Cyber Security Dispatch

Andy Anderson & CSD Staff
Cyber Security Dispatch

Cyber Security Dispatch brings you to the front lines of cyber security. In our podcast we interview leading experts and practitioners who are fighting attacks, securing systems, and exploring the cutting edge of cyber security and cyber warfare.

  1. 01/29/2019

    Why Controlling Time Matters

    An Interview with Arun Sood, CEO of SCIT LabsCyber Security Dispatch: Season 3, Episode 2Show Notes: Welcome back to the Cyber Security Dispatch. This is the first in the new series of interviews focused on innovative technology in cyber security where we talk about new solutions to protect our data and systems. Today on the show we welcome Arun Sood, CEO of Self Cleansing Intrusion Tolerance (SCIT) Labs. He is the co-inventor of all six SCIT technology patents that are based on the research undertaken at his research center. In this episode, we are setting the clock on why controlling time matters. Arun is an expert on moving target defense and building resilience systems. He offers a refreshing perspective on how controlling time can give security teams a key advantage in stopping attacks and limiting the impact of those attacks. It is a really fascinating perspective and one that can help you see things differently. For all this and much more be sure to tune in! Key Points From This Episode: Understanding moving target defense. The resilience requirement: continuity of operations. Providing higher levels of security through diversity and redundancy. How redundancy can be used to achieve a dual goal. Understanding the concept of diversity. How complexities affect cost: the additional expense. Why you can’t change the implementation in a redundancy based approach. Dwell time: a measure of how the server is performing. Steps of a cyber-kill chain. Understanding the SCIT system. Thinking of data in three different ways. Recovery systems in the cyber security space. How to think about measuring success: what does it mean? Two principle things to start with as a small user. Choosing your throttle time. And much more! Links Mentioned in Today’s Episode:Arun Sood — http://scitlabs.com/about-us/team Arun on LinkedIn — https://www.linkedin.com/in/arunsood/ SCIT Labs — http://scitlabs.com/ George Mason University — https://www2.gmu.edu/ Drupal — https://www.drupal.org/ WordPress — https://wordpress.com/ Introduction: Welcome back to the Cyber Security Dispatch. This is the first in the new series of interviews focused on innovative technology in cyber security where we talk about new solutions to protect our data and systems. Today on the show we welcome Arun Sood, CEO of Self Cleansing Intrusion Tolerance (SCIT) Labs. He is the co-inventor of all six SCIT technology patents that are based on the research undertaken at his research center. In this episode, we are setting the clock on why controlling time matters. Arun is an expert on moving target defense and building resilience systems. He offers a refreshing perspective on how controlling time can give security teams a key advantage in stopping attacks and limiting the impact of those attacks. It is a really fascinating perspective and one that can help you see things differently. For all this and much more be sure to tune in! TRANSCRIPT [0:01:05.5] AS: I am Arun Sood and I am a professor at George Mason University but currently, research at George Mason has led to six packets and at one stage, we decided to start a university startup, we are a group affiliated to George Mason has equity shares in the company so there is a close relationship between the two things. I’m the founder of this and currently in the CEO but I see we have a chief architect, we have lots of people who are helping with us and how this is going to evolve is only time will tell. [0:01:46.7] AA: Yeah, I think, you know, one of the things that was so interesting about what you got up to is you’re sort of focusing, you’re focused on moving target defense so that’s a concept we’ve talked a lot about on this show but for those who kind of aren't familiar with moving target defense, you just want to kind of talk about what it is and how you kind of how you kind of got involved in it. [0:02:07.3] AS: Right. There are many ways to look at this but I’m going to try something slightly

  2. 01/03/2019

    On The Internet, Nobody Knows If You’re A Dog

    Today on the show we welcome with Christian Folini of ModSecurity. Christian is the author of The Modsecurity Handbook (2nd edition) and Co-Lead of the OWASP ModSecurity Core Rule Set project. He is also the program chair of the Swiss Cyber Storm conference, Vice-President of Swiss Cyber Experts and a partner and consultant at netnea.com. In this episode, we discuss Christian’s interesting path from PhD in Medieval History to becoming an expert in computer science. He also shares his fascinating work with the Swiss voting system and how E-voting is alive and happening in that country today. Will a system like this ever be possible in the US? We get into that too. We also get into some interesting discussions drawing parallels between Medieval social history and the what is happening with the internet today, in terms of open source technology. He also explains (in a way your grandparents will even understand) how a firewall works, whitelisting, blacklisting, IP addresses and malicious and non-malicious traffic. We also hear more about his strategies for reverse proxy and stopping D-DOS. A background in humanities has really served Christian well in the art of explanation, making this episode full of great imagery, good humor and information that even the dog next door might appreciate.

    56 min

  3. 09/10/2018

    Are Patient Records Really Private?

    Welcome back to the Cyber Security Dispatch, in this episode we welcome Stephanie Crabb, the founder of Immersive. Stephanie is here discuss the role of her company in cyber security and data protection in the healthcare sector. Healthcare provides an unique and striking example of the cyber security concerns of the contemporary world with the intersection of the government, business interests and individual rights creating a very particular dynamic. We chat about Stephanie’s career arc up until now and then move on to situating the cyber security debate within the medical profession. We also discuss GDPR and HIPAA as well as the NIST Cybersecurity Framework. Stephanie’s knowledge and expertise in these areas is extensive and she generously shares much of her wisdom and perspective on these pertinent issues. For all this and much more be sure to tune in!

  4. 08/29/2018

    Keeping Cyber Attacks from Blowing Stuff Up

    On today’s episode of the Cyber Security Dispatch we welcome the CEO of The Bit Bazaar, Erfan Ibrahim to talk about his groundbreaking ideas in the fields of security and resilience. Erfan’s expertise extends beyond the common cyber domains into the world of mechanical infrastructure and hardware and we hear all about the challenges that this dimension adds to the work. Erfan tells us about how he came up in the field and landed in his current position before deep diving on the topic of hardened and layered defenses, something that he sees as paramount to resilience. We then go on to chat about institutional architecture, mental models, confidentiality, ‘hyper-quiet’ networks, existent and legacy hardware and much more. So be sure to tune in for one of the most visionary and thoughtful conversations we have had the pleasure of hosting on this podcast.

    52 min

  5. 07/11/2018

    Peering Into the Dark Places

    In this episode of the Cyber Security Dispatch we welcome Michael Marriot of Digital Shadows, a company specializing in security from dark web threats. Although we often see to hear about the dark web and the dangers of these hidden portals of the internet, its very nature means it is often spoken about in the vaguest of terms. Michael gives us a quick dive into an understanding of what the dark web provides and why it is not always the bad place it is supposed to be. We look at the market places that are housed within the dark web and thus talk about the types of cyber crimes that typically occur in these spaces. Our guest does a great job of explaining just how his company can protect customers from these types of threats and we also discuss how more widespread proactive user behavior could lead to decreases in these threats. Michael offers a lot of insightful information on rippers, security strategies and criminal personas, so this is an episode you are not going to want to miss.

    26 min

  6. 07/02/2018

    Using the New Toys to Solve the Legacy Issues

    Today on the show we speak with Scott Laliberte, the former Information Security Systems Officer for the US Coastguard and Managing Director and Global Leader of the Cyber Security and Privacy Practice at the global consulting firm, Protiviti. In this episode, we discuss the necessary mindset shift that CISOs need to make and why we need to be using new technological toys, like AI and machine learning, to solve legacy issues. Scott shares his findings on how CISOs need to and are starting to talk the business language and how the changing narrative of what security does for business can lead to a more cohesive enterprise. We find out why acknowledging weaknesses, foregrounding transparency and “talking the talk” can lead to a CISO’s longevity and success. In addition, we discuss the tech skills shortage and how the industry is working to create a balance between the experienced workforce and the new kids on the block.

  7. 06/29/2018

    CISO’s are Goal Keepers, All Guts No Glory

    Today on the show, we speak with Giovanni Vigna – CTO and co-founder of Lastline, a cyber security startup, and Director of UC’s Santa Barbara Center for Cyber Security, where he also serves as a computer science professor. In this episode Giovanni shares his unique perspective as both a security technologist and an academic on educating and diversifying the next generation of software programmers and data scientists. Giovanni also shares his insight on technical superiority, buzz word trends, and how triage is the most overlooked and probably the most impactful aspect of security operations today. If done right, triage could be a powerful ally. If done poorly it can suck up time, investment, and leave you exposed. Lastly, we head to the soccer field and find out why CISO’s are just like goal keepers – all guts no glory. Can we really get credit for the attacks that didn’t happen? Find out in this episode.

    24 min

  8. 06/27/2018

    Who is Watching the Watchers

    On today’s episode of the Cyber Security we welcome Marton Illes who is the Director of Privileged Access Management at Balabit. Martin is here to talk to us about his work and role in the company and also to shed some light on this area of cyber security. Most of us are familiar with the ideas of privileges in varying forms but Martin is here to explain exactly how they can work to certain organizations’ benefit and the serviced that Balabit provide. Our guest gives us his background in security and then proceeds to lay out the ways in which privileges can work in company systems as well as some of the pitfalls to avoid. We go on to discuss the idea of monitoring and how to monitor those in higher positions or so-called super-users. Martin details certain pain points within this area and openly describes some of the shortcomings of the technology. From there we go onto discuss current security affairs such as GDPR and the impact of the cloud on his work.

    22 min
See All (29)

5
out of 5
7 Ratings

About

Cyber Security Dispatch brings you to the front lines of cyber security. In our podcast we interview leading experts and practitioners who are fighting attacks, securing systems, and exploring the cutting edge of cyber security and cyber warfare.

Information

  • Creator
    Andy Anderson & CSD Staff
  • Years Active
    2018 - 2019
  • Episodes
    29
  • Rating
    Clean
  • Copyright
    © 2018 Cyber Security Dispatch
  • Show Website
    Cyber Security Dispatch

To listen to explicit episodes, sign in.

Stay up to date with this show

Sign in or sign up to follow shows, save episodes, and get the latest updates.
Select a country or region

Africa, Middle East, and India

Asia Pacific

Europe

Latin America and the Caribbean

The United States and Canada