97 episodes

Encore seasons of the popular CyberWire Pro podcast hosted by Chief Analyst, Rick Howard. Join Rick and the Hash Table experts as they discuss the ideas, strategies and technologies that senior cybersecurity executives wrestle with on a daily basis. For the latest seasons ad-free along with essays, transcripts, and bonus content, sign up for CyberWire Pro.

CSO Perspectives (public‪)‬ N2K Networks

    • Technology
    • 5.0 • 12 Ratings

Encore seasons of the popular CyberWire Pro podcast hosted by Chief Analyst, Rick Howard. Join Rick and the Hash Table experts as they discuss the ideas, strategies and technologies that senior cybersecurity executives wrestle with on a daily basis. For the latest seasons ad-free along with essays, transcripts, and bonus content, sign up for CyberWire Pro.

    Bonus: Examining the current state of security orchestration. [CyberWire-X]

    Bonus: Examining the current state of security orchestration. [CyberWire-X]

    In this bonus episode of CyberWire-X, N2K’s CSO, Chief Analyst, and Senior Fellow, Rick Howard, is joined by guest Rohit Dhamankar, Fortra's Vice President of Product Strategy, and Hash Table member Steve Winterfeld, Akamai's Advisory CISO to discuss CISO initiatives such as vendor consolidation, automation, and attack surface management as a way to determine if it’s possible to achieve both increased security maturity and decreased operational load. This session covers common mistakes when adopting security technologies, including the pros and cons of AI, and how to better collaborate together.
    Learn more about your ad choices. Visit megaphone.fm/adchoices

    • 32 min
    Veterans Day Special.

    Veterans Day Special.

    The CyberWire honors U.S. veterans on the national holiday.
    Learn more about your ad choices. Visit megaphone.fm/adchoices

    • 18 min
    Best practices for MITRE ATT&CK(R) mapping.

    Best practices for MITRE ATT&CK(R) mapping.

    Rick Howard, N2K’s CSO and The CyberWire’s Chief Analyst and Senior Fellow, discusses the latest developments in mapping the MITRE ATT&CK(R) wiki to your deployed security stack with guests James Stanley, section chief at the U.S. Cybersecurity and Infrastructure Security Agency, John Wunder, Department Manager for Cyber Threat Intelligence and Adversary Emulation at MITRE, and Steve Winterfeld, Akamai’s Advisory CISO.
    Howard, R., Olson, R., 2020. Implementing Intrusion Kill Chain Strategies by Creating Defensive Campaign Adversary Playbooks [Journal Article]. The Cyber Defense Review. URL https://cyberdefensereview.army.mil/CDR-Content/Articles/Article-View/Article/2420129/implementing-intrusion-kill-chain-strategies-by-creating-defensive-campaign-adv/
    Staff, 2023. The Ultimate Guide to Sigma Rules [Blog]. THE GRAYLOG BLOG. URL https://graylog.org/post/the-ultimate-guide-to-sigma-rules/
    Seuss, Dr., 1990. Oh, the Places You’ll Go! [Book]. Goodreads. URL https://www.goodreads.com/book/show/191139.Oh_the_Places_You_ll_Go_?ref=nav_sb_ss_1_14
    Beriro, S., ishmael, stacy-marie, 2023. Crypto Hackers Stole Record Amount in 2022, Fueled by North Korea’s Lazarus [Podcast]. Bloomberg. URL https://www.bloomberg.com/news/articles/2023-02-23/crypto-hackers-stole-record-amount-in-2022-fueled-by-north-korea-s-lazarus
    cisagov, 2023. Decider: A web application that assists network defenders, analysts, and researchers in the process of mapping adversary behaviors to the MITRE ATT&CK® framework. [Code Repository]. GitHub. URL https://github.com/cisagov/Decider/
    Hutchins, E., Cloppert, M., Amin, R., 2010. Intelligence-Driven Computer Network Defense Informed by Analysis of Adversary Campaigns and Intrusion Kill Chains [White Paper]. Lockheed Martin. URL https://www.lockheedmartin.com/content/dam/lockheed-martin/rms/documents/cyber/LM-White-Paper-Intel-Driven-Defense.pdf
    JupiterDoc, 2011. Law & Order Full Theme (High Quality) [Theme]. YouTube. URL https://www.youtube.com/watch?v=xz4-aEGvqQM
    Nickels, K, 2019. Introduction to ATT&CK Navigator [Video]. YouTube. URL https://www.youtube.com/watch?v=pcclNdwG8Vs
    Page, C., 2022. US officials link North Korean Lazarus hackers to $625M Axie Infinity crypto theft [website]. TechCrunch. URL https://techcrunch.com/2022/04/15/us-officials-link-north-korean-lazarus-hackers-to-625m-axie-infinity-crypto-theft/
    Page, C., 2022. North Korean Lazarus hackers linked to $100M Harmony bridge theft [Website]. TechCrunch. URL https://techcrunch.com/2022/06/30/north-korea-lazarus-harmony-theft/
    Staff, n.d. Lazarus Group (G0032) [Wiki]. Mitre ATT&CK Navigator. URL https://mitre-attack.github.io/attack-navigator//#layerURL=https%3A%2F%2Fattack.mitre.org%2Fgroups%2FG0032%2FG0032-enterprise-layer.json
    Staff, n.d. Lazarus Group, Labyrinth Chollima, HIDDEN COBRA, Guardians of Peace, ZINC, NICKEL ACADEMY, Group G0032 [Wiki]. MITRE ATT&CK®. URL https://attack.mitre.org/groups/G0032/
    Staff, n.d. Lazarus Group [Wiki]. Tidal Cyber. URL https://app.tidalcyber.com/groups/0bc66e95-de93-4de7-b415-4041b7191f08-Lazarus%20Group
    Staff, January 2023. Best Practices for MITRE ATT&CK® Mapping [White Paper]. Cybersecurity and Infrastructure Security Agency (CISA). URL https://www.cisa.gov/news-events/news/best-practices-mitre-attckr-mapping
    Staff, March 2023. CISA Releases Decider Tool to Help with MITRE ATT&CK Mapping [Announcement]. Cybersecurity and Infrastructure Security Agency (CISA). URL https://www.cisa.gov/news-events/alerts/2023/03/01/cisa-releases-decider-tool-help-mitre-attck-mapping
    Staff, n.d. List of top Cryptocurrency Companies - Crunchbase Hub Profile [Website]. Crunchbase. URL https://www.crunchbase.com/hub/cryptocurrency-companies
    Strom, B.E., Applebaum, A., Miller, D.P., Nickels, K.C., Pennington, A.G., Thomas, C.B., 2020. ATTACK Design and Philosophy March 2020 Revision [White Paper]. Mitre. URL https://www.mitre.org/sites/default/files/publications/pr-18-0944-11-mitre-attack-design-and-philosophy.pdf
    Lear

    • 17 min
    Cybersecurity risk forecasting.

    Cybersecurity risk forecasting.

    Rick Howard, the CSO, Chief Analyst, and Senior Fellow at N2K Cyber, discusses the current state of cybersecurity risk forecasting with guests Fred Kneip, CyberGRX’s founder and President of ProcessUnity, and Kevin Richards, Cyber Risk Solutions President.
    Howard, R., 2023. Cybersecurity First Principles: A Reboot of Strategy and Tactics [Book]. Wiley. URL: https://www.amazon.com/Cybersecurity-First-Principles-Strategy-Tactics/dp/1394173083.  
    Howard, R., 2023. Bonus Episode: 2023 Cybersecurity Canon Hall of Fame inductee: Superforecasting: The Art and Science of Prediction by Dr Phil Tetlock and Dr Dan Gardner. [Podcast]. The CyberWire. URL https://thecyberwire.com/podcasts/cso-perspectives/5567/notes
    Howard, R., 2022. Risk Forecasting with Bayes Rule: A practical example. [Podcast]. The CyberWire. URL https://thecyberwire.com/podcasts/cso-perspectives/88/notes
    Howard, R, 2023. Superforecasting: The Art and Science of Prediction [Book review]. Cybersecurity Canon Project. URL icdt.osu.edu/superforecasting-art-and-science-prediction.
    Howard, R., 2022. Two risk forecasting data scientists, and Rick, walk into a bar. [Podcast]. The CyberWire. URL https://thecyberwire.com/podcasts/cso-perspectives/89/notes
    Howard, R., Freund, J., Jones, J., 2016. 2016 Cyber Canon Inductee - Measuring and Managing Information Risk: A FAIR approach [Interview]. YouTube. URL https://www.youtube.com/watch?v=vxBpAnSBaGM
    Hubbard , D.W., Seiersen, R., 2016. How to Measure Anything in Cybersecurity Risk [Book]. Goodreads. URL https://www.goodreads.com/book/show/26518108-how-to-measure-anything-in-cybersecurity-risk
    Clark, B., Seiersen , R., Hubbard, D., 2017. “How To Measure Anything in Cybersecurity Risk” - Cybersecurity Canon 2017 [Interview]. YouTube. URL https://www.youtube.com/watch?v=2o_mAavdabg&t=93s
    Freund, J., Jones, J., 2014. Measuring and Managing Information Risk: A FAIR Approach [Book]. Goodreads. URL https://www.goodreads.com/book/show/22637927-measuring-and-managing-information-risk
    Katz, D., 2021. Corporate Governance Update: “Materiality” in America and Abroad [Essay]. The Harvard Law School Forum on Corporate Governance. URL https://corpgov.law.harvard.edu/2021/05/01/corporate-governance-update-materiality-in-america-and-abroad/
    Posner, C., 2023. SEC Adopts Final Rules on Cybersecurity Disclosure [Essay]. The Harvard Law School Forum on Corporate Governance. URL https://corpgov.law.harvard.edu/2023/08/09/sec-adopts-final-rules-on-cybersecurity-disclosure/
    Linden, L.V., Kneip, F., Squier, Suzie , 2022. Threats Across the Globe & Benchmarking with CyberGRX [Podcast]. Retail & Hospitality ISAC Podcast. URL https://pca.st/a49enjb1
    Lizárraga, C.J., 2023. Improving the Quality of Cybersecurity Risk Management Disclosures [Essay]. U.S. Securities and Exchange Commission. URL https://www.sec.gov/news/statement/lizarraga-statement-cybersecurity-072623
    Staff, 2022. Benchmarking Cyber-Risk Quantification [Survey]. Gartner. URL https://www.gartner.com/en/publications/benchmarking-cyber-risk-quantification
    Tetlock, P.E., Gardner, D., 2015. Superforecasting: The Art and Science of Prediction [Book]. Goodreads. URL https://www.goodreads.com/book/show/23995360-superforecasting
    Winterfeld, S., 2014. How to Measure Anything in Cybersecurity Risk [Book review]. Cybersecurity Canon Project. URL https://icdt.osu.edu/how-measure-anything-cybersecurity-risk
    Learn more about your ad choices. Visit megaphone.fm/adchoices

    • 20 min
    Distributed Denial of Service prevention: Current state.

    Distributed Denial of Service prevention: Current state.

    Rick Howard, The CSO, Chief Analyst, and Senior Fellow at N2K Cyber, discusses the current state of Distributed Denial of Service (DDOS) prevention with CyberWire Hash Table guests Steve Winterfeld, Akamai’s Field CSO, and Jim Gilbert, Akamai’s Director Product Management, and Rick Doten, the CISO for Healthcare Enterprises and Centene.
    Howard, R., 2023. Cybersecurity First Principles: A Reboot of Strategy and Tactics [Book]. Wiley. URL: https://www.amazon.com/Cybersecurity-First-Principles-Strategy-Tactics/dp/1394173083.  
    Azure Network Security Team, 2023. 2022 in review: DDoS attack trends and insights [Website]. Microsoft Security Blog. URL https://www.microsoft.com/en-us/security/blog/2023/02/21/2022-in-review-ddos-attack-trends-and-insights/
    Howard, R., 2014. Fatal System Error [Book Review]. Cybersecurity Canon Project. URL https://icdt.osu.edu/fatal-system-error
    Mashable, 2019. The World’s First Cyber Crime: The Morris Worm [KERNEL PANIC] [Video]. YouTube. URL https://www.youtube.com/watch?v=o2dj2gnxjtU (accessed 8.8.23).
    Montgomery, D., Sriram, K., Santay, D.J., 2022. Advanced DDoS Mitigation Techniques [Website]. NIST. URL https://www.nist.gov/programs-projects/advanced-ddos-mitigation-techniques.
    Schomp, K., Bhardwaj, O., Kurdoglu, E., Muhaimen, M., Sitaraman, R.K., 2020. Akamai DNS: Providing Authoritative Answers to theWorld’s Queries [Conference Paper]. Proceedings of the Annual conference of the ACM Special Interest Group on Data Communication on the applications, technologies, architectures, and protocols for computer communication. URL https://groups.cs.umass.edu/ramesh/wp-content/uploads/sites/3/2020/07/sigcomm2020-final289.pdf
    Sparling, C., Gebhardt, M., 2022. The Relentless Evolution of DDoS Attacks [Blog]. Akamai Technologies. URL https://www.akamai.com/blog/security/relentless-evolution-of-ddos-attacks.
    Staff, January 2023. The Evolution of DDoS: Return of the Hacktivist [Akamai White Paper]. FS-ISAC. URL https://www.fsisac.com/akamai-ddos-report.
    Staff , 2023. 2023 The Edge Ecosystem [White Paper]. AT&T Cybersecurity. URL https://cybersecurity.att.com/resource-center/infographics/2023-securing-the-edge.
    Winterfeld, S., 2023. Ransomware on the Move: Evolving Exploitation Techniques and the Active Pursuit of Zero-Days [Website]. Akamai Technologies. URL https://www.akamai.com/blog/security/ransomware-on-the-move-evolving-exploitation-techniques
    Radware, 2012. DNS Amplification Attack [Video. YouTube. URL https://www.youtube.com/watch?v=xTKjHWkDwP0 
    Chickowski, E., 2020. Types of DDoS attacks explained [Website]. AT&T Cybersecurity. URL https://cybersecurity.att.com/blogs/security-essentials/types-of-ddos-attacks-explained
    Nilsson, J., 2010. The Book of Numbers: A History of the Telephone Book [Website]. The Saturday Evening Post. URL https://www.saturdayeveningpost.com/2010/02/book-numbers
    Learn more about your ad choices. Visit megaphone.fm/adchoices

    • 17 min
    Quantum computing: A threat to asymmetric encryption.

    Quantum computing: A threat to asymmetric encryption.

    Rick Howard, the CSO, Chief Analyst, and Senior Fellow at N2K Cyber, discusses the meaning of quantum computing through a cybersecurity perspective with CyberWire Hash Table guests Dr. Georgiana Shea, Chief Technologist at the Foundation for Defense of Democracies, and Jonathan France, the Chief Information Security Officer at ISC2. Research contributors include Bob Turner, Fortinet’s Field CISO – Education, Don Welch, New York University CIO, Rick Doten, CISO at Healthcare Enterprises and Centene, and Zan Vautrinot, Major General - retired.
    Howard, R., 2023. Cybersecurity First Principles: A Reboot of Strategy and Tactics [Book]. Wiley. URL: https://www.amazon.com/Cybersecurity-First-Principles-Strategy-Tactics/dp/1394173083.  
    Deen, S., 2008. 007 | Quantum of Solace | Theme Song [Video]. YouTube. URL https://www.youtube.com/watch?v=YMXT3aJxH_A 
    Dungey, T., Abdelgaber, Y., Casto, C., Mills, J., Fazea, Y., 2022. Quantum Computing: Current Progress and Future Directions [Website]. EDUCAUSE . URL https://er.educause.edu/articles/2022/7/quantum-computing-current-progress-and-future-directions.
    France, J., 2023. Quantum Compute and CyberSecurity, in: ISC2 Secure Summits. 
    France, J., 2023. The Race Against Quantum: It’s Not Too Late to be the Tortoise that Beat the Hare [Essay]. Infosecurity Magazine. URL https://www.infosecurity-magazine.com/opinions/race-quantum-tortoise-beat-hare/. 
    Shea, Dr.G., Fixler, A., 2022. Protecting and Securing Data from the Quantum Threat [Technical Note]. Foundation for the Defense of Democracies. URL https://www.fdd.org/wp-content/uploads/2022/12/fdd-ccti-protecting-and-securing-data-from-the-quantum-threat.pdf  
    Learn more about your ad choices. Visit megaphone.fm/adchoices

    • 17 min

Customer Reviews

5.0 out of 5
12 Ratings

12 Ratings

[REDACTED] USER ,

I now can listen again! Great podcast! It now plays using VPNs with anti malware/anti tracking VPNs.

I now can listen again! Great podcast! It now plays using VPNs with anti malware/anti tracking VPNs.

Eric Cole - Big Train ,

Continuing my learning and keeping my focus

I love everything about this podcast. With each episode I learn something new and it keeps me focused on the right things. Thank you, Rick!

Meatball_army ,

Thank you!!

I pay for the Pro version, but so cool that it’s going to be available here too to share with friends and colleagues. Such an in depth show - always love hearing Rick’s perspectives (har har) especially on cloud solutions.

Top Podcasts In Technology

Lex Fridman Podcast
Lex Fridman
All-In with Chamath, Jason, Sacks & Friedberg
All-In Podcast, LLC
No Priors: Artificial Intelligence | Machine Learning | Technology | Startups
Conviction | Pod People
Hard Fork
The New York Times
Acquired
Ben Gilbert and David Rosenthal
TED Radio Hour
NPR

You Might Also Like

CyberWire Daily
N2K Networks
Hacking Humans
N2K Networks
SANS Internet Stormcenter Daily Cyber Security Podcast (Stormcast)
Johannes B. Ullrich
Darknet Diaries
Jack Rhysider