CISO Tradecraft‪®‬ G Mark Hardy & Ross Young

This episode of CISO Tradecraft features a conversation between host G. Mark Hardy and Chris Rothe, co-founder of Red Canary, focusing on cloud security, managed detection and response (MDR) services, and the evolution of cybersecurity practices. They discuss the genesis of Red Canary, the significance of their company name, and the distinctions between Managed Security Service Providers (MSSPs) and MDRs. The conversation also covers the importance of cloud security, the challenges of securing serverless and containerized environments, and leveraging open-source projects like Atomic Red Team for cybersecurity. They conclude with insights on the cybersecurity labor market, the value of threat detection reports, and the future of cloud security.
Red Canary: https://redcanary.com/
Chris Rothe: https://www.linkedin.com/in/crothe/
Transcripts: https://docs.google.com/document/d/1XN4Bp7Sa2geGCVaHuqMRmJckms4q7_L6
 

This episode of CISO Tradecraft, hosted by G Mark Hardy, features special guest Debbie Gordon. The discussion focuses on the critical role of Security Operations Centers (SOCs) in an organization's cybersecurity efforts, emphasizing the importance of personnel, skill development, and maintaining a high-performing team. It covers the essential aspects of building and managing a successful SOC, from hiring and retaining skilled incident responders to measuring their performance and productivity. The conversation also explores the benefits of simulation-based training with CloudRange Cyber, highlighting how such training can improve job satisfaction, reduce incident response times, and help organizations meet regulatory requirements. Through this in-depth discussion, listeners gain insights into best practices for enhancing their organization's cybersecurity posture and developing key skill sets to defend against evolving cyber threats.
Cloud Range Cyber: https://www.cloudrangecyber.com/
Transcripts: https://docs.google.com/document/d/18ILhpOgHIFokMrkDAYaIEHK-f9hoy63u 
Chapters
00:00 Introduction
01:04 The Indispensable Role of Security Operations Centers (SOCs)
02:07 Building an Effective SOC: Starting with People
03:04 Measuring Productivity and Performance in Your SOC
05:36 The Importance of Continuous Training and Simulation in Cybersecurity
09:00 Debbie Gordon on the Evolution of Cyber Training
11:54 Developing Cybersecurity Talent: The Importance of Simulation Training
14:46 The Critical Role of People in Cybersecurity
21:57 The Impact of Regulations on Cybersecurity Practices
24:36 The Importance of Proactive Cybersecurity Training
26:26 Redefining Cybersecurity Roles and Training Approaches
30:08 Leveraging Cyber Ranges for Real-World Cybersecurity Training
36:03 Evaluating and Enhancing Cybersecurity Skills and Team Dynamics
37:49 Maximizing Cybersecurity Training ROI and Employee Engagement
41:40 Exploring CloudRange Cyber's Training Solutions
43:28 Conclusion: The Future of Cybersecurity Training

In this episode of CISO Tradecraft, host G Mark Hardy discusses the findings of the 2024 Verizon Data Breach Investigations Report (DBIR), covering over 10,000 breaches. Beginning with a brief history of the DBIR's inception in 2008, Hardy highlights the evolution of cyber threats, such as the significance of patching vulnerabilities and the predominance of hacking and malware. The report identifies the top methods bad actors use for exploiting companies, including attacking VPNs, desktop sharing software, web applications, conducting phishing, and stealing credentials, emphasizing the growing sophistication of attacks facilitated by technology like ChatGPT for phishing and deepfake tech for social engineering. The episode touches on various cybersecurity measures, the omnipresence of multi-factor authentication (MFA) as a necessity rather than a best practice, and the surge in denial-of-service (DDoS) attacks. Hardy also discusses generative AI's role in enhancing social engineering attacks and the potential impact of deepfake content on elections and corporate reputations. Listeners are encouraged to download the DBIR for a deeper dive into its findings.
Transcripts: https://docs.google.com/document/d/1HYHukTHr6uL6khGncR_YUJVOhikedjSE 
Chapters
00:00 Welcome to CISO Tradecraft
00:35 Celebrating Milestones and Offering Services
01:39 Diving into the Verizon Data Breach Investigations Report
04:22 Top Attack Methods: VPNs and Desktop Sharing Software Vulnerabilities
09:24 The Rise of Phishing and Credential Theft
19:43 Advanced Threats: Deepfakes and Generative AI
23:23 Closing Thoughts and Recommendations

In this joint episode of the Security Break podcast and CISO Tradecraft podcast, hosts from both platforms come together to discuss a variety of current cybersecurity topics. They delve into the challenge of filtering relevant information in the cybersecurity sphere, elaborate on different interpretations of the same news based on the reader's background, and share a detailed analysis on specific cybersecurity news stories. The discussion covers topics such as the implications of data sharing without user consent by major wireless providers and the fines imposed by the FCC, the significance of increasing bug bounty payouts by tech companies like Google, and a comprehensive look at how edge devices are exploited by hackers to create botnets for various cyberattacks. The conversation addresses the complexity of the cybersecurity landscape, including how different actors with varied objectives can simultaneously compromise the same devices, making it difficult to attribute attacks and protect networks effectively.
Transcripts: https://docs.google.com/document/d/1GtFIWtDf_DSIIgs_7CizcnAHGnFTTrs5
Chapters
00:00 Welcome to a Special Joint Episode: Security Break & CISO Tradecraft
01:27 The Challenge of Filtering Cybersecurity Information
04:23 Exploring the FCC's Fine on Wireless Providers for Privacy Breaches
06:41 The Complex Landscape of Data Privacy Regulations
16:00 The Economics of Data Breaches and Regulatory Fines
24:23 Bug Bounties and the Value of Security Research
33:21 Exploring the Economics of Cybersecurity
33:50 The Lucrative World of Bug Bounties
34:38 The Impact of Security Vulnerabilities on Businesses
35:50 Navigating the Complex Landscape of Cybersecurity
36:22 The Ethical Dilemma of Selling Exploit Information
37:32 Understanding the Market Dynamics of Cybersecurity
38:00 Focusing on Android Application Security
38:34 The Importance of Targeting in Cybersecurity Efforts
42:33 Exploring the Threat Landscape of Edge Devices
46:37 The Challenge of Securing Outdated Technology
49:28 The Role of Cybersecurity in Modern Warfare
53:15 Strategies for Enhancing Cybersecurity Defenses
01:05:25 Concluding Thoughts on Cybersecurity Challenges

In this episode of CISO Tradecraft, host G. Mark Hardy discusses seven critical issues facing the cybersecurity industry, offering a detailed analysis of each problem along with counterarguments. The concerns range from the lack of a unified cybersecurity license, the inefficiency and resource waste caused by auditors, to the need for a federal data privacy law. Hardy emphasizes the importance of evaluating policies, prioritizing effective controls, and examining current industry practices. He challenges the audience to think about solutions and encourages sharing opinions and additional concerns, aiming to foster a deeper understanding and improvement within the field of cybersecurity.
Transcripts: https://docs.google.com/document/d/1H_kTbCG8n5f_d1ZHNr1QxsXf82xb08cG
Chapters
00:00 Introduction
01:28 Introducing the Seven Broken Things in Cybersecurity
02:00 1. The Lack of a Unified Cybersecurity License
06:53 2. The Problem with Cybersecurity Auditors
10:09 3. The Issue with Treating All Controls as High Priority
14:12 4. The Obsession with New Cybersecurity Tools
19:23 5. Misplaced Accountability in Cybersecurity
22:38 6. Rethinking Degree Requirements for Cybersecurity Jobs
26:49 7. The Need for Federal Data Privacy Laws
30:53 Closing Thoughts and Call to Action

In this episode of CISO Tradecraft, hosts G Mark Hardy and guests Jeff Majka and Andrew Dutton discuss the vital role of competitive threat intelligence in cybersecurity. They explore how Security Bulldog's AI-powered platform helps enterprise cybersecurity teams efficiently remediate vulnerabilities by processing vast quantities of data, thereby saving time and enhancing productivity. The conversation covers the importance of diverse threat intelligence sources, including open-source intelligence and insider threat awareness, and the strategic value of AI in analyzing and prioritizing data to manage cybersecurity risks effectively. The discussion also touches on the challenges and potentials of AI in cybersecurity, including the risks of data poisoning and the ongoing battle between offensive and defensive cyber operations.
The Security Bulldog: https://securitybulldog.com/contact/
Transcripts: https://docs.google.com/document/d/1D6yVMAxv16XWtRXalI5g-ZdepEMYmQCe
Chapters
00:00 Introduction
00:56 Introducing the Experts: Insights from the Field
02:43 Unpacking Cybersecurity Intelligence: Definitions and Importance
04:02 Exploring Cyber Threat Intelligence (CTI): Applications and Strategies
13:11 The Role of AI in Enhancing Cybersecurity Efforts
16:43 Navigating the Complex Landscape of Cyber Threats and Defenses
19:07 The Future of AI in Cybersecurity: A Balancing Act
22:33 Exploring AI's Role in Cybersecurity
22:50 The Practical Application of AI in Cybersecurity
25:08 Challenges and Trust Issues with AI in Cybersecurity
26:52 Managing AI's Risks and Ensuring Reliability
31:00 The Evolution and Impact of AI Tools in Cyber Threat Intelligence
34:45 Choosing the Right AI Solution for Cybersecurity Needs
37:27 The Business Case for AI in Cybersecurity
41:22 Final Thoughts and the Future of AI in Cybersecurity