Claim Ownership

Author:

Subscribed: 0Played: 0
Share

Description

 Episodes
Reverse
TIBER

TIBER

2022-08-0837:50

Threat Intelligence-Based Ethical Red-teamingIn most organisations, there’s more to security than preventive measures. This means that testing your capabilities within detection, investigation and containment can be just as relevant as looking at preventive capabilities. One way of doing so, is by following the Threat Intelligence Based Ethical Red-teaming (TIBER) framework, and simulating a real adversary and how you organisation would do against such a threat.To explain how a TIBER test is performed and it’s most common use-cases, Robby is joined by Stan Hegt, Etical hacker, Red teamer and Co-founder of the Dutch security company Outflank. Stan also shares his observations of the evolution of red teaming, the main differences between pentesting and red teaming, and what challenges they often meet when preforming these tests.A special thanks to Dennis Nuijens at Cqure for helping us to find our guest for this episode!Sound engineering by Paul Jæger
Security leadership essentials for managersWhat knowledge base should a CISO have? And what is the best approach to shaping the next generation of security leaders?Our guest today is better equipped than most to answer these questions. Frank Kim, former CISO of and currently a Fellow and Curriculum Director at SANS Institute, joins Robby to discuss leadership essentials for security managers.Frank shares how SANS and their classes approach teaching strategic leadership in security, and how this can help CISOs both navigate the politics in the boardroom and craft a business plan that makes sense for their entire organisation.They also discuss to whom security ultimately report to, and how to lead, motivate and inspire security teams to get their work done.Sound engineering by Paul Jæger
Zero trust vs. castle and the moatWhat does zero trust have to do with electric cars?For this episode, Robby is joined by Tony Fergusson CISO – EMEA at Zscaler. Tony has more than 25 years of experience in IT networking and security in Manufacturing, Information Technology and Financial Services, and even more importantly, he loves talking about zero trust – and has done so for more than a decade.Tony chats with Robby about his article “What IT can learn from Tesla about disrupting the status quo”, and why he believes the zero trust security model represents "an elegantly simple" path forward. They also talk about what the biggest obstacles to the zero trust model are, and why he thinks some people and companies are scared of the zero trust concept.Related reading: “Stop trying to make firewalls happen: What IT can learn from Tesla about disrupting the status quo“ https://revolutionaries.zscaler.com/insights/stop-trying-make-firewalls-happen-what-it-can-learn-tesla-about-disrupting-status-quoSound engineering by Paul Jæger 
Security of Things

Security of Things

2022-06-1339:32

Security of things“IoT security today is like what IT security was in the early 90s”.This is how our returning guest introduces this episode’s topic; IoT security, and how it affects organisations and companies.For the third time, Robby is joined by Brian Contos, serial security entrepreneur and now Chief Security Officer at Phosphorus Cybersecurity, a company providing IoT and OT defense solutions for enterprise customers.Brian explains the meaning behind his not so uplifting statement above, and shares some of the most common IoT security issues they observe among their customers. He also discusses whether certain IoT devices pose a larger threat for organisations than others do, and why it’s so difficult for many organisations to create an inventory of their IoT devices.Sound engineering by Paul Jæger
The ransomware dilemma

The ransomware dilemma

2022-05-3035:55

mnemonic, all government agencies and the majority of organisations in the security community advise against paying ransom to the criminal groups behind ransomware extortions. There are also legal considerations that need to be considered depending on the country or industry you are operating in. There is however, a value in knowing more about how these criminal groups work. To shed some light on this, we’ve invited someone that often has been faced with the dilemma of whether or not to pay the ransom together with his clients; Rickey Gevers, Co-Founder of Responders B.V., a Dutch incident response company. These days most of the incidents he deals with are related to ransomware, and Rickey shares his experiences from negotiating with close to 30 ransomware groups on behalf of his clients – including also helping to pay them.He shares his advice for how to prevent and prepare against ransomware threats. As well as what concerns most of his clients have when deciding how to deal with these groups, the main challenges they meet when negotiating with them, and how negotiating with ransomware groups requires a different approach than traditional negotiating tactics.Sound production by Paul Jæger
Encrypted traffic managementTLS, SSL, HTTP,  keys, authentication, clients, servers and ciphers - encryption is complicated.To help shed some light on how enterprises can remove the "blind spot" of encrypted network communication, we’ve invited David Wells, co-founder of Netronome, who is a pioneer in the SSL/SSH inspection  space.David explains why being able to see and analyse encrypted traffic is necessary in order to gain full security value out of your network data, and shares his experiences since he inadvertently invented a tool for SSL inspection in 2003.Technical level: 4/5Sound engineering by Paul Jæger
What can we actually learn about cybercrime and what really goes on inside of criminal organisations from the Conti leaks?This episode we welcome Sergey Shykevich,  who has more than a decade of experience within threat intelligence and defence. He’s currently leading the threat intelligence research group in Check Point, and Robby has invited him to share his findings after examining the data leaks from the predominantly Russian-based double extortion group Conti.The large data leak included more than 400 000 messages and access to internal forums providing information about everything from offices, bonuses and recruitment, to organisational structure, information flow, and whether or not members are aware of the fact that they’re working for a crime syndicate.Produced by Paul Jæger
The Science of SOAR

The Science of SOAR

2022-04-1129:08

The science of SOARIs cybersecurity automation and orchestration actually complicating, instead of reducing, the human workload it is meant to relieve?Joining us, to discuss this and more, we have Dr. Vasileios Mavroeidis, Cybersecurity scientist at the University of Oslo, specialising in security automation and cyber threat intelligence representation, inference, and sharing.He explains how he defines cybersecurity automation, and what he sees as the opportunities but also the limitations when minimising human intervention in cybersecurity processes.Robby and Vasileios also discuss the importance of open standards and open source tools in this domain, and how automation differs in OT environments.Produced by Paul Jæger
Control Validation & Cyber InsuranceHow can private-sector cyber insurers accurately understand and price risk?To discuss this and the critical role insurance can play in risk mitigation strategy, we’re joined by Levi Gundert, Senior Vice President of Global Intelligence at the cybersecurity company Recorded Future.Levi shares from his vast experience from the industry, from previous roles as VP of Cyber Threat Intelligence at Fidelity Investments, Technical Leader at Cisco Talos, Principal Analyst at Team Cymru and US Secret Service Special Agent within the Los Angeles Electronic Crimes Task Force (ECTF).He’s joining the podcast to discuss his recent paper “A New Cyber Insurance Model: Continuous Control Validation”, analysing the current state of the cyber insurance market and providing a new framework for insurers to evaluate risk.Recommended reading: https://www.recordedfuture.com/new-cyber-insurance-model-continuous-control-validation/ Produced by Paul Jæger
For this episode, we’re welcoming Frank Fransen, Senior Scientist - Cyber Security, and Reinder Wolthuis, Senior Consultant and Program Manager - Cyber Security, from the Dutch not for profit research and consultancy organisation, TNO. They joined Robby to talk about the SOCCRATES research project, where TNO, mnemonic and seven other European organisations are combining efforts to build a platform for security operations centres (SOCs) and incident response teams, to help them be more efficient, better detect attacks, and make the correct decisions on how to handle them. The research project is part of the European Union's Horizon 2020 Research and Innovation program (https://www.soccrates.eu/), and aim is to produce a platform that will be as open-source as possible. During their conversation, Frank and Reinder share why they saw the need for a platform like this, what it’s like to coordinate a project between public and private organisations, different expertise fields and across countries borders, and what the plan is for the upcoming pilot. Produced by Paul Jæger
Space Norway

Space Norway

2022-03-0732:11

What caused a nation like Norway to become amongst the first pioneers of satellite-based communications?To explore this, Robby is joined by Ronny Klavenes, CISO at Space Norway, a company building and investing in space related infrastructure, especially focusing on critical infrastructure. Space Norway was established on an initiative from The Norwegian Space Agency, a government agency promoting the development of national space activities. Among other things, Space Norway owns the underwater fibre optic cable between Svalbard and mainland Norway, a key element of Norway’s infrastructure in the Arctic.Ronny explains why Norway cares about space infrastructure, and how one approaches securing infrastructure like this. He also shares what their threat landscape look like, and how their technology can be used to among other things monitoring earthquakes and ice blocks detaching from glaciers, search and rescue services, as well as collaborations with SpaceX.Produced by Paul Jæger
Deception technology

Deception technology

2022-02-2130:32

Deception technologyDeception as an attack tactic has been used in many forms, for many years. Both on the battleground in the physical world, and in the digital sphere.For this episode on deception technology, Robby is joined by Ofer Israeli, Founder & CEO of Illusive, a cybersecurity company aiming to remove the vulnerable connections that enable attackers to move undetected, and replace them with deceptive versions that reveal the attacker’s presence.Ofer explains how he suggests moving away from a reactive mind-set to avoid always playing catch-up with attackers, how deception technology has evolved beyond honeypot-based approaches, and the importance of detection for this to succeed.Produced by Paul Jæger
How does one of the world’s largest cybersecurity companies collect and share their Threat Intelligence? For this episode, Ryan Olson, Vice President of Threat Intelligence (Unit 42) at Palo Alto Networks, joins Robby for a chat about Palo Alto Networks’ telemetry pool and how Threat Intelligence has evolved over the last decade.His team, Unit 42, are responsible for collecting, analysing and producing intelligence for a large number of organisations worldwide, and Ryan shares what goes on in the Unit 42 team when an event like Log4shell occurs.He also looks back at the major trends they observed in 2021, and what new adversary techniques and potential attack paths interests him the most these days.Produced by Paul Jæger
Innsiderisiko

Innsiderisiko

2022-01-2529:37

Insider threats | In Norwegian onlyWhere should organisations start to protect themselves from insider threats?For this episode on insider risks, Robby is joined by Frode Skaarnes, COO at Lørn, a startup creating digital learning programs, with long experience from The Norwegian National Security Authority (NSM), as well as Kristian Haga from mnemonic’s Governance Risk and Compliance department.They share from their experience working to help organisations minimise their risks of insider threats towards both the public and private sector, discuss how insiders often operate and why it’s especially important to separate between intentional and unintentional insiders.Frode and Kristian also go into what organisations can do to pre-emptively minimise their own risks, and how working from home during the pandemic has impacted how we approach this risk. Related reading:https://nsm.no/regelverk-og-hjelp/rad-og-anbefalinger/grunnprinsipper-for-personellsikkerhet/introduksjon/ https://www.mnemonic.no/globalassets/security-report/we-need-to-talk-about-insider-threats.pdf Producer: Paul Jæger
Does your managed SOC suck?Are you fighting today’s war with yesterday’s weaponry?Morten Munck, Engagement Manager at the cybersecurity advisory company Improsec, joins Robby to discuss his much-shared article “Does your managed SOC suck?” with the top ten red flags suggesting that your managed SOC provider should step up their game.Morten has a background from finance and telecommunication and holds a strong profile within Blue Teaming - particularly SIEM, SOC and detection engineering, and has long experience helping customers build and operate their SOCs.During this episode, they discuss gathering the right telemetry, stale use-case catalogues, and how you know if it’s time to start looking elsewhere.Related reading: https://improsec.com/cyber-blog/does-your-managed-soc-suckProduced by Paul Jæger
Project 2030

Project 2030

2022-01-0336:34

Project 2030: Future trends in securityTo share the findings from his new report and webseries called Project 2030, Rik Ferguson, the Vice President of Security Research at Trend Micro, chats with Robby about what role cybersecurity will play in year 2030.Rik has used his over twenty-five years of experience in information security looking forward, sharing what he’s found when trying to anticipate the next ten years of technology, and what opportunities that will mean for cybercriminals. As well as their impact on security, both for the enterprise and for society as a whole.In their discussions they go into what will change in the sensors and wearables space, and topics like 4D printing, neuralink and cyber-implants. As well as the ethical considerations to the worth of our data and technical tools helping us telling facts from fiction. Rik also shares what he considers the biggest collective risks going forward from a security perspective.Related reading: https://2030.trendmicro.com/Produced by Paul Jæger
CMMC

CMMC

2021-12-2737:59

CMMC: Cybersecurity Maturity Model CertificationYour security reflects your maturity.For this episode, Robby is joined by two of mnemonic’s security experts from our Governance, Risk and Compliance department to talk about CMMC and the alphabet soup that comes with it.Both of them have experience preparing organisations for what CMMC actually means for them. Anders Hval Olsen as an Information Security Management Implementation subject-matter expert, and Kenneth Crawford, using his long experience with US Defense and defense contracting, among other things as a Cybersecurity Manager at Lockheed Martin.They discuss how the new cybersecurity requirements to work with the US Defense industry will influence both US organisations and international subcontractors performing everything from software development to human resource services. As well as what CMMC actually means for securing your supply chain and investing in your security posture, why they believe every security professional should have knowledge of CMMC and how CMMC 2 differs from the original certification model.Related reading: https://www.mnemonic.no/blog/cmmc/Producer: Paul Jæger
Mergers & Acquisitions

Mergers & Acquisitions

2021-12-2045:20

The business of cyber security: Mergers & AcquisitionsWhat separates the acquisitions that go well from those that don’t?To discuss the business side of security, Robby is joined by Brian Contos; returning guest, fellow podcast host, serial security entrepreneur and CISO & Vice President of Mandiant Security Validation. Mandiant Security Validation, previously known as Verodin, was acquired by Mandiant little over two years ago. In this episode, Brian shares from his experience going through that process, as well as other similar transitions he’s been a part of throughout his 25 year long career in security.In their discussions, they go into everything that leads up to an acquisition decision, picking the right company with the right DNA and how to get the two companies to fit together.Brian also shares what he’s learned about how to start your own security company, and why he believes there’ll be more mergers and acquisitions happening in the security space in the next years than we’ve seen in the last two decades.Producer: Paul Jæger
Initial Access Brokers

Initial Access Brokers

2021-12-0637:42

Initial Access Brokers (IABs)The growth and professionalisation of the Initial Access Market has fascinated many in recent years. Few know as much about who the threat actors operating in these markets are, and how the market of providing others with remote access to corporate networks work as   Dmitry Shestakov, Head of Cybercrime Research at the cyber intelligence company Group-IB. In his conversation with Robby, Dmitry shares some of his findings after researching these underground communities over several years. He also goes into how his team of researchers work with Initial Access Brokers, and shares some light onto some of their on-going investigations.They also discuss where these groups operate from, how many of them manage to remain uncovered, and who they actually sell their information to.Producer: Paul Jæger
Communicating threat intelligence to managementFor this episode, Robby has invited someone with a unique expertise of the threat landscape in the finance industry. Freddy works as a Senior Threat Intelligence Analyst at the Nordic Financial CERT, a nonprofit organisation owned by the financial institutions in Norway, Sweden, Demark, Finland and Iceland.By receiving data from and supporting their 220 member financial institutions on tasks like incident response, anti-fraud and threat intelligence, the Nordic Financial CERT has a one of a kind overview of the threat these organisations are facing.Freddy shares with Robby how they work to make sure their members are defending themselves against their most relevant threat actors, how they approach intelligence, and translating technical analyses to a language understood by the entire business.They also discuss what the data the Nordic Financial CERT has access to can tell us about changes in the ecosystem of organised crime groups targeting financial institutions.Producer: Paul Jæger
Comments 
Download from Google Play
Download from App Store