Forcepoint’s To The Point Cybersecurity Podcast covers the latest cyber news, threats, and trends impacting the federal government and world at large.
Secure by Design - The Need We All Agree On with Lauren Zabierek
We’re excited to welcome to the podcast Lauren Zabierek, Senior Policy Advisor to the Cybersecurity and Infrastructure Security Agency (CISA). She deep dives into CISA’s Secure by Design principles and approaches for secure by design software launched in April 2023 - with version two published on October 17, 2023. Lauren shares insights on the path to creation of CISA’s Secure by Design principles and how this ‘living document’ will continue to evolve in the dynamic and ever-changing landscape that is cybersecurity. We also discuss the global collaboration and interest in co-sealing the Secure by Design guidance across a multitude of international cybersecurity agencies - and moving forward this ‘need we can all agree on’. And it wouldn’t be To The Point podcast episode without Lauren’s awesome origin story and career pathway to today, including co-founding the online social media movement #ShareTheMicInCyber. You don’t want to miss this episode!
Lauren Zabierek, Senior Policy Advisor and Lead Expert in Secure-by-Design at the Cybersecurity and Infrastructure Security Agency (CISA)
In January 2023, Lauren Zabierek was named a Senior Policy Advisor to the Cybersecurity and Infrastructure Security Agency. Previously, she was the Executive Director of the Cyber Project at Harvard Kennedy School’s Belfer Center. She came to this role as a 2019 graduate of the Kennedy School's mid-career MPA program. Her work focused on strategic, national security issues in cyber and tech--ranging from international conflict, cooperation, and norms to domestic collaboration, diversity, privacy, and supply chain issues. She was also the first woman participant in the Elbe Group discussions on cybersecurity, having been a part of the cyber-focused dialogue in 2019 in Stockholm, Sweden and again in 2021 virtually.
Lauren is the co-founder of the online social media movement called #ShareTheMicInCyber, which aims to dismantle racism in cybersecurity and privacy. #ShareTheMicInCyber started as an online conversation on Twitter and LinkedIn but has become so much more--it is breaking down barriers in the cyber industry through individual and collective action. Since its inception, the movement has garnered over 100 million Twitter impressions and featured participation by the nation's cyber leaders.
For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e262
Cyber Is A Business Imperative with Ken Bible
This week we are joined by Kenneth Bible, the Chief Information Security Officer (CISO) for the DHS Office of the Chief Information Officer (OCIO). He breaks down the National Cybersecurity Strategy Implementation Plan (NCSIP) introduced in July and provides great insights on how the plan was developed, the five key pillars of the plan, actioning each of the five elements, and the role government agencies have to play in executing against the plan and its 65 initiatives. He also provides perspective on international collaboration and partnership in achieving shared goals with the U.S. and how this will help “all boats rise” in strengthening cybersecurity across regions. And he shares what Audra likes to call one’s “origin story” on the career path that led to cybersecurity. Lots of valuable insights this week you won’t want to miss!
Chief Information Security Officer (CISO) for the DHS Office of the Chief Information Officer (OCIO)
Kenneth W. Bible serves as the Chief Information Security Officer (CISO) for the DHS Office of the Chief Information Officer (OCIO). In this role, he is responsible for all matters relating to information and securing and strengthening the Department’s information security program and information technology (IT) posture. Prior to his current role, Mr. Bible served under the Headquarters Marine Corps Deputy Commandant for Information (DCI) as the Assistant Director for the Information Command, Control, Communications, and Computers Division (IC4). In this capacity, he also served as the Marine Corps’ Deputy Chief Information Officer and CISO, formulating and providing broad policy guidance for IT, cybersecurity, and communications infrastructure and applications. Among his many accomplishments, he delivered ADVANA, the U.S. Department of Defense’s single authoritative source for audit and business data analytics, and led Risk Management Framework reform across the Marine Corps by guiding production of the first fully accredited secure software development (DevSecOps) pipelines. Previously, Mr. Bible served with the Space and Naval Warfare Systems Command (SPAWAR) for almost two decades, starting as a lead engineer integrating commercial Geospatial Information Systems technology, then heading the Networks Engineering Division of the SPAWAR Systems Center Atlantic. He later became the Assistant Program Executive Officer (Engineering) for PEO Enterprise Information Systems, serving as the PEO’s chief engineer as assigned by SPAWAR headquarters.
For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e261
It’s All In the (Deepfake) Experience with Siwei Lyu
Dr. Siwei Lyu, SUNY Empire Innovation Professor at the University at Buffalo
Dr. Siwei Lyu received his B.S. degree (Information Science) in 1997 and his M.S. degree (Computer Science) in 2000, both from Peking University, China. He received his Ph.D. degree in Computer Science from Dartmouth College in 2005. From 1998 to 2000, he worked at the Founder Research and Development Center (Beijing, China) as a Software Engineer. From 2000 to 2001, he worked at Microsoft Research Asia (then Microsoft Research China) as an Assistant Researcher. From 2005 to 2008, he was a Post-Doctoral Research Associate at the Howard Hughes Medical Institute and the Center for Neural Science of New York University. Starting in 2008, he is Assistant Professor at the Computer Science Department of University at Albany, State University of New York. Dr. Lyu is the recipient of the Alumni Thesis Award of Dartmouth College in 2005, IEEE Signal Processing Society Best Paper Award in 2010, and the NSF CAREER Award in 2010. He has authored one book, and held two U.S. and one E.U. patents. He has published more than 50 conference and journal papers in the research fields of natural image statistics, digital image forensics, machine learning and computer vision.
For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e260
Privacy Not Included, And What You Can Do About It with Zoe Macdonald
This week we deep dive into privacy with Mozilla Foundation’s Privacy Not Included content creator Zoë MacDonald. She shares fascinating insights from the deep research the *Privacy Not Included team undertakes to assess just how private is your data when using popular apps, driving in your connected car, etc. It was quite eye opening just how little privacy there is for connected car owners – giving up all kinds of privacy in the name of modern convenience. In fact, Zoë breaks down how and why all of the 26 car brands researched earner the *Privacy Not Included label. (Hint: that’s not a great thing.) She also shares some insights how Privacy Not Included got started in 2017 and the awesome buying guides they’ve been putting out to help everyone learn more about protecting their privacy with the products and services they use every day. Check out http://privacynotincluded.org to learn more!
Zoe MacDonald, Content Creator, Privacy Not Included at Mozilla
Zoë is a writer and digital strategist based in Toronto, Canada. Before her passion for digital rights led her to Mozilla and *Privacy Not Included, she wrote about cybersecurity and e-commerce. When she’s not being a privacy nerd at work, she’s side-eyeing smart devices at home.
For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e259
The Spark of an AI Article in 1983 with Mikko Hypponen
We’re excited to welcome back to the podcast global security expert, speaker and author Mikko Hypponen who currently serves as Chief Research Officer at WithSecure. We dive into his book “If It’s Smart, It’s Vulnerable” and how cybersecurity has evolved and changed in the last year since it was published. He also shines a light on the ever-present topic of AI – the opportunity, risks, emerging regulations, deepfakes, geopolitical attack capabilities and so much more! And we talk about his road to cyber (more than 30 years!) and the spark of an article from 1983 on AI. Another great episode from Mikko you won’t want to miss!
Mikko Hypponen, Chief Research Officer, WithSecure
Mikko Hypponen is a global security expert, speaker and author. He works as the Chief Research Officer at WithSecure and as the Principal Research Advisor at F-Secure. Mr. Hypponen has written on his research for the New York Times, Wired and Scientific American and he appears frequently on international TV. He has lectured at the universities of Stanford, Oxford and Cambridge. He was selected among the 50 most important people on the web by the PC World magazine and was included in the FP Global 100 Thinkers list. Mr. Hypponen sits in the advisory boards of t2 and Safeguard Cyber.
For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e258
Nobody Wants to Fight, But Someone Needs to Know How with Andrew Borene
Andrew Borene, Executive Director at Flashpoint joins the podcast this week. He brings a wealth of insights on today’s state of international security affairs gleaned from his many years in the U.S. Intelligence community, and leading private sector intelligence teams. We cover hot topics including collaboration on international cybersecurity policies, NATO’s cyber defense capabilities and challenges in achieving unified, alliance-wide cybersecurity policies. We also double click into today’s much discussed topic of Open-source intelligence (OSINT) and its growing popularity (such as Ukraine conflict), benefits and potential risks it poses. He also shares the journey of his professional path to security and it is quite exciting and inspiring! You don’t want to miss this episode!
Andrew Borene, Executive Director for Global Business Development at Flashpoint National Security Solutions
Andrew Borene is an Executive Director with Flashpoint, a worldwide provider of specialized intelligence and data to allied governments, businesses, and critical infrastructure industries to help them take decisive action and reduce risk.
Andrew’s previous work has been recognized for service with both the FBI Director’s Award and the ODNI Exceptional Achievement Award. He is a Life Member of the Council of Foreign Relations.
For links and resources discussed in this episode, please visit our show notes at https://www.forcepoint.com/govpodcast/e257
Great guest list
While I have been featured on the show in a couple of episodes, I really appreciate all of the guests that to the point pulls in. People like Josh Corman, Nick Chaillan, Mishi Choudhary, and Chris Krebs are top in their class. I love that the episodes are full of great insight about cyber security issues, and that they are not just going for trying to promote forcepoint’s business. Kudos to the forcepoint team for pulling off years of high-quality content on a consistent basis.
Timely and educational
To The Point has been a very helpful resource for staying on top of cyber news and building my overall understanding of the major trends. The real-world stories of incident and response across industries are engaging and educational, which keeps me coming back!
Full circle moment for Sunburst incident
As someone who has been following along with To The Point for the last two years, I loved listening to Sudhakar Ramakrishna’s recent episode as it came full circle with his first episode recorded right after the Sunburst incident. Sudhakar’s transparency about the incident is refreshing and should stand as an example for how cybersecurity leaders should approach their organization’s missteps and the occasional crisis. I also hope that his “community vigil” mindset is an approach to cybersecurity that we see more of in the future.