steve Correia is the Commanding Officer of Naval Network Warfare Command and the Commander of Task Force 1010 under the U.S. Navy’s Fleet Cyber Command where they execute tactical-level command and control to direct, operate, maintain and secure Navy communication and network systems.

Interview with the AI, part one.

Sun, 29 Jan 2023 06:00:00 -0000

Cybersecurity interview with ChatGPT.

In part one of CyberWire’s Interview with the AI, Brandon Karpf interviews ChatGPT about topics related to cybersecurity. Rick Howard joins Brandon to analyze the conversation and discuss potential use cases for the cybersecurity community.

ChatGPT is a chatbot launched by OpenAI and built on top of OpenAI’s GPT-3 family of large language models.

Cyber questions answered by ChatGPT in part one of the interview.

What were the most significant cybersecurity incidents up through 2021?
What leads you to characterize these specific events as significant?
What were the specific technical vulnerabilities associated with these incidents?
Who were the cyber actors involved in each of these attacks?
Do you think it's valuable to attribute cyber attacks to specific actors?

Cyber Marketing Con 2022: From the horse’s mouth: CISO Q&A on solving the cyber marketer’s dilemma.

Wed, 25 Jan 2023 06:00:00 -0000

At the 2022 Cyber Marketing Con, the CyberWire presented a CISO Q&A panel session on how to help cyber marketers reach CISOs and other security executives in the industry. The panel included Rick Howard, CSO of N2K Networks, Jaclyn Miller, Head of InfoSec and IT at DispatchHealth, Ted Wagner, CISO of SAP NS2, and was moderated by board director & and operating partner, Michelle Perry.

Listen in as the panel discusses:

What works and doesn’t work in getting a security executive’s attention.
Message trust, message fatigue, and what you can do about it.
Trusted information sources and how security executives use them.
Positioning and messaging that is actually meaningful to decision makers.
The security executive’s purchasing behavior and why skepticism is the driving force.

Stay tuned until the end to hear us answer some additional bonus questions submitted by attendees.

Women in Cybersecurity panel: A discussion on hidden figures of cyber skills gap.

Mon, 02 Jan 2023 06:00:00 -0000

On Thursday October 20, 2022, the CyberWire was pleased to host the annual Women in Cybersecurity Reception at the International Spy Museum in Washington, DC. This annual event brought together almost 300 people to highlight and celebrate the value and successes of women in the cybersecurity industry. The reception included an industry-led panel discussion called “The Hidden Impact of Cybersecurity’s Talent Gap on the Cyber-Enabled Community,” discussing cyber-enabled professionals who aren’t usually included in conversations around the cybersecurity skills gap. The panel, moderated by Simone Petrella of CyberVista, included perspectives from experts including Davida Gray of MindPoint Group, Jennifer Walsmith of Northrop Grumman, Kyla Guru of Bits N’ Bytes, and Amy Mushahwar from Alston & Bird.

A conversation with members of Baltimore FBI: Special Agent in Charge, Tom Sobocinski, and Supervisory Special Agent for Cyber, Tom Breeden.

Tue, 13 Sep 2022 21:50:00 -0000

In this extended interview, CyberWire Daily Podcast host Dave Bittner sits down with members of the FBI's Baltimore field office: Special Agent in Charge, Tom Sobocinski, and Supervisory Special Agent for Cyber, Tom Breeden. As part of the FBI's cybersecurity awareness campaign, they discuss what the FBI can do to enhance and amplify cyber efforts in ways unlike any other public or private organization. This interview from August 30, 2022 originally aired as a shortened version on the CyberWire Daily Podcast.

A conversation with Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly.

Fri, 15 Jul 2022 20:15:00 -0000

In this extended interview, CyberWire Daily Podcast host Dave Bittner sits down with Cybersecurity and Infrastructure Security Agency (CISA) Director Jen Easterly to discuss her time at CISA and the work of her team. This interview from July 15, 2022 originally aired as a shortened version on the CyberWire Daily Podcast.

CyberWire Live: Hack the Port 2022 Fireside chat.

Sun, 17 Apr 2022 05:00:00 -0000

At the Hack the Port 2022 event, the CyberWire held a CyberWire Live event. CyberWire Daily Podcast host Dave Bittner was joined by Roya Gordon, OT/IoT Security Research Evangelist at Nozomi Networks, and Christian Lees, CTO at Resecurity. During this fireside chat format session, Dave and our guests discussed ICS, OT cybersecurity, the role of security research and demos, supply chain compromise, and IT/OT security trends among other things. Thanks to the team at MISI/DreamPort for this opportunity.

The CyberWire: The 12 Days of Malware.

Sat, 25 Dec 2021 06:00:00 -0000

The 12 Days of Malware lyrics

On the first day of Christmas, my malware gave to me:

A keylogger logging my keys.

On the second day of Christmas, my malware gave to me:

2 Trojan Apps...

And a keylogger logging my keys.

On the third day of Christmas, my malware gave to me:

3 Web shells...

2 Trojan Apps...

And a keylogger logging my keys.

On the fourth day of Christmas, my malware gave to me:

4 Crypto scams...

3 Web shells...

2 Trojan Apps...

And a keylogger logging my keys.

On the fifth day of Christmas, my malware gave to me:

5 Zero Days!

4 Crypto scams...

3 Web shells...

2 Trojan Apps...

And a keylogger logging my keys.

On the sixth day of Christmas, my malware gave to me:

6 Passwords spraying...

5 Zero Days!

4 Crypto scams...

3 Web shells...

2 Trojan Apps...

And a keylogger logging my keys.

On the seventh day of Christmas, my malware gave to me:

7 Scripts a scraping...

6 Passwords spraying...

5 Zero Days!

4 Crypto scams...

3 Web shells...

2 Trojan Apps...

And a keylogger logging my keys.

On the eighth day of Christmas, my malware gave to me:

8 Worms a wiping...

7 Scripts a scraping...

6 Passwords spraying...

5 Zero Days!

4 Crypto scams...

3 Web shells...

2 Trojan Apps...

And a keylogger logging my keys.

On the ninth day of Christmas, my malware gave to me:

9 Rootkits rooting...

8 Worms a wiping...

7 Scripts a scraping...

6 Passwords spraying...

5 Zero Days!

4 Crypto scams...

3 Web shells...

2 Trojan Apps...

And a keylogger logging my keys.

On the tenth day of Christmas, my malware gave to me:

10 Darknet markets...

9 Rootkits rooting...

8 Worms a wiping...

7 Scripts a scraping...

6 Passwords spraying...

5 Zero Days! (Bah-dum-dum-dum!)

4 Crypto scams...

3 Web shells...

2 Trojan Apps...

And a keylogger logging my keys.

On the eleventh day of Christmas, my malware gave to me:

11 Phishers phishing...

10 Darknet markets...

9 Rootkits rooting...

8 Worms a wiping...

7 Scripts a scraping...

6 Passwords spraying...

5 Zero Days! (Bah-dum-dum-dum!)

4 Crypto scams...

3 Web shells...

2 Trojan Apps...

And a keylogger logging my keys.

On the twelfth day of Christmas, my malware gave to me:

12 Hackers hacking...

11 Phishers phishing...

10 Darknet markets...

9 Rootkits rooting...

8 Worms a wiping...

7 Scripts a scraping...

6 Passwords spraying...

5 Zero Days!

4 Crypto scams...

3 Web shells...

2 Trojan Apps...

And a keylogger logging my keys.

Rediscover trust in cybersecurity: A women in cybersecurity podcast.

Sun, 05 Dec 2021 06:00:00 -0000

It's important for employees to be brought into the fold as security's allies, rather than as its adversaries. For cybersecurity teams that operate with an adversarial mindset appropriate for external threats, it can be challenging to approach internal threats differently. You can't treat employees the same way you treat nation-state hackers. But employees play a pivotal role in preventing data leaks, making it important to create a company-wide culture of transparency. Transparency feeds trust, which builds a strong foundation for Security Awareness Training to be truly effective.

The CyberWire's Jennifer Eiben hosts this women in cybersecurity podcast. Kathleen Smith of ClearedJobs.Net moderates the panel. Panelists include Michelle Killian from Sponsor Code 42, Sam Humphries of Exabeam, and Masha Sedova of Elevate Security.

Zero trust: a change in mindset.

Mon, 31 May 2021 05:00:00 -0000

Guest Lenny Zeltser, CISO of Axonius, sits down with the CyberWire's CSO and Chief Analyst Rick Howard to discuss one of Rick's favorite topics, zero trust. Lenny shares his views on this cybersecurity first principle, taking into account changes in mindsets during the COVID-19 pandemic that have necessitated many to move toward zero trust.

Hank Thomas and Mike Doniger, getting the specs on the cyber SPAC. [update]

Tue, 16 Feb 2021 16:30:00 -0000

In this special edition, our extended conversation with Hank Thomas and Mike Doniger from their new company SCVX. Both experienced investors, their plan is to bring a new funding mechanism known as a SPAC to cyber security which, they say, is new to the space.

February 2021 Update: we revisit the topic with guest Hank Thomas to hear the latest on SPACs.

In the clear: what it's like working as a woman in the cleared community.

Sun, 07 Feb 2021 06:00:00 -0000

This special edition podcast highlights three women, Priyanka, Ashley and Lauren, who chose to focus their careers in cybersecurity for the mission-based organization Northrop Grumman. Kathleen Smith from ClearedJobs.Net joins us as our panel moderator. The CyberWire's Jennifer Eiben hosts the event. We are excited to share this look into the world of women in cybersecurity.

David Sanger on the HBO documentary based off his book, "The Perfect Weapon".

Sun, 01 Nov 2020 05:00:00 -0000

On this Special Edition, our extended conversation with author and New York Times national security correspondent David E. Sanger. The Perfect Weapon explores the rise of cyber conflict as the primary way nations now compete with and sabotage one another. ‌

Eric Haseltine on his book, "The Spy in Moscow Station."

Sun, 02 Feb 2020 06:00:00 -0000

On this Special Edition, our extended conversation with Eric Haseltine on his book "The Spy in Moscow Station." The book... "tells of a time when—much like today—Russian spycraft had proven itself far beyond the best technology the U.S. had to offer. The perils of American arrogance mixed with bureaucratic infighting left the country unspeakably vulnerable to ultra-sophisticated Russian electronic surveillance and espionage."

Hank Thomas and Mike Doniger, getting the specs on the cyber SPAC

Sun, 26 Jan 2020 06:00:00 -0000

February 2021 Update: we revisit the topic with guest Hank Thomas to hear the latest on SPACs.

Ron Gula and Mike Janke - VC pitfalls and how to avoid them

Mon, 30 Dec 2019 06:00:00 -0000

In this CyberWire special edition, advice from a pair of seasoned cyber security investors. Ron Gula caught our eye with an article he recently penned titled "Cyber entrepreneur pitfalls you can avoid." In it, he gathers a group of tech investors to get their takes on the dos and don'ts of pitching to venture capitalists. Ron runs Gula Tech Adventures along with his wife Cindi, where they aim to support the next generation of cyber technology strategy and policy. DataTribe's Mike Janke joins the conversation with his experiences guiding hopeful young entrepreneurs through the pitch process.

Capturing the flag at NXTWORK 2019

Sun, 15 Dec 2019 06:00:00 -0000

Capture the Flag competitions are an increasingly popular and valuable way for both cyber security students and seasoned professionals to test their skills, stay sharp and maybe even put a bit swagger on display. We set out to capture the excitement of a capture the flag event. As luck would have it, our sponsors at Juniper Networks were hosting a capture the flag hackathon at their annual NXTWork conference in Las Vegas, and they invited our CyberWire team to join them to experience it for ourselves.

Peter W. Singer author of LikeWar

Sat, 30 Nov 2019 06:00:00 -0000

In this CyberWire special edition, an extended version of our conversation from earlier this year with Peter W. Singer. We spoke not long after the publication of his book, Like War - the Weaponization of Social Media.

John Maeda author of How to Speak Machine

Fri, 29 Nov 2019 06:00:00 -0000

In this CyberWire special edition, a conversation with John Maeda. He’s a Graphic designer, visual artist, and computer scientist, and former President of the Rhode Island School of Design and founder of the SIMPLICITY Consortium at the MIT Media Lab. His newly released book is How to Speak Machine - Computational Thinking for the Rest of Us.

Andy Greenberg from WIRED on his book "Sandworm."

Mon, 11 Nov 2019 06:00:00 -0000

In this CyberWire special edition, a conversation with Andy Greenberg, senior writer at WIRED and author of the new book "Sandworm - A New Era of CyberWar and the Hunt for the Kremlin’s Most Dangerous Hackers." It’s a thrilling investigation of the Olympic Destroyer malware, and an accounting of the new era in which we find ourselves, where nation states can target their adversaries critical infrastructure, and the often unintended consequences that follow.

Insider Threats

Sun, 03 Nov 2019 05:00:00 -0000

What’s an insider threat? Loosely, it’s a threat that operates from within your organization. In this CyberWire special edition, our UK correspondent Carole Theriault speaks with experts who’ll talk us through the different ways insider threats manifest themselves.

A quick note - when Carole interviewed Dr. Richard Ford he was with Forcepoint.

Cult of the Dead Cow author Joseph Menn extended interview

Sun, 28 Jul 2019 05:00:00 -0000

Our guest today is Joseph Menn. He’s a longtime investigative reporter on technology issues, currently working for Reuters in San Francisco. He’s the author of several books, the latest of which is titled Cult of the Dead Cow - How the original hacking supergroup might just save the world.

The Fifth Domain coauthor Richard A. Clarke

Sun, 21 Jul 2019 05:00:00 -0000

Our guest today is Richard A. Clarke, former National Coordinator for Security, Infrastructure Protection and Counter-terrorism for the United States. Under President George W. Bush he was appointed Special Advisor to the President on cybersecurity. He’s currently Chairman of Good Harbor Consulting. He’s the author or coauthor of several books, the latest of which is titled The Fifth Domain - Defending Our Country, Our Companies, and Ourselves in the Age of Cyber Threats.

This is an extended version of an interview originally aired on the July 19, 2019 edition of the CyberWire daily podcast.

The ghost and the mole; Eric O'Neill's Gray Day

Sun, 14 Apr 2019 05:00:00 -0000

Eric O’Neill is a former FBI counterintelligence and counterterrorism operative, and founder of the Georgetown Group, a security and investigative firm, as well as national security strategist for Carbon Black. In his book Gray Day, My Undercover Mission to Expose America’s First Cyber Spy, Eric O’Neil shares the fascinating and sometimes harrowing tale of his experience being assigned to help expose Robert Hanssen, the FBI’s most notorious mole. In 2001 Hanssen pleaded guilty to multiple charges of espionage for sharing classified information with the Soviet Union and Russia over the course of over two decades.

Making the business case for privacy.

Tue, 23 Oct 2018 16:00:00 -0000

In this cyberwire special edition, my guest is Cisco’s Chief Privacy Officer Michelle Dennedy. We discuss what exactly a chief privacy officer does at a global organization like Cisco, why she thinks we’re in the early stages of a privacy revolution, why we all tend to shake our heads cynically when I company claims, “Your privacy is important to us” and how, maybe, respecting the privacy of your users and customers could be a competitive advantage.

This conversation continues on Michelle Dennedy's podcast, Privacy Sigma Riders.

https://www.cisco.com/c/en/us/about/trust-center/privacy-podcast.html

Meddling with the midterms

Wed, 17 Oct 2018 20:30:00 -0000

Kim Zetter is longtime cybersecurity and national security reporter for the New York Times, and author of the book Countdown to Zero Day. She joins us to discuss her recent feature for the New York Times Magazine, titled The Crisis of Election Security. In it she explores the structure and fragile integrity of the US election system, how we got to where we are today, and what can be done to reestablish confidence in the system.

Link to Kim Zetter's feature The Crisis of Election Security:

https://www.nytimes.com/2018/09/26/magazine/election-security-crisis-midterms.html

Data-centric security.

Wed, 01 Aug 2018 16:00:00 -0000

In this CyberWire special edition, we take a look at data-centric security, focusing on the security of the data itself, rather than the surrounding networks, application or servers.

To help us on our journey of understanding we’ve lined up a number of industry experts. Ellison Anne Williams is CEO of Enveil, a company that’s developed cutting edge encryption techniques. Adam Nichols is principle of software security at Grimm, a cybersecurity engineering and consulting firm. Mark Forrest is CEO of Cryptshare, maker of secure electronic communication technologies for the exchange of business sensitive information. And John Prisco is CEO at QuantumXchange, a provider of what they claim is unbreakable quantum-safe encryption.

2018 RSAC Outlook

Tue, 08 May 2018 15:38:00 -0000

Just before the RSA conference this year, we spoke with a pair of industry experts for their take on the year so far, and what they expect to see in the coming months. In this CyberWire Special Edition, we hear from Craig Williams, Director of Talos Outreach at Cisco, and later in the show from Jon Rooney, Vice President of Product marketing at Splunk.

Blockchains that bind us

Wed, 28 Mar 2018 16:00:00 -0000

The past few month have been all abuzz with excitement about cryptocurrencies and the blockchain. The price of Bitcoin took a rocket ride toward the stars, and stories were coming fast and furious about how the blockchain was going to tranform and revolutionize just about everything.

Jonathan Katz is a professor of computer science at the University of Maryland and director of the Maryland cybersecurity center. As we’ll hear in this CyberWire special edition, he’s been following blockchain technology and cryptocurrency from its humble beginnings, and he’s our guide to understanding how it all works.

2018 forecast

Fri, 26 Jan 2018 15:32:00 -0000

It’s fair to say that 2017 was a busy year when it came to cyber security, and as we head into 2018 there’s certainly no sign of things slowing down. Days into the new year the news of serious vulnerabilities like Meltdown and Spectre, the ongoing threat of ransomware, major data and privacy breaches, and political unrest around the world, well, hold onto your hats, it looks like we may be in for a bumpy ride.

In this CyberWire special edition, we’ve gathered a group of seasoned cyber security experts to share their views on what we might expect over the coming year.

Nate Beach-Westmoreland is Head of Strategic Threat Intelligence at Booz Allen's Cyber4Sight.

https://www.linkedin.com/in/natebeachw/

Christopher Porter is Chief Intelligence Strategist at FireEye.

https://www.linkedin.com/in/christopher-porter-039620112/

Caleb Barlow is Vice President Threat Intelligence at IBM Security.

https://www.linkedin.com/in/calebbarlow/

Building your cyber security career

Thu, 30 Nov 2017 13:09:00 -0000

In this CyberWire special edition, we take a closer look at finding your career in cyber security. Just how important is that degree? Does it make sense to invest in certifications? What are employers really looking for when they’re searching for qualified cyber security talent? And why is it critical that you not just hunt down a sexy, high paying job, but build yourself a fulfilling career?

Sharing their insights and expertise are Kathleen Smith, CMO from Clearedjobs.net and cybersecjobs.com, and Robert M. Lee, CEO of Dragos.

GDPR: Privacy from Across the Pond

Mon, 09 Oct 2017 21:48:00 -0000

Following major breach revelations from Equifax, Yahoo!, Deloitte and the US Securities and Exchange commission, there have been many calls in the US for increased legislation and regulation that would force better privacy and identity management practices.

In this CyberWire special edition, we’ll ask some cyber security experts about GDPR, what it means for privacy and data use, the right to be forgotten, the penalties for noncompliance, and what it means for organizations outside the EU.

Joining us are Steve Durbin, Managing Director of the Information Security Forum, a not-for-profit organization providing its members with guidance on cyber, information security and risk management, Brett Hansen, Vice President of data security solutions at Dell, one of the largest suppliers of computer hardware, software and services in the world, and Darron Gibbard, CTSO at Qualys, a global provider of cloud-based security and compliance solutions.

NIST Cybersecurity Framework

Wed, 30 Aug 2017 12:49:00 -0000

Having a set of standards by which to measure your security organization, being able to compare your security posture to other organizations, and being able to justify your choices to investors and insurance firms are all worthwhile goals? It’s beneficial to have widely agreed upon standards of care and measurement in cyber security, to help know where you stand, where there’s room for improvement, and what’s important to you.

That’s where frameworks come in, and the NIST cybersecurity framework is one of the most popular in the cybersecurity industry. In this CyberWire special edition, we’ll examine frameworks in general and the NIST cybersecurity framework specifically, to see if adopting them is worth the time, energy and expense it takes.

Joining us are Rick Tracy, Chief Security Officer for Telos corporation, Rafal Los, Managing Director of the Solutions and Programs insight group at Optiv Security, and Matt Barrett, Program Manager for the Cyber Security Framework at NIST. Stay with us.

Black Hat 2017 - Research and Investment

Tue, 01 Aug 2017 13:35:00 -0000

Black Hat 2017 has wrapped up, and by all accounts it was another successful conference, with an active trade show floor, exciting keynotes and engaging, informative educational sessions on a variety of topics. There was business being done, with hopeful entrepreneurs and investors alike looking to identify the next big thing in cyber security. In this CyberWire special edition, we’ve rounded up a handful of presenters and one investor for a taste of Black Hat, to help give you a sense of the event.

Patrick Wardle is Chief Security Researcher at Synack, and creator of objective-see, an online site where he publishes the personal tools he’s created to help protect Mac OS computers. He’ll be telling us about his research on the FruitFly malware recently discovered on Mac OS.

https://objective-see.com/

Hyrum Anderson is technical director of data science at Endgame, he will discuss research he released on stage at Black Hat showing the pros and cons of using machine learning from both a defender and attacker perspective.

https://www.endgame.com/our-experts/hyrum-anderson

Zack Allen, Manager of Threat Operations, and Chaim Sanders, Security Lead, of ZeroFOX will be speaking about their Black Hat presentation on finding regressions in web application firewall (WAF) deployments.

https://www.linkedin.com/in/zack-allen-12749a76

https://www.linkedin.com/in/chaim-sanders-a7a23713/

And we’ll wrap it up with some insights from Alberto Yepez, founder and managing director of Trident Cybersecurity, on the investment environment and the changes he’s seen in the market in the last year.

https://www.linkedin.com/in/albertoyepez/

IoT 2017 – Securing the Things: A CyberWire Special Edition

Thu, 29 Jun 2017 11:00:00 -0000

The IoT, or Internet of Things, broadly defined is the collection of physical objects with IP addresses, connected to the internet. From consumer devices like security cameras, DVRs, and smart thermostats to industrial control systems and autonomous cars, the IoT offers potential for both opportunity and vulnerability.

In the first half of this CyberWire Special Edition, we speak with IoT experts Katie Curtin, director of IoT cyber security product management for AT&T, and Chris Poulin, Principal at Booz Allen Hamilton, where he leads internet of things security strategy for their strategic innovation group, as well as their industrial control group.

They provide their take on the current state of the internet of things for consumers, enterprise, industrial control and even self-driving cars.

In the second part of our program, we examine third party risk. Ponemon Institute recently released an independent research report titled, “The Internet of Things - a New Era of Third Party Risk.” Dr. Larry Ponemon is the chairman and founder of Ponemon Institute, and he’s going to take us through some of the report’s findings, but first we’ll hear from Gary Roboff, a senior advisor at Shared Assessments and their Santa Fey group, who were the sponsors of the report.

Women in Cybersecurity 2017: A CyberWire Special Edition

Wed, 12 Apr 2017 11:00:00 -0000

The 2017 Women in Cybersecurity conference was held in Tucson Arizona, and the CyberWire was on hand to cover the event. We spoke with a variety of cyber security professionals, at different stages of their careers. We covered some of their career journeys and professional insights on our daily podcast, and in this special edition learn why a women in cybersecurity conference is more important than ever, what they wish they knew when they were starting out, as well as some advice for the men in the industry.

RSA 2017 Roundup – Perspectives, Pitches and Predictions

Tue, 07 Mar 2017 01:00:00 -0000

In this CyberWire 2017 RSA Conference special edition, we wrap up our show coverage with insights from experts, about the trends they’re seeing, the products they’re pitching, and where they think we, as an industry, need to go.

Guests include:

Mark Dufresne, Director, Threat Research and Adversary Prevention, Endgame

https://www.linkedin.com/in/mark-dufresne-b3275610a/

James Lyne, Global Head of Security Research, Sophos

https://www.linkedin.com/in/jameslyne/

Emily Mossburg, Principal, Cyber Risk Services Leadership Team, Deloitte & Touche

https://www.linkedin.com/in/emilymossburg/

Mark Nunnikhoven, Vice President, Cloud Research, Trend Micro

https://www.linkedin.com/in/marknca/

Levi Gundert, Vice President of Intelligence and Strategy, Recorded Future

https://www.linkedin.com/in/levigundert/

Carl Leonard, Principal Security Analyst, Forcepoint

https://www.linkedin.com/in/carl-leonard-5486405/

Evan Blair, Founder, ZeroFOX

https://www.linkedin.com/in/evanblair/

Gabby Nizri, Founder and CEO, Ayehu Software Technologies

https://www.linkedin.com/in/gabbynizri/

Jason Porter, Vice President Security Solutions, AT&T

https://www.linkedin.com/in/jason-porter-4a604757/

If I Only Had a Brain... Artificial Intelligence Gets Real at RSA 2017

Tue, 28 Feb 2017 01:00:00 -0000

At the 2017 RSA conference, artificial intelligence and machine learning were on just about everyone’s list of hot topics. Countless companies are offering AI and ML solutions, with many of them claiming “game changer” status. In this CyberWire special edition, we gather a group of experts to help sort through the hype, try to agree on some definitions, demystify the technology, and make the business case for artificial intelligence.

2017 Cyber Security Forecast

Tue, 31 Jan 2017 18:43:00 -0000

WWhat are you expecting in 2017 when it comes to cyber security? There are sure to be attacks like we saw last year, ransomware and botnets, IoT vulnerabilities we just didn’t see coming. And what about all of those unfilled jobs? Can automation help fill the gap? Is the board room finally going to give cyber the attention it deserves? How will president Trump affect cyber policy?

Buying Cyber Security

Fri, 30 Dec 2016 11:00:00 -0000

Every day there seems to be a new security product on the market, with many of them claiming they provide something that you simply can’t live without. Companies appear and disappear, and businesses are faced with difficult, confusing, and often expensive choices. In this CyberWire special edition, we explore how businesses are navigating the process of choosing products and technologies in a crowded marketplace. We talk to some key stakeholders to find out what drives their purchasing decisions, and what they wished their vendors knew before they came knocking on their doors.

Securing a Deal - Cyber Security Venture Capitalists on what they look for. A CyberWire Special Edition.

Tue, 29 Nov 2016 18:30:00 -0000

In this CyberWire Podcast Special Edition, we examine the current state of investment in cyber security, speak to experts in the field, and learn from top cyber security-focused venture capitalists what they expect before they invest.

Exploring Cyber Security Education

Fri, 28 Oct 2016 16:30:00 -0000

In this CyberWire Podcast Special Edition, we examine the current state of cyber security education, speak to experts in the field, and learn about what it’s going to take to prepare the next generation of cyber security professionals.

Fundraising and Cyber Startups

Wed, 31 Aug 2016 10:30:00 -0000

Whether your bootstrapping your business on your own, borrowing from friends and family or going for your Series A venture capital round, raising money is something most business owners have to deal with, sooner or later. We spoke with experienced business leaders in cyber security to find out what they did to fund their companies, lessons they learned, and what advice they’d give.

Black Hat, Part 2 - Trends and Insights from Industry Leaders

Tue, 09 Aug 2016 17:51:00 -0000

The 2016 Black Hat conference is in the books, and we wrap up our coverage with more insights from industry leaders on what trends they’re seeing, and where they think the industry is headed.

Black Hat - Cyber Security Trends and Investment

Thu, 04 Aug 2016 21:00:00 -0000

The 2016 Black Hat conference is underway in Las Vegas this week, and in this special report from the show floor we’ll hear from industry leaders about industry trends, and from venture capital funders about what they need to see before saying yes, and why it’s harder to get startup funding than it used to be.

Quantifying Cyber Risk

Tue, 19 Jul 2016 10:00:00 -0000

Cyber security comes down to risk management, and it’s hard to manage what can’t be measured. How can cyber risk be credibly quantified and communicated? We’ll talk to companies developing technology solutions aimed at quantifying cyber risk and hear from insurance experts and other industry stakeholders grappling with this important new challenge facing businesses today.

In Their Own Words — The 2016 Women in Cybersecurity Conference

Thu, 07 Apr 2016 20:38:00 -0000

The people we spoke to at 2016's Women in Cybersecurity Conference had a remarkable diversity of career and academic backgrounds, as well as life experiences. Many themes emerged from our conversations, including the importance of mentorship, willingness to try new things and take risks, and the importance of flexibility and communications skills. They also dispelled some myths, including the notion that you need to have a technical background for a career in cyber security.

We sat down with a range of women, from students to industry leaders, for candid conversations about their personal journeys, their experiences as women in a male dominated field, and their advice to women considering a career in cybersecurity.

RSA Special: Trade and Investment

Thu, 10 Mar 2016 21:28:00 -0000

RSA in an international conference, with attendees and exhibitors from around the world.

Andy Williams is the UK Cyber Envoy. His mission at RSA was to spread the word about his nation’s significant cyber capabilities, to help facilitate business relationships with companies in the US, and to promote the technologies that UK companies were showing at the conference.

Telesoft Technologies is one of those companies, and Matthew George is their CTO. He’ll tell us about their effort to bring the speed of FPGA’s to the market.

And finally, we’ll hear from Ezequiel Gutesman, Director of Research at Onapsis Research Labs. He’ll share the findings from a Poneman report on security within German software giants SAP's offerings.

RSA Special: Emerging Technologies

Thu, 10 Mar 2016 01:10:00 -0000

There was no shortage of new and innovative technology on display at the RSA conference. We sat down with industry innovators to get their perspectives.

In this RSA special edition, we’ll hear from Lance Cotrell, Chief Scientist at Ntrepid about their secure browser technology.

Emily Mossberg is from Deloitte Advisory Cyber Risk Services, and she’ll give us her perspective on emerging trends in cyber risk management.

Oliver Friedrichs is the CEO of Phantom, who were the winners of this year’s RSA Sandbox competition. He stresses the importance of automation.

Richard Moulds from Whitewood Encryption Systems tells us about their true random number generation and delivery system,

And finally, Vikram Sharma from Quintessence Labs, who’s flagship Trusted Security Foundation aims to centralize the management of encrypted keys.

RSA Special: Threat Intelligence

Tue, 08 Mar 2016 23:46:00 -0000

Threat intelligence - it's more than just attribution. In fact, unless you carry a gun and wear a badge, it's probably not much about attribution at all. Instead, it's about reducing risk.

Special thanks to our guests who sat down for interviews at RSA:

Ryan Trost, Cofounder and CTO at ThreatQuotient

Eric Olson, VP of Intelligence Operations at LookingGlass

Rick Howard, Chief Security Officer at Palo Alto Networks