The Security Detail Audra Streetman and Madeleine Tauber

In episode two of The Security Detail, Audra interviews Liz Wharton, founder of Silver Key Strategies, about her research on using large language models (LLMs) to analyze SEC 8-K filings and other public reporting to gain cybersecurity insights. Liz is an attorney who has two decades of legal, public policy, and business experience, including in cybersecurity. The interview also covers the heightened liability security executives face when reporting material incidents to the US Securities and Exchange Commission (SEC). 
 
Resources: 
SURGe Minicon talks at .conf24: https://conf.splunk.com/sessions/catalog.html?search=minicon#/
Silver Key Strategies: https://silverkeystrategies.com/about-silver-key
Splunk's 2024 State of Security Report: https://www.splunk.com/en_us/campaigns/state-of-security.html

Veterans bring invaluable skills in leadership, problem-solving, and discipline to the field of cybersecurity, making them highly sought-after candidates in the industry. In this episode, Tom Marsland, board chair of VetSec, explains how the non-profit helps veterans and transitioning military members find employment in the industry. 
Resources: 
VetSec: https://vetsec.org/
Veterans Affairs locations: https://www.va.gov/find-locations/
Til Valhalla Project: https://tilvalhallaproject.com/
Operation Code: https://operationcode.org/
Hiring our Heroes: https://www.hiringourheroes.org/
USO Careers: https://www.uso.org/careers/
Cloud Range: https://www.cloudrangecyber.com/
 
 

In episode 9 of The Security Detail, hear from past interview guests about what they consider to be the most important cybersecurity skill for future practitioners.   

In episode 8 of The Security Detail, hear from past interview guests about their predictions for emerging technology, like artificial intelligence and quantum computing. 
Resources: 
Cipher Brief article: https://www.thecipherbrief.com/how-ai-is-helping-the-u-s-unravel-chinas-dangerous-hacking-operation
 

The MITRE ATT&CK framework provides a standardized taxonomy and knowledge base of adversary tactics, techniques, and procedures (TTPs), enabling organizations to enhance threat detection, response, and mitigation strategies effectively. In this episode, Adam Pennington tells us about the origins of the ATT&CK project, how organizations can effectively leverage it, and the journey that led Adam to his current role as the project's leader.  
 
Resources: 
Mitre ATT&CK website: https://attack.mitre.org/
.conf24 agenda: https://conf.splunk.com/ 
ATT&CKCon Presentations: https://attack.mitre.org/resources/learn-more-about-attack/
ATT&CK Evaluations Program: https://mitre-engenuity.org/cybersecurity/attack-evaluations/
Adam's BSides Talk (Bringing Intelligence into Cyber Deception with MITRE ATT&CK): https://www.youtube.com/watch?v=eL4iLUw1ee8
Adam's DEF CON Talk (Emulating Adversary w Imperfect Intelligence): https://www.youtube.com/watch?v=cXlWY3OnjO0
David Bianco's Pyramid of Pain: https://www.youtube.com/watch?v=3Xrl6ICxKxI 
Dr. Fetterman’s blog: https://www.splunk.com/en_us/blog/security/revisiting-the-big-picture-macro-level-att-ck-updates-for-2023.html

Cybersecurity is crucial for the electric sector to safeguard critical infrastructure from cyber threats and potential disruptions, ensuring the reliable and secure delivery of electricity to homes, businesses, and essential services. In episode 6, Robert M. Lee, CEO and Co-Founder of Dragos provides an overview of the top cyber threats facing electric utilities and the role that Dragos plays in strengthening ICS and OT resilience.
 
Resources: 
Dragos Community Defense Program: https://www.dragos.com/community/community-defense-program/
Dragos 2023 OT Cybersecurity Year in Review report: https://www.dragos.com/ot-cybersecurity-year-in-review/
SANS Instructor Biography: https://www.sans.org/profiles/robert-m-lee/
Sandworm book: https://www.amazon.com/Sandworm-Cyberwar-Kremlins-Dangerous-Hackers/dp/0385544405
'U.S. Government Disrupts Botnet People’s Republic of China Used to Conceal Hacking of Critical Infrastructure': https://www.justice.gov/opa/pr/us-government-disrupts-botnet-peoples-republic-china-used-conceal-hacking-critical
'Justice Department Conducts Court-Authorized Disruption of Botnet Controlled by the Russian Federation’s Main Intelligence Directorate of the General Staff (GRU)': https://www.justice.gov/opa/pr/justice-department-conducts-court-authorized-disruption-botnet-controlled-russian
'A Global Police Operation Just Took Down the Notorious LockBit Ransomware Gang': https://www.wired.com/story/lockbit-ransomware-takedown-website-nca-fbi/
'Sandworm Disrupts Power in Ukraine Using a Novel Attack Against Operational Technology': https://www.mandiant.com/resources/blog/sandworm-disrupts-power-ukraine-operational-technology
The Five ICS Cybersecurity Critical Controls: https://www.sans.org/white-papers/five-ics-cybersecurity-critical-controls/
SECURING OPERATIONAL TECHNOLOGY: A DEEP DIVE INTO THE WATER SECTOR: https://homeland.house.gov/hearing/securing-operational-technology-a-deep-dive-into-the-water-sector/