AttackIQ

Think Bad, Do Good Podcast
  • 5,0 (3)
  • ТЕХНОЛОГИИ
  • ЕЖЕМЕСЯЧНО

AttackIQ’s podcast series, Think Bad, Do Good, brings together security researchers, informed defenders, and intelligence practitioners for discussions about how security teams can build a strong threat-informed defense strategy. Listen in for lively discussions on emerging strategic concepts, threats and emulation plans, optimizing your cybersecurity investments, and cybersecurity events in the news. About AttackIQ: Adversaries across the globe, from nation-states to criminal organizations, hold our businesses, democracy, and society at risk through cyberspace. Our mission at AttackIQ is to help solve that problem and make the world safe for compute. As the leading independent vendor of breach and attack simulation solutions, we built the industry’s first Security Optimization Platform for continuous security control validation and improving security program effectiveness and efficiency. We are trusted by leading organizations worldwide to identify security improvements and verify that cyberdefenses work as expected, aligned with the MITRE ATT&CK framework. We’re strongly committed to giving back to the cybersecurity community through our free, award-winning AttackIQ Academy, open Preactive Security Exchange, and partnership with MITRE Engenuity Center for Threat-Informed Defense, and we’re proud to be consecutively named a Fortune Great Place to Work, as well as a participant in the Respect in Security pledge.

  1. 07.11.2022

    Confronting the Disinformation Age: A Conversation with Renée di Resta

    Guest: Renée DiResta, Research Manager, Stanford Internet Observatory Renée di Resta is a pioneer in the study of disinformation, and through her research at the Stanford Internet Observatory and regular contributions to The Atlantic Monthly she has made her voice heard on the harms of amplified propaganda and the role it has in shaping public opinion. How do false narratives spread? “You have human nature, which has not really changed very much in many ways over time, either. A lot of the kind of psychological motivators have been consistent. What do people need, what do they want, what are they looking for?” Renée investigates the intersection of platform algorithms with user behavior and factional crowd dynamics to get to the root of the problem. “What really does change is the communication technology. And when we’re talking about propaganda, which really is referring to messaging, we’re talking about ways in which entities who are trying to achieve a particular objective, use communication to send messages to the public.” In this installment of Think Bad, Do Good, Renée and Jonathan examine the role of “filter bubbles” in the dissemination of false narratives and individual agendas, the creation of polarization in public opinion, blurred lines between fact and bias, and the growth and spread of extremism. “Another thing that we see a lot in our work is looking at what makes things go viral,” Renée says. “People make crazy claims on the internet all the time but what starts to happen is that you’ll see incentivized influencers with very large followings who will pick up that claim, but they do it in a really interesting way.” Tune in to learn more. Renée’s most recent articles: It’s Not Misinformation. It’s Amplified Propaganda: https://www.theatlantic.com/ideas/archive/2021/10/disinformation-propaganda-amplification-ampliganda/620334/ The Ukraine Crisis Briefly Put America’s Culture War in Perspective: https://www.theatlantic.com/ideas/archive/2022/03/russia-ukraine-war-stopped-internet-culture-war/627122/ Elon Musk Is Fighting for Attention, Not Free Speech: https://www.theatlantic.com/ideas/archive/2022/04/elon-musk-buy-twitter-free-speech/629571/ The Digital Maginot Line: https://www.ribbonfarm.com/2018/11/28/the-digital-maginot-line/ Click here to read the transcript: https://www.attackiq.com/podcasts/confronting-the-disinformation-age/#transcript

    40 мин.
  2. Catastrophic Loss: The State of the Cyberinsurance Market Today, with Josephine Wolff

    17.10.2022

    Catastrophic Loss: The State of the Cyberinsurance Market Today, with Josephine Wolff

    Guest: Josephine Wolff, The Fletcher School of Law and Diplomacy For anyone interested in understanding cybersecurity insurance, Josephine Wolff is the premier global expert on the issue. And cyberinsurance is a tricky market. “We’re all relying on the same infrastructure or the same fairly small set of infrastructure for our computer systems,” Josephine says in this episode of Think Bad, Do Good. Other types of insurers can diversify their risk portfolio and assume that all policy holders are not going to be hit by the same fire, the same flood, or the same car accident all at once. But due to the scope of cybersecurity risk, cyberinsurers lack that luxury. How does it play out? “The ideal would be your insurer comes in, they assess your security posture, and then they price your premium based on how good your security is. And I think what a lot of companies feel now is like, they come in, they do this endless questionnaire, and then they’re just going to price your premium based on how big your company is anyway.” The impact is significant. “It plays into this larger dynamic of sort of caution on the part of the insurers, saying, ‘We don’t really feel we know how to defend against these types of incidents, so we would rather not be on the hook to be covering more and more and larger and larger of them.’” That issues rests at the core of the current public debate. Author of Cyberinsurance Policy and professor at The Fletcher School, Josephine Wolff examines the development of cyberinsurance, compares it to other sectors, and details how the complexity of cybersecurity insurance can lead to legal disputes between insurers and policyholders. “Who ends up paying? What are all the various complicated legal and liability issues here? And what can we say about who gets held responsible and who doesn’t?” Tune in to learn more about the path ahead. Key links to Josephine’s work: Link to her new book, available from MIT Press: Cyinsurance Policy: Rethinking Risk in an Age of Ransomware, Computer Fraud, Data Breaches, and Cyberattacks: https://mitpress.mit.edu/9780262544184/cyberinsurance-policy/ Her recent article in the Financial Times: “Insurers must rethink handling of cyberattacks on states.”: https://www.ft.com/content/aa147054-ec14-4a75-a183-bee345319948 Her recent article in Slate (no paywall), “A Brief History of Cyberinsurance.”: https://slate.com/technology/2022/08/cyberinsurance-history-regulation.html Click here to read the transcript: https://www.attackiq.com/podcasts/the-state-of-the-cyberinsurance-market-today/#transcript

    23 мин.
  3. Lessons in Venture Capital: Building a Cybersecurity Company, with Marcus Bartram

    07.10.2022

    Lessons in Venture Capital: Building a Cybersecurity Company, with Marcus Bartram

    Guest: Marcus Bartram, General Partner at Telstra Ventures Telstra Ventures’ Marcus Bartram understands the growing pains inherent in building a business. Working at high-growth companies early in his career helped him build wisdom and resilience and foster a sense of empathy towards entrepreneurs. As a venture capitalist, Marcus understands how to use capital as a tool for building a business, and he and his team have led successful investments in companies like CrowdStrike, Auth0, Corvus Insurance, Elastica, and vArmour, among many others. In this episode, Marcus joins Jonathan to discuss the ins-and-outs of evaluating potential investment opportunities, the company profiles that attract venture capitalists, and the excitement that comes with building partnerships. “Who’s the team?” Marcus asks. “Do you believe in the vision they’re trying to paint? Do you trust them to want to give them literally millions of dollars of money? And do you think they can execute on the vision?” Marcus recounts stories of navigating the turbulent dotcom boom of the late-1990s, reflects on the role it played in his career, and shares his views on the future of cybersecurity and technology. “For my sins, I really like the cybersecurity market, which is a huge, vibrant market with lots of opportunity,” he remarks. “What’s their unique view on that, and why are they different to the other thousands of cybersecurity startups that are in the market today? Are they solving a big problem, or are they solving for a feature in cybersecurity?” Click here to read the transcript: https://www.attackiq.com/podcasts/how-to-build-and-scale-a-successful-cybersecurity-company/#transcript

    27 мин.
  4. Not Your Normal CISO: Lessons In Security Leadership, with Rob Hornbuckle

    29.07.2022

    Not Your Normal CISO: Lessons In Security Leadership, with Rob Hornbuckle

    Rob Hornbuckle, Chief Information Security Officer, Allegiant Airways. Years before he became Chief Information Security Officer (CISO) at Allegiant Airways, Rob Hornbuckle studied acting and worked as a bartender – lessons that served him well as a four-time CISO. He understands business, he understands technology, but above all he understands human behavior. “Something is eventually going to happen at any organization you potentially could work for,” says Rob. “If you work there long enough, something will eventually happen. What’s going to determine your success and your longevity long-term as a CISO is how you react to it, how you handle it, how well everyone trusts that you’ve both done the best you can, and that you’ve had the best interest of the organization in mind.” Accountability matters a lot. “One of the most executive things you can ever do is stand up and take accountability when it’s your fault,” he says. “You will garner significantly more respect if you stand up and take accountability when it’s your fault than if you try to slough it off or if you act dodgy. It’s almost human nature to want to shy away, to want to not get in trouble, to want to try to curl up and defend yourself in some way. But the most executive thing that you can possibly ever do is stand up and take accountability when you were at fault either fully or even partially.” In one of the most illuminating podcasts yet, Rob sits down with Jonathan to outline his vision for leadership development and success in security. Click here to read the transcript: https://attackiq.com/podcasts/not-your-normal-ciso-lessons-in-security-leadership-from-bartending-to-the-boardroom/#transcript

    36 мин.
  5. Preparing for Disaster and Achieving Cybersecurity Readiness, with Juliette Kayyem

    11.07.2022

    Preparing for Disaster and Achieving Cybersecurity Readiness, with Juliette Kayyem

    Guest: Juliette Kayyem, Faculty chair of the Homeland Security and Security and Global Health Projects at Harvard’s Kennedy School of Government Juliette Kayyem wants you to fail safer when disaster inevitably strikes. A former assistant secretary of homeland security, Harvard professor, and contributor to The Atlantic Monthly, she is the author of the new book, The Devil Never Sleeps: Learning to Live in an Age of Disasters. In this episode, Juliette talks with host Jonathan Reiber about how we can get ahead of disasters and bounce back when the inevitable “boom” finally comes. Click here to read the transcript: https://attackiq.com/podcasts/preparing-for-disaster-and-achieving-cybersecurity-readiness/#transcript

    32 мин.
  6. AttackIQ Purple Hats 2022: How to Catch the Winds of Luck

    28.06.2022

    AttackIQ Purple Hats 2022: How to Catch the Winds of Luck

    The confusion between fortune, chance, and luck speaks to the fact that most people aren’t fully aware of how much control they have over their own fate. If you look closely though, you will see lots of ways to increase your luck. The key is understanding that luck is rarely a lightning strike— isolated and dramatic — but a wind that blows constantly. Join Dr. Tina Seelig from Stanford University, with Toby Shapshak, editor-in-chief and publisher of Stuff, in an insightful conversation around how to catch the winds of luck in your profession and daily life. Speakers: Dr. Tina Seelig Toby Shapshak - Stuff

    29 мин.
  7. AttackIQ Purple Hats 2022: Putting Threat Informed Defense Into Practice

    28.06.2022

    AttackIQ Purple Hats 2022: Putting Threat Informed Defense Into Practice

    How are leading companies and organizations adopting a threat-informed defense? Join Chris Kissel, Research Director, International Data Corporation (IDC)'s Security & Trust Products Group, Russ Nolan, Security Engineer, Stripe and Stephan Chenette, Co-Founder and CTO, AttackIQ. Speakers: Chris Kisse, International Data Corporation (IDC)'s Security & Trust Products Group Stephan Chenette, AttackIQ Russ Nolen, Stripe

    51 мин.
  8. AttackIQ Purple Hats 2022: AI Threats & Vulnerabilities

    28.06.2022

    AttackIQ Purple Hats 2022: AI Threats & Vulnerabilities

    MITRE’s Jonathan Broadbent and Dr. Christina Liaghati discuss AI Threats & Vulnerabilities, real-world observations, demonstrations from ML red teams and security groups, and the state of the possible from academic research and MITRE ATLAS, the Adversarial Threat Landscape for AI Systems, a collaboratively developed knowledge base of adversary tactics, techniques (MITRE ATLAS™ Introduction - YouTube). They walk through how threats and vulnerabilities have and can continue to impact AI systems, showing real-world examples and talked about MITRE’s growing mechanism for collaboration with ongoing opportunities for industry leaders to shape the future of AI Assurance. If you are interested in driving action as part of the ATLAS Consortium or you would like to learn more about the ATLAS framework, email Jonathan at jbroadbent@mitre.org and Christina at cliaghati@mitre.org and the full MITRE ATLAS team at atlas@mitre.org.

    26 мин.
См. все (47)

Оценки и отзывы

5
из 5
Оценок: 3

Об этом подкасте

AttackIQ’s podcast series, Think Bad, Do Good, brings together security researchers, informed defenders, and intelligence practitioners for discussions about how security teams can build a strong threat-informed defense strategy. Listen in for lively discussions on emerging strategic concepts, threats and emulation plans, optimizing your cybersecurity investments, and cybersecurity events in the news. About AttackIQ: Adversaries across the globe, from nation-states to criminal organizations, hold our businesses, democracy, and society at risk through cyberspace. Our mission at AttackIQ is to help solve that problem and make the world safe for compute. As the leading independent vendor of breach and attack simulation solutions, we built the industry’s first Security Optimization Platform for continuous security control validation and improving security program effectiveness and efficiency. We are trusted by leading organizations worldwide to identify security improvements and verify that cyberdefenses work as expected, aligned with the MITRE ATT&CK framework. We’re strongly committed to giving back to the cybersecurity community through our free, award-winning AttackIQ Academy, open Preactive Security Exchange, and partnership with MITRE Engenuity Center for Threat-Informed Defense, and we’re proud to be consecutively named a Fortune Great Place to Work, as well as a participant in the Respect in Security pledge.

Информация

  • Автор
    Think Bad, Do Good Podcast
  • Годы выхода
    2 тыс.
  • Выпуски
    47
  • Ограничения
    Без ненормативной лексики
  • Авторские права
    © All rights reserved
  • Сайт подкаста
    AttackIQ