We are giving an inside look into the minds of today's cybersecurity leaders and defining trends for the upcoming threat landscape, what’s top of mind for security leaders, and advise for security leaders and practitioners.
The profession of Penetration Testing with John Strand
In this episode of HACKED, Ben talks with the owner of Penetration Testing firm, Black Hills Information Security about the business and profession of pen testing and their incident response card game
10/14/2019 • 30 minutes, 35 seconds
Talking Artificial Intelligence and Bots with David Yakobovitch from the HumAIn Podcast
In this podcast, Ben chats with David Yakobovitch, a Data Scientist and host of the HumAIn Podcast. The conversation covers the ethics behind Artificial Intelligence, Robots and the importance of higher education in the field.
6/11/2019 • 55 minutes, 2 seconds
Paul McGough from Qwyit talks about the evolution of InfoSec and what’s important in today’s market
Paul McGough is an industry veteran having been on the forefront of cybersecurity with the government in the 80’s. He has seen the evolution of hackers, the profession, and how skills are defined. We also debate certifications vs. experience and how it plays into todays job market. Paul shares some great ideas on how complexity may not be the best option for security. We dive into the company he co-founded, Qwyit, how they have simplified processes (in IoT and Telecom) and the importance of encryption. Learn more about Qwyit’s solution at Qwyit.com.
5/17/2018 • 37 minutes, 24 seconds
Aaron Rinehart talks Chaos Engineering, ChaoSlinger, and objective monitoring of security components
We dive deep into Chaos Engineering’s use in security and Aaron Rinehart’s brain child, ChaoSlinger. Aaron dives into the impact of objective monitoring for security components and techniques for learning how components actually function in the environment. We also dive into the difference between building a program based on regulations vs. building as an engineering discipline.
You can find more on Aaron Rinehart and ChaoSlinger on LinkedIn at Aaron Rinehart and on Twitter @aaronrinehart.
4/4/2018 • 40 minutes, 31 seconds
Travis Baker talks about recruitment at a unicorn Infosec firm
Travis Baker and Ben go back in forth about recruitment techniques given the unique landscape of the security profession. We talk about how candidates are consumers, techniques for proactive recruitment, effectively identifying key skills, non-traditional talent, and why culture can make or break your recruitment efforts. We also dive into effective relationships between the hiring team and HR/Talent acquisition and how candidates can be smart consumers as they navigate the job market.
3/30/2018 • 47 minutes, 38 seconds
Allen Burzen talks the evolution of data breaches, post breach response, and sharing breach insight
Allen Burzen experienced first-hand the impact of having your identity stolen. He has now taken his misfortune and made it his mission to help others who have been impacted in a similar way. Having lead a post-breach incident response team, he shares insight to the evolution of data breaches, how they are advancing, how to build and test a post breach response, and why, as a community, we need to talk about these sensitive issues.
3/5/2018 • 33 minutes, 12 seconds
E.J. Hilbert talks FBI Cyber Crime unit, why education is lagging, and so much more
Come take a dive into the minds and motivations of Black Hats from across the world. E.J. Hilbert shares stories and insights of his time in the cyber crime unit of the FBI, being on the forefront of identify and financial data theft, and working with Max Popov, a Ukrainian prisoner shackled to a conference room desk at Ant City. We also dive into Infosec education and why higher education has been slow to adopt it as a major as well as why physical/personnel security and information security are one in the same. If you want to read more about E.J.’s time with Max Popov and Ant City, here is the link: https://www.wired.com/2016/05/maksym-igor-popov-fbi/
2/9/2018 • 53 minutes, 30 seconds
Chris Barnes shares everything you need to know about cybersecurity for SMB’s
Ben chats with Chris Barnes about the importance of cybersecurity for small to mid-sized business. Chris talks about his SMB advisory practice, threat landscape for SMB’s, ways to build an effective program with few to no resources, and the importance of a trusted advisor when building a program. During Overrated/Underrated, we get his take on security vulnerabilities with Amazon Alexa/Google Home and building backdoors into applications.
12/29/2017 • 33 minutes, 15 seconds
Sandra Crosswell, CISO @sonicwall, talks Red Teams, hiring pen testers and much more
Sandra Crosswell, CISO/CSO @sonicwall joins the HACKED podcast. We dive deep into Red Teams and all sorts of penetration testing topics. She gives an inside look to her role and the challenges of being the first individual in the seat. Additionally, she shares her thoughts on the talent gap and hiring penetration testers. During Overrated/Underrated, we get her opinion on hacking certifications and black hats moving into corporate roles.
12/20/2017 • 38 minutes, 35 seconds
Joshua Danielson, CISO at Copart, gets grilled on all sorts of Infosec topics.
On this episode of HACKED: Into the Minds of Cybersecurity Leaders, Ben gets to grill Joshua Danielson (CISO at Copart) on all sort of topics in Infosec. We discuss end user training programs, vulnerabilities and vulnerability management, establishing effective relationships with the C-suite, and the future of the CISO role. During Overrates/Underrated, Josh shares a different view on penetration testing and the mac ROOT vulnerability.
12/5/2017 • 20 minutes, 43 seconds
Brett Kelsey-VP at McAfee talks autonomous vehicles, the talent gap, and future security solutions
Brett Kelsey, VP and Chief Technology Strategist at McAfee, gives an alternative view on the security talent gap. We dive deep into security challenges with IoT and autonomous vehicles, ethics behind ransomware, and solutions that have potential to shake up the industry. During overrated/underrated, Brett shares his opinion on public cloud and the Amazon Key.
11/30/2017 • 42 minutes, 31 seconds
Todd Thomas chats about security and compliance in healthcare and AI solutions
On this episode, we chat with Todd Thomas. Todd is the CIO at Austin Radiological Association and has been in the healthcare industry for over 20 years. We chat about compliance and how that impacts IT strategy, AI tools, and how security solutions can impede caregivers workflow. During overrated/underrated, we get his take on every IT role being a security position and ransomware within healthcare.
11/21/2017 • 21 minutes, 58 seconds
SMU’s CSO, George Finney discusses security theories, teaching cyber, and security awareness
On this episode of HACKED, we pick the mind of Southern Methodist University’s Chief Security Officer and prolific Author, George Finney. George discusses academic cybersecurity theories such as the Happy Gilmore Effect and how cybersecurity fits into Maslow’s Hierarchy of Needs. We also talk about security awareness and end user training techniques. During overrated/underrated, we get his take on physical penetration tests and the importance of certifications.
11/16/2017 • 37 minutes, 52 seconds
Brian Clinkenbeard, the best hacker you have never heard of
Brian Clinkenbeard, the best hacker you have never heard of, takes a deep dive into the technology and root cause of the biggest breaches in history. Having hacked into Texas Instruments mainframe in the mid 80’s, we get a view into the creation of hacking and identity theft. This one is for you die-hard security professionals – filled with stories that will make you think deeply and question everything. All of Brian’s quirky personality traits shine through with his real-world examples of technology and security challenges. If you are pro-technology and question the importance of end user training, tune in.
11/13/2017 • 2 hours, 33 minutes, 54 seconds
Aaron Blackstone talks threat intelligence, growth in the security profession, and talent retention
On this episode of HACKED, we are joined by Aaron Blackstone who is the CISO for the Texas Department of Public Safety. With a background in the military and the FBI, he rose to the CISO level in under nine years. We talk about threat intelligence, how he grew into the CISO role so quickly, and ways to retain top talent. During overrated/underrated, we get his thoughts on Blockchain and BYOD.
11/6/2017 • 51 minutes, 4 seconds
Part 1 of 2. Will Lassalle chats about how social grew his career, the talent gap, and much more
Will Lassalle was recently recognized as a Top 50 Most Influential Chief Technology Officer. He is a co-owner at JLS Technology and virtual CIO/CISO. In a 2 part series, he shares his unique story of leveraging social media to help boost his career, cybersecurity consulting, and staying secure during enterprise transformations. During overrated/underrated, we get his thoughts on end user training and watering-hole attacks.
10/26/2017 • 39 minutes, 29 seconds
Michael talks about ISSA, future of the security profession, and ethics behind Ransomware
On this episode, we welcome Michael Starks. Mike is the President of the ISSA Fort Worth Texas chapter and 15 year veteran in the IT security space. We talk about ISSA, the future of the profession, ransomware, and incident response. During underrated/overrated, we get his view on the KRACK WIFI vulnerability and Spear Phishing.
10/20/2017 • 34 minutes, 4 seconds
Kevin Williams, CISO for City of Austin talks about his experience and trends in his department
On this edition of HACKED: Into the minds of Cybersecurity leaders, host Ben Hotaling welcomes Kevin Williams, the first CISO for the city of Austin Texas. Kevin joins the podcast to discuss his experience developing the CISO role and what his group is working on. During Overrated/Underrated, we get his opinion on the importance of a technical background for the CISO role.
Kevin is responsible for ensuring the security of all information and information systems for 15,000 City employees and almost 1 million residents in the 11th largest city in the US.
Kevin has over 20 years of experience working within IT. He served in the United States Air Force for nine years as a computer programmer and enterprise architect, where he worked on IT projects at many notable locations including the Air Force Information Warfare Center, NORAD command center inside Cheyenne Mountain, and in the subterranean maintenance levels of a nuclear missile silo. Since his enlistment, Kevin has worked for Rackspace Hosting, Frost Bank, UTHSCSA, and the State of Texas DIR.
Kevin holds a Master of Science degree in Information Systems & Security from the Center for Cyber-Security Policy at Our Lady of the Lake University, a NSA-certified Center of Academic Excellence in Information Assurance Education, and a Bachelor of Science degree in Software Engineering. He is a Certified Information Systems Security Professional (CISSP), Information Systems Security Architecture Professional (ISSAP), Certified Secure Software Lifecycle Professional (CSSLP), and Certified CISO (CCISO).
10/13/2017 • 35 minutes, 33 seconds
Violet discusses the legal side of security, the risk landscape, and modern breaches
Violet Sullivan joins the HACKED podcast to discuss the legal side of cybersecurity, the risk landscape, and how technical talent can stay ahead of modern breaches. During overrated/underrated, we get her view on security conferences and computer science degrees.
10/10/2017 • 31 minutes, 21 seconds
Kosta chats about the threat landscape, how intrusion is evolving, & developing advanced programs
Konstantin Vilk is a Silicon Valley Cybersecurity consultant, entrepreneur, and strategist. We chat about the modern threat landscape, how IT and intrusion is evolving, developing advanced programs with too few resources, and his experience as an entrepreneur in the space. During Overrated/Underrated, we get his opinion on SQL Injections and outsourcing security programs.
10/3/2017 • 24 minutes, 37 seconds
Franklin talks about open-source vulnerabilities, DevSecOps & how cyber talent can become rockstars
Franklin Mosley is a known speaker on security talent and application security. He joins the podcast to talk about open-source vulnerabilities, DevSecOps, and what it takes to be a Rockstar security professional. We grill him in Overrated/Underrated with topics like hiring malicious hackers and biometrics.