Discover the unique, inspiring, and often amusing stories behind what it takes to lead cybersecurity efforts in an organization. The Security Stories podcast features interviews with a diverse range of guests, each sharing their leadership experiences for the benefit of others in the cybersecurity industry. Discover more at https://www.cisco.com/c/en/us/products/security/securitystories.html
38: Would I lie to you? Security Stories versus Beers with Talos
Welcome to a very special edition of Security Stories, as we go head to head with the Beers with Talos podcast team.
Using a live game show format based on the British show 'Would I lie to you?' we present "facts" about significant moments in our security careers—but can the teams work out who is telling the truth, and who is bluffing?
This episode features Mitch Neff, Joel Esler and Matt Olney on the BWT team. Joining Hazel on the Security Stories team are Dennis Fisher of Decipher, and Pam Lindemoen, CISO Advisor for Cisco Secure.
To learn if we can sort fact from fiction, don't miss this special edition: "Would I lie to you? Security Stories versus Beers with Talos."
To learn more about Talos careers, head to https://talosintelligence.com/careers
37: The vision of what’s at stake, with Dr Kelley Misata
Today's guest is Dr Kelley Misata. Having survived years of cyber stalking, Dr Kelley completed a PhD in information security, where she did her dissertation on the cybersecurity preparedness of nonprofits working with victims of violence.
She later set up her own non profit company, Sightline Security.
This is her story.
In the pod booth, we're excited to be joined by a brand new cohost! Tazin Khan, whom you might remember joined us as a guest in episode 25, joins Ben and Hazel to talk about the findings of a new Cisco consumer data privacy study.
We each then relate it to our own experiences of taking action to protect our personal data.
For more information about Sightline and to get involved with the community, visit https://sightlinesecurity.org
For the Cisco consumer data privacy report, head to https://www.cisco.com/c/dam/en_us/about/doing_business/trust-center/docs/cisco-cybersecurity-series-2021-cps.pdf
Episode time stamps:
00.00 - 5.15: Intro and getting to know Taz
5.16 - 30.23: Interview with Dr Kelley Misata part 1
30.24 - 50.28: Discussions on new consumer data privacy findings
50.29 - 68.05: Interview with Dr Kelley Misata part 2
68.06 - 72.12: Closing thoughts and outro
36: Falling into IT - standing up in Security, with Pam Lindemoen
Today we're delighted to be joined by Pam Lindemoen, Advisory CISO at Cisco Secure and former Deputy CISO at Anthem Inc.
In this thoughtful interview, learn about Pam's passion for championing women in IT, her approach to learning from mistakes and failure, as well as her top tips to ensure that security and risk can be understood across the entire business.
Pam has gained a well deserved reputation as a bold and strategic thinker, and being an exceptional leader - she shares many of her lessons learned from 25 years in the IT industry in this chat.
Before that, host Hazel shares a tribute to Mick Jenkins MBE, the first ever guest on Security Stories, who recently passed away. She shares her memories of first meeting him, the impact he had, and continues to have, on her work, and she remembers some of his most inspiring stories.
"Never let fear get in the way of your dreams." Mick Jenkins, MBE
For the full Mick interview, listen to episode 1 of the podcast at https://securitystories.buzzsprout.com/926089/2985046-1-from-the-battlefield-to-the-boardroom-with-mick-jenkins-mbe
To learn more about our CISO connections community, visit https://www.cisco.com/c/en/us/products/security/ciso-connection.html
35: How to manage imposter syndrome, with Stuart Coulson
Today's guest is Stuart Coulson, director at Hidden Text Ltd, where he uses the skill sets and knowledge borne of many years in the security industry to help others.
It's probably fair to say that Stuart's journey in cybersecurity hasn't been the most traditional He’s been in sales, recruitment, engineering, working on UK government cybersecurity contracts, to being a deputy CISO. He is now the cybersecurity director of an online gaming company, in addition to managing Hidden Text.
In addition to discussing Stuart's career path in cybersecurity, we chat about managing social media as an infosec professional, and how to deal with imposter syndrome (it's an interesting take - stay with it!). We also discuss how improv comedy relates to cybersecurity, and Stuart has some great advice for anyone who wants to get into mentoring.
In the studio, Ben and Hazel discuss the rise of proxyware abuse, and why organizations and individuals need to be aware of this growing threat. This is based on some excellent research conducted by our Talos team, which you can read more about on this blog.
Also take a look at our brand new ebook, "Creating safe spaces in cybersecurity". This focusses on the topic of mental health and cybersecurity burnout. We’ve captured the stories of 20 people (both leaders and practitioners) from across the cybersecurity industry, and hope that by sharing their experiences, we’ll inspire anyone who is struggling to know they are not alone.
Finally, check out a few of Stuart's Hidden Text articles which we found particularly interesting:
Imposter syndrome does not exist
Dear infosec hiring managers
Episode time stamps:
0.00 - 18.28: Intro and discussing the rise of proxyware abuse
18:29 - 68.45: Interview with Stuart Coulson
68.46 - 79.18: Closing thoughts and outro
34: From Rockstar to CISO: An Unexpected Journey, with Ian Thornton Trump
It's a warm welcome today to our guest Ian Thornton-Trump, CISO at Cyjax Limited, also known as @phat_hobbit on Twitter.
Ian talks about his career journey, from joining the Military Intelligence Branch of the Canadian Forces, to managing IT projects at the Canadian Museum of Human Rights, to being a CISO.
He also shares his top lessons learned from 30 years in the cybersecurity industry, from his paper '8 Leadership Principles' (or, as Ian refers to it "8 of my biggest mistakes").
In the studio, Geraldo, currently studying Film and Television at college, disucsses how cybersecurity is represented in the media. We discuss Mr Robot, Silicon Valley, The Matrix, and how Hollywood has led some accurate (and very inaccurate) portrayals of the industry.
In Threat Corner, Ben takes us through the storied history of the REVil ransomware family, and how the attackers operate under a ransomware-as-a-service model. Follow along at https://blogs.cisco.com/security/threat-protection-the-revil-ransomware
Episode time stamps:
03:20 - 25:23: Cybersecurity in the media
25:24 - 40:53: Ian Thornton Trump interview, Part 1
40:54 - 50:54: Threat Corner: REVil ransomware family
50:55 - 65:47: Ian Thornton Trump interview, Part 2
65:48: Closing thoughts and outro
33: The People Hacker, with Jenny Radcliffe
Jenny Radcliffe, AKA 'The People Hacker' joins us as our guest today. Jenny is a world renowned Social Engineer, hired to bypass security systems through a mixture of psychology, con-artistry, cunning and guile.
We learn about incidents in Jenny's childhood which led her to become a 'burglar for hire', including getting locked in the lion’s enclosure at the zoo! She has spent a lifetime talking her way into secure locations, protecting clients from scammers, and leading educational simulated criminal attacks on organisations of all sizes in order to help secure money, data and information from those with genuine malicious intent.
We also talk about how Jenny copes mentally with being in some of these situations, and how she works with organizations and helping them with their security culture.
There’s a great deal of advice here too about how to protect yourself and your friends and your families from social engineering attacks.
Jenny's podcast is available at https://humanfactorsecurity.co.uk/podcast-2/
Before that, it's Sana's last episode with us for a while (sob!) but she goes out on a high by telling the story of three military terms that have shaped the cybersecurity narrative in the last couple of decades. If you are like a movie buff, or geek out on military terminologies, or simply say ‘Roger that’ in response to everything, then you'll love this segment.
If that wasn't enough, we also have Nirav Shah join us in the pod booth. Nirav is new to Cisco, having joined us directly from Solar Winds. He was working then when the massive breach that was heard around the world happened. We hear the inside story, and learn how this was a catalyst in the threat landscape. Learn more in Nirav's blog here.
Episode time stamps:
0:00 - 15:31 - Intro topic with Sana - Three military terms that have shaped the cybersecurity narrative
15:32 - 42:29 - Interview with Jenny Radcliffe, Part 1
42:50 - 55:26 - Nirav Shah on the Solar Winds breach
55:38 - 73:24 - Interview with Jenny Radcliffe, Part 2
73:25 - 83:30 - Closing thoughts and outro
Enjoy learning about security landscape and trends
The podcast is a great platform to listen to industry luminaries share insights on what is happening in the world in regards to cyber security challenges and thoughts on approaches and ways we can work together to tackle them.
Insightful and entertaining security stories
Fantastic line up of cybersecurity movers and shakers. Their stories are inspiring and focus on how they overcame challenges, seized the day or leaned on others for support. I also enjoy the discussion around latest threats and reviewing key moments in history. Must listen for anyone in cybersecurity!